ocsp.trust-provider.cn/
117.27.246.96 599 B IP 117.27.246.96:0
Hash c74a454a9ce25d2a91decaebfa0df342
e2e022419f810f08deeea3a1e4d2672f0561b3d4
527ed892c23e44383620380f3bda7a7e0ed2bb9845c32f59ebeb85a347900515
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: volc-dcdn
Content-Type: application/ocsp-response
Content-Length: 599
Connection: keep-alive
x-ccacdn-proxy-id: scdpinlb3
x-frame-options: SAMEORIGIN
cf-cache-status: EXPIRED
accept-ranges: bytes
ctl-cache-status: HIT from hk-xianggang4-ca01, HIT from fj-quanzhou7-ca59, HIT from he-baoding2-ca02
etag: "e2e022419f810f08deeea3a1e4d2672f0561b3d4"
expires: Thu, 16 May 2024 13:46:37 GMT
cache-control: max-age=3600
last-modified: Thu, 09 May 2024 13:46:38 GMT
date: Fri, 10 May 2024 07:56:42 GMT
age: 3108
cf-ray: 881239063d3d84cd-HKG
request-id: 663dd33a0fceeddfdb14391477a6d482
via: n172-013-215.fzmp.ToB
x-request-ip: 91.90.42.154
x-tt-trace-tag: id=5
x-dsa-trace-id: 1715327802846f8a2167b958a9fe45f76255294e82
X-Dsa-Origin-Status: 200
server-timing: cdn-cache;desc=MISS, origin;dur=43, edge;dur=0
ocsp.trust-provider.cn/
117.27.246.96 599 B IP 117.27.246.96:0
Hash c74a454a9ce25d2a91decaebfa0df342
e2e022419f810f08deeea3a1e4d2672f0561b3d4
527ed892c23e44383620380f3bda7a7e0ed2bb9845c32f59ebeb85a347900515
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: volc-dcdn
Content-Type: application/ocsp-response
Content-Length: 599
Connection: keep-alive
request-id: 663dd33a172a34e6fd8c4fa37f77ed98
etag: "e2e022419f810f08deeea3a1e4d2672f0561b3d4"
expires: Thu, 16 May 2024 13:46:37 GMT
x-ccacdn-proxy-id: scdpinlb3
ctl-cache-status: HIT from hk-xianggang4-ca01, HIT from fj-quanzhou7-ca59, HIT from cq-yuzhong1-ca34
cf-ray: 881239063d3d84cd-HKG
cache-control: max-age=3600
x-frame-options: SAMEORIGIN
cf-cache-status: EXPIRED
accept-ranges: bytes
last-modified: Thu, 09 May 2024 13:46:38 GMT
date: Fri, 10 May 2024 07:56:42 GMT
age: 1120
via: n172-013-216.fzmp.ToB
x-request-ip: 91.90.42.154
x-tt-trace-tag: id=5
x-dsa-trace-id: 171532780271753d78161131f4eb4c879531db607d
X-Dsa-Origin-Status: 200
server-timing: cdn-cache;desc=MISS, origin;dur=40, edge;dur=0
api.bestedm.net/new_track/t4/Mjg2NTc1MHx8MjAyMDA3MjAxMDAyMzQtMjk4MS0yMXx8d2VibWFzdGVyQHhpYW5neXVuLmNvbS5jbnx8aHR0cDovL2NoZW5nZHUuaWNlZi5jb20uY24=
59.36.212.72302 Found 0 B URL User Request GET HTTP/1.1 api.bestedm.net/new_track/t4/Mjg2NTc1MHx8MjAyMDA3MjAxMDAyMzQtMjk4MS0yMXx8d2VibWFzdGVyQHhpYW5neXVuLmNvbS5jbnx8aHR0cDovL2NoZW5nZHUuaWNlZi5jb20uY24=
IP 59.36.212.72:443
Certificate IssuerTrustAsia Technologies, Inc.
Subjectapi.bestedm.net
Fingerprint0E:1A:BB:63:8C:F8:43:DE:E1:08:FC:A3:EA:C2:7F:2F:16:C4:64:1D
ValidityMon, 25 Mar 2024 00:00:00 GMT - Tue, 25 Mar 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /new_track/t4/Mjg2NTc1MHx8MjAyMDA3MjAxMDAyMzQtMjk4MS0yMXx8d2VibWFzdGVyQHhpYW5neXVuLmNvbS5jbnx8aHR0cDovL2NoZW5nZHUuaWNlZi5jb20uY24= HTTP/1.1
Host: api.bestedm.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Fri, 10 May 2024 07:56:42 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Language, Cookie
X-Frame-Options: SAMEORIGIN
Location: http://chengdu.icef.com.cn
Content-Language: en-us
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
api.bestedm.net/
59.36.212.72 0 B IP 59.36.212.72:0
Certificate IssuerTrustAsia Technologies, Inc.
Subjectapi.bestedm.net
Fingerprint0E:1A:BB:63:8C:F8:43:DE:E1:08:FC:A3:EA:C2:7F:2F:16:C4:64:1D
ValidityMon, 25 Mar 2024 00:00:00 GMT - Tue, 25 Mar 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: api.bestedm.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Fri, 10 May 2024 07:56:44 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Language, Cookie
X-Frame-Options: SAMEORIGIN
Location: /login?next=/
Content-Language: en-us
api.bestedm.net/login?next=/
59.36.212.72 3.2 kB URL api.bestedm.net/login?next=/
IP 59.36.212.72:0
Certificate IssuerTrustAsia Technologies, Inc.
Subjectapi.bestedm.net
Fingerprint0E:1A:BB:63:8C:F8:43:DE:E1:08:FC:A3:EA:C2:7F:2F:16:C4:64:1D
ValidityMon, 25 Mar 2024 00:00:00 GMT - Tue, 25 Mar 2025 23:59:59 GMT
File type HTML document, Unicode text, UTF-8 text, with very long lines (336)
Hash a67d7d35cde9ac47f97fc4122a88a270
cc91c7d6ff943e08ae5f7b6e17e2b359727fbec9
f3549d083c293911818a87fa5efdba3672369d0a6e016bf01ac8e5f3f52044bb
GET /login?next=/ HTTP/1.1
Host: api.bestedm.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 07:56:44 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 3211
Connection: keep-alive
Content-Language: en-us
Content-Encoding: gzip
Expires: Fri, 10 May 2024 07:56:44 GMT
Vary: Accept-Language, Cookie, Accept-Encoding
Last-Modified: Fri, 10 May 2024 07:56:44 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
X-Frame-Options: SAMEORIGIN
101.200.185.60200 OK 14 kB URL User Request GET HTTP/1.1 IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (4622), with CRLF line terminators
Hash 7669adcdbada3f81c920e1d0dace36c2
c315469bf122c499323e3bc5abf9446aad83edb3
10694d8b9543195f628f7da98d5807bec8bf46ccb8f29ddab5b94f2dd767f05f
GET / HTTP/1.1
Host: chengdu.icef.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: WWW Server/1.1
X-AspNet-Version: 4.0.30319
Set-Cookie: yunsuo_session_verify=e9f5f49ca01c7cbf06117df351bc0ab4; expires=Mon, 13-May-24 15:56:44 GMT; path=/; HttpOnly
ASP.NET_SessionId=4pyyw3npzxhl0ivjabrw2k0b; path=/; HttpOnly
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:43 GMT
Content-Length: 13935
chengdu.icef.com.cn/css/info.css
101.200.185.60200 OK 5.4 kB URL GET HTTP/1.1 chengdu.icef.com.cn/css/info.css
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash e6388ab3ba6182397d5acc993115fb5e
c095860ba90aacf6729fb4cc2e1fd3fd0bcd75bc
0efb325b8a1f48d4d5b4f4bd628da38c4928d02604d295885ec3aed9e9236914
GET /css/info.css HTTP/1.1
Host: chengdu.icef.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Cookie: yunsuo_session_verify=e9f5f49ca01c7cbf06117df351bc0ab4; ASP.NET_SessionId=4pyyw3npzxhl0ivjabrw2k0b
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 5363
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Fri, 26 Jun 2015 09:33:14 GMT
Accept-Ranges: bytes
ETag: "069d91ff3afd01:0"
Vary: Accept-Encoding
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:44 GMT
chengdu.icef.com.cn/js/mainn.js
101.200.185.60200 OK 757 B URL GET HTTP/1.1 chengdu.icef.com.cn/js/mainn.js
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type ISO-8859 text, with CRLF line terminators
Hash 1777f90c36de3fb29edb924b7454aa4a
59e2f4afe38c4fa054ba66ff2bd37de2655cf710
bd8ec57913c4768b50dd5c6aa3732318707c0cf871179ec944aa0029f21321dd
GET /js/mainn.js HTTP/1.1
Host: chengdu.icef.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Cookie: yunsuo_session_verify=e9f5f49ca01c7cbf06117df351bc0ab4; ASP.NET_SessionId=4pyyw3npzxhl0ivjabrw2k0b
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 757
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 23 Jun 2015 02:16:26 GMT
Accept-Ranges: bytes
ETag: "0b96c9b5aadd01:0"
Vary: Accept-Encoding
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:44 GMT
js.users.51.la/398595.js
163.181.157.116200 OK 5.2 kB IP 163.181.157.116:80
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by http://chengdu.icef.com.cn/
File type JavaScript source, ASCII text, with very long lines (5203), with no line terminators
Hash 209137c574583a3c2c3dd9f7dc04bcea
3f40968863e0752acd61da2821c6f58485a824f9
a7088109ce8eafc2c60b6c5e1a8b0f67a51b7df58ca922ca2e5d7b245e8729fa
GET /398595.js HTTP/1.1
Host: js.users.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Fri, 10 May 2024 07:56:45 GMT
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: *
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Ali-Swift-Global-Savetime: 1715327805
Via: cache6.l2de2[333,333,200-0,M], cache15.l2de2[335,0], ens-cache2.de7[337,336,200-0,M], ens-cache12.de7[338,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Fri, 10 May 2024 07:56:45 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: a3b583a017153278053316115e
chengdu.icef.com.cn/css/sy.css
101.200.185.60200 OK 3.2 kB URL GET HTTP/1.1 chengdu.icef.com.cn/css/sy.css
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 723b0315a3a072690589f4188fc7e50b
393531db7985d27f88ac3a3f1ea8fa31199b8102
458b0f87d9dc9adee03bb1505706f68e725394ef44589669c8ef885eb18d7c17
GET /css/sy.css HTTP/1.1
Host: chengdu.icef.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Cookie: yunsuo_session_verify=e9f5f49ca01c7cbf06117df351bc0ab4; ASP.NET_SessionId=4pyyw3npzxhl0ivjabrw2k0b
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 3240
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Wed, 29 Mar 2017 02:17:10 GMT
Accept-Ranges: bytes
ETag: "057179232a8d21:0"
Vary: Accept-Encoding
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:44 GMT
chengdu.icef.com.cn/js/slides.min.jquery.js
101.200.185.60200 OK 2.5 kB URL GET HTTP/1.1 chengdu.icef.com.cn/js/slides.min.jquery.js
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type JavaScript source, ASCII text, with very long lines (7134), with CRLF line terminators
Hash ed8a603b3a0d33a5f1e6bbeda44e0a3f
e633227f87f2b75f592f9ca3b91f4930700a0327
b014a6e603c29365ab156143514651d0ad22d10169bca0cbe2e67f149589b49c
GET /js/slides.min.jquery.js HTTP/1.1
Host: chengdu.icef.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Cookie: yunsuo_session_verify=e9f5f49ca01c7cbf06117df351bc0ab4; ASP.NET_SessionId=4pyyw3npzxhl0ivjabrw2k0b
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 2468
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Fri, 27 Jun 2014 11:28:13 GMT
Accept-Ranges: bytes
ETag: "80449ce1fa91cf1:0"
Vary: Accept-Encoding
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:44 GMT
chengdu.icef.com.cn/js/jquery.min.js
101.200.185.60200 OK 30 kB URL GET HTTP/1.1 chengdu.icef.com.cn/js/jquery.min.js
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (65153), with CRLF line terminators
Hash c1b182682481636bf5bdde7ed6e8237d
27164b8ce2c00c5296affa3aa8c325c91a17296f
068f766895a8366592283006b0203960a5259a49f4d2e0326ba3dccf8fbdba80
GET /js/jquery.min.js HTTP/1.1
Host: chengdu.icef.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Cookie: yunsuo_session_verify=e9f5f49ca01c7cbf06117df351bc0ab4; ASP.NET_SessionId=4pyyw3npzxhl0ivjabrw2k0b
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 29742
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Fri, 27 Jun 2014 11:28:12 GMT
Accept-Ranges: bytes
ETag: "0ae3e1fa91cf1:0"
Vary: Accept-Encoding
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:44 GMT
a.ad7.com/js/i.js?uid=jugz
180.101.203.208200 OK 9.5 kB URL GET HTTP/1.1 a.ad7.com/js/i.js?uid=jugz
IP 180.101.203.208:80
ASN #140292 CHINATELECOM Jiangsu province Suzhou 5G network
Requested by http://chengdu.icef.com.cn/
File type ASCII text, with very long lines (9521), with no line terminators
Hash d86b69185cb54a80b546a0042e5cb4be
ec96a58531eb3b90f1a1d4b633e9781f16f1b164
3c29d819ff58a6fa50bf68734da88fd9498ad17b57591c650ced7f47727dfb24
GET /js/i.js?uid=jugz HTTP/1.1
Host: a.ad7.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/javascript; charset=ISO-88509-1
Content-Length: 9521
Connection: keep-alive
Date: Thu, 09 May 2024 20:42:08 GMT
Expires: Sat, 08 Jun 2024 20:42:08 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1715288254
Via: cache9.l2cn3142[68,97,304-0,M], cache20.l2cn3142[100,0], kunlun2.cn2528[0,0,200-0,H], kunlun1.cn2528[1,0]
Last-Modified: Fri, 08 May 2015 06:32:16 GMT
ETag: "554c5870-2531"
Age: 39552
X-Cache: HIT TCP_MEM_HIT dirn:-2:-2
X-Swift-SaveTime: Thu, 09 May 2024 20:57:34 GMT
X-Swift-CacheTime: 86400
Timing-Allow-Origin: *
EagleId: b465cb8317153278064777769e
chengdu.icef.com.cn/js/jquery-1.4.4.min.js
101.200.185.60200 OK 27 kB URL GET HTTP/1.1 chengdu.icef.com.cn/js/jquery-1.4.4.min.js
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type JavaScript source, ASCII text, with very long lines (820), with CRLF line terminators
Hash b76fc63a9c3fc4293fb90990818dd100
7d591c32b44e66c2b1aadec2dd0d1e2f88a5bb3a
48d685402b465594e6ec567be7f1cddcedadc9b6721f5eed1ffe7555c15ef0dc
GET /js/jquery-1.4.4.min.js HTTP/1.1
Host: chengdu.icef.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Cookie: yunsuo_session_verify=e9f5f49ca01c7cbf06117df351bc0ab4; ASP.NET_SessionId=4pyyw3npzxhl0ivjabrw2k0b
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 27242
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Fri, 27 Jun 2014 11:28:11 GMT
Accept-Ranges: bytes
ETag: "80176be0fa91cf1:0"
Vary: Accept-Encoding
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:44 GMT
chengdu.icef.com.cn/images/cn.gif
101.200.185.60200 OK 345 B URL GET HTTP/1.1 chengdu.icef.com.cn/images/cn.gif
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type GIF image data, version 89a, 53 x 26
Hash 65a7293d65676ec1bc5886fbe4d3d192
d5ee2d135e7cbf57cd25314fbd7e399b9b03da17
8fc17c44720229dc0b7f2977c2a9334c951323104878d17a108fe226c1cd8e1e
GET /images/cn.gif HTTP/1.1
Host: chengdu.icef.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Cookie: yunsuo_session_verify=e9f5f49ca01c7cbf06117df351bc0ab4; ASP.NET_SessionId=4pyyw3npzxhl0ivjabrw2k0b
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 345
Content-Type: image/gif
Last-Modified: Fri, 27 Jun 2014 11:27:44 GMT
Accept-Ranges: bytes
ETag: "f4465d0fa91cf1:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:45 GMT
chengdu.icef.com.cn/images/hg.jpg
101.200.185.60200 OK 1.3 kB URL GET HTTP/1.1 chengdu.icef.com.cn/images/hg.jpg
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1x34, components 3
Hash 855018b7c4ad6c682a13098739984327
8ed478d5e8b745e4a1dfed370edb21281efca8a8
f3d3c263be5502da7cfdc9ab77bc5adffad3c89cbe9734820a49648e124bfb85
GET /images/hg.jpg HTTP/1.1
Host: chengdu.icef.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Cookie: yunsuo_session_verify=e9f5f49ca01c7cbf06117df351bc0ab4; ASP.NET_SessionId=4pyyw3npzxhl0ivjabrw2k0b
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 1288
Content-Type: image/jpeg
Last-Modified: Fri, 27 Jun 2014 11:27:46 GMT
Accept-Ranges: bytes
ETag: "b62e16d2fa91cf1:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:45 GMT
chengdu.icef.com.cn/images/search.jpg
101.200.185.60200 OK 1.8 kB URL GET HTTP/1.1 chengdu.icef.com.cn/images/search.jpg
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 94x27, components 3
Hash 77f65bccc75d4eeae2003b89a472920d
0669f9cbf23eb35ff4ff590360afcbabd53aaaea
608838593c198a1f5bf24bad83ac5fb5c1b51b88bc4d246461b397d0d838fe33
GET /images/search.jpg HTTP/1.1
Host: chengdu.icef.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Cookie: yunsuo_session_verify=e9f5f49ca01c7cbf06117df351bc0ab4; ASP.NET_SessionId=4pyyw3npzxhl0ivjabrw2k0b
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 1844
Content-Type: image/jpeg
Last-Modified: Fri, 27 Jun 2014 11:27:56 GMT
Accept-Ranges: bytes
ETag: "3a6afed7fa91cf1:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:45 GMT
chengdu.icef.com.cn/js/mainn.js
101.200.185.60200 OK 757 B URL GET HTTP/1.1 chengdu.icef.com.cn/js/mainn.js
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type ISO-8859 text, with CRLF line terminators
Hash 1777f90c36de3fb29edb924b7454aa4a
59e2f4afe38c4fa054ba66ff2bd37de2655cf710
bd8ec57913c4768b50dd5c6aa3732318707c0cf871179ec944aa0029f21321dd
GET /js/mainn.js HTTP/1.1
Host: chengdu.icef.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Cookie: yunsuo_session_verify=e9f5f49ca01c7cbf06117df351bc0ab4; ASP.NET_SessionId=4pyyw3npzxhl0ivjabrw2k0b
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 757
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Tue, 23 Jun 2015 02:16:26 GMT
Accept-Ranges: bytes
ETag: "0b96c9b5aadd01:0"
Vary: Accept-Encoding
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:45 GMT
chengdu.icef.com.cn/images/x1.png
101.200.185.60200 OK 209 B URL GET HTTP/1.1 chengdu.icef.com.cn/images/x1.png
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type PNG image data, 12 x 4, 8-bit colormap, non-interlaced
Hash 2986c01d430e632922e5ca45443461e4
f037fcb132db99376318b26b8bd2fe02fae4540f
fa955ea9898a183e9621c1381f4e9a899ebcfac32d909d0b3cbd0321dda6d8a5
GET /images/x1.png HTTP/1.1
Host: chengdu.icef.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Cookie: yunsuo_session_verify=e9f5f49ca01c7cbf06117df351bc0ab4; ASP.NET_SessionId=4pyyw3npzxhl0ivjabrw2k0b
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 209
Content-Type: image/png
Last-Modified: Fri, 27 Jun 2014 11:28:05 GMT
Accept-Ranges: bytes
