gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
7.6 kB URL User Request GET gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
IP
ASN #137951 Clayer Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1056)
Hash 1a3f30891020b0d8647056a5a9cb52b0
24ed9e9ac7741eb2939ed546e2936483a51adb98
e7756309824fbcc511cb8e99462ae53ea395aed465cbd04b98a22f082f7f5daa
GET /cx/071287/112/setup_1891b2gd.exe HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:27 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
gxx8295855.dwonxiazai.com/template/news/xz/skin/css/share2020.css
200 OK 1.3 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/css/share2020.css
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Hash 965ab2db5d3da895c63917004a71ba6f
8a856702f7bf55aab7e47842bfbfbe387765c033
88654c9e697d663bad291aabd5c06d9c5e0dde957d79f7372b22e1e5e0666506
GET /template/news/xz/skin/css/share2020.css HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:28 GMT
Content-Type: text/css
Last-Modified: Thu, 24 Nov 2022 01:55:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"637ecf00-1851"
Expires: Wed, 27 Sep 2023 03:02:28 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
gxx8295855.dwonxiazai.com/template/news/xz/skin/css/page202102.css
200 OK 3.5 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/css/page202102.css
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Hash a7172fa265368eb821472d13872aaac0
a85661cf3317bfd26a6c02637394ddcbe8a30f66
55c71eab40c00983121caf83df2caa84cf8e33a69265f4fac94a5ee459d92757
GET /template/news/xz/skin/css/page202102.css HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:28 GMT
Content-Type: text/css
Last-Modified: Thu, 24 Nov 2022 01:55:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"637ecf00-2ce9"
Expires: Wed, 27 Sep 2023 03:02:28 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
gxx8295855.dwonxiazai.com/template/news/xz/skin/css/pagetyn4.css
200 OK 2.7 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/css/pagetyn4.css
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Hash 082a5cb20b70f6a96d0873e584a51b89
5506ca0d662415ec6b7a54d857121e14ecc749aa
40a2ed838240026c62e99c7d5365867850e31c4474016acec03c44d692759018
GET /template/news/xz/skin/css/pagetyn4.css HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:28 GMT
Content-Type: text/css
Last-Modified: Thu, 24 Nov 2022 01:55:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"637ecf00-2663"
Expires: Wed, 27 Sep 2023 03:02:28 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
gxx8295855.dwonxiazai.com/template/news/xz/skin/css/compatiblen2.css
200 OK 1.2 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/css/compatiblen2.css
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Hash 7e0ab3a2d0a0561209a5b64c28a2c207
a317757816a9c56aeb91d2d652b877af0fd83a3b
3dc63f54b562419b6b79f19a085c46157480926049e28cd1b3df60dc7d81d960
GET /template/news/xz/skin/css/compatiblen2.css HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:28 GMT
Content-Type: text/css
Last-Modified: Thu, 24 Nov 2022 01:55:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"637ecf00-d64"
Expires: Wed, 27 Sep 2023 03:02:28 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
gxx8295855.dwonxiazai.com/template/news/xz/skin/js/rmwtyn2.js
200 OK 1.9 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/js/rmwtyn2.js
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type HTML document, Unicode text, UTF-8 text, with very long lines (728)
Hash 412cfad9876d0e1f3cd42d411e4cde19
0e916fb108124c550fa4f4829bacafe81d9d3072
e9b0695d144ee3fafc80907e756e81d89f07595c1ef790eb357dd56dd8ebfbb0
GET /template/news/xz/skin/js/rmwtyn2.js HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:28 GMT
Content-Type: application/javascript
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"637ecf02-13ff"
Expires: Wed, 27 Sep 2023 03:02:28 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
gxx8295855.dwonxiazai.com/template/news/xz/skin/js/share_qr2020.js
200 OK 14 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/js/share_qr2020.js
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Hash e291277e8b57c799136fb2c3f02e0e76
9aa8c6dca8f9c5edcb79e1231552432f0915deb6
b0276fe1a66e7bf3dc05a693ff4da117668df591368392a0d94fa67678fd0435
GET /template/news/xz/skin/js/share_qr2020.js HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:28 GMT
Content-Type: application/javascript
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"637ecf02-da04"
Expires: Wed, 27 Sep 2023 03:02:28 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
gxx8295855.dwonxiazai.com/template/news/xz/skin/js/static1.js
200 OK 1.0 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/js/static1.js
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Hash a8d7bbf8eb0785cdbff6cbc7e04cb085
954cc8ef221dd777240ae5828e1f30c186420bc5
8e4387c70b2624754db3ad45d410e95ff794920dec740c84c6cd18ebaac6b6f4
GET /template/news/xz/skin/js/static1.js HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:28 GMT
Content-Type: application/javascript
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"637ecf02-a10"
Expires: Wed, 27 Sep 2023 03:02:28 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
gxx8295855.dwonxiazai.com/template/news/xz/skin/js/weixindatatit2020.js
200 OK 1.1 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/js/weixindatatit2020.js
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type Unicode text, UTF-8 (with BOM) text
Hash 4563fdbe0a4985c1166ad11bfcff8191
833a004fdea38e73bcba4afef1f6ff81eb7dc9df
97c6564f87a8cd9f7fe054556884cd837fa2b964b6498562c7bc3027602a5b34
GET /template/news/xz/skin/js/weixindatatit2020.js HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:29 GMT
Content-Type: application/javascript
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"637ecf02-b53"
Expires: Wed, 27 Sep 2023 03:02:29 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
gxx8295855.dwonxiazai.com/template/news/xz/skin/js/webdig_test.js
200 OK 407 B URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/js/webdig_test.js
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type ASCII text, with CRLF line terminators
Hash bbe9e4b19a7ad5550cc3e10fdc31b589
6a64ab800705ab4efda7f2fe7abc2d10d1f21cd0
c3ae3d8b5606d91c87ce7b97a7ce93db39d3f7eabc652f627c9ff177d2e465ae
GET /template/news/xz/skin/js/webdig_test.js HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:29 GMT
Content-Type: application/javascript
Content-Length: 407
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-197"
Expires: Wed, 27 Sep 2023 03:02:29 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
gxx8295855.dwonxiazai.com/template/news/xz/skin/js/jweixin-1.0.0.js
200 OK 3.4 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/js/jweixin-1.0.0.js
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type ASCII text, with very long lines (9385), with no line terminators
Hash 4823cadd04f5ef6dafe282308c8f3816
30ef3087a1012b9d3a118019662dbb90d265dcb0
8e9d516596dcf038084f2ee11f8f4d2fbfc27babc0ae27279327251f17b85430
GET /template/news/xz/skin/js/jweixin-1.0.0.js HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:29 GMT
Content-Type: application/javascript
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"637ecf02-24a9"
Expires: Wed, 27 Sep 2023 03:02:29 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
gxx8295855.dwonxiazai.com/template/news/xz/skin/images/icon10.png
200 OK 793 B URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/images/icon10.png
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type PNG image data, 22 x 22, 8-bit colormap, non-interlaced\012- data
Hash 07280d6add6c28a3b9edcb9fa5ba66d4
482f3b8c0c63c105e1a4b618847f2a1b23e439a5
4dec31337716f361a517b2c65a5e9c22f9ca9ecfd32630cf755f8ac2097a9313
GET /template/news/xz/skin/images/icon10.png HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/template/news/xz/skin/css/pagetyn4.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:29 GMT
Content-Type: image/png
Content-Length: 793
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-319"
Expires: Thu, 26 Oct 2023 15:02:29 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
gxx8295855.dwonxiazai.com/template/news/xz/skin/js/jquery-1.11.1.min.js
200 OK 38 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/js/jquery-1.11.1.min.js
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type ASCII text, with very long lines (32039)
Hash 1d244cb043be8157f0050ce9e45c9ef2
f16bd01623fd56d1372ea2eb55cd52a28cd883f8
2359d383bf2d4ab65ebf7923bdf74ce40e4093f6e58251b395a64034b3c39772
GET /template/news/xz/skin/js/jquery-1.11.1.min.js HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:28 GMT
Content-Type: application/javascript
Last-Modified: Thu, 24 Nov 2022 01:55:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"637ecf00-17c7b"
Expires: Wed, 27 Sep 2023 03:02:28 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
gxx8295855.dwonxiazai.com/template/news/xz/skin/images/share_comment.png
200 OK 436 B URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/images/share_comment.png
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type PNG image data, 17 x 17, 8-bit colormap, non-interlaced\012- data
Hash d1f3e908380c2dd81fcbc7b70478377e
967563177550e2c30133553abfbc47234a2bf523
7d723ee62d430b8be8901f6c4c42400b0378172fe243bcbc0eca6d38d0a7af57
GET /template/news/xz/skin/images/share_comment.png HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/template/news/xz/skin/css/page202102.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:29 GMT
Content-Type: image/png
Content-Length: 436
Last-Modified: Thu, 24 Nov 2022 01:55:12 GMT
Connection: keep-alive
ETag: "637ecf00-1b4"
Expires: Thu, 26 Oct 2023 15:02:29 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
gxx8295855.dwonxiazai.com/template/news/xz/skin/images/share_.png
200 OK 305 B URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/images/share_.png
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type PNG image data, 17 x 16, 8-bit gray+alpha, non-interlaced\012- data
Hash 69ccc4852528a73b9ca98f3d4430d003
9a98a01ef4eaebcbb888f72f96fe33630fcc155d
a907af7ffdb71cb8400ca6de43f07fb8b02988b4b9d5f7984bfe61803eda7eb6
GET /template/news/xz/skin/images/share_.png HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/template/news/xz/skin/css/page202102.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:29 GMT
Content-Type: image/png
Content-Length: 305
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-131"
Expires: Thu, 26 Oct 2023 15:02:29 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
gxx8295855.dwonxiazai.com/template/news/xz/skin/js/assist.js
200 OK 4.3 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/js/assist.js
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type Unicode text, UTF-8 (with BOM) text, with very long lines (11859), with no line terminators
Hash 280f10a606500ba7694c3d2c94932302
91e5e7837cb07c33fdde3a1f090c25697933fe69
ed4a069390c496e4ed691c6779b7fc7ea29507f5cdbe0bccfe126e7846b7af19
GET /template/news/xz/skin/js/assist.js HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:29 GMT
Content-Type: application/javascript
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"637ecf02-2e98"
Expires: Wed, 27 Sep 2023 03:02:29 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/icon_download_rmrb.png
