r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 93f633ce30c038eb581544323c5a971e
2f60526cb750c6babccc207f75fb5a8ae6f7598b
0ff6df80a892199848fb943af78541b66efc09a7ab70d4b169906fdbac1eabf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FF6DF80A892199848FB943AF78541B66EFC09A7AB70D4B169906FDBAC1EABF8"
Last-Modified: Mon, 27 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3794
Expires: Tue, 28 Mar 2023 08:37:41 GMT
Date: Tue, 28 Mar 2023 07:34:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 911d74784325663a0d95b463b0e9ae9b
21e999229be584d8e42696bce71236ad5bcb9a25
f48cbe4d605e660a45267400e0add4f7bc7cd523c450376ecd8e3a7f094abf56
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F48CBE4D605E660A45267400E0ADD4F7BC7CD523C450376ECD8E3A7F094ABF56"
Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5941
Expires: Tue, 28 Mar 2023 09:13:28 GMT
Date: Tue, 28 Mar 2023 07:34:27 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 28 Mar 2023 07:15:48 GMT
content-type: application/json
age: 1119
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c0d9353dc46e88bf564ed464b0b073c7
0b5ce170e7db24267a3ba5b79a48548b1acd2e5b
7c7ef189b14109b44aa96454ea1b94bcbd3d69599cc7ba429f8234f6acd88a9b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7C7EF189B14109B44AA96454EA1B94BCBD3D69599CC7BA429F8234F6ACD88A9B"
Last-Modified: Mon, 27 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17765
Expires: Tue, 28 Mar 2023 12:30:32 GMT
Date: Tue, 28 Mar 2023 07:34:27 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ZcvOvzmGbuZD3j2ts7KToWT2oETZNf7e0enzbg++jfoI3gbQBAgWRqrCSp9lFnm0QcfRlMPmU+o=
x-amz-request-id: QS47FTD3HKEYBJZW
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 28 Mar 2023 06:56:07 GMT
age: 2300
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 07:34:27 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Last-Modified, Retry-After, Content-Length, Alert, Cache-Control, Expires, Content-Type, Backoff, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 28 Mar 2023 07:14:35 GMT
age: 1192
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash da5340ee69a1000f751686df9e716663
a5da880a61ed119790a7990bbdcc0c97eecf04f2
d1ff10bfe40f290935abe1feeb975a6af8cf310f9ce9d45bbf482a604da73560
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D1FF10BFE40F290935ABE1FEEB975A6AF8CF310F9CE9D45BBF482A604DA73560"
Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2741
Expires: Tue, 28 Mar 2023 08:20:08 GMT
Date: Tue, 28 Mar 2023 07:34:27 GMT
Connection: keep-alive
push.services.mozilla.com/
54.184.217.240101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.184.217.240:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: mUe0eTD1xYaE9bGsquIzUg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5y0PtAyTFv+HuHeT6nLqzYtp1GU=
ufeiya.cn/en/products.php?lm=34
112.74.88.221200 OK 3.2 kB URL HTTP/1.1 ufeiya.cn/en/products.php?lm=34
IP 112.74.88.221:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Hash 67363eb76f71b2f47efc464de18fe025
9c1475e637894b9122ca2323accbe2a2cda112d4
05250597477c497e238ebd94209fa213afb7c302b47253a2bd090a60cb188bce
GET /en/products.php?lm=34 HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Mar 2023 07:34:28 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ufeiya.cn/en/Photo.scr
112.74.88.221404 Not Found 146 B IP 112.74.88.221:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
NIDS Severity Alert suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
GET /en/Photo.scr HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/products.php?lm=34
Upgrade-Insecure-Requests: 1
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:34:28 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
ufeiya.cn/en/css/css.css
112.74.88.221200 OK 2.9 kB IP 112.74.88.221:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash e07cb5e430e2509a6b0bd431d86d4ec6
7d1133be819e94e5f8e478bdb3bc968ab542f7ba
beaf1ddffdf63dd66c18c82052af322ca46c50cc95d019343b9c6ea0fdb0fa03
GET /en/css/css.css HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/products.php?lm=34