ETag: "a180dddfa91cf1:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:45 GMT
chengdu.icef.com.cn/images/en.gif
101.200.185.60200 OK 262 B URL GET HTTP/1.1 chengdu.icef.com.cn/images/en.gif
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type GIF image data, version 89a, 52 x 26
Hash ef237bf7ed36569a5030cb702456b48b
3503f974cffb0ce3aebb3aeb4a107d5a7f077f6d
a3f8fb7221edbb561943725ca3758e0ca786eb6183d871482f5be1066d8974d7
GET /images/en.gif HTTP/1.1
Host: chengdu.icef.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Cookie: yunsuo_session_verify=e9f5f49ca01c7cbf06117df351bc0ab4; ASP.NET_SessionId=4pyyw3npzxhl0ivjabrw2k0b
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 262
Content-Type: image/gif
Last-Modified: Fri, 27 Jun 2014 11:27:41 GMT
Accept-Ranges: bytes
ETag: "6540efcefa91cf1:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:45 GMT
chengdu.icef.com.cn/images/registered.gif
101.200.185.60200 OK 574 B URL GET HTTP/1.1 chengdu.icef.com.cn/images/registered.gif
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type GIF image data, version 89a, 48 x 17
Hash de41a02c84ba9c3484d403b53f0d067b
2e17e7c60976027c31d7d2572e60d91e4a423ed9
af5db9a6b326ed9f4fe0dfe0ba20398cd77ff5e8da70f7c6a0b5f970572358a5
GET /images/registered.gif HTTP/1.1
Host: chengdu.icef.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Cookie: yunsuo_session_verify=e9f5f49ca01c7cbf06117df351bc0ab4; ASP.NET_SessionId=4pyyw3npzxhl0ivjabrw2k0b
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 574
Content-Type: image/gif
Last-Modified: Fri, 27 Jun 2014 11:27:56 GMT
Accept-Ranges: bytes
ETag: "ff26b7d7fa91cf1:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:45 GMT
chengdu.icef.com.cn/images/x2.png
101.200.185.60200 OK 210 B URL GET HTTP/1.1 chengdu.icef.com.cn/images/x2.png
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type PNG image data, 8 x 4, 8-bit colormap, non-interlaced
Hash 12b41c231efa0c02e7c103d63f0c4b9c
3a268c4c722d8bf6a4c06720ca3cd5ab33951e47
8dd61c1b62b109d37789f328aa28e50c54c5bfdc2fcca91bca66990ef3eefbc1
GET /images/x2.png HTTP/1.1
Host: chengdu.icef.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Cookie: yunsuo_session_verify=e9f5f49ca01c7cbf06117df351bc0ab4; ASP.NET_SessionId=4pyyw3npzxhl0ivjabrw2k0b
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 210
Content-Type: image/png
Last-Modified: Fri, 27 Jun 2014 11:28:06 GMT
Accept-Ranges: bytes
ETag: "3f41afddfa91cf1:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:47 GMT
chengdu.icef.com.cn/images/lt05.gif
101.200.185.60200 OK 1.4 kB URL GET HTTP/1.1 chengdu.icef.com.cn/images/lt05.gif
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 15x34, components 3
Hash f1ac8f9c05c7637412bfff084ebf1107
772913f961d1cc7b4555297df0aa5efe81604b14
e1ab70aa7743b936382e563ca01d04fbacd1a5af41d646e6daa070037ffb4123
GET /images/lt05.gif HTTP/1.1
Host: chengdu.icef.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Cookie: yunsuo_session_verify=e9f5f49ca01c7cbf06117df351bc0ab4; ASP.NET_SessionId=4pyyw3npzxhl0ivjabrw2k0b
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 1386
Content-Type: image/gif
Last-Modified: Fri, 27 Jun 2014 11:27:53 GMT
Accept-Ranges: bytes
ETag: "4cb23ed6fa91cf1:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:47 GMT
chengdu.icef.com.cn/images/login.gif
101.200.185.60200 OK 510 B URL GET HTTP/1.1 chengdu.icef.com.cn/images/login.gif
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type GIF image data, version 89a, 44 x 17
Hash 2628d1a23821b403d18e71e385e5f317
f9f96c6ecbe6c9c7aeafb109c307a73a7c024f86
c29f121822a8001c3cf70c28f5c3bf7dd1a7171dbc08754d093ce0d8b426cdf0
GET /images/login.gif HTTP/1.1
Host: chengdu.icef.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Cookie: yunsuo_session_verify=e9f5f49ca01c7cbf06117df351bc0ab4; ASP.NET_SessionId=4pyyw3npzxhl0ivjabrw2k0b
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 510
Content-Type: image/gif
Last-Modified: Fri, 27 Jun 2014 11:27:52 GMT
Accept-Ranges: bytes
ETag: "1c754bd5fa91cf1:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:47 GMT
chengdu.icef.com.cn/images/lt06.gif
101.200.185.60200 OK 1.3 kB URL GET HTTP/1.1 chengdu.icef.com.cn/images/lt06.gif
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 15x34, components 3
Hash e061c927f53d9059aed228ed027057c0
6c153d9ffcd31f9193b942c4a3047dda158341e6
651595758e08f3384db0e1d87321f0472d9a052bdc47f0ae8e2616aa5e6c8ef2
GET /images/lt06.gif HTTP/1.1
Host: chengdu.icef.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Cookie: yunsuo_session_verify=e9f5f49ca01c7cbf06117df351bc0ab4; ASP.NET_SessionId=4pyyw3npzxhl0ivjabrw2k0b
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 1266
Content-Type: image/gif
Last-Modified: Fri, 27 Jun 2014 11:27:53 GMT
Accept-Ranges: bytes
ETag: "3d4643d6fa91cf1:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:47 GMT
chengdu.icef.com.cn/images/home.gif
101.200.185.60200 OK 333 B URL GET HTTP/1.1 chengdu.icef.com.cn/images/home.gif
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type GIF image data, version 89a, 48 x 16
Hash e8fce29bb20cb919a1b8c91a6b9399e5
9473b6a0b380bb380c32e4757ef901178f1bb86c
b7f726c55ad6429498caf44decd1e84e9e3c59713e232ecffcf8a2ed0fc1862c
GET /images/home.gif HTTP/1.1
Host: chengdu.icef.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Cookie: yunsuo_session_verify=e9f5f49ca01c7cbf06117df351bc0ab4; ASP.NET_SessionId=4pyyw3npzxhl0ivjabrw2k0b
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 333
Content-Type: image/gif
Last-Modified: Fri, 27 Jun 2014 11:27:47 GMT
Accept-Ranges: bytes
ETag: "a1fd36d2fa91cf1:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:47 GMT
101.200.185.60/upload/130585086603875719.jpg
101.200.185.60200 OK 14 kB URL GET HTTP/1.1 101.200.185.60/upload/130585086603875719.jpg
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS3 Windows, datetime=2013:01:25 14:49:03], baseline, precision 8, 80x40, components 3
Hash 9338c28fa271b687a084d96244dddf14
5269fbbe8f270d170434bb30217e16d6812e1265
caedbabb6901fac56f138f2e03cb1cf90c74bef154610365aa389ea63424cd98
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/130585086603875719.jpg HTTP/1.1
Host: 101.200.185.60
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 14101
Content-Type: image/jpeg
Last-Modified: Thu, 23 Oct 2014 03:31:00 GMT
Accept-Ranges: bytes
ETag: "87d5fcc371eecf1:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:45 GMT
101.200.185.60/upload/130585084551214113.jpg
101.200.185.60200 OK 3.5 kB URL GET HTTP/1.1 101.200.185.60/upload/130585084551214113.jpg
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 80x39, components 3
Hash d0f55b9082f369126eb5d9dac296c854
4e3ff07c0e7fa8897371739330b9cf602cc791c3
f69e323b7c9b66cc33c4da898ab11e8f9b3de2f12e74bfd93405d146c03f5bc5
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/130585084551214113.jpg HTTP/1.1
Host: 101.200.185.60
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 3496
Content-Type: image/jpeg
Last-Modified: Thu, 23 Oct 2014 03:27:35 GMT
Accept-Ranges: bytes
ETag: "21b4a34971eecf1:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:47 GMT
101.200.185.60/upload/130585085294711419.jpg
101.200.185.60200 OK 14 kB URL GET HTTP/1.1 101.200.185.60/upload/130585085294711419.jpg
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS3 Windows, datetime=2013:01:25 14:48:40], baseline, precision 8, 80x40, components 3
Hash a5df1e5540fd27f75a5e94c0c18c0420
05ec4e7384de4458411859f648ab5ff609421812
f2f2fc19384a24741b1240ad41007770acd32e01f51a3e967de75ee70982b42e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/130585085294711419.jpg HTTP/1.1
Host: 101.200.185.60
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 13501
Content-Type: image/jpeg
Last-Modified: Thu, 23 Oct 2014 03:28:49 GMT
Accept-Ranges: bytes
ETag: "7b92f47571eecf1:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:45 GMT
chengdu.icef.com.cn/images/right_03.png
101.200.185.60200 OK 144 B URL GET HTTP/1.1 chengdu.icef.com.cn/images/right_03.png
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type PNG image data, 7 x 28, 8-bit/color RGBA, non-interlaced
Hash 7f361c001b4eab669f1db4b9bba9a230
16283ba1e6cf2f2e38e63d52ac0e85a020eaaed7
797edfc036b6968fe943ea9603cf999f5a17539133349906b4a1520067b57105
GET /images/right_03.png HTTP/1.1
Host: chengdu.icef.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/css/sy.css
Cookie: yunsuo_session_verify=e9f5f49ca01c7cbf06117df351bc0ab4; ASP.NET_SessionId=4pyyw3npzxhl0ivjabrw2k0b
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 144
Content-Type: image/png
Last-Modified: Fri, 27 Jun 2014 11:27:56 GMT
Accept-Ranges: bytes
ETag: "53dbd1d7fa91cf1:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:47 GMT
chengdu.icef.com.cn/css/img/top_bg.gif
101.200.185.60200 OK 135 B URL GET HTTP/1.1 chengdu.icef.com.cn/css/img/top_bg.gif
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type GIF image data, version 89a, 7 x 34
Hash 37ee90e4bccdaf6c638d2e7e20ae43a4
8e9527aae6035bad66bb552ed5567d8fbe719b33
2636a389ff9b0cbbc72b739060c8023ed62f0fbba7fbd631ad1744ad2f12b0e3
GET /css/img/top_bg.gif HTTP/1.1
Host: chengdu.icef.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/css/info.css
Cookie: yunsuo_session_verify=e9f5f49ca01c7cbf06117df351bc0ab4; ASP.NET_SessionId=4pyyw3npzxhl0ivjabrw2k0b
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 135
Content-Type: image/gif
Last-Modified: Fri, 04 Apr 2014 04:05:06 GMT
Accept-Ranges: bytes
ETag: "baaa4910bb4fcf1:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:47 GMT
chengdu.icef.com.cn/images/point1.jpg
101.200.185.60200 OK 372 B URL GET HTTP/1.1 chengdu.icef.com.cn/images/point1.jpg
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 4x13, components 3
Hash dd679f81245343f8e608bad0905928e3
c48f3d88ef1336f94c72d65f17ee7387560cfe27
1ddb69ee021d3a7a382cbdfbab559a1ef356531cbb4c30d9b36540732dd15ea3
GET /images/point1.jpg HTTP/1.1
Host: chengdu.icef.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/css/sy.css
Cookie: yunsuo_session_verify=e9f5f49ca01c7cbf06117df351bc0ab4; ASP.NET_SessionId=4pyyw3npzxhl0ivjabrw2k0b
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 372
Content-Type: image/jpeg
Last-Modified: Fri, 27 Jun 2014 11:27:55 GMT
Accept-Ranges: bytes
ETag: "d0d961d7fa91cf1:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:47 GMT
chengdu.icef.com.cn/images/point3.jpg
101.200.185.60200 OK 345 B URL GET HTTP/1.1 chengdu.icef.com.cn/images/point3.jpg
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 4x7, components 3
Hash 209bc0496b23538fff27d7737c93814c
ea1cb9662690cf3486c3155c8652c83e9fa0a224
625c8d02a67fedd6a3bbf2db98a5726ba1f59731df9e495e44fc2c9a173c3162
GET /images/point3.jpg HTTP/1.1
Host: chengdu.icef.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/css/sy.css
Cookie: yunsuo_session_verify=e9f5f49ca01c7cbf06117df351bc0ab4; ASP.NET_SessionId=4pyyw3npzxhl0ivjabrw2k0b
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 345
Content-Type: image/jpeg
Last-Modified: Fri, 27 Jun 2014 11:27:55 GMT
Accept-Ranges: bytes
ETag: "cc996dd7fa91cf1:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:47 GMT
chengdu.icef.com.cn/css/img/con_ba.jpg
101.200.185.60200 OK 1.3 kB URL GET HTTP/1.1 chengdu.icef.com.cn/css/img/con_ba.jpg
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 2x2, components 3
Hash af6efac49dc4ffd616c132a5630617b3
6e95c16d4d2c4db17bfd00e5d254a0a8015ef5dc
a7b903c7d6b2d900a737596e3ef663342e760bd4367753c9f4e5292e59a21508
GET /css/img/con_ba.jpg HTTP/1.1
Host: chengdu.icef.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/css/sy.css
Cookie: yunsuo_session_verify=e9f5f49ca01c7cbf06117df351bc0ab4; ASP.NET_SessionId=4pyyw3npzxhl0ivjabrw2k0b
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 1262
Content-Type: image/jpeg
Last-Modified: Fri, 04 Apr 2014 04:05:05 GMT
Accept-Ranges: bytes
ETag: "d110a9fbb4fcf1:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:47 GMT
101.200.185.60/upload/131547548449037652.jpg
101.200.185.60200 OK 5.5 kB URL GET HTTP/1.1 101.200.185.60/upload/131547548449037652.jpg
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 147x113, components 3
Hash 8b6b50e6d39577080365a6732c45cd3c
ec84a04c65ba5a4e646d3f126a399da08e1c0704
cd05c2d9fe96c3e8dc336a2383dbae22690e7578aa9ed32dc5cdd8da6bfbbb09
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/131547548449037652.jpg HTTP/1.1
Host: 101.200.185.60
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 5503
Content-Type: image/jpeg
Last-Modified: Fri, 10 Nov 2017 02:34:04 GMT
Accept-Ranges: bytes
ETag: "1ee86160cc59d31:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:47 GMT
101.200.185.60/upload/131547548623661319.jpg
101.200.185.60200 OK 4.7 kB URL GET HTTP/1.1 101.200.185.60/upload/131547548623661319.jpg
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 147x113, components 3
Hash 0fd4695556eef1d6f071fa58f055b562
edb14f00cf7851aab0e45ad2ee07a13761e45bbd
ecafc4c9c3d2e4aecbec7b9f3fb07e50013bd5c03a450f224bd61f463157a263
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/131547548623661319.jpg HTTP/1.1
Host: 101.200.185.60
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 4715
Content-Type: image/jpeg
Last-Modified: Fri, 10 Nov 2017 02:34:22 GMT
Accept-Ranges: bytes
ETag: "3259cb6acc59d31:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:47 GMT
101.200.185.60/upload/131547548825834548.jpg
101.200.185.60200 OK 4.6 kB URL GET HTTP/1.1 101.200.185.60/upload/131547548825834548.jpg
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 148x113, components 3
Hash deffdcd76b058067a08a91b73c9c70d9
6c27c033f5527e18c7b443f8105c956b9ca0b650
40dd1aa6cf4b697096d3829459283309c2dd9f62f49a6b606ae05145cbcba42e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/131547548825834548.jpg HTTP/1.1
Host: 101.200.185.60
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 4649
Content-Type: image/jpeg
Last-Modified: Fri, 10 Nov 2017 02:34:42 GMT
Accept-Ranges: bytes
ETag: "bbd1d776cc59d31:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:47 GMT
chengdu.icef.com.cn/images/tip2a_bg.jpg
101.200.185.60200 OK 7.4 kB URL GET HTTP/1.1 chengdu.icef.com.cn/images/tip2a_bg.jpg
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS5 Windows, datetime=2013:09:04 11:55:14], baseline, precision 8, 6x28, components 3
Hash 92a2804a4996ee7dce4301261efaf9c8
74c6f4a9f40964d39eeb812a835205fdb5a8058f
60e69fe38eab2ab394d3ba9c69a4af704b403c1fc6c31abeb428a8fac625ccde
GET /images/tip2a_bg.jpg HTTP/1.1
Host: chengdu.icef.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/css/sy.css
Cookie: yunsuo_session_verify=e9f5f49ca01c7cbf06117df351bc0ab4; ASP.NET_SessionId=4pyyw3npzxhl0ivjabrw2k0b
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 7448
Content-Type: image/jpeg
Last-Modified: Fri, 27 Jun 2014 11:28:02 GMT
Accept-Ranges: bytes
ETag: "73b13cdbfa91cf1:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:47 GMT
101.200.185.60/upload/131547548985409089.jpg
101.200.185.60200 OK 8.6 kB URL GET HTTP/1.1 101.200.185.60/upload/131547548985409089.jpg
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 147x114, components 3
Hash 2521c00fce8aa2bea7f13d062b3e1d12
b52ca37ed584b21f1bc78e0d7be920318492b969
b5b63c481a915952d9f01251134b622729fd6e92f0efe4017090aab5b2f57c72
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/131547548985409089.jpg HTTP/1.1
Host: 101.200.185.60
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 8569
Content-Type: image/jpeg
Last-Modified: Fri, 10 Nov 2017 02:34:58 GMT
Accept-Ranges: bytes
ETag: "a5d15c80cc59d31:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:47 GMT
chengdu.icef.com.cn/img/loading.gif
101.200.185.60404 Not Found 1.2 kB URL GET HTTP/1.1 chengdu.icef.com.cn/img/loading.gif
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type HTML document, ISO-8859 text, with CRLF line terminators
Hash 8363acaeab9cbb099b59b78a44127ca6
aef448ce5500e3734059ec285cf6ec0b547075f2
9b342ae7f25d65bdb817d8c995f3211ac398e41575fc5d149d994c1dcb008f0a
GET /img/loading.gif HTTP/1.1
Host: chengdu.icef.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Cookie: yunsuo_session_verify=e9f5f49ca01c7cbf06117df351bc0ab4; ASP.NET_SessionId=4pyyw3npzxhl0ivjabrw2k0b; __tins__398595=%7B%22sid%22%3A%201715327807234%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201715329607234%7D; __51cke__=; __51laig__=1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Content-Type: text/html
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:47 GMT