200 OK 2.8 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/icon_download_rmrb.png
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced\012- data
Hash b6645f0fa1df4d339a7f21949d9511b0
4aff41377a861eb1e9660afa02e3e79bfa197b4b
962c03a471691704f3155e1f75dd8ea3a093c2b35d7b87c1f2da2c9260a0a5b5
GET /template/news/xz/skin/picture/icon_download_rmrb.png HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:29 GMT
Content-Type: image/png
Content-Length: 2838
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-b16"
Expires: Thu, 26 Oct 2023 15:02:29 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/icon_download_rmwj1.png
200 OK 3.2 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/icon_download_rmwj1.png
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced\012- data
Hash 3afb8fd762ad33ae3bf0e8ff4d512670
5ff1fed5a6d4d72977646d96a116cb8187f9b47b
7bbe4d56fad05e2c87e570b49442efc01d8fca0031bfefd3e9f274e4bc1ed6c7
GET /template/news/xz/skin/picture/icon_download_rmwj1.png HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:29 GMT
Content-Type: image/png
Content-Length: 3210
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-c8a"
Expires: Thu, 26 Oct 2023 15:02:29 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/icon_download_rmw.png
200 OK 2.0 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/icon_download_rmw.png
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced\012- data
Hash 5d977685eb12bca20fd194eb82c737bd
a3c7d74bda1fa95b1744e98ec4965b91b5869b55
5ae1c066ceb241259ff2b7b49d277804bc64eca23f2d336b7bed50d111d792d5
GET /template/news/xz/skin/picture/icon_download_rmw.png HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:29 GMT
Content-Type: image/png
Content-Length: 1981
Last-Modified: Thu, 24 Nov 2022 01:55:12 GMT
Connection: keep-alive
ETag: "637ecf00-7bd"
Expires: Thu, 26 Oct 2023 15:02:29 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
gxx8295855.dwonxiazai.com/js/orsxg5a.script
200 OK 1.0 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/js/orsxg5a.script
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 37e3975ee5f1d69f4e7b32da36a4e1d3
93f088664e21865a434a4ed8e6da858099c33e27
5434bae1a51380804285c751b5c00d11d4b3b6963d54e9112b694997d0d35a2e
GET /js/orsxg5a.script HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/icon_download_ly.png
200 OK 1.1 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/icon_download_ly.png
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type PNG image data, 72 x 72, 8-bit colormap, non-interlaced\012- data
Hash 54b6fc1077b54b29387b9c166864239b
398c6c4426bcd2c5de1ca32712ef7c017e993198
954a450756e651dde550d8f40bd16d9adff85d112abcb55db7d411620d8ffc94
GET /template/news/xz/skin/picture/icon_download_ly.png HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:29 GMT
Content-Type: image/png
Content-Length: 1098
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-44a"
Expires: Thu, 26 Oct 2023 15:02:29 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/icon_download_video.png
200 OK 1.5 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/icon_download_video.png
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type PNG image data, 72 x 72, 8-bit colormap, non-interlaced\012- data
Hash 0008d1d8cdb2aab32e60f468530624e2
50235bfdabcd179a2937bc3d20327c01936d6769
2ab3d5e700acafafdc34d25805df9e9436932232ba96a77a184b0d36d80bde54
GET /template/news/xz/skin/picture/icon_download_video.png HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:29 GMT
Content-Type: image/png
Content-Length: 1500
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-5dc"
Expires: Thu, 26 Oct 2023 15:02:29 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/icon_download_zy.png
200 OK 3.7 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/icon_download_zy.png
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced\012- data
Hash 14f0a19ad81160cfbce68fd7975b1d92
148ba287d6c0523fe127b48f066a0dd6046921b5
411c1ebbf36c45761e7acdcf026eb9619aba7d40a2d28891e3cd9826af04da5f
GET /template/news/xz/skin/picture/icon_download_zy.png HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:29 GMT
Content-Type: image/png
Content-Length: 3683
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-e63"
Expires: Thu, 26 Oct 2023 15:02:29 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/icon_download_zz.png
200 OK 4.3 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/icon_download_zz.png
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced\012- data
Hash f12650c07fa3c8efbbd82cdfaa3f4612
a20b0be09a8cd15a23765ce5cd04bf435f4a3cff
7f622d437dd9e23200f3c72e16b4945c4fc599d3996bf2de8013c0d6061b0f08
GET /template/news/xz/skin/picture/icon_download_zz.png HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:29 GMT
Content-Type: image/png
Content-Length: 4349
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-10fd"
Expires: Thu, 26 Oct 2023 15:02:29 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
gxx8295855.dwonxiazai.com/template/news/xz/skin/images/share_follow.png
200 OK 418 B URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/images/share_follow.png
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 9c966ae436e4c36f88625c0301b8c4dc
f194e2b42ced5a84d2176496893a76acbc1208fd
80e237cede31f9535f3e115fe77d4eac74566e9ae6a54b579a4dc8f99dc8bff6
GET /template/news/xz/skin/images/share_follow.png HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/template/news/xz/skin/css/page202102.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:29 GMT
Content-Type: image/png
Content-Length: 418
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-1a2"
Expires: Thu, 26 Oct 2023 15:02:29 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/arrow2.png
200 OK 232 B URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/arrow2.png
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type PNG image data, 11 x 6, 8-bit/color RGBA, non-interlaced\012- data
Hash 5d29df9d4ddd31bb5ac00ffb95821ef2
0be636ad1e5a45015d4dc7095f50a1ee6e492d46
b10b9ffeee4ee8ba29c9a9ac8979126888f1b4d2f8d789e1669e58de616adab3
GET /template/news/xz/skin/picture/arrow2.png HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:29 GMT
Content-Type: image/png
Content-Length: 232
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-e8"
Expires: Thu, 26 Oct 2023 15:02:29 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
cl2.webterren.com/webdig.js?z=15
200 OK 878 B URL GET HTTP/1.1 cl2.webterren.com/webdig.js?z=15
IP
ASN #23724 IDC, China Telecommunications Corporation
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type ASCII text, with very long lines (1712)
Hash c4118c1cb12c3a1413d65e3ea453cb4d
403837e46455e8ef329866d19ebceb85c595ac1d
8f8717d306b67c8721d6cf0bbf83be2b9a8c2772b2f107359dcd44aa71dc98b9
GET /webdig.js?z=15 HTTP/1.1
Host: cl2.webterren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=80640
Connection: close
Content-Encoding: gzip
Content-Length: 878
Content-Type: text/javascript
Last-Modified: Sun, 23 Jan 2022 06:33:49 GMT
P3p: CP=.
Server: whttpd/5.8
Date: Tue, 26 Sep 2023 15:02:29 GMT
gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/rmwjia1.png
200 OK 3.7 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/rmwjia1.png
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type PNG image data, 130 x 23, 8-bit/color RGBA, non-interlaced\012- data
Hash b7583487e21f72690b7fafbd2949615f
66748513cbbabe9978455eb459793a063f1a6aa6
edddd06f6f3e61e1b9b1ee299165478864f4d461d1a3d8714f92fd0199c52805
GET /template/news/xz/skin/picture/rmwjia1.png HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:29 GMT
Content-Type: image/png
Content-Length: 3695
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-e6f"
Expires: Thu, 26 Oct 2023 15:02:29 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/wza.png
200 OK 7.1 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/wza.png
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type PNG image data, 169 x 199, 8-bit/color RGBA, non-interlaced\012- data
Hash 4dcd4eb9e8d03d687f4994e8f9addb44
6c29fc77002dc55c313637e72943d7f3424865f0
c80001d45b6ab531a62c068c637df11f9f2bf1d2eb336a95fac1ffb9ce6df48f
GET /template/news/xz/skin/picture/wza.png HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:29 GMT
Content-Type: image/png
Content-Length: 7074
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-1ba2"
Expires: Thu, 26 Oct 2023 15:02:29 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/more2.png
200 OK 394 B URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/more2.png
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type PNG image data, 22 x 20, 8-bit colormap, non-interlaced\012- data
Hash e9136f6e77be5561f9c82b1fac30cbb0
3b40cb6c099c6863e3dcbb9d8dc3fbc5e30ab5ba
b5ae677f973ea462095a4d929d690c2b519bb359990ef17e2d88d8f65497279c
GET /template/news/xz/skin/picture/more2.png HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:29 GMT
Content-Type: image/png
Content-Length: 394
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-18a"
Expires: Thu, 26 Oct 2023 15:02:29 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/sou1.png
200 OK 2.1 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/sou1.png
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type PNG image data, 22 x 22, 8-bit/color RGBA, non-interlaced\012- data
Hash 2d8bba6f4be97ac0975426b8a67a4bd9
cce8eac9bca373eb35cac8faa1d7ec8330f1e37c
701fde4738f42769866f9eff0d29e8a90f8c145abb329ef6e8d3e40ad562f56a
GET /template/news/xz/skin/picture/sou1.png HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:29 GMT
Content-Type: image/png
Content-Length: 2096
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-830"
Expires: Thu, 26 Oct 2023 15:02:29 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/logo.png
200 OK 23 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/logo.png
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type PNG image data, 210 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash ca0426dc5beb8767eb63ccbc302dedb1
bd4d4712e4c296eaf6e287f4fc6cdcba378d1268
aa85e3fb96724e936cec350111a1f18cd82d78662ad30eca1c6f8534ea88abf9
GET /template/news/xz/skin/picture/logo.png HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:29 GMT
Content-Type: image/png
Content-Length: 22571
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-582b"
Expires: Thu, 26 Oct 2023 15:02:29 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
155.159.252.52/
200 OK 2.2 kB IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash baba1d17293225225028471c64b1bc54
9d9bc8ae5f6be77aad99e35b8724918f23457e15
c325762c885f22c30bd0994b2d34f6ebfd593ffd53d25546b1d12104b69258df
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET / HTTP/1.1
Host: 155.159.252.52
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:29 GMT
Content-Type: text/html
Last-Modified: Wed, 16 Aug 2023 06:34:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"64dc6de6-22f2"
Content-Encoding: gzip
gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/share.png
200 OK 295 B URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/share.png
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash a9ba97b04e254314ff689c08e3bce479
59eacbefe5fbfc8a7d72e384f6e659c55a587afb
479c41bf1ee7bb59590f6b0cb360e40f7ea2ec6ae6115064dcfa66df1d6f41c0
