{"report_id":"2afe2876-196d-46e8-8707-4bf7482f764a","version":6,"status":"done","tags":[],"date":"2025-11-26T11:39:41Z","url":{"schema":"http","addr":"tms.baincn.com","fqdn":"tms.baincn.com","domain":"baincn.com","tld":"com"},"ip":{"addr":"59.41.129.7","port":0,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"final":{"url":{"schema":"https","addr":"tms.baincn.com/","fqdn":"tms.baincn.com","domain":"baincn.com","tld":"com"},"title":"贝恩医疗TMS物流运输系统","dom":{"size":6855,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"0c7f5f69dd267a14ff48bfecf179dec4","sha1":"1485deceea0f4be869096956422579f65e112241","sha256":"8542eb76cc76898e55bda6e5f38f15043db1656fb2e36a8f38e5d06176d239c2","sha512":"afca5f569b999bf71a00d47291f49fd5749b49c07d80c1bb373cb26c40441ea0fdd87c5c7d2dee167885c26fc17f4f34179b295eb7c0a49b93ed6b746a025009","ssdeep":"96:hluPUirBEu7mQxmTcT53MPHScfZdFWNM3q133xhi7CNvgzc:hlsEu7mKUcTVMPyoZL5613hgQgzc","tlshash":"f4e1b4209e2d9c233066c578a4ab9a24f8ad8137c301ce88bfbc6c557fe7d5321ad55c","dom_hash":"domhash70f5797af1ee870d15b5d99b39f95264","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"tms.baincn.com","fqdn":"tms.baincn.com","domain":"baincn.com","tld":"com"},"ip":{"addr":"59.41.129.7","port":0,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"tags":null,"meta":null,"user":{"user_id":"akbkyowd9geqr98","country_code":"zz"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-12-31T11:39:41Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"tms.baincn.com","ip":{"addr":"59.41.129.7","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":16,"received_data":3298218,"sent_data":8537,"comment":"","tags":null,"fingerprints":[{"name":"OpenSSL:3.1.6","description":"OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.","website":"https://openssl.org","common_platform_enumeration":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","icon":"OpenSSL.png","categories":["Web server extensions"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.62","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"tms.baincn.com/","fqdn":"tms.baincn.com","domain":"baincn.com","tld":"com"},"ip":{"addr":"59.41.129.7","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":true,"md5":"7b4b4c9c65128334fecd1b74740edad7","sha1":"e668d58b7057afa387028e905baecbb333ec6256","sha256":"90670e6767b517fde5ec68cc8f69b3b089e6dea8d5a62c5e7952f3daa52191dc","sha512":"e1b5bf08856afaa1e23c5c4c1bb5df959e98f4b6f70f817fa12c7d3b7e42532197bc2935d528e58bb8da9eb04162124600f069aa6938d43244ba1cee78e5c4ab","ssdeep":"","tlshash":"3cf06f8a1e38421c2844e39ca08f8208efd30ab2828ac34cd11dda18acd202b0d0c0ce","size":458,"data":"","first_seen":"2025-11-26T11:39:48.633768Z","last_seen":"2025-11-26T11:39:48.633768Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tms.baincn.com/","fqdn":"tms.baincn.com","domain":"baincn.com","tld":"com"},"ip":{"addr":"59.41.129.7","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":true,"md5":"f9dc3dc0e924a7c37d99ae6d9b133e30","sha1":"6e60017462d8f5c0da66ed0868a66b02e99cb20a","sha256":"e8c7632dcb891e360c705988ecee2bd2a105b96959baf57c5f49cd59186a71f1","sha512":"e1d7d41e074f9111bd9c86fa9a6a7bdf3a506258fe3f96e379cbd6dcfd397d830bd273a1d47128d6cbd04c8bdde39b7f63591ed5324882693d921121d9840b2c","ssdeep":"","tlshash":"bd411394ab0d162738bd243d1c175be43c2d40b5c502dfd9ae356ca06e7be6770d4d28","size":2028,"data":"","first_seen":"2025-11-26T11:39:48.635853Z","last_seen":"2025-11-26T11:39:48.635853Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tms.baincn.com/","fqdn":"tms.baincn.com","domain":"baincn.com","tld":"com"},"ip":{"addr":"59.41.129.7","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":true,"md5":"87fd9bae6307a5c21f13b3403e8622be","sha1":"7e2df52993cddd1c20041801706ce9d05d4377fa","sha256":"34f1ae26a814c443b1b793543fb376e655730de5c7b6df835243089ae10a8dde","sha512":"f0fd4f8de9a2dd2ec4d63addd220a7ad3d8af45cc55e6fb43984d2bf3e747c80d9b15dd67c0a0cbcb4e9771d5437099c6bd03a2474f5d007e3c387681035fcb0","ssdeep":"","tlshash":"87f0a772e74fc57633735b50764a004955a19db7e05d8c83b4b4385e70a0a5760bbd35","size":461,"data":"","first_seen":"2025-11-26T11:39:48.645376Z","last_seen":"2025-11-26T11:39:48.645376Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tms.baincn.com/","fqdn":"tms.baincn.com","domain":"baincn.com","tld":"com"},"ip":{"addr":"59.41.129.7","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"introduction_type":"eventHandler","is_inline":false,"md5":"1d8d0cf56c4c73bc5d12ea3195cce6d2","sha1":"6386174dc534a645d9114e398bbb0973d031ad2c","sha256":"efe7fc00c4bb2d06afde573e789ffbe9dbb6d7e8ef4a35cce6bcae9bae302bb6","sha512":"49ca88f2eb71d87ba39f8cc9229ab03bab09b11295f9ad3c69e55f59606dbf7585e5adaf164a13831501f62cf4b98baad67e50f42d7045928bf88e183325e571","ssdeep":"","tlshash":"a95000000003cc000000fcc00000000003000003003000c0c000030cc030000f000300","size":11,"data":"","first_seen":"2025-11-26T11:39:48.65788Z","last_seen":"2025-11-26T11:39:48.65788Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tms.baincn.com/mymvc_lib/js/common.js?jsCssVer=2.11209899516","fqdn":"tms.baincn.com","domain":"baincn.com","tld":"com"},"ip":{"addr":"59.41.129.7","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"introduction_type":"scriptElement","is_inline":false,"md5":"98f5ca88582fb4486dfa849c3228cfce","sha1":"24ef61d1c9a476414022838257618ef66fc1e1d2","sha256":"32c727ed8b680452cef8524aaf610d8a6e65cbdc6f15222c3e5173380b28b4f2","sha512":"0c083a1304dc5a9d5d854ba2f86b5da4115e53ca6faf84ba9256eb74af0d34edbd8dfffc3d1759968482b58943d873ce4aa0ae6854012bbddd0dada20a1812d5","ssdeep":"1536:Vo/aOxkLg0yo8nKJjy/2Twyn8tW21shzgu:Veyzy+t8tW21shzgu","tlshash":"2633ea80f798107e827e8635cc7d651cf674a623243ecc64f85cf491bb31e25729aea9","size":54888,"data":"","first_seen":"2025-11-26T11:39:48.63047Z","last_seen":"2025-11-26T11:39:48.63047Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"tms.baincn.com/app_lib/js/skin_css/blue/style.css?jsCssVer=2.11209899516","fqdn":"tms.baincn.com","domain":"baincn.com","tld":"com"},"ip":{"addr":"59.41.129.7","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://tms.baincn.com/","date":"2025-11-26T11:39:21.178Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.baincn.