urlscan.io logo urlscan.io
SecurityTrails logo

app1.ejflor.vip Open in urlscan Pro
212.24.127.143  Public Scan

Go To Rescan Add Verdict Report
URL: https://app1.ejflor.vip/
Submission Tags: @phishunt_io
Submission: On June 12 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 6 countries across 18 domains to perform 35 HTTP transactions. The main IP is 212.24.127.143, located in Frankfurt (Oder), Germany and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is app1.ejflor.vip.
TLS certificate: Issued by R3 on June 12th 2023. Valid for: 3 months.
This is the only time app1.ejflor.vip was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
17 212.24.127.143 209242 (CLOUDFLAR...)
2 43.154.6.56 132203 (TENCENT-N...)
3 45.158.56.115 209242 (CLOUDFLAR...)
4 45.60.64.210 19551 (INCAPSULA)
2 212.24.127.107 209242 (CLOUDFLAR...)
1 81.17.29.147 51852 (PLI-AS)
1 103.22.158.13 45504 (SPLUNKNET...)
35 8
17    212.24.127.143 (Frankfurt (Oder), Germany)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
app1.ejflor.vip
2    43.154.6.56 (Central, Hong Kong)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
tcdn.nnjxry.com
tcdn11.hfblgd.com
3    45.158.56.115 (Singapore)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
www.lydfzp.com
www.jiananhealth.com
www.hongguanfeng.com
4    45.60.64.210 (United States)

ASN19551 (INCAPSULA, US)
www.sqsmfcyy.com
www.lingaokf.com
www.songhechen.com
www.shandongtyn.com
2    212.24.127.107 (Frankfurt (Oder), Germany)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
www.hfblgd.com
www.gzbbdz.com
1    81.17.29.147 (Zurich, Switzerland)

ASN51852 (PLI-AS, PA)
PTR: hostedby.privatelayer.com
www.rhoptics.com
1    103.22.158.13 (Taiwan)

ASN45504 (SPLUNKNET-PH MCPO Box 1906, PH)
www.sdxshlb.com

This site contains links to these domains. Also see Links.

Domain
www.xiniupaofen.com
www.jdcfwealth.com
www.manycai.club
Subject Issuer Validity Valid
app1.ejflor.vip
R3		 2023-06-12 -
2023-09-10		 3 months crt.sh
tcdn.yhshahua.com
R3		 2023-05-29 -
2023-08-27		 3 months crt.sh
www.lydfzp.com
R3		 2023-05-01 -
2023-07-30		 3 months crt.sh
www.muming666.net
R3		 2023-06-12 -
2023-09-10		 3 months crt.sh
www.hfblgd.com
R3		 2023-05-01 -
2023-07-30		 3 months crt.sh
www.jiananhealth.com
R3		 2023-05-01 -
2023-07-30		 3 months crt.sh
www.gzbbdz.com
R3		 2023-05-01 -
2023-07-30		 3 months crt.sh
www.hongguanfeng.com
R3		 2023-05-01 -
2023-07-30		 3 months crt.sh
rhoptics.com
R3		 2023-06-02 -
2023-08-31		 3 months crt.sh
sp5.jvrbiv.vip
R3		 2023-06-12 -
2023-09-10		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://app1.ejflor.vip/
Frame ID: 6B99198B2607596AE593BE9614693C6C
Requests: 42 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

