200 OK 5.2 kB URL User Request GET HTTP/1.1 IP
Hash d5d452bb77ef51cab5227b2ccf0d765a
b8c64c907fddf63b388870d42b395aa6ca246700
1cd9fe16176e913eed9e2eb03f774f0468a2fe20a6a53a2bdbbcbf8f6355281c
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.top domain
GET /zhishi/ HTTP/1.1
Host: www.eg7ff.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 05 Dec 2023 08:51:35 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.eg7ff.top/template/news/zishiying015/css/style.css
200 OK 2.3 kB URL GET HTTP/1.1 www.eg7ff.top/template/news/zishiying015/css/style.css
IP
Requested by http://www.eg7ff.top/zhishi/
File type ASCII text, with CRLF line terminators
Hash a3fcac10c5e5dac5b996b703ebe4f1d5
2508e5c38ff9c617b884a11c8b860f0358042f10
2ecb737b69e42b9d8925b47d70efc4626ca61fffb3c0bc5123655560cb8da428
GET /template/news/zishiying015/css/style.css HTTP/1.1
Host: www.eg7ff.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.eg7ff.top/zhishi/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 05 Dec 2023 08:51:35 GMT
Content-Type: text/css
Last-Modified: Wed, 04 Dec 2019 05:33:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5de74522-1d5b"
Expires: Tue, 05 Dec 2023 20:51:35 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.eg7ff.top/template/news/zishiying015/css/bootstrap.min.css
200 OK 24 kB URL GET HTTP/1.1 www.eg7ff.top/template/news/zishiying015/css/bootstrap.min.css
IP
Requested by http://www.eg7ff.top/zhishi/
File type ASCII text, with very long lines (65371)
Hash 9e1256e1d6158ad39fe50880557685c7
d26cb40c891d4b645726653bc5b8685520bc36f2
fd54748898f60cd0b8228cf5d6f33dfa651c81996113c13353c336c6f0759439
GET /template/news/zishiying015/css/bootstrap.min.css HTTP/1.1
Host: www.eg7ff.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.eg7ff.top/zhishi/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 05 Dec 2023 08:51:35 GMT
Content-Type: text/css
Last-Modified: Sun, 24 Nov 2019 07:40:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5dda33fa-1d827"
Expires: Tue, 05 Dec 2023 20:51:35 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.eg7ff.top/zhishi/js/bootstrap.min.js
404 Not Found 146 B URL GET HTTP/1.1 www.eg7ff.top/zhishi/js/bootstrap.min.js
IP
Requested by http://www.eg7ff.top/zhishi/
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /zhishi/js/bootstrap.min.js HTTP/1.1
Host: www.eg7ff.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.eg7ff.top/zhishi/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 05 Dec 2023 08:51:35 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
www.eg7ff.top/template/news/zishiying015/images/navBtn.png
200 OK 1.6 kB URL GET HTTP/1.1 www.eg7ff.top/template/news/zishiying015/images/navBtn.png
IP
Requested by http://www.eg7ff.top/zhishi/
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 6b94e73945292c8a9ab7cc0cae0e368a
dfb1f69338bb144328b51af517b4f266c55ce299
8d7e68779365afd9b29954e666fe575f773cd22d6a318804e4dae7b9cb4b02a2
GET /template/news/zishiying015/images/navBtn.png HTTP/1.1
Host: www.eg7ff.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.eg7ff.top/zhishi/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 05 Dec 2023 08:51:36 GMT