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Wed, 13 Aug 2025 00:00:00 GMT","end":"Mon, 07 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"91:54:F4:00:DB:D2:96:8E:BE:82:D6:8B:1A:2A:31:AA:EC:7F:47:E0","sha256":"5C:4C:12:A3:F7:66:C4:DA:B1:20:5E:AD:02:76:16:11:3B:DB:C0:09:06:73:58:7E:EF:D4:19:A7:CF:88:72:1E"}}},"request":{"raw":"GET /app_lib/js/skin_css/blue/style.css?jsCssVer=2.11209899516 HTTP/1.1\r\nHost: tms.baincn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tms.baincn.com/\r\nCookie: PHPSESSID=p7bqm9fqm8s6pbramnk512dm10\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Thu, 22 Sep 2011 02:01:39 GMT\r\netag: \"2b4-4ad7e12c1bd7e-gzip\"\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\nexpires: Fri, 26 Dec 2025 11:38:51 GMT\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 438\r\ncontent-type: text/css\r\ndate: Wed, 26 Nov 2025 11:38:51 GMT\r\nserver: Apache/2.4.62 (Win64) OpenSSL/3.1.6\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenSSL:3.1.6","description":"OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.","website":"https://openssl.org","common_platform_enumeration":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","icon":"OpenSSL.png","categories":["Web server extensions"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.62","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":692,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (305), with CRLF line terminators","md5":"59e6b418dea3cfc3be66dd21716131bd","sha1":"d589b2d4eade8cd8cd5e3609c4ed47e4c7b37740","sha256":"1666af606929e8eb9ff5bb59628b47b9071ec4ac55442adf3becff0d55208948","sha512":"f78dfb8b82c114865b0cf08c444235165a7ee5f979d153406b31a6f5c5349a2d21fd7fbce4e2f0c6c2ed1a15cd18881bf0b047385e318a467e14059cf02d85e7","ssdeep":"","tlshash":"e701888543737860171b4a2404384d608c2b125b682956f4f656d353d85d0bf25f2fb8","first_seen":"2025-11-26T11:39:48.57865Z","last_seen":"2025-11-26T11:39:48.57865Z","times_seen":1,"resource_available":false,"data":null}},"time_used":269,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":268,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tms.baincn.com/app_lib/js/skin_css/blue/login.css?jsCssVer=2.11209899516","fqdn":"tms.baincn.com","domain":"baincn.com","tld":"com"},"ip":{"addr":"59.41.129.7","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://tms.baincn.com/","date":"2025-11-26T11:39:21.182Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.baincn.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Wed, 13 Aug 2025 00:00:00 GMT","end":"Mon, 07 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"91:54:F4:00:DB:D2:96:8E:BE:82:D6:8B:1A:2A:31:AA:EC:7F:47:E0","sha256":"5C:4C:12:A3:F7:66:C4:DA:B1:20:5E:AD:02:76:16:11:3B:DB:C0:09:06:73:58:7E:EF:D4:19:A7:CF:88:72:1E"}}},"request":{"raw":"GET /app_lib/js/skin_css/blue/login.css?jsCssVer=2.11209899516 HTTP/1.1\r\nHost: tms.baincn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tms.baincn.com/\r\nCookie: PHPSESSID=p7bqm9fqm8s6pbramnk512dm10\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sun, 17 Mar 2013 11:47:35 GMT\r\netag: \"eb2-4d81d704078bb-gzip\"\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\nexpires: Fri, 26 Dec 2025 11:38:51 GMT\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 1142\r\ncontent-type: text/css\r\ndate: Wed, 26 Nov 2025 11:38:51 GMT\r\nserver: Apache/2.4.62 (Win64) OpenSSL/3.1.6\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.62","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"OpenSSL:3.1.6","description":"OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.","website":"https://openssl.org","common_platform_enumeration":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","icon":"OpenSSL.png","categories":["Web server extensions"]}],"data":{"size":3762,"size_decoded":0,"mime_type":"text/css","magic":"assembler source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"2a937007d305f049d0c0311bc29eaac4","sha1":"4b22f37c65812053600e4014193b109dd631e951","sha256":"fe3212460c6090fac6486eeff75cf8069e12099728bad7e9678224322d6bd3db","sha512":"492001b181acea0b87420c89d3b1fb568dab7af6d00a970f08f512b8fd481db2ca294ffe2964cb03e7d77f725ddaf22e587b1810af4249b5db13f6b8ac386330","ssdeep":"","tlshash":"ff7132204b86710e61bf68e17a27a524f75aa453e38b5a2c3f7d37a5df6a421437220c","first_seen":"2025-11-26T11:39:48.589113Z","last_seen":"2025-11-26T11:39:48.589113Z","times_seen":1,"resource_available":false,"data":null}},"time_used":269,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":269,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tms.baincn.com/sys_images/login/login7.jpg","fqdn":"tms.baincn.com","domain":"baincn.com","tld":"com"},"ip":{"addr":"59.41.129.7","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tms.baincn.com/","date":"2025-11-26T11:39:21.189Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.baincn.