IP 222.73.129.25:0
ASN#4812 China Telecom Group
File typeHTML document, ASCII text Hashf19f4ac4a769eb88dc70475dbf958b74 932285a190e799853e87fe8624ae0c36bfb6d1bc 03b2c267ad5d8ec1d920c535be4bef40e4cffd8b4d07426d908964478e8f747e
GET / HTTP/1.1
Host: t.tyl123.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 302 Moved Temporarily
Date: Fri, 29 Mar 2024 06:22:19 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Location: http://www.baidu.com
Content-Length: 141
Content-Type: text/html
Set-Cookie: ASPSESSIONIDAQBTBSRR=BNMJEDCDAEFJILDDABGOIDLN; path=/
Cache-Control: private
X-Cache: MISS from Ichengyun.Net
Via: 1.0 Ichengyun.Net (squid/3.0.STABLE26)
Connection: keep-alive
|
IP 103.235.47.103:0
ASN#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File typeHTML document, Unicode text, UTF-8 text, with very long lines (13354) Size102 kB (102008 bytes) Hash98c41def1d07a0022209f44c5fc59155 56a34240c369c0b939c0fa2427e193639767ea23 f708578775458dcf34818e9893f416363204e119263f06ab28edc7c20967ffaf
GET / HTTP/1.1
Host: www.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Connection: keep-alive
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' https://chat.baidu.com http://mirror-chat.baidu.com https://fj-chat.baidu.com https://hba-chat.baidu.com https://hbe-chat.baidu.com https://njjs-chat.baidu.com https://nj-chat.baidu.com https://hna-chat.baidu.com https://hnb-chat.baidu.com http://debug.baidu-int.com;
Content-Type: text/html; charset=utf-8
Date: Fri, 29 Mar 2024 06:22:20 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM ", CP=" OTI DSP COR IVA OUR IND COM "
Server: BWS/1.1
Set-Cookie: BAIDUID=075228A00C01ACA309C165BD39F8BBEB:FG=1; expires=Thu, 31-Dec-37 23:55:55 GMT; max-age=2147483647; path=/; domain=.baidu.com
BIDUPSID=075228A00C01ACA309C165BD39F8BBEB; expires=Thu, 31-Dec-37 23:55:55 GMT; max-age=2147483647; path=/; domain=.baidu.com
PSTM=1711693340; expires=Thu, 31-Dec-37 23:55:55 GMT; max-age=2147483647; path=/; domain=.baidu.com
BAIDUID=075228A00C01ACA39E0DA4437F7A99FF:FG=1; max-age=31536000; expires=Sat, 29-Mar-25 06:22:20 GMT; domain=.baidu.com; path=/; version=1; comment=bd
Traceid: 1711693340053164237817414072204465417398
X-Ua-Compatible: IE=Edge,chrome=1
X-Xss-Protection: 1;mode=block
Transfer-Encoding: chunked
|
URL User Request GET HTTP/1.0IP222.73.129.25:80 ASN#4812 China Telecom Group
File typePE32 executable (GUI) Intel 80386, for MS Windows, 3 sections Size164 kB (163840 bytes) Hash55562a114c508104e2873f94609a1f47 f2f994994b26b9dd6b43738a996cac4a405b1307 483a1f54011dbe1635f0a6eaf8129c8b77557137ca640c494ddb97b138f03555
| Analyzer | Verdict | Alert |
|---|
| VirusTotal | malicious | |
GET /tmp/w64w.zip HTTP/1.1
Host: t.tyl123.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 200 OK
Content-Length: 163840
Content-Type: application/x-zip-compressed
Last-Modified: Wed, 11 Sep 2019 14:20:14 GMT
Accept-Ranges: bytes
ETag: "fae5ad7ac68d51:b06"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Fri, 29 Mar 2024 06:22:22 GMT
X-Cache: MISS from Ichengyun.Net
Via: 1.0 Ichengyun.Net (squid/3.0.STABLE26)
Connection: keep-alive
|