Report - ufeiya.cn/en/products.php?lm=34

Report Overview

Submitted URL
ufeiya.cn/en/products.php?lm=34
IP
112.74.88.221
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.
Submitted
2023-03-28 07:34:38
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
14
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-29T05:09:11Z	1.7 kB	4.4 kB	23.36.76.226
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-29T05:09:03Z	782 B	2.4 kB	35.241.9.150
ufeiya.cn	unknown	2019-06-06T00:48:57Z	2023-03-28T09:34:16Z	11 kB	244 kB	112.74.88.221
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-29T05:09:12Z	3.3 kB	57 kB	34.120.237.76
ocsp.digicert.cn	37572	2020-03-20T18:45:56Z	2023-03-29T14:33:03Z	340 B	1.1 kB	47.246.44.205
ocsp2.globalsign.com	1544	2012-05-23T20:10:04Z	2023-03-29T05:20:49Z	367 B	1.9 kB	104.18.21.226
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-29T05:09:31Z	413 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-29T05:09:31Z	333 B	391 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-29T05:09:32Z	606 B	127 B	54.184.217.240
wpa.qq.com	124808	2012-05-23T07:53:27Z	2023-03-29T14:10:45Z	678 B	606 B	58.251.100.24
pub.idqqimg.com	27002	2013-04-18T14:17:19Z	2023-03-29T14:10:46Z	712 B	3.5 kB	203.205.137.181

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-03-28 07:34:48	low	Client IP	112.74.88.221	ET HUNTING HTTP request for resource ending in .scr
2023-03-28 07:34:48	low	Client IP	112.74.88.221	ET HUNTING HTTP request for resource ending in .scr
2023-03-28 07:34:48	low	Client IP	112.74.88.221	ET HUNTING HTTP request for resource ending in .scr
2023-03-28 07:34:49	low	Client IP	112.74.88.221	ET HUNTING HTTP request for resource ending in .scr
2023-03-28 07:34:49	low	Client IP	112.74.88.221	ET HUNTING HTTP request for resource ending in .scr
2023-03-28 07:34:49	low	Client IP	112.74.88.221	ET HUNTING HTTP request for resource ending in .scr
2023-03-28 07:34:49	low	Client IP	112.74.88.221	ET HUNTING HTTP request for resource ending in .scr
2023-03-28 07:34:49	low	Client IP	112.74.88.221	ET HUNTING HTTP request for resource ending in .scr
2023-03-28 07:34:49	low	Client IP	112.74.88.221	ET HUNTING HTTP request for resource ending in .scr
2023-03-28 07:34:49	low	Client IP	112.74.88.221	ET HUNTING HTTP request for resource ending in .scr
2023-03-28 07:34:50	low	Client IP	112.74.88.221	ET HUNTING HTTP request for resource ending in .scr
2023-03-28 07:34:50	low	Client IP	112.74.88.221	ET HUNTING HTTP request for resource ending in .scr
2023-03-28 07:34:50	low	Client IP	112.74.88.221	ET HUNTING HTTP request for resource ending in .scr
2023-03-28 07:34:50	low	Client IP	112.74.88.221	ET HUNTING HTTP request for resource ending in .scr

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (6)

	URL	Size	First Seen	Last Seen
	ufeiya.cn/en/fancybox/jquery.fancybox.js	16 kB	2023-03-07	2024-04-15
Pretty URL ufeiya.cn/en/fancybox/jquery.fancybox.js IP 112.74.88.221 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:42:15 Last Seen2024-04-15 08:20:20 Times Seen1214 Hash 8bc36a08c46719377528d962966ce37c caeb31e930068ce5820b239d44d8415f95957138 d84bac3710c2842dc8d5d5ae6e324007443cbd8ae26b909dd89bc2bdc31c8561 Loading...

	ufeiya.cn/en/js/jquery-1.4.2.min.js	80 kB	2023-03-08	2024-01-04
Pretty URL ufeiya.cn/en/js/jquery-1.4.2.min.js IP 112.74.88.221 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:16:35 Last Seen2024-01-04 22:10:07 Times Seen154 Hash 79bc06742f6bbe2bfe641219b7185e79 f9752e77c75d04d0a2ceb7c5870a8d67998d788d 22d5d7ffc8708ab0970579637b34dad6cad2e0fd659ff3772cf0149ac5437d57 Loading...

	ufeiya.cn/en/products.php?lm=34	29 B	2023-03-29	2023-03-29
Pretty URL ufeiya.cn/en/products.php?lm=34 IP 112.74.88.221 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:31:56 Last Seen2023-03-29 23:31:56 Times Seen1 Hash 2873ac4e914b4ed787a46621c6818986 5188848e91195046f0867bf9e322913f91c4bc5d d1eff29ca85e0f224e5dbb8fbba01a0df6caf044b9b51a2f82facf4ce0e6c316 Loading...

	ufeiya.cn/en/products.php?lm=34	231 B	2023-03-07	2023-03-29
Pretty URL ufeiya.cn/en/products.php?lm=34 IP 112.74.88.221 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:58:42 Last Seen2023-03-29 23:31:56 Times Seen2 Hash 272713d02bd3fc5db769097a888c99db b905b427e952519f6f79064a53d5213c853eaf44 5b444f6ea69c8b59a13bc97068f96b8516b86e57a86bcea139c239c13c244eb1 Loading...