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Wed, 13 Aug 2025 00:00:00 GMT","end":"Mon, 07 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"91:54:F4:00:DB:D2:96:8E:BE:82:D6:8B:1A:2A:31:AA:EC:7F:47:E0","sha256":"5C:4C:12:A3:F7:66:C4:DA:B1:20:5E:AD:02:76:16:11:3B:DB:C0:09:06:73:58:7E:EF:D4:19:A7:CF:88:72:1E"}}},"request":{"raw":"GET /sys_images/login/login7.jpg HTTP/1.1\r\nHost: tms.baincn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tms.baincn.com/\r\nCookie: PHPSESSID=p7bqm9fqm8s6pbramnk512dm10\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 28 Feb 2025 08:27:21 GMT\r\netag: \"180796-62f2f935210f5-gzip\"\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\nexpires: Fri, 26 Dec 2025 11:38:51 GMT\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-type: image/jpeg\r\ndate: Wed, 26 Nov 2025 11:38:51 GMT\r\nserver: Apache/2.4.62 (Win64) OpenSSL/3.1.6\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.62","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"OpenSSL:3.1.6","description":"OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.","website":"https://openssl.org","common_platform_enumeration":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","icon":"OpenSSL.png","categories":["Web server extensions"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":1574806,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=2, orientation=upper-left], baseline, precision 8, 3839x2160, components 3","md5":"863de389bec4169f4619b2918134d3c0","sha1":"c063214141cd2a7a0c3f1118ac9625dd8e849f99","sha256":"14f5ee7dd845bc55abd86da4bf5409413d5c8438432cba2a9a116a04582e1bab","sha512":"7fe5a4131a96bd18bf28db0e57cc67578bc1eb1f29b4830c3a9fe81202f705d8034e288ea838152096e86dc21cb334c7cc75f03a66e3937946cb1c7cffa3ed23","ssdeep":"24576:IdA6fk5qfbSlz0IZHeKNh3sJdbeq+oHljpPcYoR:I+6G4Slz0IZHeGGdb9+oHppPcYoR","tlshash":"4725330e9c9bf74ddb8b0ee78888d743aa604e109f4791e5946e3c9fa6b4c45923c3c5","first_seen":"2025-11-26T11:39:48.592422Z","last_seen":"2025-11-26T11:39:48.592422Z","times_seen":1,"resource_available":false,"data":null}},"time_used":540,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":540,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tms.baincn.com/sys_images/skin/blue/user.png","fqdn":"tms.baincn.com","domain":"baincn.com","tld":"com"},"ip":{"addr":"59.41.129.7","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tms.baincn.com/","date":"2025-11-26T11:39:21.514Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.baincn.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Wed, 13 Aug 2025 00:00:00 GMT","end":"Mon, 07 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"91:54:F4:00:DB:D2:96:8E:BE:82:D6:8B:1A:2A:31:AA:EC:7F:47:E0","sha256":"5C:4C:12:A3:F7:66:C4:DA:B1:20:5E:AD:02:76:16:11:3B:DB:C0:09:06:73:58:7E:EF:D4:19:A7:CF:88:72:1E"}}},"request":{"raw":"GET /sys_images/skin/blue/user.png HTTP/1.1\r\nHost: tms.baincn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tms.baincn.com/app_lib/js/skin_css/blue/login.css?jsCssVer=2.11209899516\r\nCookie: PHPSESSID=p7bqm9fqm8s6pbramnk512dm10\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sat, 16 May 2015 08:02:36 GMT\r\netag: \"93e-5162e623c9f00-gzip\"\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\nexpires: Fri, 26 Dec 2025 11:38:51 GMT\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 2110\r\ncontent-type: image/png\r\ndate: Wed, 26 Nov 2025 11:38:51 GMT\r\nserver: Apache/2.4.62 (Win64) OpenSSL/3.1.6\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.62","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"OpenSSL:3.1.6","description":"OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.","website":"https://openssl.org","common_platform_enumeration":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","icon":"OpenSSL.png","categories":["Web server extensions"]}],"data":{"size":2366,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 40 x 41, 8-bit/color RGBA, non-interlaced","md5":"937036b6916c336d1fbb33c6e5defab6","sha1":"95836fc85e56e01ee9aac770afbaba50c80777ca","sha256":"d44f2c2688e812d9112c59e10d83b49cf0817a1b4b2cc00986080f733b96053c","sha512":"3f33e735b1867739e8377b3ec16727c79146b94a29bf9a057031fc108c9c9b3666ec48562454959f3bad781836555584d8e18dfbc2ea59c4ef523f86c350a147","ssdeep":"","tlshash":"4e410b1dc5ac7cc1517ca49534e3401fc4738f547dd84062f48a9c156f783bd6249af6","first_seen":"2025-11-26T11:39:48.597672Z","last_seen":"2025-11-26T11:39:48.597672Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1309,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1307,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tms.baincn.com/sys_images/skin/blue/key.png","fqdn":"tms.baincn.com","domain":"baincn.com","tld":"com"},"ip":{"addr":"59.41.129.7","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tms.baincn.com/","date":"2025-11-26T11:39:21.520Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.baincn.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Wed, 13 Aug 2025 00:00:00 GMT","end":"Mon, 07 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"91:54:F4:00:DB:D2:96:8E:BE:82:D6:8B:1A:2A:31:AA:EC:7F:47:E0","sha256":"5C:4C:12:A3:F7:66:C4:DA:B1:20:5E:AD:02:76:16:11:3B:DB:C0:09:06:73:58:7E:EF:D4:19:A7:CF:88:72:1E"}}},"request":{"raw":"GET /sys_images/skin/blue/key.png HTTP/1.1\r\nHost: tms.baincn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tms.baincn.com/app_lib/js/skin_css/blue/login.css?jsCssVer=2.11209899516\r\nCookie: PHPSESSID=p7bqm9fqm8s6pbramnk512dm10\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sat, 16 May 2015 08:02:36 GMT\r\netag: \"965-5162e623c9f00-gzip\"\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\nexpires: Fri, 26 Dec 2025 11:38:51 GMT\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 2147\r\ncontent-type: image/png\r\ndate: Wed, 26 Nov 2025 11:38:51 GMT\r\nserver: Apache/2.4.62 (Win64) OpenSSL/3.1.6\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.62","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"OpenSSL:3.1.6","description":"OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.","website":"https://openssl.org","common_platform_enumeration":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","icon":"OpenSSL.png","categories":["Web server extensions"]}],"data":{"size":2405,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 45 x 32, 8-bit/color RGBA, non-interlaced","md5":"d31bb3a11e45a19d9e54c923fdd1ecc6","sha1":"2908d78154cd457a0c0cdb3c297c304f6a261016","sha256":"c8d925c2f829c4f28c76c37686c51692ef03a0fd52629f63b81cccd30062dfe4","sha512":"d93e76296632c991510bfcb2085828e544cd384657af942c73ced00e42fff835159b7e15fb29b8f914b25867f868b0e9609a9ef176df7d17a9ec70413911e563","ssdeep":"","tlshash":"4b41f84dea903c05f706e0c52ce5001259474d02f9b6b46fb4dfc8bb56945f9481c2db","first_seen":"2025-11-26T11:39:48.602078Z","last_seen":"2025-11-26T11:39:48.602078Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1301,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1299,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tms.baincn.com/sys_images/skin/blue/login_btn.png","fqdn":"tms.baincn.com","domain":"baincn.com","tld":"com"},"ip":{"addr":"59.41.129.7","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tms.baincn.com/","date":"2025-11-26T11:39:21.523Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.baincn.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Wed, 13 Aug 2025 00:00:00 GMT","end":"Mon, 07 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"91:54:F4:00:DB:D2:96:8E:BE:82:D6:8B:1A:2A:31:AA:EC:7F:47:E0","sha256":"5C:4C:12:A3:F7:66:C4:DA:B1:20:5E:AD:02:76:16:11:3B:DB:C0:09:06:73:58:7E:EF:D4:19:A7:CF:88:72:1E"}}},"request":{"raw":"GET /sys_images/skin/blue/login_btn.png HTTP/1.1\r\nHost: tms.baincn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tms.baincn.com/app_lib/js/skin_css/blue/login.css?jsCssVer=2.11209899516\r\nCookie: PHPSESSID=p7bqm9fqm8s6pbramnk512dm10\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sat, 16 May 2015 08:02:36 GMT\r\netag: \"397b-5162e623c9f00-gzip\"\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\nexpires: Fri, 26 Dec 2025 11:38:51 GMT\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 14738\r\ncontent-type: image/png\r\ndate: Wed, 26 Nov 2025 11:38:51 GMT\r\nserver: Apache/2.4.62 (Win64) OpenSSL/3.1.6\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.62","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"OpenSSL:3.1.6","description":"OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.","website":"https://openssl.org","common_platform_enumeration":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","icon":"OpenSSL.png","categories":["Web server extensions"]}],"data":{"size":14715,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 319 x 62, 8-bit/color RGBA, non-interlaced","md5":"5f6b390c1d3ab12a55eef04c8e99a886","sha1":"ff8389ce967e044d685080d807878a02aecc45f1","sha256":"1d501a95274fb6e2a1bacbda18aaa9243a86ffdede2b0dc80263ca383f07a058","sha512":"38291c33751e3353d556248ee1cceb4dd3c9634fb37d0f4c6c0092f826bc390b3b3b16ade715a2192e0a0992dd43694cd88f699305895ad2b67cf11d4f2d2284","ssdeep":"384:S50w94niXugnSRIDkWXYpBxqeGZAHosutCZqj:YP41gnxDkUFZEoT5j","tlshash":"3962d00e6852095c42d4c9b951bf66ca0bbfbb4d618f1e5ce97c5b0e8e800f31820f36","first_seen":"2025-11-26T11:39:48.606712Z","last_seen":"2025-11-26T11:39:48.606712Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1299,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1297,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tms.baincn.com/sys_images/login/login1.jpg","fqdn":"tms.baincn.com","domain":"baincn.com","tld":"com"},"ip":{"addr":"59.41.129.7","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tms.baincn.com/","date":"2025-11-26T11:39:32.056Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.baincn.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Wed, 13 Aug 2025 00:00:00 GMT","end":"Mon, 07 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"91:54:F4:00:DB:D2:96:8E:BE:82:D6:8B:1A:2A:31:AA:EC:7F:47:E0","sha256":"5C:4C:12:A3:F7:66:C4:DA:B1:20:5E:AD:02:76:16:11:3B:DB:C0:09:06:73:58:7E:EF:D4:19:A7:CF:88:72:1E"}}},"request":{"raw":"GET /sys_images/login/login1.jpg HTTP/1.1\r\nHost: tms.baincn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tms.baincn.com/\r\nCookie: PHPSESSID=p7bqm9fqm8s6pbramnk512dm10\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Fri, 28 Feb 2025 08:27:21 GMT\r\netag: \"180796-62f2f935210f5-gzip\"\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\nexpires: Fri, 26 Dec 2025 11:39:01 GMT\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-type: image/jpeg\r\ndate: Wed, 26 Nov 2025 11:39:01 GMT\r\nserver: Apache/2.4.62 (Win64) OpenSSL/3.1.6\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.62","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"OpenSSL:3.1.6","description":"OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.","website":"https://openssl.org","common_platform_enumeration":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","icon":"OpenSSL.png","categories":["Web server extensions"]}],"data":{"size":1574806,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=2, orientation=upper-left], baseline, precision 8, 3839x2160, components 3","md5":"863de389bec4169f4619b2918134d3c0","sha1":"c063214141cd2a7a0c3f1118ac9625dd8e849f99","sha256":"14f5ee7dd845bc55abd86da4bf5409413d5c8438432cba2a9a116a04582e1bab","sha512":"7fe5a4131a96bd18bf28db0e57cc67578bc1eb1f29b4830c3a9fe81202f705d8034e288ea838152096e86dc21cb334c7cc75f03a66e3937946cb1c7cffa3ed23","ssdeep":"24576:IdA6fk5qfbSlz0IZHeKNh3sJdbeq+oHljpPcYoR:I+6G4Slz0IZHeGGdb9+oHppPcYoR","tlshash":"4725330e9c9bf74ddb8b0ee78888d743aa604e109f4791e5946e3c9fa6b4c45923c3c5","first_seen":"2025-11-26T11:39:48.592422Z","last_seen":"2025-11-26T11:39:48.592422Z","times_seen":1,"resource_available":false,"data":null}},"time_used":263,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":263,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tms.baincn.com/","fqdn":"tms.baincn.com","domain":"baincn.com","tld":"com"},"ip":{"addr":"59.41.129.7","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-11-26T11:39:19.383Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.baincn.