Report - ruimangedu.com/

Report Overview

Visited public
2023-09-28 10:09:28
Tags
URL
ruimangedu.com/
Finishing URL
www.ruimangedu.com/
IP / ASN
104.165.7.84
#18779 EGIHOSTING
Title
0638太阳集团(官方认证)-Apple App Store

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ruimangedu.com	unknown	2023-04-20	2019-02-15 13:30:48	2023-05-09 11:26:38	387 B	370 B	104.165.7.84
www.chem17.com	unknown	2003-03-17	2013-06-12 09:47:44	2023-09-23 09:28:31	1.6 kB	2.6 kB	58.218.215.150
chat.chem17.com	unknown	2003-03-17	2014-05-28 01:58:43	2023-09-23 09:28:33	1.2 kB	87 kB	183.60.219.35
img59.chem17.com	unknown	2003-03-17	2013-05-25 16:24:16	2023-08-25 12:29:51	844 B	12 kB	42.81.98.35
img80.chem17.com	unknown	2003-03-17	2022-06-02 02:43:33	2023-09-18 09:34:19	844 B	16 kB	183.131.185.35
img70.chem17.com	unknown	2003-03-17	2019-03-07 06:18:01	2023-09-18 09:34:19	3.4 kB	48 kB	183.131.185.35
img54.chem17.com	unknown	2003-03-17	2013-11-27 19:29:56	2023-08-17 12:48:08	844 B	11 kB	180.97.198.35
img67.chem17.com	unknown	2003-03-17	2015-04-19 04:41:56	2023-09-21 07:35:39	844 B	11 kB	42.101.4.35
img74.chem17.com	unknown	2003-03-17	2020-07-02 04:38:32	2023-09-17 09:29:41	844 B	20 kB	1.193.146.35
img52.chem17.com	unknown	2003-03-17	2013-11-27 19:29:53	2023-08-17 12:48:09	844 B	17 kB	1.193.146.35
img60.chem17.com	unknown	2003-03-17	2013-11-27 19:29:53	2023-08-25 12:29:51	844 B	8.8 kB	180.97.198.35
www.jxpxdier.com	unknown	2014-10-31	2017-07-26 13:46:24	2023-05-10 11:34:17	8.8 kB	1.4 MB	182.107.80.35
hm.baidu.com	8254	1999-10-11	2012-05-26 10:38:45	2023-09-27 19:57:29	860 B	173 B	103.235.46.191
sdk.51.la	88367	2005-01-17	2021-03-08 17:03:51	2023-09-27 11:49:11	648 B	28 kB	47.246.44.205
www.ruimangedu.com	unknown	unknown	2019-06-03 12:20:59	2023-04-27 11:41:50	12 kB	111 kB	104.165.7.84
img79.chem17.com	unknown	2003-03-17	2022-06-28 03:25:30	2023-08-25 14:42:22	844 B	9.6 kB	183.131.185.35
img62.chem17.com	unknown	2003-03-17	2013-12-07 18:47:33	2023-08-25 12:29:51	2.5 kB	26 kB	220.169.152.35
img65.chem17.com	unknown	2003-03-17	2015-04-26 11:19:08	2023-08-25 12:29:51	1.7 kB	33 kB	42.101.56.35
	unknown				10 kB	1.7 MB	85.208.116.100
collect-v6.51.la	91421	2005-01-17	2021-03-08 17:03:54	2023-09-28 04:27:21	772 B	980 B	203.107.86.226
img68.chem17.com	unknown	2003-03-17	2019-03-18 07:58:55	2023-09-23 09:28:33	844 B	13 kB	220.169.152.35
push.zhanzhang.baidu.com	57139	1999-10-11	2015-07-22 07:44:02	2023-09-27 20:07:02	658 B	1.5 kB	182.61.201.93
img57.chem17.com	unknown	2003-03-17	2013-11-27 19:29:52	2023-08-25 12:29:52	844 B	13 kB	42.101.4.35
img63.chem17.com	unknown	2003-03-17	2013-11-27 19:29:54	2023-08-25 12:29:52	844 B	11 kB	36.99.3.35
api.share.baidu.com	44629	1999-10-11	2013-04-25 16:45:11	2023-09-27 21:26:20	375 B	0 B	0.0.0.0

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-09-28	medium	jxpxdier.com	Sinkholed
2023-09-28	medium	jxpxdier.com	Sinkholed
2023-09-28	medium	jxpxdier.com	Sinkholed
2023-09-28	medium	jxpxdier.com	Sinkholed
2023-09-28	medium	jxpxdier.com	Sinkholed
2023-09-28	medium	jxpxdier.com	Sinkholed
2023-09-28	medium	jxpxdier.com	Sinkholed
2023-09-28	medium	jxpxdier.com	Sinkholed
2023-09-28	medium	jxpxdier.com	Sinkholed
2023-09-28	medium	jxpxdier.com	Sinkholed
2023-09-28	medium	jxpxdier.com	Sinkholed
2023-09-28	medium	jxpxdier.com	Sinkholed
2023-09-28	medium	jxpxdier.com	Sinkholed
2023-09-28	medium	jxpxdier.com	Sinkholed
2023-09-28	medium	jxpxdier.com	Sinkholed
2023-09-28	medium	jxpxdier.com	Sinkholed
2023-09-28	medium	jxpxdier.com	Sinkholed
2023-09-28	medium	jxpxdier.com	Sinkholed
2023-09-28	medium	jxpxdier.com	Sinkholed
2023-09-28	medium	jxpxdier.com	Sinkholed
2023-09-28	medium	jxpxdier.com	Sinkholed
2023-09-28	medium	jxpxdier.com	Sinkholed
2023-09-28	medium	jxpxdier.com	Sinkholed
2023-09-28	medium	jxpxdier.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (28)

	URL	From	Size	First Seen	Last Seen
	www.ruimangedu.com/	ScriptElement	82 B	2023-05-10	2024-08-21
Pretty URL www.ruimangedu.com/ IP 104.165.7.84 ASN #18779 EGIHOSTING Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-10 11:34 Last Seen2024-08-21 05:37 Times Seen1 Hash b7f8426cbe06e774a159ad5f80113d7f 2b02004aa1ac54f3fc12639ae2fc0b8a760691d9 7ca4f2799526a77874fc63d37acb71b8e1787a1c570de673d539dd74b6b341e8 Loading...

	www.ruimangedu.com/	ScriptElement	356 B	2023-03-07	2025-04-28
Pretty URL www.ruimangedu.com/ IP 104.165.7.84 ASN #18779 EGIHOSTING Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:09 Last Seen2025-04-28 04:26 Times Seen145 Hash 2149b39507f7a95f205338b600f2732e 56879c45ecd121ed424b5fff5d0feab5b858929c 4d885d41d4293a4dcf0f954ef3b71c4c19224956f5921c903476b229a9105d70 Loading...

	www.ruimangedu.com/skins/127431/js/MSClass.js	ScriptElement	16 kB	2023-05-10	2024-08-21
Pretty URL www.ruimangedu.com/skins/127431/js/MSClass.js IP 104.165.7.84 ASN #18779 EGIHOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-10 11:34 Last Seen2024-08-21 05:37 Times Seen2 Hash b2ca28b52feaa33131ee0ea93b92d0f0 d26e07185ed7960469926adaeb6218a64463f658 fe3a6ebad46888274982e709edcae95cf022786a45fc9ac642418442bfe2f0b3 Loading...

	push.zhanzhang.baidu.com/push.js	ScriptElement	281 B	2023-03-07	2025-05-09
Pretty URL push.zhanzhang.baidu.com/push.js IP 182.61.201.93 ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 04:50 Times Seen7757 Hash 1bb5a3267c9865ad4abe8d937734b62b b5478dd2edb3e64242eced1db2dbd945ef81f592 674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2 Loading...

	sdk.51.la/js-sdk-pro.min.js	ScriptElement	34 kB	2023-04-05	2025-05-09
Pretty URL sdk.51.la/js-sdk-pro.min.js IP 47.246.44.205 ASN #24429 Zhejiang Taobao Network Co.,Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 07:31 Last Seen2025-05-09 04:56 Times Seen8540 Hash 8fc0b01d35300e8398d6e957987c01e7 f1eb32c75b8d8e4b0555ebc2a5f5d1d60296f41e b164aafa0bb83dfe511912ca2ca475880bfffac8d8f098c947fd3d4af440d3a4 Loading...

	www.ruimangedu.com/skins/127431/js/jquery-3.6.0.min.js	ScriptElement	89 kB	2023-05-10	2025-04-06
Pretty URL www.ruimangedu.com/skins/127431/js/jquery-3.6.0.min.js IP 104.165.7.84 ASN #18779 EGIHOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-10 11:34 Last Seen2025-04-06 10:28 Times Seen20 Hash 2741bb1ca07e9c982bd522311393b37e dc281725ccbf1994fae36d73b81e7e77ad20ece0 1727a622fff94fb341dfb5f6ba626546b4af3b0654ff5549610ee16f157b27e8 Loading...

	chat.chem17.com/chat/KFCenterBox/127431	ScriptElement	49 B	2023-03-07	2025-05-01
Pretty URL chat.chem17.com/chat/KFCenterBox/127431 IP 183.60.219.35 ASN #4134 Chinanet Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:42 Last Seen2025-05-01 22:48 Times Seen91 Hash b936460ba988b30cd79d99ae93c77106 a44405ff5b67abf66ef77714e4364e6c3f1e9940 6cd604b71e1e21050b6a41602716b9a722e769a5d7cfb3b97152f3d73dcef5c9 Loading...

	www.chem17.com/mystat.aspx?u=pxdier	ScriptElement	1.1 kB	2023-05-10	2024-08-21
Pretty URL www.chem17.com/mystat.aspx?u=pxdier IP 58.218.215.150 ASN #4134 Chinanet Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-10 11:34 Last Seen2024-08-21 05:37 Times Seen1 Hash 8f6c1d4fa697376655a1bb5f0185b6dc c5eba8caf8288bfa15de7395cc55d956c345dc0b 8cac4963f0873d3e965712277a0465c32d0424c95070396f236b450683b21fef Loading...

	www.ruimangedu.com/js/JSChat.js	ScriptElement	909 B	2023-03-07	2025-04-22
Pretty URL www.ruimangedu.com/js/JSChat.js IP 104.165.7.84 ASN #18779 EGIHOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:26 Last Seen2025-04-22 06:31 Times Seen38 Hash 6607c201e93287b2e0ae2ef03d2627d9 827c42785b6e9bdcfcd248546fd59fc93d038887 108b52af210d8ac6df235e8579959d5349b60562e4c7149796947a0dd683e027 Loading...

	www.ruimangedu.com/skins/127431/js/setRem.js	ScriptElement	396 B	2023-05-10	2023-09-28
Pretty URL www.ruimangedu.com/skins/127431/js/setRem.js IP 104.165.7.84 ASN #18779 EGIHOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-10 11:34 Last Seen2023-09-28 12:09 Times Seen1 Hash d02987ff470a67fcba408562e9039b72 d9a56758e1c65a60adb5cdc5b85ba0da758b4ea3 bc3a6655986e2078c03be02da0f14deb28a2849aaa1c28683498ff618ce3b2f2 Loading...

	www.ruimangedu.com/skins/127431/js/swiper.min.js	ScriptElement	96 kB	2023-05-10	2023-09-28
Pretty URL www.ruimangedu.com/skins/127431/js/swiper.min.js IP 104.165.7.84 ASN #18779 EGIHOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-10 11:34 Last Seen2023-09-28 12:09 Times Seen1 Hash 58c352bc141b50d78c0338372909c7dc bc3387a767b16097b6686935d0d2382e107d6beb d17d21f5722d80f57e9abfaed06416335ccf74c0372495a3a567bce1edfe765c Loading...

	www.ruimangedu.com/	ScriptElement	679 B	2023-03-26	2025-03-29
Pretty URL www.ruimangedu.com/ IP 104.165.7.84 ASN #18779 EGIHOSTING Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-26 12:45 Last Seen2025-03-29 04:52 Times Seen4 Hash 899ba6848c25f04e7516d068d291006d e60a00ae94deeb428dc34e49ca6e96e9adfb61ef 2a5f913a34020d72ca383ee576b3a10d3fb308f1c6ea39b36e830c2dcea19797 Loading...

	unknown	ScriptElement	491 B	2023-05-10	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-10 11:34 Last Seen2024-08-21 07:20 Times Seen5 Hash f48cdf120e3b4da0b9be1af1a7c8503f 0c232021b360cdaa8117e437e74f3fbfbef1b984 40fbf2707b2094a00cea6bc25ceb93a83fa939e7339f7fcbf50bb53d2e7f10d6 Loading...

	chat.chem17.com/Content/js/jquery.js	ScriptElement	85 kB	2023-03-07	2025-04-27
Pretty URL chat.chem17.com/Content/js/jquery.js IP 183.60.219.35 ASN #4134 Chinanet Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:42 Last Seen2025-04-27 21:55 Times Seen45 Hash 421ce628a95a26088cab91e158a50837 0adfe2c48cb57357ca877d66280f3d651b21bfe1 0642cef09b069fc43b7da4350c0b42e3a8478d7541f726955a45d2651726e537 Loading...

	www.ruimangedu.com/jquery.la.min.js	ScriptElement	1.4 kB	2023-05-10	2023-09-28
Pretty URL www.ruimangedu.com/jquery.la.min.js IP 104.165.7.84 ASN #18779 EGIHOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-10 11:34 Last Seen2023-09-28 12:09 Times Seen1 Hash e2c55cceca0f54efd7b2a6ba0705bfb1 a71d3bd5c915e1f326f0569af370f62fe0622267 39e4d0650f69398abd3043a817db2f57ea09cc70fbd45508e0f97e645183f510 Loading...

	www.ruimangedu.com/	ScriptElement	899 B	2023-05-10	2024-08-21
Pretty URL www.ruimangedu.com/ IP 104.165.7.84 ASN #18779 EGIHOSTING Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-10 11:34 Last Seen2024-08-21 05:37 Times Seen1 Hash 62c9f91ce3875a193bd8e8e2ae004130 b0f4b340303c75dafe1eb3cf2ac3b93efdc7cef0 d232b94f326d91d6d3d9184d2ea26b4bb8f1b7f51591546f5e31fd641e1364ae Loading...

	unknown	ScriptElement	491 B	2023-05-10	2024-08-21
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-10 11:34 Last Seen2024-08-21 05:37 Times Seen1 Hash 3426c3aa2888d9c2f743d6235cf9cfca c752b2b26571c519a025aa736fce448fc04afddc 327d559c9adb6c6d520f112666ba89bbab31a488329d73d7ae9966e6a40dcbd3 Loading...

	www.ruimangedu.com/	ScriptElement	56 B	2023-05-10	2024-08-21
Pretty URL www.ruimangedu.com/ IP 104.165.7.84 ASN #18779 EGIHOSTING Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-10 11:34 Last Seen2024-08-21 05:37 Times Seen2 Hash 216b4ad109166bb288bf688ba5349fb9 360e7d5eb8df9ad694388109616a0566bfeefeeb 1201c5b21144414595aa85294d9c85d6035bd452b918837f18d1b3638fc9e88d Loading...

	www.ruimangedu.com/jquery.min.js	ScriptElement	725 B	2023-03-12	2025-04-14
Pretty URL www.ruimangedu.com/jquery.min.js IP 104.165.7.84 ASN #18779 EGIHOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:05 Last Seen2025-04-14 16:56 Times Seen14 Hash ed3b3954a33fd8c53ec73277b1d68076 5364def41aec7786ebddd2738c0cbd34c3ed1e11 5106200482298bc6e578fc8f58b39395ed379f26b28e7d7caa883e814256364a Loading...

	fcl.xueyuxingfeng.com:6987/boss/alan/sj.js	ScriptElement	6.9 kB	2023-09-07	2025-04-19
Pretty URL fcl.xueyuxingfeng.com:6987/boss/alan/sj.js IP 85.208.116.100 ASN #18978 ENZUINC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-07 23:22 Last Seen2025-04-19 07:35 Times Seen45 Hash 1675654b7f6d1f9e939d7701a7c9dd15 227ad656735426fda2abb9ef423685b9af2d68e0 5f433c8b22617150fe85dc2c9ffdb487a0ed9de226533ce8cacc6d03d804eee7 Loading...

	hm.baidu.com/hm.js?edaf083abac5e513fe76cbf251fe02c0	ScriptElement	0 B	0001-01-01	2025-05-09
Pretty URL hm.baidu.com/hm.js?edaf083abac5e513fe76cbf251fe02c0 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-05-09 08:30 Times Seen4634883 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.ruimangedu.com/	ScriptElement	345 B	2023-03-11	2025-04-28
Pretty URL www.ruimangedu.com/ IP 104.165.7.84 ASN #18779 EGIHOSTING Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-11 21:10 Last Seen2025-04-28 04:26 Times Seen314 Hash b3bf742b87eab13561c08070eaee6416 fd4c07a8cccbfa6136825ee1e464c182ac0ad0d1 95f8b67817f438cf0f147a83f95ae7c2846cf875691a1836239095cdf98f752b Loading...

		Size	First Seen	Last Seen
	#1 Eval - c0a02d7307feae6ffcd35dc03582b9ad	20 kB	2023-03-07 12:09	2025-04-24 04:54
Pretty Observations First Seen2023-03-07 12:09 Last Seen2025-04-24 04:54 Times Seen74 Hash c0a02d7307feae6ffcd35dc03582b9ad 4871a55009de8a59fe3503a75b0a0b1ab598cd7c cf24e7b88e3cc0346b46e3091f85acafafaa724a97c8abf179118c2278c39bc9 Loading...

		Size	First Seen	Last Seen
	#1 Write - 25cd70febdc290efed37dc44e11ccee0	7.1 kB	2024-08-21 05:37	2024-08-21 05:37
Pretty Observations First Seen2024-08-21 05:37 Last Seen2024-08-21 05:37 Times Seen1 Hash 25cd70febdc290efed37dc44e11ccee0 dc09085c02a37a411f7988ecfe3a89f3023b1b93 aba2ae5f842729ce299a862701d00a99eb95ba36bdce03d260e26b1a1d925c86 Loading...

	#2 Write - bd3f52219c25fe4b845df749e4c82dc7	508 B	2023-05-10 11:34	2025-04-14 16:56
Pretty Observations First Seen2023-05-10 11:34 Last Seen2025-04-14 16:56 Times Seen14 Hash bd3f52219c25fe4b845df749e4c82dc7 85d74f56319d7fbdc9e82eefc30032b3656d3a3c d8a4c3b79532a322abf82c34a2bbb1d32ebfb29a5b1311f8a28407915f226d04 Loading...

	#3 Write - d0fe0e1a0ee53c52170a3c207621959f	508 B	2023-05-10 11:34	2025-03-28 05:25
Pretty Observations First Seen2023-05-10 11:34 Last Seen2025-03-28 05:25 Times Seen2 Hash d0fe0e1a0ee53c52170a3c207621959f e04fd583949b64e4b2a8e6deaac380eb71665905 29ccb873f80bf2020af248d7067f1e09fc7cce64a16609a067bd6a68ffa2b7ad Loading...

	#4 Write - 405dfa2c989272c853d65af5e799286e	135 B	2023-03-12 21:05	2025-04-14 16:56
Pretty Observations First Seen2023-03-12 21:05 Last Seen2025-04-14 16:56 Times Seen14 Hash 405dfa2c989272c853d65af5e799286e 7579a32f84821e6921b03cd6dceec3385b727290 5e4262eb3ee1f8ef951bf48a590221cd591006993bc145537bbaea3f1c1d70e4 Loading...

	#5 Write - a27119c64d2943c31332042ce4baa795	212 B	2023-05-10 11:34	2024-08-21 05:37
Pretty Observations First Seen2023-05-10 11:34 Last Seen2024-08-21 05:37 Times Seen1 Hash a27119c64d2943c31332042ce4baa795 f4e65840ddd8953a5bceccf80fd05e1d4507ede7 c573d42235b93f68b569163beecd45c69ba112bf04b6b48f7bf9cbc4fa826b37 Loading...