Content-Type: image/png
Content-Length: 1626
Last-Modified: Fri, 22 Nov 2019 05:55:58 GMT
Connection: keep-alive
ETag: "5dd7786e-65a"
Expires: Thu, 04 Jan 2024 08:51:36 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.eg7ff.top/template/news/zishiying015/images/lo-yx-logo.png
200 OK 4.4 kB URL GET HTTP/1.1 www.eg7ff.top/template/news/zishiying015/images/lo-yx-logo.png
IP
Requested by http://www.eg7ff.top/zhishi/
File type PNG image data, 162 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash bf312e120b31c41d235cdf4d8104487b
49a1cda6cbbce6b792dfa0dfbf08bda910feceb3
c185e195ca4dcc057467a60856a8c3a441b65d05a4a2f5f575e468f5ee57c552
GET /template/news/zishiying015/images/lo-yx-logo.png HTTP/1.1
Host: www.eg7ff.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.eg7ff.top/zhishi/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 05 Dec 2023 08:51:36 GMT
Content-Type: image/png
Content-Length: 4365
Last-Modified: Sun, 24 Nov 2019 09:02:36 GMT
Connection: keep-alive
ETag: "5dda472c-110d"
Expires: Thu, 04 Jan 2024 08:51:36 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.eg7ff.top/template/news/zishiying015/js/jquery.min.js
200 OK 34 kB URL GET HTTP/1.1 www.eg7ff.top/template/news/zishiying015/js/jquery.min.js
IP
Requested by http://www.eg7ff.top/zhishi/
File type ASCII text, with very long lines (32058)
Hash c9f5aeeca3ad37bf2aa006139b935f0a
1055018c28ab41087ef9ccefe411606893dabea2
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
GET /template/news/zishiying015/js/jquery.min.js HTTP/1.1
Host: www.eg7ff.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.eg7ff.top/zhishi/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 05 Dec 2023 08:51:36 GMT
Content-Type: application/javascript
Last-Modified: Mon, 11 Nov 2019 02:52:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5dc8ccde-15283"
Expires: Tue, 05 Dec 2023 20:51:36 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
p3-sign.toutiaoimg.com/tos-cn-i-6w9my0ksvp/ea79efc22be24860a32044e59a80371b~tplv-tt-origin-asy2:5aS05p2hQOWwj-eGiuWcqOe6v3Y=.image?_iz=58558&from=article.pc_detail&x-expires=1697728859&x-signature=vDcktreLCUKoMjrGINJnjkcO%2Bm4%3D
403 Forbidden 238 B URL GET HTTP/2 p3-sign.toutiaoimg.com/tos-cn-i-6w9my0ksvp/ea79efc22be24860a32044e59a80371b~tplv-tt-origin-asy2:5aS05p2hQOWwj-eGiuWcqOe6v3Y=.image?_iz=58558&from=article.pc_detail&x-expires=1697728859&x-signature=vDcktreLCUKoMjrGINJnjkcO%2Bm4%3D
IP
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by http://www.eg7ff.top/zhishi/
Certificate IssuerDigiCert, Inc.
Subject*.toutiaoimg.com
Fingerprint01:E3:CB:5F:C3:2C:56:23:65:6F:69:E5:62:BC:DD:2D:68:F3:F2:E9
ValidityFri, 30 Jun 2023 00:00:00 GMT - Tue, 30 Jul 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash f9fe2e9a4770fe7ef4eebdbd6385299d
f7fa02b5871bbc37c01ef7d10a1612e771cc8eb7
6e1c38d044037281bc69275855c2951880dcf534f456035d0276a244a4a8c81f
GET /tos-cn-i-6w9my0ksvp/ea79efc22be24860a32044e59a80371b~tplv-tt-origin-asy2:5aS05p2hQOWwj-eGiuWcqOe6v3Y=.image?_iz=58558&from=article.pc_detail&x-expires=1697728859&x-signature=vDcktreLCUKoMjrGINJnjkcO%2Bm4%3D HTTP/1.1