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Wed, 13 Aug 2025 00:00:00 GMT","end":"Mon, 07 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"91:54:F4:00:DB:D2:96:8E:BE:82:D6:8B:1A:2A:31:AA:EC:7F:47:E0","sha256":"5C:4C:12:A3:F7:66:C4:DA:B1:20:5E:AD:02:76:16:11:3B:DB:C0:09:06:73:58:7E:EF:D4:19:A7:CF:88:72:1E"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: tms.baincn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nset-cookie: PHPSESSID=p7bqm9fqm8s6pbramnk512dm10; path=/\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-store, no-cache, must-revalidate\r\npragma: no-cache\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 2527\r\ncontent-type: text/html; charset=utf-8\r\ndate: Wed, 26 Nov 2025 11:38:50 GMT\r\nserver: Apache/2.4.62 (Win64) OpenSSL/3.1.6\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.62","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"OpenSSL:3.1.6","description":"OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.","website":"https://openssl.org","common_platform_enumeration":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","icon":"OpenSSL.png","categories":["Web server extensions"]}],"data":{"size":7188,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with CRLF, LF line terminators","md5":"ea7a21fef6169a1f06f6a966b483bebf","sha1":"8cec01db49c3bc6f8a429f069fdd5d7d502859d2","sha256":"c782b2e8bf90409c416dae9eddea5542c6d043024bc33673415de34a7fc92471","sha512":"4e680f461dae061228c4f725254658dc266a30f6dd8c28bdeecfbefb33e6b988f0b607b63d3e845a788146cf0c0c2178b858f7e373fcad3099a5d5c6056b4337","ssdeep":"96:Sfd8B/Jw3cFbUymQ0+m7LgkzaSeLSz7q9NMiqyTwraq8DgncQG/:S1WDbUymeM0zYfdByTwmxgnhu","tlshash":"a6e164207e1d8c263171c678a5b68b11f86981178302de88bbbc3c977ff7c1655ae654","first_seen":"2025-11-26T11:39:48.608495Z","last_seen":"2025-11-26T11:39:48.608495Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2542,"timings":{"blocked":1073,"dns":364,"connect":270,"send":0,"wait":394,"receive":0,"ssl":437},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tms.baincn.com/sys_images/skin/blue/login1.png","fqdn":"tms.baincn.com","domain":"baincn.com","tld":"com"},"ip":{"addr":"59.41.129.7","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tms.baincn.com/","date":"2025-11-26T11:39:21.504Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.baincn.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Wed, 13 Aug 2025 00:00:00 GMT","end":"Mon, 07 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"91:54:F4:00:DB:D2:96:8E:BE:82:D6:8B:1A:2A:31:AA:EC:7F:47:E0","sha256":"5C:4C:12:A3:F7:66:C4:DA:B1:20:5E:AD:02:76:16:11:3B:DB:C0:09:06:73:58:7E:EF:D4:19:A7:CF:88:72:1E"}}},"request":{"raw":"GET /sys_images/skin/blue/login1.png HTTP/1.1\r\nHost: tms.baincn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tms.baincn.com/app_lib/js/skin_css/blue/login.css?jsCssVer=2.11209899516\r\nCookie: PHPSESSID=p7bqm9fqm8s6pbramnk512dm10\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sat, 16 May 2015 08:02:36 GMT\r\netag: \"452c-5162e623c9f00-gzip\"\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\nexpires: Fri, 26 Dec 2025 11:38:51 GMT\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 17731\r\ncontent-type: image/png\r\ndate: Wed, 26 Nov 2025 11:38:51 GMT\r\nserver: Apache/2.4.62 (Win64) OpenSSL/3.1.6\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.62","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"OpenSSL:3.1.6","description":"OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.","website":"https://openssl.org","common_platform_enumeration":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","icon":"OpenSSL.png","categories":["Web server extensions"]}],"data":{"size":17708,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 375 x 79, 8-bit/color RGBA, non-interlaced","md5":"ab861d9c0eb3654ec46328313b60d750","sha1":"380cffca6fb45e303f43f69da254af2d3b52f7b3","sha256":"f3dc069a8bd6eb516ec75cf87c7552879727024d2d48f643ca15f9a6341a4780","sha512":"491dad2504dc50a6288866d094ca4fd403af3817fafe43ef07ba051c52ee5ef0aaf0086c912761e1bd27f1b87ad928afec738fb5e205a208bb9bfa20c121c556","ssdeep":"384:q50wGnu7705SWG+IMMl3AjpZtNTQ1wNwrCTFhl5u4hyZ7xEu8AaX0V:guu/05M+dMlwjtN8rC5hzu4uAAaq","tlshash":"6382d092b049854a5c2f5ab786a77d1d8701e0e0d3d81f682cefc3ebf533a5a657013a","first_seen":"2025-11-26T11:39:48.609909Z","last_seen":"2025-11-26T11:39:48.609909Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1312,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1309,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tms.baincn.com/sys_images/skin/blue/turn_1.png","fqdn":"tms.baincn.com","domain":"baincn.com","tld":"com"},"ip":{"addr":"59.41.129.7","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tms.baincn.com/","date":"2025-11-26T11:39:21.528Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.baincn.