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Mar 2023 07:34:28 GMT
Content-Type: text/css
Last-Modified: Sat, 10 Sep 2016 06:29:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"57d3a83e-2bf3"
Expires: Tue, 28 Mar 2023 19:34:28 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ufeiya.cn/en/fancybox/jquery.fancybox.css
112.74.88.221200 OK 2.0 kB URL HTTP/1.1 ufeiya.cn/en/fancybox/jquery.fancybox.css
IP 112.74.88.221:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type ASCII text, with CRLF line terminators
Hash 98f5e82351efab3c31de766540992a6c
93aaab1ce93b6adb64b3f36ee804b6dbbea65289
b2afc1a1c50a4be645ab6991dd33aaa590aee345d962142d337f3d8aa1d36759
GET /en/fancybox/jquery.fancybox.css HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/products.php?lm=34
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Mar 2023 07:34:28 GMT
Content-Type: text/css
Last-Modified: Thu, 12 Nov 2015 02:43:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5643fcba-2294"
Expires: Tue, 28 Mar 2023 19:34:28 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ufeiya.cn/en/fancybox/jquery.fancybox.js
112.74.88.221200 OK 6.0 kB URL HTTP/1.1 ufeiya.cn/en/fancybox/jquery.fancybox.js
IP 112.74.88.221:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type ASCII text, with very long lines (752)
Hash d05dfc0f1c8e7f8cf716bc2e78e91ded
588ad5aa3ce725a1064e67badf378714c8284500
77e69481d6ed3db96e24b56a9d4f7cfa4fca01dcca2b374fbb50dc4f7c1c3468
GET /en/fancybox/jquery.fancybox.js HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/products.php?lm=34
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Mar 2023 07:34:28 GMT
Content-Type: application/javascript
Last-Modified: Thu, 12 Nov 2015 02:43:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5643fcba-3d08"
Expires: Tue, 28 Mar 2023 19:34:28 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ufeiya.cn/en/css/qq.css
112.74.88.221200 OK 1.1 kB IP 112.74.88.221:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type ASCII text, with CRLF line terminators
Hash b525089412ca91a450625eeaed58c277
120afc347fff87ca567e3b7b99a80d3510466661
a280223ef49fb2579d60c19461991b79280f34b9cb4411aaf643ca52439be43e
GET /en/css/qq.css HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/products.php?lm=34
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Mar 2023 07:34:28 GMT
Content-Type: text/css
Last-Modified: Thu, 12 Nov 2015 02:43:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5643fcba-e8b"
Expires: Tue, 28 Mar 2023 19:34:28 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ufeiya.cn/en/Photo.scr
112.74.88.221404 Not Found 146 B IP 112.74.88.221:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
NIDS Severity Alert suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
GET /en/Photo.scr HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/products.php?lm=34
Upgrade-Insecure-Requests: 1
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:34:28 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
ufeiya.cn/en/js/contact.js
112.74.88.221200 OK 628 B URL HTTP/1.1 ufeiya.cn/en/js/contact.js
IP 112.74.88.221:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 3c5838d0684fd05e35413d663d542f24
34bc22b3a984fd53a0d9e134f37892e86d179925
4372dae1543041164d07f3d063e93bb9c9ee311c8c5ea028cb129d3736f2f09b
GET /en/js/contact.js HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/products.php?lm=34
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Mar 2023 07:34:28 GMT
Content-Type: application/javascript
Last-Modified: Thu, 12 Nov 2015 02:43:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5643fcba-987"
Expires: Tue, 28 Mar 2023 19:34:28 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ufeiya.cn/en/Photo.scr
112.74.88.221404 Not Found 146 B IP 112.74.88.221:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
NIDS Severity Alert suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
GET /en/Photo.scr HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/products.php?lm=34
