Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

9d96bb3384...c8.exe

windows7-x64

7

9d96bb3384...c8.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    146s
  • max time network
    152s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    16/08/2023, 05:48 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9d96bb3384a21744a45c2c3115b28feb986c0cfc9f8d6c970e13169d6e1ab1c8.exe

  • Size

    3.8MB

  • MD5

    1ab4ba600b443ccf57f07e0d7824ccee

  • SHA1

    bafb60dda42153840135d7ef0dbc94cd82f3e87b

  • SHA256

    9d96bb3384a21744a45c2c3115b28feb986c0cfc9f8d6c970e13169d6e1ab1c8

  • SHA512

    14dce5c19db95ab850b6445f3c41c6b05a8e651c9d1b15428ad35b1b6ddb9630e24f409792580a37cacb8fff7996c0efd7d0e54dc00ddb0dcf466b4402d4c5ea

  • SSDEEP

    49152:RUiOCsBR8F1+35nr2s7i6eiYO7oqYtd2bi7+zNedFinZBH1Whj9VfwJsCVWVS/ct:35i+fenH9+x

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 29 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Modifies system certificate store 2 TTPs 2 IoCs
    evasionspywaretrojan
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\9d96bb3384a21744a45c2c3115b28feb986c0cfc9f8d6c970e13169d6e1ab1c8.exe
    "C:\Users\Admin\AppData\Local\Temp\9d96bb3384a21744a45c2c3115b28feb986c0cfc9f8d6c970e13169d6e1ab1c8.exe"
    1⤵
    • Modifies system certificate store
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2532