Content-Length: 1163
chengdu.icef.com.cn/css/img/footbg.jpg
101.200.185.60200 OK 308 B URL GET HTTP/1.1 chengdu.icef.com.cn/css/img/footbg.jpg
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 6x4, components 3
Hash def37f7c9c0e7bf92d6f07b1144be498
453815e012343ff4b4fd883dbfb1f0e7ae0d9a83
73713a46204aff918e12494aeeca7610865decaa7ee3e18133005df9ea167b3a
GET /css/img/footbg.jpg HTTP/1.1
Host: chengdu.icef.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/css/info.css
Cookie: yunsuo_session_verify=e9f5f49ca01c7cbf06117df351bc0ab4; ASP.NET_SessionId=4pyyw3npzxhl0ivjabrw2k0b
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 308
Content-Type: image/jpeg
Last-Modified: Fri, 04 Apr 2014 04:05:05 GMT
Accept-Ranges: bytes
ETag: "7972a9fbb4fcf1:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:47 GMT
chengdu.icef.com.cn/images/beij.gif
101.200.185.60200 OK 1.4 kB URL GET HTTP/1.1 chengdu.icef.com.cn/images/beij.gif
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type GIF image data, version 89a, 18 x 18
Hash f7711bfc3432f4749c972a7c569e3d3b
0ecccde0612f7c0b619c61af536c3adc72bca225
1a0eb3fd204750862cbfec1ad87d0d5938435b5e44ac2b18ed385a98817a7e3e
GET /images/beij.gif HTTP/1.1
Host: chengdu.icef.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/css/sy.css
Cookie: yunsuo_session_verify=e9f5f49ca01c7cbf06117df351bc0ab4; ASP.NET_SessionId=4pyyw3npzxhl0ivjabrw2k0b
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 1399
Content-Type: image/gif
Last-Modified: Fri, 27 Jun 2014 11:27:38 GMT
Accept-Ranges: bytes
ETag: "e3bc3cdfa91cf1:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:47 GMT
ia.51.la/go1?id=398595&rt=1715327807234&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E4%25B8%25AD%25E5%259B%25BD%25E7%2594%25B5%25E5%25AD%2590%25E7%25AC%25AC%25E4%25B8%2580%25E5%25A4%25A7%25E5%25B1%2595%25EF%25BC%258C%25E6%259C%2580%25E6%259D%2583%25E5%25A8%2581%25E7%259A%2584%25E7%2594%25B5%25E5%25AD%2590%25E5%2585%2583%25E5%2599%25A8%25E4%25BB%25B6%25E5%2585%25A8%25E4%25BA%25A7%25E4%25B8%259A%25E9%2593%25BE%25E5%25B1%2595%25E7%25A4%25BA%25E5%25B9%25B3%25E5%258F%25B0%25E3%2580%2582%25E4%25B8%25AD%25E5%259B%25BD%25E7%2594%25B5&ing=1&ekc=&sid=1715327807234&tt=%25E4%25B8%25AD%25E5%259B%25BD%25EF%25BC%2588%25E8%25A5%25BF%25E9%2583%25A8%25EF%25BC%2589%25E7%2594%25B5%25E5%25AD%2590%25E4%25BF%25A1%25E6%2581%25AF%25E5%258D%259A%25E8%25A7%2588%25E4%25BC%259A&kw=%25E7%2594%25B5%25E5%25AD%2590%25E5%25B1%2595%252C%25E4%25B8%25AD%25E5%259B%25BD%25E7%2594%25B5%25E5%25AD%2590%25E5%25B1%2595%252C%25E5%2585%25A8%25E5%259B%25BD%25E7%2594%25B5%25E5%25AD%2590%25E5%25B1%2595%252C%25E4%25B8%258A%25E6%25B5%25B7%25E7%2594%25B5%25E5%25AD%2590%25E5%25B1%2595%252C%25E6%25B7%25B1%25E5%259C%25B3%25E7%2594%25B5%25E5%25AD%2590%25E5%25B1%2595%252C%25E6%2588%2590%25E9%2583%25BD%25E7%2594%25B5%25E5%25AD%2590%25E5%25B1%2595%252CIC%2520CHINA%252C%25E4%25B8%25AD%25E5%259B%25BD%25E7%2594%25B5%25E5%25AD%2590%25E4%25BF%25A1%25E6%2581%25AF%25E5%258D%259A%25E8%25A7%2588%25E4%25BC%259A%252CCEF%252CCITE%252C%25E6%2585%2595%25E5%25B0%25BC%25E9%25BB%2591%25E7%2594%25B5%25E5%25AD%2590%25E5%25B1%2595%252CNEPCON%252CIIC%252C%25E7%2594%25B5%25E5%25AD%2590%25E5%2585%2583%25E5%2599%25A8%25E4%25BB%25B6%25E5%25B1%2595%252CPCIM%252C%25E5%25B7%25A5%25E5%258D%259A%25E4%25BC%259A%252CSemi&cu=http%253A%252F%252Fchengdu.icef.com.cn%252F&pu=
203.107.86.226200 0 B URL GET HTTP/1.1 ia.51.la/go1?id=398595&rt=1715327807234&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E4%25B8%25AD%25E5%259B%25BD%25E7%2594%25B5%25E5%25AD%2590%25E7%25AC%25AC%25E4%25B8%2580%25E5%25A4%25A7%25E5%25B1%2595%25EF%25BC%258C%25E6%259C%2580%25E6%259D%2583%25E5%25A8%2581%25E7%259A%2584%25E7%2594%25B5%25E5%25AD%2590%25E5%2585%2583%25E5%2599%25A8%25E4%25BB%25B6%25E5%2585%25A8%25E4%25BA%25A7%25E4%25B8%259A%25E9%2593%25BE%25E5%25B1%2595%25E7%25A4%25BA%25E5%25B9%25B3%25E5%258F%25B0%25E3%2580%2582%25E4%25B8%25AD%25E5%259B%25BD%25E7%2594%25B5&ing=1&ekc=&sid=1715327807234&tt=%25E4%25B8%25AD%25E5%259B%25BD%25EF%25BC%2588%25E8%25A5%25BF%25E9%2583%25A8%25EF%25BC%2589%25E7%2594%25B5%25E5%25AD%2590%25E4%25BF%25A1%25E6%2581%25AF%25E5%258D%259A%25E8%25A7%2588%25E4%25BC%259A&kw=%25E7%2594%25B5%25E5%25AD%2590%25E5%25B1%2595%252C%25E4%25B8%25AD%25E5%259B%25BD%25E7%2594%25B5%25E5%25AD%2590%25E5%25B1%2595%252C%25E5%2585%25A8%25E5%259B%25BD%25E7%2594%25B5%25E5%25AD%2590%25E5%25B1%2595%252C%25E4%25B8%258A%25E6%25B5%25B7%25E7%2594%25B5%25E5%25AD%2590%25E5%25B1%2595%252C%25E6%25B7%25B1%25E5%259C%25B3%25E7%2594%25B5%25E5%25AD%2590%25E5%25B1%2595%252C%25E6%2588%2590%25E9%2583%25BD%25E7%2594%25B5%25E5%25AD%2590%25E5%25B1%2595%252CIC%2520CHINA%252C%25E4%25B8%25AD%25E5%259B%25BD%25E7%2594%25B5%25E5%25AD%2590%25E4%25BF%25A1%25E6%2581%25AF%25E5%258D%259A%25E8%25A7%2588%25E4%25BC%259A%252CCEF%252CCITE%252C%25E6%2585%2595%25E5%25B0%25BC%25E9%25BB%2591%25E7%2594%25B5%25E5%25AD%2590%25E5%25B1%2595%252CNEPCON%252CIIC%252C%25E7%2594%25B5%25E5%25AD%2590%25E5%2585%2583%25E5%2599%25A8%25E4%25BB%25B6%25E5%25B1%2595%252CPCIM%252C%25E5%25B7%25A5%25E5%258D%259A%25E4%25BC%259A%252CSemi&cu=http%253A%252F%252Fchengdu.icef.com.cn%252F&pu=
IP 203.107.86.226:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /go1?id=398595&rt=1715327807234&rl=1280*1024&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=%25E4%25B8%25AD%25E5%259B%25BD%25E7%2594%25B5%25E5%25AD%2590%25E7%25AC%25AC%25E4%25B8%2580%25E5%25A4%25A7%25E5%25B1%2595%25EF%25BC%258C%25E6%259C%2580%25E6%259D%2583%25E5%25A8%2581%25E7%259A%2584%25E7%2594%25B5%25E5%25AD%2590%25E5%2585%2583%25E5%2599%25A8%25E4%25BB%25B6%25E5%2585%25A8%25E4%25BA%25A7%25E4%25B8%259A%25E9%2593%25BE%25E5%25B1%2595%25E7%25A4%25BA%25E5%25B9%25B3%25E5%258F%25B0%25E3%2580%2582%25E4%25B8%25AD%25E5%259B%25BD%25E7%2594%25B5&ing=1&ekc=&sid=1715327807234&tt=%25E4%25B8%25AD%25E5%259B%25BD%25EF%25BC%2588%25E8%25A5%25BF%25E9%2583%25A8%25EF%25BC%2589%25E7%2594%25B5%25E5%25AD%2590%25E4%25BF%25A1%25E6%2581%25AF%25E5%258D%259A%25E8%25A7%2588%25E4%25BC%259A&kw=%25E7%2594%25B5%25E5%25AD%2590%25E5%25B1%2595%252C%25E4%25B8%25AD%25E5%259B%25BD%25E7%2594%25B5%25E5%25AD%2590%25E5%25B1%2595%252C%25E5%2585%25A8%25E5%259B%25BD%25E7%2594%25B5%25E5%25AD%2590%25E5%25B1%2595%252C%25E4%25B8%258A%25E6%25B5%25B7%25E7%2594%25B5%25E5%25AD%2590%25E5%25B1%2595%252C%25E6%25B7%25B1%25E5%259C%25B3%25E7%2594%25B5%25E5%25AD%2590%25E5%25B1%2595%252C%25E6%2588%2590%25E9%2583%25BD%25E7%2594%25B5%25E5%25AD%2590%25E5%25B1%2595%252CIC%2520CHINA%252C%25E4%25B8%25AD%25E5%259B%25BD%25E7%2594%25B5%25E5%25AD%2590%25E4%25BF%25A1%25E6%2581%25AF%25E5%258D%259A%25E8%25A7%2588%25E4%25BC%259A%252CCEF%252CCITE%252C%25E6%2585%2595%25E5%25B0%25BC%25E9%25BB%2591%25E7%2594%25B5%25E5%25AD%2590%25E5%25B1%2595%252CNEPCON%252CIIC%252C%25E7%2594%25B5%25E5%25AD%2590%25E5%2585%2583%25E5%2599%25A8%25E4%25BB%25B6%25E5%25B1%2595%252CPCIM%252C%25E5%25B7%25A5%25E5%258D%259A%25E4%25BC%259A%252CSemi&cu=http%253A%252F%252Fchengdu.icef.com.cn%252F&pu= HTTP/1.1
Host: ia.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200
Date: Fri, 10 May 2024 07:56:47 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: aliyungf_tc=873a11263b0f43e7e3568b967638a2f9ccbfec98a8d8cf814b11b56eadb629dd; Path=/; HttpOnly
acw_tc=ac11000117153278078623256ed349dec771c4d5dab0d6ff335f1159a4563a;path=/;HttpOnly;Max-Age=1800
101.200.185.60/upload/130802789192660089.jpg
101.200.185.60200 OK 3.3 kB URL GET HTTP/1.1 101.200.185.60/upload/130802789192660089.jpg
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 100x100, components 3
Hash 213110c6be40c31d5ee6cfb84420e66f
294bf5e49cc7096e1e76436b87a3992d4a5d5a0f
f3a066375fc1bf107b4bbdef03501c85e2263309e061a44cfe4ef294913355ac
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/130802789192660089.jpg HTTP/1.1
Host: 101.200.185.60
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 3275
Content-Type: image/jpeg
Last-Modified: Thu, 02 Jul 2015 02:48:39 GMT
Accept-Ranges: bytes
ETag: "9ac2759971b4d01:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:47 GMT
101.200.185.60/upload/130585101014577031.jpg
101.200.185.60200 OK 7.6 kB URL GET HTTP/1.1 101.200.185.60/upload/130585101014577031.jpg
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 100x100, components 3
Hash 8ab79a56dc17eb21a8e112edc239ed25
4b1e6f213e06aed31451dc8c389a947843c6691f
29e25ce7145b68f3864c240fe431d6d0b97fedc98cabc985b8889c75a2874198
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/130585101014577031.jpg HTTP/1.1
Host: 101.200.185.60
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 7611
Content-Type: image/jpeg
Last-Modified: Thu, 23 Oct 2014 03:55:01 GMT
Accept-Ranges: bytes
ETag: "87afee1e75eecf1:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:48 GMT
chengdu.icef.com.cn/css/img/nav_bg.jpg
101.200.185.60200 OK 13 kB URL GET HTTP/1.1 chengdu.icef.com.cn/css/img/nav_bg.jpg
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS3 Windows, datetime=2013:12:13 09:48:46], baseline, precision 8, 990x46, components 3
Hash 42d9d779f93ca4bc84a4b95fe8781c83
bf5de7ee131d8eed04940cef01fecca535659482
657b698d73a1387a369f80e95037cdb43949107ccf1a69780f4149c011e8b18e
GET /css/img/nav_bg.jpg HTTP/1.1
Host: chengdu.icef.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/css/info.css
Cookie: yunsuo_session_verify=e9f5f49ca01c7cbf06117df351bc0ab4; ASP.NET_SessionId=4pyyw3npzxhl0ivjabrw2k0b
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 13346
Content-Type: image/jpeg
Last-Modified: Fri, 04 Apr 2014 04:05:06 GMT
Accept-Ranges: bytes
ETag: "f12cf9fbb4fcf1:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:47 GMT
101.200.185.60/upload/133055615706080055.jpg
101.200.185.60200 OK 22 kB URL GET HTTP/1.1 101.200.185.60/upload/133055615706080055.jpg
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 475x314, components 3
Hash adc7dbcb9ddf8f036b723ac11f1bd923
c913a084722c0c7f4fcac9a37b146e1b523cd1a7
3e6394935f06fb50c96017ee127f6a630334d3ab1e724d83e21eff5b457d65da
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/133055615706080055.jpg HTTP/1.1
Host: 101.200.185.60
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 22458
Content-Type: image/jpeg
Last-Modified: Sun, 21 Aug 2022 13:19:30 GMT
Accept-Ranges: bytes
ETag: "555489a560b5d81:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:47 GMT
fm.p0y.cn/j/adv.js
222.186.18.216200 OK 6.5 kB IP 222.186.18.216:80
Requested by http://chengdu.icef.com.cn/
File type JavaScript source, ASCII text, with very long lines (6475), with no line terminators
Hash d7f60f987e5918c0e06cdd3862278472
9d7e928a4a85bb5e0c554f2b3f69b3c1d946d7a9
427171030ea3a9393cc75e3011fe5bac17d3082480086897690ccb64297b5b2f
GET /j/adv.js HTTP/1.1
Host: fm.p0y.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/x-javascript
Content-Length: 6475
Connection: keep-alive
Date: Fri, 10 May 2024 07:45:05 GMT
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1715327105
Via: cache29.l2cn1827[0,0,304-0,H], cache68.l2cn1827[1,0], cache1.cn2810[0,0,200-0,H], cache12.cn2810[1,0]
Last-Modified: Wed, 08 Aug 2018 07:46:26 GMT
Vary: Accept-Encoding
ETag: "5b6a9fd2-194b"
Age: 703
X-Cache: HIT TCP_MEM_HIT dirn:-2:-2
X-Swift-SaveTime: Fri, 10 May 2024 07:45:30 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: deba12a017153278081531683e
widget.weibo.com/weiboshow/index.php?language=&width=0&height=550&fansRow=2&ptype=0&speed=0&skin=3&isTitle=0&noborder=0&isWeibo=1&isFans=0&uid=1759433917&verifier=b46c844b&dpc=1
36.51.224.126200 OK 241 B URL GET HTTP/2 widget.weibo.com/weiboshow/index.php?language=&width=0&height=550&fansRow=2&ptype=0&speed=0&skin=3&isTitle=0&noborder=0&isWeibo=1&isFans=0&uid=1759433917&verifier=b46c844b&dpc=1
IP 36.51.224.126:443
ASN #37936 15F,Ideal Plaza No.58 Bei Si Huan Xi Road
Requested by http://chengdu.icef.com.cn/
Certificate IssuerDigiCert Inc
Subjectweibo.cn
FingerprintEA:A0:4E:BA:8D:58:83:5B:03:65:FB:EE:3D:E1:73:A9:52:12:3E:A3
ValidityTue, 07 May 2024 00:00:00 GMT - Sat, 07 Jun 2025 23:59:59 GMT
File type HTML document, ASCII text, with CRLF line terminators
Hash f5ba896d004fc2ad25e2efb56b129b57
f4f586a75c24d595aebac0d105fbf989b7f723fe
5551cf9ff3d42d87dcd453c15951f650effe152236573faf7e3fa6813343bb7e
GET /weiboshow/index.php?language=&width=0&height=550&fansRow=2&ptype=0&speed=0&skin=3&isTitle=0&noborder=0&isWeibo=1&isFans=0&uid=1759433917&verifier=b46c844b&dpc=1 HTTP/1.1
Host: widget.weibo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Fri, 10 May 2024 07:56:48 GMT
Content-Type: text/html
Content-Length: 241
Connection: keep-alive
Location: https://widget.weibo.com/weiboshow/index.php?language=&width=0&height=550&fansRow=2&ptype=0&speed=0&skin=3&isTitle=0&noborder=0&isWeibo=1&isFans=0&uid=1759433917&verifier=b46c844b&dpc=1
Server: SHANHAI-SERVER
Lb: 36.51.224.126
Ssl_node: msre-10-81-97-73.hk.intra.weibo.cn
hm.baidu.com/hm.js?4009f7e85cf2db1be4d75ee562b84710
111.45.11.83200 OK 11 kB URL GET HTTP/1.1 hm.baidu.com/hm.js?4009f7e85cf2db1be4d75ee562b84710
IP 111.45.11.83:443
ASN #56040 China Mobile communications corporation
Requested by http://chengdu.icef.com.cn/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type JavaScript source, ASCII text, with very long lines (629)
Hash a0038d7cdeb15256d0befcc0613c615a
daeb3e8a15e77b62f0508773f3c15ef87bee39bc
8210043dd5aaeb0759865b9aa7180ca1172247ea6324d376d83da414562bb81e
GET /hm.js?4009f7e85cf2db1be4d75ee562b84710 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11267
Content-Type: application/javascript
Date: Fri, 10 May 2024 07:56:48 GMT
Etag: a65f0751a409b5ad5fdbcc1363afdc86
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=01B36C236459061D; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
101.200.185.60/upload/130585083323023956.jpg
101.200.185.60200 OK 2.8 kB URL GET HTTP/1.1 101.200.185.60/upload/130585083323023956.jpg
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 75x40, components 3
Hash ceb8f596077d237755cf7e079ae4f23f
1b84405078c62bdc20d47b3edc6173bd1e7caacb
f2f3e54ec041a9518299100b3c861940d5296259ee89a8fcca15b9ad95cbe284
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/130585083323023956.jpg HTTP/1.1
Host: 101.200.185.60
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 2819
Content-Type: image/jpeg
Last-Modified: Thu, 23 Oct 2014 03:25:32 GMT
Accept-Ranges: bytes
ETag: "5426f071eecf1:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:48 GMT
hm.baidu.com/hm.js?8edb7362760b9739cf31db225aa4e6c3
111.45.11.83200 OK 11 kB URL GET HTTP/1.1 hm.baidu.com/hm.js?8edb7362760b9739cf31db225aa4e6c3
IP 111.45.11.83:443
ASN #56040 China Mobile communications corporation
Requested by http://chengdu.icef.com.cn/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type JavaScript source, ASCII text, with very long lines (621)
Hash 8fb9b8dfece19ce29a06d2da9ca9c484
ad7c9338b84eba5b2823db786dfe89a782cc7829
a867989f69e9c20509a7b0b2f11e8a4bfa15a66bb008f9ba0fc41efd37da270d
GET /hm.js?8edb7362760b9739cf31db225aa4e6c3 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11259
Content-Type: application/javascript
Date: Fri, 10 May 2024 07:56:48 GMT
Etag: 017c703ef14752283b942b727f185c47
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=DED5BEE0B5447BF1; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
101.200.185.60/upload/130585083708344632.jpg
101.200.185.60200 OK 2.8 kB URL GET HTTP/1.1 101.200.185.60/upload/130585083708344632.jpg
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 75x40, components 3
Hash c6b621366172f35140155ee914db9397
ab3a4f2ecff78319bb95803c1e7d84e61c37a0ef
eca81afb9d8cd8fb457ab831429558b2df136cbfd4ef9282cbcc7a0171e35146
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/130585083708344632.jpg HTTP/1.1
Host: 101.200.185.60
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 2765
Content-Type: image/jpeg
Last-Modified: Thu, 23 Oct 2014 03:26:10 GMT
Accept-Ranges: bytes
ETag: "99ea681771eecf1:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:48 GMT
101.200.185.60/upload/130585084036257208.jpg
101.200.185.60200 OK 2.9 kB URL GET HTTP/1.1 101.200.185.60/upload/130585084036257208.jpg
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 75x40, components 3
Hash 374010adad7d88f5a57f8c7ec3cbd4dd
a5004b700a241a8e6a962d0da05dffa7272c0f30
19d728896268f50aa0aca9b04a247864791334e3d37b34cd11ea4f300562560e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/130585084036257208.jpg HTTP/1.1
Host: 101.200.185.60
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 2900
Content-Type: image/jpeg
Last-Modified: Thu, 23 Oct 2014 03:26:43 GMT