Upgrade-Insecure-Requests: 1
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:34:28 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
wpa.qq.com/pa?p=2:507726006:51
58.251.100.24302 Moved Temporarily 137 B URL HTTP/1.1 wpa.qq.com/pa?p=2:507726006:51
IP 58.251.100.24:0
ASN #17623 China Unicom Shenzen network
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 39272490ee4f1c583a56fcc8e5eae8d8
7768b7f96f3c6566ac0006ce8d1fafa93533f9b8
30ee78801e01d0b780785c3a9331cfd7ea80400e7c13e17e6c950ce7647696d5
GET /pa?p=2:507726006:51 HTTP/1.1
Host: wpa.qq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/
HTTP/1.1 302 Moved Temporarily
Server: stgw
Date: Tue, 28 Mar 2023 07:34:28 GMT
Content-Type: text/html
Content-Length: 137
Connection: keep-alive
Location: https://wpa.qq.com/pa?p=2:507726006:51
ufeiya.cn/en/Photo.scr
112.74.88.221404 Not Found 146 B IP 112.74.88.221:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
NIDS Severity Alert suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
GET /en/Photo.scr HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/products.php?lm=34
Upgrade-Insecure-Requests: 1
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:34:28 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
ufeiya.cn/en/js/jquery-1.4.2.min.js
112.74.88.221200 OK 30 kB URL HTTP/1.1 ufeiya.cn/en/js/jquery-1.4.2.min.js
IP 112.74.88.221:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type ASCII text, with very long lines (820), with CRLF line terminators
Hash 7369b82e79b6997696b6cae1ba70a8f0
50ad85d7a7fb8d9c13377e02bb9ada91392ef26e
681182fc9f4ffbe8edf0836410f6db3e837c03708c54c1aee435c48db4a21402
GET /en/js/jquery-1.4.2.min.js HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/products.php?lm=34
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Mar 2023 07:34:28 GMT
Content-Type: application/javascript
Last-Modified: Thu, 12 Nov 2015 02:43:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5643fcba-13999"
Expires: Tue, 28 Mar 2023 19:34:28 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ufeiya.cn/en/Photo.scr
112.74.88.221404 Not Found 146 B IP 112.74.88.221:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
NIDS Severity Alert suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
GET /en/Photo.scr HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/products.php?lm=34
Upgrade-Insecure-Requests: 1
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:34:28 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
ufeiya.cn/en/Photo.scr
112.74.88.221404 Not Found 146 B IP 112.74.88.221:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
NIDS Severity Alert suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
GET /en/Photo.scr HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/products.php?lm=34
Upgrade-Insecure-Requests: 1
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:34:28 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
ufeiya.cn/en/images/dianghua_06.jpg
112.74.88.221200 OK 2.0 kB URL HTTP/1.1 ufeiya.cn/en/images/dianghua_06.jpg
IP 112.74.88.221:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 36x28, components 3\012- data
Hash b551c80b90aba10afbde1ea9eea0876e
8056f51cc83216f1a4c2f56e99b4a800f2390afc
2e12ec4d56ce4ce59f0ad118590f5d2f2a9c916f23881d11ec16ce5f87ce9fb3
GET /en/images/dianghua_06.jpg HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/products.php?lm=34
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Mar 2023 07:34:28 GMT
Content-Type: image/jpeg
Content-Length: 2011
Last-Modified: Thu, 12 Nov 2015 02:43:06 GMT
Connection: keep-alive
ETag: "5643fcba-7db"
Expires: Thu, 27 Apr 2023 07:34:28 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12318
Expires: Tue, 28 Mar 2023 10:59:47 GMT
Date: Tue, 28 Mar 2023 07:34:29 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash da174e6ccc9451c5071ba10eeb97f6f6
c38827a9ac1218768839877263e1f2984fbdc454
76da406c8ae8cd6ca8471928f3aec3876aed2c21bc10edc0fbdaef5c100c1030
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9859