HTTP Transactions (135)

URL IP Response Size

ruimangedu.com/

104.165.7.84

178 B

URL User Request GET
ruimangedu.com/
IP
104.165.7.84:0
ASN
#18779 EGIHOSTING

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET / HTTP/1.1
Host: ruimangedu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 28 Sep 2023 10:09:09 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: http://www.ruimangedu.com/

www.ruimangedu.com/

104.165.7.84

9.8 kB

URL User Request GET
www.ruimangedu.com/
IP
104.165.7.84:0
ASN
#18779 EGIHOSTING

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (559)
Size
9.8 kB (9817 bytes)
Hash
1738f476f23301f5035250903555509e
0725684782c590274dd6eacef7462975473e5338
4b3eaa3d88b6bcb04c1d0ec8f6aaa7fcbcf6239b008f72540666fa9b840437c3

HTTP Headers

GET / HTTP/1.1
Host: www.ruimangedu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 28 Sep 2023 10:09:10 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip

www.ruimangedu.com/js/JSChat.js

104.165.7.84

200 OK

487 B

URL GET HTTP/1.1
www.ruimangedu.com/js/JSChat.js
IP
104.165.7.84:80
ASN
#18779 EGIHOSTING

Requested by
http://www.ruimangedu.com/

File type
ISO-8859 text
Size
487 B (487 bytes)
Hash
570c6dc8072b94a60d8fa7ae24001ec9
f32dbf4018bf208ce6a84ef3bb71787683da97fd
41fb807e3fee249a51b1a6fbb46e25cc1874ad347d2b1d0707d6fd0d5cee8461

HTTP Headers

GET /js/JSChat.js HTTP/1.1
Host: www.ruimangedu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 28 Sep 2023 10:09:10 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip

www.ruimangedu.com/jquery.min.js

104.165.7.84

200 OK

725 B

URL GET HTTP/1.1
www.ruimangedu.com/jquery.min.js
IP
104.165.7.84:80
ASN
#18779 EGIHOSTING

Requested by
http://www.ruimangedu.com/

File type
ASCII text, with very long lines (725), with no line terminators
Size
725 B (725 bytes)
Hash
ed3b3954a33fd8c53ec73277b1d68076
5364def41aec7786ebddd2738c0cbd34c3ed1e11
5106200482298bc6e578fc8f58b39395ed379f26b28e7d7caa883e814256364a

HTTP Headers

GET /jquery.min.js HTTP/1.1
Host: www.ruimangedu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 28 Sep 2023 10:09:11 GMT
Content-Type: application/javascript
Content-Length: 725
Last-Modified: Wed, 26 Apr 2023 10:30:40 GMT
Connection: keep-alive
ETag: "6448fd50-2d5"
Expires: Thu, 28 Sep 2023 11:09:11 GMT
Cache-Control: max-age=3600
Accept-Ranges: bytes

www.ruimangedu.com/skins/127431/css/swiper.min.css

104.165.7.84

200 OK

3.1 kB

URL GET HTTP/1.1
www.ruimangedu.com/skins/127431/css/swiper.min.css
IP
104.165.7.84:80
ASN
#18779 EGIHOSTING

Requested by
http://www.ruimangedu.com/

File type
ASCII text, with very long lines (17459), with no line terminators
Size
3.1 kB (3105 bytes)
Hash
d9b07f5be43f14b75aa1f1e44c133e01
bab857a50e875e11c3b3949c2663685e83559076
72363aab8899d20cdd71623fe70473f1b97a38062beb4185ec0e6af7b8508980

HTTP Headers

GET /skins/127431/css/swiper.min.css HTTP/1.1
Host: www.ruimangedu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 28 Sep 2023 10:09:11 GMT
Content-Type: text/css;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip

www.ruimangedu.com/skins/127431/js/MSClass.js

104.165.7.84

200 OK

8.0 kB

URL GET HTTP/1.1
www.ruimangedu.com/skins/127431/js/MSClass.js
IP
104.165.7.84:80
ASN
#18779 EGIHOSTING

Requested by
http://www.ruimangedu.com/

File type
exported SGML document, Unicode text, UTF-8 text, with very long lines (16169)
Size
8.0 kB (7984 bytes)
Hash
a1ac224d776a5b6c38339d55d1e949fa
f62048b94399260174417d3da30b8a754a05527f
b0f960c2a615999a2f62f92ff194a8eb114b84a5d87993b1cc94da9764013864

HTTP Headers

GET /skins/127431/js/MSClass.js HTTP/1.1
Host: www.ruimangedu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 28 Sep 2023 10:09:11 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip

www.ruimangedu.com/skins/127431/js/jquery-3.6.0.min.js

104.165.7.84

200 OK

35 kB

URL GET HTTP/1.1
www.ruimangedu.com/skins/127431/js/jquery-3.6.0.min.js
IP
104.165.7.84:80
ASN
#18779 EGIHOSTING

Requested by
http://www.ruimangedu.com/

File type
ASCII text, with very long lines (65535)
Size
35 kB (34719 bytes)
Hash
2741bb1ca07e9c982bd522311393b37e
dc281725ccbf1994fae36d73b81e7e77ad20ece0
1727a622fff94fb341dfb5f6ba626546b4af3b0654ff5549610ee16f157b27e8

HTTP Headers

GET /skins/127431/js/jquery-3.6.0.min.js HTTP/1.1
Host: www.ruimangedu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 28 Sep 2023 10:09:11 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip

www.ruimangedu.com/skins/127431/js/swiper.min.js

104.165.7.84

200 OK

27 kB

URL GET HTTP/1.1
www.ruimangedu.com/skins/127431/js/swiper.min.js
IP
104.165.7.84:80
ASN
#18779 EGIHOSTING

Requested by
http://www.ruimangedu.com/

File type
ASCII text, with very long lines (31997)
Size
27 kB (27319 bytes)
Hash
58c352bc141b50d78c0338372909c7dc
bc3387a767b16097b6686935d0d2382e107d6beb
d17d21f5722d80f57e9abfaed06416335ccf74c0372495a3a567bce1edfe765c

HTTP Headers

GET /skins/127431/js/swiper.min.js HTTP/1.1
Host: www.ruimangedu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 28 Sep 2023 10:09:11 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip

www.ruimangedu.com/skins/127431/css/style.css

104.165.7.84

200 OK

18 kB

URL GET HTTP/1.1
www.ruimangedu.com/skins/127431/css/style.css
IP
104.165.7.84:80
ASN
#18779 EGIHOSTING

Requested by
http://www.ruimangedu.com/

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (888)
Size
18 kB (17687 bytes)
Hash
7a9f9b4f0d51a535cc018e129d1392d5
0d71463348280d97f4f4893937ab69cc465af9ef
4700580f3d995e2aa760013082534b81c62cb2505cb62c6a3e9927054247f006

HTTP Headers

GET /skins/127431/css/style.css HTTP/1.1
Host: www.ruimangedu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 28 Sep 2023 10:09:11 GMT
Content-Type: text/css;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip

www.ruimangedu.com/skins/127431/js/setRem.js

104.165.7.84

200 OK

237 B

URL GET HTTP/1.1
www.ruimangedu.com/skins/127431/js/setRem.js
IP
104.165.7.84:80
ASN
#18779 EGIHOSTING

Requested by
http://www.ruimangedu.com/

File type
ASCII text
Size
237 B (237 bytes)
Hash
d02987ff470a67fcba408562e9039b72
d9a56758e1c65a60adb5cdc5b85ba0da758b4ea3
bc3a6655986e2078c03be02da0f14deb28a2849aaa1c28683498ff618ce3b2f2

HTTP Headers

GET /skins/127431/js/setRem.js HTTP/1.1
Host: www.ruimangedu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 28 Sep 2023 10:09:11 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip

www.chem17.com/mystat.aspx?u=pxdier

58.218.215.150

262 B

URL GET
www.chem17.com/mystat.aspx?u=pxdier
IP
58.218.215.150:0
ASN
#4134 Chinanet

Requested by
http://www.ruimangedu.com/
Certificate
IssuerDigiCert, Inc.
Subject*.chem17.com
Fingerprint4C:18:7F:36:10:A0:9B:2F:F1:11:80:91:98:57:0A:F2:6A:12:36:69
ValidityFri, 06 Jan 2023 00:00:00 GMT - Sat, 06 Jan 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
262 B (262 bytes)
Hash
72fa0fca20c82853e6dbbc1f13c78100
4e9b01e3ad0b56c9409bb02e5700430792fecacd
4555de589ff9b307e20c708d6f112bc47bb377df29ff0a5914f8fb0932926887

HTTP Headers

GET /mystat.aspx?u=pxdier HTTP/1.1
Host: www.chem17.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: Tengine
Date: Thu, 28 Sep 2023 10:09:11 GMT
Content-Type: text/html
Content-Length: 262
Connection: keep-alive
Location: https://www.chem17.com/mystat.aspx?u=pxdier
Via: kunlun7.cn192[,0]
Timing-Allow-Origin: *
EagleId: 3adad01b16958957515966828e

chat.chem17.com/chat/KFLeftBox/127431

183.60.219.35

200 OK

49 B

URL GET HTTP/2
chat.chem17.com/chat/KFLeftBox/127431
IP
183.60.219.35:443
ASN
#4134 Chinanet

Requested by
http://www.ruimangedu.com/
Certificate
IssuerDigiCert, Inc.
Subject*.chem17.com
Fingerprint4C:18:7F:36:10:A0:9B:2F:F1:11:80:91:98:57:0A:F2:6A:12:36:69
ValidityFri, 06 Jan 2023 00:00:00 GMT - Sat, 06 Jan 2024 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
49 B (49 bytes)
Hash
b936460ba988b30cd79d99ae93c77106
a44405ff5b67abf66ef77714e4364e6c3f1e9940
6cd604b71e1e21050b6a41602716b9a722e769a5d7cfb3b97152f3d73dcef5c9

HTTP Headers

GET /chat/KFLeftBox/127431 HTTP/1.1
Host: chat.chem17.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: JSP3/2.0.14
date: Thu, 28 Sep 2023 10:09:13 GMT
content-type: text/html; charset=utf-8
content-length: 49
cache-control: private
set-cookie: ASP.NET_SessionId=rj2p5tglpp0b4w1ntw2r2khq; path=/; HttpOnly; SameSite=Lax
mtcached_mtsession_rj2p5tglpp0b4w1ntw2r2khq=10.115.3.113:9711; domain=chat.chem17.com; path=/; HttpOnly
accept-ranges: none
x-aspnetmvc-version: 3.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET-4.27
ohc-cache-hit: fs3ct60 [1], wzix76 [1]
ohc-file-size: 49
x-cache-status: MISS
X-Firefox-Spdy: h2

chat.chem17.com/chat/KFCenterBox/127431

183.60.219.35

200 OK

49 B

URL GET HTTP/2
chat.chem17.com/chat/KFCenterBox/127431
IP
183.60.219.35:443
ASN
#4134 Chinanet

Requested by
http://www.ruimangedu.com/
Certificate
IssuerDigiCert, Inc.
Subject*.chem17.com
Fingerprint4C:18:7F:36:10:A0:9B:2F:F1:11:80:91:98:57:0A:F2:6A:12:36:69
ValidityFri, 06 Jan 2023 00:00:00 GMT - Sat, 06 Jan 2024 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
49 B (49 bytes)
Hash
b936460ba988b30cd79d99ae93c77106
a44405ff5b67abf66ef77714e4364e6c3f1e9940
6cd604b71e1e21050b6a41602716b9a722e769a5d7cfb3b97152f3d73dcef5c9

HTTP Headers

GET /chat/KFCenterBox/127431 HTTP/1.1
Host: chat.chem17.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: JSP3/2.0.14
date: Thu, 28 Sep 2023 10:09:13 GMT
content-type: text/html; charset=utf-8
content-length: 49
cache-control: private
set-cookie: ASP.NET_SessionId=w5f3fasgbhezd2hg1lzqwsil; path=/; HttpOnly
mtcached_mtsession_w5f3fasgbhezd2hg1lzqwsil=10.115.3.111:9719; domain=chat.chem17.com; path=/; HttpOnly
accept-ranges: none
x-aspnetmvc-version: 3.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET-4.29
ohc-cache-hit: fs3ct52 [1], xaix231 [1]
ohc-file-size: 49
x-cache-status: MISS
X-Firefox-Spdy: h2

www.ruimangedu.com/skins/127431/images/ys1.png

104.165.7.84

302 Moved Temporarily

0 B

URL GET HTTP/1.1
www.ruimangedu.com/skins/127431/images/ys1.png
IP
104.165.7.84:80
ASN
#18779 EGIHOSTING

Requested by
http://www.ruimangedu.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /skins/127431/images/ys1.png HTTP/1.1
Host: www.ruimangedu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 28 Sep 2023 10:09:13 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.jxpxdier.com/skins/127431/images/ys1.png

www.ruimangedu.com/skins/127431/images/ys4.png

104.165.7.84

302 Moved Temporarily

0 B

URL GET HTTP/1.1
www.ruimangedu.com/skins/127431/images/ys4.png
IP
104.165.7.84:80
ASN
#18779 EGIHOSTING

Requested by
http://www.ruimangedu.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /skins/127431/images/ys4.png HTTP/1.1
Host: www.ruimangedu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 28 Sep 2023 10:09:13 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.jxpxdier.com/skins/127431/images/ys4.png

www.ruimangedu.com/skins/127431/images/ys3a.png

104.165.7.84

302 Moved Temporarily

0 B

URL GET HTTP/1.1
www.ruimangedu.com/skins/127431/images/ys3a.png
IP
104.165.7.84:80
ASN
#18779 EGIHOSTING

Requested by
http://www.ruimangedu.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /skins/127431/images/ys3a.png HTTP/1.1
Host: www.ruimangedu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 28 Sep 2023 10:09:13 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.jxpxdier.com/skins/127431/images/ys3a.png

www.ruimangedu.com/skins/127431/images/ys2a.png

104.165.7.84

302 Moved Temporarily

0 B

URL GET HTTP/1.1
www.ruimangedu.com/skins/127431/images/ys2a.png
IP
104.165.7.84:80
ASN
#18779 EGIHOSTING

Requested by
http://www.ruimangedu.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /skins/127431/images/ys2a.png HTTP/1.1
Host: www.ruimangedu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 28 Sep 2023 10:09:13 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.jxpxdier.com/skins/127431/images/ys2a.png

www.ruimangedu.com/skins/127431/images/ys1a.png

104.165.7.84

302 Moved Temporarily

0 B

URL GET HTTP/1.1
www.ruimangedu.com/skins/127431/images/ys1a.png
IP
104.165.7.84:80
ASN
#18779 EGIHOSTING

Requested by
http://www.ruimangedu.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /skins/127431/images/ys1a.png HTTP/1.1
Host: www.ruimangedu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 28 Sep 2023 10:09:13 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.jxpxdier.com/skins/127431/images/ys1a.png

www.ruimangedu.com/skins/127431/images/ys5a.png

104.165.7.84

302 Moved Temporarily

0 B

URL GET HTTP/1.1
www.ruimangedu.com/skins/127431/images/ys5a.png
IP
104.165.7.84:80
ASN
#18779 EGIHOSTING

Requested by
http://www.ruimangedu.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /skins/127431/images/ys5a.png HTTP/1.1
Host: www.ruimangedu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 28 Sep 2023 10:09:14 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.jxpxdier.com/skins/127431/images/ys5a.png

www.ruimangedu.com/skins/127431/images/ys5.png

104.165.7.84

302 Moved Temporarily

0 B

URL GET HTTP/1.1
www.ruimangedu.com/skins/127431/images/ys5.png
IP
104.165.7.84:80
ASN
#18779 EGIHOSTING

Requested by
http://www.ruimangedu.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /skins/127431/images/ys5.png HTTP/1.1
Host: www.ruimangedu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 28 Sep 2023 10:09:14 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.jxpxdier.com/skins/127431/images/ys5.png

www.ruimangedu.com/skins/127431/images/ys4a.png

104.165.7.84

302 Moved Temporarily

0 B

URL GET HTTP/1.1
www.ruimangedu.com/skins/127431/images/ys4a.png
IP
104.165.7.84:80
ASN
#18779 EGIHOSTING

Requested by
http://www.ruimangedu.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /skins/127431/images/ys4a.png HTTP/1.1
Host: www.ruimangedu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 28 Sep 2023 10:09:14 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.jxpxdier.com/skins/127431/images/ys4a.png

www.ruimangedu.com/skins/127431/images/ys3.png

104.165.7.84

302 Moved Temporarily

0 B

URL GET HTTP/1.1
www.ruimangedu.com/skins/127431/images/ys3.png
IP
104.165.7.84:80
ASN
#18779 EGIHOSTING

Requested by
http://www.ruimangedu.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /skins/127431/images/ys3.png HTTP/1.1
Host: www.ruimangedu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 28 Sep 2023 10:09:14 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.jxpxdier.com/skins/127431/images/ys3.png

www.ruimangedu.com/skins/127431/images/code.jpg

104.165.7.84

302 Moved Temporarily

0 B

URL GET HTTP/1.1
www.ruimangedu.com/skins/127431/images/code.jpg
IP
104.165.7.84:80
ASN
#18779 EGIHOSTING

Requested by
http://www.ruimangedu.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /skins/127431/images/code.jpg HTTP/1.1
Host: www.ruimangedu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 28 Sep 2023 10:09:14 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.jxpxdier.com/skins/127431/images/code.jpg

www.ruimangedu.com/skins/127431/images/logo.jpg

104.165.7.84

302 Moved Temporarily

0 B

URL GET HTTP/1.1
www.ruimangedu.com/skins/127431/images/logo.jpg
IP
104.165.7.84:80
ASN
#18779 EGIHOSTING

Requested by
http://www.ruimangedu.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /skins/127431/images/logo.jpg HTTP/1.1
Host: www.ruimangedu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 28 Sep 2023 10:09:14 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.jxpxdier.com/skins/127431/images/logo.jpg

img59.chem17.com/2/20170626/636340957666015960486_250_220_5.jpg

42.81.98.35

200 OK

168 B

URL GET HTTP/2
img59.chem17.com/2/20170626/636340957666015960486_250_220_5.jpg
IP
42.81.98.35:443
ASN
#58542 Tianjij,300000

Requested by
http://www.ruimangedu.com/
Certificate
IssuerDigiCert, Inc.
Subject*.chem17.com
Fingerprint4C:18:7F:36:10:A0:9B:2F:F1:11:80:91:98:57:0A:F2:6A:12:36:69
ValidityFri, 06 Jan 2023 00:00:00 GMT - Sat, 06 Jan 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
168 B (168 bytes)
Hash
c7a87d5da7d4f925cc6f61812e857615
9ea59481e6c132bee12be856488ef0680084325b
cf20e6eca01395eed2e1ee6558cd670d2fe72d51b37126a13aad484ad095885b

HTTP Headers

GET /2/20170626/636340957666015960486_250_220_5.jpg HTTP/1.1
Host: img59.chem17.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: JSP3/2.0.14
Date: Thu, 28 Sep 2023 10:09:14 GMT
Content-Type: text/html
Content-Length: 168
Connection: keep-alive
Location: https://img59.chem17.com/2/20170626/636340957666015960486_250_220_5.jpg
X-Cache-Status: MISS

img80.chem17.com/2/20210205/637481218927186053638_250_220_5.jpg

183.131.185.35

301 Moved Permanently

168 B

URL GET HTTP/1.1
img80.chem17.com/2/20210205/637481218927186053638_250_220_5.jpg
IP
183.131.185.35:80
ASN
#58461 CT-HangZhou-IDC

Requested by
http://www.ruimangedu.com/

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
168 B (168 bytes)
Hash
c7a87d5da7d4f925cc6f61812e857615
9ea59481e6c132bee12be856488ef0680084325b
cf20e6eca01395eed2e1ee6558cd670d2fe72d51b37126a13aad484ad095885b

HTTP Headers

GET /2/20210205/637481218927186053638_250_220_5.jpg HTTP/1.1
Host: img80.chem17.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: JSP3/2.0.14
Date: Thu, 28 Sep 2023 10:09:14 GMT
Content-Type: text/html
Content-Length: 168
Connection: keep-alive
Location: https://img80.chem17.com/2/20210205/637481218927186053638_250_220_5.jpg
X-Cache-Status: MISS

img70.chem17.com/2/20230412/638169109936717864958_250_220_5.jpg

183.131.185.35

200 OK

168 B

URL GET HTTP/2
img70.chem17.com/2/20230412/638169109936717864958_250_220_5.jpg
IP
183.131.185.35:443
ASN
#58461 CT-HangZhou-IDC

Requested by
http://www.ruimangedu.com/
Certificate
IssuerDigiCert, Inc.
Subject*.chem17.com
Fingerprint4C:18:7F:36:10:A0:9B:2F:F1:11:80:91:98:57:0A:F2:6A:12:36:69
ValidityFri, 06 Jan 2023 00:00:00 GMT - Sat, 06 Jan 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
168 B (168 bytes)
Hash
c7a87d5da7d4f925cc6f61812e857615
9ea59481e6c132bee12be856488ef0680084325b
cf20e6eca01395eed2e1ee6558cd670d2fe72d51b37126a13aad484ad095885b

HTTP Headers

GET /2/20230412/638169109936717864958_250_220_5.jpg HTTP/1.1
Host: img70.chem17.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: JSP3/2.0.14
Date: Thu, 28 Sep 2023 10:09:14 GMT
Content-Type: text/html
Content-Length: 168
Connection: keep-alive
Location: https://img70.chem17.com/2/20230412/638169109936717864958_250_220_5.jpg
X-Cache-Status: MISS

img79.chem17.com/2/20210722/637625688636903324471_250_220_5.jpg

183.131.185.35

200 OK

168 B

URL GET HTTP/2
img79.chem17.com/2/20210722/637625688636903324471_250_220_5.jpg
IP
183.131.185.35:443
ASN
#58461 CT-HangZhou-IDC

Requested by
http://www.ruimangedu.com/
Certificate
IssuerDigiCert, Inc.
Subject*.chem17.com
Fingerprint4C:18:7F:36:10:A0:9B:2F:F1:11:80:91:98:57:0A:F2:6A:12:36:69
ValidityFri, 06 Jan 2023 00:00:00 GMT - Sat, 06 Jan 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
168 B (168 bytes)
Hash
c7a87d5da7d4f925cc6f61812e857615
9ea59481e6c132bee12be856488ef0680084325b
cf20e6eca01395eed2e1ee6558cd670d2fe72d51b37126a13aad484ad095885b

HTTP Headers

GET /2/20210722/637625688636903324471_250_220_5.jpg HTTP/1.1
Host: img79.chem17.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: JSP3/2.0.14
Date: Thu, 28 Sep 2023 10:09:14 GMT
Content-Type: text/html
Content-Length: 168
Connection: keep-alive
Location: https://img79.chem17.com/2/20210722/637625688636903324471_250_220_5.jpg
X-Cache-Status: MISS

www.ruimangedu.com/skins/127431/images/about_img.png

104.165.7.84

302 Moved Temporarily

0 B

URL GET HTTP/1.1
www.ruimangedu.com/skins/127431/images/about_img.png
IP
104.165.7.84:80
ASN
#18779 EGIHOSTING

Requested by
http://www.ruimangedu.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /skins/127431/images/about_img.png HTTP/1.1
Host: www.ruimangedu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 28 Sep 2023 10:09:14 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.jxpxdier.com/skins/127431/images/about_img.png

img54.chem17.com/2/20160817/636070272272697595768_250_220_5.jpg

180.97.198.35

200 OK

168 B

URL GET HTTP/2
img54.chem17.com/2/20160817/636070272272697595768_250_220_5.jpg
IP
180.97.198.35:443
ASN
#140292 CHINATELECOM Jiangsu province Suzhou 5G network

Requested by
http://www.ruimangedu.com/
Certificate
IssuerDigiCert, Inc.
Subject*.chem17.com
Fingerprint4C:18:7F:36:10:A0:9B:2F:F1:11:80:91:98:57:0A:F2:6A:12:36:69
ValidityFri, 06 Jan 2023 00:00:00 GMT - Sat, 06 Jan 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
168 B (168 bytes)
Hash
c7a87d5da7d4f925cc6f61812e857615
9ea59481e6c132bee12be856488ef0680084325b
cf20e6eca01395eed2e1ee6558cd670d2fe72d51b37126a13aad484ad095885b

HTTP Headers

GET /2/20160817/636070272272697595768_250_220_5.jpg HTTP/1.1
Host: img54.chem17.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: JSP3/2.0.14
Date: Thu, 28 Sep 2023 10:09:14 GMT
Content-Type: text/html
Content-Length: 168
Connection: keep-alive
Location: https://img54.chem17.com/2/20160817/636070272272697595768_250_220_5.jpg
X-Cache-Status: MISS

img67.chem17.com/2/20170710/636352994882476435562_250_220_5.jpg

42.101.4.35

301 Moved Permanently

168 B

URL GET HTTP/1.1
img67.chem17.com/2/20170710/636352994882476435562_250_220_5.jpg
IP
42.101.4.35:80
ASN
#137698 HaerbingHeilongjiang Province, P.R.China.