沐鸣娱乐-官方网站

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

35
Requests

86 %
HTTPS

0 %
IPv6

18
Domains

19
Subdomains

8
IPs

6
Countries

1579 kB
Transfer

5607 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
app1.ejflor.vip/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app1.ejflor.vip/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.143 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
7bbecb94c88f0dbfdb291b1a2204cbfe2eaff5c70c880b4767fec37c5c988dc2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type, Authorization, Source, Accept-Currency
access-control-allow-methods
POST, PUT, GET, DELETE, HEAD, OPTION
access-control-expose-headers
Authorization, Set-Cookie
access-control-max-age
86400
cache-control
private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 12 Jun 2023 11:15:24 GMT
server
****
vary
Accept-Encoding
x-cache
BYPASS
x-ratelimit-limit
300
x-ratelimit-remaining
299
x-request-id
a35ca9cf593cd7febb939d098a8d8266
0.4e9a172398a55fb745a8.css
app1.ejflor.vip/webx/mm/desktop/styles/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app1.ejflor.vip/webx/mm/desktop/styles/0.4e9a172398a55fb745a8.css?v=23.03.21.10123
Requested by
Host: app1.ejflor.vip
URL: https://app1.ejflor.vip/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.143 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
7879bdfa80b78ef49786bc8e66f3bdd0174ee05b02d0ade6f0a9fcf3f53c1057
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.ejflor.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 11:15:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Tue, 06 Jun 2023 18:30:45 GMT
server
****
etag
W/"647f7b55-2421"
vary
Accept-Encoding
x-cache
MISS
content-type
text/css
cache-control
max-age=1800
x-xss-protection
1
x-request-id
46d54a5015dd5c59290bd8ef9fc0ee5f
expires
Mon, 19 Jun 2023 11:15:24 GMT
index.4e9a.css
app1.ejflor.vip/webx/mm/desktop/styles/ 		1 MB
259 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app1.ejflor.vip/webx/mm/desktop/styles/index.4e9a.css?v=23.03.21.10123
Requested by
Host: app1.ejflor.vip
URL: https://app1.ejflor.vip/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.143 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
229987dc53edbbe6f72a407806ed6d049090262eb46f80e7009b1c1c5db85b73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.ejflor.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 11:15:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Tue, 06 Jun 2023 18:30:45 GMT
server
****
etag
W/"647f7b55-13c2ac"
vary
Accept-Encoding
x-cache
MISS
content-type
text/css
cache-control
max-age=1800
x-xss-protection
1
x-request-id
0f9d79aadccb2fb4052814fdf92d1645
expires
Mon, 19 Jun 2023 11:15:24 GMT
chunk.vendor.cce1.js
app1.ejflor.vip/webx/mm/desktop/javascript/ 		728 KB
228 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app1.ejflor.vip/webx/mm/desktop/javascript/chunk.vendor.cce1.js?v=23.03.21.10123
Requested by
Host: app1.ejflor.vip
URL: https://app1.ejflor.vip/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.143 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
217dc052d50c7d2ef31f5ff8587a3e13c6182e5376d573114f60ef4bfb2ed973
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.ejflor.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 11:15:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Tue, 06 Jun 2023 18:30:45 GMT
server
****
etag
W/"647f7b55-b5f32"
vary
Accept-Encoding
x-cache
MISS
content-type
application/x-javascript
cache-control
max-age=1800
x-xss-protection
1
x-request-id
7e2640008867e48eaa3a89589979a8c9
expires
Mon, 19 Jun 2023 11:15:24 GMT
base.4e9a.js
app1.ejflor.vip/webx/mm/desktop/javascript/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app1.ejflor.vip/webx/mm/desktop/javascript/base.4e9a.js?v=23.03.21.10123
Requested by
Host: app1.ejflor.vip
URL: https://app1.ejflor.vip/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.143 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
4ded5c26749eebacb4635287233cb58f2d420e974c57b0ee7e44c831c2451b0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.ejflor.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 11:15:25 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Tue, 06 Jun 2023 18:30:45 GMT
server
****
etag
W/"647f7b55-26b1"
vary
Accept-Encoding
x-cache
MISS
content-type
application/x-javascript
cache-control
max-age=1800
x-xss-protection
1
x-request-id
4929fa0cd7040e963896556f7a32821a
expires
Mon, 19 Jun 2023 11:15:24 GMT
bootstrap.4e9a.js
app1.ejflor.vip/webx/mm/desktop/javascript/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app1.ejflor.vip/webx/mm/desktop/javascript/bootstrap.4e9a.js?v=23.03.21.10123
Requested by
Host: app1.ejflor.vip
URL: https://app1.ejflor.vip/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.143 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
ce481c3e91f5fb0ae8ec014715552391da7a7b78f76998933ecfcabe1e551b9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.ejflor.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 11:15:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Tue, 06 Jun 2023 18:30:45 GMT
server
****
etag
W/"647f7b55-222f"
vary
Accept-Encoding
x-cache
MISS
content-type
application/x-javascript
cache-control
max-age=1800
x-xss-protection
1
x-request-id
3f460514917ddfe5e36699dc58df8b57
expires
Mon, 19 Jun 2023 11:15:24 GMT
index.4e9a.js
app1.ejflor.vip/webx/mm/desktop/javascript/ 		873 KB
217 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app1.ejflor.vip/webx/mm/desktop/javascript/index.4e9a.js?v=23.03.21.10123
Requested by
Host: app1.ejflor.vip
URL: https://app1.ejflor.vip/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.143 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
8e0f4083e4378a47e3b7da80c413df3a91a68e457da9ef1b051228a17b9e98df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.ejflor.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 11:15:25 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Tue, 06 Jun 2023 18:30:45 GMT
server
****
etag
W/"647f7b55-da37d"
vary
Accept-Encoding
x-cache
MISS
content-type
application/x-javascript
cache-control
max-age=1800
x-xss-protection
1
x-request-id
e0ddbe32793707b22a616870308b874b
expires
Mon, 19 Jun 2023 11:15:24 GMT
/
app1.ejflor.vip/api/settings/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app1.ejflor.vip/api/settings/?fields=
Requested by
Host: app1.ejflor.vip
URL: https://app1.ejflor.vip/webx/mm/desktop/javascript/chunk.vendor.cce1.js?v=23.03.21.10123
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.143 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
c23dfe44eb1c34dc1504109dddb73655aff8255f5de54ff9dbe1527b5a6bca3e