x-amzn-requestid: 7571f483-0d57-4f3f-9d86-2f18175cc0b1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CRP5DG2BoAMFrdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641d2d06-400180d700df598366b8b16f;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 04:54:30 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 8LzPrLvhUnXntYPNCg_QN2LFUvQ-4FL4SMyYBxPOwlGd1sgL3j-Znw==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 b4085435efbe95a420f374958bd145be.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 21:50:10 GMT
age: 35059
etag: "c38827a9ac1218768839877263e1f2984fbdc454"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6469f625-03ad-45a7-a918-5f220169711a.png
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6469f625-03ad-45a7-a918-5f220169711a.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e828b7227de7aa7a7b7c54c96e0cef9a
9a717142ab25dabf9123485ef51ed586662d2a71
0390f8771432de010cc11e11be2e2dfa7c303664858a5b066e66a628a1f3dd66
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6469f625-03ad-45a7-a918-5f220169711a.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8553
x-amzn-requestid: 05cb5115-a27b-485a-89fd-670bdb5bb06f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CdbofHHPIAMFkQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64220c9c-774bb5d725336b35088e2527;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 21:37:32 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: NcKs_URb5dFDbkEoCqy2_fjKWneX7mifmEbd5MA5unqkhiPAIH9GPg==
via: 1.1 22ea0ab0881473261b786ecbb5e00f54.cloudfront.net (CloudFront), 1.1 aa623e134417515bd2496cb01d5e5626.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 21:50:10 GMT
age: 35059
etag: "9a717142ab25dabf9123485ef51ed586662d2a71"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F008df6b4-92c5-423a-a32e-4ab5016464ba.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F008df6b4-92c5-423a-a32e-4ab5016464ba.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e5d955ec5d3a9f655e4ca0523acfd039
e8b2cd28a02a2cee1b4e57c57570f2598721ff57
e7753ef91d6f04dce00f83cb1ba3ea4f1abb52140993fbee375e506597cee529
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F008df6b4-92c5-423a-a32e-4ab5016464ba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6970
x-amzn-requestid: 9f7a82d7-dbba-4c67-a330-6a7f2b68177d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Cdn3zGn7oAMFwNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64222031-1d97c16f7a9c163c02fe72ac;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 23:01:05 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: tFYFwzjyNtfiOJ3pLPC126YgOclndkmPYWrFTdLcWP9LgP9xjj_snQ==
via: 1.1 185f4b03b711932fc7e735c08fdc5abe.cloudfront.net (CloudFront), 1.1 d042f60a962591f741406f28a8170c5a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 23:12:05 GMT
age: 30144
etag: "e8b2cd28a02a2cee1b4e57c57570f2598721ff57"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53327ce0-8541-4bc8-bd51-59cee099b396.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53327ce0-8541-4bc8-bd51-59cee099b396.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1da68df9d96e2758e37b9f15daab027b
5ff19ed6dc5752aa4b15fb88da972b736fd55783
ad924425946dbdf309c764e7097e676185516301feb7722b30d95ffd50b4353f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53327ce0-8541-4bc8-bd51-59cee099b396.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7426
x-amzn-requestid: 85a30298-4613-4a96-bdba-0899fe9f9475
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CdcsgGZsoAMFQkw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64220e4f-10db431e7632048d7b15e0ec;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 21:44:47 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: VYUarzUegSCD6A4s7tUQ-0O1mjal3BAW7SiiXSpOnFEDd5-HHoA5Cw==
via: 1.1 f193acd25f2604e189bfbfaf539aaa06.cloudfront.net (CloudFront), 1.1 2e20768704c71ff3ce2e677251d27f3c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 21:55:21 GMT
age: 34748