Network

  • flag-us
    DNS
    w.eydata.net
    9d96bb3384a21744a45c2c3115b28feb986c0cfc9f8d6c970e13169d6e1ab1c8.exe
    Remote address:
    8.8.8.8:53
    Request
    w.eydata.net
    IN A
    Response
    w.eydata.net
    IN CNAME
    cc7f3fa9bc6c480e.waf-jiasu.yhui-cloud.com
    cc7f3fa9bc6c480e.waf-jiasu.yhui-cloud.com
    IN CNAME
    1a78e8c4ad1c8797.waf-jiasu.yhui-cloud.com
    1a78e8c4ad1c8797.waf-jiasu.yhui-cloud.com
    IN A
    125.77.158.24
  • flag-us
    DNS
    w.eydata.net
    9d96bb3384a21744a45c2c3115b28feb986c0cfc9f8d6c970e13169d6e1ab1c8.exe
    Remote address:
    8.8.8.8:53
    Request
    w.eydata.net
    IN A
    Response
    w.eydata.net
    IN CNAME
    cc7f3fa9bc6c480e.waf-jiasu.yhui-cloud.com
    cc7f3fa9bc6c480e.waf-jiasu.yhui-cloud.com
    IN CNAME
    1a78e8c4ad1c8797.waf-jiasu.yhui-cloud.com
    1a78e8c4ad1c8797.waf-jiasu.yhui-cloud.com
    IN A
    125.77.158.24
  • flag-cn
    POST
    http://w.eydata.net/38C60F0DFEF1B97B
    9d96bb3384a21744a45c2c3115b28feb986c0cfc9f8d6c970e13169d6e1ab1c8.exe
    Remote address:
    125.77.158.24:80
    Request
    POST /38C60F0DFEF1B97B HTTP/1.1
    Connection: Keep-Alive
    Content-Type: application/x-www-form-urlencoded; Charset=UTF-8
    Accept: */*
    Accept-Language: zh-cn
    Referer: http://w.eydata.net/38C60F0DFEF1B97B
    User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)
    Content-Length: 0
    Host: w.eydata.net
    Response
    HTTP/1.1 200 OK
    Server: yhui-cloud/20.10.14.1.2
    Date: Wed, 16 Aug 2023 13:42:39 GMT
    Content-Type: text/plain; charset=utf-8
    Content-Length: 94
    Connection: keep-alive
  • flag-us
    DNS
    shimo.im
    9d96bb3384a21744a45c2c3115b28feb986c0cfc9f8d6c970e13169d6e1ab1c8.exe
    Remote address:
    8.8.8.8:53
    Request
    shimo.im
    IN A
    Response
    shimo.im
    IN A
    116.205.2.136
  • flag-cn
    GET
    https://shimo.im/docs/1d3aV8Pzabfrn5qg/
    9d96bb3384a21744a45c2c3115b28feb986c0cfc9f8d6c970e13169d6e1ab1c8.exe
    Remote address:
    116.205.2.136:443
    Request
    GET /docs/1d3aV8Pzabfrn5qg/ HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Accept: text/html, application/xhtml+xml, */*
    Accept-Encoding: gbk, GB2312
    Accept-Language: zh-cn
    User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
    Host: shimo.im
    Response
    HTTP/1.1 200 OK
    Date: Wed, 16 Aug 2023 05:48:28 GMT
    Content-Type: text/html; charset=UTF-8
    Content-Length: 2812
    Connection: keep-alive
    Vary: Accept-Encoding
    Accept-Ranges: bytes
    Cache-Control: public, max-age=0
    Etag: W/"afc-189e2a8da00"
    Last-Modified: Fri, 11 Aug 2023 03:34:24 GMT
    Set-Cookie: shimo_sid=s%3A4f103f10ffa7431dbac04ccee2219ce7.w4Del1ZYpKQd9%2FQG9ZEVGbMmXSFv90QyMri0493q5h4; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly; Secure
    Set-Cookie: anonymousUser=-8193399072; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: anonymousToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJDcmVkaXQiOnsiaWQiOiItODE5MzM5OTA3MiJ9LCJleHAiOjE2OTIxNjg1MDh9.y_krg0gQPow_KpGV2eV3w7zh8DkOT1Ve6C2g0920KR8; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: shimo_gatedlaunch=1; Path=/; Domain=shimo.im; Max-Age=3110400000; HttpOnly; Secure
    X-Request-Id: 206dc35570318a25729102e22defd9c7, 206dc35570318a25729102e22defd9c7
    X-Shimo-Proxy: feproxy
    X-Trace-Id: 3f7fb57317ee8c97243c8f1bcb6329ce
    Strict-Transport-Security: max-age=15724800; includeSubDomains
  • flag-cn
    GET
    https://shimo.im/docs/1d3aV8Pzabfrn5qg/
    9d96bb3384a21744a45c2c3115b28feb986c0cfc9f8d6c970e13169d6e1ab1c8.exe
    Remote address:
    116.205.2.136:443
    Request
    GET /docs/1d3aV8Pzabfrn5qg/ HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Accept: text/html, application/xhtml+xml, */*
    Accept-Encoding: gbk, GB2312
    Accept-Language: zh-cn
    User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
    Host: shimo.im
    Response
    HTTP/1.1 200 OK
    Date: Wed, 16 Aug 2023 05:48:32 GMT
    Content-Type: text/html; charset=UTF-8
    Content-Length: 2812
    Connection: keep-alive
    Vary: Accept-Encoding
    Accept-Ranges: bytes
    Cache-Control: public, max-age=0
    Etag: W/"afc-189e2a8da00"
    Last-Modified: Fri, 11 Aug 2023 03:34:24 GMT
    Set-Cookie: shimo_sid=s%3A43a27f45baea45348becad369958912d.YsDi0vATW046q30hK1eg6PYHmoatJgPRI8exhHNusEU; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly; Secure
    Set-Cookie: anonymousUser=-8193399247; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: anonymousToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJDcmVkaXQiOnsiaWQiOiItODE5MzM5OTI0NyJ9LCJleHAiOjE2OTIxNjg1MTJ9.XFnvktqySkSjGmw-UGL_4hiN3RgzcbxvQ9Pox_8d9TY; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: shimo_gatedlaunch=2; Path=/; Domain=shimo.im; Max-Age=3110400000; HttpOnly; Secure
    X-Request-Id: 53df60b6a53e036bebb11971992b7127, 53df60b6a53e036bebb11971992b7127
    X-Shimo-Proxy: feproxy
    X-Trace-Id: a1467eccbfd7a329d6d528247cac675d
    Strict-Transport-Security: max-age=15724800; includeSubDomains
  • flag-cn
    GET
    https://shimo.im/docs/1d3aV8Pzabfrn5qg/
    9d96bb3384a21744a45c2c3115b28feb986c0cfc9f8d6c970e13169d6e1ab1c8.exe
    Remote address:
    116.205.2.136:443
    Request
    GET /docs/1d3aV8Pzabfrn5qg/ HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Accept: text/html, application/xhtml+xml, */*
    Accept-Encoding: gbk, GB2312
    Accept-Language: zh-cn
    User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
    Host: shimo.im
    Response
    HTTP/1.1 200 OK
    Date: Wed, 16 Aug 2023 05:48:36 GMT
    Content-Type: text/html; charset=UTF-8
    Content-Length: 2812
    Connection: keep-alive
    Vary: Accept-Encoding
    Accept-Ranges: bytes
    Cache-Control: public, max-age=0
    Etag: W/"afc-189e2a8da00"
    Last-Modified: Fri, 11 Aug 2023 03:34:24 GMT
    Set-Cookie: shimo_sid=s%3A37c28350ce274dd4b75306c86bad3646.ax1IEHWkvA8J177BKNGv7xRuSMfNSGS56rEJ4LEr1S8; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly; Secure
    Set-Cookie: anonymousUser=-8193399412; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: anonymousToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJDcmVkaXQiOnsiaWQiOiItODE5MzM5OTQxMiJ9LCJleHAiOjE2OTIxNjg1MTZ9.hBnrKb1LXZmhyoSbDkwUmIjM1ShDw_-9eOQ51uEEynk; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: shimo_gatedlaunch=1; Path=/; Domain=shimo.im; Max-Age=3110400000; HttpOnly; Secure
    X-Request-Id: 856d7278de295dd4f87d82a66b4d47cf, 856d7278de295dd4f87d82a66b4d47cf
    X-Shimo-Proxy: feproxy
    X-Trace-Id: 68eae952d80c649d86b450509c951a6e
    Strict-Transport-Security: max-age=15724800; includeSubDomains
  • flag-cn
    GET
    https://shimo.im/docs/1d3aV8Pzabfrn5qg/
    9d96bb3384a21744a45c2c3115b28feb986c0cfc9f8d6c970e13169d6e1ab1c8.exe
    Remote address:
    116.205.2.136:443
    Request
    GET /docs/1d3aV8Pzabfrn5qg/ HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Accept: text/html, application/xhtml+xml, */*
    Accept-Encoding: gbk, GB2312
    Accept-Language: zh-cn
    User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
    Host: shimo.im
    Response
    HTTP/1.1 200 OK
    Date: Wed, 16 Aug 2023 05:48:41 GMT
    Content-Type: text/html; charset=UTF-8
    Content-Length: 2812
    Connection: keep-alive
    Vary: Accept-Encoding
    Accept-Ranges: bytes
    Cache-Control: public, max-age=0
    Etag: W/"afc-189e2a8da00"
    Last-Modified: Fri, 11 Aug 2023 03:34:24 GMT
    Set-Cookie: shimo_sid=s%3A8401afeb584549c9a7e9e828029a50e8.TxoVB7WwapqORBTsxvBeS52JdXCsCkqUOkrq6bhOcW0; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly; Secure
    Set-Cookie: anonymousUser=-8193399606; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: anonymousToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJDcmVkaXQiOnsiaWQiOiItODE5MzM5OTYwNiJ9LCJleHAiOjE2OTIxNjg1MjF9.BHJWd6jWfVOPIrCygqqu1dUp27iHQQGYtl75UdSorcU; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: shimo_gatedlaunch=5; Path=/; Domain=shimo.im; Max-Age=3110400000; HttpOnly; Secure
    X-Request-Id: c5196516175d45a1aefc5ac68d3c2f83, c5196516175d45a1aefc5ac68d3c2f83