	ufeiya.cn/en/products.php?lm=34	675 B	2023-03-07	2024-01-08
Pretty URL ufeiya.cn/en/products.php?lm=34 IP 112.74.88.221 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:58:41 Last Seen2024-01-08 11:14:38 Times Seen12 Hash 502b80cdb76fdadfc995b1c0072e3f28 b3ff66ddcddd19d2b8b3028f06f420b7ba594a0e 41403d46ae593382432bac4bb788b9f4cb11d2fd69eeb0a825cd48dc4aa82e01 Loading...

	ufeiya.cn/en/js/contact.js	2.4 kB	2023-03-29	2023-11-19
Pretty URL ufeiya.cn/en/js/contact.js IP 112.74.88.221 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:31:56 Last Seen2023-11-19 15:37:57 Times Seen3 Hash d6ad47b817a40f8bb66938418c306280 453a16b32e398c9407c2af1aa5a3bbac71af66d8 76b57e7387595613f228ab9b657b59d30b3d721aa80630cae8295d192bace2dc Loading...

HTTP Transactions (53)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
93f633ce30c038eb581544323c5a971e
2f60526cb750c6babccc207f75fb5a8ae6f7598b
0ff6df80a892199848fb943af78541b66efc09a7ab70d4b169906fdbac1eabf8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FF6DF80A892199848FB943AF78541B66EFC09A7AB70D4B169906FDBAC1EABF8"
Last-Modified: Mon, 27 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3794
Expires: Tue, 28 Mar 2023 08:37:41 GMT
Date: Tue, 28 Mar 2023 07:34:27 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
911d74784325663a0d95b463b0e9ae9b
21e999229be584d8e42696bce71236ad5bcb9a25
f48cbe4d605e660a45267400e0add4f7bc7cd523c450376ecd8e3a7f094abf56

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F48CBE4D605E660A45267400E0ADD4F7BC7CD523C450376ECD8E3A7F094ABF56"
Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5941
Expires: Tue, 28 Mar 2023 09:13:28 GMT
Date: Tue, 28 Mar 2023 07:34:27 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 28 Mar 2023 07:15:48 GMT
content-type: application/json
age: 1119
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c0d9353dc46e88bf564ed464b0b073c7
0b5ce170e7db24267a3ba5b79a48548b1acd2e5b
7c7ef189b14109b44aa96454ea1b94bcbd3d69599cc7ba429f8234f6acd88a9b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7C7EF189B14109B44AA96454EA1B94BCBD3D69599CC7BA429F8234F6ACD88A9B"
Last-Modified: Mon, 27 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17765
Expires: Tue, 28 Mar 2023 12:30:32 GMT
Date: Tue, 28 Mar 2023 07:34:27 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: ZcvOvzmGbuZD3j2ts7KToWT2oETZNf7e0enzbg++jfoI3gbQBAgWRqrCSp9lFnm0QcfRlMPmU+o=
x-amz-request-id: QS47FTD3HKEYBJZW
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 28 Mar 2023 06:56:07 GMT
age: 2300
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 07:34:27 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Last-Modified, Retry-After, Content-Length, Alert, Cache-Control, Expires, Content-Type, Backoff, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 28 Mar 2023 07:14:35 GMT
age: 1192
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
da5340ee69a1000f751686df9e716663
a5da880a61ed119790a7990bbdcc0c97eecf04f2
d1ff10bfe40f290935abe1feeb975a6af8cf310f9ce9d45bbf482a604da73560

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D1FF10BFE40F290935ABE1FEEB975A6AF8CF310F9CE9D45BBF482A604DA73560"
Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2741
Expires: Tue, 28 Mar 2023 08:20:08 GMT
Date: Tue, 28 Mar 2023 07:34:27 GMT
Connection: keep-alive

push.services.mozilla.com/

54.184.217.240

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.184.217.240:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: mUe0eTD1xYaE9bGsquIzUg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5y0PtAyTFv+HuHeT6nLqzYtp1GU=

ufeiya.cn/en/products.php?lm=34

112.74.88.221

200 OK

3.2 kB

URL HTTP/1.1
ufeiya.cn/en/products.php?lm=34
IP
112.74.88.221:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Size
3.2 kB (3233 bytes)
Hash
67363eb76f71b2f47efc464de18fe025
9c1475e637894b9122ca2323accbe2a2cda112d4
05250597477c497e238ebd94209fa213afb7c302b47253a2bd090a60cb188bce

HTTP Headers

GET /en/products.php?lm=34 HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Mar 2023 07:34:28 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

ufeiya.cn/en/Photo.scr

112.74.88.221

404 Not Found

146 B

URL HTTP/1.1
ufeiya.cn/en/Photo.scr
IP
112.74.88.221:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Detections

NIDS	Severity	Alert
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr

HTTP Headers

GET /en/Photo.scr HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/products.php?lm=34
Upgrade-Insecure-Requests: 1

HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:34:28 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

ufeiya.cn/en/css/css.css

112.74.88.221

200 OK

2.9 kB

URL HTTP/1.1
ufeiya.cn/en/css/css.css
IP
112.74.88.221:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
2.9 kB (2857 bytes)
Hash
e07cb5e430e2509a6b0bd431d86d4ec6
7d1133be819e94e5f8e478bdb3bc968ab542f7ba
beaf1ddffdf63dd66c18c82052af322ca46c50cc95d019343b9c6ea0fdb0fa03

HTTP Headers

GET /en/css/css.css HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/products.php?lm=34

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Mar 2023 07:34:28 GMT
Content-Type: text/css
Last-Modified: Sat, 10 Sep 2016 06:29:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"57d3a83e-2bf3"
Expires: Tue, 28 Mar 2023 19:34:28 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

ufeiya.cn/en/fancybox/jquery.fancybox.css

112.74.88.221

200 OK

2.0 kB

URL HTTP/1.1
ufeiya.cn/en/fancybox/jquery.fancybox.css
IP
112.74.88.221:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
ASCII text, with CRLF line terminators
Size
2.0 kB (2034 bytes)
Hash
98f5e82351efab3c31de766540992a6c
93aaab1ce93b6adb64b3f36ee804b6dbbea65289
b2afc1a1c50a4be645ab6991dd33aaa590aee345d962142d337f3d8aa1d36759

HTTP Headers

GET /en/fancybox/jquery.fancybox.css HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/products.php?lm=34

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Mar 2023 07:34:28 GMT
Content-Type: text/css
Last-Modified: Thu, 12 Nov 2015 02:43:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5643fcba-2294"
Expires: Tue, 28 Mar 2023 19:34:28 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

ufeiya.cn/en/fancybox/jquery.fancybox.js

112.74.88.221

200 OK

6.0 kB

URL HTTP/1.1
ufeiya.cn/en/fancybox/jquery.fancybox.js
IP
112.74.88.221:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
ASCII text, with very long lines (752)
Size
6.0 kB (5988 bytes)
Hash
d05dfc0f1c8e7f8cf716bc2e78e91ded
588ad5aa3ce725a1064e67badf378714c8284500
77e69481d6ed3db96e24b56a9d4f7cfa4fca01dcca2b374fbb50dc4f7c1c3468

HTTP Headers

GET /en/fancybox/jquery.fancybox.js HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/products.php?lm=34

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Mar 2023 07:34:28 GMT
Content-Type: application/javascript
Last-Modified: Thu, 12 Nov 2015 02:43:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5643fcba-3d08"
Expires: Tue, 28 Mar 2023 19:34:28 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

ufeiya.cn/en/css/qq.css

112.74.88.221

200 OK

1.1 kB

URL HTTP/1.1
ufeiya.cn/en/css/qq.css
IP
112.74.88.221:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
ASCII text, with CRLF line terminators
Size
1.1 kB (1115 bytes)
Hash
b525089412ca91a450625eeaed58c277
120afc347fff87ca567e3b7b99a80d3510466661
a280223ef49fb2579d60c19461991b79280f34b9cb4411aaf643ca52439be43e

HTTP Headers

GET /en/css/qq.css HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/products.php?lm=34

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Mar 2023 07:34:28 GMT
Content-Type: text/css
Last-Modified: Thu, 12 Nov 2015 02:43:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5643fcba-e8b"
Expires: Tue, 28 Mar 2023 19:34:28 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

ufeiya.cn/en/Photo.scr

112.74.88.221

404 Not Found

146 B

URL HTTP/1.1
ufeiya.cn/en/Photo.scr
IP
112.74.88.221:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Detections

NIDS	Severity	Alert
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr

HTTP Headers

GET /en/Photo.scr HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/products.php?lm=34
Upgrade-Insecure-Requests: 1

HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:34:28 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

ufeiya.cn/en/js/contact.js

112.74.88.221

200 OK

628 B

URL HTTP/1.1
ufeiya.cn/en/js/contact.js
IP
112.74.88.221:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
628 B (628 bytes)
Hash
3c5838d0684fd05e35413d663d542f24
34bc22b3a984fd53a0d9e134f37892e86d179925
4372dae1543041164d07f3d063e93bb9c9ee311c8c5ea028cb129d3736f2f09b

HTTP Headers

GET /en/js/contact.js HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/products.php?lm=34

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Mar 2023 07:34:28 GMT
Content-Type: application/javascript
Last-Modified: Thu, 12 Nov 2015 02:43:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5643fcba-987"
Expires: Tue, 28 Mar 2023 19:34:28 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

ufeiya.cn/en/Photo.scr

112.74.88.221

404 Not Found

146 B

URL HTTP/1.1
ufeiya.cn/en/Photo.scr
IP
112.74.88.221:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Detections

NIDS	Severity	Alert
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr

HTTP Headers

GET /en/Photo.scr HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/products.php?lm=34
Upgrade-Insecure-Requests: 1

HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:34:28 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

wpa.qq.com/pa?p=2:507726006:51

58.251.100.24

302 Moved Temporarily

137 B

URL HTTP/1.1
wpa.qq.com/pa?p=2:507726006:51
IP
58.251.100.24:0
ASN
#17623 China Unicom Shenzen network

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
137 B (137 bytes)
Hash
39272490ee4f1c583a56fcc8e5eae8d8
7768b7f96f3c6566ac0006ce8d1fafa93533f9b8
30ee78801e01d0b780785c3a9331cfd7ea80400e7c13e17e6c950ce7647696d5

HTTP Headers

GET /pa?p=2:507726006:51 HTTP/1.1
Host: wpa.qq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/

HTTP/1.1 302 Moved Temporarily
Server: stgw
Date: Tue, 28 Mar 2023 07:34:28 GMT
Content-Type: text/html
Content-Length: 137
Connection: keep-alive
Location: https://wpa.qq.com/pa?p=2:507726006:51

ufeiya.cn/en/Photo.scr

112.74.88.221

404 Not Found

146 B

URL HTTP/1.1
ufeiya.cn/en/Photo.scr
IP
112.74.88.221:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Detections

NIDS	Severity	Alert
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr

HTTP Headers

GET /en/Photo.scr HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/products.php?lm=34
Upgrade-Insecure-Requests: 1

HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:34:28 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

ufeiya.cn/en/js/jquery-1.4.2.min.js

112.74.88.221

200 OK

30 kB

URL HTTP/1.1
ufeiya.cn/en/js/jquery-1.4.2.min.js
IP
112.74.88.221:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
ASCII text, with very long lines (820), with CRLF line terminators
Size
30 kB (30032 bytes)
Hash
7369b82e79b6997696b6cae1ba70a8f0
50ad85d7a7fb8d9c13377e02bb9ada91392ef26e
681182fc9f4ffbe8edf0836410f6db3e837c03708c54c1aee435c48db4a21402

HTTP Headers

GET /en/js/jquery-1.4.2.min.js HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/products.php?lm=34

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Mar 2023 07:34:28 GMT
Content-Type: application/javascript
Last-Modified: Thu, 12 Nov 2015 02:43:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5643fcba-13999"
Expires: Tue, 28 Mar 2023 19:34:28 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip

ufeiya.cn/en/Photo.scr

112.74.88.221

404 Not Found

146 B

URL HTTP/1.1
ufeiya.cn/en/Photo.scr
IP
112.74.88.221:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Detections

NIDS	Severity	Alert
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr

HTTP Headers

GET /en/Photo.scr HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/products.php?lm=34
Upgrade-Insecure-Requests: 1

HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:34:28 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

ufeiya.cn/en/Photo.scr

112.74.88.221

404 Not Found

146 B

URL HTTP/1.1
ufeiya.cn/en/Photo.scr
IP
112.74.88.221:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Detections

NIDS	Severity	Alert
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr

HTTP Headers

GET /en/Photo.scr HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/products.php?lm=34
Upgrade-Insecure-Requests: 1

HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:34:28 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

ufeiya.cn/en/images/dianghua_06.jpg

112.74.88.221

200 OK

2.0 kB

URL HTTP/1.1
ufeiya.cn/en/images/dianghua_06.jpg
IP
112.74.88.221:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 36x28, components 3\012- data
Size
2.0 kB (2011 bytes)
Hash
b551c80b90aba10afbde1ea9eea0876e
8056f51cc83216f1a4c2f56e99b4a800f2390afc
2e12ec4d56ce4ce59f0ad118590f5d2f2a9c916f23881d11ec16ce5f87ce9fb3

HTTP Headers

GET /en/images/dianghua_06.jpg HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/products.php?lm=34

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Mar 2023 07:34:28 GMT
Content-Type: image/jpeg
Content-Length: 2011
Last-Modified: Thu, 12 Nov 2015 02:43:06 GMT
Connection: keep-alive
ETag: "5643fcba-7db"
Expires: Thu, 27 Apr 2023 07:34:28 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12318
Expires: Tue, 28 Mar 2023 10:59:47 GMT
Date: Tue, 28 Mar 2023 07:34:29 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9859 bytes)
Hash
da174e6ccc9451c5071ba10eeb97f6f6
c38827a9ac1218768839877263e1f2984fbdc454
76da406c8ae8cd6ca8471928f3aec3876aed2c21bc10edc0fbdaef5c100c1030

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9859
x-amzn-requestid: 7571f483-0d57-4f3f-9d86-2f18175cc0b1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CRP5DG2BoAMFrdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641d2d06-400180d700df598366b8b16f;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 04:54:30 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 8LzPrLvhUnXntYPNCg_QN2LFUvQ-4FL4SMyYBxPOwlGd1sgL3j-Znw==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 b4085435efbe95a420f374958bd145be.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 21:50:10 GMT
age: 35059
etag: "c38827a9ac1218768839877263e1f2984fbdc454"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6469f625-03ad-45a7-a918-5f220169711a.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8553 bytes)
Hash
e828b7227de7aa7a7b7c54c96e0cef9a
9a717142ab25dabf9123485ef51ed586662d2a71
0390f8771432de010cc11e11be2e2dfa7c303664858a5b066e66a628a1f3dd66

