Report - 4pjcxn04.2687.bar/apk/gov.apk/

Report Overview

Visitedpublic

2024-06-19 04:16:30

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-06-18 18:12:56	1.3 kB	3.6 kB	23.36.77.32
333.com	unknown	1995-11-20	2013-06-08 22:53:29	2024-06-15 16:41:16	378 B	338 B	13.94.58.185
dfjqavvq1156.app	unknown	2023-11-06	2023-11-13 04:13:46	2024-04-16 13:06:20	1.8 kB	25 kB	13.107.246.53
vd002-tiger-restrictions.zhongheyingji.com	unknown	unknown	No data	No data	3.2 kB	219 kB	143.204.55.87
4pjcxn04.2687.bar	unknown	unknown	No data	No data	400 B	406 B	38.12.78.218
onlycash01.xyz	unknown	unknown	No data	No data	469 B	793 B	104.21.46.140
m-assets-prod.ncpqsknpyao.app	unknown	2023-08-28	2023-08-28 13:54:07	2023-08-29 02:43:45	450 B	51 kB	13.107.246.53
vd002-we46hc-bgp-api.zhongheyingji.com	unknown	unknown	No data	No data	948 B	2.8 kB	203.107.60.182
gezizhijia.com	unknown	2023-03-06	2019-12-01 13:48:34	2021-06-11 03:06:09	507 B	26 kB	47.246.44.200
fe-source.zhongheyingji.com	unknown	unknown	No data	No data	939 B	189 kB	143.204.55.87

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-06-19	medium	ncpqsknpyao.app	Sinkholed

ThreatFox

No alerts detected

JavaScript (3)

	URL	From	Size	First Seen	Last Seen
	gezizhijia.com/	ScriptElement	22 kB	2024-06-19	2024-08-19
URL gezizhijia.com/ IP / ASN 47.246.44.200 #24429 Zhejiang Taobao Network Co.,Ltd Introduced by ScriptElement Embedded true Resource Info First Seen 2024-06-19 Last Seen 2024-08-19 Times Seen 18 Size 22 kB (22294 bytes) MD5 02884a7c8d7e812287a2a00ca1fd4902 SHA1 9b4f30819a082f116eabeb96a272a6e184144b8e SHA256 242e9ca9d7fed11e82ccf90162bbf895f67d0292d4b14723552765b969c757ee Format Code Loading...

	gezizhijia.com/	ScriptElement	1.9 kB	2024-06-18	2024-08-19
URL gezizhijia.com/ IP / ASN 47.246.44.200 #24429 Zhejiang Taobao Network Co.,Ltd Introduced by ScriptElement Embedded true Resource Info First Seen 2024-06-18 Last Seen 2024-08-19 Times Seen 4 Size 1.9 kB (1919 bytes) MD5 1fbc68638187367aaea744513a734fe8 SHA1 1d21638ca3a6d34c6ee97bb21c682127ca1cc73f SHA256 60b3e5e2997698788a032687084a5acba1b922c375e379b7720a7c97eff5dbc8 Format Code Loading...

	vd002-tiger-restrictions.zhongheyingji.com/build/bundle.js	ScriptElement	66 kB	2024-06-18	2024-08-19
URL vd002-tiger-restrictions.zhongheyingji.com/build/bundle.js IP / ASN 143.204.55.87 #16509 AMAZON-02 Introduced by ScriptElement Embedded false Resource Info First Seen 2024-06-18 Last Seen 2024-08-19 Times Seen 32 Size 66 kB (65987 bytes) MD5 2e8382a50a68eaddbb672e738548a6b1 SHA1 20274fdd77dd0da5e4322de85ed3436e4054bfd7 SHA256 7323a55ca7caaac1e817e5909bb3d17b15f4afdbb7286738b61eab9785018317 Format Code Loading...

HTTP Transactions (24)

URL IP Response Size

r10.o.lencr.org/

23.36.77.32

504 B

URL

r10.o.lencr.org/

IP / ASN

23.36.77.32

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-06-18

Last Seen2024-08-19

Times Seen32404

Size504 B (504 bytes)

MD512bf1a23e28f4b6996d92ef0ce981624

SHA178899bea571ec8198e710c1e798a394f83c5b46b

SHA256c57667fc645403b94b531cbc75f5284ae4b4ab4410bf2afdd97619f7137ed6c5

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "C57667FC645403B94B531CBC75F5284AE4B4AB4410BF2AFDD97619F7137ED6C5"
Last-Modified: Tue, 18 Jun 2024 01:53:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2251
Expires: Wed, 19 Jun 2024 04:53:35 GMT
Date: Wed, 19 Jun 2024 04:16:04 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL

r10.o.lencr.org/

IP / ASN

23.36.77.32

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-06-17

Last Seen2024-08-19

Times Seen39533

Size504 B (504 bytes)