    X-Shimo-Proxy: feproxy
    X-Trace-Id: 0264a935a8e3eff62ce5853bcce1b780
    Strict-Transport-Security: max-age=15724800; includeSubDomains
  • flag-cn
    GET
    https://shimo.im/docs/1d3aV8Pzabfrn5qg/
    9d96bb3384a21744a45c2c3115b28feb986c0cfc9f8d6c970e13169d6e1ab1c8.exe
    Remote address:
    116.205.2.136:443
    Request
    GET /docs/1d3aV8Pzabfrn5qg/ HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Accept: text/html, application/xhtml+xml, */*
    Accept-Encoding: gbk, GB2312
    Accept-Language: zh-cn
    User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
    Host: shimo.im
    Response
    HTTP/1.1 200 OK
    Date: Wed, 16 Aug 2023 05:48:46 GMT
    Content-Type: text/html; charset=UTF-8
    Content-Length: 2812
    Connection: keep-alive
    Vary: Accept-Encoding
    Accept-Ranges: bytes
    Cache-Control: public, max-age=0
    Etag: W/"afc-189e2a8da00"
    Last-Modified: Fri, 11 Aug 2023 03:34:24 GMT
    Set-Cookie: shimo_sid=s%3A6194e3f2d195456383c7c6eb694c61d3.Lc0o4D8MzM3b%2B9aYLGYVgoE9R%2Bf0Kv253c4JQrcqTXE; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly; Secure
    Set-Cookie: anonymousUser=-8193399819; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: anonymousToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJDcmVkaXQiOnsiaWQiOiItODE5MzM5OTgxOSJ9LCJleHAiOjE2OTIxNjg1MjZ9.UFfZaC7dnZbqNxmZ4rZAfqdZFa9fuC9UIQ9QlEpL7H8; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: shimo_gatedlaunch=4; Path=/; Domain=shimo.im; Max-Age=3110400000; HttpOnly; Secure
    X-Request-Id: 6a7cb37cf2ffc5315a0d76928275c62d, 6a7cb37cf2ffc5315a0d76928275c62d
    X-Shimo-Proxy: feproxy
    X-Trace-Id: 16f67c3749d1bc6ea6bc3c9f17de0a41
    Strict-Transport-Security: max-age=15724800; includeSubDomains
  • flag-cn
    GET
    https://shimo.im/docs/1d3aV8Pzabfrn5qg/
    9d96bb3384a21744a45c2c3115b28feb986c0cfc9f8d6c970e13169d6e1ab1c8.exe
    Remote address:
    116.205.2.136:443
    Request
    GET /docs/1d3aV8Pzabfrn5qg/ HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Accept: text/html, application/xhtml+xml, */*
    Accept-Encoding: gbk, GB2312
    Accept-Language: zh-cn
    User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
    Host: shimo.im
    Response
    HTTP/1.1 200 OK
    Date: Wed, 16 Aug 2023 05:48:52 GMT
    Content-Type: text/html; charset=UTF-8
    Content-Length: 2812
    Connection: keep-alive
    Vary: Accept-Encoding
    Accept-Ranges: bytes
    Cache-Control: public, max-age=0
    Etag: W/"afc-189e2a8da00"
    Last-Modified: Fri, 11 Aug 2023 03:34:24 GMT
    Set-Cookie: shimo_sid=s%3A3f38c0e9e44a4d45be582e4e4ccc3d17.183G4tVtFMNcOr%2B9rYhdADisZahWlUadPs9lSDByI7U; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly; Secure
    Set-Cookie: anonymousUser=-8193400022; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: anonymousToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJDcmVkaXQiOnsiaWQiOiItODE5MzQwMDAyMiJ9LCJleHAiOjE2OTIxNjg1MzJ9.QdXhgJ6S0dh5aqBeAV2zJdGGG7Cv5TjxzD_v-Gp1kk4; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: shimo_gatedlaunch=5; Path=/; Domain=shimo.im; Max-Age=3110400000; HttpOnly; Secure
    X-Request-Id: 99f5fa3808d520a847c43658d132ce19, 99f5fa3808d520a847c43658d132ce19
    X-Shimo-Proxy: feproxy
    X-Trace-Id: ca8ead2e005a90f46916820b21c312a8
    Strict-Transport-Security: max-age=15724800; includeSubDomains
  • flag-cn
    GET
    https://shimo.im/docs/1d3aV8Pzabfrn5qg/
    9d96bb3384a21744a45c2c3115b28feb986c0cfc9f8d6c970e13169d6e1ab1c8.exe
    Remote address:
    116.205.2.136:443
    Request
    GET /docs/1d3aV8Pzabfrn5qg/ HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Accept: text/html, application/xhtml+xml, */*
    Accept-Encoding: gbk, GB2312
    Accept-Language: zh-cn
    User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
    Host: shimo.im
    Response
    HTTP/1.1 200 OK
    Date: Wed, 16 Aug 2023 05:48:56 GMT
    Content-Type: text/html; charset=UTF-8
    Content-Length: 2812
    Connection: keep-alive
    Vary: Accept-Encoding
    Accept-Ranges: bytes
    Cache-Control: public, max-age=0
    Etag: W/"afc-189e2a8da00"
    Last-Modified: Fri, 11 Aug 2023 03:34:24 GMT
    Set-Cookie: shimo_sid=s%3A98460b584ff84769991ec774ba9ccd3b.VyZZEpQeULte8dAW0XQBdCmcrD69w0aa4ZjAFIUI3ZE; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly; Secure
    Set-Cookie: anonymousUser=-8193400211; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: anonymousToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJDcmVkaXQiOnsiaWQiOiItODE5MzQwMDIxMSJ9LCJleHAiOjE2OTIxNjg1MzZ9.BbEWszNx9X_OaIqhEAbJHpE80rLtpJnDrX0XqSyoFEg; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: shimo_gatedlaunch=3; Path=/; Domain=shimo.im; Max-Age=3110400000; HttpOnly; Secure
    X-Request-Id: 0f64b7aeb30741031761d2d80d7d8e0b, 0f64b7aeb30741031761d2d80d7d8e0b
    X-Shimo-Proxy: feproxy
    X-Trace-Id: 9d2e462e112d8b4c3bc50b11a433ab1d
    Strict-Transport-Security: max-age=15724800; includeSubDomains
  • flag-cn
    GET
    https://shimo.im/docs/1d3aV8Pzabfrn5qg/
    9d96bb3384a21744a45c2c3115b28feb986c0cfc9f8d6c970e13169d6e1ab1c8.exe
    Remote address:
    116.205.2.136:443
    Request
    GET /docs/1d3aV8Pzabfrn5qg/ HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Accept: text/html, application/xhtml+xml, */*
    Accept-Encoding: gbk, GB2312
    Accept-Language: zh-cn
    User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
    Host: shimo.im
    Response
    HTTP/1.1 200 OK
    Date: Wed, 16 Aug 2023 05:49:01 GMT
    Content-Type: text/html; charset=UTF-8
    Content-Length: 2812
    Connection: keep-alive
    Vary: Accept-Encoding
    Accept-Ranges: bytes
    Cache-Control: public, max-age=0
    Etag: W/"afc-189e2a8da00"
    Last-Modified: Fri, 11 Aug 2023 03:34:24 GMT
    Set-Cookie: shimo_sid=s%3A4e8a034c83fe4d0fbe196b3a650438be.IUi9SAVYZ%2FvCq3NaCpa7lhEZkzmsnu8YNVqjbyJ8GHY; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly; Secure
    Set-Cookie: anonymousUser=-8193400401; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: anonymousToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJDcmVkaXQiOnsiaWQiOiItODE5MzQwMDQwMSJ9LCJleHAiOjE2OTIxNjg1NDF9.mcMgomFMOeIuN3FbDuSufZ-SpwLmP4pGuvzj-Bv_LqI; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: shimo_gatedlaunch=6; Path=/; Domain=shimo.im; Max-Age=3110400000; HttpOnly; Secure
    X-Request-Id: 75b16516f88efe9407ec8e5cf90a8892, 75b16516f88efe9407ec8e5cf90a8892
    X-Shimo-Proxy: feproxy
    X-Trace-Id: 2a9835db5d99d50e2ed5c1c60d634f1f
    Strict-Transport-Security: max-age=15724800; includeSubDomains
  • flag-cn
    GET
    https://shimo.im/docs/1d3aV8Pzabfrn5qg/
    9d96bb3384a21744a45c2c3115b28feb986c0cfc9f8d6c970e13169d6e1ab1c8.exe
    Remote address:
    116.205.2.136:443
    Request
    GET /docs/1d3aV8Pzabfrn5qg/ HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Accept: text/html, application/xhtml+xml, */*
    Accept-Encoding: gbk, GB2312
    Accept-Language: zh-cn
    User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
    Host: shimo.im
    Response
    HTTP/1.1 200 OK
    Date: Wed, 16 Aug 2023 05:49:06 GMT
    Content-Type: text/html; charset=UTF-8
    Content-Length: 2812
    Connection: keep-alive
    Vary: Accept-Encoding
    Accept-Ranges: bytes
    Cache-Control: public, max-age=0
    Etag: W/"afc-189e2a8da00"
    Last-Modified: Fri, 11 Aug 2023 03:34:24 GMT
    Set-Cookie: shimo_sid=s%3Aea7420562c30443f9b1c8efa8ba1ade2.47BEuc%2Bi1xVP8iEg%2BLtmH0a8Ppa9XrshS0B2KhBkrVo; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly; Secure
    Set-Cookie: anonymousUser=-8193400612; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: anonymousToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJDcmVkaXQiOnsiaWQiOiItODE5MzQwMDYxMiJ9LCJleHAiOjE2OTIxNjg1NDZ9.3dnt8DV9tLeeakvT2hoMypAcdSaXr7WLCJbmr5OMA5c; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: shimo_gatedlaunch=2; Path=/; Domain=shimo.im; Max-Age=3110400000; HttpOnly; Secure
    X-Request-Id: 184c0b9299b1ed763b3c871ea9fbbd1c, 184c0b9299b1ed763b3c871ea9fbbd1c
    X-Shimo-Proxy: feproxy