etag: "5ff19ed6dc5752aa4b15fb88da972b736fd55783"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72713d4b-dac7-4d4c-bfff-c16bd305c5b1.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72713d4b-dac7-4d4c-bfff-c16bd305c5b1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 15e37de1dba62187e1e5f012145813f3
cfe8cd953330252e15594f403e2f38ec56acdfd7
89bf7dbcf5a7fca006545f001b47de0ab6f94014de4bd4c519f6050e6daa5aa0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72713d4b-dac7-4d4c-bfff-c16bd305c5b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6542
x-amzn-requestid: 1106a670-cf68-4e3d-b5af-3013407acc5c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CdbsjGAaoAMF5GQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64220cb6-726c7ba02ddb31182834d82d;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 21:37:58 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: TTkQTse69m-F42cDPL9Ekonn48FG74B_3jFCpvBEa7au89m0_JE3og==
via: 1.1 8ead054384c1626556ee4410cad35692.cloudfront.net (CloudFront), 1.1 536063cb28bfc05fcb7a78183dd89b72.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 22:06:45 GMT
age: 34064
etag: "cfe8cd953330252e15594f403e2f38ec56acdfd7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa16d29e1-ef79-4edc-b710-c5c9d84af51a.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa16d29e1-ef79-4edc-b710-c5c9d84af51a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 11e0f4bc8f80c5009c099d6a371950e0
60b1df4be988d5e60b7834e39a12e3524fe0a767
c3149c1d902c6889bdab0287f69771a247ab21c6a5ad50cba0f200db561445b4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa16d29e1-ef79-4edc-b710-c5c9d84af51a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11674
x-amzn-requestid: b3fa7a9c-bf5c-44df-96ed-546f4da8f794
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Cb5i3GN7oAMF1LQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64216fab-2f380b4972056b6c64703e55;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 10:27:55 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: GN5sLhd8yUOi_odvkY8SIx0DDtXfUQ1HxLRrdOqFHjcqjIuM1KXDyA==
via: 1.1 50cc3f0b039433daebdf343a3f4489ae.cloudfront.net (CloudFront), 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 10:38:59 GMT
age: 75330
etag: "60b1df4be988d5e60b7834e39a12e3524fe0a767"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ufeiya.cn/en/images/nav_bg.jpg
112.74.88.221200 OK 1.2 kB URL HTTP/1.1 ufeiya.cn/en/images/nav_bg.jpg
IP 112.74.88.221:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 11x45, components 3\012- data
Hash 5bbd4870958a24b1a53fff0d07c1cc4d
23cae5da090902734ebbd503c2215dc8010cd3f6
18a8417c4633275805d367eb8ba213d8f0d045db4085fdf2c326c7afb8065cb8
GET /en/images/nav_bg.jpg HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/css/css.css
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Mar 2023 07:34:29 GMT
Content-Type: image/jpeg
Content-Length: 1249
Last-Modified: Thu, 12 Nov 2015 02:43:06 GMT
Connection: keep-alive
ETag: "5643fcba-4e1"
Expires: Thu, 27 Apr 2023 07:34:29 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ufeiya.cn/en/images/skype.png
112.74.88.221200 OK 4.7 kB URL HTTP/1.1 ufeiya.cn/en/images/skype.png
IP 112.74.88.221:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type PNG image data, 93 x 34, 8-bit/color RGBA, non-interlaced\012- data
Hash 2fd598d7dcd53729f6f9094422cfa474
a3a6938bc621d50de2acd02f84092d301c015768
5e2c9326cd026ac26111e3340db20eb3843c3d773a337e78b1d4b331d779da18
GET /en/images/skype.png HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/products.php?lm=34
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Mar 2023 07:34:29 GMT
Content-Type: image/png
Content-Length: 4701
Last-Modified: Thu, 12 Nov 2015 02:43:06 GMT
Connection: keep-alive
ETag: "5643fcba-125d"
Expires: Thu, 27 Apr 2023 07:34:29 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ufeiya.cn/en/Photo.scr
112.74.88.221404 Not Found 146 B IP 112.74.88.221:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
NIDS Severity Alert suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