Requested by
http://www.ruimangedu.com/

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
168 B (168 bytes)
Hash
c7a87d5da7d4f925cc6f61812e857615
9ea59481e6c132bee12be856488ef0680084325b
cf20e6eca01395eed2e1ee6558cd670d2fe72d51b37126a13aad484ad095885b

HTTP Headers

GET /2/20170710/636352994882476435562_250_220_5.jpg HTTP/1.1
Host: img67.chem17.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: JSP3/2.0.14
Date: Thu, 28 Sep 2023 10:09:14 GMT
Content-Type: text/html
Content-Length: 168
Connection: keep-alive
Location: https://img67.chem17.com/2/20170710/636352994882476435562_250_220_5.jpg
X-Cache-Status: MISS

img70.chem17.com/9/20230412/638169111025933583926_250_220_5.jpg

183.131.185.35

200 OK

168 B

URL GET HTTP/2
img70.chem17.com/9/20230412/638169111025933583926_250_220_5.jpg
IP
183.131.185.35:443
ASN
#58461 CT-HangZhou-IDC

Requested by
http://www.ruimangedu.com/
Certificate
IssuerDigiCert, Inc.
Subject*.chem17.com
Fingerprint4C:18:7F:36:10:A0:9B:2F:F1:11:80:91:98:57:0A:F2:6A:12:36:69
ValidityFri, 06 Jan 2023 00:00:00 GMT - Sat, 06 Jan 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
168 B (168 bytes)
Hash
c7a87d5da7d4f925cc6f61812e857615
9ea59481e6c132bee12be856488ef0680084325b
cf20e6eca01395eed2e1ee6558cd670d2fe72d51b37126a13aad484ad095885b

HTTP Headers

GET /9/20230412/638169111025933583926_250_220_5.jpg HTTP/1.1
Host: img70.chem17.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: JSP3/2.0.14
Date: Thu, 28 Sep 2023 10:09:14 GMT
Content-Type: text/html
Content-Length: 168
Connection: keep-alive
Location: https://img70.chem17.com/9/20230412/638169111025933583926_250_220_5.jpg
X-Cache-Status: MISS

img70.chem17.com/9/20230412/638169109713989309397_250_220_5.jpg

183.131.185.35

301 Moved Permanently

168 B

URL GET HTTP/1.1
img70.chem17.com/9/20230412/638169109713989309397_250_220_5.jpg
IP
183.131.185.35:80
ASN
#58461 CT-HangZhou-IDC

Requested by
http://www.ruimangedu.com/

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
168 B (168 bytes)
Hash
c7a87d5da7d4f925cc6f61812e857615
9ea59481e6c132bee12be856488ef0680084325b
cf20e6eca01395eed2e1ee6558cd670d2fe72d51b37126a13aad484ad095885b

HTTP Headers

GET /9/20230412/638169109713989309397_250_220_5.jpg HTTP/1.1
Host: img70.chem17.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: JSP3/2.0.14
Date: Thu, 28 Sep 2023 10:09:14 GMT
Content-Type: text/html
Content-Length: 168
Connection: keep-alive
Location: https://img70.chem17.com/9/20230412/638169109713989309397_250_220_5.jpg
X-Cache-Status: MISS

www.ruimangedu.com/skins/127431/images/ys2.png

104.165.7.84

302 Moved Temporarily

0 B

URL GET HTTP/1.1
www.ruimangedu.com/skins/127431/images/ys2.png
IP
104.165.7.84:80
ASN
#18779 EGIHOSTING

Requested by
http://www.ruimangedu.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /skins/127431/images/ys2.png HTTP/1.1
Host: www.ruimangedu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 28 Sep 2023 10:09:14 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.jxpxdier.com/skins/127431/images/ys2.png

img62.chem17.com/2/20230412/638169112071860293488_250_220_5.jpg

220.169.152.35

200 OK

168 B

URL GET HTTP/2
img62.chem17.com/2/20230412/638169112071860293488_250_220_5.jpg
IP
220.169.152.35:443
ASN
#4134 Chinanet

Requested by
http://www.ruimangedu.com/
Certificate
IssuerDigiCert, Inc.
Subject*.chem17.com
Fingerprint4C:18:7F:36:10:A0:9B:2F:F1:11:80:91:98:57:0A:F2:6A:12:36:69
ValidityFri, 06 Jan 2023 00:00:00 GMT - Sat, 06 Jan 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
168 B (168 bytes)
Hash
c7a87d5da7d4f925cc6f61812e857615
9ea59481e6c132bee12be856488ef0680084325b
cf20e6eca01395eed2e1ee6558cd670d2fe72d51b37126a13aad484ad095885b

HTTP Headers

GET /2/20230412/638169112071860293488_250_220_5.jpg HTTP/1.1
Host: img62.chem17.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: JSP3/2.0.14
Date: Thu, 28 Sep 2023 10:09:14 GMT
Content-Type: text/html
Content-Length: 168
Connection: keep-alive
Location: https://img62.chem17.com/2/20230412/638169112071860293488_250_220_5.jpg
X-Cache-Status: MISS

img62.chem17.com/2/20230412/638169110180420556401_250_220_5.jpg

220.169.152.35

200 OK

168 B

URL GET HTTP/2
img62.chem17.com/2/20230412/638169110180420556401_250_220_5.jpg
IP
220.169.152.35:443
ASN
#4134 Chinanet

Requested by
http://www.ruimangedu.com/
Certificate
IssuerDigiCert, Inc.
Subject*.chem17.com
Fingerprint4C:18:7F:36:10:A0:9B:2F:F1:11:80:91:98:57:0A:F2:6A:12:36:69
ValidityFri, 06 Jan 2023 00:00:00 GMT - Sat, 06 Jan 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
168 B (168 bytes)
Hash
c7a87d5da7d4f925cc6f61812e857615
9ea59481e6c132bee12be856488ef0680084325b
cf20e6eca01395eed2e1ee6558cd670d2fe72d51b37126a13aad484ad095885b

HTTP Headers

GET /2/20230412/638169110180420556401_250_220_5.jpg HTTP/1.1
Host: img62.chem17.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: JSP3/2.0.14
Date: Thu, 28 Sep 2023 10:09:14 GMT
Content-Type: text/html
Content-Length: 168
Connection: keep-alive
Location: https://img62.chem17.com/2/20230412/638169110180420556401_250_220_5.jpg
X-Cache-Status: MISS

img74.chem17.com/2/20200716/637305140766168092598_250_220_5.jpg

1.193.146.35

200 OK

168 B

URL GET HTTP/2
img74.chem17.com/2/20200716/637305140766168092598_250_220_5.jpg
IP
1.193.146.35:443
ASN
#139018 Henan Luoyang IDC

Requested by
http://www.ruimangedu.com/
Certificate
IssuerDigiCert, Inc.
Subject*.chem17.com
Fingerprint4C:18:7F:36:10:A0:9B:2F:F1:11:80:91:98:57:0A:F2:6A:12:36:69
ValidityFri, 06 Jan 2023 00:00:00 GMT - Sat, 06 Jan 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
168 B (168 bytes)
Hash
c7a87d5da7d4f925cc6f61812e857615
9ea59481e6c132bee12be856488ef0680084325b
cf20e6eca01395eed2e1ee6558cd670d2fe72d51b37126a13aad484ad095885b

HTTP Headers

GET /2/20200716/637305140766168092598_250_220_5.jpg HTTP/1.1
Host: img74.chem17.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: JSP3/2.0.14
Date: Thu, 28 Sep 2023 10:09:14 GMT
Content-Type: text/html
Content-Length: 168
Connection: keep-alive
Location: https://img74.chem17.com/2/20200716/637305140766168092598_250_220_5.jpg
X-Cache-Status: MISS

img52.chem17.com/2/20160611/636012555152987652605_250_220_5.jpg

1.193.146.35

301 Moved Permanently

168 B

URL GET HTTP/1.1
img52.chem17.com/2/20160611/636012555152987652605_250_220_5.jpg
IP
1.193.146.35:80
ASN
#139018 Henan Luoyang IDC

Requested by
http://www.ruimangedu.com/

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
168 B (168 bytes)
Hash
c7a87d5da7d4f925cc6f61812e857615
9ea59481e6c132bee12be856488ef0680084325b
cf20e6eca01395eed2e1ee6558cd670d2fe72d51b37126a13aad484ad095885b

HTTP Headers

GET /2/20160611/636012555152987652605_250_220_5.jpg HTTP/1.1
Host: img52.chem17.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: JSP3/2.0.14
Date: Thu, 28 Sep 2023 10:09:14 GMT
Content-Type: text/html
Content-Length: 168
Connection: keep-alive
Location: https://img52.chem17.com/2/20160611/636012555152987652605_250_220_5.jpg
X-Cache-Status: MISS

img57.chem17.com/2/20141103/635506211183714169446_250_220_5.jpg

42.101.4.35

301 Moved Permanently

168 B

URL GET HTTP/1.1
img57.chem17.com/2/20141103/635506211183714169446_250_220_5.jpg
IP
42.101.4.35:80
ASN
#137698 HaerbingHeilongjiang Province, P.R.China.

Requested by
http://www.ruimangedu.com/

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
168 B (168 bytes)
Hash
c7a87d5da7d4f925cc6f61812e857615
9ea59481e6c132bee12be856488ef0680084325b
cf20e6eca01395eed2e1ee6558cd670d2fe72d51b37126a13aad484ad095885b

HTTP Headers

GET /2/20141103/635506211183714169446_250_220_5.jpg HTTP/1.1
Host: img57.chem17.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: JSP3/2.0.14
Date: Thu, 28 Sep 2023 10:09:14 GMT
Content-Type: text/html
Content-Length: 168
Connection: keep-alive
Location: https://img57.chem17.com/2/20141103/635506211183714169446_250_220_5.jpg
X-Cache-Status: MISS

img63.chem17.com/9/20230412/638169108109900691698_250_220_5.jpg

36.99.3.35

301 Moved Permanently

168 B

URL GET HTTP/1.1
img63.chem17.com/9/20230412/638169108109900691698_250_220_5.jpg
IP
36.99.3.35:80
ASN
#139018 Henan Luoyang IDC

Requested by
http://www.ruimangedu.com/

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
168 B (168 bytes)
Hash
c7a87d5da7d4f925cc6f61812e857615
9ea59481e6c132bee12be856488ef0680084325b
cf20e6eca01395eed2e1ee6558cd670d2fe72d51b37126a13aad484ad095885b

HTTP Headers

GET /9/20230412/638169108109900691698_250_220_5.jpg HTTP/1.1
Host: img63.chem17.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: JSP3/2.0.14
Date: Thu, 28 Sep 2023 10:09:14 GMT
Content-Type: text/html
Content-Length: 168
Connection: keep-alive
Location: https://img63.chem17.com/9/20230412/638169108109900691698_250_220_5.jpg
X-Cache-Status: MISS

img62.chem17.com/2/20230412/638169108930163228761_250_220_5.jpg

220.169.152.35

301 Moved Permanently

168 B

URL GET HTTP/1.1
img62.chem17.com/2/20230412/638169108930163228761_250_220_5.jpg
IP
220.169.152.35:80
ASN
#4134 Chinanet

Requested by
http://www.ruimangedu.com/

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
168 B (168 bytes)
Hash
c7a87d5da7d4f925cc6f61812e857615
9ea59481e6c132bee12be856488ef0680084325b
cf20e6eca01395eed2e1ee6558cd670d2fe72d51b37126a13aad484ad095885b

HTTP Headers

GET /2/20230412/638169108930163228761_250_220_5.jpg HTTP/1.1
Host: img62.chem17.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: JSP3/2.0.14
Date: Thu, 28 Sep 2023 10:09:14 GMT
Content-Type: text/html
Content-Length: 168
Connection: keep-alive
Location: https://img62.chem17.com/2/20230412/638169108930163228761_250_220_5.jpg
X-Cache-Status: MISS

img65.chem17.com/2/20200321/637203878596350811399_250_220_5.jpg

42.101.56.35

200 OK

168 B

URL GET HTTP/2
img65.chem17.com/2/20200321/637203878596350811399_250_220_5.jpg
IP
42.101.56.35:443
ASN
#137698 HaerbingHeilongjiang Province, P.R.China.

Requested by
http://www.ruimangedu.com/
Certificate
IssuerDigiCert, Inc.
Subject*.chem17.com
Fingerprint4C:18:7F:36:10:A0:9B:2F:F1:11:80:91:98:57:0A:F2:6A:12:36:69
ValidityFri, 06 Jan 2023 00:00:00 GMT - Sat, 06 Jan 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
168 B (168 bytes)
Hash
c7a87d5da7d4f925cc6f61812e857615
9ea59481e6c132bee12be856488ef0680084325b
cf20e6eca01395eed2e1ee6558cd670d2fe72d51b37126a13aad484ad095885b

HTTP Headers

GET /2/20200321/637203878596350811399_250_220_5.jpg HTTP/1.1
Host: img65.chem17.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: JSP3/2.0.14
Date: Thu, 28 Sep 2023 10:09:14 GMT
Content-Type: text/html
Content-Length: 168
Connection: keep-alive
Location: https://img65.chem17.com/2/20200321/637203878596350811399_250_220_5.jpg
X-Cache-Status: MISS

img70.chem17.com/9/20230412/638169108591420120498_250_220_5.jpg

183.131.185.35

200 OK

168 B

URL GET HTTP/2
img70.chem17.com/9/20230412/638169108591420120498_250_220_5.jpg
IP
183.131.185.35:443
ASN
#58461 CT-HangZhou-IDC

Requested by
http://www.ruimangedu.com/
Certificate
IssuerDigiCert, Inc.
Subject*.chem17.com
Fingerprint4C:18:7F:36:10:A0:9B:2F:F1:11:80:91:98:57:0A:F2:6A:12:36:69
ValidityFri, 06 Jan 2023 00:00:00 GMT - Sat, 06 Jan 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
168 B (168 bytes)
Hash
c7a87d5da7d4f925cc6f61812e857615
9ea59481e6c132bee12be856488ef0680084325b
cf20e6eca01395eed2e1ee6558cd670d2fe72d51b37126a13aad484ad095885b

HTTP Headers

GET /9/20230412/638169108591420120498_250_220_5.jpg HTTP/1.1
Host: img70.chem17.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: JSP3/2.0.14
Date: Thu, 28 Sep 2023 10:09:14 GMT
Content-Type: text/html
Content-Length: 168
Connection: keep-alive
Location: https://img70.chem17.com/9/20230412/638169108591420120498_250_220_5.jpg
X-Cache-Status: MISS

img65.chem17.com/9/20230412/638169112757153177963_250_220_5.jpg

42.101.56.35

301 Moved Permanently

168 B

URL GET HTTP/1.1
img65.chem17.com/9/20230412/638169112757153177963_250_220_5.jpg
IP
42.101.56.35:80
ASN
#137698 HaerbingHeilongjiang Province, P.R.China.

Requested by
http://www.ruimangedu.com/

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
168 B (168 bytes)
Hash
c7a87d5da7d4f925cc6f61812e857615
9ea59481e6c132bee12be856488ef0680084325b
cf20e6eca01395eed2e1ee6558cd670d2fe72d51b37126a13aad484ad095885b

HTTP Headers

GET /9/20230412/638169112757153177963_250_220_5.jpg HTTP/1.1
Host: img65.chem17.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: JSP3/2.0.14
Date: Thu, 28 Sep 2023 10:09:14 GMT
Content-Type: text/html
Content-Length: 168
Connection: keep-alive
Location: https://img65.chem17.com/9/20230412/638169112757153177963_250_220_5.jpg
X-Cache-Status: MISS

img68.chem17.com/2/20230412/638169109232619727940_250_220_5.jpg

220.169.152.35

200 OK

168 B

URL GET HTTP/2
img68.chem17.com/2/20230412/638169109232619727940_250_220_5.jpg
IP
220.169.152.35:443
ASN
#4134 Chinanet

Requested by
http://www.ruimangedu.com/
Certificate
IssuerDigiCert, Inc.
Subject*.chem17.com
Fingerprint4C:18:7F:36:10:A0:9B:2F:F1:11:80:91:98:57:0A:F2:6A:12:36:69
ValidityFri, 06 Jan 2023 00:00:00 GMT - Sat, 06 Jan 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
168 B (168 bytes)
Hash
c7a87d5da7d4f925cc6f61812e857615
9ea59481e6c132bee12be856488ef0680084325b
cf20e6eca01395eed2e1ee6558cd670d2fe72d51b37126a13aad484ad095885b

HTTP Headers

GET /2/20230412/638169109232619727940_250_220_5.jpg HTTP/1.1
Host: img68.chem17.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: JSP3/2.0.14
Date: Thu, 28 Sep 2023 10:09:14 GMT
Content-Type: text/html
Content-Length: 168
Connection: keep-alive
Location: https://img68.chem17.com/2/20230412/638169109232619727940_250_220_5.jpg
X-Cache-Status: MISS

img60.chem17.com/2/20170531/636318179193499688603_250_220_5.jpg

180.97.198.35

200 OK

168 B

URL GET HTTP/2
img60.chem17.com/2/20170531/636318179193499688603_250_220_5.jpg
IP
180.97.198.35:443
ASN
#140292 CHINATELECOM Jiangsu province Suzhou 5G network

Requested by
http://www.ruimangedu.com/
Certificate
IssuerDigiCert, Inc.
Subject*.chem17.com
Fingerprint4C:18:7F:36:10:A0:9B:2F:F1:11:80:91:98:57:0A:F2:6A:12:36:69
ValidityFri, 06 Jan 2023 00:00:00 GMT - Sat, 06 Jan 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
168 B (168 bytes)
Hash
c7a87d5da7d4f925cc6f61812e857615
9ea59481e6c132bee12be856488ef0680084325b
cf20e6eca01395eed2e1ee6558cd670d2fe72d51b37126a13aad484ad095885b

HTTP Headers

GET /2/20170531/636318179193499688603_250_220_5.jpg HTTP/1.1
Host: img60.chem17.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: JSP3/2.0.14
Date: Thu, 28 Sep 2023 10:09:14 GMT
Content-Type: text/html
Content-Length: 168
Connection: keep-alive
Location: https://img60.chem17.com/2/20170531/636318179193499688603_250_220_5.jpg
X-Cache-Status: MISS

fcl.xueyuxingfeng.com:6987/boss/alan/sj.js

85.208.116.100

200 OK

2.3 kB

URL GET HTTP/1.1
fcl.xueyuxingfeng.com:6987/boss/alan/sj.js
IP
85.208.116.100:6987
ASN
#18978 ENZUINC

Requested by
http://www.ruimangedu.com/
Certificate
IssuerLet's Encrypt
Subjectfcl.xueyuxingfeng.com
Fingerprint21:B7:58:81:9B:C4:96:D7:AB:3D:7E:8E:94:D0:5E:67:CD:05:F6:65
ValidityMon, 11 Sep 2023 01:26:19 GMT - Sun, 10 Dec 2023 01:26:18 GMT

File type
ASCII text, with very long lines (6598), with CRLF line terminators
Size
2.3 kB (2325 bytes)
Hash
1675654b7f6d1f9e939d7701a7c9dd15
227ad656735426fda2abb9ef423685b9af2d68e0
5f433c8b22617150fe85dc2c9ffdb487a0ed9de226533ce8cacc6d03d804eee7