    X-Trace-Id: daa82ae8f0905481e4d2a9b5cd3b520e
    Strict-Transport-Security: max-age=15724800; includeSubDomains
  • flag-cn
    GET
    https://shimo.im/docs/1d3aV8Pzabfrn5qg/
    9d96bb3384a21744a45c2c3115b28feb986c0cfc9f8d6c970e13169d6e1ab1c8.exe
    Remote address:
    116.205.2.136:443
    Request
    GET /docs/1d3aV8Pzabfrn5qg/ HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Accept: text/html, application/xhtml+xml, */*
    Accept-Encoding: gbk, GB2312
    Accept-Language: zh-cn
    User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
    Host: shimo.im
    Response
    HTTP/1.1 200 OK
    Date: Wed, 16 Aug 2023 05:49:11 GMT
    Content-Type: text/html; charset=UTF-8
    Content-Length: 2812
    Connection: keep-alive
    Vary: Accept-Encoding
    Accept-Ranges: bytes
    Cache-Control: public, max-age=0
    Etag: W/"afc-189e2a8da00"
    Last-Modified: Fri, 11 Aug 2023 03:34:24 GMT
    Set-Cookie: shimo_sid=s%3Aded27e9c231142b3aa1c6a546b6108a3.G0JG47Zjs4ktwtakntK03dcswQKmqAVlzJpxOQMOabo; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly; Secure
    Set-Cookie: anonymousUser=-8193400816; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: anonymousToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJDcmVkaXQiOnsiaWQiOiItODE5MzQwMDgxNiJ9LCJleHAiOjE2OTIxNjg1NTF9.-Bg_aK1PqOukMeEtqVr2TiDMfqXHmmOafH9mQIKFlGk; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: shimo_gatedlaunch=7; Path=/; Domain=shimo.im; Max-Age=3110400000; HttpOnly; Secure
    X-Request-Id: adc472e603bbc84c64fd3853b47757ec, adc472e603bbc84c64fd3853b47757ec
    X-Shimo-Proxy: feproxy
    X-Trace-Id: e126a9387a3a199771924771db1d2276
    Strict-Transport-Security: max-age=15724800; includeSubDomains
  • flag-cn
    GET
    https://shimo.im/docs/1d3aV8Pzabfrn5qg/
    9d96bb3384a21744a45c2c3115b28feb986c0cfc9f8d6c970e13169d6e1ab1c8.exe
    Remote address:
    116.205.2.136:443
    Request
    GET /docs/1d3aV8Pzabfrn5qg/ HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Accept: text/html, application/xhtml+xml, */*
    Accept-Encoding: gbk, GB2312
    Accept-Language: zh-cn
    User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
    Host: shimo.im
    Response
    HTTP/1.1 200 OK
    Date: Wed, 16 Aug 2023 05:49:16 GMT
    Content-Type: text/html; charset=UTF-8
    Content-Length: 2812
    Connection: keep-alive
    Vary: Accept-Encoding
    Accept-Ranges: bytes
    Cache-Control: public, max-age=0
    Etag: W/"afc-189e2a8da00"
    Last-Modified: Fri, 11 Aug 2023 03:34:24 GMT
    Set-Cookie: shimo_sid=s%3A76d647bb7f2f4675bc14cc5a10adeeba.IErllJmnE22mDwNvIr24BUvzg2AsgKSnAasG5OjZagQ; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly; Secure
    Set-Cookie: anonymousUser=-8193401042; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: anonymousToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJDcmVkaXQiOnsiaWQiOiItODE5MzQwMTA0MiJ9LCJleHAiOjE2OTIxNjg1NTZ9.Whk3nbdjERZF-2pvLUdHWuyvRZ3XOXVUgD6o2zYnHuY; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: shimo_gatedlaunch=2; Path=/; Domain=shimo.im; Max-Age=3110400000; HttpOnly; Secure
    X-Request-Id: 9dd9734e6cf50162215c5acac38028d2, 9dd9734e6cf50162215c5acac38028d2
    X-Shimo-Proxy: feproxy
    X-Trace-Id: 30334abab2d7c8c80435f3f79a9f0ab1
    Strict-Transport-Security: max-age=15724800; includeSubDomains
  • flag-cn
    GET
    https://shimo.im/docs/1d3aV8Pzabfrn5qg/
    9d96bb3384a21744a45c2c3115b28feb986c0cfc9f8d6c970e13169d6e1ab1c8.exe
    Remote address:
    116.205.2.136:443
    Request
    GET /docs/1d3aV8Pzabfrn5qg/ HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Accept: text/html, application/xhtml+xml, */*
    Accept-Encoding: gbk, GB2312
    Accept-Language: zh-cn
    User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
    Host: shimo.im
    Response
    HTTP/1.1 200 OK
    Date: Wed, 16 Aug 2023 05:49:21 GMT
    Content-Type: text/html; charset=UTF-8
    Content-Length: 2812
    Connection: keep-alive
    Vary: Accept-Encoding
    Accept-Ranges: bytes
    Cache-Control: public, max-age=0
    Etag: W/"afc-189e2a8da00"
    Last-Modified: Fri, 11 Aug 2023 03:34:24 GMT
    Set-Cookie: shimo_sid=s%3Ab09b5fd573094d428f6b3024f95ad494.kHrBUO31YHdyJN3UlgqCQmab6lffzy26JQMADeKOOVk; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly; Secure
    Set-Cookie: anonymousUser=-8193401220; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: anonymousToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJDcmVkaXQiOnsiaWQiOiItODE5MzQwMTIyMCJ9LCJleHAiOjE2OTIxNjg1NjF9.Zgtn5PStCx4k2kymiidJF9kYytvQUM4Bby-Xspm3ZYs; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: shimo_gatedlaunch=8; Path=/; Domain=shimo.im; Max-Age=3110400000; HttpOnly; Secure
    X-Request-Id: 58004114ed81e5395a8319fcb89236f7, 58004114ed81e5395a8319fcb89236f7
    X-Shimo-Proxy: feproxy
    X-Trace-Id: daa2a69fb576a71c4635121ea93a0c3b
    Strict-Transport-Security: max-age=15724800; includeSubDomains
  • flag-cn
    GET
    https://shimo.im/docs/1d3aV8Pzabfrn5qg/
    9d96bb3384a21744a45c2c3115b28feb986c0cfc9f8d6c970e13169d6e1ab1c8.exe
    Remote address:
    116.205.2.136:443
    Request
    GET /docs/1d3aV8Pzabfrn5qg/ HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Accept: text/html, application/xhtml+xml, */*
    Accept-Encoding: gbk, GB2312
    Accept-Language: zh-cn
    User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
    Host: shimo.im
    Response
    HTTP/1.1 200 OK
    Date: Wed, 16 Aug 2023 05:49:26 GMT
    Content-Type: text/html; charset=UTF-8
    Content-Length: 2812
    Connection: keep-alive
    Vary: Accept-Encoding
    Accept-Ranges: bytes
    Cache-Control: public, max-age=0
    Etag: W/"afc-189e2a8da00"
    Last-Modified: Fri, 11 Aug 2023 03:34:24 GMT
    Set-Cookie: shimo_sid=s%3Aeba3e3e8f82b4484a311d446917f76e9.TF9pfiFPHn9OqEfkGGmFCdbnJ3u%2BwJ5bbffelG3YVTo; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly; Secure
    Set-Cookie: anonymousUser=-8193401387; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: anonymousToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJDcmVkaXQiOnsiaWQiOiItODE5MzQwMTM4NyJ9LCJleHAiOjE2OTIxNjg1NjZ9.3fm3meQCuCCz13PgUmYBqntaNAS2T2Vt4nj1BqYc6wA; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: shimo_gatedlaunch=0; Path=/; Domain=shimo.im; Max-Age=3110400000; HttpOnly; Secure
    X-Request-Id: 4fc9dd14dc7f10c5cd8d6d064d90650d, 4fc9dd14dc7f10c5cd8d6d064d90650d
    X-Shimo-Proxy: feproxy
    X-Trace-Id: 61cabd016c3fb16a8d537fa2765ef561
    Strict-Transport-Security: max-age=15724800; includeSubDomains
  • flag-cn
    GET
    https://shimo.im/docs/1d3aV8Pzabfrn5qg/
    9d96bb3384a21744a45c2c3115b28feb986c0cfc9f8d6c970e13169d6e1ab1c8.exe
    Remote address:
    116.205.2.136:443
    Request
    GET /docs/1d3aV8Pzabfrn5qg/ HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Accept: text/html, application/xhtml+xml, */*
    Accept-Encoding: gbk, GB2312
    Accept-Language: zh-cn
    User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
    Host: shimo.im
    Response
    HTTP/1.1 200 OK
    Date: Wed, 16 Aug 2023 05:49:31 GMT
    Content-Type: text/html; charset=UTF-8
    Content-Length: 2812
    Connection: keep-alive
    Vary: Accept-Encoding
    Accept-Ranges: bytes
    Cache-Control: public, max-age=0
    Etag: W/"afc-189e2a8da00"
    Last-Modified: Fri, 11 Aug 2023 03:34:24 GMT
    Set-Cookie: shimo_sid=s%3A776889bd3a1f4e21a0333a6b58cb3f1c.RW%2BTnz7LaXYaxGbu%2BvOfpgIYhRhTV4sqLJUdxJ8sbTg; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly; Secure
    Set-Cookie: anonymousUser=-8193401603; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: anonymousToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJDcmVkaXQiOnsiaWQiOiItODE5MzQwMTYwMyJ9LCJleHAiOjE2OTIxNjg1NzF9.NoOV88NDO4KnoSoZ-C_XI-tw4pown30b1ruwhAybraY; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: shimo_gatedlaunch=3; Path=/; Domain=shimo.im; Max-Age=3110400000; HttpOnly; Secure
    X-Request-Id: 7421793449c3430752eb54cdcc39abd3, 7421793449c3430752eb54cdcc39abd3
    X-Shimo-Proxy: feproxy
    X-Trace-Id: e7f5ee89387c309bda3802f75bb3e487
    Strict-Transport-Security: max-age=15724800; includeSubDomains