MD59d139a09a36fce99ece1fb963d49d2a9

SHA1a7d96d8755d02c7204c147daade1b1168a6ddb73

SHA256f9a59ebef1ee608c709b274e1c7be1320323232cdc79b17bdbf453a5a5aead09

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "F9A59EBEF1EE608C709B274E1C7BE1320323232CDC79B17BDBF453A5A5AEAD09"
Last-Modified: Mon, 17 Jun 2024 11:47:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9494
Expires: Wed, 19 Jun 2024 06:54:19 GMT
Date: Wed, 19 Jun 2024 04:16:05 GMT
Connection: keep-alive

4pjcxn04.2687.bar/apk/gov.apk/

38.12.78.218

154 B

URL

4pjcxn04.2687.bar/apk/gov.apk/

IP / ASN

38.12.78.218

#54600 PEG-SV

Requested byN/A

Resource Info

File typeHTML document, ASCII text, with CRLF line terminators

First Seen2023-04-07

Last Seen2025-03-01

Times Seen1289

Size154 B (154 bytes)

MD5c34a889404161b1abde82974413740d6

SHA1fc62410b186e210cb3e56b68dc79dbede8541aca

SHA25670c5f715dfb4f07671c29b36e542db2d27e9b17c24520eb00bcef73d2343370b

HTTP Headers

GET /apk/gov.apk/ HTTP/1.1
Host: 4pjcxn04.2687.bar
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: nginx/1.18.0 (Ubuntu)
Date: Wed, 19 Jun 2024 04:16:06 GMT
Content-Type: text/html
Content-Length: 154
Connection: keep-alive
Location: http://onlycash01.xyz
Set-Cookie: last_visit=1; Path=/; Max-Age=86400

onlycash01.xyz/

104.21.46.140

167 B

URL

onlycash01.xyz/

IP / ASN

104.21.46.140

#13335 CLOUDFLARENET

Requested byN/A

Resource Info

File typeHTML document, ASCII text, with CRLF line terminators

First Seen2023-04-05

Last Seen2025-03-02

Times Seen190492

Size167 B (167 bytes)

MD50104c301c5e02bd6148b8703d19b3a73

SHA17436e0b4b1f8c222c38069890b75fa2baf9ca620

SHA256446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f

HTTP Headers

GET / HTTP/1.1
Host: onlycash01.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Wed, 19 Jun 2024 04:16:06 GMT
content-type: text/html
content-length: 167
location: http://333.com
cache-control: max-age=3600
expires: Wed, 19 Jun 2024 05:16:06 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CQ48My%2F5gtbKszEbNOufBbwvFEDw1BJXWo7H0ug2A0jCGArcUax%2B5KduMaMye1hcaVoxaMiD6pRwYjWzhEqLkC9fG87Rj0AOzhsuUmqMLvSAg3aEIF6uKJHmRLjTsdhn4w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8960b3a74bdab51b-OSL
X-Firefox-Spdy: h2

333.com/

13.94.58.185

214 B

URL

333.com/

IP / ASN

13.94.58.185

#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested byN/A

Resource Info

File typeHTML document, ASCII text, with no line terminators

First Seen2024-06-18

Last Seen2024-08-19

Times Seen36

Size214 B (214 bytes)

MD529363e4490bbdfa3ad77075181134c77

SHA1b61a5cb41928243ef72da2a06ae241f1f2f03cfe

SHA25679a2501cb1fa69783717fe285cd9dac814906faf814fb9337366584f0c7a8e5a

HTTP Headers

GET / HTTP/1.1
Host: 333.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Connection: close
Cache-Control: max-age=60
Content-Length: 214

r10.o.lencr.org/

23.36.76.226

504 B

URL

r10.o.lencr.org/

IP / ASN

23.36.76.226

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-06-18

Last Seen2024-08-19

Times Seen36150

Size504 B (504 bytes)

MD5a4a98cb7858bfd671309bced772b0095

SHA1703c86e6784782333c82f615335a6b5d6826607e

SHA256224e289334c48e0048c8e7805fae8e7b485ea11d278ed892156c67ce21e8e04c

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "224E289334C48E0048C8E7805FAE8E7B485EA11D278ED892156C67CE21E8E04C"
Last-Modified: Tue, 18 Jun 2024 05:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15573
Expires: Wed, 19 Jun 2024 08:35:40 GMT
Date: Wed, 19 Jun 2024 04:16:07 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL

r10.o.lencr.org/

IP / ASN

23.36.77.32

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-06-18

Last Seen2024-08-19

Times Seen36150

Size504 B (504 bytes)