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6469f625-03ad-45a7-a918-5f220169711a.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 8553
x-amzn-requestid: 05cb5115-a27b-485a-89fd-670bdb5bb06f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CdbofHHPIAMFkQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64220c9c-774bb5d725336b35088e2527;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 21:37:32 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: NcKs_URb5dFDbkEoCqy2_fjKWneX7mifmEbd5MA5unqkhiPAIH9GPg==
via: 1.1 22ea0ab0881473261b786ecbb5e00f54.cloudfront.net (CloudFront), 1.1 aa623e134417515bd2496cb01d5e5626.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 21:50:10 GMT
age: 35059
etag: "9a717142ab25dabf9123485ef51ed586662d2a71"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F008df6b4-92c5-423a-a32e-4ab5016464ba.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.0 kB (6970 bytes)
Hash
e5d955ec5d3a9f655e4ca0523acfd039
e8b2cd28a02a2cee1b4e57c57570f2598721ff57
e7753ef91d6f04dce00f83cb1ba3ea4f1abb52140993fbee375e506597cee529

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F008df6b4-92c5-423a-a32e-4ab5016464ba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 6970
x-amzn-requestid: 9f7a82d7-dbba-4c67-a330-6a7f2b68177d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Cdn3zGn7oAMFwNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64222031-1d97c16f7a9c163c02fe72ac;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 23:01:05 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: tFYFwzjyNtfiOJ3pLPC126YgOclndkmPYWrFTdLcWP9LgP9xjj_snQ==
via: 1.1 185f4b03b711932fc7e735c08fdc5abe.cloudfront.net (CloudFront), 1.1 d042f60a962591f741406f28a8170c5a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 23:12:05 GMT
age: 30144
etag: "e8b2cd28a02a2cee1b4e57c57570f2598721ff57"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53327ce0-8541-4bc8-bd51-59cee099b396.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7426 bytes)
Hash
1da68df9d96e2758e37b9f15daab027b
5ff19ed6dc5752aa4b15fb88da972b736fd55783
ad924425946dbdf309c764e7097e676185516301feb7722b30d95ffd50b4353f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53327ce0-8541-4bc8-bd51-59cee099b396.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 7426
x-amzn-requestid: 85a30298-4613-4a96-bdba-0899fe9f9475
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CdcsgGZsoAMFQkw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64220e4f-10db431e7632048d7b15e0ec;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 21:44:47 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: VYUarzUegSCD6A4s7tUQ-0O1mjal3BAW7SiiXSpOnFEDd5-HHoA5Cw==
via: 1.1 f193acd25f2604e189bfbfaf539aaa06.cloudfront.net (CloudFront), 1.1 2e20768704c71ff3ce2e677251d27f3c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 21:55:21 GMT
age: 34748
etag: "5ff19ed6dc5752aa4b15fb88da972b736fd55783"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72713d4b-dac7-4d4c-bfff-c16bd305c5b1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.5 kB (6542 bytes)
Hash
15e37de1dba62187e1e5f012145813f3
cfe8cd953330252e15594f403e2f38ec56acdfd7
89bf7dbcf5a7fca006545f001b47de0ab6f94014de4bd4c519f6050e6daa5aa0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72713d4b-dac7-4d4c-bfff-c16bd305c5b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 6542
x-amzn-requestid: 1106a670-cf68-4e3d-b5af-3013407acc5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CdbsjGAaoAMF5GQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64220cb6-726c7ba02ddb31182834d82d;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 21:37:58 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: TTkQTse69m-F42cDPL9Ekonn48FG74B_3jFCpvBEa7au89m0_JE3og==
via: 1.1 8ead054384c1626556ee4410cad35692.cloudfront.net (CloudFront), 1.1 536063cb28bfc05fcb7a78183dd89b72.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 22:06:45 GMT
age: 34064
etag: "cfe8cd953330252e15594f403e2f38ec56acdfd7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa16d29e1-ef79-4edc-b710-c5c9d84af51a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11674 bytes)
Hash
11e0f4bc8f80c5009c099d6a371950e0
60b1df4be988d5e60b7834e39a12e3524fe0a767
c3149c1d902c6889bdab0287f69771a247ab21c6a5ad50cba0f200db561445b4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa16d29e1-ef79-4edc-b710-c5c9d84af51a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11674
x-amzn-requestid: b3fa7a9c-bf5c-44df-96ed-546f4da8f794
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Cb5i3GN7oAMF1LQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64216fab-2f380b4972056b6c64703e55;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 10:27:55 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: GN5sLhd8yUOi_odvkY8SIx0DDtXfUQ1HxLRrdOqFHjcqjIuM1KXDyA==
via: 1.1 50cc3f0b039433daebdf343a3f4489ae.cloudfront.net (CloudFront), 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 10:38:59 GMT
age: 75330
etag: "60b1df4be988d5e60b7834e39a12e3524fe0a767"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ufeiya.cn/en/images/nav_bg.jpg