Accept-Ranges: bytes
ETag: "79d8f62a71eecf1:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:48 GMT
101.200.185.60/upload/133491561398037116.png
101.200.185.60200 OK 148 kB URL GET HTTP/1.1 101.200.185.60/upload/133491561398037116.png
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type PNG image data, 665 x 240, 8-bit/color RGBA, non-interlaced
Size 148 kB (147570 bytes)
Hash a8a6740bda9420addda4f82bc3b215d2
a797ec0a2583dc27fb65853bdce4b583afcb9a7c
30a9fea72cb6d2a42ec75241aa030cb91ec356917c6f06482cd573bad7764abd
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/133491561398037116.png HTTP/1.1
Host: 101.200.185.60
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 147570
Content-Type: image/png
Last-Modified: Mon, 08 Jan 2024 02:55:39 GMT
Accept-Ranges: bytes
ETag: "d13a529de41da1:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:47 GMT
101.200.185.60/upload/131123313714702901.jpg
101.200.185.60200 OK 20 kB URL GET HTTP/1.1 101.200.185.60/upload/131123313714702901.jpg
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 225x138, components 3
Hash 3764ae8dab955e03026670f479eabb37
a0b90247d006f7166a6b6fb1835682408687dcdc
f6141727879072fdfc278beff38f08caf9a8d12628108d7cb9cd3985dd68d8aa
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/131123313714702901.jpg HTTP/1.1
Host: 101.200.185.60
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 20192
Content-Type: image/jpeg
Last-Modified: Thu, 07 Jul 2016 02:16:11 GMT
Accept-Ranges: bytes
ETag: "126fc187f5d7d11:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:48 GMT
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=42702058&si=8edb7362760b9739cf31db225aa4e6c3&v=1.3.0&lv=1&sn=14719&r=0&ww=1280&u=http%3A%2F%2Fchengdu.icef.com.cn%2F&tt=%E4%B8%AD%E5%9B%BD%EF%BC%88%E8%A5%BF%E9%83%A8%EF%BC%89%E7%94%B5%E5%AD%90%E4%BF%A1%E6%81%AF%E5%8D%9A%E8%A7%88%E4%BC%9A
111.45.11.83200 OK 43 B URL GET HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=42702058&si=8edb7362760b9739cf31db225aa4e6c3&v=1.3.0&lv=1&sn=14719&r=0&ww=1280&u=http%3A%2F%2Fchengdu.icef.com.cn%2F&tt=%E4%B8%AD%E5%9B%BD%EF%BC%88%E8%A5%BF%E9%83%A8%EF%BC%89%E7%94%B5%E5%AD%90%E4%BF%A1%E6%81%AF%E5%8D%9A%E8%A7%88%E4%BC%9A
IP 111.45.11.83:443
ASN #56040 China Mobile communications corporation
Requested by http://chengdu.icef.com.cn/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=42702058&si=8edb7362760b9739cf31db225aa4e6c3&v=1.3.0&lv=1&sn=14719&r=0&ww=1280&u=http%3A%2F%2Fchengdu.icef.com.cn%2F&tt=%E4%B8%AD%E5%9B%BD%EF%BC%88%E8%A5%BF%E9%83%A8%EF%BC%89%E7%94%B5%E5%AD%90%E4%BF%A1%E6%81%AF%E5%8D%9A%E8%A7%88%E4%BC%9A HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 10 May 2024 07:56:48 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=13B82B0BD4538D54; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
101.200.185.60/upload/132181749946447776.jpg
101.200.185.60200 OK 62 kB URL GET HTTP/1.1 101.200.185.60/upload/132181749946447776.jpg
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=244, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=499], progressive, precision 8, 238x138, components 3
Hash 6932851ffba1f2635ccccd12c4144774
49c8715ba9891048af7cbc6013acb87bd054f14a
5819e35edc0ac028f60e298a8d94c7761c6945e18406760a8ffe52692b6df201
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/132181749946447776.jpg HTTP/1.1
Host: 101.200.185.60
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 61751
Content-Type: image/jpeg
Last-Modified: Thu, 14 Nov 2019 03:16:34 GMT
Accept-Ranges: bytes
ETag: "14755aeb999ad51:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:48 GMT
101.200.185.60/upload/130801187122410891.jpg
101.200.185.60200 OK 38 kB URL GET HTTP/1.1 101.200.185.60/upload/130801187122410891.jpg
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 225x142, components 3
Hash 0d751518e41e46f6ddb91838a2135e5d
50c857b7337d01b804c8e607b7cea89c5342cad8
f4edd7def4affafbe1aa90ed6392c7fb6c49cc864c1b0d64eb9bfa04e76db131
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/130801187122410891.jpg HTTP/1.1
Host: 101.200.185.60
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 37924
Content-Type: image/jpeg
Last-Modified: Tue, 30 Jun 2015 06:18:32 GMT
Accept-Ranges: bytes
ETag: "8b75a196fcb2d01:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:48 GMT
101.200.185.60/upload/132671810778521903.jpg
101.200.185.60200 OK 37 kB URL GET HTTP/1.1 101.200.185.60/upload/132671810778521903.jpg
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS3 Windows, datetime=2021:06:03 16:04:18], progressive, precision 8, 225x96, components 3
Hash d7e68d037242c7e41a2265cb5383aa03
981b117bb1361b4576c339581fd7974e67ca35a9
c3f3972a508336e45f2157ce25305236367b6278fa011e52fd07c2bcab4a141b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/132671810778521903.jpg HTTP/1.1
Host: 101.200.185.60
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 36857
Content-Type: image/jpeg
Last-Modified: Thu, 03 Jun 2021 08:04:37 GMT
Accept-Ranges: bytes
ETag: "5102c194f58d71:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:48 GMT
101.200.185.60/upload/132671808543234770.jpg
101.200.185.60200 OK 76 kB URL GET HTTP/1.1 101.200.185.60/upload/132671808543234770.jpg
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS3 Windows, datetime=2021:06:03 16:00:41], progressive, precision 8, 225x138, components 3
Hash f3e8de8f73489c511954c70687f531cb
151e94e95aaa918761baa8a9536fcd866bc832e5
bed717ed55cf44d9a412cd36acbad896da8b26f991b5ea96a40b56d591d8a4cc
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/132671808543234770.jpg HTTP/1.1
Host: 101.200.185.60
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 75964
Content-Type: image/jpeg
Last-Modified: Thu, 03 Jun 2021 08:00:54 GMT
Accept-Ranges: bytes
ETag: "ac64ef934e58d71:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:49 GMT
fm.ipinyou.com/j/a.js
3.126.195.33200 OK 11 kB IP 3.126.195.33:80
Requested by http://chengdu.icef.com.cn/
File type JavaScript source, ASCII text, with very long lines (29988), with no line terminators
Hash 373286404285d87684fb481ae810458a
20d2aaa8cf75f86a4fa007a617525a6ac05735f2
7fb8fb91f7ae30f41473f6016f47dd1db976cef7fee88c2d4642c8b04016c0b0
GET /j/a.js HTTP/1.1
Host: fm.ipinyou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Last-Modified: Wed, 06 Dec 2023 07:16:49 GMT
Content-Encoding: gzip
Etag: "65701fe1-7524"
Server: nginx/1.4.3
Date: Fri, 10 May 2024 04:19:01 GMT
Content-Type: application/x-javascript
Vary: Accept-Encoding
Content-Length: 10835
Accept-Ranges: bytes
X-NWS-LOG-UUID: 9251273364184378625
Connection: keep-alive
X-Cache-Lookup: Cache Hit
101.200.185.60/upload/132671807612401456.jpg
101.200.185.60200 OK 36 kB URL GET HTTP/1.1 101.200.185.60/upload/132671807612401456.jpg
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type JPEG image data, JFIF standard 1.02, resolution (DPCM), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=3, software=Adobe Photoshop CS3 Windows, datetime=2021:06:03 15:59:08], progressive, precision 8, 225x139, components 3
Hash 4894569f14dda66344c448fb2122ebf2
41f4922f63c7f4ea43da9074c801169436c53ab3
f6c8592a3fc1ffaa357ba34b85542c72f0f47d0786d5fb162f3d3e2825c2c9b6
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/132671807612401456.jpg HTTP/1.1
Host: 101.200.185.60
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 35730
Content-Type: image/jpeg
Last-Modified: Thu, 03 Jun 2021 07:59:21 GMT
Accept-Ranges: bytes
ETag: "b1745c4e58d71:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:49 GMT
101.200.185.60/upload/132671801462200092.jpg
101.200.185.60200 OK 61 kB URL GET HTTP/1.1 101.200.185.60/upload/132671801462200092.jpg
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS3 Windows, datetime=2021:06:03 15:48:02], progressive, precision 8, 225x138, components 3
Hash 4bb6cf52eadead9bddc6f711a4bd1376
c2bb340f188b0283ba77eecc597c8c483ba48aef
979c36384397dfe97af69b3bb071213a4a0e0127d0ec1ec0dac18864cea1866b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/132671801462200092.jpg HTTP/1.1
Host: 101.200.185.60
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 60590
Content-Type: image/jpeg
Last-Modified: Thu, 03 Jun 2021 07:49:06 GMT
Accept-Ranges: bytes
ETag: "7cd3dfed4c58d71:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:49 GMT
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1467540230&si=4009f7e85cf2db1be4d75ee562b84710&v=1.3.0&lv=1&sn=14719&r=0&ww=1280&u=http%3A%2F%2Fchengdu.icef.com.cn%2F&tt=%E4%B8%AD%E5%9B%BD%EF%BC%88%E8%A5%BF%E9%83%A8%EF%BC%89%E7%94%B5%E5%AD%90%E4%BF%A1%E6%81%AF%E5%8D%9A%E8%A7%88%E4%BC%9A
111.45.11.83200 OK 43 B URL GET HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1467540230&si=4009f7e85cf2db1be4d75ee562b84710&v=1.3.0&lv=1&sn=14719&r=0&ww=1280&u=http%3A%2F%2Fchengdu.icef.com.cn%2F&tt=%E4%B8%AD%E5%9B%BD%EF%BC%88%E8%A5%BF%E9%83%A8%EF%BC%89%E7%94%B5%E5%AD%90%E4%BF%A1%E6%81%AF%E5%8D%9A%E8%A7%88%E4%BC%9A
IP 111.45.11.83:443
ASN #56040 China Mobile communications corporation
Requested by http://chengdu.icef.com.cn/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1467540230&si=4009f7e85cf2db1be4d75ee562b84710&v=1.3.0&lv=1&sn=14719&r=0&ww=1280&u=http%3A%2F%2Fchengdu.icef.com.cn%2F&tt=%E4%B8%AD%E5%9B%BD%EF%BC%88%E8%A5%BF%E9%83%A8%EF%BC%89%E7%94%B5%E5%AD%90%E4%BF%A1%E6%81%AF%E5%8D%9A%E8%A7%88%E4%BC%9A HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 10 May 2024 07:56:49 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=7B4AB189172FFED5; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
stats.ipinyou.com/presadv?a=kE..biHZJSZej4XyLKU7Wz0zIX&cb=py.cb
152.136.199.109200 OK 652 B URL GET HTTP/1.1 stats.ipinyou.com/presadv?a=kE..biHZJSZej4XyLKU7Wz0zIX&cb=py.cb
IP 152.136.199.109:80
ASN #45090 Shenzhen Tencent Computer Systems Company Limited
Requested by http://chengdu.icef.com.cn/
File type ASCII text, with very long lines (652), with no line terminators
Hash bec264beb27e2b18043a053a45765311
0a17d207be9aae9d679726fb11a72d2dcface041
ebaced844f22a16e2a8a6092e09a4c104b58052c5dff4cc402061f29fbb1a4ae
GET /presadv?a=kE..biHZJSZej4XyLKU7Wz0zIX&cb=py.cb HTTP/1.1
Host: stats.ipinyou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="NON DSP COR CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa CONa HISa TELa OTPa OUR UNRa IND UNI COM NAV INT DEM CNT PRE LOC"
Set-Cookie: PYID=O5AFtmAQcpgj; Domain=.ipinyou.com; Expires=Sat, 07-Jun-2025 07:56:49 GMT; Path=/
Content-Type: text/javascript;charset=utf-8
Content-Length: 652
Date: Fri, 10 May 2024 07:56:49 GMT
101.200.185.60/upload/132671801801346359.jpg
101.200.185.60200 OK 66 kB URL GET HTTP/1.1 101.200.185.60/upload/132671801801346359.jpg
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS3 Windows, datetime=2021:06:03 15:48:50], progressive, precision 8, 225x139, components 3
Hash 348ccba74f1d3923b1193a2ad7c92de2
e30bfeb24edfeb314551a5624fa5686bc9674ca4
6303ea41b02f1423910c4053628d5c350ec4b1c28a95b024da262b36abb0bcce
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/132671801801346359.jpg HTTP/1.1
Host: 101.200.185.60
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 66356
Content-Type: image/jpeg
Last-Modified: Thu, 03 Jun 2021 07:49:40 GMT
Accept-Ranges: bytes
ETag: "6a981524d58d71:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:48 GMT
stats.ipinyou.com/adv?a=kE..biHZJSZej4XyLKU7Wz0zIX&ev=vg&v=3&_c=d84557b1-5828-5b47-a6a8-e17dc005c13b&b=6842sr491280x102442sc56XIXKR18J42fv4042je242lg554DRKI42vb41143did4042dt40&pg=6842ps491280x175142vp491280x102442tt5DomDqsTX_t8XYgVX-c8X_t9yeLrvGo_1tZFpvQXYj8otQ42ec55YLYKY6RXO41u5R7JJFUTT274D63KS8245S2ECS2DT41r4043vbt3355342sp310&e=&rd=1715327809832
152.136.199.109200 OK 0 B URL GET HTTP/1.1 stats.ipinyou.com/adv?a=kE..biHZJSZej4XyLKU7Wz0zIX&ev=vg&v=3&_c=d84557b1-5828-5b47-a6a8-e17dc005c13b&b=6842sr491280x102442sc56XIXKR18J42fv4042je242lg554DRKI42vb41143did4042dt40&pg=6842ps491280x175142vp491280x102442tt5DomDqsTX_t8XYgVX-c8X_t9yeLrvGo_1tZFpvQXYj8otQ42ec55YLYKY6RXO41u5R7JJFUTT274D63KS8245S2ECS2DT41r4043vbt3355342sp310&e=&rd=1715327809832
IP 152.136.199.109:80
ASN #45090 Shenzhen Tencent Computer Systems Company Limited
Requested by http://chengdu.icef.com.cn/
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adv?a=kE..biHZJSZej4XyLKU7Wz0zIX&ev=vg&v=3&_c=d84557b1-5828-5b47-a6a8-e17dc005c13b&b=6842sr491280x102442sc56XIXKR18J42fv4042je242lg554DRKI42vb41143did4042dt40&pg=6842ps491280x175142vp491280x102442tt5DomDqsTX_t8XYgVX-c8X_t9yeLrvGo_1tZFpvQXYj8otQ42ec55YLYKY6RXO41u5R7JJFUTT274D63KS8245S2ECS2DT41r4043vbt3355342sp310&e=&rd=1715327809832 HTTP/1.1
Host: stats.ipinyou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="NON DSP COR CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa CONa HISa TELa OTPa OUR UNRa IND UNI COM NAV INT DEM CNT PRE LOC"
Set-Cookie: sessionId=O5AFtmEdci9dv; Domain=.ipinyou.com; Path=/
PYID=O5AFtmEdciBC; Domain=.ipinyou.com; Expires=Sat, 07-Jun-2025 07:56:49 GMT; Path=/
Content-Type: application/javascript
Content-Length: 0
Date: Fri, 10 May 2024 07:56:49 GMT
101.200.185.60/upload/132671802308039318.jpg
101.200.185.60200 OK 47 kB URL GET HTTP/1.1 101.200.185.60/upload/132671802308039318.jpg
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 225x138, components 3
Hash 7503cec2e16ea3ca54b646d402bd6971
753dfa5f5e7ff25883a7e4618f56ff5888fe2b66
9761385d6ca95178278af6cfb4a92af1c2669ead864e71d6e593a04da9fd7038
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/132671802308039318.jpg HTTP/1.1
Host: 101.200.185.60
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 47092
Content-Type: image/jpeg
Last-Modified: Thu, 03 Jun 2021 07:50:30 GMT
Accept-Ranges: bytes
ETag: "73dc49204d58d71:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:49 GMT
widget.weibo.com/weiboshow/index.php?language=&width=0&height=550&fansRow=2&ptype=0&speed=0&skin=3&isTitle=0&noborder=0&isWeibo=1&isFans=0&uid=1759433917&verifier=b46c844b&dpc=1
36.51.224.126200 OK 5.3 kB URL GET HTTP/2 widget.weibo.com/weiboshow/index.php?language=&width=0&height=550&fansRow=2&ptype=0&speed=0&skin=3&isTitle=0&noborder=0&isWeibo=1&isFans=0&uid=1759433917&verifier=b46c844b&dpc=1
IP 36.51.224.126:443
ASN #37936 15F,Ideal Plaza No.58 Bei Si Huan Xi Road
Requested by http://chengdu.icef.com.cn/
Certificate IssuerDigiCert Inc
Subjectweibo.cn
FingerprintEA:A0:4E:BA:8D:58:83:5B:03:65:FB:EE:3D:E1:73:A9:52:12:3E:A3
ValidityTue, 07 May 2024 00:00:00 GMT - Sat, 07 Jun 2025 23:59:59 GMT
File type HTML document, Unicode text, UTF-8 text, with very long lines (585), with CRLF, LF line terminators
Hash a2936fddcd9e6ecb2e8b9ad833182fdc
3a8108bc7c16370c8aab9b341388d3228fccc562
a167a0b3bdc305802c1a8a8168b47bded4b2b22488e68c4cbc0b88c3bdaceb08
GET /weiboshow/index.php?language=&width=0&height=550&fansRow=2&ptype=0&speed=0&skin=3&isTitle=0&noborder=0&isWeibo=1&isFans=0&uid=1759433917&verifier=b46c844b&dpc=1 HTTP/1.1
Host: widget.weibo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://chengdu.icef.com.cn/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=utf-8
content-length: 5251
date: Fri, 10 May 2024 07:56:50 GMT
vary: Host,Accept-Encoding
set-cookie: U_TRS1=0000009a.e3ba7f4f.663dd342.7236040f; path=/; expires=Mon, 08-May-34 07:56:50 GMT; domain=.sina.com.cn
U_TRS2=0000009a.e3c47f4f.663dd342.827ed4e0; path=/; domain=.sina.com.cn
content-security-policy: upgrade-insecure-requests
xplugins-type: 1
cache-control: max-age=60, must-revalidate
pragma:
expires: Fri, 10 May 2024 08:01:50 GMT
last-modified: Fri, 10 May 2024 07:56:50 GMT
dpool_header: 10.168.222.118
content-encoding: gzip
server: SHANHAI-SERVER
lb: 36.51.224.126
ssl_node: msre-10-81-97-71.hk.intra.weibo.cn
X-Firefox-Spdy: h2
stats.ipinyou.com/adin/cmr.gif
152.136.199.109302 Found 0 B URL GET HTTP/1.1 stats.ipinyou.com/adin/cmr.gif
IP 152.136.199.109:80
ASN #45090 Shenzhen Tencent Computer Systems Company Limited
Requested by http://chengdu.icef.com.cn/
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /adin/cmr.gif HTTP/1.1
Host: stats.ipinyou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: Apache-Coyote/1.1
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="NON DSP COR CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa CONa HISa TELa OTPa OUR UNRa IND UNI COM NAV INT DEM CNT PRE LOC"
Set-Cookie: JSESSIONID=F4BEA645734C7460AB07041375976C04; Path=/; HttpOnly
PYID=O5AFtn2kwgh; Domain=.ipinyou.com; Expires=Sat, 07-Jun-2025 07:56:50 GMT; Path=/
Location: http://cm.fastapi.net/?dspid=100018&gethuid=1&dspuid=O5AFtn2kwgh