MD5a4a98cb7858bfd671309bced772b0095

SHA1703c86e6784782333c82f615335a6b5d6826607e

SHA256224e289334c48e0048c8e7805fae8e7b485ea11d278ed892156c67ce21e8e04c

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "224E289334C48E0048C8E7805FAE8E7B485EA11D278ED892156C67CE21E8E04C"
Last-Modified: Tue, 18 Jun 2024 05:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15558
Expires: Wed, 19 Jun 2024 08:35:25 GMT
Date: Wed, 19 Jun 2024 04:16:07 GMT
Connection: keep-alive

GET m-assets-prod.ncpqsknpyao.app/assets/images/finish.png

13.107.246.53

200 OK

50 kB

URL

m-assets-prod.ncpqsknpyao.app/assets/images/finish.png

IP / ASN

13.107.246.53

#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested byhttps://dfjqavvq1156.app/?p=/

Resource Info

File typePNG image data, 512 x 500, 8-bit colormap, non-interlaced

First Seen2024-06-18

Last Seen2025-07-15

Times Seen36

Size50 kB (50034 bytes)

MD5a8adbfa4eb1a0d0022b8c5e20e5e1355

SHA16b5f91eb86a5b0c7ad9c23ff9c757f15f46f203b

SHA256308840c4c9d815ce8302e498aba4b75f2504d8b6763fee28e698b43a3a703cfa

Certificate Info

IssuerDigiCert, Inc.

Subjectm-assets-prod.ncpqsknpyao.app

Fingerprint51:3D:9E:3F:53:7B:45:3A:50:4F:78:89:5C:30:4C:EC:A5:83:CC:01

ValidityTue, 23 Apr 2024 00:00:00 GMT - Wed, 23 Oct 2024 23:59:59 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/images/finish.png HTTP/1.1
Host: m-assets-prod.ncpqsknpyao.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfjqavvq1156.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 19 Jun 2024 04:16:08 GMT
content-type: image/png
content-length: 50034
last-modified: Fri, 31 May 2024 10:51:07 GMT
x-amz-server-side-encryption: AES256
etag: "a8adbfa4eb1a0d0022b8c5e20e5e1355"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: PE_G0xfeEGCCDN8DNkQDP05Wv30tXIzD8zLU4RBdhJyoF2ONUGNVxw==
age: 59550
x-azure-ref: 20240619T041608Z-17d85d5877c45bsbq9y64464zg00000005zg00000000128g
accept-ranges: bytes
X-Firefox-Spdy: h2

GET dfjqavvq1156.app/favicon.ico

13.107.246.53

404 Not Found

18 B

URL

dfjqavvq1156.app/favicon.ico

IP / ASN

13.107.246.53

#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested byhttps://dfjqavvq1156.app/?p=/

Resource Info

File typeASCII text, with no line terminators

First Seen2023-04-05

Last Seen2025-08-02

Times Seen2378

Size18 B (18 bytes)

MD553af239ee5d3e261545dededcb6ffd57

SHA104ca7e137e1e9feead96a7df45bb67d5ab3de190

SHA25699eb12f2ab3c4866a353e098ffa3cb7a967e617c49b98480394ec5d8ea92b094

Certificate Info

IssuerDigiCert, Inc.

Subjectdfjqavvq1156.app

Fingerprint02:16:81:12:6A:34:C2:BC:F5:5D:7C:1F:18:F7:6B:92:E5:20:EF:E8

ValidityWed, 29 May 2024 00:00:00 GMT - Fri, 29 Nov 2024 23:59:59 GMT

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: dfjqavvq1156.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfjqavvq1156.app/?p=/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
date: Wed, 19 Jun 2024 04:16:09 GMT
content-type: text/plain
content-length: 18
x-cache: CONFIG_NOCACHE
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: n15wdOIc0pBbaCu5bh561Fbb5WcuDxN9_GqqpXoxPGAnV7noX02jdA==
is-cache: true
vary: Origin
x-azure-ref: 20240619T041609Z-17d85d5877c62v4be1cta3dt38000000061g000000002gav
X-Firefox-Spdy: h2

GET dfjqavvq1156.app/assets/css/index.css

13.107.246.53

200 OK

11 kB

URL

dfjqavvq1156.app/assets/css/index.css

IP / ASN

13.107.246.53

#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested byhttps://dfjqavvq1156.app/?p=/

Resource Info

File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (22252)

First Seen2024-08-19

Last Seen2024-08-19

Times Seen1

Size11 kB (10575 bytes)

MD5e703d22453072b3ff13129cef7fc00d0

SHA1a57df21df209dc5644607946b1b515c374e57284

SHA256d9c53df04bb4850bc7fd764e8a10dad3decc28a96ffe814039eec4fa4345578d

Certificate Info

IssuerDigiCert, Inc.