112.74.88.221

200 OK

1.2 kB

URL HTTP/1.1
ufeiya.cn/en/images/nav_bg.jpg
IP
112.74.88.221:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 11x45, components 3\012- data
Size
1.2 kB (1249 bytes)
Hash
5bbd4870958a24b1a53fff0d07c1cc4d
23cae5da090902734ebbd503c2215dc8010cd3f6
18a8417c4633275805d367eb8ba213d8f0d045db4085fdf2c326c7afb8065cb8

HTTP Headers

GET /en/images/nav_bg.jpg HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/css/css.css

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Mar 2023 07:34:29 GMT
Content-Type: image/jpeg
Content-Length: 1249
Last-Modified: Thu, 12 Nov 2015 02:43:06 GMT
Connection: keep-alive
ETag: "5643fcba-4e1"
Expires: Thu, 27 Apr 2023 07:34:29 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes

ufeiya.cn/en/images/skype.png

112.74.88.221

200 OK

4.7 kB

URL HTTP/1.1
ufeiya.cn/en/images/skype.png
IP
112.74.88.221:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
PNG image data, 93 x 34, 8-bit/color RGBA, non-interlaced\012- data
Size
4.7 kB (4701 bytes)
Hash
2fd598d7dcd53729f6f9094422cfa474
a3a6938bc621d50de2acd02f84092d301c015768
5e2c9326cd026ac26111e3340db20eb3843c3d773a337e78b1d4b331d779da18

HTTP Headers

GET /en/images/skype.png HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/products.php?lm=34

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Mar 2023 07:34:29 GMT
Content-Type: image/png
Content-Length: 4701
Last-Modified: Thu, 12 Nov 2015 02:43:06 GMT
Connection: keep-alive
ETag: "5643fcba-125d"
Expires: Thu, 27 Apr 2023 07:34:29 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes

ufeiya.cn/en/Photo.scr

112.74.88.221

404 Not Found

146 B

URL HTTP/1.1
ufeiya.cn/en/Photo.scr
IP
112.74.88.221:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Detections

NIDS	Severity	Alert
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr

HTTP Headers

GET /en/Photo.scr HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/products.php?lm=34
Upgrade-Insecure-Requests: 1

HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:34:29 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

ufeiya.cn/upimg/2016091310404790.jpg

112.74.88.221

200 OK

48 kB

URL HTTP/1.1
ufeiya.cn/upimg/2016091310404790.jpg
IP
112.74.88.221:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=102, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1002], baseline, precision 8, 1002x102, components 3\012- data
Size
48 kB (47506 bytes)
Hash
185ccb8745628f38f83fd905aefe2703
c2815ddb179485d8d944e25a21ecb3856f51b6e6
995fada2754ff4defedc40ec1d190eee8c7c10eb13526a3062a0759d6cf526aa

HTTP Headers

GET /upimg/2016091310404790.jpg HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/products.php?lm=34

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Mar 2023 07:34:29 GMT
Content-Type: image/jpeg
Content-Length: 47506
Last-Modified: Tue, 13 Sep 2016 02:40:48 GMT
Connection: keep-alive
ETag: "57d76730-b992"
Expires: Thu, 27 Apr 2023 07:34:29 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes

ufeiya.cn/en/images/laingxi_10.jpg

112.74.88.221

200 OK

22 kB

URL HTTP/1.1
ufeiya.cn/en/images/laingxi_10.jpg
IP
112.74.88.221:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=68, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=216], baseline, precision 8, 216x68, components 3\012- data
Size
22 kB (21968 bytes)
Hash
671a9df4ee42c9cc4d4869ecb461cc2c
f089e1f83bce72855084724da15a8565a9296c5d
97ed5632bd11c617ae6559099223fd77368b754b3ea7fc55ad2770336d080db8

HTTP Headers

GET /en/images/laingxi_10.jpg HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/products.php?lm=34

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Mar 2023 07:34:29 GMT
Content-Type: image/jpeg
Content-Length: 21968
Last-Modified: Thu, 12 Nov 2015 02:43:06 GMT
Connection: keep-alive
ETag: "5643fcba-55d0"
Expires: Thu, 27 Apr 2023 07:34:29 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes

ufeiya.cn/en/images/laingxi_06.jpg

112.74.88.221

200 OK

22 kB

URL HTTP/1.1
ufeiya.cn/en/images/laingxi_06.jpg
IP
112.74.88.221:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=69, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=216], baseline, precision 8, 216x69, components 3\012- data
Size
22 kB (21781 bytes)
Hash
275450fb5fd69a2d88d29bab41f8ce5f
218562157600cf5ab85acf66b4fe37411094c973
9569491d2574023c03459403c98a1c2e1b4ab370d467442ec05b9cc644d20b0f

HTTP Headers

GET /en/images/laingxi_06.jpg HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/products.php?lm=34

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Mar 2023 07:34:29 GMT
Content-Type: image/jpeg
Content-Length: 21781
Last-Modified: Thu, 12 Nov 2015 02:43:06 GMT
Connection: keep-alive
ETag: "5643fcba-5515"
Expires: Thu, 27 Apr 2023 07:34:29 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes

ufeiya.cn/en/images/logo_03.jpg

112.74.88.221

200 OK

50 kB

URL HTTP/1.1
ufeiya.cn/en/images/logo_03.jpg
IP
112.74.88.221:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=63, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=468], baseline, precision 8, 756x63, components 3\012- data
Size
50 kB (50412 bytes)
Hash
1be535a900f3b87c7229940469d1693d
1da0b54885a04fe446c9db409e9723d24bff97bd
4197d1b04ac8edef25a7099f25eac7c911fc49f9ffac87f56b5ba7dd2898c773