  • flag-cn
    GET
    https://shimo.im/docs/1d3aV8Pzabfrn5qg/
    9d96bb3384a21744a45c2c3115b28feb986c0cfc9f8d6c970e13169d6e1ab1c8.exe
    Remote address:
    116.205.2.136:443
    Request
    GET /docs/1d3aV8Pzabfrn5qg/ HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Accept: text/html, application/xhtml+xml, */*
    Accept-Encoding: gbk, GB2312
    Accept-Language: zh-cn
    User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
    Host: shimo.im
    Response
    HTTP/1.1 200 OK
    Date: Wed, 16 Aug 2023 05:49:36 GMT
    Content-Type: text/html; charset=UTF-8
    Content-Length: 2812
    Connection: keep-alive
    Vary: Accept-Encoding
    Accept-Ranges: bytes
    Cache-Control: public, max-age=0
    Etag: W/"afc-189e2a8da00"
    Last-Modified: Fri, 11 Aug 2023 03:34:24 GMT
    Set-Cookie: shimo_sid=s%3A9620ffe1ae7143559cc546581fed8e62.ZbfEx3BZgn02c2h2HdnTNgBrU9B9K%2FLMjCZ0jsaYB4I; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly; Secure
    Set-Cookie: anonymousUser=-8193401796; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: anonymousToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJDcmVkaXQiOnsiaWQiOiItODE5MzQwMTc5NiJ9LCJleHAiOjE2OTIxNjg1NzZ9.JFMNogzBuORaxf7GPbrjgF11dk2zCb0U8q0dxf5zMPY; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: shimo_gatedlaunch=0; Path=/; Domain=shimo.im; Max-Age=3110400000; HttpOnly; Secure
    X-Request-Id: 8e926c4fcb9a56d12085dfdcda29b6f0, 8e926c4fcb9a56d12085dfdcda29b6f0
    X-Shimo-Proxy: feproxy
    X-Trace-Id: 8a4b4d2344b33a79a8ebefec3ed48ae8
    Strict-Transport-Security: max-age=15724800; includeSubDomains
  • flag-cn
    GET
    https://shimo.im/docs/1d3aV8Pzabfrn5qg/
    9d96bb3384a21744a45c2c3115b28feb986c0cfc9f8d6c970e13169d6e1ab1c8.exe
    Remote address:
    116.205.2.136:443
    Request
    GET /docs/1d3aV8Pzabfrn5qg/ HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Accept: text/html, application/xhtml+xml, */*
    Accept-Encoding: gbk, GB2312
    Accept-Language: zh-cn
    User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
    Host: shimo.im
    Response
    HTTP/1.1 200 OK
    Date: Wed, 16 Aug 2023 05:49:43 GMT
    Content-Type: text/html; charset=UTF-8
    Content-Length: 2812
    Connection: keep-alive
    Vary: Accept-Encoding
    Accept-Ranges: bytes
    Cache-Control: public, max-age=0
    Etag: W/"afc-189e2a8da00"
    Last-Modified: Fri, 11 Aug 2023 03:34:24 GMT
    Set-Cookie: shimo_sid=s%3Afbe6c3df38e842228ac1d33c89385e63.1FL%2FaW7I9CthSvylvRzUGDYE%2FT9XJYN3McOquL4AlIU; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly; Secure
    Set-Cookie: anonymousUser=-8193402196; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: anonymousToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJDcmVkaXQiOnsiaWQiOiItODE5MzQwMjE5NiJ9LCJleHAiOjE2OTIxNjg1ODN9.PgY1GMNp8y7Dzf3fsVhQsXkDVXR2n_W1hmKG_H9FDvU; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: shimo_gatedlaunch=8; Path=/; Domain=shimo.im; Max-Age=3110400000; HttpOnly; Secure
    X-Request-Id: fa00053bee3985c6e474ed51559257ba, fa00053bee3985c6e474ed51559257ba
    X-Shimo-Proxy: feproxy
    X-Trace-Id: c72d146ba82bc884c01abb9ea09a8d01
    Strict-Transport-Security: max-age=15724800; includeSubDomains
  • flag-cn
    GET
    https://shimo.im/docs/1d3aV8Pzabfrn5qg/
    9d96bb3384a21744a45c2c3115b28feb986c0cfc9f8d6c970e13169d6e1ab1c8.exe
    Remote address:
    116.205.2.136:443
    Request
    GET /docs/1d3aV8Pzabfrn5qg/ HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Accept: text/html, application/xhtml+xml, */*
    Accept-Encoding: gbk, GB2312
    Accept-Language: zh-cn
    User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
    Host: shimo.im
    Response
    HTTP/1.1 200 OK
    Date: Wed, 16 Aug 2023 05:49:51 GMT
    Content-Type: text/html; charset=UTF-8
    Content-Length: 2812
    Connection: keep-alive
    Vary: Accept-Encoding
    Accept-Ranges: bytes
    Cache-Control: public, max-age=0
    Etag: W/"afc-189e2a8da00"
    Last-Modified: Fri, 11 Aug 2023 03:34:24 GMT
    Set-Cookie: shimo_sid=s%3A29a371af0039481bbb28d1315928930c.5UaHtBD5NSnFXgIsx5khovTp%2BUk9NrHd4lpWbqHutiI; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly; Secure
    Set-Cookie: anonymousUser=-8193402494; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: anonymousToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJDcmVkaXQiOnsiaWQiOiItODE5MzQwMjQ5NCJ9LCJleHAiOjE2OTIxNjg1OTB9.zGZmicrXXTjksPC_9XX4onzrq6LQruNGj4LeUpnqqxE; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: shimo_gatedlaunch=7; Path=/; Domain=shimo.im; Max-Age=3110400000; HttpOnly; Secure
    X-Request-Id: a2d3fdb179a6fc129f21be1153c233eb, a2d3fdb179a6fc129f21be1153c233eb
    X-Shimo-Proxy: feproxy
    X-Trace-Id: cfa43a4572988030c107f7c961bc4b46
    Strict-Transport-Security: max-age=15724800; includeSubDomains
  • flag-cn
    GET
    https://shimo.im/docs/1d3aV8Pzabfrn5qg/
    9d96bb3384a21744a45c2c3115b28feb986c0cfc9f8d6c970e13169d6e1ab1c8.exe
    Remote address:
    116.205.2.136:443
    Request
    GET /docs/1d3aV8Pzabfrn5qg/ HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Accept: text/html, application/xhtml+xml, */*
    Accept-Encoding: gbk, GB2312
    Accept-Language: zh-cn
    User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
    Host: shimo.im
    Response
    HTTP/1.1 200 OK
    Date: Wed, 16 Aug 2023 05:49:51 GMT
    Content-Type: text/html; charset=UTF-8
    Content-Length: 2812
    Connection: keep-alive
    Vary: Accept-Encoding
    Accept-Ranges: bytes
    Cache-Control: public, max-age=0
    Etag: W/"afc-189e2a8da00"
    Last-Modified: Fri, 11 Aug 2023 03:34:24 GMT
    Set-Cookie: shimo_sid=s%3A3539932dcd02473983fbf0d1dd46c5b2.FOZHB2d31ILp%2Bkc9E35S8Ztyw3Fis%2Ba02UmZCsAQiBg; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly; Secure
    Set-Cookie: anonymousUser=-8193402521; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: anonymousToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJDcmVkaXQiOnsiaWQiOiItODE5MzQwMjUyMSJ9LCJleHAiOjE2OTIxNjg1OTF9.UHFv-V36IKax-syNJ13D7beTrcKNvRrMkmg1AAfMS9A; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: shimo_gatedlaunch=1; Path=/; Domain=shimo.im; Max-Age=3110400000; HttpOnly; Secure
    X-Request-Id: 2e70c011a8286c93ee7515a2ed91a404, 2e70c011a8286c93ee7515a2ed91a404
    X-Shimo-Proxy: feproxy
    X-Trace-Id: c6f4aa280b571ee98cc532573d4d45a7
    Strict-Transport-Security: max-age=15724800; includeSubDomains
  • flag-cn
    GET
    https://shimo.im/docs/1d3aV8Pzabfrn5qg/
    9d96bb3384a21744a45c2c3115b28feb986c0cfc9f8d6c970e13169d6e1ab1c8.exe
    Remote address:
    116.205.2.136:443
    Request
    GET /docs/1d3aV8Pzabfrn5qg/ HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Accept: text/html, application/xhtml+xml, */*
    Accept-Encoding: gbk, GB2312
    Accept-Language: zh-cn
    User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
    Host: shimo.im
    Response
    HTTP/1.1 200 OK
    Date: Wed, 16 Aug 2023 05:49:56 GMT
    Content-Type: text/html; charset=UTF-8
    Content-Length: 2812
    Connection: keep-alive
    Vary: Accept-Encoding
    Accept-Ranges: bytes
    Cache-Control: public, max-age=0
    Etag: W/"afc-189e2a8da00"
    Last-Modified: Fri, 11 Aug 2023 03:34:24 GMT
    Set-Cookie: shimo_sid=s%3A7a89e128d3df4527a9b095603d5926d0.sbqy7HZhTaK%2FGhQIs8qBL0%2BfkUG0jUPK8BVeVFSONIk; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly; Secure
    Set-Cookie: anonymousUser=-8193402701; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: anonymousToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJDcmVkaXQiOnsiaWQiOiItODE5MzQwMjcwMSJ9LCJleHAiOjE2OTIxNjg1OTZ9.8UmIszjjaO67RLdP7FRQJGcX2EJIyDCo1dXE6rfAdUM; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: shimo_gatedlaunch=6; Path=/; Domain=shimo.im; Max-Age=3110400000; HttpOnly; Secure
    X-Request-Id: 2709e5b9e2b6bea5581bea768f67d17e, 2709e5b9e2b6bea5581bea768f67d17e
    X-Shimo-Proxy: feproxy
    X-Trace-Id: a022781505884ee2dd4f29287994d2d9
    Strict-Transport-Security: max-age=15724800; includeSubDomains
  • flag-cn
    GET
    https://shimo.im/docs/1d3aV8Pzabfrn5qg/