Subjectdfjqavvq1156.app

Fingerprint02:16:81:12:6A:34:C2:BC:F5:5D:7C:1F:18:F7:6B:92:E5:20:EF:E8

ValidityWed, 29 May 2024 00:00:00 GMT - Fri, 29 Nov 2024 23:59:59 GMT

HTTP Headers

GET /assets/css/index.css HTTP/1.1
Host: dfjqavvq1156.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfjqavvq1156.app/?p=/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 19 Jun 2024 04:16:09 GMT
content-type: text/css; charset=utf-8
last-modified: Fri, 31 May 2024 10:50:09 GMT
content-encoding: gzip
x-cache: CONFIG_NOCACHE
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Ni1RRw8Ed25gXqQl4BZQj-6e6v-YUy_uJrh11wL_yAvoouNppviIJg==
is-cache: true
vary: Accept-Encoding, Origin
x-azure-ref: 20240619T041608Z-17d85d5877c62v4be1cta3dt38000000061g000000002gau
X-Firefox-Spdy: h2

GET vd002-tiger-restrictions.zhongheyingji.com/global.css

143.204.55.87

200 OK

905 B

URL

vd002-tiger-restrictions.zhongheyingji.com/global.css

IP / ASN

143.204.55.87

#16509 AMAZON-02

Requested byhttps://gezizhijia.com/

Resource Info

File typeUnicode text, UTF-8 text

First Seen2023-05-08

Last Seen2024-10-06

Times Seen73

Size905 B (905 bytes)

MD5616346cbb102c779adde7abfa328655d

SHA181f40c4121c48395d2d7c001a07fa415a87eae71

SHA256b03fb2ebcadf4ef2c46e7f89ed275b154c81a698e79181880aaff05cd5b6576f

Certificate Info

IssuerLet's Encrypt

Subjectzhongheyingji.com

FingerprintB4:07:43:EF:DB:6A:3D:30:70:77:36:AE:23:A5:57:26:1F:9F:E7:C9

ValiditySun, 09 Jun 2024 17:55:56 GMT - Sat, 07 Sep 2024 17:55:55 GMT

HTTP Headers

GET /global.css HTTP/1.1
Host: vd002-tiger-restrictions.zhongheyingji.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gezizhijia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
content-length: 905
server: nginx/1.14.1
date: Wed, 19 Jun 2024 03:22:09 GMT
last-modified: Wed, 24 Apr 2024 05:08:38 GMT
etag: "616346cbb102c779adde7abfa328655d"
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 0Ly0sIgfER6oFhMfICagJZO1fQhUnNQt8IbVeNnTIDhUp-WkX7Ap9Q==
age: 3245
X-Firefox-Spdy: h2

GET vd002-tiger-restrictions.zhongheyingji.com/images/vd002/ipBlock.png

143.204.55.87

200 OK

117 kB

URL

vd002-tiger-restrictions.zhongheyingji.com/images/vd002/ipBlock.png

IP / ASN

143.204.55.87

#16509 AMAZON-02

Requested byhttps://gezizhijia.com/

Resource Info

File typePNG image data, 750 x 750, 8-bit/color RGBA, non-interlaced

First Seen2023-05-08

Last Seen2025-04-04

Times Seen144

Size117 kB (117273 bytes)

MD55e78e406a8faf40f4e8ff65e8635f75c

SHA1faa9b2397c1de81364e49ef9a417adbecd87d045

SHA256bb62ce1e42487411bdef915d87497fa02b7ed8a0749e37949a4d68d699bd5428

Certificate Info

IssuerLet's Encrypt

Subjectzhongheyingji.com

FingerprintB4:07:43:EF:DB:6A:3D:30:70:77:36:AE:23:A5:57:26:1F:9F:E7:C9

ValiditySun, 09 Jun 2024 17:55:56 GMT - Sat, 07 Sep 2024 17:55:55 GMT

HTTP Headers

GET /images/vd002/ipBlock.png HTTP/1.1
Host: vd002-tiger-restrictions.zhongheyingji.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gezizhijia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 117273
server: nginx/1.14.1
date: Wed, 19 Jun 2024 03:22:10 GMT
last-modified: Wed, 24 Apr 2024 05:08:38 GMT
etag: "5e78e406a8faf40f4e8ff65e8635f75c"
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Txp3Di6IskVL7obvC1LE7kYb8riPDTeDfV3ir42l2PT7xA-2AEHI_Q==
age: 3243
X-Firefox-Spdy: h2

GET dfjqavvq1156.app/?p=/

13.107.246.53

200 OK

10 kB

URL

dfjqavvq1156.app/?p=/

IP / ASN

13.107.246.53

#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested byN/A

Resource Info

File typegzip compressed data, from Unix

First Seen2024-08-19

Last Seen2024-08-19

Times Seen1

Size10 kB (10017 bytes)

MD55ca2ae6123f080dc2740096d2179aa91

SHA1aba194d1c3ad28fb74962c5468c17ffe13bc88b8

SHA256587b602bed73d5147f711b25b590a17e4b9619390b973c10bdc3e42e61cc4996

Certificate Info

IssuerDigiCert, Inc.