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 0
Date: Fri, 10 May 2024 07:56:49 GMT
cm.ipinyou.com/qq/cmr.gif
152.136.179.124302 Found 0 B URL GET HTTP/1.1 cm.ipinyou.com/qq/cmr.gif
IP 152.136.179.124:80
ASN #45090 Shenzhen Tencent Computer Systems Company Limited
Requested by http://chengdu.icef.com.cn/
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /qq/cmr.gif HTTP/1.1
Host: cm.ipinyou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: Apache-Coyote/1.1
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="NON DSP COR CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa CONa HISa TELa OTPa OUR UNRa IND UNI COM NAV INT DEM CNT PRE LOC"
Set-Cookie: JSESSIONID=AE50A646C7C97EBE67BBF25CB5A03657; Path=/; HttpOnly
PYID=O5AFtn4UcrPt; Domain=.ipinyou.com; Expires=Sat, 07-Jun-2025 07:56:50 GMT; Path=/
Location: http://cm.l.qq.com/?dspid=10016&dspuid=O5AFtn4UcrPt&gettuid=1
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 0
Date: Fri, 10 May 2024 07:56:50 GMT
sax.sina.com.cn/cm?sina_nid=1&ext_data=3418
49.7.36.94200 OK 0 B URL GET HTTP/1.1 sax.sina.com.cn/cm?sina_nid=1&ext_data=3418
IP 49.7.36.94:80
ASN #23724 IDC, China Telecommunications Corporation
Requested by http://chengdu.icef.com.cn/
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm?sina_nid=1&ext_data=3418 HTTP/1.1
Host: sax.sina.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: fasthttp
Date: Fri, 10 May 2024 07:56:49 GMT
Content-Length: 0
101.200.185.60/upload/133476240551216097.png
101.200.185.60200 OK 52 kB URL GET HTTP/1.1 101.200.185.60/upload/133476240551216097.png
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type PNG image data, 990 x 120, 8-bit/color RGBA, non-interlaced
Hash 55a81a6999b40303030e94caf2f9bcd6
6e837e2714f3d4b4e96ec85443c89bfd04cd85ef
2b77152506e3899169cd8a643283519dfd3a716bb3340688056830b3c2ab1683
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/133476240551216097.png HTTP/1.1
Host: 101.200.185.60
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 52219
Content-Type: image/png
Last-Modified: Thu, 21 Dec 2023 09:20:55 GMT
Accept-Ranges: bytes
ETag: "89b330ef33da1:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:47 GMT
cms.tanx.com/t.gif?tanx_nid=29600513&tanx_cm&ext_data=3418
106.11.23.108302 Found 49 B URL GET HTTP/1.1 cms.tanx.com/t.gif?tanx_nid=29600513&tanx_cm&ext_data=3418
IP 106.11.23.108:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type GIF image data, version 89a, 1 x 1
Hash ed280a0ea3cc38f3cbbc747acfbef47d
6bdcb32ee75e957a5085c010f4dfd0c716bfdadc
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
GET /t.gif?tanx_nid=29600513&tanx_cm&ext_data=3418 HTTP/1.1
Host: cms.tanx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Fri, 10 May 2024 07:56:50 GMT
Content-Type: image/gif
Content-Length: 49
Connection: keep-alive
Server: Tengine
P3P: CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV"
Location: http://cm.ipinyou.com/tanx/cms.gif?tanx_err=1&tanx_ver=1&ext_data=3418
EagleEye-TraceId: 210f8caa17153278106446364e67ef
Timing-Allow-Origin: *
101.200.185.60/upload/132551021128560510.jpg
101.200.185.60200 OK 534 kB URL GET HTTP/1.1 101.200.185.60/upload/132551021128560510.jpg
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=16, height=2000, bps=206, PhotometricInterpretation=RGB, manufacturer=Canon, model=Canon EOS 5D Mark III, orientation=upper-left, width=3000], progressive, precision 8, 800x533, components 3
Size 534 kB (534272 bytes)
Hash 055d84e191900f9db03266e330fbde7e
dfc6dfb238c8b7ddf0dd259b85d61a7d064428f9
817b8e7f480236024e1b14fbb839051e5b0bfe929bc061456ad52e21ceb77f99
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/132551021128560510.jpg HTTP/1.1
Host: 101.200.185.60
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 534272
Content-Type: image/jpeg
Last-Modified: Thu, 14 Jan 2021 12:48:32 GMT
Accept-Ranges: bytes
ETag: "c86fd9073ead61:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:49 GMT
ckm.iqiyi.com/pixel?qiyi_nid=71000015&qiyi_sc&ext_data=3418
116.211.198.129302 Found 0 B URL GET HTTP/1.1 ckm.iqiyi.com/pixel?qiyi_nid=71000015&qiyi_sc&ext_data=3418
IP 116.211.198.129:80
ASN #58563 CHINANET Hubei province network
Requested by http://chengdu.icef.com.cn/
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?qiyi_nid=71000015&qiyi_sc&ext_data=3418 HTTP/1.1
Host: ckm.iqiyi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Fri, 10 May 2024 07:56:50 GMT
Content-Length: 0
Connection: keep-alive
Location: https://cm.ipinyou.com/qiyi/cms.gif?qiyi_uid=94139c18175f66cc619123b5c2956457
Set-Cookie: T00404=c5c86539c1b19415793f492c65171662; Version=1; Domain=.iqiyi.com; Path=/; Expires=Sat, 10 May 2025 07:56:50 GMT; Max-Age=31536000; SameSite=None; Secure;
T00700=EgcIz7-tIRAB; Version=1; Domain=.iqiyi.com; Path=/; Expires=Wed, 15 May 2024 07:56:50 GMT; Max-Age=432000; SameSite=None; Secure;
Cache-Control: no-cache
P3P: CP="ALL DSP COR NID"
cm.pos.baidu.com/pixel?dspid=6418041&ext_data=3418
110.242.68.135302 Found 0 B URL GET HTTP/1.1 cm.pos.baidu.com/pixel?dspid=6418041&ext_data=3418
IP 110.242.68.135:80
ASN #4837 CHINA UNICOM China169 Backbone
Requested by http://chengdu.icef.com.cn/
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?dspid=6418041&ext_data=3418 HTTP/1.1
Host: cm.pos.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Connection: keep-alive
Content-Length: 0
Content-Type: text/html
Date: Fri, 10 May 2024 07:56:50 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Location: https://cm.ipinyou.com/baidu/cms.gif?baidu_error=1×tamp=1715327810
Server: nginx
cm.ipinyou.com/tanx/cms.gif?tanx_err=1&tanx_ver=1&ext_data=3418
152.136.179.124200 OK 43 B URL GET HTTP/1.1 cm.ipinyou.com/tanx/cms.gif?tanx_err=1&tanx_ver=1&ext_data=3418
IP 152.136.179.124:80
ASN #45090 Shenzhen Tencent Computer Systems Company Limited
Requested by http://chengdu.icef.com.cn/
File type GIF image data, version 89a, 1 x 1
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /tanx/cms.gif?tanx_err=1&tanx_ver=1&ext_data=3418 HTTP/1.1
Host: cm.ipinyou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="NON DSP COR CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa CONa HISa TELa OTPa OUR UNRa IND UNI COM NAV INT DEM CNT PRE LOC"
Set-Cookie: sessionId=O5AFtnFXcrb7P; Domain=.ipinyou.com; Path=/
PYID=O5AFtnFXcrQI; Domain=.ipinyou.com; Expires=Sat, 07-Jun-2025 07:56:50 GMT; Path=/
CMBMP=IWz; Domain=.ipinyou.com; Expires=Mon, 20-May-2024 07:56:50 GMT; Path=/
Content-Type: image/gif
Transfer-Encoding: chunked
Date: Fri, 10 May 2024 07:56:50 GMT
cm.l.qq.com/?dspid=10016&dspuid=O5AFtn4UcrPt&gettuid=1
220.194.116.29302 Object moved 161 B URL GET HTTP/1.1 cm.l.qq.com/?dspid=10016&dspuid=O5AFtn4UcrPt&gettuid=1
IP 220.194.116.29:443
ASN #4837 CHINA UNICOM China169 Backbone
Requested by http://chengdu.icef.com.cn/
Certificate IssuerDigiCert Inc
Subjectl.qq.com
Fingerprint60:B8:9B:22:D5:AE:5B:8A:11:A2:BB:82:A0:F3:32:83:7D:20:C5:51
ValidityWed, 28 Jun 2023 00:00:00 GMT - Sun, 28 Jul 2024 23:59:59 GMT
File type HTML document, ASCII text, with CRLF line terminators
Hash bc9f4dd853f26156bb66e555830e05c5
eeb014d769da4a6e10cc23fb335a2bcd53490371
3ec9309d409f07dd16a30e54f9fbd96ab014647caa5bafe7839dab57b5c92caf
GET /?dspid=10016&dspuid=O5AFtn4UcrPt&gettuid=1 HTTP/1.1
Host: cm.l.qq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: stgw
Date: Fri, 10 May 2024 07:56:51 GMT
Content-Type: text/html
Content-Length: 161
Connection: keep-alive
Location: https://cm.l.qq.com/?dspid=10016&dspuid=O5AFtn4UcrPt&gettuid=1
cm.miaozhen.atm.youku.com/cm.gif?dspid=11112&ext_data=3418
47.246.99.254302 Moved Temporarily 154 B URL GET HTTP/1.1 cm.miaozhen.atm.youku.com/cm.gif?dspid=11112&ext_data=3418
IP 47.246.99.254:80
ASN #45102 Alibaba US Technology Co., Ltd.
Requested by http://chengdu.icef.com.cn/
File type HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /cm.gif?dspid=11112&ext_data=3418 HTTP/1.1
Host: cm.miaozhen.atm.youku.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Date: Fri, 10 May 2024 07:56:51 GMT
Content-Type: text/html
Content-Length: 154
Connection: keep-alive
Set-Cookie: __ysuid=1715327811118qts; path=/; domain=.youku.com; expires=Thu, 04-Feb-2049 02:36:52 GMT
Cache-Control: no-cache
Pragma: no-cache
P3P: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
Location: http://cm.ipinyou.com/youku/cms.gif?mzid=1715327811118qts
Expires: Fri, 10 May 2024 07:56:50 GMT
Server: Tengine/Aserver
Timing-Allow-Origin: *
s-rt: 84
EagleEye-TraceId: 2100cfab17153278110555553e4e6c, 2100cfab17153278110555553e4e6c
t.go.sohu.com/cm.gif?ver=1&mid=10012&ext_data=3418
52.175.28.82302 Moved Temporarily 0 B URL GET HTTP/1.1 t.go.sohu.com/cm.gif?ver=1&mid=10012&ext_data=3418
IP 52.175.28.82:80
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Requested by http://chengdu.icef.com.cn/
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm.gif?ver=1&mid=10012&ext_data=3418 HTTP/1.1
Host: t.go.sohu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Date: Fri, 10 May 2024 07:56:51 GMT
Set-Cookie: SUV=2405101556513101 ;expires=Tue, 19 Jan 2038 08:00:00 GMT; path=/; domain=.sohu.com;
location: https://cm.ipinyou.com/sohu/cms.gif?suid=2405101556513101&ver=1
FSS-Proxy: Powered by 11408542.20976808.12588848, Powered by 4543537.5002299.7959608
cm.ipinyou.com/youku/cms.gif?mzid=1715327811118qts
152.136.179.124200 OK 43 B URL GET HTTP/1.1 cm.ipinyou.com/youku/cms.gif?mzid=1715327811118qts
IP 152.136.179.124:80
ASN #45090 Shenzhen Tencent Computer Systems Company Limited
Requested by http://chengdu.icef.com.cn/
File type GIF image data, version 89a, 1 x 1
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /youku/cms.gif?mzid=1715327811118qts HTTP/1.1
Host: cm.ipinyou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="NON DSP COR CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa CONa HISa TELa OTPa OUR UNRa IND UNI COM NAV INT DEM CNT PRE LOC"
Set-Cookie: sessionId=O5AFto6Ucq3WC; Domain=.ipinyou.com; Path=/
PYID=O5AFto6Ucqvq; Domain=.ipinyou.com; Expires=Sat, 07-Jun-2025 07:56:51 GMT; Path=/
CMBMP=IWB; Domain=.ipinyou.com; Expires=Mon, 20-May-2024 07:56:51 GMT; Path=/
Content-Type: image/gif
Transfer-Encoding: chunked
Date: Fri, 10 May 2024 07:56:51 GMT
cm.ipinyou.com/qiyi/cms.gif?qiyi_uid=94139c18175f66cc619123b5c2956457
152.136.179.124200 OK 43 B URL GET HTTP/1.1 cm.ipinyou.com/qiyi/cms.gif?qiyi_uid=94139c18175f66cc619123b5c2956457
IP 152.136.179.124:443
ASN #45090 Shenzhen Tencent Computer Systems Company Limited
Requested by http://chengdu.icef.com.cn/
Certificate IssuerDigiCert, Inc.
Subject*.ipinyou.com
FingerprintFA:D0:DC:A6:4A:94:52:09:0D:DF:D7:42:47:A2:12:EB:D5:18:DC:A4
ValidityThu, 29 Feb 2024 00:00:00 GMT - Mon, 31 Mar 2025 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /qiyi/cms.gif?qiyi_uid=94139c18175f66cc619123b5c2956457 HTTP/1.1
Host: cm.ipinyou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 07:56:51 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="NON DSP COR CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa CONa HISa TELa OTPa OUR UNRa IND UNI COM NAV INT DEM CNT PRE LOC"
Set-Cookie: sessionId=O5AFtoEVcq3Wr; Domain=.ipinyou.com; Path=/
PYID=O5AFtoEVcqwM; Domain=.ipinyou.com; Expires=Sat, 07-Jun-2025 07:56:51 GMT; Path=/
CMBMP=Iif; Domain=.ipinyou.com; Expires=Mon, 20-May-2024 07:56:51 GMT; Path=/
cm.ipinyou.com/baidu/cms.gif?baidu_error=1×tamp=1715327810
152.136.179.124200 OK 43 B URL GET HTTP/1.1 cm.ipinyou.com/baidu/cms.gif?baidu_error=1×tamp=1715327810
IP 152.136.179.124:443
ASN #45090 Shenzhen Tencent Computer Systems Company Limited
Requested by http://chengdu.icef.com.cn/
Certificate IssuerDigiCert, Inc.
Subject*.ipinyou.com
FingerprintFA:D0:DC:A6:4A:94:52:09:0D:DF:D7:42:47:A2:12:EB:D5:18:DC:A4
ValidityThu, 29 Feb 2024 00:00:00 GMT - Mon, 31 Mar 2025 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /baidu/cms.gif?baidu_error=1×tamp=1715327810 HTTP/1.1
Host: cm.ipinyou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 07:56:51 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="NON DSP COR CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa CONa HISa TELa OTPa OUR UNRa IND UNI COM NAV INT DEM CNT PRE LOC"
Set-Cookie: sessionId=O5AFtoE_yr~I; Domain=.ipinyou.com; Path=/
PYID=O5AFtoE_yVd; Domain=.ipinyou.com; Expires=Sat, 07-Jun-2025 07:56:51 GMT; Path=/
CMBMP=IWn; Domain=.ipinyou.com; Expires=Mon, 20-May-2024 07:56:51 GMT; Path=/
img.t.sinajs.cn/t4/appstyle/widget/css/weiboShow/weiboShow.css?ver=023953ddbba628fd2017
163.181.157.118200 OK 7.4 kB URL GET HTTP/2 img.t.sinajs.cn/t4/appstyle/widget/css/weiboShow/weiboShow.css?ver=023953ddbba628fd2017
IP 163.181.157.118:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://widget.weibo.com/weiboshow/index.php?language=&width=0&height=550&fansRow=2&ptype=0&speed=0&skin=3&isTitle=0&noborder=0&isWeibo=1&isFans=0&uid=1759433917&verifier=b46c844b&dpc=1
Certificate IssuerDigiCert Inc
Subject*.weibo.cn
FingerprintA8:7A:A5:C5:D5:00:D5:37:49:86:82:51:4F:D2:2E:60:CF:50:35:4A
ValidityWed, 06 Dec 2023 00:00:00 GMT - Fri, 03 Jan 2025 23:59:59 GMT
File type ASCII text, with very long lines (32107), with no line terminators
Hash a2077aa3303fcd809c2114dd567c4ec1
15d28178859ecea065d3ebd3047f14c53851bb40
7c4927fc93458e03a1f8dbc877d48f454a1b6a826557e7be93037fe5a7c3e93c
GET /t4/appstyle/widget/css/weiboShow/weiboShow.css?ver=023953ddbba628fd2017 HTTP/1.1
Host: img.t.sinajs.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://widget.weibo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: text/css
content-length: 7362
date: Mon, 29 Apr 2024 17:33:04 GMT
access-control-allow-headers: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
access-control-max-age: 31536000
cache-control: max-age=1296000
etag: W/"a2077aa3303fcd809c2114dd567c4ec1"
last-modified: Tue, 20 Dec 2022 14:55:15 GMT
vary: Accept-Encoding, Accept-Encoding
x-amz-meta-crc32: 8CCD25BC
x-amz-meta-uploadlocation: /jtpool-weibojs
x-filesize: 32107
x-requester: GRPS000000ANONYMOUSE
x-requestid: c397b583-2404-2904-1833-0894eff93894
expires: Mon, 13 May 2024 20:18:33 GMT
content-encoding: gzip
edge-copy-time: 1714335513338
via: http/1.1 cnc.guangzhou.union.26 (ApacheTrafficServer/6.2.1 [cHs f ]), cache22.l2us1[0,0,200-0,H], cache23.l2us1[1,0], ens-cache3.de7[0,0,200-0,H], ens-cache3.de7[0,0]
x-via-cdn: f=aliyun,s=ens-cache3.de7,c=91.90.42.154;f=sinaedge,s=cnc.guangzhou.union.24.nb.sinaedge.com,c=163.181.67.170;f=Edge,s=cnc.guangzhou.union.26,c=172.16.116.24
x-via-edge: 1714411984027aa43b5a3187410ac26003559
ali-swift-global-savetime: 1714411984
age: 915828
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Wed, 08 May 2024 02:30:21 GMT
x-swift-cachetime: 572563
timing-allow-origin: *
eagleid: a3b5839717153278120925598e
X-Firefox-Spdy: h2
js.t.sinajs.cn/t5/pack/static/STK/gaea_1_20.js?ver=023953ddbba628fd2017
163.181.157.117200 OK 31 kB URL GET HTTP/2 js.t.sinajs.cn/t5/pack/static/STK/gaea_1_20.js?ver=023953ddbba628fd2017
IP 163.181.157.117:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://widget.weibo.com/weiboshow/index.php?language=&width=0&height=550&fansRow=2&ptype=0&speed=0&skin=3&isTitle=0&noborder=0&isWeibo=1&isFans=0&uid=1759433917&verifier=b46c844b&dpc=1
Certificate IssuerDigiCert Inc
Subject*.weibo.cn
FingerprintA8:7A:A5:C5:D5:00:D5:37:49:86:82:51:4F:D2:2E:60:CF:50:35:4A
ValidityWed, 06 Dec 2023 00:00:00 GMT - Fri, 03 Jan 2025 23:59:59 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (13019)
Hash b177449ecbc3aa6e8b018184eee7f55f
9c99ace34c51f037f57ceb795e464190aa39515d
a0b40d875c8e9d6904d8ff59d1fe0a7c2120700858886486cdaafe96aebe361e
GET /t5/pack/static/STK/gaea_1_20.js?ver=023953ddbba628fd2017 HTTP/1.1
Host: js.t.sinajs.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://widget.weibo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: application/x-javascript
content-length: 31210
date: Wed, 01 May 2024 23:02:36 GMT
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
access-control-max-age: 31536000
cache-control: max-age=1296000
etag: W/"b177449ecbc3aa6e8b018184eee7f55f"
last-modified: Tue, 20 Dec 2022 15:08:42 GMT
vary: Accept-Encoding, Accept-Encoding
x-amz-meta-crc32: 4265E298
x-amz-meta-uploadlocation: /jtpool-weibojs
x-filesize: 85607
x-requester: GRPS000000ANONYMOUSE
x-requestid: c7c81046-2405-0207-0236-6c92bfce67b7
expires: Thu, 16 May 2024 23:02:36 GMT
content-encoding: gzip
edge-copy-time: 1714604556879