    9d96bb3384a21744a45c2c3115b28feb986c0cfc9f8d6c970e13169d6e1ab1c8.exe
    Remote address:
    116.205.2.136:443
    Request
    GET /docs/1d3aV8Pzabfrn5qg/ HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Accept: text/html, application/xhtml+xml, */*
    Accept-Encoding: gbk, GB2312
    Accept-Language: zh-cn
    User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
    Host: shimo.im
    Response
    HTTP/1.1 200 OK
    Date: Wed, 16 Aug 2023 05:50:01 GMT
    Content-Type: text/html; charset=UTF-8
    Content-Length: 2812
    Connection: keep-alive
    Vary: Accept-Encoding
    Accept-Ranges: bytes
    Cache-Control: public, max-age=0
    Etag: W/"afc-189e2a8da00"
    Last-Modified: Fri, 11 Aug 2023 03:34:24 GMT
    Set-Cookie: shimo_sid=s%3Af8e8d47c5b284b47a5ed5eab802ee9a4.oN8Xj1D7nk96Trbvg7zPglpTuHFT6e%2FErNCVXEtxSfQ; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly; Secure
    Set-Cookie: anonymousUser=-8193402907; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: anonymousToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJDcmVkaXQiOnsiaWQiOiItODE5MzQwMjkwNyJ9LCJleHAiOjE2OTIxNjg2MDF9.NFrzDwDzyhDr8z1N5GuF-zR93i5uJwuRbuwWUf2WiQs; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: shimo_gatedlaunch=1; Path=/; Domain=shimo.im; Max-Age=3110400000; HttpOnly; Secure
    X-Request-Id: 79982da42dd803a2bea3fd88dac73358, 79982da42dd803a2bea3fd88dac73358
    X-Shimo-Proxy: feproxy
    X-Trace-Id: 58ef130b54da59aaa528d43dc999ce5a
    Strict-Transport-Security: max-age=15724800; includeSubDomains
  • flag-cn
    GET
    https://shimo.im/docs/1d3aV8Pzabfrn5qg/
    9d96bb3384a21744a45c2c3115b28feb986c0cfc9f8d6c970e13169d6e1ab1c8.exe
    Remote address:
    116.205.2.136:443
    Request
    GET /docs/1d3aV8Pzabfrn5qg/ HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Accept: text/html, application/xhtml+xml, */*
    Accept-Encoding: gbk, GB2312
    Accept-Language: zh-cn
    User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
    Host: shimo.im
    Response
    HTTP/1.1 200 OK
    Date: Wed, 16 Aug 2023 05:50:06 GMT
    Content-Type: text/html; charset=UTF-8
    Content-Length: 2812
    Connection: keep-alive
    Vary: Accept-Encoding
    Accept-Ranges: bytes
    Cache-Control: public, max-age=0
    Etag: W/"afc-189e2a8da00"
    Last-Modified: Fri, 11 Aug 2023 03:34:24 GMT
    Set-Cookie: shimo_sid=s%3A03766d37a0ca4d18857a3a146560cd50.OPIbM%2BFJNuSjr9VA7pKztFp%2BvJ%2B0dqc%2B%2B%2BZ5q2k2Tvc; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly; Secure
    Set-Cookie: anonymousUser=-8193403109; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: anonymousToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJDcmVkaXQiOnsiaWQiOiItODE5MzQwMzEwOSJ9LCJleHAiOjE2OTIxNjg2MDZ9.XPZoGsKGmXIqq0JpjJ4ev0FaN8fZW29-7iLOAYLYcyM; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: shimo_gatedlaunch=3; Path=/; Domain=shimo.im; Max-Age=3110400000; HttpOnly; Secure
    X-Request-Id: 4d4abc0c1ae78df38942a903722c9470, 4d4abc0c1ae78df38942a903722c9470
    X-Shimo-Proxy: feproxy
    X-Trace-Id: 93cc3de909f15f301af0fa577634caf0
    Strict-Transport-Security: max-age=15724800; includeSubDomains
  • flag-cn
    GET
    https://shimo.im/docs/1d3aV8Pzabfrn5qg/
    9d96bb3384a21744a45c2c3115b28feb986c0cfc9f8d6c970e13169d6e1ab1c8.exe
    Remote address:
    116.205.2.136:443
    Request
    GET /docs/1d3aV8Pzabfrn5qg/ HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Accept: text/html, application/xhtml+xml, */*
    Accept-Encoding: gbk, GB2312
    Accept-Language: zh-cn
    User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
    Host: shimo.im
    Response
    HTTP/1.1 200 OK
    Date: Wed, 16 Aug 2023 05:50:11 GMT
    Content-Type: text/html; charset=UTF-8
    Content-Length: 2812
    Connection: keep-alive
    Vary: Accept-Encoding
    Accept-Ranges: bytes
    Cache-Control: public, max-age=0
    Etag: W/"afc-189e2a8da00"
    Last-Modified: Fri, 11 Aug 2023 03:34:24 GMT
    Set-Cookie: shimo_sid=s%3Ad710045b93794ff1bdff0052c3c193ef.GBnBz7wC6CzMVSOVmZkNlpoiUteoRs55BAyb4Q%2FnfJ8; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly; Secure
    Set-Cookie: anonymousUser=-8193403307; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: anonymousToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJDcmVkaXQiOnsiaWQiOiItODE5MzQwMzMwNyJ9LCJleHAiOjE2OTIxNjg2MTF9.gZ0V8sT7t3Al1nG-8jww1Kvj2xNmctOxvOLsuNYS23I; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: shimo_gatedlaunch=7; Path=/; Domain=shimo.im; Max-Age=3110400000; HttpOnly; Secure
    X-Request-Id: d5ba8cda097b8255bec7a3654703015d, d5ba8cda097b8255bec7a3654703015d
    X-Shimo-Proxy: feproxy
    X-Trace-Id: 1e3c7385f6cae8db9d27506fd46aaf41
    Strict-Transport-Security: max-age=15724800; includeSubDomains
  • flag-cn
    GET
    https://shimo.im/docs/1d3aV8Pzabfrn5qg/
    9d96bb3384a21744a45c2c3115b28feb986c0cfc9f8d6c970e13169d6e1ab1c8.exe
    Remote address:
    116.205.2.136:443
    Request
    GET /docs/1d3aV8Pzabfrn5qg/ HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Accept: text/html, application/xhtml+xml, */*
    Accept-Encoding: gbk, GB2312
    Accept-Language: zh-cn
    User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
    Host: shimo.im
    Response
    HTTP/1.1 200 OK
    Date: Wed, 16 Aug 2023 05:50:16 GMT
    Content-Type: text/html; charset=UTF-8
    Content-Length: 2812
    Connection: keep-alive
    Vary: Accept-Encoding
    Accept-Ranges: bytes
    Cache-Control: public, max-age=0
    Etag: W/"afc-189e2a8da00"
    Last-Modified: Fri, 11 Aug 2023 03:34:24 GMT
    Set-Cookie: shimo_sid=s%3Aa8c443e5386447b4a2da9baeb238c6e0.5T3c3JFRzn0WuqoVqrysNT5FxIOt1p8qozmstsFYFdM; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly; Secure
    Set-Cookie: anonymousUser=-8193403514; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: anonymousToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJDcmVkaXQiOnsiaWQiOiItODE5MzQwMzUxNCJ9LCJleHAiOjE2OTIxNjg2MTZ9.I1_TbkvfWMptZbCz1d4J8__NR4B94M3IWkynhL9OG2s; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: shimo_gatedlaunch=3; Path=/; Domain=shimo.im; Max-Age=3110400000; HttpOnly; Secure
    X-Request-Id: 238b89ef4280ccfacd56085b47773f77, 238b89ef4280ccfacd56085b47773f77
    X-Shimo-Proxy: feproxy
    X-Trace-Id: 653a2e17dba2b9039f43b42aef14eb30
    Strict-Transport-Security: max-age=15724800; includeSubDomains
  • flag-cn
    GET
    https://shimo.im/docs/1d3aV8Pzabfrn5qg/
    9d96bb3384a21744a45c2c3115b28feb986c0cfc9f8d6c970e13169d6e1ab1c8.exe
    Remote address:
    116.205.2.136:443
    Request
    GET /docs/1d3aV8Pzabfrn5qg/ HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Accept: text/html, application/xhtml+xml, */*
    Accept-Encoding: gbk, GB2312
    Accept-Language: zh-cn
    User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
    Host: shimo.im
    Response
    HTTP/1.1 200 OK
    Date: Wed, 16 Aug 2023 05:50:21 GMT
    Content-Type: text/html; charset=UTF-8
    Content-Length: 2812
    Connection: keep-alive
    Vary: Accept-Encoding
    Accept-Ranges: bytes
    Cache-Control: public, max-age=0
    Etag: W/"afc-189e2a8da00"
    Last-Modified: Fri, 11 Aug 2023 03:34:24 GMT
    Set-Cookie: shimo_sid=s%3A07e87249481742a09c0a3da3c0ec5314.Wq421VbwwSwB1zvu0mMc8%2FO7jXidM405%2Fjl9yO9WiMs; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly; Secure
    Set-Cookie: anonymousUser=-8193403683; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: anonymousToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJDcmVkaXQiOnsiaWQiOiItODE5MzQwMzY4MyJ9LCJleHAiOjE2OTIxNjg2MjF9.9jfuPWgE1toTUeumneH3TYOi3wpBdjlPph8frhtkWgM; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: shimo_gatedlaunch=8; Path=/; Domain=shimo.im; Max-Age=3110400000; HttpOnly; Secure
    X-Request-Id: f22230b1672247eceacbfe021f234988, f22230b1672247eceacbfe021f234988
    X-Shimo-Proxy: feproxy
    X-Trace-Id: e04b348d42e8e9f152bfcaf7875d9d9b
    Strict-Transport-Security: max-age=15724800; includeSubDomains
  • flag-cn
    GET
    https://shimo.im/docs/1d3aV8Pzabfrn5qg/
    9d96bb3384a21744a45c2c3115b28feb986c0cfc9f8d6c970e13169d6e1ab1c8.exe