Subjectdfjqavvq1156.app

Fingerprint02:16:81:12:6A:34:C2:BC:F5:5D:7C:1F:18:F7:6B:92:E5:20:EF:E8

ValidityWed, 29 May 2024 00:00:00 GMT - Fri, 29 Nov 2024 23:59:59 GMT

HTTP Headers

GET /?p=/ HTTP/1.1
Host: dfjqavvq1156.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://333.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 19 Jun 2024 04:16:08 GMT
content-type: text/html; charset=utf-8
content-encoding: gzip
x-cache: CONFIG_NOCACHE
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mEwXkhuzw5dReMKUMsE7WQpwUunSvo5kcBgzPYVXmxeNu1GVY_b5Yg==
is-cache: true
vary: Accept-Encoding, Origin
x-azure-ref: 20240619T041608Z-17d85d5877c62v4be1cta3dt38000000061g000000002gar
X-Firefox-Spdy: h2

GET vd002-tiger-restrictions.zhongheyingji.com/

143.204.55.87

200 OK

478 B

URL

vd002-tiger-restrictions.zhongheyingji.com/

IP / ASN

143.204.55.87

#16509 AMAZON-02

Requested byhttps://gezizhijia.com/

Resource Info

File typeHTML document, ASCII text

First Seen2023-10-28

Last Seen2024-08-29

Times Seen34

Size478 B (478 bytes)

MD5e50f296ae75f08401128d9bb6e3724ce

SHA164418b6a30d43fcb023dcccaad083c78b0c498d2

SHA2568c0f79cef423b9d817418566d6a4ee5e19c128bcd9e59d0f921d175879314103

Certificate Info

IssuerLet's Encrypt

Subjectzhongheyingji.com

FingerprintB4:07:43:EF:DB:6A:3D:30:70:77:36:AE:23:A5:57:26:1F:9F:E7:C9

ValiditySun, 09 Jun 2024 17:55:56 GMT - Sat, 07 Sep 2024 17:55:55 GMT

HTTP Headers

GET / HTTP/1.1
Host: vd002-tiger-restrictions.zhongheyingji.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gezizhijia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/html
content-length: 478
server: nginx/1.14.1
date: Wed, 19 Jun 2024 04:16:14 GMT
cache-control: max-age=0
last-modified: Wed, 24 Apr 2024 05:08:40 GMT
etag: "e50f296ae75f08401128d9bb6e3724ce"
access-control-allow-origin: *
x-cache: Miss from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: oW3dE0pxMBOm4RGCwrafThdmruYqccACKSItp2Rte8Paop8m5DoDKQ==
X-Firefox-Spdy: h2

GET vd002-tiger-restrictions.zhongheyingji.com/images/vd002/service.svg

143.204.55.87

200 OK

7.7 kB

URL

vd002-tiger-restrictions.zhongheyingji.com/images/vd002/service.svg

IP / ASN

143.204.55.87

#16509 AMAZON-02

Requested byhttps://gezizhijia.com/

Resource Info

File typegzip compressed data, from Unix

First Seen2024-08-19

Last Seen2024-08-19

Times Seen2

Size7.7 kB (7701 bytes)

MD562bf8f14dea59539d701abf584d4c2e2

SHA124c1498922fa6fd3ef6a4b223ae78a3e93af691f

SHA2564eaadacb054580614c9f144157a8f05af9dc754fc89d5626121ad622a16eb2f0

Certificate Info

IssuerLet's Encrypt

Subjectzhongheyingji.com

FingerprintB4:07:43:EF:DB:6A:3D:30:70:77:36:AE:23:A5:57:26:1F:9F:E7:C9

ValiditySun, 09 Jun 2024 17:55:56 GMT - Sat, 07 Sep 2024 17:55:55 GMT

HTTP Headers

GET /images/vd002/service.svg HTTP/1.1
Host: vd002-tiger-restrictions.zhongheyingji.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gezizhijia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
server: nginx/1.14.1
date: Wed, 19 Jun 2024 03:22:11 GMT
last-modified: Wed, 24 Apr 2024 05:08:38 GMT
etag: W/"7ec2d14bcccfd9ceabadb06ff8a803a2"
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: dwDwfr1lOWv-XsOB29-xR5N6C82eBbclriDqoUT8Ezf9dmqVtVS7PQ==
age: 3243
X-Firefox-Spdy: h2