GET /template/news/xz/skin/picture/share.png HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:30 GMT
Content-Type: image/png
Content-Length: 295
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-127"
Expires: Thu, 26 Oct 2023 15:02:30 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/copy_py2.png
200 OK 9.7 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/copy_py2.png
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type PNG image data, 189 x 45, 8-bit/color RGBA, non-interlaced\012- data
Hash b920c86087db341f2b78aea6890e20e8
2566402a98f293e272dc9602b732d3aa42ef97db
f22dd07d5f031da0197d28cb72ba77bb1061d6e5b48cae8405cdaf86520fecc9
GET /template/news/xz/skin/picture/copy_py2.png HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:30 GMT
Content-Type: image/png
Content-Length: 9698
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-25e2"
Expires: Thu, 26 Oct 2023 15:02:30 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/copy_icon1.png
200 OK 6.1 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/copy_icon1.png
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type PNG image data, 128 x 47, 8-bit/color RGB, non-interlaced\012- data
Hash 8fe67c19e849c450ff5b5ddea67fdc44
c175282182baf90bd548991e1350643455e48037
a6f22d3d98147afdfbecd277c751210096c6cf71f41b31ac51c5b6725f85994e
GET /template/news/xz/skin/picture/copy_icon1.png HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:30 GMT
Content-Type: image/png
Content-Length: 6080
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-17c0"
Expires: Thu, 26 Oct 2023 15:02:30 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/icon_type.png
200 OK 439 B URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/icon_type.png
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type PNG image data, 17 x 14, 8-bit/color RGBA, non-interlaced\012- data
Hash afc776912ceab7cc0bcc92f890ba02de
7ed94c367dca9bd61c5e7c1d86709409490ac534
6795acf7e9182e76750d06e0aefd0766b2dda21c02009ab995b6afc529c87f09
GET /template/news/xz/skin/picture/icon_type.png HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:30 GMT
Content-Type: image/png
Content-Length: 439
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-1b7"
Expires: Thu, 26 Oct 2023 15:02:30 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/copy_icon2.png
200 OK 12 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/copy_icon2.png
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type PNG image data, 128 x 47, 8-bit/color RGB, non-interlaced\012- data
Hash 59931229a8024484b051074bf4e4a5d1
d39886333cba3d1d6e4bc182eda45a8231074e86
7d7b937897c3696fdefab6c48af544eea1c59248e9230017252aa79105532a55
GET /template/news/xz/skin/picture/copy_icon2.png HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:30 GMT
Content-Type: image/png
Content-Length: 11538
Last-Modified: Thu, 24 Nov 2022 01:55:12 GMT
Connection: keep-alive
ETag: "637ecf00-2d12"
Expires: Thu, 26 Oct 2023 15:02:30 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
gxx8295855.dwonxiazai.com/uploads/images/3224670.jpg
301 Moved Permanently 0 B URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/uploads/images/3224670.jpg
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploads/images/3224670.jpg HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 26 Sep 2023 15:02:30 GMT
Content-Type: image/jpg
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://n.sinaimg.cn/translate/w900h600/20180312/4aIL-fysexak0430496.jpg?zdy
n.sinaimg.cn/translate/w900h600/20180312/4aIL-fysexak0430496.jpg?zdy
200 OK 431 kB URL GET HTTP/1.1 n.sinaimg.cn/translate/w900h600/20180312/4aIL-fysexak0430496.jpg?zdy
IP
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=9, manufacturer=Canon, model=Canon EOS 5D Mark III, orientation=upper-left, xresolution=150, yresolution=158, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2018:03:12 15:07:16], baseline, precision 8, 900x600, components 3\012- data
Size 431 kB (430903 bytes)
Hash 4fb189107a986d2aa3708ef113248328
69247dc3c43514bd2aae1c39c7bfdb530f8bbf25
fd823f9d65ff1f2b73dbe71d5c1370337f52982b6c9cae38889b7a93b9235d6b
GET /translate/w900h600/20180312/4aIL-fysexak0430496.jpg?zdy HTTP/1.1
Host: n.sinaimg.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://gxx8295855.dwonxiazai.com/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/jpeg
Content-Length: 430903
Connection: keep-alive
Date: Fri, 21 Jul 2023 23:56:01 GMT
X-RequestId: 9d3ed86b-2307-1923-0826-b00875539d4a
X-Requester: GRPS000000ANONYMOUSE
Last-Modified: Mon, 12 Mar 2018 09:29:22 GMT
X-Filesize: 430903
ETag: "4fb189107a986d2aa3708ef113248328"
x-amz-meta-crc32: E112FE9C
Cache-Control: max-age=31536000
Access-Control-Allow-Headers: Origin, Content-Type, Accept, Range, Content-Length
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS, HEAD
Access-Control-Max-Age: 31536000
Access-Control-Allow-Origin: *
Edge-Copy-Time: 1689954365003
Via: http/1.1 ctc.guangzhou.union.184 (ApacheTrafficServer/6.2.1 [cHs f ]), http/1.1 cnc.beixian.union.219 (ApacheTrafficServer/6.2.1 [cHs f ]), cache1.l2st3-1[171,171,200-0,M], cache29.l2st3-1[172,0], cache8.l2hk2[0,0,200-0,H], cache35.l2hk2[2,0], cache21.l2de2[0,0,304-0,H], cache9.l2de2[2,0], cache4.se1[0,0,200-0,H], cache5.se1[1,0]
X-Via-Edge: 1689983761737a904f178662410ac2584308e
X-Via-CDN: f=aliyun,s=cache5.se1,c=91.90.42.154;f=sinaedge,s=ctc.yongfeng.union.102.nb.sinaedge.com,c=120.241.4.169;f=Edge,s=cnc.beixian.union.219,c=172.16.36.102
Ali-Swift-Global-Savetime: 1689983761
Age: 5756789
X-Cache: HIT TCP_MEM_HIT dirn:11:359707284
X-Swift-SaveTime: Mon, 31 Jul 2023 07:15:41 GMT
X-Swift-CacheTime: 30732020
Timing-Allow-Origin: *
EagleId: 2ff62c9916957405504081007e
155.159.252.52/static/css/swiper.min.css?v=2021web
200 OK 4.5 kB URL GET HTTP/1.1 155.159.252.52/static/css/swiper.min.css?v=2021web
IP
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (13425), with CRLF line terminators
Hash 6604e7f8fbafb482f29e0dfa78e0e2e5
520ff7d839d3a94c855c9d75a76b5b166a5bf1b9
6d0a4af85bd32d089f36e072c98a15212d4468d562be75c0c3ef16c611c971cf
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/css/swiper.min.css?v=2021web HTTP/1.1
Host: 155.159.252.52
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://155.159.252.52/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:30 GMT
Content-Type: text/css
Last-Modified: Fri, 19 Nov 2021 14:41:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6197b7a4-3579"
Expires: Wed, 27 Sep 2023 03:02:30 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
155.159.252.52/static/css/web.css?v=2021web
200 OK 3.9 kB URL GET HTTP/1.1 155.159.252.52/static/css/web.css?v=2021web
IP
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (15835), with CRLF line terminators
Hash 7b2ba6b1693108bd2fd33ded77801fb0
26e4ce47051c560739f8dd3e26916e34554c2fa5
80a4949c8c56a68157cc94ba9a35c3df5f0ff031c1ef325362b8fc0229b57d07
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/css/web.css?v=2021web HTTP/1.1
Host: 155.159.252.52
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://155.159.252.52/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:30 GMT
Content-Type: text/css
Last-Modified: Mon, 06 Dec 2021 16:53:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61ae4011-3def"
Expires: Wed, 27 Sep 2023 03:02:30 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/copy_icon3.png
200 OK 11 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/copy_icon3.png
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type PNG image data, 128 x 47, 8-bit/color RGB, non-interlaced\012- data
Hash 2334a20709760e7cd46a7723d4de4427
baf55ae926be90f1db8d456f265b6209662d3a02
6233da98296b1da5d4e311e3c47feaf748599b1df0ca4e0d0a680f3c911443a7
GET /template/news/xz/skin/picture/copy_icon3.png HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:30 GMT
Content-Type: image/png
Content-Length: 10701
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-29cd"
Expires: Thu, 26 Oct 2023 15:02:30 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/copy_icon4.png
200 OK 11 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/copy_icon4.png
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type PNG image data, 128 x 47, 8-bit/color RGB, non-interlaced\012- data
Hash b727b413050af5bbe976356e4f072733
8e9ba7ce75337ab900bd7aaa03ba0cf2d1fba535
b44187435d7b0692f167be8a5c180d24dc4a14f4dcc7bb201e1ede8229c6e2e4
GET /template/news/xz/skin/picture/copy_icon4.png HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:30 GMT
Content-Type: image/png
Content-Length: 11390
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-2c7e"
Expires: Thu, 26 Oct 2023 15:02:30 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/wzahg.png
200 OK 5.6 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/wzahg.png
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type PNG image data, 104 x 47, 8-bit/color RGBA, non-interlaced\012- data
Hash b4550017d7499bfd8c88f806e5461076
81f965585a88a24d0bc29253ab226c0fe4726a93
0454307891925c66465a60d364bdf04bb4c95c80c3a3211765263427fef044c7
GET /template/news/xz/skin/picture/wzahg.png HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:30 GMT
Content-Type: image/png
Content-Length: 5555
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-15b3"
Expires: Thu, 26 Oct 2023 15:02:30 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/01.png
200 OK 1.9 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/01.png
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type PNG image data, 16 x 35, 8-bit/color RGBA, non-interlaced\012- data
Hash c8ede151300dc55bbd5ba67324bf654f
d56defb7e31ccf2469134c67ff54f86f3c6d5ab1
cdda52d408c1d02462efb5da23212801585df48546f79b199e49e5ffbea42bc4
GET /template/news/xz/skin/picture/01.png HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:30 GMT
Content-Type: image/png
Content-Length: 1947
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-79b"
Expires: Thu, 26 Oct 2023 15:02:30 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/02.png
200 OK 2.2 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/02.png
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type PNG image data, 35 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 01b7b620c9e5ca1d25acce44daa18dfa
d41272f2658b35a2c02ef87b375979ab7ceee5ed
56ddd3aad2780eb863f4cf0da06d90e5540cb2c61e979edfe3000692c78d397c
GET /template/news/xz/skin/picture/02.png HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:30 GMT
Content-Type: image/png
Content-Length: 2188
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-88c"
Expires: Thu, 26 Oct 2023 15:02:30 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
d.webterren.com/common.js?z=15&t=202201230633
200 OK 5.4 kB URL GET HTTP/1.1 d.webterren.com/common.js?z=15&t=202201230633
IP
ASN #7497 Computer Network Information Center
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type ASCII text, with very long lines (15755)
Hash b469b88c17eb2cdd8518cb2a52b1c60e
92ad281dee8edf133a5667a171c803bbaef4a883
230268caab9d3e56219b6e6e195ed13354f12b4213ddb617166107c5f82446fb
GET /common.js?z=15&t=202201230633 HTTP/1.1
Host: d.webterren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=80640
Connection: close
Content-Encoding: gzip
Content-Length: 5440
Content-Type: text/javascript
Last-Modified: Wed, 20 Sep 2023 08:55:33 GMT
P3p: CP=.