HTTP Headers

GET /en/images/logo_03.jpg HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/products.php?lm=34

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Mar 2023 07:34:28 GMT
Content-Type: image/jpeg
Content-Length: 50412
Last-Modified: Sat, 10 Sep 2016 05:57:54 GMT
Connection: keep-alive
ETag: "57d3a0e2-c4ec"
Expires: Thu, 27 Apr 2023 07:34:28 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes

ufeiya.cn/en/images/li_bg.jpg

112.74.88.221

200 OK

1.2 kB

URL HTTP/1.1
ufeiya.cn/en/images/li_bg.jpg
IP
112.74.88.221:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1x25, components 3\012- data
Size
1.2 kB (1198 bytes)
Hash
ff7b7d5246aa64eeaea2009d39a09115
e1aba4e9ebdb498923e4a7b3464b4d310c1aab2d
f09db4784d89ab44754964a247d5cc2ec16290475275a9f76b4ebe4f5236ba69

HTTP Headers

GET /en/images/li_bg.jpg HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/css/css.css

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Mar 2023 07:34:29 GMT
Content-Type: image/jpeg
Content-Length: 1198
Last-Modified: Thu, 12 Nov 2015 02:43:06 GMT
Connection: keep-alive
ETag: "5643fcba-4ae"
Expires: Thu, 27 Apr 2023 07:34:29 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes

ocsp.digicert.cn/

47.246.44.205

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.cn/
IP
47.246.44.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
21b287c02417631e4748c1efc9984176
028de8b73e2c276a7fbad3a2ed86ae96f6209fb3
e9e0b06dc6c2b8a17f40ee852abbf5da8dbe542cbef4aa9a9a9efe16f871be64

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Tue, 28 Mar 2023 07:34:29 GMT
Last-Modified: Mon, 27 Mar 2023 19:00:54 GMT
ETag: "6421e7e6-1d7"
Expires: Wed, 29 Mar 2023 19:00:54 GMT
Cache-Control: max-age=127585
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1679988869
Via: cache6.l2de2[51,51,200-0,M], cache6.l2de2[52,0], cache8.se1[72,72,200-0,M], cache8.se1[74,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Tue, 28 Mar 2023 07:34:29 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9c16799888697055649e

ufeiya.cn/en/Photo.scr

112.74.88.221

404 Not Found

146 B

URL HTTP/1.1
ufeiya.cn/en/Photo.scr
IP
112.74.88.221:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Detections

NIDS	Severity	Alert
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr

HTTP Headers

GET /en/Photo.scr HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/products.php?lm=34
Upgrade-Insecure-Requests: 1

HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:34:29 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

ufeiya.cn/en/images/icon.png

112.74.88.221

200 OK

37 kB

URL HTTP/1.1
ufeiya.cn/en/images/icon.png
IP
112.74.88.221:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
PNG image data, 370 x 500, 8-bit/color RGBA, non-interlaced\012- data
Size
37 kB (37329 bytes)
Hash
d6b257e990fa6b5499034195367c99f7
a24262cce5102effd6a609ac5a058b83824b79b2
5548b4a28061b233847074087afb8fab88e88d100bb306ed2c7fa5546fe127f7

HTTP Headers

GET /en/images/icon.png HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/css/qq.css

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Mar 2023 07:34:29 GMT
Content-Type: image/png
Content-Length: 37329
Last-Modified: Thu, 12 Nov 2015 02:43:06 GMT
Connection: keep-alive
ETag: "5643fcba-91d1"
Expires: Thu, 27 Apr 2023 07:34:29 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes

ufeiya.cn/en/Photo.scr

112.74.88.221

404 Not Found

146 B

URL HTTP/1.1
ufeiya.cn/en/Photo.scr
IP
112.74.88.221:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Detections

NIDS	Severity	Alert
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr

HTTP Headers

GET /en/Photo.scr HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/products.php?lm=34
Upgrade-Insecure-Requests: 1

HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:34:29 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

ufeiya.cn/en/Photo.scr

112.74.88.221

404 Not Found

146 B

URL HTTP/1.1
ufeiya.cn/en/Photo.scr
IP
112.74.88.221:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Detections

NIDS	Severity	Alert
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr

HTTP Headers

GET /en/Photo.scr HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/products.php?lm=34
Upgrade-Insecure-Requests: 1

HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:34:29 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

ufeiya.cn/en/Photo.scr

112.74.88.221

404 Not Found

146 B

URL HTTP/1.1
ufeiya.cn/en/Photo.scr
IP
112.74.88.221:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Detections

NIDS	Severity	Alert
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr

HTTP Headers

GET /en/Photo.scr HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/products.php?lm=34
Upgrade-Insecure-Requests: 1

HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:34:29 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

ufeiya.cn/favicon.ico

112.74.88.221

404 Not Found

146 B

URL HTTP/1.1
ufeiya.cn/favicon.ico
IP
112.74.88.221:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/products.php?lm=34

HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:34:30 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

ufeiya.cn/en/Photo.scr

112.74.88.221

404 Not Found

146 B

URL HTTP/1.1
ufeiya.cn/en/Photo.scr
IP
112.74.88.221:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Detections

NIDS	Severity	Alert
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr

HTTP Headers

GET /en/Photo.scr HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/products.php?lm=34
Upgrade-Insecure-Requests: 1

HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:34:30 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

ufeiya.cn/en/Photo.scr

112.74.88.221

404 Not Found

146 B

URL HTTP/1.1
ufeiya.cn/en/Photo.scr
IP
112.74.88.221:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Detections

NIDS	Severity	Alert
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr

HTTP Headers

GET /en/Photo.scr HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/products.php?lm=34
Upgrade-Insecure-Requests: 1

HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:34:30 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

ufeiya.cn/en/Photo.scr

112.74.88.221

404 Not Found

146 B

URL HTTP/1.1
ufeiya.cn/en/Photo.scr
IP
112.74.88.221:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Detections

NIDS	Severity	Alert
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr
suricata	low	ET HUNTING HTTP request for resource ending in .scr

HTTP Headers

GET /en/Photo.scr HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/products.php?lm=34
Upgrade-Insecure-Requests: 1

HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:34:30 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

pub.idqqimg.com/qconn/wpa/button/button_111.gif

203.205.137.181

302 Found

0 B

URL HTTP/1.1
pub.idqqimg.com/qconn/wpa/button/button_111.gif
IP
203.205.137.181:0
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /qconn/wpa/button/button_111.gif HTTP/1.1
Host: pub.idqqimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ufeiya.cn/
Connection: keep-alive

HTTP/1.1 302 Found
Location: https://pub.idqqimg.com/qconn/wpa/button/button_111.gif
Content-Length: 0
X-NWS-LOG-UUID: 1661999486115582028
Connection: keep-alive
Server: Lego Server
Date: Tue, 28 Mar 2023 07:34:33 GMT
X-Cache-Lookup: Return Directly
Vary: Origin
Cache-Control: max-age=86400

ocsp2.globalsign.com/gsorganizationvalsha2g2

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp2.globalsign.com/gsorganizationvalsha2g2
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1459 bytes)
Hash
61d7d7dfd685dcb958b6c579dd8f7ddb
32989a2ad71a993062a36db370391734cb7ef4e8
1e6d2f24c4d8ae26cb952e8a9c8f3b30b6d4786223366e525710774b0dd3b4b9

HTTP Headers

POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 07:34:34 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 01 Apr 2023 05:47:20 GMT
ETag: "32989a2ad71a993062a36db370391734cb7ef4e8"
Last-Modified: Tue, 28 Mar 2023 05:47:21 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7aee31031dad1bfa-OSL

pub.idqqimg.com/qconn/wpa/button/button_111.gif

203.205.137.181

200 OK

2.7 kB

URL HTTP/2
pub.idqqimg.com/qconn/wpa/button/button_111.gif
IP
203.205.137.181:0
ASN
#132203 Tencent Building, Kejizhongyi Avenue

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, extended sequential, precision 8, 79x25, components 3\012- data
Size
2.7 kB (2730 bytes)
Hash
694c0b653516a2df2f7e70ed29c75c87
7bf744a6bbbf3f5860a23f65d8b9fb3e6156e4ee
c9ccba6f4bbb2634efa43dc1489057db599ecaf966f1755b2a06c476f37b4ebe

HTTP Headers

GET /qconn/wpa/button/button_111.gif HTTP/1.1
Host: pub.idqqimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ufeiya.cn/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Mon, 08 Jan 2018 20:49:01 GMT
server: NWS_SSD_MID
date: Sun, 26 Mar 2023 13:22:17 GMT
expires: Wed, 29 Mar 2023 13:22:17 GMT
content-type: image/jpeg
x-verify-code: ec616b5c3f42a8da313f3fd915516be4
x-daa-tunnel: hop_count=1
age: 65534
content-length: 2730
accept-ranges: bytes
x-nws-log-uuid: 5091058581385517512
x-cache-lookup: Cache Hit
vary: Origin
cache-control: max-age=86400
X-Firefox-Spdy: h2

wpa.qq.com/pa?p=2:507726006:51

58.251.100.24

301 Moved Permanently

0 B

URL HTTP/2
wpa.qq.com/pa?p=2:507726006:51
IP
58.251.100.24:0
ASN
#17623 China Unicom Shenzen network

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /pa?p=2:507726006:51 HTTP/1.1
Host: wpa.qq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ufeiya.cn/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
date: Tue, 28 Mar 2023 07:34:29 GMT
content-type: text/html; charset=UTF-8
server: tws
location: http://pub.idqqimg.com/qconn/wpa/button/button_111.gif
pragma: no-cache
cache-control: no-cache; must-revalidate
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (6)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (53)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type