GET vd002-tiger-restrictions.zhongheyingji.com/images/vd002/favicon.ico

143.204.55.87

200 OK

17 kB

URL

vd002-tiger-restrictions.zhongheyingji.com/images/vd002/favicon.ico

IP / ASN

143.204.55.87

#16509 AMAZON-02

Requested byhttps://gezizhijia.com/

Resource Info

File typeMS Windows icon resource - 1 icon, 64x64, 32 bits/pixel

First Seen2023-10-28

Last Seen2024-08-20

Times Seen33

Size17 kB (16958 bytes)

MD5ff401d3bbac60f17d15c5bf165560c3e

SHA1370c444f7eedc137dde8eeb517c88c2159df2772

SHA256748001b0e9c3be3596baf55ca1c26dfcab9175858462e687941affe9d65d1410

Certificate Info

IssuerLet's Encrypt

Subjectzhongheyingji.com

FingerprintB4:07:43:EF:DB:6A:3D:30:70:77:36:AE:23:A5:57:26:1F:9F:E7:C9

ValiditySun, 09 Jun 2024 17:55:56 GMT - Sat, 07 Sep 2024 17:55:55 GMT

HTTP Headers

GET /images/vd002/favicon.ico HTTP/1.1
Host: vd002-tiger-restrictions.zhongheyingji.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gezizhijia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/vnd.microsoft.icon
content-length: 16958
server: nginx/1.14.1
date: Wed, 19 Jun 2024 04:16:15 GMT
last-modified: Wed, 24 Apr 2024 05:08:38 GMT
etag: "ff401d3bbac60f17d15c5bf165560c3e"
access-control-allow-origin: *
x-cache: Miss from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8ZFidy_Incx-cU4zN76odX37opntEmsG5IJRjDZoxoFUZU-BSZiHHw==
X-Firefox-Spdy: h2

GET vd002-we46hc-bgp-api.zhongheyingji.com/platform/sysmaintenance/customerService

203.107.60.182

200 OK

310 B

URL

vd002-we46hc-bgp-api.zhongheyingji.com/platform/sysmaintenance/customerService

IP / ASN

203.107.60.182

#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested byhttps://gezizhijia.com/

Resource Info

File typeJSON text data

First Seen2024-08-19

Last Seen2024-08-19

Times Seen1

Size310 B (310 bytes)

MD5f7e75a0dedddf2b9babd2106c96f51a1

SHA13570ba1b63cecc03c217c117414356344c7e2bce

SHA256100dcce782def88836afa19a09cc2b3b2f21627ab8fbbdb2fe41317b485cb44b

Certificate Info

IssuerLet's Encrypt

Subjectzhongheyingji.com

FingerprintB4:07:43:EF:DB:6A:3D:30:70:77:36:AE:23:A5:57:26:1F:9F:E7:C9

ValiditySun, 09 Jun 2024 17:55:56 GMT - Sat, 07 Sep 2024 17:55:55 GMT

HTTP Headers

GET /platform/sysmaintenance/customerService HTTP/1.1
Host: vd002-we46hc-bgp-api.zhongheyingji.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gezizhijia.com/
Origin: https://gezizhijia.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 19 Jun 2024 04:16:16 GMT
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: aliyungf_tc=64a04627fc31fed717de7c1bd7e3980f74a6b9e42231974bc17deb75f965778d; Path=/; HttpOnly
x-envoy-upstream-service-time: 5
server: istio-envoy
access-control-allow-origin: https://gezizhijia.com
access-control-allow-credentials: true

GET vd002-we46hc-bgp-api.zhongheyingji.com/platform/user/merchantSetting

203.107.60.182

200 OK

1.7 kB

URL

vd002-we46hc-bgp-api.zhongheyingji.com/platform/user/merchantSetting

IP / ASN

203.107.60.182

#37963 Hangzhou Alibaba Advertising Co.,Ltd.

Requested byhttps://gezizhijia.com/

Resource Info

File typeJSON text data

First Seen2024-08-19

Last Seen2024-08-19

Times Seen1

Size1.7 kB (1717 bytes)

MD5e9b8fc247daa8dd58d539623bc728ad1

SHA1ad1c592cdabc66323706aa2170c7f51ae27b7870

SHA2566c613003bfefbfb93f2fdb39a3257844f1fb1ca8cc276fb4b268b093d08a766c

Certificate Info

IssuerLet's Encrypt

Subjectzhongheyingji.com

FingerprintB4:07:43:EF:DB:6A:3D:30:70:77:36:AE:23:A5:57:26:1F:9F:E7:C9

ValiditySun, 09 Jun 2024 17:55:56 GMT - Sat, 07 Sep 2024 17:55:55 GMT

HTTP Headers

GET /platform/user/merchantSetting HTTP/1.1
Host: vd002-we46hc-bgp-api.zhongheyingji.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gezizhijia.com/
Origin: https://gezizhijia.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 19 Jun 2024 04:16:16 GMT
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: aliyungf_tc=a9abb17cec2528f9b12342a7a2a4414abeaea63a9a0ad1e8a2d2817ebe77d833; Path=/; HttpOnly
x-envoy-upstream-service-time: 6
server: istio-envoy
access-control-allow-origin: https://gezizhijia.com
access-control-allow-credentials: true