Request headers

Accept
application/json, text/plain, */*
Referer
https://app1.ejflor.vip/
Accept-Language
de-DE,de;q=0.9
Authorization
bearer undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Accept-Currency
cny
Content-Type
application/vnd.sc-api.v1.json

Response headers

date
Mon, 12 Jun 2023 11:15:27 GMT
content-encoding
gzip
x-cache
BYPASS
x-request-id
63917c35ba671a68c626fa465eeba85d
x-runtime
0.071
server
****
vary
Accept-Encoding
x-ratelimit-remaining
299
content-type
application/json
access-control-max-age
86400
access-control-allow-methods
POST, PUT, GET, DELETE, HEAD, OPTION
access-control-expose-headers
Authorization, Set-Cookie
cache-control
max-age=0, no-cache, no-store, private
access-control-allow-credentials
true
x-ratelimit-limit
300
access-control-allow-headers
X-Requested-With, Content-Type, Authorization, Source, Accept-Currency
methods.js
app1.ejflor.vip/webx/mm/static/ 		2 MB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app1.ejflor.vip/webx/mm/static/methods.js?70db30f1
Requested by
Host: app1.ejflor.vip
URL: https://app1.ejflor.vip/webx/mm/desktop/javascript/index.4e9a.js?v=23.03.21.10123
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.143 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
82f646e2d8e66d3ffae021483778a4cedeef47d61a3ed462805f3ff8510d5d94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.ejflor.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 11:15:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Tue, 06 Jun 2023 18:30:45 GMT
server
****
etag
W/"647f7b55-1eaab4"
vary
Accept-Encoding
x-cache
MISS
content-type
application/x-javascript
cache-control
max-age=1800
x-xss-protection
1
x-request-id
513db2e06153ae50922d98a19e489ed4
expires
Mon, 19 Jun 2023 11:15:28 GMT
qr_code.png
tcdn.nnjxry.com/mm/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tcdn.nnjxry.com/mm/qr_code.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
43.154.6.56 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
6ddd68f346eb7fffa431843dec2213be01ae41e50bf56c8df6296ea9d970054b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.ejflor.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires
Mon, 12 Jun 2023 11:25:28 GMT
date
Mon, 12 Jun 2023 11:15:28 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Thu, 12 Jan 2023 08:51:12 GMT
server
nginx
etag
"63bfca00-b6d"
content-type
image/png
x-remote-addr
138.199.38.132
cache-control
max-age=600
http-geo-ipcountry
DE
accept-ranges
bytes
x-forwarded-port
443
content-length
2925
x-xss-protection
1
x-proxy-cache
HIT
qr_code_auto.png
tcdn11.hfblgd.com/mm/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tcdn11.hfblgd.com/mm/qr_code_auto.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
43.154.6.56 Central, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
nginx /
Resource Hash
06ca213e77cb67e932e9865172aeb4447c3cd7bb0426c7a3f29d0b0b9f1f3516
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.ejflor.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

expires
Mon, 12 Jun 2023 11:25:28 GMT
date
Mon, 12 Jun 2023 11:15:28 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Thu, 12 Jan 2023 08:51:12 GMT
server
nginx
etag
"63bfca00-b42"
content-type
image/png
x-remote-addr
138.199.38.132
cache-control
max-age=600
http-geo-ipcountry
DE
accept-ranges
bytes
x-forwarded-port
443
content-length
2882
x-xss-protection
1
x-proxy-cache
HIT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3011b21b633b0fb391d7da4ffcf70bb0f5b6b8a900985834538cb31f7b3ebb08