Server: whttpd/5.8
Date: Tue, 26 Sep 2023 15:02:30 GMT
gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/logo_share_ap.jpg
200 OK 27 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/logo_share_ap.jpg
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 200x200, components 3\012- data
Hash b6b1a7966206a08cba9094d5f4fd38ba
2f3bc43acab882c1b6d80e9145d1b4ab7c8875fb
a673b2c68a249f49f9ae0fc1086e01d977f4865dd1a43713f32b5550e992029d
GET /template/news/xz/skin/picture/logo_share_ap.jpg HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:30 GMT
Content-Type: image/jpeg
Content-Length: 27094
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-69d6"
Expires: Thu, 26 Oct 2023 15:02:30 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
155.159.252.52/config.js?v=2021web
200 OK 594 B URL GET HTTP/1.1 155.159.252.52/config.js?v=2021web
IP
ASN #137951 Clayer Limited
Hash 75563f1c596eb176ae2de67f5e4a2b78
4aeeccd0dd450179e4709e6ebf432c3e0a5791ef
c3c2d2a219a8b7fb0f22608174965eef9beaa155a3710a08331af1f24dc2a0cd
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /config.js?v=2021web HTTP/1.1
Host: 155.159.252.52
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://155.159.252.52/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:30 GMT
Content-Type: application/javascript
Last-Modified: Sun, 28 May 2023 08:03:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"64730aec-49c"
Expires: Wed, 27 Sep 2023 03:02:30 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
hm.baidu.com/hm.js?3f7487e9fa770fdc0dcffa98b6d51956
200 OK 0 B URL GET HTTP/1.1 hm.baidu.com/hm.js?3f7487e9fa770fdc0dcffa98b6d51956
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /hm.js?3f7487e9fa770fdc0dcffa98b6d51956 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 0
Date: Tue, 26 Sep 2023 15:02:30 GMT
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: text/plain; charset=utf-8
155.159.252.52/static/img/pf_fc.png
200 OK 7.5 kB URL GET HTTP/1.1 155.159.252.52/static/img/pf_fc.png
IP
ASN #137951 Clayer Limited
File type PNG image data, 136 x 132, 8-bit colormap, non-interlaced\012- data
Hash 996941a20bcd2d89398a38eeae1e0996
37655f7dbe5e890584dec5a8cbe0e994ccd1f9b1
c01cf130af4eb716b4d47f3306d41e63119e50e34ad52e80946f94fb038067ae
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/img/pf_fc.png HTTP/1.1
Host: 155.159.252.52
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://155.159.252.52/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:30 GMT
Content-Type: image/png
Content-Length: 7493
Last-Modified: Fri, 19 Nov 2021 14:41:35 GMT
Connection: keep-alive
ETag: "6197b79f-1d45"
Expires: Thu, 26 Oct 2023 15:02:30 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
155.159.252.52/static/img/pf_tq.png
200 OK 7.1 kB URL GET HTTP/1.1 155.159.252.52/static/img/pf_tq.png
IP
ASN #137951 Clayer Limited
File type PNG image data, 124 x 120, 8-bit colormap, non-interlaced\012- data
Hash 43833604561af8ebc610e245a093df7a
5720981a98db3e1d8e790aeb2aaed8736b488636
faf237f95fe09f4fab31e741b4849e84bc497bddd8fc6653b9d5bda04237efd5
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/img/pf_tq.png HTTP/1.1
Host: 155.159.252.52
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://155.159.252.52/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:30 GMT
Content-Type: image/png
Content-Length: 7085
Last-Modified: Fri, 19 Nov 2021 14:41:36 GMT
Connection: keep-alive
ETag: "6197b7a0-1bad"
Expires: Thu, 26 Oct 2023 15:02:30 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/03.png
200 OK 3.2 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/03.png
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type PNG image data, 58 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 81982dfacebbe662ccd5e6d6668eb9ff
1fde8c014e65eddf134df55dd133eb0a1441a760
1838ef804b7dee2875a811a1cb8c333aa70cdd5ee93e4f4fbd997dfd9f2b8b61
GET /template/news/xz/skin/picture/03.png HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:30 GMT
Content-Type: image/png
Content-Length: 3161
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-c59"
Expires: Thu, 26 Oct 2023 15:02:30 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
155.159.252.52/static/img/pf_zq.png
200 OK 7.0 kB URL GET HTTP/1.1 155.159.252.52/static/img/pf_zq.png
IP
ASN #137951 Clayer Limited
File type PNG image data, 128 x 120, 8-bit colormap, non-interlaced\012- data
Hash 29c208d312b1b25c23f7cc75d9d722da
1b1243dd105b5bd5856a9ddfb1f5396135caf788
bcdce634fbf54b4a84812895146a2a6e70f1a51f1d03180de40d6780dedac1a1
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/img/pf_zq.png HTTP/1.1
Host: 155.159.252.52
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://155.159.252.52/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:30 GMT
Content-Type: image/png
Content-Length: 6954
Last-Modified: Fri, 19 Nov 2021 14:41:37 GMT
Connection: keep-alive
ETag: "6197b7a1-1b2a"
Expires: Thu, 26 Oct 2023 15:02:30 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/05.png
200 OK 2.3 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/05.png
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type PNG image data, 44 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash dc1d793bc92d5e98f7628d98ba943818
439502cd4701bf77cc12c45021e305bb18e5e67e
80d8961835aec121a86341e63f951a717668c4bc1a2a3fa0911c5fb0223b4a22
GET /template/news/xz/skin/picture/05.png HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:30 GMT
Content-Type: image/png
Content-Length: 2322
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-912"
Expires: Thu, 26 Oct 2023 15:02:30 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/04.png
200 OK 2.5 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/04.png
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type PNG image data, 43 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 06976d57889f719113b310ad8663a337
968e8b236ed6143e115afbb9060634cb3d2542f5
6d12a110c053e7062bb8a398facc18d32feed12343e870d6c7d864f5820ef658
GET /template/news/xz/skin/picture/04.png HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:30 GMT
Content-Type: image/png
Content-Length: 2467
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-9a3"
Expires: Thu, 26 Oct 2023 15:02:30 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/06.png
200 OK 2.3 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/06.png
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type PNG image data, 39 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 90ec1b56ee2597b2167ff14dcba2ffbd
cd70d1689138d2e4ab9258c72cd3bd23d42c90c7
960cb836fb53762efa1911b10c7666df9084f0de103f8033dc4d4f2eb77646a2
GET /template/news/xz/skin/picture/06.png HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:30 GMT
Content-Type: image/png
Content-Length: 2326
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-916"
Expires: Thu, 26 Oct 2023 15:02:30 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/07.png
200 OK 3.2 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/07.png
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type PNG image data, 75 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash db35bdba7d31c1761fd5434acc20d0dc
0207ef2eedb11e9cb2ca642b28b2ffcbe7097843
46ccf9c5cb178b898d6df9a15e0bf524cb3073f0513b492cb5fa6c79a17d9a44
GET /template/news/xz/skin/picture/07.png HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:30 GMT
Content-Type: image/png
Content-Length: 3215
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-c8f"
Expires: Thu, 26 Oct 2023 15:02:30 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
sso.people.com.cn/resource/js/sso.js
200 OK 164 B URL GET HTTP/1.1 sso.people.com.cn/resource/js/sso.js
IP
ASN #4837 CHINA UNICOM China169 Backbone
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Certificate IssuerDigiCert Inc
Subject*.people.cn
FingerprintC8:F4:4A:CD:F1:F1:9E:08:D9:0C:E4:C9:91:7A:B9:85:4A:85:D4:F2
ValidityThu, 10 Nov 2022 00:00:00 GMT - Sun, 03 Dec 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 813f9846b49c0ada805648edf1b2fdbd
caa24890460f73e6a72bb49426351e67e83b053d
8f03491247cbfa8a2e60e0f7ec62d63b5070659f60383a1c81abeb2b20221be3
GET /resource/js/sso.js HTTP/1.1
Host: sso.people.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Date: Tue, 26 Sep 2023 15:02:30 GMT
Content-Type: text/html
Content-Length: 164
Connection: keep-alive
Location: https://sso.people.com.cn/resource/js/sso.js
X-Via-JSL: f542592,-
Set-Cookie: __jsluid_h=95f0c0f7d73a7b505815d16602fb6cd4; max-age=31536000; path=/; HttpOnly
X-Cache: error
155.159.252.52/static/img/pf_777.png
200 OK 10 kB URL GET HTTP/1.1 155.159.252.52/static/img/pf_777.png
IP
ASN #137951 Clayer Limited
File type PNG image data, 172 x 164, 8-bit colormap, non-interlaced\012- data
Hash c338ca6f666f9a6389243e519679bafe
ce0e1fb215aaf52fb2711642cf954f7519f8ad5f
067ebd49fa7b3413fb912dd3801fbfab938371eeea09c7b269dbca6abcc79bfa
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/img/pf_777.png HTTP/1.1
Host: 155.159.252.52
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://155.159.252.52/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:30 GMT
Content-Type: image/png
Content-Length: 10339
Last-Modified: Fri, 19 Nov 2021 14:41:35 GMT
Connection: keep-alive
ETag: "6197b79f-2863"
Expires: Thu, 26 Oct 2023 15:02:30 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
155.159.252.52/static/img/pf_sb.png
200 OK 8.3 kB URL GET HTTP/1.1 155.159.252.52/static/img/pf_sb.png
IP
ASN #137951 Clayer Limited
File type PNG image data, 140 x 136, 8-bit colormap, non-interlaced\012- data
Hash 517f51d310a42f070d0b9769981ef801
38f4fe2ae3acbadc7aa1bbe2211f14c46747dd77
c447ea77e4015e533924fc6574236c04ff5cc569f9b1f7267d788010c6d9be36
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/img/pf_sb.png HTTP/1.1
Host: 155.159.252.52
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://155.159.252.52/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:30 GMT
Content-Type: image/png
Content-Length: 8339
Last-Modified: Fri, 19 Nov 2021 14:41:36 GMT
Connection: keep-alive
ETag: "6197b7a0-2093"
Expires: Thu, 26 Oct 2023 15:02:30 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/08.png
200 OK 1.9 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/08.png
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type PNG image data, 32 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 4912ea668948ddc912a0937324bb112a
d50a9807e02a02b0aed0e35ad45c4108d2dc2064
29bdbb83d747df5787ba553cc3a093123a865b0a4c61d6b0918b43b9b0fdd81b
GET /template/news/xz/skin/picture/08.png HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:30 GMT
Content-Type: image/png
Content-Length: 1901
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-76d"