GET vd002-tiger-restrictions.zhongheyingji.com/build/bundle.css

143.204.55.87

200 OK

6.5 kB

URL

vd002-tiger-restrictions.zhongheyingji.com/build/bundle.css

IP / ASN

143.204.55.87

#16509 AMAZON-02

Requested byhttps://gezizhijia.com/

Resource Info

File typeASCII text, with very long lines (6544), with no line terminators

First Seen2024-04-24

Last Seen2024-08-20

Times Seen21

Size6.5 kB (6544 bytes)

MD54210c97fd914f2e9529edae2a2075416

SHA1dcf7bfd0ac62888cc11a60f79acdd78611f37ed2

SHA25625296b1501280dfffec4154a0ab3150560be16a80c628b6aee1a646367be60a9

Certificate Info

IssuerLet's Encrypt

Subjectzhongheyingji.com

FingerprintB4:07:43:EF:DB:6A:3D:30:70:77:36:AE:23:A5:57:26:1F:9F:E7:C9

ValiditySun, 09 Jun 2024 17:55:56 GMT - Sat, 07 Sep 2024 17:55:55 GMT

HTTP Headers

GET /build/bundle.css HTTP/1.1
Host: vd002-tiger-restrictions.zhongheyingji.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gezizhijia.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
server: nginx/1.14.1
date: Wed, 19 Jun 2024 03:22:09 GMT
last-modified: Wed, 24 Apr 2024 05:08:38 GMT
etag: W/"4210c97fd914f2e9529edae2a2075416"
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: bouei7q0uunAqIkP42UXeGwPgtEQxvGlmRp-Ogph6qokdtV___2k4g==
age: 3244
X-Firefox-Spdy: h2

GET gezizhijia.com/

47.246.44.200

200 OK

25 kB

URL

gezizhijia.com/

IP / ASN

47.246.44.200

#24429 Zhejiang Taobao Network Co.,Ltd

Requested byN/A

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-02

Times Seen5606738

Size25 kB (25065 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerGoDaddy.com, Inc.

Subjectgezizhijia.com

Fingerprint45:47:E5:6E:A0:AB:03:47:52:87:9C:25:2F:B9:05:E4:72:83:ED:DC

ValidityTue, 28 May 2024 11:06:14 GMT - Fri, 09 May 2025 12:12:53 GMT

HTTP Headers

GET / HTTP/1.1
Host: gezizhijia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfjqavvq1156.app/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Wed, 19 Jun 2024 04:16:13 GMT
x-powered-by: Express
access-control-allow-origin: *
etag: W/"61e9-Mj+yTmkGWuX8csHOmr+BspuDpZk"
x-envoy-upstream-service-time: 11
Content-Encoding: gzip
Via: cache52.l2et15-7[254,0], ens-cache9.se2[454,0]
Timing-Allow-Origin: *
EagleId: 2ff62c9d17187705734092544e

GET vd002-tiger-restrictions.zhongheyingji.com/build/bundle.js

143.204.55.87

200 OK

66 kB

URL

vd002-tiger-restrictions.zhongheyingji.com/build/bundle.js

IP / ASN

143.204.55.87

#16509 AMAZON-02

Requested byhttps://gezizhijia.com/

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-02

Times Seen5606738

Size66 kB (65987 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerLet's Encrypt

Subjectzhongheyingji.com

FingerprintB4:07:43:EF:DB:6A:3D:30:70:77:36:AE:23:A5:57:26:1F:9F:E7:C9

ValiditySun, 09 Jun 2024 17:55:56 GMT - Sat, 07 Sep 2024 17:55:55 GMT

HTTP Headers

GET /build/bundle.js HTTP/1.1
Host: vd002-tiger-restrictions.zhongheyingji.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gezizhijia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
server: nginx/1.14.1
date: Wed, 19 Jun 2024 03:22:10 GMT
last-modified: Wed, 24 Apr 2024 05:08:38 GMT
etag: W/"2e8382a50a68eaddbb672e738548a6b1"
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: mTiIs3GaIiArQp1Vhs3yxaHICatHDDWkKA7nKVoljC-NsNDkr-Fxfw==
age: 3244
X-Firefox-Spdy: h2

GET dfjqavvq1156.app/assets/js/index.js

13.107.246.53

200 OK

2.4 kB

URL

dfjqavvq1156.app/assets/js/index.js

IP / ASN

13.107.246.53

#8075 MICROSOFT-CORP-MSN-AS-BLOCK

Requested byhttps://dfjqavvq1156.app/?p=/

Resource Info

File typeUnicode text, UTF-8 text, with very long lines (2440), with no line terminators

First Seen2024-06-18

Last Seen2025-03-30

Times Seen28

Size2.4 kB (2388 bytes)

MD5bb68ee7ccfd69b920353d67c1d55529c

SHA122cc850b56c3c0ebfd0c587fba8a3840e21f5ef0

SHA256dbbbabf2d533c5ce11e9ab558b6aeb11a6a7bbedf9e78d93a21d2fc87f9b7979

Certificate Info

IssuerDigiCert, Inc.