HTTP Headers

GET /boss/alan/sj.js HTTP/1.1
Host: fcl.xueyuxingfeng.com:6987
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 28 Sep 2023 10:09:14 GMT
Content-Type: application/javascript
Last-Modified: Wed, 23 Aug 2023 09:27:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"64e5d11f-1aca"
Expires: Thu, 28 Sep 2023 11:09:14 GMT
Cache-Control: max-age=3600
Content-Encoding: gzip

img70.chem17.com/2/20230412/638169109936717864958_250_220_5.jpg

183.131.185.35

200 OK

13 kB

URL GET HTTP/2
img70.chem17.com/2/20230412/638169109936717864958_250_220_5.jpg
IP
183.131.185.35:443
ASN
#58461 CT-HangZhou-IDC

Requested by
http://www.ruimangedu.com/
Certificate
IssuerDigiCert, Inc.
Subject*.chem17.com
Fingerprint4C:18:7F:36:10:A0:9B:2F:F1:11:80:91:98:57:0A:F2:6A:12:36:69
ValidityFri, 06 Jan 2023 00:00:00 GMT - Sat, 06 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 250x187, components 3\012- data
Size
13 kB (12723 bytes)
Hash
cdf11bea169bb1b5b1782cfbaa9bbaef
6bdfe87f39bd021a813fef10da0c2d6eb08d4eb6
b34485fa172634fdb09425f09eb6c623571337979bf3c26535a79437cdf56168

HTTP Headers

GET /2/20230412/638169109936717864958_250_220_5.jpg HTTP/1.1
Host: img70.chem17.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.ruimangedu.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: JSP3/2.0.14
date: Thu, 28 Sep 2023 10:09:15 GMT
content-type: image/jpeg
content-length: 12723
expires: Fri, 13 Sep 2024 11:24:02 GMT
last-modified: Thu, 14 Sep 2023 11:24:02 GMT
cache-control: public
age: 96944
accept-ranges: bytes
content-disposition: inline;filename=638169109936717864958.jpg
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET-img70
access-control-allow-origin: *
ohc-global-saved-time: Thu, 14 Sep 2023 11:24:02 GMT
ohc-cache-hit: huzct55 [4], cdix141 [4]
ohc-file-size: 12723
x-cache-status: HIT
X-Firefox-Spdy: h2

www.ruimangedu.com/skins/127431/images/ss_btn.png

104.165.7.84

302 Moved Temporarily

0 B

URL GET HTTP/1.1
www.ruimangedu.com/skins/127431/images/ss_btn.png
IP
104.165.7.84:80
ASN
#18779 EGIHOSTING

Requested by
http://www.ruimangedu.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /skins/127431/images/ss_btn.png HTTP/1.1
Host: www.ruimangedu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/skins/127431/css/style.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 28 Sep 2023 10:09:15 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.jxpxdier.com/skins/127431/images/ss_btn.png

www.ruimangedu.com/skins/127431/images/ss_bg.png

104.165.7.84

302 Moved Temporarily

0 B

URL GET HTTP/1.1
www.ruimangedu.com/skins/127431/images/ss_bg.png
IP
104.165.7.84:80
ASN
#18779 EGIHOSTING

Requested by
http://www.ruimangedu.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /skins/127431/images/ss_bg.png HTTP/1.1
Host: www.ruimangedu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/skins/127431/css/style.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 28 Sep 2023 10:09:15 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.jxpxdier.com/skins/127431/images/ss_bg.png

img59.chem17.com/2/20170626/636340957666015960486_250_220_5.jpg

42.81.98.35

200 OK

11 kB

URL GET HTTP/2
img59.chem17.com/2/20170626/636340957666015960486_250_220_5.jpg
IP
42.81.98.35:443
ASN
#58542 Tianjij,300000

Requested by
http://www.ruimangedu.com/
Certificate
IssuerDigiCert, Inc.
Subject*.chem17.com
Fingerprint4C:18:7F:36:10:A0:9B:2F:F1:11:80:91:98:57:0A:F2:6A:12:36:69
ValidityFri, 06 Jan 2023 00:00:00 GMT - Sat, 06 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 165x220, components 3\012- data
Size
11 kB (10932 bytes)
Hash
5e19ac6387f1292915eea9de140ac2a6
147eeb6a09a1596b18bf0d4f182078ae68991ed7
36b469cf18b74ebbf44befceef62ee46b1ff995ec866710b49ae94660021b45d

HTTP Headers

GET /2/20170626/636340957666015960486_250_220_5.jpg HTTP/1.1
Host: img59.chem17.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.ruimangedu.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: JSP3/2.0.14
date: Thu, 28 Sep 2023 10:09:15 GMT
content-type: image/jpeg
content-length: 10932
expires: Fri, 13 Sep 2024 11:24:05 GMT
last-modified: Thu, 14 Sep 2023 11:24:05 GMT
cache-control: public
accept-ranges: bytes
content-disposition: inline;filename=636340957666015960486.jpg
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET-img59
access-control-allow-origin: *
ohc-global-saved-time: Thu, 14 Sep 2023 11:24:05 GMT
ohc-cache-hit: tj5ct66 [1], qdix74 [4]
ohc-file-size: 10932
x-cache-status: MISS
X-Firefox-Spdy: h2

www.ruimangedu.com/skins/127431/images/ss_j.png

104.165.7.84

302 Moved Temporarily

0 B

URL GET HTTP/1.1
www.ruimangedu.com/skins/127431/images/ss_j.png
IP
104.165.7.84:80
ASN
#18779 EGIHOSTING

Requested by
http://www.ruimangedu.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /skins/127431/images/ss_j.png HTTP/1.1
Host: www.ruimangedu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/skins/127431/css/style.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 28 Sep 2023 10:09:15 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.jxpxdier.com/skins/127431/images/ss_j.png

www.ruimangedu.com/skins/127431/images/top_tel.png

104.165.7.84

302 Moved Temporarily

0 B

URL GET HTTP/1.1
www.ruimangedu.com/skins/127431/images/top_tel.png
IP
104.165.7.84:80
ASN
#18779 EGIHOSTING

Requested by
http://www.ruimangedu.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /skins/127431/images/top_tel.png HTTP/1.1
Host: www.ruimangedu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/skins/127431/css/style.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 28 Sep 2023 10:09:15 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.jxpxdier.com/skins/127431/images/top_tel.png

img70.chem17.com/9/20230412/638169111025933583926_250_220_5.jpg

183.131.185.35

200 OK

6.5 kB

URL GET HTTP/2
img70.chem17.com/9/20230412/638169111025933583926_250_220_5.jpg
IP
183.131.185.35:443
ASN
#58461 CT-HangZhou-IDC

Requested by
http://www.ruimangedu.com/
Certificate
IssuerDigiCert, Inc.
Subject*.chem17.com
Fingerprint4C:18:7F:36:10:A0:9B:2F:F1:11:80:91:98:57:0A:F2:6A:12:36:69
ValidityFri, 06 Jan 2023 00:00:00 GMT - Sat, 06 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 250x250, components 3\012- data
Size
6.5 kB (6512 bytes)
Hash
910762c72ea814201f107a60ff83e745
a9f2c357e7955e5354daed9ba4b152497bbcb090
ef54bcc37deb2c73ef9b2204bb54c1552affd4456ba2594a62f632eed0ca3b52

HTTP Headers

GET /9/20230412/638169111025933583926_250_220_5.jpg HTTP/1.1
Host: img70.chem17.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.ruimangedu.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: JSP3/2.0.14
date: Thu, 28 Sep 2023 10:09:15 GMT
content-type: image/jpeg
content-length: 6512
expires: Fri, 13 Sep 2024 11:24:04 GMT
last-modified: Thu, 14 Sep 2023 11:24:04 GMT
cache-control: public
age: 96943
accept-ranges: bytes
content-disposition: inline;filename=638169111025933583926.jpg
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET-img70
access-control-allow-origin: *
ohc-global-saved-time: Thu, 14 Sep 2023 11:24:04 GMT
ohc-cache-hit: huzct59 [4], qdix59 [4]
ohc-file-size: 6512
x-cache-status: HIT
X-Firefox-Spdy: h2

img67.chem17.com/2/20170710/636352994882476435562_250_220_5.jpg

42.101.4.35

301 Moved Permanently

9.9 kB

URL GET HTTP/1.1
img67.chem17.com/2/20170710/636352994882476435562_250_220_5.jpg
IP
42.101.4.35:80
ASN
#137698 HaerbingHeilongjiang Province, P.R.China.

Requested by
http://www.ruimangedu.com/

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 250x187, components 3\012- data
Size
9.9 kB (9853 bytes)
Hash
de43cb086fdb76be9c1368d0b9a6ac5a
2fb0117c6ec5e601abd63e54f8396f58a2aa5f5d
ad625fafc60003426bcb82cf9ef0d2a59cbddc215f1447a4aed77a04b1f45676

HTTP Headers

GET /2/20170710/636352994882476435562_250_220_5.jpg HTTP/1.1
Host: img67.chem17.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.ruimangedu.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: JSP3/2.0.14
date: Thu, 28 Sep 2023 10:09:15 GMT
content-type: image/jpeg
content-length: 9853
expires: Fri, 13 Sep 2024 11:24:05 GMT
last-modified: Thu, 14 Sep 2023 11:24:05 GMT
cache-control: public
accept-ranges: bytes
content-disposition: inline;filename=636352994882476435562.jpg
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET-img67
access-control-allow-origin: *
ohc-global-saved-time: Thu, 14 Sep 2023 11:24:05 GMT
ohc-cache-hit: hrb5ct52 [1], suzix248 [2]
ohc-file-size: 9853
x-cache-status: MISS
X-Firefox-Spdy: h2

img54.chem17.com/2/20160817/636070272272697595768_250_220_5.jpg

180.97.198.35

200 OK

9.7 kB

URL GET HTTP/2
img54.chem17.com/2/20160817/636070272272697595768_250_220_5.jpg
IP
180.97.198.35:443
ASN
#140292 CHINATELECOM Jiangsu province Suzhou 5G network

Requested by
http://www.ruimangedu.com/
Certificate
IssuerDigiCert, Inc.
Subject*.chem17.com
Fingerprint4C:18:7F:36:10:A0:9B:2F:F1:11:80:91:98:57:0A:F2:6A:12:36:69
ValidityFri, 06 Jan 2023 00:00:00 GMT - Sat, 06 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 250x187, components 3\012- data
Size
9.7 kB (9731 bytes)
Hash
4384352ee7bef8130405531759748c06
f618127dfde6f0a604d8a293f362694aecfdf75b
f5df177d06ba7f5aa6cf9db1d694728b5636ac547c9261765f871874c1c3dde4

HTTP Headers

GET /2/20160817/636070272272697595768_250_220_5.jpg HTTP/1.1
Host: img54.chem17.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.ruimangedu.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: JSP3/2.0.14
date: Thu, 28 Sep 2023 10:09:15 GMT
content-type: image/jpeg
content-length: 9731
expires: Fri, 13 Sep 2024 11:24:05 GMT
last-modified: Thu, 14 Sep 2023 11:24:05 GMT
cache-control: public
accept-ranges: bytes
content-disposition: inline;filename=636070272272697595768.jpg
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET-img54
access-control-allow-origin: *
ohc-global-saved-time: Thu, 14 Sep 2023 11:24:05 GMT
ohc-cache-hit: suz4ct59 [1], bdix120 [2]
ohc-file-size: 9731
x-cache-status: MISS
X-Firefox-Spdy: h2

www.chem17.com/asyncstat.aspx?u=pxdier&referer=&title=0638%u592A%u9633%u96C6%u56E2%28%u5B98%u65B9%u8BA4%u8BC1%29-Apple%20App%20Store

58.218.215.150

200 OK

534 B

URL GET HTTP/2
www.chem17.com/asyncstat.aspx?u=pxdier&referer=&title=0638%u592A%u9633%u96C6%u56E2%28%u5B98%u65B9%u8BA4%u8BC1%29-Apple%20App%20Store
IP
58.218.215.150:443
ASN
#4134 Chinanet

Requested by
http://www.ruimangedu.com/
Certificate
IssuerDigiCert, Inc.
Subject*.chem17.com
Fingerprint4C:18:7F:36:10:A0:9B:2F:F1:11:80:91:98:57:0A:F2:6A:12:36:69
ValidityFri, 06 Jan 2023 00:00:00 GMT - Sat, 06 Jan 2024 23:59:59 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (516), with CRLF line terminators
Size
534 B (534 bytes)
Hash
b97d3379002905a414b7ea50c4684054
25c63561458b4a7e34480fda1c9e767b71f1d41f
2b14fff3a38fb32271253d6fb36cf1c0a88d7127f577c171e46347a0c586f9dc

HTTP Headers

GET /asyncstat.aspx?u=pxdier&referer=&title=0638%u592A%u9633%u96C6%u56E2%28%u5B98%u65B9%u8BA4%u8BC1%29-Apple%20App%20Store HTTP/1.1
Host: www.chem17.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: Tengine
content-type: text/html; charset=utf-8
content-length: 534
date: Thu, 28 Sep 2023 10:09:15 GMT
cache-control: no-cache
pragma: no-cache
expires: -1
x-aspnet-version: 4.0.30319
set-cookie: ASP.NET_SessionId=lu3xekldidxuieb2o0ggsf2k; path=/; HttpOnly
mtcached_mtsession_lu3xekldidxuieb2o0ggsf2k=10.115.3.111:9719; domain=.chem17.com; path=/; HttpOnly
x-powered-by: ASP.NET-4.161
ali-swift-global-savetime: 1695895755
via: cache25.l2cn3037[58,58,200-0,M], cache26.l2cn3037[60,0], kunlun5.cn192[68,68,200-0,M], kunlun1.cn192[71,0]
x-cache: MISS TCP_MISS dirn:-2:-2
x-swift-savetime: Thu, 28 Sep 2023 10:09:15 GMT
x-swift-cachetime: 0
timing-allow-origin: *
eagleid: 3adad01516958957550685845e
X-Firefox-Spdy: h2

www.ruimangedu.com/skins/127431/images/banner2.jpg

104.165.7.84

302 Moved Temporarily

0 B

URL GET HTTP/1.1
www.ruimangedu.com/skins/127431/images/banner2.jpg
IP
104.165.7.84:80
ASN
#18779 EGIHOSTING

Requested by
http://www.ruimangedu.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /skins/127431/images/banner2.jpg HTTP/1.1
Host: www.ruimangedu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 28 Sep 2023 10:09:15 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.jxpxdier.com/skins/127431/images/banner2.jpg

www.ruimangedu.com/skins/127431/images/banner1.jpg

104.165.7.84

302 Moved Temporarily

0 B

URL GET HTTP/1.1
www.ruimangedu.com/skins/127431/images/banner1.jpg
IP
104.165.7.84:80
ASN
#18779 EGIHOSTING

Requested by
http://www.ruimangedu.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /skins/127431/images/banner1.jpg HTTP/1.1
Host: www.ruimangedu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 28 Sep 2023 10:09:15 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.jxpxdier.com/skins/127431/images/banner1.jpg

img80.chem17.com/2/20210205/637481218927186053638_250_220_5.jpg

183.131.185.35

301 Moved Permanently

15 kB

URL GET HTTP/1.1
img80.chem17.com/2/20210205/637481218927186053638_250_220_5.jpg
IP
183.131.185.35:80
ASN
#58461 CT-HangZhou-IDC

Requested by
http://www.ruimangedu.com/

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 250x250, components 3\012- data
Size
15 kB (15428 bytes)
Hash
645361d340adb57b7a18b193764a35db
add043b8f152abc26c25b6dbcb37b340baeaa55e
abcab0f83349f7922ec02613e4e14c6abd1ab0840085f5499d206a2ec5d35f7e

HTTP Headers

GET /2/20210205/637481218927186053638_250_220_5.jpg HTTP/1.1
Host: img80.chem17.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.ruimangedu.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: JSP3/2.0.14
date: Thu, 28 Sep 2023 10:09:15 GMT
content-type: image/jpeg
content-length: 15428
expires: Fri, 13 Sep 2024 11:24:02 GMT
last-modified: Thu, 14 Sep 2023 11:24:02 GMT
cache-control: public
accept-ranges: bytes
content-disposition: inline;filename=637481218927186053638.jpg
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET-img80
access-control-allow-origin: *
ohc-global-saved-time: Thu, 14 Sep 2023 11:24:02 GMT
ohc-cache-hit: huzct60 [1], csix101 [2]
ohc-file-size: 15428
x-cache-status: MISS
X-Firefox-Spdy: h2

img70.chem17.com/9/20230412/638169109713989309397_250_220_5.jpg

183.131.185.35

301 Moved Permanently

12 kB

URL GET HTTP/1.1
img70.chem17.com/9/20230412/638169109713989309397_250_220_5.jpg
IP
183.131.185.35:80
ASN
#58461 CT-HangZhou-IDC

Requested by
http://www.ruimangedu.com/

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 250x250, components 3\012- data
Size
12 kB (11474 bytes)
Hash
85588031ec902dd8c02df848c1af8cfd
c526960e7bece67e8c3ffc713e8523000cc97eed
a01cdb73c7dc7ff9396ac094de84e6b7921662cbcb7f538e551f3724c343594a

HTTP Headers

GET /9/20230412/638169109713989309397_250_220_5.jpg HTTP/1.1
Host: img70.chem17.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.ruimangedu.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: JSP3/2.0.14
date: Thu, 28 Sep 2023 10:09:15 GMT
content-type: image/jpeg
content-length: 11474
expires: Fri, 13 Sep 2024 11:24:02 GMT
last-modified: Thu, 14 Sep 2023 11:24:02 GMT
cache-control: public
age: 96944
accept-ranges: bytes
content-disposition: inline;filename=638169109713989309397.jpg
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET-img70
access-control-allow-origin: *
ohc-global-saved-time: Thu, 14 Sep 2023 11:24:02 GMT
ohc-cache-hit: huzct66 [4], wzix76 [4]
ohc-file-size: 11474
x-cache-status: HIT
X-Firefox-Spdy: h2

img79.chem17.com/2/20210722/637625688636903324471_250_220_5.jpg

183.131.185.35

200 OK

8.6 kB

URL GET HTTP/2
img79.chem17.com/2/20210722/637625688636903324471_250_220_5.jpg
IP
183.131.185.35:443
ASN
#58461 CT-HangZhou-IDC

Requested by
http://www.ruimangedu.com/
Certificate
IssuerDigiCert, Inc.
Subject*.chem17.com
Fingerprint4C:18:7F:36:10:A0:9B:2F:F1:11:80:91:98:57:0A:F2:6A:12:36:69
ValidityFri, 06 Jan 2023 00:00:00 GMT - Sat, 06 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 250x187, components 3\012- data
Size
8.6 kB (8646 bytes)
Hash
72c0f35e0b9b9f438bdf607c3493514e
6f4cb2f19867a9771eb18efdd451f39732596e04
5ad5518c892c77b63035508ee4a8596d453a7d123b9add58da7e7c28357f6008

HTTP Headers

GET /2/20210722/637625688636903324471_250_220_5.jpg HTTP/1.1
Host: img79.chem17.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.ruimangedu.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: JSP3/2.0.14
date: Thu, 28 Sep 2023 10:09:15 GMT
content-type: image/jpeg
content-length: 8646
expires: Fri, 13 Sep 2024 11:24:05 GMT
last-modified: Thu, 14 Sep 2023 11:24:05 GMT
cache-control: public
accept-ranges: bytes
content-disposition: inline;filename=637625688636903324471.jpg
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET-img79
access-control-allow-origin: *
ohc-global-saved-time: Thu, 14 Sep 2023 11:24:05 GMT
ohc-cache-hit: huzct69 [1], csix98 [4]
ohc-file-size: 8646
x-cache-status: MISS
X-Firefox-Spdy: h2

www.ruimangedu.com/skins/127431/images/bg1.jpg

104.165.7.84

302 Moved Temporarily

0 B

URL GET HTTP/1.1
www.ruimangedu.com/skins/127431/images/bg1.jpg
IP
104.165.7.84:80
ASN
#18779 EGIHOSTING

Requested by
http://www.ruimangedu.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /skins/127431/images/bg1.jpg HTTP/1.1
Host: www.ruimangedu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/skins/127431/css/style.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 28 Sep 2023 10:09:15 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.jxpxdier.com/skins/127431/images/bg1.jpg

www.ruimangedu.com/skins/127431/images/about_bg.png

104.165.7.84

302 Moved Temporarily

0 B

URL GET HTTP/1.1
www.ruimangedu.com/skins/127431/images/about_bg.png
IP
104.165.7.84:80
ASN
#18779 EGIHOSTING

Requested by
http://www.ruimangedu.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /skins/127431/images/about_bg.png HTTP/1.1
Host: www.ruimangedu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/skins/127431/css/style.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 28 Sep 2023 10:09:15 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.jxpxdier.com/skins/127431/images/about_bg.png

www.ruimangedu.com/skins/127431/images/h_nsw.gif

104.165.7.84

302 Moved Temporarily

0 B

URL GET HTTP/1.1
www.ruimangedu.com/skins/127431/images/h_nsw.gif
IP
104.165.7.84:80
ASN
#18779 EGIHOSTING

Requested by
http://www.ruimangedu.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /skins/127431/images/h_nsw.gif HTTP/1.1
Host: www.ruimangedu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/skins/127431/css/style.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 28 Sep 2023 10:09:15 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.jxpxdier.com/skins/127431/images/h_nsw.gif

img62.chem17.com/2/20230412/638169110180420556401_250_220_5.jpg

220.169.152.35

200 OK

5.3 kB

URL GET HTTP/2
img62.chem17.com/2/20230412/638169110180420556401_250_220_5.jpg
IP
220.169.152.35:443
ASN
#4134 Chinanet

Requested by
http://www.ruimangedu.com/
Certificate
IssuerDigiCert, Inc.
Subject*.chem17.com
Fingerprint4C:18:7F:36:10:A0:9B:2F:F1:11:80:91:98:57:0A:F2:6A:12:36:69
ValidityFri, 06 Jan 2023 00:00:00 GMT - Sat, 06 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 250x166, components 3\012- data
Size
5.3 kB (5289 bytes)
Hash
c90e1276303993cbf5fba5b1e5d53966
d0f65aaa16f26225ddfce4bf6f1139213d997bde
dbdb88c0830287ed550eb4fcef7b5d2ea60c993e6481536d544ca32c192a2cac

HTTP Headers

GET /2/20230412/638169110180420556401_250_220_5.jpg HTTP/1.1
Host: img62.chem17.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.ruimangedu.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: JSP3/2.0.14
date: Thu, 28 Sep 2023 10:09:15 GMT
content-type: image/jpeg
content-length: 5289
expires: Fri, 13 Sep 2024 11:24:02 GMT
last-modified: Thu, 14 Sep 2023 11:24:02 GMT
cache-control: public
age: 104002
accept-ranges: bytes
content-disposition: inline;filename=638169110180420556401.jpg
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET-img62
access-control-allow-origin: *
ohc-global-saved-time: Thu, 14 Sep 2023 11:24:02 GMT
ohc-cache-hit: yy2ct52 [4], qdix244 [4]
ohc-file-size: 5289
x-cache-status: HIT
X-Firefox-Spdy: h2

push.zhanzhang.baidu.com/push.js

182.61.201.93

200 OK

227 B

URL GET HTTP/1.1
push.zhanzhang.baidu.com/push.js
IP
182.61.201.93:80
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.