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/png
3d0a07.jpg
app1.ejflor.vip/webx/mm/desktop/images/ 		83 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app1.ejflor.vip/webx/mm/desktop/images/3d0a07.jpg
Requested by
Host: app1.ejflor.vip
URL: https://app1.ejflor.vip/webx/mm/desktop/styles/index.4e9a.css?v=23.03.21.10123
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.143 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
d0b2c3dc4cf5b82afcb76ed35eb99f11fb7e1526384ff4eb99b5dbfd37b8f1d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.ejflor.vip/webx/mm/desktop/styles/index.4e9a.css?v=23.03.21.10123
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 11:15:28 GMT
strict-transport-security
max-age=31536000; includeSubdomains
content-encoding
gzip
last-modified
Mon, 07 Feb 2022 18:34:04 GMT
server
****
etag
W/"6201661c-14a6e"
vary
Accept-Encoding
x-cache
MISS
content-type
image/jpeg
cache-control
max-age=1800
x-xss-protection
1
x-request-id
e266db9d0aab43472cbe11b8759fd023
expires
Mon, 19 Jun 2023 11:15:27 GMT
680f93.gif
app1.ejflor.vip/webx/mm/desktop/images/ 		192 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app1.ejflor.vip/webx/mm/desktop/images/680f93.gif
Requested by
Host: app1.ejflor.vip
URL: https://app1.ejflor.vip/webx/mm/desktop/styles/index.4e9a.css?v=23.03.21.10123
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.143 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
7b6f4a1e3b77062885dba04da1f44c7d83599da2f2440a3e7f291d38aa52647e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.ejflor.vip/webx/mm/desktop/styles/index.4e9a.css?v=23.03.21.10123
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 11:15:28 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Mon, 07 Feb 2022 18:34:04 GMT
server
****
etag
"6201661c-301a7"
x-cache
MISS
content-type
image/gif
cache-control
max-age=1800
accept-ranges
bytes
content-length
197031
x-xss-protection
1
x-request-id
eb3bef2d0529603b563999c9436e8822
expires
Mon, 19 Jun 2023 11:15:28 GMT
18a1ab.png
app1.ejflor.vip/webx/mm/desktop/images/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app1.ejflor.vip/webx/mm/desktop/images/18a1ab.png
Requested by
Host: app1.ejflor.vip
URL: https://app1.ejflor.vip/webx/mm/desktop/styles/index.4e9a.css?v=23.03.21.10123
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.143 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
1047b22c374840c210dac57da794883f11d5e410281844a312c18981fb924ce9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.ejflor.vip/webx/mm/desktop/styles/index.4e9a.css?v=23.03.21.10123
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 11:15:28 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Mon, 07 Feb 2022 18:34:04 GMT
server
****
etag
"6201661c-47be"
x-cache
MISS
content-type
image/png
cache-control
max-age=1800
accept-ranges
bytes
content-length
18366
x-xss-protection
1
x-request-id
ac85e55e122c207acd0333014fe9c89e
expires
Mon, 19 Jun 2023 11:15:27 GMT
4bc8f3.gif
app1.ejflor.vip/webx/mm/desktop/images/ 		399 KB
400 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app1.ejflor.vip/webx/mm/desktop/images/4bc8f3.gif
Requested by
Host: app1.ejflor.vip
URL: https://app1.ejflor.vip/webx/mm/desktop/styles/index.4e9a.css?v=23.03.21.10123
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.143 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
d8fcf4c38cd51906a78e800232446eb081ee4f0a342065020050ec529354244d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.ejflor.vip/webx/mm/desktop/styles/index.4e9a.css?v=23.03.21.10123
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 11:15:28 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Thu, 19 May 2022 17:59:23 GMT
server
****
etag
"6286857b-63c07"
x-cache
MISS
content-type
image/gif
cache-control
max-age=1800
accept-ranges
bytes
content-length
408583
x-xss-protection
1
x-request-id
e9645147e89f0219658716dac5d412b7
expires
Mon, 19 Jun 2023 11:15:28 GMT
6701ed.png
app1.ejflor.vip/webx/mm/desktop/images/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app1.ejflor.vip/webx/mm/desktop/images/6701ed.png
Requested by
Host: app1.ejflor.vip
URL: https://app1.ejflor.vip/webx/mm/desktop/styles/index.4e9a.css?v=23.03.21.10123
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.143 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
8d8c4851dc05214c8adc0b2b4706741ed65cd3b1d07db91ef3531d968edf2d15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.ejflor.vip/webx/mm/desktop/styles/index.4e9a.css?v=23.03.21.10123
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 11:15:28 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Mon, 07 Feb 2022 18:34:04 GMT
server
****
etag
"6201661c-3a96"
x-cache
MISS
content-type
image/png
cache-control
max-age=1800
accept-ranges
bytes
content-length
14998
x-xss-protection
1
x-request-id
fe3bc92ba621b753acc3d1d55eded686
expires
Mon, 19 Jun 2023 11:15:27 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5d217db6903c47bad207fb46cc8fff77dc7e6bf300dbb955b2c07aea74a8e41b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/png
551596.png
app1.ejflor.vip/webx/mm/desktop/images/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app1.ejflor.vip/webx/mm/desktop/images/551596.png
Requested by
Host: app1.ejflor.vip
URL: https://app1.ejflor.vip/webx/mm/desktop/styles/index.4e9a.css?v=23.03.21.10123
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.143 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
8f29ea907e2ec33c61639f6109d53c09c9d1ff444107d18bfa6dc1bd93be0553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.ejflor.vip/webx/mm/desktop/styles/index.4e9a.css?v=23.03.21.10123
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 11:15:28 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Mon, 07 Feb 2022 18:34:04 GMT
server
****
etag
"6201661c-45ad"
x-cache
MISS
content-type
image/png
cache-control
max-age=1800
accept-ranges
bytes
content-length
17837
x-xss-protection
1
x-request-id
b82a8da4efd44f5393f714fd7930029d
expires
Mon, 19 Jun 2023 11:15:28 GMT
speedtests
app1.ejflor.vip/api/domain/platform/ 		390 B
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app1.ejflor.vip/api/domain/platform/speedtests
Requested by
Host: app1.ejflor.vip
URL: https://app1.ejflor.vip/webx/mm/desktop/javascript/chunk.vendor.cce1.js?v=23.03.21.10123
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.143 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
22f01e59979c969abef5ff90e1a8dc926eec7953c5658d64e7c5933e47c2539b