Subjectdfjqavvq1156.app

Fingerprint02:16:81:12:6A:34:C2:BC:F5:5D:7C:1F:18:F7:6B:92:E5:20:EF:E8

ValidityWed, 29 May 2024 00:00:00 GMT - Fri, 29 Nov 2024 23:59:59 GMT

HTTP Headers

GET /assets/js/index.js HTTP/1.1
Host: dfjqavvq1156.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dfjqavvq1156.app/?p=/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 19 Jun 2024 04:16:09 GMT
content-type: text/javascript; charset=utf-8
last-modified: Fri, 31 May 2024 10:50:09 GMT
content-encoding: gzip
x-cache: CONFIG_NOCACHE
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HqQdZkNeT8KNCRIGXcRcyHWUCNSiFWSt8FVzcBLWhn1Sw86j582Lhw==
is-cache: true
vary: Accept-Encoding, Origin
x-azure-ref: 20240619T041608Z-17d85d5877c62v4be1cta3dt38000000061g000000002gat
X-Firefox-Spdy: h2

GET fe-source.zhongheyingji.com/frontend/prod/fe-images/vd002/logo/primary_logo.png

143.204.55.87

200 OK

8.1 kB

URL

fe-source.zhongheyingji.com/frontend/prod/fe-images/vd002/logo/primary_logo.png

IP / ASN

143.204.55.87

#16509 AMAZON-02

Requested byhttps://gezizhijia.com/

Resource Info

File typePNG image data, 208 x 64, 8-bit/color RGBA, non-interlaced

First Seen2023-10-28

Last Seen2024-08-29

Times Seen34

Size8.1 kB (8140 bytes)

MD599e0d2d19959fa358aa4d84c3573eaaa

SHA1162716c46ffadf2f80930b903ba8d61614eba504

SHA2568381bc4b45be06a6f15bfb8ed8bd04a993e375c7b5f0c22b677d27e80f30e761

Certificate Info

IssuerLet's Encrypt

Subjectzhongheyingji.com

FingerprintB4:07:43:EF:DB:6A:3D:30:70:77:36:AE:23:A5:57:26:1F:9F:E7:C9

ValiditySun, 09 Jun 2024 17:55:56 GMT - Sat, 07 Sep 2024 17:55:55 GMT

HTTP Headers

GET /frontend/prod/fe-images/vd002/logo/primary_logo.png HTTP/1.1
Host: fe-source.zhongheyingji.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gezizhijia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
content-length: 8140
server: nginx/1.14.1
date: Wed, 19 Jun 2024 03:22:11 GMT
last-modified: Wed, 19 Jun 2024 02:49:27 GMT
etag: "99e0d2d19959fa358aa4d84c3573eaaa"
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: NGm0iAbT1cI9U7BG7vPBUkJ1Q2-9SFXiHmwHOm87q-bG28HFiqrZ1Q==
age: 3243
X-Firefox-Spdy: h2

GET fe-source.zhongheyingji.com/app/CountryList/country-list.json

143.204.55.62

200 OK

180 kB

URL

fe-source.zhongheyingji.com/app/CountryList/country-list.json

IP / ASN

143.204.55.62

#16509 AMAZON-02

Requested byhttps://gezizhijia.com/

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-02

Times Seen5606738

Size180 kB (179587 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Certificate Info

IssuerLet's Encrypt

Subjectzhongheyingji.com

FingerprintB4:07:43:EF:DB:6A:3D:30:70:77:36:AE:23:A5:57:26:1F:9F:E7:C9

ValiditySun, 09 Jun 2024 17:55:56 GMT - Sat, 07 Sep 2024 17:55:55 GMT

HTTP Headers

GET /app/CountryList/country-list.json HTTP/1.1
Host: fe-source.zhongheyingji.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gezizhijia.com/
Origin: https://gezizhijia.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/json
server: nginx/1.14.1
date: Wed, 19 Jun 2024 03:22:11 GMT
last-modified: Tue, 06 Jun 2023 12:06:01 GMT
etag: W/"9d17676cfae2cc43fcd89a0f90b30e84"
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: z8a8yyc2KE89SiAznltNYY4KVVzoEQbZBbEDSmYuafG8mNHhWezdjA==
age: 3243
X-Firefox-Spdy: h2