Requested by
http://www.ruimangedu.com/

File type
ASCII text, with no line terminators
Size
227 B (227 bytes)
Hash
1bb5a3267c9865ad4abe8d937734b62b
b5478dd2edb3e64242eced1db2dbd945ef81f592
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2

HTTP Headers

GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Thu, 28 Sep 2023 10:09:15 GMT
Etag: "4078521116"
Expires: Fri, 27 Sep 2024 10:09:15 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=782BAE51ACF8B3577E108C908138166D:FG=1; max-age=31536000; expires=Fri, 27-Sep-24 10:09:15 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding

img63.chem17.com/9/20230412/638169108109900691698_250_220_5.jpg

183.131.185.35

301 Moved Permanently

10 kB

URL GET HTTP/1.1
img63.chem17.com/9/20230412/638169108109900691698_250_220_5.jpg
IP
183.131.185.35:80
ASN
#58461 CT-HangZhou-IDC

Requested by
http://www.ruimangedu.com/

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 250x250, components 3\012- data
Size
10 kB (10326 bytes)
Hash
896daece2faf235b0eb33c4853788e53
356dc417d64a4c9b6ae861b9716cc2bfc6313c60
b700c4ead02849d54286d465ea6668e1738d7491b409efc1ded0d87e3fb9f497

HTTP Headers

GET /9/20230412/638169108109900691698_250_220_5.jpg HTTP/1.1
Host: img63.chem17.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.ruimangedu.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: JSP3/2.0.14
date: Thu, 28 Sep 2023 10:09:15 GMT
content-type: image/jpeg
content-length: 10326
expires: Fri, 13 Sep 2024 11:24:03 GMT
last-modified: Thu, 14 Sep 2023 11:24:03 GMT
cache-control: public
age: 295959
accept-ranges: bytes
content-disposition: inline;filename=638169108109900691698.jpg
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET-img63
access-control-allow-origin: *
ohc-global-saved-time: Thu, 14 Sep 2023 11:24:03 GMT
ohc-cache-hit: huzct66 [4], xiangyix115 [4]
ohc-file-size: 10326
x-cache-status: HIT
X-Firefox-Spdy: h2

img62.chem17.com/2/20230412/638169112071860293488_250_220_5.jpg

220.169.152.35

200 OK

8.4 kB

URL GET HTTP/2
img62.chem17.com/2/20230412/638169112071860293488_250_220_5.jpg
IP
220.169.152.35:443
ASN
#4134 Chinanet

Requested by
http://www.ruimangedu.com/
Certificate
IssuerDigiCert, Inc.
Subject*.chem17.com
Fingerprint4C:18:7F:36:10:A0:9B:2F:F1:11:80:91:98:57:0A:F2:6A:12:36:69
ValidityFri, 06 Jan 2023 00:00:00 GMT - Sat, 06 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 250x187, components 3\012- data
Size
8.4 kB (8365 bytes)
Hash
22b5716acc784c61d138400e01209a20
682095d3880c60563b2ff2ad57ef52e1b9b8f4b7
83a780f768d16f1a1f1a2c12b48704424acc2b93afbc4ec05359524c526b2ba5

HTTP Headers

GET /2/20230412/638169112071860293488_250_220_5.jpg HTTP/1.1
Host: img62.chem17.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.ruimangedu.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: JSP3/2.0.14
date: Thu, 28 Sep 2023 10:09:15 GMT
content-type: image/jpeg
content-length: 8365
expires: Fri, 13 Sep 2024 11:24:02 GMT
last-modified: Thu, 14 Sep 2023 11:24:02 GMT
cache-control: public
age: 104002
accept-ranges: bytes
content-disposition: inline;filename=638169112071860293488.jpg
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET-img62
access-control-allow-origin: *
ohc-global-saved-time: Thu, 14 Sep 2023 11:24:02 GMT
ohc-cache-hit: yy2ct68 [4], czix101 [4]
ohc-file-size: 8365
x-cache-status: HIT
X-Firefox-Spdy: h2

img74.chem17.com/2/20200716/637305140766168092598_250_220_5.jpg

1.193.146.35

200 OK

19 kB

URL GET HTTP/2
img74.chem17.com/2/20200716/637305140766168092598_250_220_5.jpg
IP
1.193.146.35:443
ASN
#139018 Henan Luoyang IDC

Requested by
http://www.ruimangedu.com/
Certificate
IssuerDigiCert, Inc.
Subject*.chem17.com
Fingerprint4C:18:7F:36:10:A0:9B:2F:F1:11:80:91:98:57:0A:F2:6A:12:36:69
ValidityFri, 06 Jan 2023 00:00:00 GMT - Sat, 06 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 250x250, components 3\012- data
Size
19 kB (18662 bytes)
Hash
f6d9c0f72da94d0d8f3f40c4866f2784
b840168909a10e824c23c9654c2f42e463fbfb23
a4e014d9a5947d0972edd83d67703e491af792f53f1c6e7aeed171cfe22bd26f

HTTP Headers

GET /2/20200716/637305140766168092598_250_220_5.jpg HTTP/1.1
Host: img74.chem17.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.ruimangedu.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: JSP3/2.0.14
date: Thu, 28 Sep 2023 10:09:15 GMT
content-type: image/jpeg
content-length: 18662
expires: Fri, 13 Sep 2024 11:24:05 GMT
last-modified: Thu, 14 Sep 2023 11:24:05 GMT
cache-control: public
accept-ranges: bytes
content-disposition: inline;filename=637305140766168092598.jpg
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET-img74
access-control-allow-origin: *
ohc-global-saved-time: Thu, 14 Sep 2023 11:24:05 GMT
ohc-cache-hit: ly5ct56 [1], suzix56 [4]
ohc-file-size: 18662
x-cache-status: MISS
X-Firefox-Spdy: h2

img62.chem17.com/2/20230412/638169108930163228761_250_220_5.jpg

220.169.152.35

301 Moved Permanently

9.4 kB

URL GET HTTP/1.1
img62.chem17.com/2/20230412/638169108930163228761_250_220_5.jpg
IP
220.169.152.35:80
ASN
#4134 Chinanet

Requested by
http://www.ruimangedu.com/

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 250x250, components 3\012- data
Size
9.4 kB (9386 bytes)
Hash
0449c2fb800d29af3a981fb780debd92
743184fdcc884c13e8ed7b744eb764de46149b78
80623778f1a91f99bac10c2e19ddd13d9e0095ff8683657d92b89d97208950c5

HTTP Headers

GET /2/20230412/638169108930163228761_250_220_5.jpg HTTP/1.1
Host: img62.chem17.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.ruimangedu.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: JSP3/2.0.14
date: Thu, 28 Sep 2023 10:09:15 GMT
content-type: image/jpeg
content-length: 9386
expires: Fri, 13 Sep 2024 11:24:03 GMT
last-modified: Thu, 14 Sep 2023 11:24:03 GMT
cache-control: public
age: 104002
accept-ranges: bytes
content-disposition: inline;filename=638169108930163228761.jpg
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET-img62
access-control-allow-origin: *
ohc-global-saved-time: Thu, 14 Sep 2023 11:24:03 GMT
ohc-cache-hit: yy2ct66 [4], bdix66 [4]
ohc-file-size: 9386
x-cache-status: HIT
X-Firefox-Spdy: h2

www.ruimangedu.com/skins/127431/images/qq1.png

104.165.7.84

302 Moved Temporarily

0 B

URL GET HTTP/1.1
www.ruimangedu.com/skins/127431/images/qq1.png
IP
104.165.7.84:80
ASN
#18779 EGIHOSTING

Requested by
http://www.ruimangedu.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /skins/127431/images/qq1.png HTTP/1.1
Host: www.ruimangedu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/skins/127431/css/style.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 28 Sep 2023 10:09:15 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.jxpxdier.com/skins/127431/images/qq1.png

www.ruimangedu.com/skins/127431/images/wx1.png

104.165.7.84

302 Moved Temporarily

0 B

URL GET HTTP/1.1
www.ruimangedu.com/skins/127431/images/wx1.png
IP
104.165.7.84:80
ASN
#18779 EGIHOSTING

Requested by
http://www.ruimangedu.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /skins/127431/images/wx1.png HTTP/1.1
Host: www.ruimangedu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/skins/127431/css/style.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 28 Sep 2023 10:09:15 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.jxpxdier.com/skins/127431/images/wx1.png

img52.chem17.com/2/20160611/636012555152987652605_250_220_5.jpg

183.131.185.35

301 Moved Permanently

16 kB

URL GET HTTP/1.1
img52.chem17.com/2/20160611/636012555152987652605_250_220_5.jpg
IP
183.131.185.35:80
ASN
#58461 CT-HangZhou-IDC

Requested by
http://www.ruimangedu.com/

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 250x187, components 3\012- data
Size
16 kB (15699 bytes)
Hash
7cc384e55dc4349bf03e49792d0d6be2
94f0e3613abc7bb2588b9ca89e9e6a63e079e1f9
55acef072ea74b0095b25c96c684ad8d43bee111a58650dee901c17892216ce3

HTTP Headers

GET /2/20160611/636012555152987652605_250_220_5.jpg HTTP/1.1
Host: img52.chem17.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.ruimangedu.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: JSP3/2.0.14
date: Thu, 28 Sep 2023 10:09:15 GMT
content-type: image/jpeg
content-length: 15699
expires: Fri, 13 Sep 2024 11:24:06 GMT
last-modified: Thu, 14 Sep 2023 11:24:06 GMT
cache-control: public
age: 1205109
accept-ranges: bytes
content-disposition: inline;filename=636012555152987652605.jpg
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET-img52
access-control-allow-origin: *
ohc-global-saved-time: Thu, 14 Sep 2023 11:24:06 GMT
ohc-cache-hit: huzct65 [4], bdix230 [1]
ohc-file-size: 15699
x-cache-status: HIT
X-Firefox-Spdy: h2

img70.chem17.com/9/20230412/638169108591420120498_250_220_5.jpg

183.131.185.35

200 OK

13 kB

URL GET HTTP/2
img70.chem17.com/9/20230412/638169108591420120498_250_220_5.jpg
IP
183.131.185.35:443
ASN
#58461 CT-HangZhou-IDC

Requested by
http://www.ruimangedu.com/
Certificate
IssuerDigiCert, Inc.
Subject*.chem17.com
Fingerprint4C:18:7F:36:10:A0:9B:2F:F1:11:80:91:98:57:0A:F2:6A:12:36:69
ValidityFri, 06 Jan 2023 00:00:00 GMT - Sat, 06 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 250x250, components 3\012- data
Size
13 kB (12832 bytes)
Hash
bf3a6c876918f06218c905c48e9e8a58
90165a731c1cca9de5f22e55285daaf6a349f9cf
e85bfc35e16b8ae39d79f1a1d5f4c8a0a9757c1cd22fcb5026cb3ff663ec528c

HTTP Headers

GET /9/20230412/638169108591420120498_250_220_5.jpg HTTP/1.1
Host: img70.chem17.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.ruimangedu.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: JSP3/2.0.14
date: Thu, 28 Sep 2023 10:09:15 GMT
content-type: image/jpeg
content-length: 12832
expires: Fri, 13 Sep 2024 11:24:03 GMT
last-modified: Thu, 14 Sep 2023 11:24:03 GMT
cache-control: public
age: 96944
accept-ranges: bytes
content-disposition: inline;filename=638169108591420120498.jpg
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET-img70
access-control-allow-origin: *
ohc-global-saved-time: Thu, 14 Sep 2023 11:24:03 GMT
ohc-cache-hit: huzct66 [4], wzix66 [4]
ohc-file-size: 12832
x-cache-status: HIT
X-Firefox-Spdy: h2

img68.chem17.com/2/20230412/638169109232619727940_250_220_5.jpg

183.131.185.35

200 OK

12 kB

URL GET HTTP/2
img68.chem17.com/2/20230412/638169109232619727940_250_220_5.jpg
IP
183.131.185.35:443
ASN
#58461 CT-HangZhou-IDC

Requested by
http://www.ruimangedu.com/
Certificate
IssuerDigiCert, Inc.
Subject*.chem17.com
Fingerprint4C:18:7F:36:10:A0:9B:2F:F1:11:80:91:98:57:0A:F2:6A:12:36:69
ValidityFri, 06 Jan 2023 00:00:00 GMT - Sat, 06 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 250x187, components 3\012- data
Size
12 kB (11664 bytes)
Hash
93d99704dc1d915c5cf069f7eb81af18
f4152dc5391046fb99caa322b1026c6779d56552
ca6753640beed593a20ffa581f86c99072eac9bcb3dfa4f0b4fa93f62025ac0d

HTTP Headers

GET /2/20230412/638169109232619727940_250_220_5.jpg HTTP/1.1
Host: img68.chem17.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.ruimangedu.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: JSP3/2.0.14
date: Thu, 28 Sep 2023 10:09:15 GMT
content-type: image/jpeg
content-length: 11664
expires: Fri, 13 Sep 2024 11:24:04 GMT
last-modified: Thu, 14 Sep 2023 11:24:04 GMT
cache-control: public
age: 262602
accept-ranges: bytes
content-disposition: inline;filename=638169109232619727940.jpg
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET-img68
access-control-allow-origin: *
ohc-global-saved-time: Thu, 14 Sep 2023 11:24:04 GMT
ohc-cache-hit: huzct57 [4], xiangyix162 [4]
ohc-file-size: 11664
x-cache-status: HIT
X-Firefox-Spdy: h2

img57.chem17.com/2/20141103/635506211183714169446_250_220_5.jpg

183.131.185.35

301 Moved Permanently

12 kB

URL GET HTTP/1.1
img57.chem17.com/2/20141103/635506211183714169446_250_220_5.jpg
IP
183.131.185.35:80
ASN
#58461 CT-HangZhou-IDC

Requested by
http://www.ruimangedu.com/

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 250x187, components 3\012- data
Size
12 kB (12369 bytes)
Hash
c48bf21758a9f1319387de12dfe80373
f4500e19356d702502eddb1b6fbf12de9f000504
ed6a9abf2174be5dae8397548a455ff1cd9b238d8b65e988788c16a748dd5a76

HTTP Headers

GET /2/20141103/635506211183714169446_250_220_5.jpg HTTP/1.1
Host: img57.chem17.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.ruimangedu.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: JSP3/2.0.14
date: Thu, 28 Sep 2023 10:09:15 GMT
content-type: image/jpeg
content-length: 12369
expires: Fri, 13 Sep 2024 11:24:06 GMT
last-modified: Thu, 14 Sep 2023 11:24:06 GMT
cache-control: public
accept-ranges: bytes
content-disposition: inline;filename=635506211183714169446.jpg
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET-img57
access-control-allow-origin: *
ohc-global-saved-time: Thu, 14 Sep 2023 11:24:06 GMT
ohc-cache-hit: huzct60 [1], czix202 [4]
ohc-file-size: 12369
x-cache-status: MISS
X-Firefox-Spdy: h2

push.zhanzhang.baidu.com/push.js

182.61.201.93

200 OK

227 B

URL GET HTTP/1.1
push.zhanzhang.baidu.com/push.js
IP
182.61.201.93:80
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.

Requested by
http://www.ruimangedu.com/

File type
ASCII text, with no line terminators
Size
227 B (227 bytes)
Hash
1bb5a3267c9865ad4abe8d937734b62b
b5478dd2edb3e64242eced1db2dbd945ef81f592
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2

HTTP Headers

GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Thu, 28 Sep 2023 10:09:15 GMT
Etag: "4078521116"
Expires: Fri, 27 Sep 2024 10:09:15 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=5B7D6A969DE7FEF957198C71CD3BD3D9:FG=1; max-age=31536000; expires=Fri, 27-Sep-24 10:09:15 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding

fuyun999.com:33866/fcl.php?keyword=0638%E5%A4%AA%E9%98%B3%E9%9B%86%E5%9B%A2(%E5%AE%98%E6%96%B9%E8%AE%A4%E8%AF%81)-Apple%20App%20Store&from=pc&originUrl=http%3A%2F%2Fwww.ruimangedu.com%2F&referer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&v=7299

85.208.117.197

200 OK

1.5 kB

URL GET HTTP/1.1
fuyun999.com:33866/fcl.php?keyword=0638%E5%A4%AA%E9%98%B3%E9%9B%86%E5%9B%A2(%E5%AE%98%E6%96%B9%E8%AE%A4%E8%AF%81)-Apple%20App%20Store&from=pc&originUrl=http%3A%2F%2Fwww.ruimangedu.com%2F&referer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&v=7299
IP
85.208.117.197:33866
ASN
#18978 ENZUINC

Requested by
http://www.ruimangedu.com/
Certificate
IssuerLet's Encrypt
Subjectfuyun999.com
Fingerprint2D:C1:BE:38:C4:D4:53:C5:F0:86:68:02:F7:0C:18:08:58:09:69:99
ValidityMon, 11 Sep 2023 01:10:01 GMT - Sun, 10 Dec 2023 01:10:00 GMT

File type
HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (7089), with no line terminators
Size
1.5 kB (1527 bytes)
Hash
517842597b801f66562a52da09182bf2
f9c770ca3575322d8f1f9a4aa6931fdee3586736
5f42cabde276a9a49e25460aef2050a995e2456d37e6715d5175674d86c9a47e

HTTP Headers

GET /fcl.php?keyword=0638%E5%A4%AA%E9%98%B3%E9%9B%86%E5%9B%A2(%E5%AE%98%E6%96%B9%E8%AE%A4%E8%AF%81)-Apple%20App%20Store&from=pc&originUrl=http%3A%2F%2Fwww.ruimangedu.com%2F&referer=&userAgent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&v=7299 HTTP/1.1
Host: fuyun999.com:33866
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.ruimangedu.com
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 28 Sep 2023 10:09:15 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Access-Control-Allow-Origin: *
Content-Encoding: gzip

img65.chem17.com/2/20200321/637203878596350811399_250_220_5.jpg

183.131.185.35

200 OK

23 kB

URL GET HTTP/2
img65.chem17.com/2/20200321/637203878596350811399_250_220_5.jpg
IP
183.131.185.35:443
ASN
#58461 CT-HangZhou-IDC

Requested by
http://www.ruimangedu.com/
Certificate
IssuerDigiCert, Inc.
Subject*.chem17.com
Fingerprint4C:18:7F:36:10:A0:9B:2F:F1:11:80:91:98:57:0A:F2:6A:12:36:69
ValidityFri, 06 Jan 2023 00:00:00 GMT - Sat, 06 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 250x250, components 3\012- data
Size
23 kB (22590 bytes)
Hash
eece8a39aa20c0d7040ed33d22b7bb99
4c992d471da4345170c9541af95e061325d50d70
d02c942bb5493ca2e8d272e6af3c20c3171723216b77c0bfb805e01e1f7ef1a9

HTTP Headers

GET /2/20200321/637203878596350811399_250_220_5.jpg HTTP/1.1
Host: img65.chem17.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.ruimangedu.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: JSP3/2.0.14
date: Thu, 28 Sep 2023 10:09:15 GMT
content-type: image/jpeg
content-length: 22590
expires: Fri, 13 Sep 2024 11:24:04 GMT
last-modified: Thu, 14 Sep 2023 11:24:04 GMT
cache-control: public
accept-ranges: bytes
content-disposition: inline;filename=637203878596350811399.jpg
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET-img65
access-control-allow-origin: *
ohc-global-saved-time: Thu, 14 Sep 2023 11:24:04 GMT
ohc-cache-hit: huzct53 [1], csix71 [2]
ohc-file-size: 22590
x-cache-status: MISS
X-Firefox-Spdy: h2

img65.chem17.com/9/20230412/638169112757153177963_250_220_5.jpg

183.131.185.35

301 Moved Permanently

8.3 kB

URL GET HTTP/1.1
img65.chem17.com/9/20230412/638169112757153177963_250_220_5.jpg
IP
183.131.185.35:80
ASN
#58461 CT-HangZhou-IDC