Host: p3-sign.toutiaoimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.eg7ff.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
server: Tengine
date: Tue, 05 Dec 2023 08:51:36 GMT
content-type: text/html
content-length: 238
es-exit: less args or timeout
x-tt-trace-tag: id=03;cdn-cache=miss;type=static
access-control-allow-origin: *
via: cache5.se1[,403666]
timing-allow-origin: *
eagleid: 2ff62c9917017662967311253e
X-Firefox-Spdy: h2
www.eg7ff.top/favicon.ico
200 OK 0 B URL GET HTTP/1.1 www.eg7ff.top/favicon.ico
IP
Requested by http://www.eg7ff.top/zhishi/
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www.eg7ff.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.eg7ff.top/zhishi/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 05 Dec 2023 08:51:37 GMT
Content-Type: image/x-icon
Content-Length: 0
Last-Modified: Tue, 30 Jul 2019 15:51:36 GMT
Connection: keep-alive
ETag: "5d406788-0"
Accept-Ranges: bytes
img3.utuku.imgcdc.com/620x0/ent/20230927/e1712105-7175-4990-a12e-9ca03046271a.jpg
200 OK 67 kB URL GET HTTP/1.1 img3.utuku.imgcdc.com/620x0/ent/20230927/e1712105-7175-4990-a12e-9ca03046271a.jpg
IP
ASN #138915 Kaopu Cloud HK Limited
Requested by http://www.eg7ff.top/zhishi/
Certificate IssuerDigiCert Inc
Subjectimg3.utuku.imgcdc.com
Fingerprint0D:75:2E:38:6E:47:B5:75:8E:D0:54:94:A2:5D:F8:D9:CE:1B:51:D1
ValidityThu, 02 Feb 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 620x249, components 3\012- data
Hash ae55b2af7e68fdaa04077d0e9370eb3e
19a3d53e83693cf838e7e62227f8757bdda4c849
cef3166f80c0937e98571ffef1bfdda87391868d270dc84e7701555037193100
GET /620x0/ent/20230927/e1712105-7175-4990-a12e-9ca03046271a.jpg HTTP/1.1
Host: img3.utuku.imgcdc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.eg7ff.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 66589
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-06
ETag: "AD2CCE85126C69C6E42E39B977483472"
Date: Tue, 05 Dec 2023 08:51:36 GMT
Last-Modified: Wed, 27 Sep 2023 01:27:44 GMT
Expires: Tue, 05 Dec 2023 09:01:36 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-oss-request-id: 651386CC1F7B1F3537C3C838
x-oss-object-type: Normal
x-oss-storage-class: Standard
x-oss-meta-gid: 99
x-oss-meta-mode: 33188
x-oss-meta-mtime: 1695778064
x-oss-meta-uid: 99
x-oss-server-time: 40
x-oss-hash-crc64ecma: 15714309780041352915
Access-Control-Allow-Origin: *
x-link-via: xg21:443;xg12:443;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-06, HIT from KS-CLOUD-XG-FOREIGN-21-10
X-Cdn-Request-ID: 6ad6f3a40b4d8ba532e1bf08d9faa312
hm.baidu.com/hm.js?1279d586414808e9f135af0e51be71c2
200 OK 11 kB URL GET HTTP/1.1 hm.baidu.com/hm.js?1279d586414808e9f135af0e51be71c2
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by http://www.eg7ff.top/zhishi/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type ASCII text, with very long lines (620)
Hash db567793e929eac211b6c50e15861dbf
1d04759fe714ae5d7b7feceeeae6173373c00752
0ef5b78b2f077db4fc42cbc3e2595a310e3ca1dc6de71b2ba5596de9adbe05ca
GET /hm.js?1279d586414808e9f135af0e51be71c2 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.eg7ff.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11258
Content-Type: application/javascript