Expires: Thu, 26 Oct 2023 15:02:30 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/09.png
200 OK 2.4 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/09.png
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type PNG image data, 45 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 6a67ac4f66487f4b0616f713573c196e
9b0ee2210d6ba7663160c1841a2d7c6195357910
ada8bbcedf319d93505204eff4717b82f8f12d1d8b7abfe328a5955e6f4ff4c4
GET /template/news/xz/skin/picture/09.png HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:30 GMT
Content-Type: image/png
Content-Length: 2355
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-933"
Expires: Thu, 26 Oct 2023 15:02:30 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
155.159.252.52/static/img/nav.png
200 OK 16 kB URL GET HTTP/1.1 155.159.252.52/static/img/nav.png
IP
ASN #137951 Clayer Limited
File type PNG image data, 1200 x 84, 8-bit/color RGBA, non-interlaced\012- data
Hash 82e9401b9a6fc203f2aaf3b130447bda
a4eb8ad361ba56dc05865a2dad042f6c58d141f8
6e413eb72acc206783c902b193cec3fc98ef1c55032d55e12143c5af2c682a5f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/img/nav.png HTTP/1.1
Host: 155.159.252.52
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://155.159.252.52/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:30 GMT
Content-Type: image/png
Content-Length: 15486
Last-Modified: Sun, 20 Nov 2022 09:51:44 GMT
Connection: keep-alive
ETag: "6379f8b0-3c7e"
Expires: Thu, 26 Oct 2023 15:02:30 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/10.png
200 OK 2.4 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/10.png
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type PNG image data, 44 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 3a1d4c10d55dba2cf098a8ccc1fb0d09
ee01f164a2536933a90e62ca0b3fc3718e2bea1f
f9034a3bfe4dd4b93affeadb4fc0ca0510447a5936d36361fd384dbf39d1dc63
GET /template/news/xz/skin/picture/10.png HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:30 GMT
Content-Type: image/png
Content-Length: 2434
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-982"
Expires: Thu, 26 Oct 2023 15:02:30 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/11.png
200 OK 2.6 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/11.png
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type PNG image data, 55 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 79bc7d425b56b862a11546dceaaae1c2
58ef62ef65c9d7635c9e9fb136cba45ebb96ca33
eb76d843f9bbed42d272a8c20bef1ba7554886849008149cb9ad18fdb7ad49a3
GET /template/news/xz/skin/picture/11.png HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:30 GMT
Content-Type: image/png
Content-Length: 2597
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-a25"
Expires: Thu, 26 Oct 2023 15:02:30 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/12.png
200 OK 2.6 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/12.png
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type PNG image data, 51 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 3898863023ed26f2af7287fe5309b5ac
63bf889d770c79ab34bff513b112d1ad8ac286c0
b54d99f33a6fdb97c6d704083978c5aa7c96fcfe9e4e519fe55471428afca446
GET /template/news/xz/skin/picture/12.png HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:30 GMT
Content-Type: image/png
Content-Length: 2614
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-a36"
Expires: Thu, 26 Oct 2023 15:02:30 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/13.png
200 OK 3.7 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/13.png
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type PNG image data, 93 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 614e3fbb68cfa804fcda0b7a07328512
7d98918f9006ead43951cd3596f599a59b12ec76
dd7ac2304d2bf483e26e369201d30b234dc30833c56df843325ef6ead37c3a06
GET /template/news/xz/skin/picture/13.png HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:31 GMT
Content-Type: image/png
Content-Length: 3720
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-e88"
Expires: Thu, 26 Oct 2023 15:02:31 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
155.159.252.52/static/img/pf_sz.png
200 OK 6.5 kB URL GET HTTP/1.1 155.159.252.52/static/img/pf_sz.png
IP
ASN #137951 Clayer Limited
File type PNG image data, 120 x 116, 8-bit colormap, non-interlaced\012- data
Hash ad91a2962b509f47929d99568cdde95a
624b3a593fb770e575d22407e3a59cfc8f5febea
4512d1cba75fab0d99ac353265a2450e839a63105c35182370752abdaa067d8f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/img/pf_sz.png HTTP/1.1
Host: 155.159.252.52
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://155.159.252.52/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:31 GMT
Content-Type: image/png
Content-Length: 6450
Last-Modified: Fri, 19 Nov 2021 14:41:36 GMT
Connection: keep-alive
ETag: "6197b7a0-1932"
Expires: Thu, 26 Oct 2023 15:02:31 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
155.159.252.52/static/js/swiper.min.js?v=2021web
200 OK 42 kB URL GET HTTP/1.1 155.159.252.52/static/js/swiper.min.js?v=2021web
IP
ASN #137951 Clayer Limited
File type ASCII text, with very long lines (65284)
Hash ad2b984fe68303c7fd990f49dd125f9e
a7970d44348a8709eb519f5b9daf870d0ba9426a
0d99312788aaac576be48996454890f9bfa4df8a6f94fdab5ad1366b8d846d2a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/js/swiper.min.js?v=2021web HTTP/1.1
Host: 155.159.252.52
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://155.159.252.52/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:30 GMT
Content-Type: application/javascript
Last-Modified: Sun, 18 Dec 2022 15:15:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"639f2ea0-2265a"
Expires: Wed, 27 Sep 2023 03:02:30 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
155.159.252.52/static/img/top_game_titletext_right.png
200 OK 743 B URL GET HTTP/1.1 155.159.252.52/static/img/top_game_titletext_right.png
IP
ASN #137951 Clayer Limited
File type PNG image data, 1000 x 40, 8-bit colormap, non-interlaced\012- data
Hash c932553300eae7cdcb99696b1920bda9
6e4b0905ea61d8a0f77d6ac32bbf5e163a5d988b
31d0b6073a2432fd03fd42bef7c91db11b8f4c01225d2af4f1ddfaf9d7ae406a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/img/top_game_titletext_right.png HTTP/1.1
Host: 155.159.252.52
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://155.159.252.52/static/css/web.css?v=2021web
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:31 GMT
Content-Type: image/png
Content-Length: 743
Last-Modified: Fri, 19 Nov 2021 14:41:39 GMT
Connection: keep-alive
ETag: "6197b7a3-2e7"
Expires: Thu, 26 Oct 2023 15:02:31 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/15.png
200 OK 2.2 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/15.png
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type PNG image data, 42 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 3b69e35da6f024d16a3767160a0fc84d
2c9da05a7afdc2f065a660ff8d2321a8c7354430
2e939e51ab4c57281f96436aa5ca306b4f2015a636cfaf8706540e3befa3ac86
GET /template/news/xz/skin/picture/15.png HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:31 GMT
Content-Type: image/png
Content-Length: 2238
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-8be"
Expires: Thu, 26 Oct 2023 15:02:31 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/16.png
200 OK 3.0 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/16.png
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type PNG image data, 64 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash cc7b62cdd70c5b15db3ec02f993e0d1a
8ae3e8acede3b4ab5fe41212a12feae804c82a9d
66dac20e516dc50fdfc7a7c73f758ea36e4ba3cfb5d5e4ece780810338d89a04
GET /template/news/xz/skin/picture/16.png HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:31 GMT
Content-Type: image/png
Content-Length: 2993
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-bb1"
Expires: Thu, 26 Oct 2023 15:02:31 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
155.159.252.52/static/img/top_game_titletext_left.png
200 OK 757 B URL GET HTTP/1.1 155.159.252.52/static/img/top_game_titletext_left.png
IP
ASN #137951 Clayer Limited
File type PNG image data, 1000 x 40, 8-bit colormap, non-interlaced\012- data
Hash 3a547fa8debd16ad353a1071391b33b4
6b9fc14318ef032c8780ffea4316f71879587592
ec26d91bab019f3f6c2e6dfaa846470bdaa40b94d10e3b2dc1a48ed5507a8cd4
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/img/top_game_titletext_left.png HTTP/1.1
Host: 155.159.252.52
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://155.159.252.52/static/css/web.css?v=2021web
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:31 GMT
Content-Type: image/png
Content-Length: 757
Last-Modified: Fri, 19 Nov 2021 14:41:39 GMT
Connection: keep-alive
ETag: "6197b7a3-2f5"
Expires: Thu, 26 Oct 2023 15:02:31 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/17.png
200 OK 3.4 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/17.png
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type PNG image data, 75 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 29e4f01cd0f338cff3ccd1d2b84290a7
1dbc5b22838d20730a062c2f86fa74c248aa60fb
3bee7a0f29d00711c115c3c01d294d0af190b6707fd6e2ef34c197d6b8caa99f
GET /template/news/xz/skin/picture/17.png HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:31 GMT
Content-Type: image/png
Content-Length: 3434
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-d6a"
Expires: Thu, 26 Oct 2023 15:02:31 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/19.png
200 OK 1.6 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/19.png
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type PNG image data, 71 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 291e98202d7a84f528dad6a6e31597a4
b052a5448f796728e3ef5a7feb83ddeab5962890
dc33788a274333f80ec50dad271a28e64f960339261e08290c97a6954749f866
GET /template/news/xz/skin/picture/19.png HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:31 GMT
Content-Type: image/png
Content-Length: 1603
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-643"
Expires: Thu, 26 Oct 2023 15:02:31 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/14.png
200 OK 2.1 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/14.png
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type PNG image data, 36 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash c626765d9b1c45bc9290c7dd6da1eb52
eeb37c95a5573bc434977d83f48edac7928b9b5f
8c8ad99b2f778ea2063e65209325a43fa4eebd418acfaa43ff5e02c41a4ea5fa
GET /template/news/xz/skin/picture/14.png HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:31 GMT
Content-Type: image/png
Content-Length: 2106
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-83a"
Expires: Thu, 26 Oct 2023 15:02:31 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/20.png