Requested by
http://www.ruimangedu.com/

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 250x250, components 3\012- data
Size
8.3 kB (8256 bytes)
Hash
648b235b5b11fabf03c7f69320d8bd24
7e2337544e49256ba49b5ff633bbccd65d5f03a8
43f16ca201b00ba19702facb8acbb28d7d61eae265de6be6b365c83e87374546

HTTP Headers

GET /9/20230412/638169112757153177963_250_220_5.jpg HTTP/1.1
Host: img65.chem17.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.ruimangedu.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: JSP3/2.0.14
date: Thu, 28 Sep 2023 10:09:15 GMT
content-type: image/jpeg
content-length: 8256
expires: Fri, 13 Sep 2024 11:24:04 GMT
last-modified: Thu, 14 Sep 2023 11:24:04 GMT
cache-control: public
accept-ranges: bytes
content-disposition: inline;filename=638169112757153177963.jpg
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET-img65
access-control-allow-origin: *
ohc-global-saved-time: Thu, 14 Sep 2023 11:24:04 GMT
ohc-cache-hit: huzct67 [1], qdix241 [4]
ohc-file-size: 8256
x-cache-status: MISS
X-Firefox-Spdy: h2

img60.chem17.com/2/20170531/636318179193499688603_250_220_5.jpg

183.131.185.35

200 OK

7.8 kB

URL GET HTTP/2
img60.chem17.com/2/20170531/636318179193499688603_250_220_5.jpg
IP
183.131.185.35:443
ASN
#58461 CT-HangZhou-IDC

Requested by
http://www.ruimangedu.com/
Certificate
IssuerDigiCert, Inc.
Subject*.chem17.com
Fingerprint4C:18:7F:36:10:A0:9B:2F:F1:11:80:91:98:57:0A:F2:6A:12:36:69
ValidityFri, 06 Jan 2023 00:00:00 GMT - Sat, 06 Jan 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 250x166, components 3\012- data
Size
7.8 kB (7809 bytes)
Hash
cb1022db5ab160bb262e1537b6d43b6d
b5c0527dd563eff029b4104bd4c3576a4c60843a
bfcbc9e691ef42c082b799ee3a9fabbcdb1b8cdd2444b92b5615bdade4334433

HTTP Headers

GET /2/20170531/636318179193499688603_250_220_5.jpg HTTP/1.1
Host: img60.chem17.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.ruimangedu.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: JSP3/2.0.14
date: Thu, 28 Sep 2023 10:09:15 GMT
content-type: image/jpeg
content-length: 7809
expires: Fri, 13 Sep 2024 11:24:01 GMT
last-modified: Thu, 14 Sep 2023 11:24:01 GMT
cache-control: public
accept-ranges: bytes
content-disposition: inline;filename=636318179193499688603.jpg
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET-img60
access-control-allow-origin: *
ohc-global-saved-time: Thu, 14 Sep 2023 11:24:01 GMT
ohc-cache-hit: huzct63 [1], suzix88 [4]
ohc-file-size: 7809
x-cache-status: MISS
X-Firefox-Spdy: h2

www.chem17.com/stat.aspx?u=pxdier&referer=&title=0638%u592A%u9633%u96C6%u56E2%28%u5B98%u65B9%u8BA4%u8BC1%29-Apple%20App%20Store&httpreferer=http%3A//www.ruimangedu.com/

58.218.215.150

0 B

URL
www.chem17.com/stat.aspx?u=pxdier&referer=&title=0638%u592A%u9633%u96C6%u56E2%28%u5B98%u65B9%u8BA4%u8BC1%29-Apple%20App%20Store&httpreferer=http%3A//www.ruimangedu.com/
IP
58.218.215.150:0
ASN
#4134 Chinanet

Certificate
IssuerDigiCert, Inc.
Subject*.chem17.com
Fingerprint4C:18:7F:36:10:A0:9B:2F:F1:11:80:91:98:57:0A:F2:6A:12:36:69
ValidityFri, 06 Jan 2023 00:00:00 GMT - Sat, 06 Jan 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /stat.aspx?u=pxdier&referer=&title=0638%u592A%u9633%u96C6%u56E2%28%u5B98%u65B9%u8BA4%u8BC1%29-Apple%20App%20Store&httpreferer=http%3A//www.ruimangedu.com/ HTTP/1.1
Host: www.chem17.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.chem17.com/asyncstat.aspx?u=pxdier&referer=&title=0638%u592A%u9633%u96C6%u56E2%28%u5B98%u65B9%u8BA4%u8BC1%29-Apple%20App%20Store
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: Tengine
content-length: 0
date: Thu, 28 Sep 2023 10:09:15 GMT
cache-control: no-cache
pragma: no-cache
expires: -1
x-aspnet-version: 4.0.30319
set-cookie: ASP.NET_SessionId=s320a35a0ebfokr2urgc1tjh; path=/; HttpOnly
mtcached_mtsession_s320a35a0ebfokr2urgc1tjh=10.115.3.113:9714; domain=.chem17.com; path=/; HttpOnly
x-powered-by: ASP.NET-hg4.24
ali-swift-global-savetime: 1695895755
via: cache37.l2cn3037[59,58,200-0,M], cache8.l2cn3037[60,0], kunlun3.cn192[73,72,200-0,M], kunlun1.cn192[74,0]
x-cache: MISS TCP_MISS dirn:-2:-2
x-swift-savetime: Thu, 28 Sep 2023 10:09:15 GMT
x-swift-cachetime: 0
timing-allow-origin: *
eagleid: 3adad01516958957557047686e
X-Firefox-Spdy: h2

www.ruimangedu.com/jquery.la.min.js

104.165.7.84

200 OK

550 B

URL GET HTTP/1.1
www.ruimangedu.com/jquery.la.min.js
IP
104.165.7.84:80
ASN
#18779 EGIHOSTING

Requested by
http://www.ruimangedu.com/

File type
HTML document, ASCII text, with very long lines (554), with CRLF line terminators
Size
550 B (550 bytes)
Hash
e2c55cceca0f54efd7b2a6ba0705bfb1
a71d3bd5c915e1f326f0569af370f62fe0622267
39e4d0650f69398abd3043a817db2f57ea09cc70fbd45508e0f97e645183f510

HTTP Headers

GET /jquery.la.min.js HTTP/1.1
Host: www.ruimangedu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 28 Sep 2023 10:09:16 GMT
Content-Type: application/javascript
Last-Modified: Wed, 26 Apr 2023 10:30:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6448fd50-560"
Expires: Thu, 28 Sep 2023 11:09:16 GMT
Cache-Control: max-age=3600
Content-Encoding: gzip

www.jxpxdier.com/skins/127431/images/top_tel.png

182.107.80.35

200 OK

2.5 kB

URL GET HTTP/1.1
www.jxpxdier.com/skins/127431/images/top_tel.png
IP
182.107.80.35:80
ASN
#4134 Chinanet

Requested by
http://www.ruimangedu.com/

File type
PNG image data, 46 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
2.5 kB (2538 bytes)
Hash
03ec6bb34e3d9de4fd883508baeeb06d
0504d9e4c547254f8a47e8c00680339cf420b663
1fc4086b0aa14078b75de8a94c2e7d05d9744b0f8aba54bcd0f5d39cce3d5972

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /skins/127431/images/top_tel.png HTTP/1.1
Host: www.jxpxdier.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.ruimangedu.com/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Thu, 28 Sep 2023 10:09:16 GMT
Content-Type: image/png
Content-Length: 2538
Connection: keep-alive
Last-Modified: Mon, 10 Apr 2023 07:09:11 GMT
ETag: "80573597b6bd91:0"
Accept-Ranges: bytes
X-Powered-By: ASP.NET-115.4.179
Referrer-Policy: unsafe-url
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block
Ohc-Cache-HIT: jact59 [1], wzix119 [1]
Ohc-File-Size: 2538
X-Cache-Status: MISS

www.jxpxdier.com/skins/127431/images/ss_btn.png

182.107.80.35

200 OK

1.3 kB

URL GET HTTP/1.1
www.jxpxdier.com/skins/127431/images/ss_btn.png
IP
182.107.80.35:80
ASN
#4134 Chinanet

Requested by
http://www.ruimangedu.com/

File type
PNG image data, 21 x 21, 8-bit/color RGBA, non-interlaced\012- data
Size
1.3 kB (1264 bytes)
Hash
200e2f5d216362f11c67eefcdf346313
b4e3e0bf706aaecd5d5ee1c25e5642a82cf12141
15619d6ca498341782eda397cf6cf3887b8497d830783b79a7d1cbbc293c9d87

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /skins/127431/images/ss_btn.png HTTP/1.1
Host: www.jxpxdier.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.ruimangedu.com/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Thu, 28 Sep 2023 10:09:16 GMT
Content-Type: image/png
Content-Length: 1264
Connection: keep-alive
Last-Modified: Mon, 10 Apr 2023 07:09:10 GMT
ETag: "06fda587b6bd91:0"
Accept-Ranges: bytes
X-Powered-By: ASP.NET-114.4.179
Referrer-Policy: unsafe-url
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block
Ohc-Cache-HIT: jact65 [1], cdix170 [1]
Ohc-File-Size: 1264
X-Cache-Status: MISS

www.jxpxdier.com/skins/127431/images/ss_bg.png

182.107.80.35

200 OK

2.1 kB

URL GET HTTP/1.1
www.jxpxdier.com/skins/127431/images/ss_bg.png
IP
182.107.80.35:80
ASN
#4134 Chinanet

Requested by
http://www.ruimangedu.com/

File type
PNG image data, 328 x 74, 8-bit/color RGBA, non-interlaced\012- data
Size
2.1 kB (2080 bytes)
Hash
fdb3ba1fe96ca8b3c67f02080071d97c
6d7744fa21db2dafa1b4c38a4b07b089049e2396
72b70e4cd445a2f4e5a7a431263d2ac58b91d9a0725984689d97c3f5880baf57

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /skins/127431/images/ss_bg.png HTTP/1.1
Host: www.jxpxdier.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.ruimangedu.com/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Thu, 28 Sep 2023 10:09:16 GMT
Content-Type: image/png
Content-Length: 2080
Connection: keep-alive
Last-Modified: Mon, 10 Apr 2023 07:09:09 GMT
ETag: "80d841587b6bd91:0"
Accept-Ranges: bytes
X-Powered-By: ASP.NET-115.4.182
Referrer-Policy: unsafe-url
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block
Ohc-Cache-HIT: jact57 [1], csix57 [1]
Ohc-File-Size: 2080
X-Cache-Status: MISS

www.jxpxdier.com/skins/127431/images/ss_j.png

182.107.80.35

200 OK

1.0 kB

URL GET HTTP/1.1
www.jxpxdier.com/skins/127431/images/ss_j.png
IP
182.107.80.35:80
ASN
#4134 Chinanet

Requested by
http://www.ruimangedu.com/

File type
PNG image data, 6 x 11, 8-bit/color RGBA, non-interlaced\012- data
Size
1.0 kB (1045 bytes)
Hash
2c1fd14f5b30559631fa12bd81b40d68
56cfc39c438e371a475de818927a2da43d54faf7
14d45597998df0c6538d782cd215ace17b8f7cebef107410ed2dd1e99851c7ce

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /skins/127431/images/ss_j.png HTTP/1.1
Host: www.jxpxdier.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.ruimangedu.com/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Thu, 28 Sep 2023 10:09:16 GMT
Content-Type: image/png
Content-Length: 1045
Connection: keep-alive
Last-Modified: Mon, 10 Apr 2023 07:09:10 GMT
ETag: "06fda587b6bd91:0"
Accept-Ranges: bytes
X-Powered-By: ASP.NET-114.4.179
Referrer-Policy: unsafe-url
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block
Ohc-Cache-HIT: jact50 [1], xiangyix99 [1]
Ohc-File-Size: 1045
X-Cache-Status: MISS

hm.baidu.com/hm.js?edaf083abac5e513fe76cbf251fe02c0

103.235.46.191

200 OK

0 B

URL GET HTTP/1.1
hm.baidu.com/hm.js?edaf083abac5e513fe76cbf251fe02c0
IP
103.235.46.191:443
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

Requested by
http://www.ruimangedu.com/
Certificate
IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /hm.js?edaf083abac5e513fe76cbf251fe02c0 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Length: 0
Date: Thu, 28 Sep 2023 10:09:16 GMT
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: text/plain; charset=utf-8

www.jxpxdier.com/skins/127431/images/h_nsw.gif

182.107.80.35

200 OK

1.2 kB

URL GET HTTP/1.1
www.jxpxdier.com/skins/127431/images/h_nsw.gif
IP
182.107.80.35:80
ASN
#4134 Chinanet

Requested by
http://www.ruimangedu.com/

File type
GIF image data, version 89a, 19 x 19\012- data
Size
1.2 kB (1208 bytes)
Hash
e225b571e82dca130bc9d635cb9b8cf8
aaf4a3e5609ac6c0e96896aae28f7b15e89ea90d
8242b6b9b032f6e23782f2f2111cbc80960d5ed0c2267f1e1a1fd37e5c7de5dc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /skins/127431/images/h_nsw.gif HTTP/1.1
Host: www.jxpxdier.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.ruimangedu.com/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Thu, 28 Sep 2023 10:09:16 GMT
Content-Type: image/gif
Content-Length: 1208
Connection: keep-alive
Last-Modified: Mon, 10 Apr 2023 07:09:00 GMT
ETag: "08ee4527b6bd91:0"
Accept-Ranges: bytes
X-Powered-By: ASP.NET-115.4.179
Referrer-Policy: unsafe-url
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block
Ohc-Cache-HIT: jact63 [1], czix87 [1]
Ohc-File-Size: 1208
X-Cache-Status: MISS

www.jxpxdier.com/skins/127431/images/qq1.png

182.107.80.35

200 OK

18 kB

URL GET HTTP/1.1
www.jxpxdier.com/skins/127431/images/qq1.png
IP
182.107.80.35:80
ASN
#4134 Chinanet

Requested by
http://www.ruimangedu.com/

File type
PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced\012- data
Size
18 kB (17542 bytes)
Hash
ba58da75695582232d986cc8eedab558
410bd1112b76ea86f1832b260ac483eefbe71a39
75c459f23b6291f339169285ff28f084f3971e9d71b68df4b409c5c7b9c835c3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /skins/127431/images/qq1.png HTTP/1.1
Host: www.jxpxdier.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.ruimangedu.com/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Thu, 28 Sep 2023 10:09:16 GMT
Content-Type: image/png
Content-Length: 17542
Connection: keep-alive
Last-Modified: Mon, 10 Apr 2023 07:09:09 GMT
ETag: "80d841587b6bd91:0"
Accept-Ranges: bytes
X-Powered-By: ASP.NET-115.4.178
Referrer-Policy: unsafe-url
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block
Ohc-Cache-HIT: jact50 [1], bdix124 [1]
Ohc-File-Size: 17542
X-Cache-Status: MISS

sdk.51.la/js-sdk-pro.min.js

47.246.44.205

200 OK

13 kB

URL GET HTTP/1.1
sdk.51.la/js-sdk-pro.min.js
IP
47.246.44.205:80
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

Requested by
http://www.ruimangedu.com/

File type
Unicode text, UTF-8 text, with very long lines (34110)
Size
13 kB (12846 bytes)
Hash
24bb520e9517f2ed3ed987b46aeaf723
846723563d7dd2bff3954f93633b11af0103adc8
d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27

HTTP Headers

GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/javascript
Content-Length: 12846
Connection: keep-alive
Date: Thu, 21 Sep 2023 16:07:27 GMT
x-oss-request-id: 650C6A3F4EAD113135E809B9
x-oss-cdn-auth: success
Accept-Ranges: bytes
x-oss-object-type: Normal
x-oss-storage-class: Standard
Content-MD5: JLtSDpUX8u0+2Ye0aur3Iw==
x-oss-server-time: 3
Ali-Swift-Global-Savetime: 1695312447
Via: cache15.l2de2[1289,1153,304-0,C], cache11.l2de2[1155,0], cache3.se1[0,0,200-0,H], cache1.se1[1,0]
ETag: "24BB520E9517F2ED3ED987B46AEAF723"
Last-Modified: Thu, 08 Jun 2023 02:24:34 GMT
Vary: Accept-Encoding
x-oss-hash-crc64ecma: 5143829838470429443
Content-Encoding: gzip
Age: 583310
X-Cache: HIT TCP_MEM_HIT dirn:7:153294850
X-Swift-SaveTime: Thu, 21 Sep 2023 16:07:27 GMT
X-Swift-CacheTime: 1296000
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
EagleId: 2ff62c9516958957571665899e

sdk.51.la/js-sdk-pro.min.js

47.246.44.205

200 OK

13 kB

URL GET HTTP/1.1
sdk.51.la/js-sdk-pro.min.js
IP
47.246.44.205:80
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

Requested by
http://www.ruimangedu.com/

File type
Unicode text, UTF-8 text, with very long lines (34110)
Size
13 kB (12846 bytes)
Hash
24bb520e9517f2ed3ed987b46aeaf723
846723563d7dd2bff3954f93633b11af0103adc8
d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27

HTTP Headers

GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/javascript
Content-Length: 12846
Connection: keep-alive
Date: Thu, 21 Sep 2023 16:07:27 GMT
x-oss-request-id: 650C6A3F4EAD113135E809B9
x-oss-cdn-auth: success
Accept-Ranges: bytes
x-oss-object-type: Normal
x-oss-storage-class: Standard
Content-MD5: JLtSDpUX8u0+2Ye0aur3Iw==
x-oss-server-time: 3
Ali-Swift-Global-Savetime: 1695312447
Via: cache15.l2de2[1289,1153,304-0,C], cache11.l2de2[1155,0], cache3.se1[0,0,200-0,H], cache8.se1[1,0]
ETag: "24BB520E9517F2ED3ED987B46AEAF723"
Last-Modified: Thu, 08 Jun 2023 02:24:34 GMT
Vary: Accept-Encoding
x-oss-hash-crc64ecma: 5143829838470429443
Content-Encoding: gzip
Age: 583310
X-Cache: HIT TCP_MEM_HIT dirn:7:153294850
X-Swift-SaveTime: Thu, 21 Sep 2023 16:07:27 GMT
X-Swift-CacheTime: 1296000
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
EagleId: 2ff62c9c16958957571691076e

www.jxpxdier.com/skins/127431/images/wx1.png

182.107.80.35

200 OK

1.6 kB

URL GET HTTP/1.1
www.jxpxdier.com/skins/127431/images/wx1.png
IP
182.107.80.35:80
ASN
#4134 Chinanet

Requested by
http://www.ruimangedu.com/

File type
PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced\012- data
Size
1.6 kB (1559 bytes)
Hash
491aaee7d119a7375e26dcb7858b5c48
911a09db1c0b60c292f7cd74adb2c363f3b5042c
e9c49d7f2a4a4143c81ba05e5f34e62f9738484b76c9275d2cee7bc2004408b5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /skins/127431/images/wx1.png HTTP/1.1
Host: www.jxpxdier.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.ruimangedu.com/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Thu, 28 Sep 2023 10:09:17 GMT
Content-Type: image/png
Content-Length: 1559
Connection: keep-alive
Last-Modified: Mon, 10 Apr 2023 07:09:11 GMT
ETag: "80573597b6bd91:0"
Accept-Ranges: bytes
X-Powered-By: ASP.NET-114.4.178
Referrer-Policy: unsafe-url
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block
Ohc-Cache-HIT: jact63 [1], xiangyix217 [1]
Ohc-File-Size: 1559
X-Cache-Status: MISS

tp.xinxiyidiantong.com:5868/uploads/bcxyd1s1sigdhca92z9vasjpppocuc81b03spnfn.jpg

85.208.116.132

200 OK

130 kB

URL GET HTTP/1.1
tp.xinxiyidiantong.com:5868/uploads/bcxyd1s1sigdhca92z9vasjpppocuc81b03spnfn.jpg
IP
85.208.116.132:5868
ASN
#18978 ENZUINC

Requested by
http://www.ruimangedu.com/
Certificate
IssuerLet's Encrypt
Subjecttp.xinxiyidiantong.com
FingerprintC3:5E:6E:33:30:75:29:8F:E1:36:72:09:5C:31:36:98:45:66:2B:26
ValidityMon, 11 Sep 2023 01:21:57 GMT - Sun, 10 Dec 2023 01:21:56 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x200, components 3\012- data
Size
130 kB (130166 bytes)
Hash
eafed17c1fe2700860721ae8140eb2cb
0413f0641c22711164c2afe9371879939b8b0b75
cb9a226036421e9cf000f581d39f588909d796c0c1e6ad72a9d20fe0ca0ade96