    Remote address:
    116.205.2.136:443
    Request
    GET /docs/1d3aV8Pzabfrn5qg/ HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Accept: text/html, application/xhtml+xml, */*
    Accept-Encoding: gbk, GB2312
    Accept-Language: zh-cn
    User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
    Host: shimo.im
    Response
    HTTP/1.1 200 OK
    Date: Wed, 16 Aug 2023 05:50:26 GMT
    Content-Type: text/html; charset=UTF-8
    Content-Length: 2812
    Connection: keep-alive
    Vary: Accept-Encoding
    Accept-Ranges: bytes
    Cache-Control: public, max-age=0
    Etag: W/"afc-189e2a8da00"
    Last-Modified: Fri, 11 Aug 2023 03:34:24 GMT
    Set-Cookie: shimo_sid=s%3A08330dd2445c429c8940041a5ca41c76.HVini5Kp%2BkZNAepuwbpvLecbMKiM5SNVD4rMWHlnj7k; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly; Secure
    Set-Cookie: anonymousUser=-8193403888; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: anonymousToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJDcmVkaXQiOnsiaWQiOiItODE5MzQwMzg4OCJ9LCJleHAiOjE2OTIxNjg2MjZ9.9Pfengki-IU-LL2LhvKmPajShX4KaRXS5mK1D_r0WaY; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: shimo_gatedlaunch=5; Path=/; Domain=shimo.im; Max-Age=3110400000; HttpOnly; Secure
    X-Request-Id: 6aec6acc72e23bab8e217a301444c263, 6aec6acc72e23bab8e217a301444c263
    X-Shimo-Proxy: feproxy
    X-Trace-Id: 7d5c2f2aafefc724d5b03953bf832b5e
    Strict-Transport-Security: max-age=15724800; includeSubDomains
  • flag-cn
    GET
    https://shimo.im/docs/1d3aV8Pzabfrn5qg/
    9d96bb3384a21744a45c2c3115b28feb986c0cfc9f8d6c970e13169d6e1ab1c8.exe
    Remote address:
    116.205.2.136:443
    Request
    GET /docs/1d3aV8Pzabfrn5qg/ HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Accept: text/html, application/xhtml+xml, */*
    Accept-Encoding: gbk, GB2312
    Accept-Language: zh-cn
    User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
    Host: shimo.im
    Response
    HTTP/1.1 200 OK
    Date: Wed, 16 Aug 2023 05:50:32 GMT
    Content-Type: text/html; charset=UTF-8
    Content-Length: 2812
    Connection: keep-alive
    Vary: Accept-Encoding
    Accept-Ranges: bytes
    Cache-Control: public, max-age=0
    Etag: W/"afc-189e2a8da00"
    Last-Modified: Fri, 11 Aug 2023 03:34:24 GMT
    Set-Cookie: shimo_sid=s%3A624fc9a3b3964fda944f2866e974cf51.k7eyrNoHDk6QNvwEQ0lNRR1KF44kmK4fl96pkYOVcG0; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly; Secure
    Set-Cookie: anonymousUser=-8193404125; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: anonymousToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJDcmVkaXQiOnsiaWQiOiItODE5MzQwNDEyNSJ9LCJleHAiOjE2OTIxNjg2MzJ9.oXWrXmZmhDL4jVBSbPy9q3a0lEN10sneTy67Khb0YBw; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: shimo_gatedlaunch=8; Path=/; Domain=shimo.im; Max-Age=3110400000; HttpOnly; Secure
    X-Request-Id: e2d4689a805d4c4da43af22088b8c370, e2d4689a805d4c4da43af22088b8c370
    X-Shimo-Proxy: feproxy
    X-Trace-Id: 5e9542395e610e9bde3d5eea587edac3
    Strict-Transport-Security: max-age=15724800; includeSubDomains
  • flag-cn
    GET
    https://shimo.im/docs/1d3aV8Pzabfrn5qg/
    9d96bb3384a21744a45c2c3115b28feb986c0cfc9f8d6c970e13169d6e1ab1c8.exe
    Remote address:
    116.205.2.136:443
    Request
    GET /docs/1d3aV8Pzabfrn5qg/ HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Accept: text/html, application/xhtml+xml, */*
    Accept-Encoding: gbk, GB2312
    Accept-Language: zh-cn
    User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
    Host: shimo.im
    Response
    HTTP/1.1 200 OK
    Date: Wed, 16 Aug 2023 05:50:36 GMT
    Content-Type: text/html; charset=UTF-8
    Content-Length: 2812
    Connection: keep-alive
    Vary: Accept-Encoding
    Accept-Ranges: bytes
    Cache-Control: public, max-age=0
    Etag: W/"afc-189e2a8da00"
    Last-Modified: Fri, 11 Aug 2023 03:34:24 GMT
    Set-Cookie: shimo_sid=s%3A410cd7c41f7145038c175ba7572090a1.sxZXkuLU5Tm9F3hT78fs3wutmXOsJaersT6NjgEChA0; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly; Secure
    Set-Cookie: anonymousUser=-8193404294; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: anonymousToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJDcmVkaXQiOnsiaWQiOiItODE5MzQwNDI5NCJ9LCJleHAiOjE2OTIxNjg2MzZ9.ZYTEP6QlzN_h_KMc_rvkDYYLXNQuFzSJkmVEcF3CYhk; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: shimo_gatedlaunch=8; Path=/; Domain=shimo.im; Max-Age=3110400000; HttpOnly; Secure
    X-Request-Id: 16cdfc5c0b0a2045665ba7eb83e214ab, 16cdfc5c0b0a2045665ba7eb83e214ab
    X-Shimo-Proxy: feproxy
    X-Trace-Id: 90561dcc077e37954fdcafcdc4823800
    Strict-Transport-Security: max-age=15724800; includeSubDomains
  • flag-cn
    GET
    https://shimo.im/docs/1d3aV8Pzabfrn5qg/
    9d96bb3384a21744a45c2c3115b28feb986c0cfc9f8d6c970e13169d6e1ab1c8.exe
    Remote address:
    116.205.2.136:443
    Request
    GET /docs/1d3aV8Pzabfrn5qg/ HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Accept: text/html, application/xhtml+xml, */*
    Accept-Encoding: gbk, GB2312
    Accept-Language: zh-cn
    User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
    Host: shimo.im
    Response
    HTTP/1.1 200 OK
    Date: Wed, 16 Aug 2023 05:50:41 GMT
    Content-Type: text/html; charset=UTF-8
    Content-Length: 2812
    Connection: keep-alive
    Vary: Accept-Encoding
    Accept-Ranges: bytes
    Cache-Control: public, max-age=0
    Etag: W/"afc-189e2a8da00"
    Last-Modified: Fri, 11 Aug 2023 03:34:24 GMT
    Set-Cookie: shimo_sid=s%3Ae58d0dbbefa34654aa7beb2a1f594925.5EQpI3zkWFscPDIAYMJIJ7SCu8CQlOyQ9vrV7Wyapfc; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly; Secure
    Set-Cookie: anonymousUser=-8193404496; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: anonymousToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJDcmVkaXQiOnsiaWQiOiItODE5MzQwNDQ5NiJ9LCJleHAiOjE2OTIxNjg2NDF9.JpmqLEl1nShbYVDi0hliwaft642-yaCJOYBeCiJ8iXw; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: shimo_gatedlaunch=7; Path=/; Domain=shimo.im; Max-Age=3110400000; HttpOnly; Secure
    X-Request-Id: af26dc4cde8242fdeb311715af80fda3, af26dc4cde8242fdeb311715af80fda3
    X-Shimo-Proxy: feproxy
    X-Trace-Id: 0b447f81983300ae8be4a172779859e4
    Strict-Transport-Security: max-age=15724800; includeSubDomains
  • flag-cn
    GET
    https://shimo.im/docs/1d3aV8Pzabfrn5qg/
    9d96bb3384a21744a45c2c3115b28feb986c0cfc9f8d6c970e13169d6e1ab1c8.exe
    Remote address:
    116.205.2.136:443
    Request
    GET /docs/1d3aV8Pzabfrn5qg/ HTTP/1.1
    Cache-Control: no-cache
    Connection: Keep-Alive
    Accept: text/html, application/xhtml+xml, */*
    Accept-Encoding: gbk, GB2312
    Accept-Language: zh-cn
    User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
    Host: shimo.im
    Response
    HTTP/1.1 200 OK
    Date: Wed, 16 Aug 2023 05:50:46 GMT
    Content-Type: text/html; charset=UTF-8
    Content-Length: 2812
    Connection: keep-alive
    Vary: Accept-Encoding
    Accept-Ranges: bytes
    Cache-Control: public, max-age=0
    Etag: W/"afc-189e2a8da00"
    Last-Modified: Fri, 11 Aug 2023 03:34:24 GMT
    Set-Cookie: shimo_sid=s%3Aef68580fa9284a14a1cb58b474c79355.Bj8pen7ZnhHY6jdgt7GoEfDXDSu3GpspodXUJKLHtVQ; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly; Secure
    Set-Cookie: anonymousUser=-8193404673; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: anonymousToken=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJDcmVkaXQiOnsiaWQiOiItODE5MzQwNDY3MyJ9LCJleHAiOjE2OTIxNjg2NDZ9.hcf6BSJoDwiRHqdKolx8dBB58H0QqdoKgTwNl0iVxzo; Path=/; Domain=shimo.im; Max-Age=3600; HttpOnly
    Set-Cookie: shimo_gatedlaunch=4; Path=/; Domain=shimo.im; Max-Age=3110400000; HttpOnly; Secure
    X-Request-Id: 5814faeafe3d7d8d2a83ea360e63e110, 5814faeafe3d7d8d2a83ea360e63e110
    X-Shimo-Proxy: feproxy
    X-Trace-Id: 641b48a202ef4e963518817a22594921
    Strict-Transport-Security: max-age=15724800; includeSubDomains
  • 125.77.158.24:80
    http://w.eydata.net/38C60F0DFEF1B97B
    http
    9d96bb3384a21744a45c2c3115b28feb986c0cfc9f8d6c970e13169d6e1ab1c8.exe
    546 B
     708 B
     5
    4