Request headers

Accept
application/json, text/plain, */*
Referer
https://app1.ejflor.vip/
Accept-Language
de-DE,de;q=0.9
Authorization
bearer undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Accept-Currency
cny
Content-Type
application/vnd.sc-api.v1.json

Response headers

date
Mon, 12 Jun 2023 11:15:28 GMT
content-encoding
gzip
x-cache
BYPASS
x-request-id
c70a158641f21e63d77a3ddc3c5f9bf3
x-runtime
0.059
server
****
vary
Accept-Encoding
x-ratelimit-remaining
299
content-type
application/json
access-control-max-age
86400
access-control-allow-methods
POST, PUT, GET, DELETE, HEAD, OPTION
access-control-expose-headers
Authorization, Set-Cookie
cache-control
max-age=0, no-cache, no-store, private
access-control-allow-credentials
true
x-ratelimit-limit
300
access-control-allow-headers
X-Requested-With, Content-Type, Authorization, Source, Accept-Currency
point.bmp
www.agvcrown.com/ 		0
0
point.bmp
www.sclhjyw.com/ 		0
0
point.bmp
www.lydfzp.com/ 		68 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lydfzp.com/point.bmp?r=568020
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.158.56.115 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
2b3682c5f917daa61aa72a00effa6145ae1501ab375bb65a0827139c570ece5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.ejflor.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 11:15:28 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Sun, 28 Jun 2020 04:10:39 GMT
server
****
etag
"5ef8183f-44"
x-cache
MISS
content-type
image/x-ms-bmp
cache-control
max-age=1800
accept-ranges
bytes
content-length
68
x-xss-protection
1
x-request-id
63b71d06f640c5e87e1a724b98728f6f
expires
Mon, 19 Jun 2023 11:15:28 GMT
point.bmp
www.sqsmfcyy.com/ 		68 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sqsmfcyy.com/point.bmp?r=263152
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.64.210 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
2b3682c5f917daa61aa72a00effa6145ae1501ab375bb65a0827139c570ece5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.ejflor.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 11:15:29 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Sun, 28 Jun 2020 04:10:39 GMT
server
nginx
x-cdn
Imperva
etag
"5ef8183f-44"
content-type
image/x-ms-bmp
x-iinfo
5-31292885-31292887 NNNN CT(185 372 0) RT(1686568527640 15) q(0 0 6 0) r(8 8) U18
cache-control
max-age=604800
accept-ranges
bytes
content-length
68
x-xss-protection
1
expires
Mon, 19 Jun 2023 11:15:29 GMT
point.bmp
www.lingaokf.com/ 		68 B
639 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lingaokf.com/point.bmp?r=719453
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.64.210 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
2b3682c5f917daa61aa72a00effa6145ae1501ab375bb65a0827139c570ece5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.ejflor.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 11:15:29 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Sun, 28 Jun 2020 04:10:39 GMT
server
nginx
x-cdn
Imperva
etag
"5ef8183f-44"
content-type
image/x-ms-bmp
x-iinfo
9-72461548-72461551 NNNN CT(247 501 0) RT(1686568527641 20) q(0 0 8 0) r(11 11) U18
cache-control
max-age=604800
accept-ranges
bytes
content-length
68
x-xss-protection
1
expires
Mon, 19 Jun 2023 11:15:29 GMT
point.bmp
www.hfblgd.com/ 		68 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hfblgd.com/point.bmp?r=839548
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.107 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
2b3682c5f917daa61aa72a00effa6145ae1501ab375bb65a0827139c570ece5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.ejflor.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 11:15:29 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Sun, 28 Jun 2020 04:10:39 GMT
server
****
etag
"5ef8183f-44"
x-cache
MISS
content-type
image/x-ms-bmp
cache-control
max-age=1800
accept-ranges
bytes
content-length
68
x-xss-protection
1
x-request-id
7f1f51ba572cfae9ea9ddc0d4c94da40
expires
Mon, 19 Jun 2023 11:15:28 GMT
point.bmp
www.jiananhealth.com/ 		68 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.jiananhealth.com/point.bmp?r=330544
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.158.56.115 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
2b3682c5f917daa61aa72a00effa6145ae1501ab375bb65a0827139c570ece5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.ejflor.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 11:15:28 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Sun, 28 Jun 2020 04:10:39 GMT
server
****
etag
"5ef8183f-44"
x-cache
MISS
content-type
image/x-ms-bmp
cache-control
max-age=1800
accept-ranges
bytes
content-length
68
x-xss-protection
1
x-request-id
2f00497c0f8e98682bd7a6241c70d4b6
expires
Mon, 19 Jun 2023 11:15:28 GMT
point.bmp
www.wanxuhekeji.com/ 		0
0
point.bmp
www.gzbbdz.com/ 		68 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gzbbdz.com/point.bmp?r=576908
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.107 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