GET /en/Photo.scr HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/products.php?lm=34
Upgrade-Insecure-Requests: 1
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:34:29 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
ufeiya.cn/upimg/2016091310404790.jpg
112.74.88.221200 OK 48 kB URL HTTP/1.1 ufeiya.cn/upimg/2016091310404790.jpg
IP 112.74.88.221:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=102, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1002], baseline, precision 8, 1002x102, components 3\012- data
Hash 185ccb8745628f38f83fd905aefe2703
c2815ddb179485d8d944e25a21ecb3856f51b6e6
995fada2754ff4defedc40ec1d190eee8c7c10eb13526a3062a0759d6cf526aa
GET /upimg/2016091310404790.jpg HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/products.php?lm=34
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Mar 2023 07:34:29 GMT
Content-Type: image/jpeg
Content-Length: 47506
Last-Modified: Tue, 13 Sep 2016 02:40:48 GMT
Connection: keep-alive
ETag: "57d76730-b992"
Expires: Thu, 27 Apr 2023 07:34:29 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ufeiya.cn/en/images/laingxi_10.jpg
112.74.88.221200 OK 22 kB URL HTTP/1.1 ufeiya.cn/en/images/laingxi_10.jpg
IP 112.74.88.221:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=68, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=216], baseline, precision 8, 216x68, components 3\012- data
Hash 671a9df4ee42c9cc4d4869ecb461cc2c
f089e1f83bce72855084724da15a8565a9296c5d
97ed5632bd11c617ae6559099223fd77368b754b3ea7fc55ad2770336d080db8
GET /en/images/laingxi_10.jpg HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/products.php?lm=34
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Mar 2023 07:34:29 GMT
Content-Type: image/jpeg
Content-Length: 21968
Last-Modified: Thu, 12 Nov 2015 02:43:06 GMT
Connection: keep-alive
ETag: "5643fcba-55d0"
Expires: Thu, 27 Apr 2023 07:34:29 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ufeiya.cn/en/images/laingxi_06.jpg
112.74.88.221200 OK 22 kB URL HTTP/1.1 ufeiya.cn/en/images/laingxi_06.jpg
IP 112.74.88.221:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=69, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=216], baseline, precision 8, 216x69, components 3\012- data
Hash 275450fb5fd69a2d88d29bab41f8ce5f
218562157600cf5ab85acf66b4fe37411094c973
9569491d2574023c03459403c98a1c2e1b4ab370d467442ec05b9cc644d20b0f
GET /en/images/laingxi_06.jpg HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/products.php?lm=34
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Mar 2023 07:34:29 GMT
Content-Type: image/jpeg
Content-Length: 21781
Last-Modified: Thu, 12 Nov 2015 02:43:06 GMT
Connection: keep-alive
ETag: "5643fcba-5515"
Expires: Thu, 27 Apr 2023 07:34:29 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ufeiya.cn/en/images/logo_03.jpg
112.74.88.221200 OK 50 kB URL HTTP/1.1 ufeiya.cn/en/images/logo_03.jpg
IP 112.74.88.221:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=63, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=468], baseline, precision 8, 756x63, components 3\012- data
Hash 1be535a900f3b87c7229940469d1693d
1da0b54885a04fe446c9db409e9723d24bff97bd
4197d1b04ac8edef25a7099f25eac7c911fc49f9ffac87f56b5ba7dd2898c773
GET /en/images/logo_03.jpg HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/products.php?lm=34
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Mar 2023 07:34:28 GMT
Content-Type: image/jpeg
Content-Length: 50412
Last-Modified: Sat, 10 Sep 2016 05:57:54 GMT
Connection: keep-alive
ETag: "57d3a0e2-c4ec"
Expires: Thu, 27 Apr 2023 07:34:28 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ufeiya.cn/en/images/li_bg.jpg
112.74.88.221200 OK 1.2 kB URL HTTP/1.1 ufeiya.cn/en/images/li_bg.jpg
IP 112.74.88.221:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1x25, components 3\012- data
Hash ff7b7d5246aa64eeaea2009d39a09115
e1aba4e9ebdb498923e4a7b3464b4d310c1aab2d
f09db4784d89ab44754964a247d5cc2ec16290475275a9f76b4ebe4f5236ba69
GET /en/images/li_bg.jpg HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/css/css.css