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Wed, 13 Aug 2025 00:00:00 GMT","end":"Mon, 07 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"91:54:F4:00:DB:D2:96:8E:BE:82:D6:8B:1A:2A:31:AA:EC:7F:47:E0","sha256":"5C:4C:12:A3:F7:66:C4:DA:B1:20:5E:AD:02:76:16:11:3B:DB:C0:09:06:73:58:7E:EF:D4:19:A7:CF:88:72:1E"}}},"request":{"raw":"GET /sys_images/skin/blue/turn_1.png HTTP/1.1\r\nHost: tms.baincn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tms.baincn.com/app_lib/js/skin_css/blue/login.css?jsCssVer=2.11209899516\r\nCookie: PHPSESSID=p7bqm9fqm8s6pbramnk512dm10\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sat, 16 May 2015 08:02:36 GMT\r\netag: \"1050-5162e623c9f00-gzip\"\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\nexpires: Fri, 26 Dec 2025 11:38:51 GMT\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 3919\r\ncontent-type: image/png\r\ndate: Wed, 26 Nov 2025 11:38:51 GMT\r\nserver: Apache/2.4.62 (Win64) OpenSSL/3.1.6\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.62","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"OpenSSL:3.1.6","description":"OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.","website":"https://openssl.org","common_platform_enumeration":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","icon":"OpenSSL.png","categories":["Web server extensions"]}],"data":{"size":4176,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 49 x 96, 8-bit/color RGBA, non-interlaced","md5":"5ecf60ea3059e82edf6c1440c92dda0f","sha1":"7f7d66ee68058c3e50b381588f15a781dc726b26","sha256":"8eed181762c9bc90185b4a3de48010772ca7451053074cec7b0f7d9b9c32eae1","sha512":"9042febda9218fa4d2fd34398b51ace74135dd2927bd27a938d4935cedd2421a77309445792ef8d87f9c9ac978b5e8b16fb5f530348c50d71760a0cea1e21497","ssdeep":"96:6Y2I9FQqkhyQaqk66IDCLCpGPzMgQcQhECqn1:67FyQa769KnPo7cQhXqn1","tlshash":"94816e435c9238007b1df44dac78a26b8c932ad00955dd5e20dfe4de5eb5ab506141eb","first_seen":"2025-11-26T11:39:48.617966Z","last_seen":"2025-11-26T11:39:48.617966Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1295,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1293,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tms.baincn.com/sys_images/development/logo.ico","fqdn":"tms.baincn.com","domain":"baincn.com","tld":"com"},"ip":{"addr":"59.41.129.7","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tms.baincn.com/","date":"2025-11-26T11:39:22.451Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.baincn.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Wed, 13 Aug 2025 00:00:00 GMT","end":"Mon, 07 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"91:54:F4:00:DB:D2:96:8E:BE:82:D6:8B:1A:2A:31:AA:EC:7F:47:E0","sha256":"5C:4C:12:A3:F7:66:C4:DA:B1:20:5E:AD:02:76:16:11:3B:DB:C0:09:06:73:58:7E:EF:D4:19:A7:CF:88:72:1E"}}},"request":{"raw":"GET /sys_images/development/logo.ico HTTP/1.1\r\nHost: tms.baincn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tms.baincn.com/\r\nCookie: PHPSESSID=p7bqm9fqm8s6pbramnk512dm10\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-length: 333\r\ncontent-type: text/html; charset=UTF-8\r\ndate: Wed, 26 Nov 2025 11:38:52 GMT\r\nserver: Apache/2.4.62 (Win64) OpenSSL/3.1.6\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.62","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"OpenSSL:3.1.6","description":"OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.","website":"https://openssl.org","common_platform_enumeration":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","icon":"OpenSSL.png","categories":["Web server extensions"]}],"data":{"size":333,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"3afe94e9a764c18d888e94d5e8fef183","sha1":"00a2ba3d9500b0ff67802df9dbb036b08ba4f7b2","sha256":"38d4bebca32916c12b0e8acb7bc5a9d0fb392993a458460844eb2ff4577c8665","sha512":"0ebffb6031d785486cf35ea6637d5f89e8ef49b5be6b4b70451574dc5771502e93d4961e011cb463db13c4920c2e621148d2354fef1a83dcd6203d1b902efe9d","ssdeep":"","tlshash":"5fe026ad29064e4583e1ebb020f6e28148a296c3a5c0064cf88030a79a8b31dc193b87","first_seen":"2025-11-26T11:39:48.623133Z","last_seen":"2025-11-26T11:39:48.623133Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1775,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1774,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tms.baincn.com/sys_images/skin/blue/login2.png","fqdn":"tms.baincn.com","domain":"baincn.com","tld":"com"},"ip":{"addr":"59.41.129.7","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tms.baincn.com/","date":"2025-11-26T11:39:21.507Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.baincn.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Wed, 13 Aug 2025 00:00:00 GMT","end":"Mon, 07 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"91:54:F4:00:DB:D2:96:8E:BE:82:D6:8B:1A:2A:31:AA:EC:7F:47:E0","sha256":"5C:4C:12:A3:F7:66:C4:DA:B1:20:5E:AD:02:76:16:11:3B:DB:C0:09:06:73:58:7E:EF:D4:19:A7:CF:88:72:1E"}}},"request":{"raw":"GET /sys_images/skin/blue/login2.png HTTP/1.1\r\nHost: tms.baincn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tms.baincn.com/app_lib/js/skin_css/blue/login.css?jsCssVer=2.11209899516\r\nCookie: PHPSESSID=p7bqm9fqm8s6pbramnk512dm10\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sat, 16 May 2015 08:02:36 GMT\r\netag: \"3f4-5162e623c9f00-gzip\"\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\nexpires: Fri, 26 Dec 2025 11:38:51 GMT\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 693\r\ncontent-type: image/png\r\ndate: Wed, 26 Nov 2025 11:38:51 GMT\r\nserver: Apache/2.4.62 (Win64) OpenSSL/3.1.6\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.62","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"OpenSSL:3.1.6","description":"OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.","website":"https://openssl.org","common_platform_enumeration":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","icon":"OpenSSL.png","categories":["Web server