2b3682c5f917daa61aa72a00effa6145ae1501ab375bb65a0827139c570ece5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.ejflor.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 11:15:29 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Sun, 28 Jun 2020 04:10:39 GMT
server
****
etag
"5ef8183f-44"
x-cache
MISS
content-type
image/x-ms-bmp
cache-control
max-age=1800
accept-ranges
bytes
content-length
68
x-xss-protection
1
x-request-id
b7b6d9cef1f02671f7cd95f2b97c2881
expires
Mon, 19 Jun 2023 11:15:28 GMT
point.bmp
www.hongguanfeng.com/ 		68 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hongguanfeng.com/point.bmp?r=418740
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.158.56.115 , Singapore, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
2b3682c5f917daa61aa72a00effa6145ae1501ab375bb65a0827139c570ece5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.ejflor.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 11:15:29 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Sun, 28 Jun 2020 04:10:39 GMT
server
****
etag
"5ef8183f-44"
x-cache
MISS
content-type
image/x-ms-bmp
cache-control
max-age=1800
accept-ranges
bytes
content-length
68
x-xss-protection
1
x-request-id
8da9d21ec08f2166e522003b6456ecd6
expires
Mon, 19 Jun 2023 11:15:29 GMT
point.bmp
www.guojilyd.com/ 		0
0
point.bmp
www.officesedu.com/ 		0
0
point.bmp
www.rhoptics.com/ 		9 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rhoptics.com/point.bmp?r=75613
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.17.29.147 Zurich, Switzerland, ASN51852 (PLI-AS, PA),
Reverse DNS
hostedby.privatelayer.com
Software
Cowboy /
Resource Hash
907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.ejflor.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 11:15:28 GMT
cache-control
max-age=0, private, must-revalidate
server
Cowboy
content-length
9
point.bmp
www.sdxshlb.com/ 		68 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sdxshlb.com/point.bmp?r=310941
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
103.22.158.13 , Taiwan, ASN45504 (SPLUNKNET-PH MCPO Box 1906, PH),
Reverse DNS
Software
2.0.0 /
Resource Hash
2b3682c5f917daa61aa72a00effa6145ae1501ab375bb65a0827139c570ece5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.ejflor.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 11:15:29 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Sun, 28 Jun 2020 04:10:39 GMT
server
2.0.0
etag
"5ef8183f-44"
content-type
image/x-ms-bmp
cache-control
max-age=604800
accept-ranges
bytes
content-length
68
x-xss-protection
1
expires
Mon, 19 Jun 2023 11:15:29 GMT
point.bmp
www.songhechen.com/ 		68 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.songhechen.com/point.bmp?r=221432
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.64.210 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
2b3682c5f917daa61aa72a00effa6145ae1501ab375bb65a0827139c570ece5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.ejflor.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 11:15:29 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Sun, 28 Jun 2020 04:10:39 GMT
server
nginx
x-cdn
Imperva
etag
"5ef8183f-44"
content-type
image/x-ms-bmp
x-iinfo
9-72461548-72461609 NNNN CT(186 401 0) RT(1686568527641 448) q(0 0 6 0) r(9 9) U18
cache-control
max-age=604800
accept-ranges
bytes
content-length
68
x-xss-protection
1
expires
Mon, 19 Jun 2023 11:15:29 GMT
point.bmp
www.shandongtyn.com/ 		68 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shandongtyn.com/point.bmp?r=713413
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.64.210 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
2b3682c5f917daa61aa72a00effa6145ae1501ab375bb65a0827139c570ece5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.ejflor.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 11:15:29 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Sun, 28 Jun 2020 04:10:39 GMT
server
nginx
x-cdn
Imperva
etag
"5ef8183f-44"
content-type
image/x-ms-bmp
x-iinfo
1009-72461548-72461643 NNNN CT(197 452 0) RT(1686568527641 572) q(0 0 6 0) r(9 9) U18
cache-control
max-age=604800
accept-ranges
bytes
content-length
68
x-xss-protection
1
expires
Mon, 19 Jun 2023 11:15:29 GMT
point.bmp
app1.ejflor.vip// 		68 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app1.ejflor.vip//point.bmp?r=232883
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
212.24.127.143 Frankfurt (Oder), Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
**** /
Resource Hash
2b3682c5f917daa61aa72a00effa6145ae1501ab375bb65a0827139c570ece5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://app1.ejflor.vip/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date
Mon, 12 Jun 2023 11:15:28 GMT
strict-transport-security
max-age=31536000; includeSubdomains
last-modified
Sun, 28 Jun 2020 04:10:39 GMT
server
****
etag
"5ef8183f-44"
x-cache
MISS
content-type
image/x-ms-bmp
cache-control
max-age=1800
accept-ranges
bytes
content-length
68
x-xss-protection
1
x-request-id
da81f69503a7feab17dd7968a1f7e2fa
expires
Mon, 19 Jun 2023 11:15:28 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b482ab2eb4525a34b4e40412ea922a6103d1c47b6961783d64ba6e5956df5b30