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Mar 2023 07:34:29 GMT
Content-Type: image/jpeg
Content-Length: 1198
Last-Modified: Thu, 12 Nov 2015 02:43:06 GMT
Connection: keep-alive
ETag: "5643fcba-4ae"
Expires: Thu, 27 Apr 2023 07:34:29 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ocsp.digicert.cn/
47.246.44.205200 OK 471 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 21b287c02417631e4748c1efc9984176
028de8b73e2c276a7fbad3a2ed86ae96f6209fb3
e9e0b06dc6c2b8a17f40ee852abbf5da8dbe542cbef4aa9a9a9efe16f871be64
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Date: Tue, 28 Mar 2023 07:34:29 GMT
Last-Modified: Mon, 27 Mar 2023 19:00:54 GMT
ETag: "6421e7e6-1d7"
Expires: Wed, 29 Mar 2023 19:00:54 GMT
Cache-Control: max-age=127585
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1679988869
Via: cache6.l2de2[51,51,200-0,M], cache6.l2de2[52,0], cache8.se1[72,72,200-0,M], cache8.se1[74,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Tue, 28 Mar 2023 07:34:29 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9c16799888697055649e
ufeiya.cn/en/Photo.scr
112.74.88.221404 Not Found 146 B IP 112.74.88.221:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
NIDS Severity Alert suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
GET /en/Photo.scr HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/products.php?lm=34
Upgrade-Insecure-Requests: 1
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:34:29 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
ufeiya.cn/en/images/icon.png
112.74.88.221200 OK 37 kB URL HTTP/1.1 ufeiya.cn/en/images/icon.png
IP 112.74.88.221:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type PNG image data, 370 x 500, 8-bit/color RGBA, non-interlaced\012- data
Hash d6b257e990fa6b5499034195367c99f7
a24262cce5102effd6a609ac5a058b83824b79b2
5548b4a28061b233847074087afb8fab88e88d100bb306ed2c7fa5546fe127f7
GET /en/images/icon.png HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/css/qq.css
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 28 Mar 2023 07:34:29 GMT
Content-Type: image/png
Content-Length: 37329
Last-Modified: Thu, 12 Nov 2015 02:43:06 GMT
Connection: keep-alive
ETag: "5643fcba-91d1"
Expires: Thu, 27 Apr 2023 07:34:29 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
ufeiya.cn/en/Photo.scr
112.74.88.221404 Not Found 146 B IP 112.74.88.221:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
NIDS Severity Alert suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
GET /en/Photo.scr HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/products.php?lm=34
Upgrade-Insecure-Requests: 1
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:34:29 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
ufeiya.cn/en/Photo.scr
112.74.88.221404 Not Found 146 B IP 112.74.88.221:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
NIDS Severity Alert suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
GET /en/Photo.scr HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/products.php?lm=34
Upgrade-Insecure-Requests: 1
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:34:29 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
ufeiya.cn/en/Photo.scr
112.74.88.221404 Not Found 146 B IP 112.74.88.221:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
NIDS Severity Alert suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
GET /en/Photo.scr HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/products.php?lm=34
Upgrade-Insecure-Requests: 1
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:34:29 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
ufeiya.cn/favicon.ico
112.74.88.221404 Not Found 146 B IP 112.74.88.221:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /favicon.ico HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/products.php?lm=34
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:34:30 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
ufeiya.cn/en/Photo.scr
112.74.88.221404 Not Found 146 B IP 112.74.88.221:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