    HTTP Request

    POST http://w.eydata.net/38C60F0DFEF1B97B

    HTTP Response

    200
  • 116.205.2.136:443
    https://shimo.im/docs/1d3aV8Pzabfrn5qg/
    tls, http
    9d96bb3384a21744a45c2c3115b28feb986c0cfc9f8d6c970e13169d6e1ab1c8.exe
    16.3kB
     129.0kB
     106
    99

    HTTP Request

    GET https://shimo.im/docs/1d3aV8Pzabfrn5qg/

    HTTP Response

    200

    HTTP Request

    GET https://shimo.im/docs/1d3aV8Pzabfrn5qg/

    HTTP Response

    200

    HTTP Request

    GET https://shimo.im/docs/1d3aV8Pzabfrn5qg/

    HTTP Response

    200

    HTTP Request

    GET https://shimo.im/docs/1d3aV8Pzabfrn5qg/

    HTTP Response

    200

    HTTP Request

    GET https://shimo.im/docs/1d3aV8Pzabfrn5qg/

    HTTP Response

    200

    HTTP Request

    GET https://shimo.im/docs/1d3aV8Pzabfrn5qg/

    HTTP Response

    200

    HTTP Request

    GET https://shimo.im/docs/1d3aV8Pzabfrn5qg/

    HTTP Response

    200

    HTTP Request

    GET https://shimo.im/docs/1d3aV8Pzabfrn5qg/

    HTTP Response

    200

    HTTP Request

    GET https://shimo.im/docs/1d3aV8Pzabfrn5qg/

    HTTP Response

    200

    HTTP Request

    GET https://shimo.im/docs/1d3aV8Pzabfrn5qg/

    HTTP Response

    200

    HTTP Request

    GET https://shimo.im/docs/1d3aV8Pzabfrn5qg/

    HTTP Response

    200

    HTTP Request

    GET https://shimo.im/docs/1d3aV8Pzabfrn5qg/

    HTTP Response

    200

    HTTP Request

    GET https://shimo.im/docs/1d3aV8Pzabfrn5qg/

    HTTP Response

    200

    HTTP Request

    GET https://shimo.im/docs/1d3aV8Pzabfrn5qg/

    HTTP Response

    200

    HTTP Request

    GET https://shimo.im/docs/1d3aV8Pzabfrn5qg/

    HTTP Response

    200

    HTTP Request

    GET https://shimo.im/docs/1d3aV8Pzabfrn5qg/

    HTTP Response

    200

    HTTP Request

    GET https://shimo.im/docs/1d3aV8Pzabfrn5qg/

    HTTP Response

    200

    HTTP Request

    GET https://shimo.im/docs/1d3aV8Pzabfrn5qg/

    HTTP Response

    200

    HTTP Request

    GET https://shimo.im/docs/1d3aV8Pzabfrn5qg/

    HTTP Response

    200

    HTTP Request

    GET https://shimo.im/docs/1d3aV8Pzabfrn5qg/

    HTTP Response

    200

    HTTP Request

    GET https://shimo.im/docs/1d3aV8Pzabfrn5qg/

    HTTP Response

    200

    HTTP Request

    GET https://shimo.im/docs/1d3aV8Pzabfrn5qg/

    HTTP Response

    200

    HTTP Request

    GET https://shimo.im/docs/1d3aV8Pzabfrn5qg/

    HTTP Response

    200

    HTTP Request

    GET https://shimo.im/docs/1d3aV8Pzabfrn5qg/

    HTTP Response

    200

    HTTP Request

    GET https://shimo.im/docs/1d3aV8Pzabfrn5qg/

    HTTP Response

    200

    HTTP Request

    GET https://shimo.im/docs/1d3aV8Pzabfrn5qg/

    HTTP Response

    200

    HTTP Request

    GET https://shimo.im/docs/1d3aV8Pzabfrn5qg/

    HTTP Response

    200

    HTTP Request

    GET https://shimo.im/docs/1d3aV8Pzabfrn5qg/

    HTTP Response

    200

    HTTP Request

    GET https://shimo.im/docs/1d3aV8Pzabfrn5qg/

    HTTP Response

    200
  • 8.8.8.8:53
    w.eydata.net
    dns
    9d96bb3384a21744a45c2c3115b28feb986c0cfc9f8d6c970e13169d6e1ab1c8.exe
    58 B
     160 B
     1
    1

    DNS Request

    w.eydata.net

    DNS Response

    125.77.158.24

  • 8.8.8.8:53
    w.eydata.net
    dns
    9d96bb3384a21744a45c2c3115b28feb986c0cfc9f8d6c970e13169d6e1ab1c8.exe
    58 B
     160 B
     1
    1

    DNS Request

    w.eydata.net

    DNS Response

    125.77.158.24

  • 8.8.8.8:53
    shimo.im
    dns
    9d96bb3384a21744a45c2c3115b28feb986c0cfc9f8d6c970e13169d6e1ab1c8.exe
    54 B
     70 B
     1
    1

    DNS Request

    shimo.im

    DNS Response

    116.205.2.136

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2532-54-0x0000000000400000-0x0000000000839000-memory.dmp

    Filesize

    4.2MB

    Download

  • memory/2532-56-0x0000000000270000-0x000000000027B000-memory.dmp

    Filesize

    44KB

    Download

  • memory/2532-57-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2532-59-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2532-61-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2532-60-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2532-63-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2532-62-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2532-65-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2532-67-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2532-70-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2532-72-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2532-74-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2532-78-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2532-80-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2532-76-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2532-82-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2532-84-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2532-85-0x0000000000270000-0x000000000027B000-memory.dmp

    Filesize

    44KB

    Download

  • memory/2532-89-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2532-87-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2532-92-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2532-94-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2532-96-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2532-98-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2532-102-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2532-104-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2532-100-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2532-106-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2532-107-0x0000000010000000-0x000000001003E000-memory.dmp

    Filesize

    248KB

    Download

  • memory/2532-109-0x0000000000400000-0x0000000000839000-memory.dmp

    Filesize

    4.2MB

    Download

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.