extensions"]}],"data":{"size":1012,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 375 x 5, 8-bit/color RGBA, non-interlaced","md5":"b7e9f31384e4e9f48f0325dfc1607ca3","sha1":"1b131976e794c43fc1249b69d0a07181c563df4a","sha256":"05c70101a90a1fb49f7bed673c8b3f06df4f7cbbf1f17cd21622b55cd25cce9a","sha512":"aff618f168386660619a099d833cade761dc707c6a816b8dbcdc6c68375f90baf30e175523e7fdccb8fdd6285b88cea6f6211fd7bbf8fc2aeabc0a7469c0f7e2","ssdeep":"","tlshash":"1c112546f8215441e5ede48314eed5268a339840eed5f0aae6cfc46a19611fdc8197cf","first_seen":"2025-11-26T11:39:48.624974Z","last_seen":"2025-11-26T11:39:48.624974Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1310,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1308,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tms.baincn.com/sys_images/skin/blue/login3.png","fqdn":"tms.baincn.com","domain":"baincn.com","tld":"com"},"ip":{"addr":"59.41.129.7","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tms.baincn.com/","date":"2025-11-26T11:39:21.525Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.baincn.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Wed, 13 Aug 2025 00:00:00 GMT","end":"Mon, 07 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"91:54:F4:00:DB:D2:96:8E:BE:82:D6:8B:1A:2A:31:AA:EC:7F:47:E0","sha256":"5C:4C:12:A3:F7:66:C4:DA:B1:20:5E:AD:02:76:16:11:3B:DB:C0:09:06:73:58:7E:EF:D4:19:A7:CF:88:72:1E"}}},"request":{"raw":"GET /sys_images/skin/blue/login3.png HTTP/1.1\r\nHost: tms.baincn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tms.baincn.com/app_lib/js/skin_css/blue/login.css?jsCssVer=2.11209899516\r\nCookie: PHPSESSID=p7bqm9fqm8s6pbramnk512dm10\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sat, 16 May 2015 08:02:36 GMT\r\netag: \"3afc-5162e623c9f00-gzip\"\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\nexpires: Fri, 26 Dec 2025 11:38:51 GMT\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 14822\r\ncontent-type: image/png\r\ndate: Wed, 26 Nov 2025 11:38:51 GMT\r\nserver: Apache/2.4.62 (Win64) OpenSSL/3.1.6\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.62","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"OpenSSL:3.1.6","description":"OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.","website":"https://openssl.org","common_platform_enumeration":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","icon":"OpenSSL.png","categories":["Web server extensions"]}],"data":{"size":15100,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 375 x 76, 8-bit/color RGBA, non-interlaced","md5":"6d4625affd17699d82afa27013f07861","sha1":"f4154cea7eeefcbce873bf153cb8bcc5dd8aa03b","sha256":"e6a3a3044fc9bdebc96ca9c97f140f07d488e021f02d5510dc1bcf5a316d869c","sha512":"0560d05b7fdc37e69dcb1f1c89b1deda2e46f01f59c18f9248f0772800422ffadcedbb8515c9d846d8bc6ba1c97ff0a202e12613f4845307a6fb369191d5fff7","ssdeep":"384:2a/DzRIClBU32Ne3NGfksCJ5W+W5NDlc1MskY2j2D:2a/DhAJc+6fSMskpjc","tlshash":"b462cf49ef59ed4604699c9024fa6838e4e6434197b9added48e3b4810330fca50d8be","first_seen":"2025-11-26T11:39:48.627187Z","last_seen":"2025-11-26T11:39:48.627187Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1295,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1293,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tms.baincn.com/sys_images/skin/blue/turn_2.png","fqdn":"tms.baincn.com","domain":"baincn.com","tld":"com"},"ip":{"addr":"59.41.129.7","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tms.baincn.com/","date":"2025-11-26T11:39:21.531Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.baincn.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Wed, 13 Aug 2025 00:00:00 GMT","end":"Mon, 07 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"91:54:F4:00:DB:D2:96:8E:BE:82:D6:8B:1A:2A:31:AA:EC:7F:47:E0","sha256":"5C:4C:12:A3:F7:66:C4:DA:B1:20:5E:AD:02:76:16:11:3B:DB:C0:09:06:73:58:7E:EF:D4:19:A7:CF:88:72:1E"}}},"request":{"raw":"GET /sys_images/skin/blue/turn_2.png HTTP/1.1\r\nHost: tms.baincn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tms.baincn.com/app_lib/js/skin_css/blue/login.css?jsCssVer=2.11209899516\r\nCookie: PHPSESSID=p7bqm9fqm8s6pbramnk512dm10\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sat, 16 May 2015 08:02:36 GMT\r\netag: \"1064-5162e623c9f00-gzip\"\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\nexpires: Fri, 26 Dec 2025 11:38:51 GMT\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 3941\r\ncontent-type: image/png\r\ndate: Wed, 26 Nov 2025 11:38:51 GMT\r\nserver: Apache/2.4.62 (Win64) OpenSSL/3.1.6\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenSSL:3.1.6","description":"OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.","website":"https://openssl.org","common_platform_enumeration":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","icon":"OpenSSL.png","categories":["Web server extensions"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.62","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":4196,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 49 x 96, 8-bit/color RGBA, non-interlaced","md5":"db184dcaae9bb3d49712bcc7c861cb0e","sha1":"b095bf06d9c84f8e91fe42a4b35515a841dd9b87","sha256":"bae915c22aadc60507fc88fe731e946b7cf2f251df36c28ef05e875f909bb67c","sha512":"822f645a580d38507d1b1ce050427d7d5c50b3e0813c9fad63127ece8690b006818ddf00451a24eb6d37e6474072cfdbd2cf7b731bb4fd1def144d18cc52af29","ssdeep":"96:6Y2hV8/RujAUoyWa82ibzP0wNrZL01hsqrWtMHoa+K+7XjcKMzqPNFjkF/:6JV8/A5owKK1hsqKuIu+7B9JkF/","tlshash":"95816f19ef525837c90e5cd03ce2101ac82146c4a8b9baeab14f44a31c14be1d9415cb","first_seen":"2025-11-26T11:39:48.629246Z","last_seen":"2025-11-26T11:39:48.629246Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1294,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1292,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tms.baincn.com/mymvc_lib/js/common.js?jsCssVer=2.11209899516","fqdn":"tms.baincn.com","domain":"baincn.com","tld":"com"},"ip":{"addr":"59.41.129.7","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://tms.baincn.com/","date":"2025-11-26T11:39:21.184Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.baincn.