200 OK 1.5 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/20.png
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type PNG image data, 59 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash d67333a4af17189ab7e3c3b351e0da86
d1d482bcd2a3754eb6e773ed33ec170807ba2a7a
5b3d8c8d9e98debe8aeb18a1ef581b4d743d24d04eccf4e48a562f939568417f
GET /template/news/xz/skin/picture/20.png HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:31 GMT
Content-Type: image/png
Content-Length: 1481
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-5c9"
Expires: Thu, 26 Oct 2023 15:02:31 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
155.159.252.52/static/img/hotgame_tabsbg.png
200 OK 4.7 kB URL GET HTTP/1.1 155.159.252.52/static/img/hotgame_tabsbg.png
IP
ASN #137951 Clayer Limited
File type PNG image data, 2080 x 128, 8-bit colormap, non-interlaced\012- data
Hash 721b5f94951c6f0afd4737c11f68578f
a01cc2ce8bef94af3da98370d4e7ab66846f20e8
f47165133efac8e12274e9911ca4b6c47cf8cab47d0c7fd1e201b77f903d1ec2
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/img/hotgame_tabsbg.png HTTP/1.1
Host: 155.159.252.52
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://155.159.252.52/static/css/web.css?v=2021web
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:31 GMT
Content-Type: image/png
Content-Length: 4722
Last-Modified: Fri, 19 Nov 2021 14:41:19 GMT
Connection: keep-alive
ETag: "6197b78f-1272"
Expires: Thu, 26 Oct 2023 15:02:31 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
cl0.webterren.com/1.gif?z=15&a=18ad2035ffb&b=%u4E07%u535AManBetX%u624B%u673A%u7248%u767B%u5F55-MBA%u667A%u5E93%u767E%u79D1-%u5FEB%u6765%u9886%u53D6%u4F18%u60E0&B=UTF-8&c=http%3A//gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe%3F_wdxid%3D000000000000000000000000000000000000000000%26_wdc%3D1024%26_wdt%3D011%26_wdci%3D32573027%26_wdp%3D2023-09-26%26_wda%3D1464%26_wdmd%3D1464%26_wdori%3D%25u6765%25u6E90%25uFF1A%25u4EBA%25u6C11%25u65E5%25u62A5%26&d=&e=10&f=149b42adf833e1db&H=gxx8295855.dwonxiazai.com&E=1&V=1642919629-1&r=1111f22258603de4&s=0&t=0&u=1&i=en-US&j=0&k=1280x1024&l=24&m=&n=&o=0
200 OK 35 B URL GET HTTP/1.1 cl0.webterren.com/1.gif?z=15&a=18ad2035ffb&b=%u4E07%u535AManBetX%u624B%u673A%u7248%u767B%u5F55-MBA%u667A%u5E93%u767E%u79D1-%u5FEB%u6765%u9886%u53D6%u4F18%u60E0&B=UTF-8&c=http%3A//gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe%3F_wdxid%3D000000000000000000000000000000000000000000%26_wdc%3D1024%26_wdt%3D011%26_wdci%3D32573027%26_wdp%3D2023-09-26%26_wda%3D1464%26_wdmd%3D1464%26_wdori%3D%25u6765%25u6E90%25uFF1A%25u4EBA%25u6C11%25u65E5%25u62A5%26&d=&e=10&f=149b42adf833e1db&H=gxx8295855.dwonxiazai.com&E=1&V=1642919629-1&r=1111f22258603de4&s=0&t=0&u=1&i=en-US&j=0&k=1280x1024&l=24&m=&n=&o=0
IP
ASN #23724 IDC, China Telecommunications Corporation
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /1.gif?z=15&a=18ad2035ffb&b=%u4E07%u535AManBetX%u624B%u673A%u7248%u767B%u5F55-MBA%u667A%u5E93%u767E%u79D1-%u5FEB%u6765%u9886%u53D6%u4F18%u60E0&B=UTF-8&c=http%3A//gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe%3F_wdxid%3D000000000000000000000000000000000000000000%26_wdc%3D1024%26_wdt%3D011%26_wdci%3D32573027%26_wdp%3D2023-09-26%26_wda%3D1464%26_wdmd%3D1464%26_wdori%3D%25u6765%25u6E90%25uFF1A%25u4EBA%25u6C11%25u65E5%25u62A5%26&d=&e=10&f=149b42adf833e1db&H=gxx8295855.dwonxiazai.com&E=1&V=1642919629-1&r=1111f22258603de4&s=0&t=0&u=1&i=en-US&j=0&k=1280x1024&l=24&m=&n=&o=0 HTTP/1.1
Host: cl0.webterren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private, no-cache, no-store, no-cache=Set-Cookie, must-revalidate
Connection: close
Content-Length: 35
Content-Type: image/gif
Expires: Wed, 26 Apr 1989 12:00:00 GMT
P3p: CP=.
Pragma: no-cache
Server: whttpd/5.8
Date: Tue, 26 Sep 2023 15:02:31 GMT
gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/taiy4.png
200 OK 1.5 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/taiy4.png
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type PNG image data, 71 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 2ab6d12fbbd47e21f32dc08327d16339
3c50aaba21387063b741fdc62db2cf55952fe65a
f017756b0b034cdb23dbcac96436deb07026f1f054f141e5504322b6eab99be3
GET /template/news/xz/skin/picture/taiy4.png HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:31 GMT
Content-Type: image/png
Content-Length: 1478
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-5c6"
Expires: Thu, 26 Oct 2023 15:02:31 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/21.png
200 OK 1.6 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/21.png
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type PNG image data, 76 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 5d75a424f5391c75afa0b7f4a606502c
1a956746e730cd9660abdf15b357ccdcc91020b8
fad131ac2fbe0ace9bebb9131083b3b0cda368be56ad43bc205557da741468a5
GET /template/news/xz/skin/picture/21.png HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:31 GMT
Content-Type: image/png
Content-Length: 1569
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-621"
Expires: Thu, 26 Oct 2023 15:02:31 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/xila.png
200 OK 1.7 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/xila.png
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type PNG image data, 72 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 556434db3f91d320e907b36e9c805e95
26a08f35d08653980462e1db4d28bee4df861862
398a89b75297de9997db04793d8205f1e1c7c117c135c82b4205c742d47640d6
GET /template/news/xz/skin/picture/xila.png HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:31 GMT
Content-Type: image/png
Content-Length: 1704
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-6a8"
Expires: Thu, 26 Oct 2023 15:02:31 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/maly.png
200 OK 2.1 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/maly.png
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type PNG image data, 110 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash a9c29a874bf3b8b82b98fc28be8697d1
58c62edc2ed417651f747365cdb2ae9e6c8db682
2b13038dccca8f1bbed9c11ef06296b3caf72d5a1f0fbb0de1be89c09d4529f3
GET /template/news/xz/skin/picture/maly.png HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:31 GMT
Content-Type: image/png
Content-Length: 2093
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-82d"
Expires: Thu, 26 Oct 2023 15:02:31 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/logo_red.png
200 OK 9.5 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/logo_red.png
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type PNG image data, 160 x 62, 8-bit/color RGBA, non-interlaced\012- data
Hash 69888892b2e7160ed799737099db3208
9591ad9849accfb761827fcf607c3971060d7831
f23857ca64d4115e6c00e8c4ba2d16c9249bf7ed73374b847d8d7c70ccc10e43
GET /template/news/xz/skin/picture/logo_red.png HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:31 GMT
Content-Type: image/png
Content-Length: 9453
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-24ed"
Expires: Thu, 26 Oct 2023 15:02:31 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/dltx1.png
200 OK 2.6 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/dltx1.png
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type PNG image data, 44 x 44, 8-bit/color RGBA, non-interlaced\012- data
Hash 6f73d09eed7cb408e8c332b68cf35b99
55883e0636e8069e0c0d9725d58fadb84e8f5f9d
cffea9c02f952cc5991cabaa21f6c5812b16c6b37e2b0280097f2ca6574a9185
GET /template/news/xz/skin/picture/dltx1.png HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:31 GMT
Content-Type: image/png
Content-Length: 2628
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-a44"
Expires: Thu, 26 Oct 2023 15:02:31 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
155.159.252.52/qz.js?0.3770817959158571
200 OK 424 B URL GET HTTP/1.1 155.159.252.52/qz.js?0.3770817959158571
IP
ASN #137951 Clayer Limited
Hash fde1acd3828e338a56c1765f062a121b
1ec6bd9ad84885c3a79bb0dcad95e81c808e810d
21ab6a287aa43fe216c0ffbda1b88490f4a366f78b7dd40df17144ba9a9465b9
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /qz.js?0.3770817959158571 HTTP/1.1
Host: 155.159.252.52
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://155.159.252.52/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:31 GMT
Content-Type: application/javascript
Last-Modified: Tue, 26 Sep 2023 13:47:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6512e0d4-478"
Expires: Wed, 27 Sep 2023 03:02:31 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/icon_more0.png
200 OK 1.9 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/icon_more0.png
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced\012- data
Hash 3603c314407a5d21cf70c449d3b9665a
bf4016f341f48e86d41fe51595d732cbd0b883af
a9f669fd69f42ea98fd6fab1175bde23b5236a00f76732b55d9becb23601b06b
GET /template/news/xz/skin/picture/icon_more0.png HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:31 GMT
Content-Type: image/png
Content-Length: 1867
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-74b"
Expires: Thu, 26 Oct 2023 15:02:31 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/icon_more1.png
200 OK 1.3 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/icon_more1.png
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type PNG image data, 35 x 35, 8-bit colormap, non-interlaced\012- data
Hash 4592e54262a2674c408295dd17980fef
6c850265bc5cc84205308e513199c8ff0f27ad98
03e8cb8c2ffa16c54f52e0cb8020035a82ef40ed7b078e1faaecfea9d630e484
GET /template/news/xz/skin/picture/icon_more1.png HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:31 GMT
Content-Type: image/png
Content-Length: 1284
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-504"
Expires: Thu, 26 Oct 2023 15:02:31 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
155.159.252.52/static/img/hotgame_itembg.png
200 OK 19 kB URL GET HTTP/1.1 155.159.252.52/static/img/hotgame_itembg.png
IP
ASN #137951 Clayer Limited
File type PNG image data, 694 x 920, 8-bit colormap, non-interlaced\012- data
Hash 24212179c159aa856ecaa975a7138ed4
26c23b212280736a857f480b43b95b2bed94f4d9
631c864daa8c608f3390b717d4099e1725cdf134bb213ae3754ff918b2c515cc
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/img/hotgame_itembg.png HTTP/1.1
Host: 155.159.252.52
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://155.159.252.52/static/css/web.css?v=2021web
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:31 GMT
Content-Type: image/png
Content-Length: 18954
Last-Modified: Fri, 19 Nov 2021 14:41:17 GMT
Connection: keep-alive
ETag: "6197b78d-4a0a"
Expires: Thu, 26 Oct 2023 15:02:31 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/icon_more3.png