via: http/1.1 cmcc.guangzhou.union.80 (ApacheTrafficServer/6.2.1 [cMsSfW]), cache33.l2us1[0,6,200-0,H], cache15.l2us1[7,0], ens-cache8.de7[0,0,200-0,H], ens-cache9.de7[1,0]
x-via-cdn: f=aliyun,s=ens-cache9.de7,c=91.90.42.154;f=sinaedge,s=cmcc.guangzhou.union.42.nb.sinaedge.com,c=163.181.67.181;f=Edge,s=cmcc.guangzhou.union.80,c=172.16.174.42;f=edge,s=jtpool-weibojsstorage-566985c697-qn754,c=10.79.150.25;
x-via-edge: 1714604556810b543b5a32aae10ac4349ad62
timing-allow-origin: *, *
ali-swift-global-savetime: 1714604557
age: 723255
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Wed, 08 May 2024 02:27:57 GMT
x-swift-cachetime: 765280
eagleid: a3b5839d17153278120882836e
X-Firefox-Spdy: h2
js.t.sinajs.cn/t5/pack/static/widgets/show.js?ver=023953ddbba628fd2017
163.181.157.117200 OK 16 kB URL GET HTTP/2 js.t.sinajs.cn/t5/pack/static/widgets/show.js?ver=023953ddbba628fd2017
IP 163.181.157.117:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://widget.weibo.com/weiboshow/index.php?language=&width=0&height=550&fansRow=2&ptype=0&speed=0&skin=3&isTitle=0&noborder=0&isWeibo=1&isFans=0&uid=1759433917&verifier=b46c844b&dpc=1
Certificate IssuerDigiCert Inc
Subject*.weibo.cn
FingerprintA8:7A:A5:C5:D5:00:D5:37:49:86:82:51:4F:D2:2E:60:CF:50:35:4A
ValidityWed, 06 Dec 2023 00:00:00 GMT - Fri, 03 Jan 2025 23:59:59 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (369)
Hash 292e0693140229296a84823c87ea6b66
cdb22c8299b0d07f8cc2b023e1a6b391279cea68
d9697fbe14829fa20e8a76ff2f733e29075cd71407113665ee0e3800934b3781
GET /t5/pack/static/widgets/show.js?ver=023953ddbba628fd2017 HTTP/1.1
Host: js.t.sinajs.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://widget.weibo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: application/x-javascript
content-length: 15909
date: Sat, 27 Apr 2024 08:26:05 GMT
expires: Sun, 12 May 2024 07:07:28 GMT
cache-control: max-age=1296000
via: http/1.1 cmcc.guangzhou.union.72 (ApacheTrafficServer/6.2.1 [cRs f ]), cache10.l2us1[0,0,200-0,H], cache1.l2us1[0,0], ens-cache10.de7[0,0,200-0,H], ens-cache9.de7[0,0]
x-via-cdn: f=aliyun,s=ens-cache9.de7,c=91.90.42.154;f=sinaedge,s=cmcc.guangzhou.union.78.nb.sinaedge.com,c=163.181.67.158;f=Edge,s=cmcc.guangzhou.union.72,c=172.16.174.78
x-via-edge: 17142063651909e43b5a34eae10ac557e2d31
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
timing-allow-origin: *, *
access-control-max-age: 31536000
etag: W/"292e0693140229296a84823c87ea6b66"
last-modified: Tue, 20 Dec 2022 15:08:47 GMT
vary: Accept-Encoding, Accept-Encoding
x-amz-meta-crc32: 2BDA7B50
x-amz-meta-uploadlocation: /jtpool-weibojs
x-filesize: 62977
x-requester: GRPS000000ANONYMOUSE
x-requestid: ae80dec5-2404-1114-0635-6c92bfce67e5
content-encoding: gzip
edge-copy-time: 1712815595340
ali-swift-global-savetime: 1714206365
age: 1121447
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Thu, 09 May 2024 02:20:31 GMT
x-swift-cachetime: 281134
eagleid: a3b5839d17153278121353004e
X-Firefox-Spdy: h2
tjs.sjs.sinajs.cn/open/analytics/js/suda.js
163.181.157.117200 OK 7.6 kB URL GET HTTP/2 tjs.sjs.sinajs.cn/open/analytics/js/suda.js
IP 163.181.157.117:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://widget.weibo.com/weiboshow/index.php?language=&width=0&height=550&fansRow=2&ptype=0&speed=0&skin=3&isTitle=0&noborder=0&isWeibo=1&isFans=0&uid=1759433917&verifier=b46c844b&dpc=1
Certificate IssuerDigiCert Inc
Subject*.weibo.cn
FingerprintA8:7A:A5:C5:D5:00:D5:37:49:86:82:51:4F:D2:2E:60:CF:50:35:4A
ValidityWed, 06 Dec 2023 00:00:00 GMT - Fri, 03 Jan 2025 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (20513), with no line terminators
Hash db6f5212d206d256e3b59c8e46b06f20
11c7ec5cc7895a50dec2e0a28e1bd9a5b5e8c90f
a01f8d386e0dae7f817801a3556a5d67c3d92cb61cf911888f8e5c0e96374478
GET /open/analytics/js/suda.js HTTP/1.1
Host: tjs.sjs.sinajs.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://widget.weibo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: application/x-javascript
content-length: 7648
date: Fri, 26 Apr 2024 00:49:57 GMT
expires: Fri, 10 May 2024 20:31:31 GMT
cache-control: max-age=1296000
via: http/1.1 cmcc.guangzhou.union.78 (ApacheTrafficServer/6.2.1 [cRs f ]), cache10.l2us1[0,0,200-0,H], cache15.l2us1[1,0], ens-cache11.de7[0,0,200-0,H], ens-cache9.de7[0,0]
x-via-cdn: f=aliyun,s=ens-cache9.de7,c=91.90.42.154;f=sinaedge,s=cmcc.guangzhou.union.80.nb.sinaedge.com,c=163.181.67.158;f=Edge,s=cmcc.guangzhou.union.78,c=172.16.174.80
x-via-edge: 17140925971779e43b5a350ae10ac7df3a807
access-control-allow-origin: *
access-control-allow-headers: *
access-control-allow-methods: GET,OPTIONS
access-control-max-age: 31536000
etag: W/"db6f5212d206d256e3b59c8e46b06f20"
last-modified: Tue, 20 Dec 2022 10:26:42 GMT
vary: Accept-Encoding, Accept-Encoding
x-amz-meta-crc32: F01D94B7
x-amz-meta-uploadlocation: /jtpool-weibojs
x-filesize: 20513
x-requester: GRPS000000ANONYMOUSE
x-requestid: adcbce7d-2404-1105-0755-6c92bfce67c0
content-encoding: gzip
edge-copy-time: 1712783275513
ali-swift-global-savetime: 1714092597
age: 1235215
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Sun, 05 May 2024 14:38:57 GMT
x-swift-cachetime: 468660
timing-allow-origin: *
eagleid: a3b5839d17153278121413037e
X-Firefox-Spdy: h2
img.t.sinajs.cn/t4/appstyle/widget/css/weiboShow/skin/skin03.css?ver=023953ddbba628fd2017
163.181.157.118200 OK 666 B URL GET HTTP/2 img.t.sinajs.cn/t4/appstyle/widget/css/weiboShow/skin/skin03.css?ver=023953ddbba628fd2017
IP 163.181.157.118:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://widget.weibo.com/weiboshow/index.php?language=&width=0&height=550&fansRow=2&ptype=0&speed=0&skin=3&isTitle=0&noborder=0&isWeibo=1&isFans=0&uid=1759433917&verifier=b46c844b&dpc=1
Certificate IssuerDigiCert Inc
Subject*.weibo.cn
FingerprintA8:7A:A5:C5:D5:00:D5:37:49:86:82:51:4F:D2:2E:60:CF:50:35:4A
ValidityWed, 06 Dec 2023 00:00:00 GMT - Fri, 03 Jan 2025 23:59:59 GMT
File type ASCII text, with very long lines (3039), with no line terminators
Hash 25ff96ec952ebf34b6c3865ae01eda9d
ce0de431a2c6deea54ba4db40c50c492866b570b
dc824afdc730bdb61fa8694388e847c459c074dd835125f7349dc64081a6ce7c
GET /t4/appstyle/widget/css/weiboShow/skin/skin03.css?ver=023953ddbba628fd2017 HTTP/1.1
Host: img.t.sinajs.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://widget.weibo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: text/css
content-length: 666
date: Mon, 06 May 2024 13:26:15 GMT
access-control-allow-headers: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
access-control-max-age: 31536000
cache-control: max-age=1296000
etag: W/"25ff96ec952ebf34b6c3865ae01eda9d"
last-modified: Tue, 20 Dec 2022 14:55:15 GMT
vary: Accept-Encoding, Accept-Encoding
x-amz-meta-crc32: 7145BBAB
x-amz-meta-uploadlocation: /jtpool-weibojs
x-filesize: 3039
x-requester: GRPS000000ANONYMOUSE
x-requestid: ca2ab41f-2405-0423-1343-0894eff9382c
expires: Sun, 19 May 2024 15:13:43 GMT
content-encoding: gzip
edge-copy-time: 1714835623802
via: http/1.1 cmcc.guangzhou.union.42 (ApacheTrafficServer/6.2.1 [cRs f ]), cache12.l2us1[0,0,200-0,H], cache21.l2us1[6,0], ens-cache4.de7[0,0,200-0,H], ens-cache3.de7[1,0]
x-via-cdn: f=aliyun,s=ens-cache3.de7,c=91.90.42.154;f=sinaedge,s=cmcc.guangzhou.union.7777.nb.sinaedge.com,c=163.181.67.160;f=Edge,s=cmcc.guangzhou.union.42,c=172.16.174.77
x-via-edge: 1715001975387a043b5a34dae10ac7bebcb11
ali-swift-global-savetime: 1715001975
age: 325837
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Wed, 08 May 2024 02:51:41 GMT
x-swift-cachetime: 1161274
timing-allow-origin: *
eagleid: a3b5839717153278122736206e
X-Firefox-Spdy: h2
ocsp.digicert.cn/
47.246.3.238 471 B IP 47.246.3.238:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash a19b33aaf38a460b4d7bd7d8972ffee5
aa46779a8a883f0459f96b17f70c91ef9ec089ab
3682a968ab1538c45a8ac550605fb8fb3a796122c12d56b05229a3658d35909c
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: max-age=7200
Date: Fri, 10 May 2024 07:56:52 GMT
Ali-Swift-Global-Savetime: 1715327812
Via: cache14.l2de2[285,284,200-0,M], cache14.l2de2[287,0], cache4.ru4[318,317,200-0,M], cache4.ru4[318,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Fri, 10 May 2024 07:56:52 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff6039817153278119764293e
cm.ipinyou.com/sohu/cms.gif?suid=2405101556513101&ver=1
152.136.179.124200 OK 43 B URL GET HTTP/1.1 cm.ipinyou.com/sohu/cms.gif?suid=2405101556513101&ver=1
IP 152.136.179.124:443
ASN #45090 Shenzhen Tencent Computer Systems Company Limited
Requested by http://chengdu.icef.com.cn/
Certificate IssuerDigiCert, Inc.
Subject*.ipinyou.com
FingerprintFA:D0:DC:A6:4A:94:52:09:0D:DF:D7:42:47:A2:12:EB:D5:18:DC:A4
ValidityThu, 29 Feb 2024 00:00:00 GMT - Mon, 31 Mar 2025 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /sohu/cms.gif?suid=2405101556513101&ver=1 HTTP/1.1
Host: cm.ipinyou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 07:56:52 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="NON DSP COR CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa CONa HISa TELa OTPa OUR UNRa IND UNI COM NAV INT DEM CNT PRE LOC"
Set-Cookie: sessionId=O5AFtp5dzN3P; Domain=.ipinyou.com; Path=/
PYID=O5AFtp5dzDT; Domain=.ipinyou.com; Expires=Sat, 07-Jun-2025 07:56:52 GMT; Path=/
CMBMP=IWf_; Domain=.ipinyou.com; Expires=Mon, 20-May-2024 07:56:52 GMT; Path=/
ocsp.digicert.cn/
47.246.3.231 471 B IP 47.246.3.231:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash a19b33aaf38a460b4d7bd7d8972ffee5
aa46779a8a883f0459f96b17f70c91ef9ec089ab
3682a968ab1538c45a8ac550605fb8fb3a796122c12d56b05229a3658d35909c
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: max-age=7200
Date: Fri, 10 May 2024 07:56:52 GMT
Ali-Swift-Global-Savetime: 1715327812
Via: cache2.l2de2[494,494,200-0,M], cache2.l2de2[495,0], cache10.ru4[526,525,200-0,M], cache10.ru4[526,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Fri, 10 May 2024 07:56:52 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff6039e17153278120805617e
img.t.sinajs.cn/t4/appstyle/widget/images/library/base/icon_user.png?id=1367910055834
163.181.157.118200 OK 3.0 kB URL GET HTTP/2 img.t.sinajs.cn/t4/appstyle/widget/images/library/base/icon_user.png?id=1367910055834
IP 163.181.157.118:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://widget.weibo.com/weiboshow/index.php?language=&width=0&height=550&fansRow=2&ptype=0&speed=0&skin=3&isTitle=0&noborder=0&isWeibo=1&isFans=0&uid=1759433917&verifier=b46c844b&dpc=1
Certificate IssuerDigiCert Inc
Subject*.weibo.cn
FingerprintA8:7A:A5:C5:D5:00:D5:37:49:86:82:51:4F:D2:2E:60:CF:50:35:4A
ValidityWed, 06 Dec 2023 00:00:00 GMT - Fri, 03 Jan 2025 23:59:59 GMT
File type PNG image data, 20 x 120, 8-bit/color RGBA, non-interlaced
Hash 540776f39fc4d259e834a07e5d0feb32
dc92f7b6f1d2d902445251f3eb47c27f48d18c3a
56ad493c860ac8c5a3a2baa6c96fb45a1be871fb59e6f549d49868ac9daad45e
GET /t4/appstyle/widget/images/library/base/icon_user.png?id=1367910055834 HTTP/1.1
Host: img.t.sinajs.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://img.t.sinajs.cn/t4/appstyle/widget/css/weiboShow/weiboShow.css?ver=023953ddbba628fd2017
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/png
content-length: 2984
date: Sun, 05 May 2024 07:16:41 GMT
access-control-allow-headers: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
access-control-max-age: 31536000
cache-control: max-age=1296000
etag: "540776f39fc4d259e834a07e5d0feb32"
last-modified: Tue, 20 Dec 2022 14:55:17 GMT
vary: Accept-Encoding
x-amz-meta-crc32: D0AD14CA
x-amz-meta-uploadlocation: /jtpool-weibojs
x-filesize: 2984
x-requester: GRPS000000ANONYMOUSE
x-requestid: c98b2e26-2405-0510-0526-b4055d752a1d
expires: Mon, 20 May 2024 02:05:26 GMT
edge-copy-time: 1714874726950
via: http/1.1 cmcc.guangzhou.union.79 (ApacheTrafficServer/6.2.1 [cRs f ]), cache20.l2us1[0,0,200-0,H], cache30.l2us1[1,0], ens-cache3.de7[0,0,200-0,H], ens-cache3.de7[0,0]
x-via-cdn: f=aliyun,s=ens-cache3.de7,c=91.90.42.154;f=sinaedge,s=ctc.guangzhou.union.50.nb.sinaedge.com,c=163.181.67.168;f=Edge,s=cmcc.guangzhou.union.79,c=10.31.54.50
x-via-edge: 1714893401635a843b5a332361f0a2987c6eb
ali-swift-global-savetime: 1714893401
age: 434411
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Wed, 08 May 2024 02:30:22 GMT
x-swift-cachetime: 1053979
timing-allow-origin: *
eagleid: a3b5839717153278127437614e
X-Firefox-Spdy: h2
img.t.sinajs.cn/t4/appstyle/widget/images/library/base/btns_bg.png?id=1367910055834
163.181.157.118200 OK 3.4 kB URL GET HTTP/2 img.t.sinajs.cn/t4/appstyle/widget/images/library/base/btns_bg.png?id=1367910055834
IP 163.181.157.118:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://widget.weibo.com/weiboshow/index.php?language=&width=0&height=550&fansRow=2&ptype=0&speed=0&skin=3&isTitle=0&noborder=0&isWeibo=1&isFans=0&uid=1759433917&verifier=b46c844b&dpc=1
Certificate IssuerDigiCert Inc
Subject*.weibo.cn
FingerprintA8:7A:A5:C5:D5:00:D5:37:49:86:82:51:4F:D2:2E:60:CF:50:35:4A
ValidityWed, 06 Dec 2023 00:00:00 GMT - Fri, 03 Jan 2025 23:59:59 GMT
File type PNG image data, 200 x 800, 8-bit colormap, non-interlaced
Hash 828ae2037c53209b1a417927d01d49c2
d9946236d8c441fc6ccb9265be9ba41e1b6a6b1f
e3fd3548bf51417dfacfd5dba7686615f5adf5f03e339bf4e5d08593ad596e61
GET /t4/appstyle/widget/images/library/base/btns_bg.png?id=1367910055834 HTTP/1.1
Host: img.t.sinajs.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://img.t.sinajs.cn/t4/appstyle/widget/css/weiboShow/weiboShow.css?ver=023953ddbba628fd2017
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/png
content-length: 3371
date: Tue, 30 Apr 2024 07:09:09 GMT
access-control-allow-headers: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
access-control-max-age: 31536000
cache-control: max-age=1296000
etag: "828ae2037c53209b1a417927d01d49c2"
last-modified: Tue, 20 Dec 2022 14:55:15 GMT
vary: Accept-Encoding
x-amz-meta-crc32: D3A45614
x-amz-meta-uploadlocation: /jtpool-weibojs
x-filesize: 3371
x-requester: GRPS000000ANONYMOUSE
x-requestid: c501b3be-2404-2902-5304-6c92bfce6724
expires: Mon, 13 May 2024 18:53:04 GMT
edge-copy-time: 1714330384505
via: http/1.1 cmcc.guangzhou.union.72 (ApacheTrafficServer/6.2.1 [cHs f ]), cache24.l2us1[0,0,200-0,H], cache34.l2us1[2,0], ens-cache3.de7[0,0,200-0,H], ens-cache3.de7[0,0]
x-via-cdn: f=aliyun,s=ens-cache3.de7,c=91.90.42.154;f=sinaedge,s=ctc.guangzhou.union.186.nb.sinaedge.com,c=163.181.67.172;f=Edge,s=cmcc.guangzhou.union.72,c=10.31.50.186
x-via-edge: 1714460949566ac43b5a3ba321f0a7047a8d7
ali-swift-global-savetime: 1714460949
age: 866863
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Wed, 08 May 2024 02:30:22 GMT
x-swift-cachetime: 621527
timing-allow-origin: *
eagleid: a3b5839717153278127517636e
X-Firefox-Spdy: h2
img.t.sinajs.cn/t4/appstyle/widget/images/library/base/icon_follow.png?id=1367910055834
163.181.157.118200 OK 1.0 kB URL GET HTTP/2 img.t.sinajs.cn/t4/appstyle/widget/images/library/base/icon_follow.png?id=1367910055834
IP 163.181.157.118:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://widget.weibo.com/weiboshow/index.php?language=&width=0&height=550&fansRow=2&ptype=0&speed=0&skin=3&isTitle=0&noborder=0&isWeibo=1&isFans=0&uid=1759433917&verifier=b46c844b&dpc=1
Certificate IssuerDigiCert Inc
Subject*.weibo.cn
FingerprintA8:7A:A5:C5:D5:00:D5:37:49:86:82:51:4F:D2:2E:60:CF:50:35:4A
ValidityWed, 06 Dec 2023 00:00:00 GMT - Fri, 03 Jan 2025 23:59:59 GMT
File type PNG image data, 162 x 12, 2-bit colormap, non-interlaced
Hash d0345c1fc25b71d5416ee639d122b043
8c44dd7faa63061fa9964303a340ac0dbffea16b
22d1faa4a2f31f578b6cb7864686a46f34979ddca0df8a6fe43dc96e4a1ba922
GET /t4/appstyle/widget/images/library/base/icon_follow.png?id=1367910055834 HTTP/1.1
Host: img.t.sinajs.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://img.t.sinajs.cn/t4/appstyle/widget/css/weiboShow/weiboShow.css?ver=023953ddbba628fd2017
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/png
content-length: 1029
date: Tue, 30 Apr 2024 07:09:09 GMT
access-control-allow-headers: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
access-control-max-age: 31536000
cache-control: max-age=1296000
etag: "d0345c1fc25b71d5416ee639d122b043"
last-modified: Tue, 20 Dec 2022 14:55:15 GMT
vary: Accept-Encoding
x-amz-meta-crc32: EBDD364A
x-amz-meta-uploadlocation: /jtpool-weibojs
x-filesize: 1029
x-requester: GRPS000000ANONYMOUSE
x-requestid: c458c8b8-2404-2906-5046-6c92bfce67c0
expires: Mon, 13 May 2024 22:50:46 GMT
edge-copy-time: 1714344646066