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Wed, 13 Aug 2025 00:00:00 GMT","end":"Mon, 07 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"91:54:F4:00:DB:D2:96:8E:BE:82:D6:8B:1A:2A:31:AA:EC:7F:47:E0","sha256":"5C:4C:12:A3:F7:66:C4:DA:B1:20:5E:AD:02:76:16:11:3B:DB:C0:09:06:73:58:7E:EF:D4:19:A7:CF:88:72:1E"}}},"request":{"raw":"GET /mymvc_lib/js/common.js?jsCssVer=2.11209899516 HTTP/1.1\r\nHost: tms.baincn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tms.baincn.com/\r\nCookie: PHPSESSID=p7bqm9fqm8s6pbramnk512dm10\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Mon, 09 Jun 2025 03:51:02 GMT\r\netag: \"d668-6371b7d157029-gzip\"\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\nexpires: Fri, 26 Dec 2025 11:38:51 GMT\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 12885\r\ncontent-type: text/javascript\r\ndate: Wed, 26 Nov 2025 11:38:51 GMT\r\nserver: Apache/2.4.62 (Win64) OpenSSL/3.1.6\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server:2.4.62","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"OpenSSL:3.1.6","description":"OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.","website":"https://openssl.org","common_platform_enumeration":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","icon":"OpenSSL.png","categories":["Web server extensions"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]}],"data":{"size":54888,"size_decoded":0,"mime_type":"text/javascript","magic":"Unicode text, UTF-8 text, with CRLF line terminators","md5":"98f5ca88582fb4486dfa849c3228cfce","sha1":"24ef61d1c9a476414022838257618ef66fc1e1d2","sha256":"32c727ed8b680452cef8524aaf610d8a6e65cbdc6f15222c3e5173380b28b4f2","sha512":"0c083a1304dc5a9d5d854ba2f86b5da4115e53ca6faf84ba9256eb74af0d34edbd8dfffc3d1759968482b58943d873ce4aa0ae6854012bbddd0dada20a1812d5","ssdeep":"1536:Vo/aOxkLg0yo8nKJjy/2Twyn8tW21shzgu:Veyzy+t8tW21shzgu","tlshash":"2633ea80f798107e827e8635cc7d651cf674a623243ecc64f85cf491bb31e25729aea9","first_seen":"2025-11-26T11:39:48.63047Z","last_seen":"2025-11-26T11:39:48.63047Z","times_seen":1,"resource_available":true,"data":null}},"time_used":280,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":279,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tms.baincn.com/sys_images/skin/blue/login_hover.png","fqdn":"tms.baincn.com","domain":"baincn.com","tld":"com"},"ip":{"addr":"59.41.129.7","port":443,"asn":4134,"as":"Chinanet","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://tms.baincn.com/","date":"2025-11-26T11:39:29.094Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.baincn.com","organization":""},"issuer":{"commonName":"Encryption Everywhere DV TLS CA - G2","organization":"DigiCert Inc"},"validity":{"start":"Wed, 13 Aug 2025 00:00:00 GMT","end":"Mon, 07 Sep 2026 23:59:59 GMT"},"fingerprint":{"sha1":"91:54:F4:00:DB:D2:96:8E:BE:82:D6:8B:1A:2A:31:AA:EC:7F:47:E0","sha256":"5C:4C:12:A3:F7:66:C4:DA:B1:20:5E:AD:02:76:16:11:3B:DB:C0:09:06:73:58:7E:EF:D4:19:A7:CF:88:72:1E"}}},"request":{"raw":"GET /sys_images/skin/blue/login_hover.png HTTP/1.1\r\nHost: tms.baincn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://tms.baincn.com/app_lib/js/skin_css/blue/login.css?jsCssVer=2.11209899516\r\nCookie: PHPSESSID=p7bqm9fqm8s6pbramnk512dm10\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sat, 16 May 2015 08:02:36 GMT\r\netag: \"3722-5162e623c9f00-gzip\"\r\naccept-ranges: bytes\r\ncache-control: max-age=2592000\r\nexpires: Fri, 26 Dec 2025 11:38:59 GMT\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncontent-length: 14137\r\ncontent-type: image/png\r\ndate: Wed, 26 Nov 2025 11:38:59 GMT\r\nserver: Apache/2.4.62 (Win64) OpenSSL/3.1.6\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"OpenSSL:3.1.6","description":"OpenSSL is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end.","website":"https://openssl.org","common_platform_enumeration":"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*","icon":"OpenSSL.png","categories":["Web server extensions"]},{"name":"Windows Server","description":"Windows Server is a brand name for a group of server operating systems.","website":"https://microsoft.com/windowsserver","common_platform_enumeration":"","icon":"WindowsServer.png","categories":["Operating systems"]},{"name":"Apache HTTP Server:2.4.62","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":14114,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 319 x 62, 8-bit/color RGBA, non-interlaced","md5":"3855099796005053872447314ae34484","sha1":"f8fd991e5574bc54f87a67ec1efe53d437cbd5c9","sha256":"122d365166cdfaf5ed8ff03a298a87eefbda4b18c6bf8f3a5aa5394dbdcfe086","sha512":"2996152df0f3344818fb5832ac01b1a6215e77d10c7ce7bffc5dac4ebe938c0026f53e2d51e29e84f141d97c1d7d883a6ce377c283d48c74729c513e72f38d81","ssdeep":"192:nSHIIHUCD4waLGui5AWeI/aZbUVzV3o0o1kIXuScrQX8/fRlwUHzXNntZPaXNL0s:S50wuivFVxoQIXu/rJ6UTXNXPN/S","tlshash":"8752d0f86cda810db2dc2b6839be43048a70e5c8815c5e4a9dbf701ff69979429c4a1f","first_seen":"2025-11-26T11:39:48.631663Z","last_seen":"2025-11-26T11:39:48.631663Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1573,"timings":{"blocked":398,"dns":0,"connect":253,"send":914,"wait":260,"receive":1,"ssl":262},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}