200 OK 1.6 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/icon_more3.png
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type PNG image data, 35 x 35, 8-bit colormap, non-interlaced\012- data
Hash 4d1dfa1b6b1e3f5f7797dc5e7a8d8246
c33306b0cf59b3b54365af62ab2f439bb83a4f06
81e5191c713ab97c5c3ae7b34d0197e672f4b969f4673e50b4d0ded4829b8d67
GET /template/news/xz/skin/picture/icon_more3.png HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:31 GMT
Content-Type: image/png
Content-Length: 1563
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-61b"
Expires: Thu, 26 Oct 2023 15:02:31 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/icon_more2.png
200 OK 1.3 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/icon_more2.png
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type PNG image data, 35 x 35, 8-bit colormap, non-interlaced\012- data
Hash 30fdf0c9d212eda41263318e70c94540
267586886dfb6a146cdb1cc218a0ac41bc2a57b1
6dc4c760ef65eb57046db1d7e43b067e4283dc78c4f46b5140547781f954bab1
GET /template/news/xz/skin/picture/icon_more2.png HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:31 GMT
Content-Type: image/png
Content-Length: 1256
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-4e8"
Expires: Thu, 26 Oct 2023 15:02:31 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
155.159.252.52/static/img/footerbg.png
200 OK 28 kB URL GET HTTP/1.1 155.159.252.52/static/img/footerbg.png
IP
ASN #137951 Clayer Limited
File type PNG image data, 1920 x 324, 8-bit colormap, non-interlaced\012- data
Hash 3b9ae1ce28bdf234e7e3245305371937
9c36e5d742a69c80ed0693cbcf3a00f2b0c82d73
17df7cb78bb02c8bda5b7ffb7febbf48f046b5b54e0fa137ba6d37878e4fa6e4
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/img/footerbg.png HTTP/1.1
Host: 155.159.252.52
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://155.159.252.52/static/css/web.css?v=2021web
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:31 GMT
Content-Type: image/png
Content-Length: 27856
Last-Modified: Fri, 19 Nov 2021 14:41:13 GMT
Connection: keep-alive
ETag: "6197b789-6cd0"
Expires: Thu, 26 Oct 2023 15:02:31 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/icon_more4.png
200 OK 1.1 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/icon_more4.png
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type PNG image data, 35 x 35, 8-bit colormap, non-interlaced\012- data
Hash 6665b836a8c44738e35f2b3e05680e4a
a84cb467bf49f7323c55f467416b95e1a5c79b49
1cb5d191319233f7c232a255f4d7598f843c2f6caf89249161b2541c43a13f94
GET /template/news/xz/skin/picture/icon_more4.png HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:31 GMT
Content-Type: image/png
Content-Length: 1086
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-43e"
Expires: Thu, 26 Oct 2023 15:02:31 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
155.159.252.52/static/img/hotgame_bottom_btn_bg.png
200 OK 7.0 kB URL GET HTTP/1.1 155.159.252.52/static/img/hotgame_bottom_btn_bg.png
IP
ASN #137951 Clayer Limited
File type PNG image data, 360 x 120, 8-bit colormap, non-interlaced\012- data
Hash 4b57c35593f2e9db6ba931a2ea31652b
c10b51fed294260abfdf169be0b7446b8e356e77
e808a3cd1bec176cb7b9808bf49f6b8acc23d8ddb0f6882275af4783d1e7549b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/img/hotgame_bottom_btn_bg.png HTTP/1.1
Host: 155.159.252.52
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://155.159.252.52/static/css/web.css?v=2021web
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:31 GMT
Content-Type: image/png
Content-Length: 6992
Last-Modified: Sat, 22 Oct 2022 03:08:25 GMT
Connection: keep-alive
ETag: "63535ea9-1b50"
Expires: Thu, 26 Oct 2023 15:02:31 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/sj_wb.jpg
200 OK 4.7 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/sj_wb.jpg
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 54x54, components 3\012- data
Hash a301fe54b0684c1d454223f2e5c6edc6
da8cfefc7af7e4ec4301e393864c3834ed67c90f
aa89af6d0e17878f084081c364158fa26de7ef0ca2453fa1a704af1e391bd202
GET /template/news/xz/skin/picture/sj_wb.jpg HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:32 GMT
Content-Type: image/jpeg
Content-Length: 4670
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-123e"
Expires: Thu, 26 Oct 2023 15:02:32 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
155.159.252.52/static/img/downloadbg.png
200 OK 16 kB URL GET HTTP/1.1 155.159.252.52/static/img/downloadbg.png
IP
ASN #137951 Clayer Limited
File type PNG image data, 490 x 668, 8-bit colormap, non-interlaced\012- data
Hash 54aea9069ebd594d06452f981ef0e082
7be69fe602b6a08a9d33b2818b7b2435cbfe1c51
be14f003ebb563bca19a5adedb51cce325609eb2c781de3bdbf36c725d4afdbd
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/img/downloadbg.png HTTP/1.1
Host: 155.159.252.52
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://155.159.252.52/static/css/web.css?v=2021web
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:32 GMT
Content-Type: image/png
Content-Length: 16155
Last-Modified: Fri, 19 Nov 2021 14:41:08 GMT
Connection: keep-alive
ETag: "6197b784-3f1b"
Expires: Thu, 26 Oct 2023 15:02:32 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/share_bbs.png
200 OK 4.1 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/share_bbs.png
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type PNG image data, 98 x 41, 8-bit/color RGBA, non-interlaced\012- data
Hash 461864eec8fb89e70adf26ee3bba3576
cc14d552a9851620f71d65fee130b8469b13dd0c
51b4123c0e52156c62263d72610077543d8f45e8271702b9ed88eb7993166367
GET /template/news/xz/skin/picture/share_bbs.png HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:32 GMT
Content-Type: image/png
Content-Length: 4066
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-fe2"
Expires: Thu, 26 Oct 2023 15:02:32 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/sj_ks.png
200 OK 5.6 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/sj_ks.png
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type PNG image data, 54 x 54, 8-bit/color RGB, non-interlaced\012- data
Hash faf69736a948c1fde5583e6339a05954
951293c4384df342a9005b93cf4625863b707c3f
f85763013bc482043545830cc0562237f80288395eab68337c0dbddb5d888f44
GET /template/news/xz/skin/picture/sj_ks.png HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:32 GMT
Content-Type: image/png
Content-Length: 5599
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-15df"
Expires: Thu, 26 Oct 2023 15:02:32 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/c.gif
200 OK 0 B URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/c.gif
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /template/news/xz/skin/picture/c.gif HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:32 GMT
Content-Type: image/gif
Content-Length: 0
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-0"
Expires: Thu, 26 Oct 2023 15:02:32 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
155.159.252.52/static/img/hotgame_lbbg.png
200 OK 58 kB URL GET HTTP/1.1 155.159.252.52/static/img/hotgame_lbbg.png
IP
ASN #137951 Clayer Limited
File type PNG image data, 2380 x 488, 8-bit colormap, non-interlaced\012- data
Hash 3ae837307bc15ba6fcaf2832ce3d0402
c80a9e4ae384f2ae07e10308b72224a8352804f2
a71e6ed99105f1a2348c90777fa09b2a9b5b9278efc6759e6e768a168ec0a05a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/img/hotgame_lbbg.png HTTP/1.1
Host: 155.159.252.52
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://155.159.252.52/static/css/web.css?v=2021web
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:31 GMT
Content-Type: image/png
Content-Length: 57488
Last-Modified: Fri, 19 Nov 2021 14:41:18 GMT
Connection: keep-alive
ETag: "6197b78e-e090"
Expires: Thu, 26 Oct 2023 15:02:31 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
155.159.252.52/static/img/fd_totop.png
200 OK 2.8 kB URL GET HTTP/1.1 155.159.252.52/static/img/fd_totop.png
IP
ASN #137951 Clayer Limited
File type PNG image data, 76 x 76, 8-bit colormap, non-interlaced\012- data
Hash b1e36b9e83803b77e6ac09da9eead509
99e72f62ec65667e89a9b288b627b357be96701f
38b57c517260980e644dfb405ef08146d2111b714abec7255efbd4b354cd7583
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/img/fd_totop.png HTTP/1.1
Host: 155.159.252.52
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://155.159.252.52/static/css/web.css?v=2021web
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:32 GMT
Content-Type: image/png
Content-Length: 2797
Last-Modified: Fri, 19 Nov 2021 14:41:12 GMT
Connection: keep-alive
ETag: "6197b788-aed"
Expires: Thu, 26 Oct 2023 15:02:32 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/sj_wx.jpg
200 OK 23 kB URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/template/news/xz/skin/picture/sj_wx.jpg
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1280, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1280], baseline, precision 8, 54x54, components 3\012- data
Hash 3ec866c90c381367ff02076f665e68c2
56679a5b8356e08b71642aac70fc64ab6ffa54ba
b802d55c92f0c8a6f9556698831dc6dd20a909ed6adc5332c8c012012ad8e9f8
GET /template/news/xz/skin/picture/sj_wx.jpg HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:32 GMT
Content-Type: image/jpeg
Content-Length: 22571
Last-Modified: Thu, 24 Nov 2022 01:55:14 GMT
Connection: keep-alive
ETag: "637ecf02-582b"
Expires: Thu, 26 Oct 2023 15:02:32 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
155.159.252.52/static/img/titleimg_top_game.png
200 OK 5.7 kB URL GET HTTP/1.1 155.159.252.52/static/img/titleimg_top_game.png
IP
ASN #137951 Clayer Limited
File type PNG image data, 596 x 132, 8-bit colormap, non-interlaced\012- data
Hash 254b8b403316cc5754d821c3ac9620e6
dd75d61cd66f114f3ee66e880b9fea2495ade226
97dec4a15fd692863e0679d739c952d005e635c1fe02d499dbb165cca72ea618
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/img/titleimg_top_game.png HTTP/1.1
Host: 155.159.252.52
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://155.159.252.52/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:32 GMT
Content-Type: image/png
Content-Length: 5680
Last-Modified: Fri, 19 Nov 2021 14:41:38 GMT
Connection: keep-alive
ETag: "6197b7a2-1630"
Expires: Thu, 26 Oct 2023 15:02:32 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
155.159.252.52/static/img/app_logo1.png
200 OK 31 kB URL GET HTTP/1.1 155.159.252.52/static/img/app_logo1.png
IP
ASN #137951 Clayer Limited
File type PNG image data, 240 x 240, 8-bit/color RGBA, non-interlaced\012- data
Hash 8f09a00bf070107b33d37c05441ee3ac
de368c24abff83e1ce0732780a7dcf62645532e0
86b5eb8183d8f7b2d4a00275d6f84981d00da62f78647447bf6a143ccc0199a9
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/img/app_logo1.png HTTP/1.1
Host: 155.159.252.52