NIDS Severity Alert suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
GET /en/Photo.scr HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/products.php?lm=34
Upgrade-Insecure-Requests: 1
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:34:30 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
ufeiya.cn/en/Photo.scr
112.74.88.221404 Not Found 146 B IP 112.74.88.221:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
NIDS Severity Alert suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
GET /en/Photo.scr HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/products.php?lm=34
Upgrade-Insecure-Requests: 1
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:34:30 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
ufeiya.cn/en/Photo.scr
112.74.88.221404 Not Found 146 B IP 112.74.88.221:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
NIDS Severity Alert suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
suricata low ET HUNTING HTTP request for resource ending in .scr
GET /en/Photo.scr HTTP/1.1
Host: ufeiya.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ufeiya.cn/en/products.php?lm=34
Upgrade-Insecure-Requests: 1
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 28 Mar 2023 07:34:30 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
pub.idqqimg.com/qconn/wpa/button/button_111.gif
203.205.137.181302 Found 0 B URL HTTP/1.1 pub.idqqimg.com/qconn/wpa/button/button_111.gif
IP 203.205.137.181:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /qconn/wpa/button/button_111.gif HTTP/1.1
Host: pub.idqqimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ufeiya.cn/
Connection: keep-alive
HTTP/1.1 302 Found
Location: https://pub.idqqimg.com/qconn/wpa/button/button_111.gif
Content-Length: 0
X-NWS-LOG-UUID: 1661999486115582028
Connection: keep-alive
Server: Lego Server
Date: Tue, 28 Mar 2023 07:34:33 GMT
X-Cache-Lookup: Return Directly
Vary: Origin
Cache-Control: max-age=86400
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.21.226:0
Hash 61d7d7dfd685dcb958b6c579dd8f7ddb
32989a2ad71a993062a36db370391734cb7ef4e8
1e6d2f24c4d8ae26cb952e8a9c8f3b30b6d4786223366e525710774b0dd3b4b9
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 07:34:34 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sat, 01 Apr 2023 05:47:20 GMT
ETag: "32989a2ad71a993062a36db370391734cb7ef4e8"
Last-Modified: Tue, 28 Mar 2023 05:47:21 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7aee31031dad1bfa-OSL
pub.idqqimg.com/qconn/wpa/button/button_111.gif
203.205.137.181200 OK 2.7 kB URL HTTP/2 pub.idqqimg.com/qconn/wpa/button/button_111.gif
IP 203.205.137.181:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, extended sequential, precision 8, 79x25, components 3\012- data
Hash 694c0b653516a2df2f7e70ed29c75c87
7bf744a6bbbf3f5860a23f65d8b9fb3e6156e4ee
c9ccba6f4bbb2634efa43dc1489057db599ecaf966f1755b2a06c476f37b4ebe
GET /qconn/wpa/button/button_111.gif HTTP/1.1
Host: pub.idqqimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ufeiya.cn/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Mon, 08 Jan 2018 20:49:01 GMT
server: NWS_SSD_MID
date: Sun, 26 Mar 2023 13:22:17 GMT
expires: Wed, 29 Mar 2023 13:22:17 GMT
content-type: image/jpeg
x-verify-code: ec616b5c3f42a8da313f3fd915516be4
x-daa-tunnel: hop_count=1
age: 65534
content-length: 2730
accept-ranges: bytes
x-nws-log-uuid: 5091058581385517512
x-cache-lookup: Cache Hit
vary: Origin
cache-control: max-age=86400
X-Firefox-Spdy: h2
wpa.qq.com/pa?p=2:507726006:51
58.251.100.24301 Moved Permanently 0 B URL HTTP/2 wpa.qq.com/pa?p=2:507726006:51
IP 58.251.100.24:0
ASN #17623 China Unicom Shenzen network
GET /pa?p=2:507726006:51 HTTP/1.1
Host: wpa.qq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ufeiya.cn/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Tue, 28 Mar 2023 07:34:29 GMT
content-type: text/html; charset=UTF-8
server: tws
location: http://pub.idqqimg.com/qconn/wpa/button/button_111.gif
pragma: no-cache
cache-control: no-cache; must-revalidate
X-Firefox-Spdy: h2