Date: Tue, 05 Dec 2023 08:51:37 GMT
Etag: 3294d72aa6ef1b91dde0f3cab082413b
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=8D1CEE36751D8BA4; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?1279d586414808e9f135af0e51be71c2
200 OK 11 kB URL GET HTTP/1.1 hm.baidu.com/hm.js?1279d586414808e9f135af0e51be71c2
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by http://www.eg7ff.top/zhishi/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type ASCII text, with very long lines (620)
Hash b479b35898fe093369281121ff9c8ea0
a7e5af4d3187dfdcca18f2496320ca182c88b341
1475daa47b4f9681f699dbbd4bbacfba4cadb6b74450fc443a05eeb3293684cc
GET /hm.js?1279d586414808e9f135af0e51be71c2 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.eg7ff.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11258
Content-Type: application/javascript
Date: Tue, 05 Dec 2023 08:51:37 GMT
Etag: 1e7fa0cc752d2f8def2d4d1772307767
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=6AE81D966EA06801; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1612335363&si=1279d586414808e9f135af0e51be71c2&v=1.3.0&lv=1&sn=18959&r=0&ww=1280&u=http%3A%2F%2Fwww.eg7ff.top%2Fzhishi%2F&tt=%E7%9F%A5%E8%AF%86-%E7%86%8A%E7%BB%8F%E9%B8%9F%E7%94%B3%E7%BD%91
200 OK 43 B URL GET HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1612335363&si=1279d586414808e9f135af0e51be71c2&v=1.3.0&lv=1&sn=18959&r=0&ww=1280&u=http%3A%2F%2Fwww.eg7ff.top%2Fzhishi%2F&tt=%E7%9F%A5%E8%AF%86-%E7%86%8A%E7%BB%8F%E9%B8%9F%E7%94%B3%E7%BD%91
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by http://www.eg7ff.top/zhishi/
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1612335363&si=1279d586414808e9f135af0e51be71c2&v=1.3.0&lv=1&sn=18959&r=0&ww=1280&u=http%3A%2F%2Fwww.eg7ff.top%2Fzhishi%2F&tt=%E7%9F%A5%E8%AF%86-%E7%86%8A%E7%BB%8F%E9%B8%9F%E7%94%B3%E7%BD%91 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.eg7ff.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 05 Dec 2023 08:51:38 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=7FD69FC7565DB28D; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
www.tynews.com.cn/pic/003/001/739/00300173913_3daa7aff.png
200 OK 431 kB URL GET HTTP/1.1 www.tynews.com.cn/pic/003/001/739/00300173913_3daa7aff.png
IP
ASN #4837 CHINA UNICOM China169 Backbone
Requested by http://www.eg7ff.top/zhishi/
File type PNG image data, 284 x 378, 8-bit/color RGBA, non-interlaced\012- data
Size 431 kB (430580 bytes)
Hash 26cb1db1313c12e08f2b94f3b6f77ad9
3b9c2fcf93422d1efbbc31369eb6dc78f93869bd
c92088615983cea14aa7205b58ec86509dfd4ad9061b7cfe876984fdce951320
GET /pic/003/001/739/00300173913_3daa7aff.png HTTP/1.1
Host: www.tynews.com.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.eg7ff.top/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 05 Dec 2023 08:44:32 GMT
Content-Type: image/png
Content-Length: 430580
Last-Modified: Thu, 30 Nov 2023 09:07:17 GMT
Connection: keep-alive
ETag: "656850c5-691f4"
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
img2.utuku.imgcdc.com/650x0/news/20231204/15ed02b7-de41-414d-a6e2-a2e23dea022b.png
200 OK 666 kB URL GET HTTP/1.1 img2.utuku.imgcdc.com/650x0/news/20231204/15ed02b7-de41-414d-a6e2-a2e23dea022b.png