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e56f02f0350f768227b40d0b9a4f99ec40ab00a5cfe9049e1a4dcc024e9c3f5b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
46707a7c7f77a862b2f8a6c30012a94329c6276a11bcffc2b5f23d86bcda2ea0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
30e456f7aca071025cacfa2b96bf956086aec43f97f5899ed2a47f928180845f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
06bb51d6cbe169f6996926e56ac8076385287651fa12d68ab3622a4e56a5c430

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type
image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.agvcrown.com
URL
https://www.agvcrown.com/point.bmp?r=402159
Domain
www.sclhjyw.com
URL
https://www.sclhjyw.com/point.bmp?r=219378
Domain
www.wanxuhekeji.com
URL
https://www.wanxuhekeji.com/point.bmp?r=773510
Domain
www.guojilyd.com
URL
https://www.guojilyd.com/point.bmp?r=64901
Domain
www.officesedu.com
URL
https://www.officesedu.com/point.bmp?r=727005

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend string| __CDN_PUBLIC_PATH__ object| webpackJsonp function| webpackHotUpdate function| _ string| $LANG string| $CURRENCY object| i18nDebug function| PushStream object| PushStreamManager function| setImmediate function| clearImmediate object| FontAwesomeConfig object| ___FONT_AWESOME___ number| 2f1acc6c3a606b082e5eef5e54414ffb object| Hex object| Base64 function| ASN1 function| loadStaticMethodData object| devConsole function| _i18n number| serverTime number| localTime number| during object| method-data