via: http/1.1 cmcc.guangzhou.union.42 (ApacheTrafficServer/6.2.1 [cHs f ]), cache20.l2us1[0,0,200-0,H], cache9.l2us1[1,0], ens-cache1.de7[0,0,200-0,H], ens-cache3.de7[0,0]
x-via-cdn: f=aliyun,s=ens-cache3.de7,c=91.90.42.154;f=sinaedge,s=cmcc.guangzhou.union.72.nb.sinaedge.com,c=163.181.67.168;f=Edge,s=cmcc.guangzhou.union.42,c=172.16.174.72
x-via-edge: 1714460949534a843b5a348ae10ac6ae6ae8a
ali-swift-global-savetime: 1714460949
age: 866863
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Wed, 08 May 2024 04:50:33 GMT
x-swift-cachetime: 613116
timing-allow-origin: *
eagleid: a3b5839717153278127567644e
X-Firefox-Spdy: h2
img.t.sinajs.cn/t4/appstyle/widget/images/library/tips/bg_trans.png?id=1367910055834
163.181.157.118200 OK 176 B URL GET HTTP/2 img.t.sinajs.cn/t4/appstyle/widget/images/library/tips/bg_trans.png?id=1367910055834
IP 163.181.157.118:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://widget.weibo.com/weiboshow/index.php?language=&width=0&height=550&fansRow=2&ptype=0&speed=0&skin=3&isTitle=0&noborder=0&isWeibo=1&isFans=0&uid=1759433917&verifier=b46c844b&dpc=1
Certificate IssuerDigiCert Inc
Subject*.weibo.cn
FingerprintA8:7A:A5:C5:D5:00:D5:37:49:86:82:51:4F:D2:2E:60:CF:50:35:4A
ValidityWed, 06 Dec 2023 00:00:00 GMT - Fri, 03 Jan 2025 23:59:59 GMT
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced
Hash 478ae0f52366bc78aecac7c3d513a2b4
0618b1ebe3372d8b6312b51a10b36e330878494c
8f51568caf49512fabe6eebd8440a8e253a7797f187dbd24bed78d5b8931ab2d
GET /t4/appstyle/widget/images/library/tips/bg_trans.png?id=1367910055834 HTTP/1.1
Host: img.t.sinajs.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://img.t.sinajs.cn/t4/appstyle/widget/css/weiboShow/weiboShow.css?ver=023953ddbba628fd2017
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/png
content-length: 176
date: Tue, 07 May 2024 15:50:29 GMT
access-control-allow-headers: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
access-control-max-age: 31536000
cache-control: max-age=1296000
etag: "478ae0f52366bc78aecac7c3d513a2b4"
last-modified: Tue, 20 Dec 2022 14:55:16 GMT
vary: Accept-Encoding
x-amz-meta-crc32: 6D2C0565
x-amz-meta-uploadlocation: /jtpool-weibojs
x-filesize: 176
x-requester: GRPS000000ANONYMOUSE
x-requestid: ccbce3b4-2405-0702-0549-0894eff932bc
expires: Tue, 21 May 2024 18:05:49 GMT
edge-copy-time: 1715018749184
via: http/1.1 cmcc.guangzhou.union.39 (ApacheTrafficServer/6.2.1 [cHs f ]), cache8.l2us1[0,0,200-0,H], cache20.l2us1[1,0], ens-cache1.de7[0,0,200-0,H], ens-cache3.de7[1,0]
x-via-cdn: f=aliyun,s=ens-cache3.de7,c=91.90.42.154;f=sinaedge,s=cnc.guangzhou.union.26.nb.sinaedge.com,c=163.181.67.156;f=Edge,s=cmcc.guangzhou.union.39,c=172.16.116.26
x-via-edge: 17150970296209c43b5a31a7410ac61036bcc
ali-swift-global-savetime: 1715097029
age: 230783
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Wed, 08 May 2024 04:50:33 GMT
x-swift-cachetime: 1249196
timing-allow-origin: *
eagleid: a3b5839717153278127587651e
X-Firefox-Spdy: h2
img.t.sinajs.cn/t4/appstyle/widget/images/library/base/icon_tips.png?id=1367910055834
163.181.157.118200 OK 8.6 kB URL GET HTTP/2 img.t.sinajs.cn/t4/appstyle/widget/images/library/base/icon_tips.png?id=1367910055834
IP 163.181.157.118:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://widget.weibo.com/weiboshow/index.php?language=&width=0&height=550&fansRow=2&ptype=0&speed=0&skin=3&isTitle=0&noborder=0&isWeibo=1&isFans=0&uid=1759433917&verifier=b46c844b&dpc=1
Certificate IssuerDigiCert Inc
Subject*.weibo.cn
FingerprintA8:7A:A5:C5:D5:00:D5:37:49:86:82:51:4F:D2:2E:60:CF:50:35:4A
ValidityWed, 06 Dec 2023 00:00:00 GMT - Fri, 03 Jan 2025 23:59:59 GMT
File type PNG image data, 380 x 83, 8-bit/color RGBA, non-interlaced
Hash 10e2e26bf7bb281785f1a866d24a855c
2276565369b568736f4437a219a4440673aa683b
6f8e80828c208fc58f2bb189d57eb9eb809b68cbc03eccff185e2909e8e4a24d
GET /t4/appstyle/widget/images/library/base/icon_tips.png?id=1367910055834 HTTP/1.1
Host: img.t.sinajs.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://img.t.sinajs.cn/t4/appstyle/widget/css/weiboShow/weiboShow.css?ver=023953ddbba628fd2017
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: Tengine
content-type: image/png
content-length: 8597
date: Tue, 07 May 2024 00:06:45 GMT
access-control-allow-headers: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
access-control-max-age: 31536000
cache-control: max-age=1296000
etag: "10e2e26bf7bb281785f1a866d24a855c"
last-modified: Tue, 20 Dec 2022 14:55:15 GMT
vary: Accept-Encoding
x-amz-meta-crc32: 6F34FB1C
x-amz-meta-uploadlocation: /jtpool-weibojs
x-filesize: 8597
x-requester: GRPS000000ANONYMOUSE
x-requestid: b2df958f-2405-0701-3745-0894eff93358
expires: Tue, 21 May 2024 17:37:45 GMT
edge-copy-time: 1715017065400
via: http/1.1 cmcc.guangzhou.union.72 (ApacheTrafficServer/6.2.1 [cHs f ]), cache5.l2us1[0,0,200-0,H], cache40.l2us1[1,0], ens-cache11.de7[0,0,200-0,H], ens-cache3.de7[0,0]
x-via-cdn: f=aliyun,s=ens-cache3.de7,c=91.90.42.154;f=sinaedge,s=ctc.guangzhou.union.188.nb.sinaedge.com,c=163.181.67.153;f=Edge,s=cmcc.guangzhou.union.72,c=10.31.50.188
x-via-edge: 17150404055219943b5a3bc321f0a631c6ef3
ali-swift-global-savetime: 1715040405
age: 287407
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Wed, 08 May 2024 02:30:22 GMT
x-swift-cachetime: 1200983
timing-allow-origin: *
eagleid: a3b5839717153278127607655e
X-Firefox-Spdy: h2
cm.l.qq.com/?dspid=10016&dspuid=O5AFtn4UcrPt&gettuid=1
220.194.116.29302 Object moved 0 B URL GET HTTP/1.1 cm.l.qq.com/?dspid=10016&dspuid=O5AFtn4UcrPt&gettuid=1
IP 220.194.116.29:443
ASN #4837 CHINA UNICOM China169 Backbone
Requested by http://chengdu.icef.com.cn/
Certificate IssuerDigiCert Inc
Subjectl.qq.com
Fingerprint60:B8:9B:22:D5:AE:5B:8A:11:A2:BB:82:A0:F3:32:83:7D:20:C5:51
ValidityWed, 28 Jun 2023 00:00:00 GMT - Sun, 28 Jul 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?dspid=10016&dspuid=O5AFtn4UcrPt&gettuid=1 HTTP/1.1
Host: cm.l.qq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Object moved
Date: Fri, 10 May 2024 07:56:52 GMT
Content-Type: text/html;charset=GB2312
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://cm.ipinyou.com/qq/cms.gif?tuid=AQEBhh71Bdts-HMOwnXIUCHxilRIDSnL7ndg&ver=1
Set-Cookie: cm_cookie=V1,10016&O5AFtn4UcrPt&AQEBhh71Bdts-HMOwnXIUCHxilRIDSnL7ndg&240510&240510;expires=Wed, 06-Nov-2024 07:56:52 GMT;PATH=/; domain=l.qq.com;
reduplicate_cookie=10016&O5AFtn4UcrPt&1715327812;expires=Fri, 10-May-2024 08:56:52 GMT;PATH=/; domain=l.qq.com;
101.200.185.60/upload/132551019815423435.jpg
101.200.185.60200 OK 448 kB URL GET HTTP/1.1 101.200.185.60/upload/132551019815423435.jpg
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=16, height=2000, bps=206, PhotometricInterpretation=RGB, manufacturer=Canon, model=Canon EOS 5D Mark III, orientation=upper-left, width=3000], progressive, precision 8, 800x533, components 3
Size 448 kB (447451 bytes)
Hash bfedc2a17e41f6375149525c2243178a
2ea74f3703e56eafff6e889c5ea773113bc0b223
bbb54b3ba55a259c37f43760f7bc1bbb78d196192a572055146f881483416166
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/132551019815423435.jpg HTTP/1.1
Host: 101.200.185.60
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 447451
Content-Type: image/jpeg
Last-Modified: Thu, 14 Jan 2021 12:46:21 GMT
Accept-Ranges: bytes
ETag: "a597b84273ead61:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:50 GMT
tvax2.sinaimg.cn/crop.0.0.600.600.50/68ded4bdly8h4vwghaj5mj20go0godh3.jpg?KID=imgbed,tva&Expires=1715338582&ssig=W0Bahf8fdI
23.36.77.33200 OK 1.7 kB URL GET HTTP/2 tvax2.sinaimg.cn/crop.0.0.600.600.50/68ded4bdly8h4vwghaj5mj20go0godh3.jpg?KID=imgbed,tva&Expires=1715338582&ssig=W0Bahf8fdI
IP 23.36.77.33:443
ASN #20940 Akamai International B.V.
Requested by https://widget.weibo.com/weiboshow/index.php?language=&width=0&height=550&fansRow=2&ptype=0&speed=0&skin=3&isTitle=0&noborder=0&isWeibo=1&isFans=0&uid=1759433917&verifier=b46c844b&dpc=1
Certificate IssuerDigiCert Inc
Subjectwww.sina.com
FingerprintFB:EC:BC:1E:EA:60:3D:07:CC:FD:08:D7:E9:B1:D0:C2:AB:6E:A5:A5
ValidityFri, 19 Jan 2024 00:00:00 GMT - Wed, 22 Jan 2025 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3
Hash ad7d587a11b85ef6504cb37b53bc51dc
7019ff211f498d6d3f634df4eecdd6b7ecc4ef31
ad48a26c8e33b5186965398e03f087ba4375d78838bff7012809fb625bf824cc
GET /crop.0.0.600.600.50/68ded4bdly8h4vwghaj5mj20go0godh3.jpg?KID=imgbed,tva&Expires=1715338582&ssig=W0Bahf8fdI HTTP/1.1
Host: tvax2.sinaimg.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://widget.weibo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 1713
x-ban: MISS,22023
x-debug-hit: sto(56763,31.000)
pragma: public
last-modified: Mon, 08 Jul 2013 18:06:40 GMT
etag: "1-ad7d587a11b85ef6504cb37b53bc51dc"
edge-copy-time: 1714648315546
x-via-cdn: f=Akamai,s=23.36.77.29,c=91.90.42.154;f=sinaedge,s=cnc.guangzhou.union.55.nb.sinaedge.com,c=23.48.148.157;f=Edge,s=ctc.guangzhou.union.50,c=172.16.116.55
x-via-edge: 17153277838059d943017377410ac039d4d78
access-control-allow-credentials: true
cache-control: max-age=184467
expires: Sun, 12 May 2024 11:11:20 GMT
date: Fri, 10 May 2024 07:56:53 GMT
x-cache: TCP_MISS from a23-36-77-29.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56213035) (-)
x-cache-remote: TCP_MISS from a2-17-160-226.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56213035) (-)
network_info: US_LASVEGAS_396982, NO_OSLO_50304
served-from: e:23.48.148.157
X-Firefox-Spdy: h2
chengdu.icef.com.cn/favicon.ico
101.200.185.60404 Not Found 1.2 kB URL GET HTTP/1.1 chengdu.icef.com.cn/favicon.ico
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type HTML document, ISO-8859 text, with CRLF line terminators
Hash 8363acaeab9cbb099b59b78a44127ca6
aef448ce5500e3734059ec285cf6ec0b547075f2
9b342ae7f25d65bdb817d8c995f3211ac398e41575fc5d149d994c1dcb008f0a
GET /favicon.ico HTTP/1.1
Host: chengdu.icef.com.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Cookie: yunsuo_session_verify=e9f5f49ca01c7cbf06117df351bc0ab4; ASP.NET_SessionId=4pyyw3npzxhl0ivjabrw2k0b; __tins__398595=%7B%22sid%22%3A%201715327807234%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201715329607234%7D; __51cke__=; __51laig__=1; Hm_lvt_4009f7e85cf2db1be4d75ee562b84710=1715327809; Hm_lpvt_4009f7e85cf2db1be4d75ee562b84710=1715327809; Hm_lvt_8edb7362760b9739cf31db225aa4e6c3=1715327809; Hm_lpvt_8edb7362760b9739cf31db225aa4e6c3=1715327809; _pykey_=d84557b1-5828-5b47-a6a8-e17dc005c13b
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Content-Type: text/html
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:52 GMT
Content-Length: 1163
cm.ipinyou.com/qq/cms.gif?tuid=AQEBhh71Bdts-HMOwnXIUCHxilRIDSnL7ndg&ver=1
152.136.179.124200 OK 43 B URL GET HTTP/1.1 cm.ipinyou.com/qq/cms.gif?tuid=AQEBhh71Bdts-HMOwnXIUCHxilRIDSnL7ndg&ver=1
IP 152.136.179.124:443
ASN #45090 Shenzhen Tencent Computer Systems Company Limited
Requested by http://chengdu.icef.com.cn/
Certificate IssuerDigiCert, Inc.
Subject*.ipinyou.com
FingerprintFA:D0:DC:A6:4A:94:52:09:0D:DF:D7:42:47:A2:12:EB:D5:18:DC:A4
ValidityThu, 29 Feb 2024 00:00:00 GMT - Mon, 31 Mar 2025 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /qq/cms.gif?tuid=AQEBhh71Bdts-HMOwnXIUCHxilRIDSnL7ndg&ver=1 HTTP/1.1
Host: cm.ipinyou.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 07:56:53 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP="NON DSP COR CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa CONa HISa TELa OTPa OUR UNRa IND UNI COM NAV INT DEM CNT PRE LOC"
Set-Cookie: sessionId=O5AFtq0tck6wW; Domain=.ipinyou.com; Path=/
PYID=O5AFtq0tckhM; Domain=.ipinyou.com; Expires=Sat, 07-Jun-2025 07:56:53 GMT; Path=/
CMBMP=IWfd; Domain=.ipinyou.com; Expires=Mon, 20-May-2024 07:56:53 GMT; Path=/
101.200.185.60/upload/132551021379340328.jpg
101.200.185.60200 OK 548 kB URL GET HTTP/1.1 101.200.185.60/upload/132551021379340328.jpg
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=16, height=2000, bps=206, PhotometricInterpretation=RGB, manufacturer=Canon, model=Canon EOS 5D Mark III, orientation=upper-left, width=3000], progressive, precision 8, 800x533, components 3
Size 548 kB (548399 bytes)
Hash 161a1e3d9fe4b44b50f07861ced3d769
f33d03fb94a45380d0f4b345451c03294301b1e1
2dced8eec47d014ef50876e0a51e7874a11134868b8c0b4783c1bd7fb3aedde9
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/132551021379340328.jpg HTTP/1.1
Host: 101.200.185.60
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 548399
Content-Type: image/jpeg
Last-Modified: Thu, 14 Jan 2021 12:48:57 GMT
Accept-Ranges: bytes
ETag: "5679ef9f73ead61:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:49 GMT
rs.sinajs.cn/tmp.gif?id=show&action=pv&uid=0&url=http%3A%2F%2Fchengdu.icef.com.cn%2F&r=1715327812787
49.7.37.33200 OK 43 B URL GET HTTP/2 rs.sinajs.cn/tmp.gif?id=show&action=pv&uid=0&url=http%3A%2F%2Fchengdu.icef.com.cn%2F&r=1715327812787
IP 49.7.37.33:443
ASN #23724 IDC, China Telecommunications Corporation
Requested by https://widget.weibo.com/weiboshow/index.php?language=&width=0&height=550&fansRow=2&ptype=0&speed=0&skin=3&isTitle=0&noborder=0&isWeibo=1&isFans=0&uid=1759433917&verifier=b46c844b&dpc=1
Certificate IssuerDigiCert Inc
Subjectsina.com
Fingerprint73:39:E7:F1:22:7D:34:6D:77:3B:4F:D8:68:B5:FA:C0:AE:C9:94:E2
ValidityWed, 29 Nov 2023 00:00:00 GMT - Sun, 29 Dec 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /tmp.gif?id=show&action=pv&uid=0&url=http%3A%2F%2Fchengdu.icef.com.cn%2F&r=1715327812787 HTTP/1.1
Host: rs.sinajs.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://widget.weibo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 07:56:53 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
x-via-cdn: f=edge,s=ctc.guangzhou.bsd-storage.23.nb.sinaedge.com,c=172.16.138.52;
expires: Fri, 10 May 2024 07:58:53 GMT
cache-control: max-age=120
x-via-ssl: ssl.51.sinag1.yf.lb.sinanode.com
X-Firefox-Spdy: h2
101.200.185.60/upload/132551021768088118.jpg
101.200.185.60200 OK 509 kB URL GET HTTP/1.1 101.200.185.60/upload/132551021768088118.jpg
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=17, height=2667, bps=218, PhotometricInterpretation=RGB, manufacturer=Canon, model=Canon EOS 5D Mark III, orientation=upper-left, width=4000], progressive, precision 8, 800x533, components 3
Size 509 kB (509302 bytes)
Hash 3351a2a93e860277571f8c667eae5aaf
fc309683c2e60d77250f4e3c4ce8a5b17133c9d9
58fa425b73bce00bedec58843d48b5d891b1adbfd6b7628902990adfccd245c9
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/132551021768088118.jpg HTTP/1.1
Host: 101.200.185.60
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 509302
Content-Type: image/jpeg
Last-Modified: Thu, 14 Jan 2021 12:49:36 GMT
Accept-Ranges: bytes
ETag: "4c251bb773ead61:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:52 GMT
101.200.185.60/upload/132551022398563055.jpg
101.200.185.60200 OK 466 kB URL GET HTTP/1.1 101.200.185.60/upload/132551022398563055.jpg
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=17, height=2667, bps=218, PhotometricInterpretation=RGB, manufacturer=Canon, model=Canon EOS 5D Mark III, orientation=upper-left, width=4000], progressive, precision 8, 800x533, components 3
Size 466 kB (465899 bytes)
Hash 7b1e4a51eddb23eb9beb7162c7e9086c
d6ea9b5685b9ca988e76e722c54eacaa0dbeb6ab
55fb26452b3f83388569666129e54cda2a9f14b0a70b56cb14fe4d08b8e05986
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/132551022398563055.jpg HTTP/1.1
Host: 101.200.185.60
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 465899
Content-Type: image/jpeg
Last-Modified: Thu, 14 Jan 2021 12:50:39 GMT
Accept-Ranges: bytes
ETag: "8c6b0dc73ead61:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:50 GMT
101.200.185.60/upload/132700165619310454.png
101.200.185.60200 OK 318 kB URL GET HTTP/1.1 101.200.185.60/upload/132700165619310454.png
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type PNG image data, 416 x 242, 8-bit/color RGBA, non-interlaced
Size 318 kB (318024 bytes)
Hash bdb8a9304022192e0e010d8032d5b21f
1878ed7feab433e6296e92277b63062bb0c9cd53
c24a2ec7a0625b9ed4bce8a9c5f2ac6d2c38a087c70f8ba9825402a21b85e2c7
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/132700165619310454.png HTTP/1.1
Host: 101.200.185.60
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 318024
Content-Type: image/png
Last-Modified: Tue, 06 Jul 2021 03:42:41 GMT
Accept-Ranges: bytes
ETag: "94b64f91872d71:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:47 GMT
cm.pos.baidu.com/pixel?dspid=7311946&ext_data=t3B4ND5Dk35zq1KTuS8vu%2F5Tf_BxkrGzfxudG9pdGxu_ujC4ujriurc%2FKcc2uj65GSC%2FuxY4