HTTP Headers

GET /uploads/bcxyd1s1sigdhca92z9vasjpppocuc81b03spnfn.jpg HTTP/1.1
Host: tp.xinxiyidiantong.com:5868
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 28 Sep 2023 10:09:16 GMT
Content-Type: image/jpeg
Content-Length: 130166
Last-Modified: Thu, 06 Oct 2022 15:53:07 GMT
Connection: keep-alive
ETag: "633ef9e3-1fc76"
Expires: Sat, 28 Oct 2023 10:09:16 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

tp.xinxiyidiantong.com:5868/uploads/w2yv7gaw62ruwr45e84katad9rwob2w25kltscui.gif

85.208.116.132

200 OK

147 kB

URL GET HTTP/1.1
tp.xinxiyidiantong.com:5868/uploads/w2yv7gaw62ruwr45e84katad9rwob2w25kltscui.gif
IP
85.208.116.132:5868
ASN
#18978 ENZUINC

Requested by
http://www.ruimangedu.com/
Certificate
IssuerLet's Encrypt
Subjecttp.xinxiyidiantong.com
FingerprintC3:5E:6E:33:30:75:29:8F:E1:36:72:09:5C:31:36:98:45:66:2B:26
ValidityMon, 11 Sep 2023 01:21:57 GMT - Sun, 10 Dec 2023 01:21:56 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1000x200, components 3\012- data
Size
147 kB (147300 bytes)
Hash
fe2630f436d6054d633eed77c690cb04
3973acea65be0ccc75b8e1f35025599a2d3a05f8
914a9a3504f52008e94907997960f451a6ed001f8aaa95b444725f2a6200850b

HTTP Headers

GET /uploads/w2yv7gaw62ruwr45e84katad9rwob2w25kltscui.gif HTTP/1.1
Host: tp.xinxiyidiantong.com:5868
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 28 Sep 2023 10:09:16 GMT
Content-Type: image/gif
Content-Length: 147300
Last-Modified: Thu, 06 Oct 2022 15:34:13 GMT
Connection: keep-alive
ETag: "633ef575-23f64"
Expires: Sat, 28 Oct 2023 10:09:16 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

www.jxpxdier.com/skins/127431/images/bg1.jpg

182.107.80.35

200 OK

152 kB

URL GET HTTP/1.1
www.jxpxdier.com/skins/127431/images/bg1.jpg
IP
182.107.80.35:80
ASN
#4134 Chinanet

Requested by
http://www.ruimangedu.com/

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1919x594, components 3\012- data
Size
152 kB (152231 bytes)
Hash
ef7d9f504d1345f7f0d7d0f56ddb4710
6ddb48e8664d6a0452278cc6d5b2308c970eb316
6feded3f9a64c62ab3340cecc4f4a5d51f68b7453091ea9cdbda5d6b8483c1a6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /skins/127431/images/bg1.jpg HTTP/1.1
Host: www.jxpxdier.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.ruimangedu.com/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Thu, 28 Sep 2023 10:09:16 GMT
Content-Type: image/jpeg
Content-Length: 152231
Connection: keep-alive
Last-Modified: Mon, 10 Apr 2023 07:08:56 GMT
ETag: "03482507b6bd91:0"
Accept-Ranges: bytes
X-Powered-By: ASP.NET-115.4.180
Referrer-Policy: unsafe-url
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block
Ohc-Cache-HIT: jact66 [1], czix107 [1]
Ohc-File-Size: 152231
X-Cache-Status: MISS

tp.xinxiyidiantong.com:5868/uploads/uqpu1x4t749lwvxkguwwsdova106pr.jpg

85.208.116.132

200 OK

201 kB

URL GET HTTP/1.1
tp.xinxiyidiantong.com:5868/uploads/uqpu1x4t749lwvxkguwwsdova106pr.jpg
IP
85.208.116.132:5868
ASN
#18978 ENZUINC

Requested by
http://www.ruimangedu.com/
Certificate
IssuerLet's Encrypt
Subjecttp.xinxiyidiantong.com
FingerprintC3:5E:6E:33:30:75:29:8F:E1:36:72:09:5C:31:36:98:45:66:2B:26
ValidityMon, 11 Sep 2023 01:21:57 GMT - Sun, 10 Dec 2023 01:21:56 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1000x200, components 3\012- data
Size
201 kB (200943 bytes)
Hash
93b5fd25fa34d9f1f81869e9aa56dda7
dc51916e54c77eb33536ba9acb346fc1e86cbe62
e612039673cad23b189f1b221bb32b9f8133ea1327fb12e3ea5ef4723606efb4

HTTP Headers

GET /uploads/uqpu1x4t749lwvxkguwwsdova106pr.jpg HTTP/1.1
Host: tp.xinxiyidiantong.com:5868
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 28 Sep 2023 10:09:16 GMT
Content-Type: image/jpeg
Content-Length: 200943
Last-Modified: Fri, 30 Sep 2022 18:42:07 GMT
Connection: keep-alive
ETag: "6337387f-310ef"
Expires: Sat, 28 Oct 2023 10:09:16 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

tp.xinxiyidiantong.com:5868/uploads/tbd0y96vk5p68j99j7iib7205167td.jpg

85.208.116.132

200 OK

257 kB

URL GET HTTP/1.1
tp.xinxiyidiantong.com:5868/uploads/tbd0y96vk5p68j99j7iib7205167td.jpg
IP
85.208.116.132:5868
ASN
#18978 ENZUINC

Requested by
http://www.ruimangedu.com/
Certificate
IssuerLet's Encrypt
Subjecttp.xinxiyidiantong.com
FingerprintC3:5E:6E:33:30:75:29:8F:E1:36:72:09:5C:31:36:98:45:66:2B:26
ValidityMon, 11 Sep 2023 01:21:57 GMT - Sun, 10 Dec 2023 01:21:56 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1000x200, components 3\012- data
Size
257 kB (257302 bytes)
Hash
da9e8671b27b7b4b1fdc87eeb75ee575
ca48bf5a63168889f502233c329f347b6268cb8c
2a00d43c8819ea8e3a1c59005794c338e5b9ef0a9971d7305d388613954b2dec

HTTP Headers

GET /uploads/tbd0y96vk5p68j99j7iib7205167td.jpg HTTP/1.1
Host: tp.xinxiyidiantong.com:5868
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 28 Sep 2023 10:09:16 GMT
Content-Type: image/jpeg
Content-Length: 257302
Last-Modified: Mon, 24 Apr 2023 11:53:50 GMT
Connection: keep-alive
ETag: "64466dce-3ed16"
Expires: Sat, 28 Oct 2023 10:09:16 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

www.jxpxdier.com/skins/127431/images/banner1.jpg

182.107.80.35

200 OK

398 kB

URL GET HTTP/1.1
www.jxpxdier.com/skins/127431/images/banner1.jpg
IP
182.107.80.35:80
ASN
#4134 Chinanet

Requested by
http://www.ruimangedu.com/

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x630, components 3\012- data
Size
398 kB (398549 bytes)
Hash
08728a3248b5a3beb9b427ce44daacaf
0d01c4b41e3a8ab8b9e198e04a0eea1b85e3f9e0
b557dee5001c82577166567ecb902fa401fcfb65b8c2d1f0303dd27cebe56f00

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /skins/127431/images/banner1.jpg HTTP/1.1
Host: www.jxpxdier.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.ruimangedu.com/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Thu, 28 Sep 2023 10:09:16 GMT
Content-Type: image/jpeg
Content-Length: 398549
Connection: keep-alive
Last-Modified: Mon, 10 Apr 2023 07:08:45 GMT
ETag: "80bcf3497b6bd91:0"
Accept-Ranges: bytes
X-Powered-By: ASP.NET-115.4.181
Referrer-Policy: unsafe-url
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block
Ohc-Cache-HIT: jact70 [1], bdix175 [1]
Ohc-File-Size: 398549
X-Cache-Status: MISS

www.jxpxdier.com/skins/127431/images/banner2.jpg

182.107.80.35

200 OK

292 kB

URL GET HTTP/1.1
www.jxpxdier.com/skins/127431/images/banner2.jpg
IP
182.107.80.35:80
ASN
#4134 Chinanet

Requested by
http://www.ruimangedu.com/

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x630, components 3\012- data
Size
292 kB (291730 bytes)
Hash
5db2c42341efe65fa9c9445bdcfd5f8e
c86af280ebe35c60c16c49e9c5b629b785fb46ed
b639b24f6d0c5b2037ee366ea9d2bd321e5e619e3ded38de60b7f7b410642989

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /skins/127431/images/banner2.jpg HTTP/1.1
Host: www.jxpxdier.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.ruimangedu.com/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Thu, 28 Sep 2023 10:09:16 GMT
Content-Type: image/jpeg
Content-Length: 291730
Connection: keep-alive
Last-Modified: Mon, 10 Apr 2023 07:08:56 GMT
ETag: "03482507b6bd91:0"
Accept-Ranges: bytes
X-Powered-By: ASP.NET-115.4.181
Referrer-Policy: unsafe-url
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block
Ohc-Cache-HIT: jact66 [1], qdix80 [1]
Ohc-File-Size: 291730
X-Cache-Status: MISS

tp.xinxiyidiantong.com:5868/uploads/73in1fspksw4vkiz33cink1f95gkt6.png

85.208.116.132

200 OK

147 kB

URL GET HTTP/1.1
tp.xinxiyidiantong.com:5868/uploads/73in1fspksw4vkiz33cink1f95gkt6.png
IP
85.208.116.132:5868
ASN
#18978 ENZUINC

Requested by
http://www.ruimangedu.com/
Certificate
IssuerLet's Encrypt
Subjecttp.xinxiyidiantong.com
FingerprintC3:5E:6E:33:30:75:29:8F:E1:36:72:09:5C:31:36:98:45:66:2B:26
ValidityMon, 11 Sep 2023 01:21:57 GMT - Sun, 10 Dec 2023 01:21:56 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1000x200, components 3\012- data
Size
147 kB (147394 bytes)
Hash
bd1221f728df7cdf8ae8240825a4e16d
ecb9f76605d6d6bc8bc5776591da06afab970caa
41c2ed3d94303b818ffa7c6abeff0a25d22b1b3457170cb9200a62d0dbbd90e3

HTTP Headers

GET /uploads/73in1fspksw4vkiz33cink1f95gkt6.png HTTP/1.1
Host: tp.xinxiyidiantong.com:5868
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 28 Sep 2023 10:09:17 GMT
Content-Type: image/png
Content-Length: 147394
Last-Modified: Thu, 09 Mar 2023 12:19:37 GMT
Connection: keep-alive
ETag: "6409ced9-23fc2"
Expires: Sat, 28 Oct 2023 10:09:17 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

tp.xinxiyidiantong.com:5868/uploads/vinb9ufmfncf975y9rvx382nt7h7123khi4lo6kk.gif

85.208.116.132

200 OK

214 kB

URL GET HTTP/1.1
tp.xinxiyidiantong.com:5868/uploads/vinb9ufmfncf975y9rvx382nt7h7123khi4lo6kk.gif
IP
85.208.116.132:5868
ASN
#18978 ENZUINC

Requested by
http://www.ruimangedu.com/
Certificate
IssuerLet's Encrypt
Subjecttp.xinxiyidiantong.com
FingerprintC3:5E:6E:33:30:75:29:8F:E1:36:72:09:5C:31:36:98:45:66:2B:26
ValidityMon, 11 Sep 2023 01:21:57 GMT - Sun, 10 Dec 2023 01:21:56 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=3, software=Adobe Photoshop CC 2014 (Windows), datetime=2019-09-30T17:50:59+08:00], progressive, precision 8, 1020x255, components 3\012- data
Size
214 kB (214316 bytes)
Hash
8fbc123b4636b3c9a8f1411c160a9e99
48f62c4c22122a04026a1e329bccce93fc7aae77
69f497a64f8dab090cb547e5f9063b1c33d0d8fc87573f87eff1016fb2d4dad5

HTTP Headers

GET /uploads/vinb9ufmfncf975y9rvx382nt7h7123khi4lo6kk.gif HTTP/1.1
Host: tp.xinxiyidiantong.com:5868
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 28 Sep 2023 10:09:17 GMT
Content-Type: image/gif
Content-Length: 214316
Last-Modified: Thu, 14 Nov 2019 06:29:46 GMT
Connection: keep-alive
ETag: "5dccf45a-3452c"
Expires: Sat, 28 Oct 2023 10:09:17 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

tp.xinxiyidiantong.com:5868/uploads/92bmr5cmpmublld1bucs5487jj77ei2bti8e4li9.gif

85.208.116.132

200 OK

6.8 kB

URL GET HTTP/1.1
tp.xinxiyidiantong.com:5868/uploads/92bmr5cmpmublld1bucs5487jj77ei2bti8e4li9.gif
IP
85.208.116.132:5868
ASN
#18978 ENZUINC

Requested by
http://www.ruimangedu.com/
Certificate
IssuerLet's Encrypt
Subjecttp.xinxiyidiantong.com
FingerprintC3:5E:6E:33:30:75:29:8F:E1:36:72:09:5C:31:36:98:45:66:2B:26
ValidityMon, 11 Sep 2023 01:21:57 GMT - Sun, 10 Dec 2023 01:21:56 GMT

File type
GIF image data, version 89a, 333 x 81\012- data
Size
6.8 kB (6835 bytes)
Hash
efc3d4f0d0c2d35c69557e477b2e4fc6
2e00fe60321983aa9793dfbb747037ac625e15eb
c2ef12c881a522f618cb850034fc17c2f4509ffe6a379247710777f2ada5d47d

HTTP Headers

GET /uploads/92bmr5cmpmublld1bucs5487jj77ei2bti8e4li9.gif HTTP/1.1
Host: tp.xinxiyidiantong.com:5868
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 28 Sep 2023 10:09:17 GMT
Content-Type: image/gif
Content-Length: 6835
Last-Modified: Fri, 09 Aug 2019 07:26:30 GMT
Connection: keep-alive
ETag: "5d4d2026-1ab3"
Expires: Sat, 28 Oct 2023 10:09:17 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

tp.xinxiyidiantong.com:5868/uploads/mA1qhe8QORmlYJ6vaKr25YXsAicF0fvcKPV6CKmu.gif

85.208.116.132

200 OK

165 kB

URL GET HTTP/1.1
tp.xinxiyidiantong.com:5868/uploads/mA1qhe8QORmlYJ6vaKr25YXsAicF0fvcKPV6CKmu.gif
IP
85.208.116.132:5868
ASN
#18978 ENZUINC

Requested by
http://www.ruimangedu.com/
Certificate
IssuerLet's Encrypt
Subjecttp.xinxiyidiantong.com
FingerprintC3:5E:6E:33:30:75:29:8F:E1:36:72:09:5C:31:36:98:45:66:2B:26
ValidityMon, 11 Sep 2023 01:21:57 GMT - Sun, 10 Dec 2023 01:21:56 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1000x200, components 3\012- data
Size
165 kB (164960 bytes)
Hash
9a8db4f5a23dde801a1f3bea4acc808e
cdcd782ee69d928d044bff94453657ac110ca2f6
0439e07b407e0264a9ba9f7bf910397f10c6670937e74e2d4edbc196fa8b4795

HTTP Headers

GET /uploads/mA1qhe8QORmlYJ6vaKr25YXsAicF0fvcKPV6CKmu.gif HTTP/1.1
Host: tp.xinxiyidiantong.com:5868
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 28 Sep 2023 10:09:17 GMT
Content-Type: image/gif
Content-Length: 164960
Last-Modified: Thu, 06 Oct 2022 15:36:10 GMT
Connection: keep-alive
ETag: "633ef5ea-28460"
Expires: Sat, 28 Oct 2023 10:09:17 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

tp.xinxiyidiantong.com:5868/uploads/dfgz2795qqk1y37j7jzofzqmymo7cvybfffv1br2.jpg

85.208.116.132

200 OK

10 kB

URL GET HTTP/1.1
tp.xinxiyidiantong.com:5868/uploads/dfgz2795qqk1y37j7jzofzqmymo7cvybfffv1br2.jpg
IP
85.208.116.132:5868
ASN
#18978 ENZUINC

Requested by
http://www.ruimangedu.com/
Certificate
IssuerLet's Encrypt
Subjecttp.xinxiyidiantong.com
FingerprintC3:5E:6E:33:30:75:29:8F:E1:36:72:09:5C:31:36:98:45:66:2B:26
ValidityMon, 11 Sep 2023 01:21:57 GMT - Sun, 10 Dec 2023 01:21:56 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 333x81, components 3\012- data
Size
10 kB (10033 bytes)
Hash
ceeeec4a37140a66fe39f401691022fe
121f8658403c8fe024c73083fc49301a726c431c
48cb853f4ffbac3c4c1d743e6dd50e35f488b841a4c63443f498642dd439840a

HTTP Headers

GET /uploads/dfgz2795qqk1y37j7jzofzqmymo7cvybfffv1br2.jpg HTTP/1.1
Host: tp.xinxiyidiantong.com:5868
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 28 Sep 2023 10:09:17 GMT
Content-Type: image/jpeg
Content-Length: 10033
Last-Modified: Fri, 09 Aug 2019 07:26:30 GMT
Connection: keep-alive
ETag: "5d4d2026-2731"
Expires: Sat, 28 Oct 2023 10:09:17 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

tp.xinxiyidiantong.com:5868/uploads/25po50a0pxikhpw24gwzwgc0ll7x4s3co9ztjjx7.jpg

85.208.116.132

200 OK

14 kB

URL GET HTTP/1.1
tp.xinxiyidiantong.com:5868/uploads/25po50a0pxikhpw24gwzwgc0ll7x4s3co9ztjjx7.jpg
IP
85.208.116.132:5868
ASN
#18978 ENZUINC

Requested by
http://www.ruimangedu.com/
Certificate
IssuerLet's Encrypt
Subjecttp.xinxiyidiantong.com
FingerprintC3:5E:6E:33:30:75:29:8F:E1:36:72:09:5C:31:36:98:45:66:2B:26
ValidityMon, 11 Sep 2023 01:21:57 GMT - Sun, 10 Dec 2023 01:21:56 GMT

File type
PNG image data, 333 x 79, 8-bit/color RGBA, non-interlaced\012- data
Size
14 kB (14242 bytes)
Hash
73c2658bd87f442dbe3688a4fe48352c
f5a31ed734b80202b74f6d296766ae2e8bbd7874
7156ba4542717f84d7acea3aef40754a8fb5d7ce99452ebf9c3a1d5b5f15e5ea

HTTP Headers

GET /uploads/25po50a0pxikhpw24gwzwgc0ll7x4s3co9ztjjx7.jpg HTTP/1.1
Host: tp.xinxiyidiantong.com:5868
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 28 Sep 2023 10:09:17 GMT
Content-Type: image/jpeg
Content-Length: 14242
Last-Modified: Fri, 09 Aug 2019 07:26:29 GMT
Connection: keep-alive
ETag: "5d4d2025-37a2"
Expires: Sat, 28 Oct 2023 10:09:17 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

tp.xinxiyidiantong.com:5868/uploads/bl5e17t5wut7y5gcwdj6sn2lphumsq.jpg

85.208.116.132

200 OK

13 kB

URL GET HTTP/1.1
tp.xinxiyidiantong.com:5868/uploads/bl5e17t5wut7y5gcwdj6sn2lphumsq.jpg
IP
85.208.116.132:5868
ASN
#18978 ENZUINC

Requested by
http://www.ruimangedu.com/
Certificate
IssuerLet's Encrypt
Subjecttp.xinxiyidiantong.com
FingerprintC3:5E:6E:33:30:75:29:8F:E1:36:72:09:5C:31:36:98:45:66:2B:26
ValidityMon, 11 Sep 2023 01:21:57 GMT - Sun, 10 Dec 2023 01:21:56 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 333x79, components 3\012- data
Size
13 kB (12949 bytes)
Hash
cbcb327a5335280229dbae8d52ddde48
dc3dc3faf85a3511d474ea4b2cb0a6cc8d92ff95
7f194c49f99f04d91c542edefa48e92c777ff13acb9afb73ebdec53743312305

HTTP Headers

GET /uploads/bl5e17t5wut7y5gcwdj6sn2lphumsq.jpg HTTP/1.1
Host: tp.xinxiyidiantong.com:5868
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 28 Sep 2023 10:09:17 GMT
Content-Type: image/jpeg
Content-Length: 12949
Last-Modified: Thu, 06 Oct 2022 15:17:11 GMT
Connection: keep-alive
ETag: "633ef177-3295"
Expires: Sat, 28 Oct 2023 10:09:17 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

tp.xinxiyidiantong.com:5868/uploads/hl843hghrw4t2v1jc7daehkwaoga3w.jpg

85.208.116.132

200 OK

23 kB

URL GET HTTP/1.1
tp.xinxiyidiantong.com:5868/uploads/hl843hghrw4t2v1jc7daehkwaoga3w.jpg
IP
85.208.116.132:5868
ASN
#18978 ENZUINC

Requested by
http://www.ruimangedu.com/
Certificate
IssuerLet's Encrypt
Subjecttp.xinxiyidiantong.com
FingerprintC3:5E:6E:33:30:75:29:8F:E1:36:72:09:5C:31:36:98:45:66:2B:26
ValidityMon, 11 Sep 2023 01:21:57 GMT - Sun, 10 Dec 2023 01:21:56 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 333x79, components 3\012- data
Size
23 kB (23159 bytes)
Hash
9009bd26745f706b2a81f5f6c3627c42
30676da4269ec29eb97d36a904202796b1d47a0f
74edd51f673bbadb0066c91288fe3444e79dbce5c3f5dfcfb156ebfd43af953d