1 Cookies

Domain/Path Name / Value
app1.ejflor.vip/ Name: session_sslproxy_server
Value: d436407f-cbf4-43439b918b049b12883e60123ff7a0504865

5 Console Messages

Source Level URL
Text
network error URL: https://www.wanxuhekeji.com/point.bmp?r=773510
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://www.agvcrown.com/point.bmp?r=402159
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://www.guojilyd.com/point.bmp?r=64901
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://www.officesedu.com/point.bmp?r=727005
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://www.rhoptics.com/point.bmp?r=75613
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app1.ejflor.vip
tcdn.nnjxry.com
tcdn11.hfblgd.com
www.agvcrown.com
www.guojilyd.com
www.gzbbdz.com
www.hfblgd.com
www.hongguanfeng.com
www.jiananhealth.com
www.lingaokf.com
www.lydfzp.com
www.officesedu.com
www.rhoptics.com
www.sclhjyw.com
www.sdxshlb.com
www.shandongtyn.com
www.songhechen.com
www.sqsmfcyy.com
www.wanxuhekeji.com
www.agvcrown.com
www.guojilyd.com
www.officesedu.com
www.sclhjyw.com
www.wanxuhekeji.com
103.22.158.13
212.24.127.107
212.24.127.143
43.154.6.56
45.158.56.115
45.60.64.210
81.17.29.147
06bb51d6cbe169f6996926e56ac8076385287651fa12d68ab3622a4e56a5c430
06ca213e77cb67e932e9865172aeb4447c3cd7bb0426c7a3f29d0b0b9f1f3516
1047b22c374840c210dac57da794883f11d5e410281844a312c18981fb924ce9
217dc052d50c7d2ef31f5ff8587a3e13c6182e5376d573114f60ef4bfb2ed973
229987dc53edbbe6f72a407806ed6d049090262eb46f80e7009b1c1c5db85b73
22f01e59979c969abef5ff90e1a8dc926eec7953c5658d64e7c5933e47c2539b
2b3682c5f917daa61aa72a00effa6145ae1501ab375bb65a0827139c570ece5c
3011b21b633b0fb391d7da4ffcf70bb0f5b6b8a900985834538cb31f7b3ebb08
30e456f7aca071025cacfa2b96bf956086aec43f97f5899ed2a47f928180845f
46707a7c7f77a862b2f8a6c30012a94329c6276a11bcffc2b5f23d86bcda2ea0
4ded5c26749eebacb4635287233cb58f2d420e974c57b0ee7e44c831c2451b0a
5d217db6903c47bad207fb46cc8fff77dc7e6bf300dbb955b2c07aea74a8e41b
6ddd68f346eb7fffa431843dec2213be01ae41e50bf56c8df6296ea9d970054b
7879bdfa80b78ef49786bc8e66f3bdd0174ee05b02d0ade6f0a9fcf3f53c1057
7b6f4a1e3b77062885dba04da1f44c7d83599da2f2440a3e7f291d38aa52647e
7bbecb94c88f0dbfdb291b1a2204cbfe2eaff5c70c880b4767fec37c5c988dc2
82f646e2d8e66d3ffae021483778a4cedeef47d61a3ed462805f3ff8510d5d94
8d8c4851dc05214c8adc0b2b4706741ed65cd3b1d07db91ef3531d968edf2d15
8e0f4083e4378a47e3b7da80c413df3a91a68e457da9ef1b051228a17b9e98df
8f29ea907e2ec33c61639f6109d53c09c9d1ff444107d18bfa6dc1bd93be0553
907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9
b482ab2eb4525a34b4e40412ea922a6103d1c47b6961783d64ba6e5956df5b30
c23dfe44eb1c34dc1504109dddb73655aff8255f5de54ff9dbe1527b5a6bca3e
ce481c3e91f5fb0ae8ec014715552391da7a7b78f76998933ecfcabe1e551b9d
d0b2c3dc4cf5b82afcb76ed35eb99f11fb7e1526384ff4eb99b5dbfd37b8f1d0
d8fcf4c38cd51906a78e800232446eb081ee4f0a342065020050ec529354244d
e56f02f0350f768227b40d0b9a4f99ec40ab00a5cfe9049e1a4dcc024e9c3f5b