IP
ASN #138915 Kaopu Cloud HK Limited
Requested by http://www.eg7ff.top/zhishi/
Certificate IssuerDigiCert Inc
Subjectimg2.utuku.imgcdc.com
FingerprintF3:D3:6F:20:A9:7D:82:85:49:2F:33:7D:7C:C7:44:C6:65:5E:C6:77
ValidityThu, 02 Feb 2023 00:00:00 GMT - Fri, 02 Feb 2024 23:59:59 GMT
File type PNG image data, 650 x 708, 8-bit/color RGBA, non-interlaced\012- data
Size 666 kB (665779 bytes)
Hash 67aa2b149499818a0b41e8d942b6750b
d0e044fdfa089ff459e0badc53bbe667f0ce39c0
a8a273444dcf42dfdc8b8f55a2fac9026d5ec276850259b17126da7c5baf56c9
GET /650x0/news/20231204/15ed02b7-de41-414d-a6e2-a2e23dea022b.png HTTP/1.1
Host: img2.utuku.imgcdc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.eg7ff.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 665779
Connection: keep-alive
Server: Default-server-KS-CLOUD-XG-FOREIGN-12-06
ETag: "A5955F2F3FA795D128CCB5C5BCA6AFDF"
Date: Tue, 05 Dec 2023 08:51:37 GMT
Last-Modified: Sun, 03 Dec 2023 16:54:54 GMT
Expires: Tue, 05 Dec 2023 09:01:37 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
x-oss-request-id: 656CB319BA20453139F69891
x-oss-object-type: Normal
x-oss-storage-class: Standard
x-oss-meta-gid: 99
x-oss-meta-mode: 33188
x-oss-meta-mtime: 1701622494
x-oss-meta-uid: 99
x-oss-server-time: 122
x-oss-hash-crc64ecma: 12302714541918105693
Access-Control-Allow-Origin: *
x-link-via: xg21:443;xg12:443;
X-Cache-Status: MISS from KS-CLOUD-XG-FOREIGN-12-06, HIT from KS-CLOUD-XG-FOREIGN-21-06
X-Cdn-Request-ID: 03139fffc6926c1c5615dfb10438570f
www.xsnet.cn/pic/2023-12/01/364798_95b3a7e8-d389-42b0-a97d-ee5e8b59dcc8copy.jpg
200 OK 131 kB URL GET HTTP/1.1 www.xsnet.cn/pic/2023-12/01/364798_95b3a7e8-d389-42b0-a97d-ee5e8b59dcc8copy.jpg
IP
ASN #4837 CHINA UNICOM China169 Backbone
Requested by http://www.eg7ff.top/zhishi/
Certificate IssuerDigiCert, Inc.
Subject*.xsnet.cn
Fingerprint65:DE:1D:7F:EF:55:0B:3C:E9:2A:0C:00:E2:5A:AD:30:5C:5D:A8:32
ValidityWed, 25 Oct 2023 00:00:00 GMT - Mon, 28 Oct 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x810, components 3\012- data
Size 131 kB (130924 bytes)
Hash c47f552af753b4b5ebf312e4eb3ce64b
3bba86228f0275bc14bebb464cad697394262881
f16ece93198cbc12a57bdeb95b80443a26cc53535f97d7dddde43741e9a5e839
GET /pic/2023-12/01/364798_95b3a7e8-d389-42b0-a97d-ee5e8b59dcc8copy.jpg HTTP/1.1
Host: www.xsnet.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.eg7ff.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 05 Dec 2023 08:52:33 GMT
Content-Type: image/jpeg
Content-Length: 130924
Last-Modified: Fri, 01 Dec 2023 03:26:36 GMT
ETag: "6569526c-1ff6c"
X-Frame-Options: ALLOW-FROM SAMEORIGIN,http://www.xiaoshan.gov.cn/
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Accept-Ranges: bytes
news.2500sz.com/uploadfiles/202312/04/2023120409192812297778.jpg
0 B URL GET news.2500sz.com/uploadfiles/202312/04/2023120409192812297778.jpg
IP
Requested by http://www.eg7ff.top/zhishi/
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uploadfiles/202312/04/2023120409192812297778.jpg HTTP/1.1
Host: news.2500sz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.eg7ff.top/
Pragma: no-cache
Cache-Control: no-cache
154.92.237.73
47.246.44.225
218.26.172.99
0.0.0.0