HTTP Headers

GET /uploads/hl843hghrw4t2v1jc7daehkwaoga3w.jpg HTTP/1.1
Host: tp.xinxiyidiantong.com:5868
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 28 Sep 2023 10:09:18 GMT
Content-Type: image/jpeg
Content-Length: 23159
Last-Modified: Thu, 09 Mar 2023 11:58:41 GMT
Connection: keep-alive
ETag: "6409c9f1-5a77"
Expires: Sat, 28 Oct 2023 10:09:18 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

collect-v6.51.la/v6/collect?dt=4

203.107.86.226

403

0 B

URL POST HTTP/1.1
collect-v6.51.la/v6/collect?dt=4
IP
203.107.86.226:80
ASN
#0

Requested by
http://www.ruimangedu.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 304
Origin: http://www.ruimangedu.com
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 
Date: Thu, 28 Sep 2023 10:09:18 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: aliyungf_tc=9adaacaa41465b3900c5bbc18e879c76e8bf075aab37b4bb40c87c702aa656fa; Path=/; HttpOnly
acw_tc=0bc5053216958957579354517ecb9a7e58aae385429a39bcac87574d8cf8ff;path=/;HttpOnly;Max-Age=1800
Server: nginx
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: http://www.ruimangedu.com
Access-Control-Allow-Credentials: true

tp.xinxiyidiantong.com:5868/uploads/it4tbtk4k9xw3bqevvj12fp3schw1rz3s5cnldax.jpg

85.208.116.132

200 OK

9.9 kB

URL GET HTTP/1.1
tp.xinxiyidiantong.com:5868/uploads/it4tbtk4k9xw3bqevvj12fp3schw1rz3s5cnldax.jpg
IP
85.208.116.132:5868
ASN
#18978 ENZUINC

Requested by
http://www.ruimangedu.com/
Certificate
IssuerLet's Encrypt
Subjecttp.xinxiyidiantong.com
FingerprintC3:5E:6E:33:30:75:29:8F:E1:36:72:09:5C:31:36:98:45:66:2B:26
ValidityMon, 11 Sep 2023 01:21:57 GMT - Sun, 10 Dec 2023 01:21:56 GMT

File type
GIF image data, version 89a, 333 x 82\012- data
Size
9.9 kB (9891 bytes)
Hash
657b00ba324258d9733fb707b7e05e54
938a86193c65ecc9bd2c23bf21abdefe43a829e6
ca81437f9e67704918e9d9e493984c860b0627cc23f62e9dc26020d33b84d470

HTTP Headers

GET /uploads/it4tbtk4k9xw3bqevvj12fp3schw1rz3s5cnldax.jpg HTTP/1.1
Host: tp.xinxiyidiantong.com:5868
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 28 Sep 2023 10:09:18 GMT
Content-Type: image/jpeg
Content-Length: 9891
Last-Modified: Fri, 09 Aug 2019 07:26:30 GMT
Connection: keep-alive
ETag: "5d4d2026-26a3"
Expires: Sat, 28 Oct 2023 10:09:18 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

tp.xinxiyidiantong.com:5868/uploads/guyjzj19yuaqtisby9e5sm50t3x6po00yz617pxc.gif

85.208.116.132

200 OK

7.9 kB

URL GET HTTP/1.1
tp.xinxiyidiantong.com:5868/uploads/guyjzj19yuaqtisby9e5sm50t3x6po00yz617pxc.gif
IP
85.208.116.132:5868
ASN
#18978 ENZUINC

Requested by
http://www.ruimangedu.com/
Certificate
IssuerLet's Encrypt
Subjecttp.xinxiyidiantong.com
FingerprintC3:5E:6E:33:30:75:29:8F:E1:36:72:09:5C:31:36:98:45:66:2B:26
ValidityMon, 11 Sep 2023 01:21:57 GMT - Sun, 10 Dec 2023 01:21:56 GMT

File type
GIF image data, version 89a, 333 x 81\012- data
Size
7.9 kB (7889 bytes)
Hash
c5f1db8a552e95f0b0f6b0a9fc59b93e
7ddf31d81e285b78b0a2366546c69c10a66e3131
34684d52b7a18477268cf05f7560f4ba13d6a01b9948bfca2aa7040469f7ca8f

HTTP Headers

GET /uploads/guyjzj19yuaqtisby9e5sm50t3x6po00yz617pxc.gif HTTP/1.1
Host: tp.xinxiyidiantong.com:5868
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 28 Sep 2023 10:09:18 GMT
Content-Type: image/gif
Content-Length: 7889
Last-Modified: Fri, 09 Aug 2019 07:26:30 GMT
Connection: keep-alive
ETag: "5d4d2026-1ed1"
Expires: Sat, 28 Oct 2023 10:09:18 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

tp.xinxiyidiantong.com:5868/uploads/7p056x82yd2ecn75vdqxubewnq3fyq6z682h9ydp.jpg

85.208.116.132

200 OK

9.9 kB

URL GET HTTP/1.1
tp.xinxiyidiantong.com:5868/uploads/7p056x82yd2ecn75vdqxubewnq3fyq6z682h9ydp.jpg
IP
85.208.116.132:5868
ASN
#18978 ENZUINC

Requested by
http://www.ruimangedu.com/
Certificate
IssuerLet's Encrypt
Subjecttp.xinxiyidiantong.com
FingerprintC3:5E:6E:33:30:75:29:8F:E1:36:72:09:5C:31:36:98:45:66:2B:26
ValidityMon, 11 Sep 2023 01:21:57 GMT - Sun, 10 Dec 2023 01:21:56 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 333x81, components 3\012- data
Size
9.9 kB (9866 bytes)
Hash
6d9b3cb1918e3cf4c7142f38e1c6302e
3c8bd0b1ce1bb167d9bccadc063039d8530be739
0037804244cfbf6211c14a75c8b023ae900699b2539e2151537331956fe9a291

HTTP Headers

GET /uploads/7p056x82yd2ecn75vdqxubewnq3fyq6z682h9ydp.jpg HTTP/1.1
Host: tp.xinxiyidiantong.com:5868
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 28 Sep 2023 10:09:18 GMT
Content-Type: image/jpeg
Content-Length: 9866
Last-Modified: Fri, 09 Aug 2019 07:26:29 GMT
Connection: keep-alive
ETag: "5d4d2025-268a"
Expires: Sat, 28 Oct 2023 10:09:18 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

collect-v6.51.la/v6/collect?dt=4

203.107.86.226

403

0 B

URL POST HTTP/1.1
collect-v6.51.la/v6/collect?dt=4
IP
203.107.86.226:80
ASN
#0

Requested by
http://www.ruimangedu.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 307
Origin: http://www.ruimangedu.com
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 
Date: Thu, 28 Sep 2023 10:09:18 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: aliyungf_tc=f9ec1cd455f7f9a9b700b8e30c77012c543d923b81b93935625a7234d856a7e7; Path=/; HttpOnly
acw_tc=0bc5053516958957579671362ec5423223a06347d49d0c4c0de469b3c95950;path=/;HttpOnly;Max-Age=1800
Server: nginx
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: http://www.ruimangedu.com
Access-Control-Allow-Credentials: true

tp.xinxiyidiantong.com:5868/uploads/ov5fyv7yl08iw7w9m6qop1gbsf1a95.jpg

85.208.116.132

200 OK

22 kB

URL GET HTTP/1.1
tp.xinxiyidiantong.com:5868/uploads/ov5fyv7yl08iw7w9m6qop1gbsf1a95.jpg
IP
85.208.116.132:5868
ASN
#18978 ENZUINC

Requested by
http://www.ruimangedu.com/
Certificate
IssuerLet's Encrypt
Subjecttp.xinxiyidiantong.com
FingerprintC3:5E:6E:33:30:75:29:8F:E1:36:72:09:5C:31:36:98:45:66:2B:26
ValidityMon, 11 Sep 2023 01:21:57 GMT - Sun, 10 Dec 2023 01:21:56 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 333x79, components 3\012- data
Size
22 kB (21633 bytes)
Hash
28cd46461608781be6b2627d3ced722e
608594f23c2a701bdfbd652aa77237815a754a22
498f9cca73b3200b76af0f4eaa4af885bcebbdaf3f3cf635a60afaed736c3125

HTTP Headers

GET /uploads/ov5fyv7yl08iw7w9m6qop1gbsf1a95.jpg HTTP/1.1
Host: tp.xinxiyidiantong.com:5868
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 28 Sep 2023 10:09:18 GMT
Content-Type: image/jpeg
Content-Length: 21633
Last-Modified: Mon, 24 Apr 2023 12:50:52 GMT
Connection: keep-alive
ETag: "64467b2c-5481"
Expires: Sat, 28 Oct 2023 10:09:18 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

tp.xinxiyidiantong.com:5868/uploads/iwv840mvscz87ws4p3324p7k2i4yuh.gif

85.208.116.132

200 OK

156 kB

URL GET HTTP/1.1
tp.xinxiyidiantong.com:5868/uploads/iwv840mvscz87ws4p3324p7k2i4yuh.gif
IP
85.208.116.132:5868
ASN
#18978 ENZUINC

Requested by
http://www.ruimangedu.com/
Certificate
IssuerLet's Encrypt
Subjecttp.xinxiyidiantong.com
FingerprintC3:5E:6E:33:30:75:29:8F:E1:36:72:09:5C:31:36:98:45:66:2B:26
ValidityMon, 11 Sep 2023 01:21:57 GMT - Sun, 10 Dec 2023 01:21:56 GMT

File type
PNG image data, 1000 x 47, 8-bit/color RGBA, non-interlaced\012- data
Size
156 kB (156427 bytes)
Hash
0dc662bab3fb9dd17ae6f777eae62a0d
084f96c8fe5f280844b43235d6137626b11eabf8
1d551f0660ef7472997f772901485f85cabf9370b1ea54334dc09ad4f08301e9

HTTP Headers

GET /uploads/iwv840mvscz87ws4p3324p7k2i4yuh.gif HTTP/1.1
Host: tp.xinxiyidiantong.com:5868
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 28 Sep 2023 10:09:18 GMT
Content-Type: image/gif
Content-Length: 156427
Last-Modified: Thu, 04 Nov 2021 19:43:48 GMT
Connection: keep-alive
ETag: "618437f4-2630b"
Expires: Sat, 28 Oct 2023 10:09:18 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

www.jxpxdier.com/skins/127431/images/about_bg.png

182.107.80.35

200 OK

478 kB

URL GET HTTP/1.1
www.jxpxdier.com/skins/127431/images/about_bg.png
IP
182.107.80.35:80
ASN
#4134 Chinanet

Requested by
http://www.ruimangedu.com/

File type
PNG image data, 1920 x 700, 8-bit/color RGB, non-interlaced\012- data
Size
478 kB (477589 bytes)
Hash
7e465fb76ba5bafd42440c725bce862b
90f719ecd43b9d46ffa6e46595828e220ce5dde4
6e56c7b182a0df987818b65225e9e454753bb645eee8cc4995ab34420771b373

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /skins/127431/images/about_bg.png HTTP/1.1
Host: www.jxpxdier.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.ruimangedu.com/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: JSP3/2.0.14
Date: Thu, 28 Sep 2023 10:09:16 GMT
Content-Type: image/png
Content-Length: 477589
Connection: keep-alive
Last-Modified: Mon, 10 Apr 2023 07:08:41 GMT
ETag: "806291477b6bd91:0"
Accept-Ranges: bytes
X-Powered-By: ASP.NET-115.4.180
Referrer-Policy: unsafe-url
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block
Ohc-Cache-HIT: jact69 [1], xaix203 [1]
Ohc-File-Size: 477589
X-Cache-Status: MISS

tp.xinxiyidiantong.com:5868/uploads/zdxu27gbnptd1nlnoezm734xiww2lz8gs5rh881c.gif

85.208.116.132

200 OK

36 kB

URL GET HTTP/1.1
tp.xinxiyidiantong.com:5868/uploads/zdxu27gbnptd1nlnoezm734xiww2lz8gs5rh881c.gif
IP
85.208.116.132:5868
ASN
#18978 ENZUINC

Requested by
http://www.ruimangedu.com/
Certificate
IssuerLet's Encrypt
Subjecttp.xinxiyidiantong.com
FingerprintC3:5E:6E:33:30:75:29:8F:E1:36:72:09:5C:31:36:98:45:66:2B:26
ValidityMon, 11 Sep 2023 01:21:57 GMT - Sun, 10 Dec 2023 01:21:56 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 1000x200, components 3\012- data
Size
36 kB (36274 bytes)
Hash
7e5d039a1efc18bb7bea97fd777c69af
68ef09f74077052dcb97d54c3223d60b3cc8b571
49f4dac0c9655023462733d66e03a78de44377c97c6e1c78347a571f93696ba5

HTTP Headers

GET /uploads/zdxu27gbnptd1nlnoezm734xiww2lz8gs5rh881c.gif HTTP/1.1
Host: tp.xinxiyidiantong.com:5868
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 28 Sep 2023 10:09:17 GMT
Content-Type: image/gif
Content-Length: 36274
Last-Modified: Wed, 19 Feb 2020 07:01:50 GMT
Connection: keep-alive
ETag: "5e4cdd5e-8db2"
Expires: Sat, 28 Oct 2023 10:09:17 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

tp.xinxiyidiantong.com:5868/uploads/p8cgcy8sfydtc7qtdoi2u0wr327zl3.gif

85.208.116.132

200 OK

152 kB

URL GET HTTP/1.1
tp.xinxiyidiantong.com:5868/uploads/p8cgcy8sfydtc7qtdoi2u0wr327zl3.gif
IP
85.208.116.132:5868
ASN
#18978 ENZUINC

Requested by
http://www.ruimangedu.com/
Certificate
IssuerLet's Encrypt
Subjecttp.xinxiyidiantong.com
FingerprintC3:5E:6E:33:30:75:29:8F:E1:36:72:09:5C:31:36:98:45:66:2B:26
ValidityMon, 11 Sep 2023 01:21:57 GMT - Sun, 10 Dec 2023 01:21:56 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x300, components 3\012- data
Size
152 kB (152327 bytes)
Hash
17adfe5136c1fed91686cf01b282f677
65f6d78c5c5337a400839029726b645e767d75f7
688f1188a350e97ccd48fff5ebd0e794200c479da5e38f7fbdc3942af57a26dd

HTTP Headers

GET /uploads/p8cgcy8sfydtc7qtdoi2u0wr327zl3.gif HTTP/1.1
Host: tp.xinxiyidiantong.com:5868
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 28 Sep 2023 10:09:16 GMT
Content-Type: image/gif
Content-Length: 152327
Last-Modified: Thu, 06 Oct 2022 15:55:39 GMT
Connection: keep-alive
ETag: "633efa7b-25307"
Expires: Sat, 28 Oct 2023 10:09:16 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

www.jxpxdier.com/skins/127431/images/ys3a.png

0.0.0.0

0 B

URL GET
www.jxpxdier.com/skins/127431/images/ys3a.png
IP
0.0.0.0:0
ASN
#0

Requested by
http://www.ruimangedu.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /skins/127431/images/ys3a.png HTTP/1.1
Host: www.jxpxdier.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.ruimangedu.com/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

www.jxpxdier.com/skins/127431/images/code.jpg

0.0.0.0

0 B

URL GET
www.jxpxdier.com/skins/127431/images/code.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
http://www.ruimangedu.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /skins/127431/images/code.jpg HTTP/1.1
Host: www.jxpxdier.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.ruimangedu.com/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

www.jxpxdier.com/skins/127431/images/ys1a.png

0.0.0.0

0 B

URL GET
www.jxpxdier.com/skins/127431/images/ys1a.png
IP
0.0.0.0:0
ASN
#0

Requested by
http://www.ruimangedu.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /skins/127431/images/ys1a.png HTTP/1.1
Host: www.jxpxdier.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.ruimangedu.com/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

www.jxpxdier.com/skins/127431/images/ys4a.png

0.0.0.0

0 B

URL GET
www.jxpxdier.com/skins/127431/images/ys4a.png
IP
0.0.0.0:0
ASN
#0

Requested by
http://www.ruimangedu.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /skins/127431/images/ys4a.png HTTP/1.1
Host: www.jxpxdier.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.ruimangedu.com/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

www.jxpxdier.com/skins/127431/images/ys4.png

0.0.0.0

0 B

URL GET
www.jxpxdier.com/skins/127431/images/ys4.png
IP
0.0.0.0:0
ASN
#0

Requested by
http://www.ruimangedu.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /skins/127431/images/ys4.png HTTP/1.1
Host: www.jxpxdier.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.ruimangedu.com/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

www.jxpxdier.com/skins/127431/images/logo.jpg

0.0.0.0

0 B

URL GET
www.jxpxdier.com/skins/127431/images/logo.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
http://www.ruimangedu.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /skins/127431/images/logo.jpg HTTP/1.1
Host: www.jxpxdier.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.ruimangedu.com/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

www.jxpxdier.com/skins/127431/images/ys5.png

0.0.0.0

0 B

URL GET
www.jxpxdier.com/skins/127431/images/ys5.png
IP
0.0.0.0:0
ASN
#0

Requested by
http://www.ruimangedu.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /skins/127431/images/ys5.png HTTP/1.1
Host: www.jxpxdier.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.ruimangedu.com/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

www.jxpxdier.com/skins/127431/images/ys3.png

0.0.0.0

0 B

URL GET
www.jxpxdier.com/skins/127431/images/ys3.png
IP
0.0.0.0:0
ASN
#0

Requested by
http://www.ruimangedu.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /skins/127431/images/ys3.png HTTP/1.1
Host: www.jxpxdier.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.ruimangedu.com/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

chat.chem17.com/Content/js/jquery.js

183.60.219.35

200 OK

85 kB

URL GET HTTP/2
chat.chem17.com/Content/js/jquery.js
IP
183.60.219.35:443
ASN
#4134 Chinanet

Requested by
http://www.ruimangedu.com/
Certificate
IssuerDigiCert, Inc.
Subject*.chem17.com
Fingerprint4C:18:7F:36:10:A0:9B:2F:F1:11:80:91:98:57:0A:F2:6A:12:36:69
ValidityFri, 06 Jan 2023 00:00:00 GMT - Sat, 06 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65154), with CRLF line terminators
Size
85 kB (85272 bytes)
Hash
421ce628a95a26088cab91e158a50837
0adfe2c48cb57357ca877d66280f3d651b21bfe1
0642cef09b069fc43b7da4350c0b42e3a8478d7541f726955a45d2651726e537

HTTP Headers

GET /Content/js/jquery.js HTTP/1.1
Host: chat.chem17.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: JSP3/2.0.14
date: Thu, 28 Sep 2023 10:09:13 GMT
content-type: application/x-javascript
last-modified: Mon, 12 Oct 2015 07:38:02 GMT
etag: W/"0e996ecc04d11:0"
x-powered-by: ASP.NET-hg4.28
ohc-cache-hit: fs3ct60 [1], wzix81 [1]
ohc-file-size: 85272
x-cache-status: MISS
content-encoding: gzip
X-Firefox-Spdy: h2

www.jxpxdier.com/skins/127431/images/ys1.png

0.0.0.0

0 B

URL GET
www.jxpxdier.com/skins/127431/images/ys1.png
IP
0.0.0.0:0
ASN
#0

Requested by
http://www.ruimangedu.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /skins/127431/images/ys1.png HTTP/1.1
Host: www.jxpxdier.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.ruimangedu.com/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

www.jxpxdier.com/skins/127431/images/ys5a.png

0.0.0.0

0 B

URL GET
www.jxpxdier.com/skins/127431/images/ys5a.png
IP
0.0.0.0:0
ASN
#0

Requested by
http://www.ruimangedu.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /skins/127431/images/ys5a.png HTTP/1.1
Host: www.jxpxdier.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.ruimangedu.com/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

www.jxpxdier.com/skins/127431/images/ys2.png

0.0.0.0

0 B

URL GET
www.jxpxdier.com/skins/127431/images/ys2.png
IP
0.0.0.0:0
ASN
#0

Requested by
http://www.ruimangedu.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /skins/127431/images/ys2.png HTTP/1.1
Host: www.jxpxdier.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.ruimangedu.com/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

www.jxpxdier.com/skins/127431/images/about_img.png

0.0.0.0

0 B

URL GET
www.jxpxdier.com/skins/127431/images/about_img.png
IP
0.0.0.0:0
ASN
#0

Requested by
http://www.ruimangedu.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /skins/127431/images/about_img.png HTTP/1.1
Host: www.jxpxdier.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.ruimangedu.com/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

api.share.baidu.com/s.gif?l=http://www.ruimangedu.com/

0.0.0.0

0 B

URL GET
api.share.baidu.com/s.gif?l=http://www.ruimangedu.com/
IP
0.0.0.0:0
ASN
#0

Requested by
http://www.ruimangedu.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s.gif?l=http://www.ruimangedu.com/ HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Pragma: no-cache
Cache-Control: no-cache

hm.baidu.com/hm.js?6a18ba57357be31cd4e3b79072d78dba

0.0.0.0

0 B

URL GET
hm.baidu.com/hm.js?6a18ba57357be31cd4e3b79072d78dba
IP
0.0.0.0:0
ASN
#0

Requested by
http://www.ruimangedu.com/
Certificate
IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /hm.js?6a18ba57357be31cd4e3b79072d78dba HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.ruimangedu.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

www.jxpxdier.com/skins/127431/images/ys2a.png

0.0.0.0

0 B

URL GET
www.jxpxdier.com/skins/127431/images/ys2a.png
IP
0.0.0.0:0
ASN
#0

Requested by
http://www.ruimangedu.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /skins/127431/images/ys2a.png HTTP/1.1
Host: www.jxpxdier.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.ruimangedu.com/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (28)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by