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://155.159.252.52/static/css/web.css?v=2021web
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:32 GMT
Content-Type: image/png
Content-Length: 31226
Last-Modified: Sun, 20 Nov 2022 09:56:26 GMT
Connection: keep-alive
ETag: "6379f9ca-79fa"
Expires: Thu, 26 Oct 2023 15:02:32 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
sso.people.com.cn/resource/js/sso.js
200 OK 11 kB URL GET HTTP/1.1 sso.people.com.cn/resource/js/sso.js
IP
ASN #56047 China Mobile communications corporation
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Certificate IssuerDigiCert Inc
Subject*.people.cn
FingerprintC8:F4:4A:CD:F1:F1:9E:08:D9:0C:E4:C9:91:7A:B9:85:4A:85:D4:F2
ValidityThu, 10 Nov 2022 00:00:00 GMT - Sun, 03 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (1533)
Hash 4387ac38e3b23a74fba374ce256822bc
f9cc05cd2a47c75a4e05dd34a809666afcaea7ad
d3ca5243e70cd00ccaa1ff69ace0a9f50c27d58f9232c2b4928fe0fcd6ff8b79
GET /resource/js/sso.js HTTP/1.1
Host: sso.people.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://gxx8295855.dwonxiazai.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 26 Sep 2023 15:02:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 06 Jan 2020 09:21:41 GMT
ETag: W/"5e12fc25-74e5"
Expires: Tue, 26 Sep 2023 17:02:32 GMT
Cache-Control: max-age=7200
Content-Encoding: gzip
X-Via-JSL: b20b407,-
Set-Cookie: __jsluid_s=695b21f3a21d030ca426854df60724e6; max-age=31536000; path=/; HttpOnly; SameSite=None; secure
X-Cache: bypass
gxx8295855.dwonxiazai.com/favicon.ico
200 OK 0 B URL GET HTTP/1.1 gxx8295855.dwonxiazai.com/favicon.ico
IP
ASN #137951 Clayer Limited
Requested by http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: gxx8295855.dwonxiazai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://gxx8295855.dwonxiazai.com/cx/071287/112/setup_1891b2gd.exe
Cookie: wdcid=1111f22258603de4; wdlast=1695740551; wdses=149b42adf833e1db
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:32 GMT
Content-Type: image/x-icon
Content-Length: 0
Last-Modified: Fri, 19 May 2023 11:18:09 GMT
Connection: keep-alive
ETag: "64675af1-0"
Accept-Ranges: bytes
155.159.252.52/static/img/hotgame_ty.png
200 OK 113 kB URL GET HTTP/1.1 155.159.252.52/static/img/hotgame_ty.png
IP
ASN #137951 Clayer Limited
File type PNG image data, 736 x 623, 8-bit colormap, non-interlaced\012- data
Size 113 kB (112821 bytes)
Hash 97bafd361b9b620c7678e552024225c3
cbdd8488090148f5f73a97a91d3a24a6c07453b3
a2340fa63f1b53aebb946f62730dd4f64c9f42585126eb1152057d71b56fadce
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/img/hotgame_ty.png HTTP/1.1
Host: 155.159.252.52
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://155.159.252.52/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:32 GMT
Content-Type: image/png
Content-Length: 112821
Last-Modified: Fri, 19 Nov 2021 14:41:20 GMT
Connection: keep-alive
ETag: "6197b790-1b8b5"
Expires: Thu, 26 Oct 2023 15:02:32 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
155.159.252.52/static/img/hotgame_zr.png
200 OK 121 kB URL GET HTTP/1.1 155.159.252.52/static/img/hotgame_zr.png
IP
ASN #137951 Clayer Limited
File type PNG image data, 736 x 623, 8-bit colormap, non-interlaced\012- data
Size 121 kB (121229 bytes)
Hash a691f396c473aa877d66dcc169597c64
d9b5daf91bfa46233fcd701146691f11d30aba87
c8bdd010d21a319777891807be19d13173d5730c966ff6897d65ce8a0b2244b0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/img/hotgame_zr.png HTTP/1.1
Host: 155.159.252.52
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://155.159.252.52/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:32 GMT
Content-Type: image/png
Content-Length: 121229
Last-Modified: Fri, 19 Nov 2021 14:41:20 GMT
Connection: keep-alive
ETag: "6197b790-1d98d"
Expires: Thu, 26 Oct 2023 15:02:32 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
155.159.252.52/static/img/titleimg_contact.png
200 OK 7.9 kB URL GET HTTP/1.1 155.159.252.52/static/img/titleimg_contact.png
IP
ASN #137951 Clayer Limited
File type PNG image data, 596 x 132, 8-bit colormap, non-interlaced\012- data
Hash bba44c514b5da0fa122db10bd5dd4a25
456d99769aa1b15714feb48d141a67f50f5d9c62
c1c6f0209d71d61adac42db73154e66ddebc258404fe6feb914f1b0ec3ba2bc4
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/img/titleimg_contact.png HTTP/1.1
Host: 155.159.252.52
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://155.159.252.52/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:35 GMT
Content-Type: image/png
Content-Length: 7875
Last-Modified: Fri, 19 Nov 2021 14:41:37 GMT
Connection: keep-alive
ETag: "6197b7a1-1ec3"
Expires: Thu, 26 Oct 2023 15:02:35 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
155.159.252.52/static/img/hotgame_cp.png
200 OK 125 kB URL GET HTTP/1.1 155.159.252.52/static/img/hotgame_cp.png
IP
ASN #137951 Clayer Limited
File type PNG image data, 736 x 623, 8-bit colormap, non-interlaced\012- data
Size 125 kB (124841 bytes)
Hash 6cea918d7d824577f3bab4d14a864125
0370a8ddf1a99294acd7b33c59bea06c3ee110d0
5fd3fa7f8b23b33bf6fababc924645de9685f166b351e7684c6f936a4452edb6
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/img/hotgame_cp.png HTTP/1.1
Host: 155.159.252.52
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://155.159.252.52/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:32 GMT
Content-Type: image/png
Content-Length: 124841
Last-Modified: Fri, 19 Nov 2021 14:41:16 GMT
Connection: keep-alive
ETag: "6197b78c-1e7a9"
Expires: Thu, 26 Oct 2023 15:02:32 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
155.159.252.52/static/img/hd.png
200 OK 347 kB URL GET HTTP/1.1 155.159.252.52/static/img/hd.png
IP
ASN #137951 Clayer Limited
File type JPEG image data, progressive, precision 8, 969x1088, components 3\012- data
Size 347 kB (346703 bytes)
Hash 221471375bf8702a176becdf4212cd24
ef80818c34189fa9dceefa1738bcd84886e45595
8b0a9db25f2b4675591b97eb59945d223f46650d1b05df9c21e01c61891bc5f3
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/img/hd.png HTTP/1.1
Host: 155.159.252.52
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://155.159.252.52/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:30 GMT
Content-Type: image/png
Content-Length: 346703
Last-Modified: Fri, 25 Nov 2022 12:17:55 GMT
Connection: keep-alive
ETag: "6380b273-54a4f"
Expires: Thu, 26 Oct 2023 15:02:30 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
155.159.252.52/static/img/download_bottom_img.png
200 OK 40 kB URL GET HTTP/1.1 155.159.252.52/static/img/download_bottom_img.png
IP
ASN #137951 Clayer Limited
File type PNG image data, 1264 x 320, 8-bit colormap, non-interlaced\012- data
Hash 2562815ac75731e40a21f53a93ddc94e
f614090083587a2c0118b0f8996e10060d82b04f
f42316c348280e18dbdf1174fc2e2759204b0109ae23c43a00ab2999abe84ed4
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/img/download_bottom_img.png HTTP/1.1
Host: 155.159.252.52
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://155.159.252.52/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:35 GMT
Content-Type: image/png
Content-Length: 39832
Last-Modified: Fri, 19 Nov 2021 14:41:08 GMT
Connection: keep-alive
ETag: "6197b784-9b98"
Expires: Thu, 26 Oct 2023 15:02:35 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
155.159.252.52/static/img/hotgame_qp.png
200 OK 115 kB URL GET HTTP/1.1 155.159.252.52/static/img/hotgame_qp.png
IP
ASN #137951 Clayer Limited
File type PNG image data, 736 x 623, 8-bit colormap, non-interlaced\012- data
Size 115 kB (115196 bytes)
Hash 0ea04fcfea1b06ea4f8d6b968b8b3a8f
453e2e125220a1eeb3f9d948d7f08833ef6aff6b
381944f290c0f63dbeb208634a3de02b821024e5d8d216369f192cee6d27f76c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/img/hotgame_qp.png HTTP/1.1
Host: 155.159.252.52
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://155.159.252.52/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:32 GMT
Content-Type: image/png
Content-Length: 115196
Last-Modified: Fri, 19 Nov 2021 14:41:18 GMT
Connection: keep-alive
ETag: "6197b78e-1c1fc"
Expires: Thu, 26 Oct 2023 15:02:32 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
155.159.252.52/static/img/hotgame_dj.png
200 OK 118 kB URL GET HTTP/1.1 155.159.252.52/static/img/hotgame_dj.png
IP
ASN #137951 Clayer Limited
File type PNG image data, 736 x 623, 8-bit colormap, non-interlaced\012- data
Size 118 kB (118485 bytes)
Hash 38ffc4b03162e8dc89bdc33aaa16d18e
8b9cf42cd90a0e867b069911afd8f722ba1bd6bd
89d9caf40ad22305ba8e2531e92af0d5695202950af14c0074b68ed32cf701d4
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/img/hotgame_dj.png HTTP/1.1
Host: 155.159.252.52
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://155.159.252.52/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:35 GMT
Content-Type: image/png
Content-Length: 118485
Last-Modified: Fri, 19 Nov 2021 14:41:16 GMT
Connection: keep-alive
ETag: "6197b78c-1ced5"
Expires: Thu, 26 Oct 2023 15:02:35 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
155.159.252.52/static/img/banner.jpg
200 OK 406 kB URL GET HTTP/1.1 155.159.252.52/static/img/banner.jpg
IP
ASN #137951 Clayer Limited
File type JPEG image data, baseline, precision 8, 3840x1400, components 3\012- data
Size 406 kB (405909 bytes)
Hash d12e3b2899046285cb587aebe46d5850
7cd25d88958e51dbc3184d039ea31985fb2271a7
83b0adf4e17b74b999e843b3f8514032784503c0b52efb74bab464233e53f36d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/img/banner.jpg HTTP/1.1
Host: 155.159.252.52
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://155.159.252.52/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:30 GMT
Content-Type: image/jpeg
Content-Length: 405909
Last-Modified: Mon, 21 Nov 2022 11:32:04 GMT
Connection: keep-alive
ETag: "637b61b4-63195"
Expires: Thu, 26 Oct 2023 15:02:30 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
155.159.252.52/static/img/hotgame_dz.png
200 OK 124 kB URL GET HTTP/1.1 155.159.252.52/static/img/hotgame_dz.png
IP
ASN #137951 Clayer Limited
File type PNG image data, 736 x 623, 8-bit colormap, non-interlaced\012- data
Size 124 kB (124185 bytes)
Hash d57cfec1caaa46c2d0302708ca606ac3
9c68a596ad3b1b7de67ae6ae481d25de3a968f29
07aeb4f99135e35b0ca7f9e08e03575e697454c71482789caac9d6ff958225ea
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /static/img/hotgame_dz.png HTTP/1.1
Host: 155.159.252.52
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://155.159.252.52/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 26 Sep 2023 15:02:35 GMT
Content-Type: image/png
Content-Length: 124185
Last-Modified: Fri, 19 Nov 2021 14:41:17 GMT
Connection: keep-alive
ETag: "6197b78d-1e519"
Expires: Thu, 26 Oct 2023 15:02:35 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
155.159.177.233
112.84.222.30
47.246.44.231
103.235.46.191