110.242.68.135302 Found 0 B URL GET HTTP/1.1 cm.pos.baidu.com/pixel?dspid=7311946&ext_data=t3B4ND5Dk35zq1KTuS8vu%2F5Tf_BxkrGzfxudG9pdGxu_ujC4ujriurc%2FKcc2uj65GSC%2FuxY4
IP 110.242.68.135:80
ASN #4837 CHINA UNICOM China169 Backbone
Requested by http://chengdu.icef.com.cn/
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel?dspid=7311946&ext_data=t3B4ND5Dk35zq1KTuS8vu%2F5Tf_BxkrGzfxudG9pdGxu_ujC4ujriurc%2FKcc2uj65GSC%2FuxY4 HTTP/1.1
Host: cm.pos.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Connection: keep-alive
Content-Length: 0
Content-Type: text/html
Date: Fri, 10 May 2024 07:56:57 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Location: https://a-ssl.ad7.com/pixel/baidu.pic?baidu_error=1×tamp=1715327817
Server: nginx
cms.tanx.com/t.gif?tanx_nid=35147823&tanx_cm&extendata=http%3A%2F%2Ftanxads.ad7.com%2Fpixel%2Ftanx.pic%3Fuid%3D%25%25_OUTERUSERID_%25%25%26extdata=t3B4ND5Dk35zq1KTuS8vu%2F5Tf_BxkrGzfxudG9pdGxu_ujC4ujriurc%2FKcc2uj65GSC%2FuxY4
106.11.23.108302 Found 49 B URL GET HTTP/1.1 cms.tanx.com/t.gif?tanx_nid=35147823&tanx_cm&extendata=http%3A%2F%2Ftanxads.ad7.com%2Fpixel%2Ftanx.pic%3Fuid%3D%25%25_OUTERUSERID_%25%25%26extdata=t3B4ND5Dk35zq1KTuS8vu%2F5Tf_BxkrGzfxudG9pdGxu_ujC4ujriurc%2FKcc2uj65GSC%2FuxY4
IP 106.11.23.108:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type GIF image data, version 89a, 1 x 1
Hash ed280a0ea3cc38f3cbbc747acfbef47d
6bdcb32ee75e957a5085c010f4dfd0c716bfdadc
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
GET /t.gif?tanx_nid=35147823&tanx_cm&extendata=http%3A%2F%2Ftanxads.ad7.com%2Fpixel%2Ftanx.pic%3Fuid%3D%25%25_OUTERUSERID_%25%25%26extdata=t3B4ND5Dk35zq1KTuS8vu%2F5Tf_BxkrGzfxudG9pdGxu_ujC4ujriurc%2FKcc2uj65GSC%2FuxY4 HTTP/1.1
Host: cms.tanx.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Fri, 10 May 2024 07:56:57 GMT
Content-Type: image/gif
Content-Length: 49
Connection: keep-alive
Server: Tengine
P3P: CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV"
Location: http://tbetanx.ad7.com/bidding/tanxcm?tanx_err=1&tanx_ver=1&extendata=http%3A%2F%2Ftanxads.ad7.com%2Fpixel%2Ftanx.pic%3Fuid%3D%25%25_OUTERUSERID_%25%25%26extdata=t3B4ND5Dk35zq1KTuS8vu%2F5Tf_BxkrGzfxudG9pdGxu_ujC4ujriurc%2FKcc2uj65GSC%2FuxY4
EagleEye-TraceId: 210f8caa17153278175306975e67ef
Timing-Allow-Origin: *
tbetanx.ad7.com/bidding/tanxcm?tanx_err=1&tanx_ver=1&extendata=http%3A%2F%2Ftanxads.ad7.com%2Fpixel%2Ftanx.pic%3Fuid%3D%25%25_OUTERUSERID_%25%25%26extdata=t3B4ND5Dk35zq1KTuS8vu%2F5Tf_BxkrGzfxudG9pdGxu_ujC4ujriurc%2FKcc2uj65GSC%2FuxY4
175.6.228.159200 OK 43 B URL GET HTTP/1.1 tbetanx.ad7.com/bidding/tanxcm?tanx_err=1&tanx_ver=1&extendata=http%3A%2F%2Ftanxads.ad7.com%2Fpixel%2Ftanx.pic%3Fuid%3D%25%25_OUTERUSERID_%25%25%26extdata=t3B4ND5Dk35zq1KTuS8vu%2F5Tf_BxkrGzfxudG9pdGxu_ujC4ujriurc%2FKcc2uj65GSC%2FuxY4
IP 175.6.228.159:80
Requested by http://chengdu.icef.com.cn/
File type GIF image data, version 89a, 1 x 1
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /bidding/tanxcm?tanx_err=1&tanx_ver=1&extendata=http%3A%2F%2Ftanxads.ad7.com%2Fpixel%2Ftanx.pic%3Fuid%3D%25%25_OUTERUSERID_%25%25%26extdata=t3B4ND5Dk35zq1KTuS8vu%2F5Tf_BxkrGzfxudG9pdGxu_ujC4ujriurc%2FKcc2uj65GSC%2FuxY4 HTTP/1.1
Host: tbetanx.ad7.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://chengdu.icef.com.cn/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: openresty/1.9.3.1
Date: Fri, 10 May 2024 07:56:58 GMT
Content-Type: image/gif
Connection: close
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Length: 43
wss.ad7.com/?uid=uS8vu4&uf=&m=cru&bn=KQBLN1NyaC&bv=0SY&bk=K_tPq_T&l=N1dJ7Du&sw=uS6duC&sh=uSCLGC&t=uSp5GSuLG985G9f5GC&cid=f2EMf98%2FG98_f9Y4ujC4uSc4KS7EKSf4uPriujpLKPC&an=&time=1715327817414
61.160.192.100200 OK 49 B URL GET HTTP/1.1 wss.ad7.com/?uid=uS8vu4&uf=&m=cru&bn=KQBLN1NyaC&bv=0SY&bk=K_tPq_T&l=N1dJ7Du&sw=uS6duC&sh=uSCLGC&t=uSp5GSuLG985G9f5GC&cid=f2EMf98%2FG98_f9Y4ujC4uSc4KS7EKSf4uPriujpLKPC&an=&time=1715327817414
IP 61.160.192.100:80
Requested by http://chengdu.icef.com.cn/
File type GIF image data, version 89a, 1 x 1
Hash 592cf6132abae0ca1e70ed21a2b1895d
fa263e12253a694aa936f61bbb85aeb63694b621
39b2ae58546278e6cf113dc0deab4850d9be7233fd506c2a7f669d63bfff25bd
GET /?uid=uS8vu4&uf=&m=cru&bn=KQBLN1NyaC&bv=0SY&bk=K_tPq_T&l=N1dJ7Du&sw=uS6duC&sh=uSCLGC&t=uSp5GSuLG985G9f5GC&cid=f2EMf98%2FG98_f9Y4ujC4uSc4KS7EKSf4uPriujpLKPC&an=&time=1715327817414 HTTP/1.1
Host: wss.ad7.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Date: Fri, 10 May 2024 07:39:06 GMT
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
Set-Cookie: _fc=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.ad7.com
Via: cache23.l2eu95-4[26,0], kunlun2.cn6425[52,0]
Timing-Allow-Origin: *
EagleId: 3da0c00c17153278185525363e
ocsp.crlocsp.cn/
101.198.2.196 472 B IP 101.198.2.196:0
ASN #23724 IDC, China Telecommunications Corporation
Hash 65b81783815b09d51f688e46b5157f21
736259ab86fd491c87fef2f430356e1d7e6d7f3b
77751e4fbaed45cb86c122749e3d8f4b04c8a4d762159ec49eb69a7d19b7d106
POST / HTTP/1.1
Host: ocsp.crlocsp.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Fri, 10 May 2024 07:56:59 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: close
Content-Transfer-Encoding: Binary
Last-modified: Wed, 08 May 2024 05:55:05 GMT
Expires: Wed, 15 May 2024 05:55:04 GMT
ETag: "736259AB86FD491C87FEF2F430356E1D7E6D7F3B"
cache-control: max-age=172800,public,no-transform,must-revalidate
a-ssl.ad7.com/pixel/baidu.pic?baidu_error=1×tamp=1715327817
61.174.60.153200 OK 49 B URL GET HTTP/1.1 a-ssl.ad7.com/pixel/baidu.pic?baidu_error=1×tamp=1715327817
IP 61.174.60.153:443
Requested by http://chengdu.icef.com.cn/
Certificate IssuerWoTrus CA Limited
Subject*.ad7.com
Fingerprint6C:C8:11:98:3B:21:DF:D6:7D:40:25:CC:3F:72:A1:92:BD:C3:86:1C
ValidityWed, 17 Apr 2024 00:00:00 GMT - Sun, 18 May 2025 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1
Hash 592cf6132abae0ca1e70ed21a2b1895d
fa263e12253a694aa936f61bbb85aeb63694b621
39b2ae58546278e6cf113dc0deab4850d9be7233fd506c2a7f669d63bfff25bd
GET /pixel/baidu.pic?baidu_error=1×tamp=1715327817 HTTP/1.1
Host: a-ssl.ad7.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://chengdu.icef.com.cn/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 10 May 2024 07:39:07 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
Set-Cookie: _awutf=38A5EDD9AC7CD007794C0B97E448B0E8; expires=Sat, 08-May-2032 07:39:07 GMT; Max-Age=252288000; path=/; domain=.ad7.com
101.200.185.60/upload/132551021499964646.jpg
101.200.185.60200 OK 456 kB URL GET HTTP/1.1 101.200.185.60/upload/132551021499964646.jpg
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=16, height=2000, bps=206, PhotometricInterpretation=RGB, manufacturer=Canon, model=Canon EOS 5D Mark III, orientation=upper-left, width=3000], progressive, precision 8, 800x533, components 3
Size 456 kB (455529 bytes)
Hash a8ab7eaaa6ecd30b6865493eaf4fbca5
f9c95f2797bfe3ac1633acd9aadd3f57c89502f7
2e31f75f1b0035da2f28265d7c7df624044837cab2bb43b81b9f9222de3726f7
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/132551021499964646.jpg HTTP/1.1
Host: 101.200.185.60
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 455529
Content-Type: image/jpeg
Last-Modified: Thu, 14 Jan 2021 12:49:10 GMT
Accept-Ranges: bytes
ETag: "12e20a773ead61:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:56 GMT
101.200.185.60/upload/132551018592490943.jpg
101.200.185.60200 OK 393 kB URL GET HTTP/1.1 101.200.185.60/upload/132551018592490943.jpg
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=17, height=2667, bps=218, PhotometricInterpretation=RGB, manufacturer=Canon, model=Canon EOS 5D Mark III, orientation=upper-left, width=4000], progressive, precision 8, 800x533, components 3
Size 393 kB (393250 bytes)
Hash 993257402c3280a961660550a01ee497
0bf64860b07d5a627a0d081dc5f7ed8920c41981
45bc6191e42dd30a4ac7764947213b152acf45358d81e75c09c499af63554212
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/132551018592490943.jpg HTTP/1.1
Host: 101.200.185.60
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 393250
Content-Type: image/jpeg
Last-Modified: Thu, 14 Jan 2021 12:44:19 GMT
Accept-Ranges: bytes
ETag: "2dd3d3f972ead61:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:56 GMT
101.200.185.60/upload/132551021892247584.jpg
101.200.185.60200 OK 552 kB URL GET HTTP/1.1 101.200.185.60/upload/132551021892247584.jpg
IP 101.200.185.60:80
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=17, height=2667, bps=218, PhotometricInterpretation=RGB, manufacturer=Canon, model=Canon EOS 5D Mark III, orientation=upper-left, width=4000], progressive, precision 8, 800x533, components 3
Size 552 kB (552437 bytes)
Hash 5025cc5b4b2fee80e4755e9353325f96
ac94b69c5170023f4e064a9d6d2e5efb58d402e2
28f67278e0cd82067151240ab61058b517c79a9360a8f7f6226ba2a6516b0cd3
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/132551021892247584.jpg HTTP/1.1
Host: 101.200.185.60
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 552437
Content-Type: image/jpeg
Last-Modified: Thu, 14 Jan 2021 12:49:49 GMT
Accept-Ranges: bytes
ETag: "79c183be73ead61:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:49 GMT
101.200.185.60/upload/132551020075207113.jpg
101.200.185.60 461 kB URL GET 101.200.185.60/upload/132551020075207113.jpg
IP 101.200.185.60:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=16, height=2000, bps=206, PhotometricInterpretation=RGB, manufacturer=Canon, model=Canon EOS 5D Mark III, orientation=upper-left, width=3000], progressive, precision 8, 800x533, components 3
Size 461 kB (460600 bytes)
Hash be507c3c98b9631b49cbc7985e52f4e6
a02c39f9b61cc981bcd71505ec774fac387f4e69
d116d8ecdef71482b92fb5203390da918ab0a06286e08227c3c72e6124c55d15
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/132551020075207113.jpg HTTP/1.1
Host: 101.200.185.60
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 460600
Content-Type: image/jpeg
Last-Modified: Thu, 14 Jan 2021 12:46:47 GMT
Accept-Ranges: bytes
ETag: "d4df345273ead61:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:50 GMT
101.200.185.60/upload/132551021608176922.jpg
101.200.185.60 537 kB URL GET 101.200.185.60/upload/132551021608176922.jpg
IP 101.200.185.60:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=16, height=2000, bps=206, PhotometricInterpretation=RGB, manufacturer=Canon, model=Canon EOS 5D Mark III, orientation=upper-left, width=3000], progressive, precision 8, 800x533, components 3
Size 537 kB (536640 bytes)
Hash 6feaf9295a705e78d9333f92d390eef0
8c33c683c4b50dd91d2489e6589ed8a4eaf17022
18c4e0374199345bb5c13683fb57cfdcb444eca27668cc39e2877dee4287f9e6
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/132551021608176922.jpg HTTP/1.1
Host: 101.200.185.60
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 536640
Content-Type: image/jpeg
Last-Modified: Thu, 14 Jan 2021 12:49:20 GMT
Accept-Ranges: bytes
ETag: "483e93ad73ead61:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:53 GMT
101.200.185.60/upload/132551021016900988.jpg
101.200.185.60 537 kB URL GET 101.200.185.60/upload/132551021016900988.jpg
IP 101.200.185.60:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by http://chengdu.icef.com.cn/
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=16, height=2000, bps=206, PhotometricInterpretation=RGB, manufacturer=Canon, model=Canon EOS 5D Mark III, orientation=upper-left, width=3000], progressive, precision 8, 800x533, components 3
Size 537 kB (536827 bytes)
Hash 3897fae445238a76234107d7b577d278
75ec934597878f6c434b84bfbb042fe3dbffca8a
101dd69280220bc3c4f2630c82a66b9f39e41ad25e786d325ab91bdd3f87c6be
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/132551021016900988.jpg HTTP/1.1
Host: 101.200.185.60
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 536827
Content-Type: image/jpeg
Last-Modified: Thu, 14 Jan 2021 12:48:21 GMT
Accept-Ranges: bytes
ETag: "2faf558a73ead61:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:59 GMT
cm.fastapi.net/?dspid=100018&gethuid=1&dspuid=O5AFtn2kwgh
0.0.0.0 0 B URL GET cm.fastapi.net/?dspid=100018&gethuid=1&dspuid=O5AFtn2kwgh
IP 0.0.0.0:0
Requested by http://chengdu.icef.com.cn/
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?dspid=100018&gethuid=1&dspuid=O5AFtn2kwgh HTTP/1.1
Host: cm.fastapi.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
101.200.185.60/upload/132551018978982874.jpg
0.0.0.0 0 B URL GET 101.200.185.60/upload/132551018978982874.jpg
IP 0.0.0.0:0
Requested by http://chengdu.icef.com.cn/
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/132551018978982874.jpg HTTP/1.1
Host: 101.200.185.60
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Pragma: no-cache
Cache-Control: no-cache
cc.xtgreat.com/cm.gif?dspid=11164&ext_data=3418
0.0.0.0 0 B URL GET cc.xtgreat.com/cm.gif?dspid=11164&ext_data=3418
IP 0.0.0.0:0
Requested by http://chengdu.icef.com.cn/
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm.gif?dspid=11164&ext_data=3418 HTTP/1.1
Host: cc.xtgreat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
101.200.185.60/upload/132551022549245825.jpg
0.0.0.0 0 B URL GET 101.200.185.60/upload/132551022549245825.jpg
IP 0.0.0.0:0
Requested by http://chengdu.icef.com.cn/
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/132551022549245825.jpg HTTP/1.1
Host: 101.200.185.60
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Pragma: no-cache
Cache-Control: no-cache
101.200.185.60/upload/132551020188390073.jpg
0.0.0.0 0 B URL GET 101.200.185.60/upload/132551020188390073.jpg
IP 0.0.0.0:0
Requested by http://chengdu.icef.com.cn/
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/132551020188390073.jpg HTTP/1.1
Host: 101.200.185.60
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 517270
Content-Type: image/jpeg
Last-Modified: Thu, 14 Jan 2021 12:46:58 GMT
Accept-Ranges: bytes
ETag: "ea19f55873ead61:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:57:01 GMT
101.200.185.60/upload/132551019653178267.jpg
0.0.0.0 0 B URL GET 101.200.185.60/upload/132551019653178267.jpg
IP 0.0.0.0:0
Requested by http://chengdu.icef.com.cn/
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/132551019653178267.jpg HTTP/1.1
Host: 101.200.185.60
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 489383
Content-Type: image/jpeg
Last-Modified: Thu, 14 Jan 2021 12:46:05 GMT
Accept-Ranges: bytes
ETag: "c754c3973ead61:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:57:03 GMT
101.200.185.60/upload/132551019371861507.jpg
0.0.0.0 0 B URL GET 101.200.185.60/upload/132551019371861507.jpg
IP 0.0.0.0:0
Requested by http://chengdu.icef.com.cn/
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/132551019371861507.jpg HTTP/1.1
Host: 101.200.185.60
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 515260
Content-Type: image/jpeg
Last-Modified: Thu, 14 Jan 2021 12:45:37 GMT
Accept-Ranges: bytes
ETag: "0a1472873ead61:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:57:05 GMT
101.200.185.60/upload/132551018059808409.jpg
0.0.0.0 0 B URL GET 101.200.185.60/upload/132551018059808409.jpg
IP 0.0.0.0:0
Requested by http://chengdu.icef.com.cn/
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/132551018059808409.jpg HTTP/1.1
Host: 101.200.185.60
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 463155
Content-Type: image/jpeg
Last-Modified: Thu, 14 Jan 2021 12:43:25 GMT
Accept-Ranges: bytes
ETag: "d9613da72ead61:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:56:57 GMT
101.200.185.60/upload/132551022549245825.jpg?1715327807266
0.0.0.0 0 B URL GET 101.200.185.60/upload/132551022549245825.jpg?1715327807266
IP 0.0.0.0:0
Requested by http://chengdu.icef.com.cn/
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/132551022549245825.jpg?1715327807266 HTTP/1.1
Host: 101.200.185.60
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Pragma: no-cache
Cache-Control: no-cache
101.200.185.60/upload/132551020627039921.jpg
0.0.0.0 0 B URL GET 101.200.185.60/upload/132551020627039921.jpg
IP 0.0.0.0:0
Requested by http://chengdu.icef.com.cn/
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/132551020627039921.jpg HTTP/1.1
Host: 101.200.185.60
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://chengdu.icef.com.cn/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 526580
Content-Type: image/jpeg
Last-Modified: Thu, 14 Jan 2021 12:47:42 GMT
Accept-Ranges: bytes
ETag: "da47187373ead61:0"
Server: WWW Server/1.1
X-Powered-By: ASP.NET
X-Safe-Firewall: zhuji.360.cn 1.0.8.8 F1W1
Date: Fri, 10 May 2024 07:57:01 GMT