ae31fc247034b9021268f93b02a1c8b710e1fb52eaabe093aba12f59942a1997

Analysis

max time kernel
147s
max time network
156s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
12/10/2023, 19:14 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2023-08-26_186bd3449422b4a0c6db7d28d86019a7_mafia_JC.exe
Size

367KB
MD5

186bd3449422b4a0c6db7d28d86019a7
SHA1

5ad2566a99f73e6c8fa1b165ec71605a4c72991d
SHA256

ae31fc247034b9021268f93b02a1c8b710e1fb52eaabe093aba12f59942a1997
SHA512

18576a3a67e2a1361721669522174d9860c599f1f818b5bc1fabfba4b8244a6f1504c9f02f6e93602fff1bf0b55ca40657a7c371cc6510515b167a049378b6f9
SSDEEP

6144:vNgF4DxNuJc06j4YBa77xMQxA5i5knmv1SL/mQXCk47l5Olw8l:vu4lNAtYytvS5Aku1YLClN8

Score

7^/10

Malware Config

Signatures

Checks computer location settings 2 TTPs 1 IoCs

Looks up country code configured in the registry, likely geofence.

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\Control Panel\International\Geo\Nation	2023-08-26_186bd3449422b4a0c6db7d28d86019a7_mafia_JC.exe

Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Modifies Internet Explorer settings 1 TTPs 64 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Set value (int)	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\SOFTWARE\Microsoft\Internet Explorer\IESettingSync\SlowSettingTypesChanged = "2"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\Total\ = "144017"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\FileNames\	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\taobao.com\Total = "144083"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\taobao.com\Total = "144059"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\Total\ = "144059"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\Total\ = "14"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = c03352d5a3e7d901	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion\FileNames	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\Software\Microsoft\Internet Explorer\Main	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\Software\Microsoft\Internet Explorer\DOMStorage\ai.taobao.com	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\Total\ = "0"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\taobao.com\Total = "143861"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\ai.taobao.com\ = "144073"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\ai.taobao.com\ = "144083"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\Software\Microsoft\Internet Explorer\GPU	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\Software\Microsoft\Internet Explorer\Main	IEXPLORE.EXE
Set value (data)	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\SOFTWARE\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\Software\Microsoft\Internet Explorer\DOMStorage\Total	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\ai.taobao.com\ = "0"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\ai.taobao.com\ = "144069"	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\SOFTWARE\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\ai.taobao.com\ = "14"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\taobao.com\Total = "59"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\Total\ = "143958"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\ai.taobao.com\ = "144059"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "401526819"	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\SOFTWARE\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\ai.taobao.com\ = "59"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\taobao.com\Total = "143958"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion\FileNames\	iexplore.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FullScreen = "no"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\Total\ = "143861"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\Total\ = "144031"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\SOFTWARE\Microsoft\Internet Explorer\Recovery\AdminActive\{B62978E7-6CE7-11EE-8688-FEAC1AA35865} = "0"	iexplore.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb010000001525ae190b18d34db1dbd7ec819325760000000002000000000010660000000100002000000011bbc048336c65e2caa75d29c651d0b37d8f7e60e791404c6a93dc96e335fc45000000000e800000000200002000000083025667b9887c8f619e2423b090f6f6f709dacd2efd070f072255a0407b0a8420000000b4e74f327dbf47ce62e54db4fdc99a1aee54112d80cfbca7084bbe20d4417cb040000000a24978bdaa587e3c735a24a909fa75817393f55924b8001f4d07ec97261834dcdadc07542f7ec40bfbbb25ce2e63a3d3f043d2eb7f7df6f211cb55092dcf0468	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\ai.taobao.com\ = "143861"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\taobao.com\Total = "144031"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\ai.taobao.com\ = "144031"	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\SOFTWARE\Microsoft\Internet Explorer\DomainSuggestion\FileNames\en-US = "en-US.1"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\Software\Microsoft\Internet Explorer\DOMStorage\taobao.com	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\Total\ = "59"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\ai.taobao.com\ = "143958"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\ai.taobao.com\ = "144017"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\Total\ = "144083"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\SOFTWARE\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0"	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\taobao.com\NumberOfSubdomains = "1"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\taobao.com\Total = "144069"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\taobao.com	IEXPLORE.EXE
Set value (str)	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\SOFTWARE\Microsoft\Internet Explorer\GPU\AdapterInfo = "vendorId=\"0x10de\",deviceID=\"0x8c\",subSysID=\"0x0\",revision=\"0x0\",version=\"10.0.19041.546\"hypervisor=\"No Hypervisor (No SLAT)\""	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\taobao.com\Total = "14"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\Total\ = "144073"	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\SOFTWARE\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0"	iexplore.exe
Key created	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\Software\Microsoft\Internet Explorer\IESettingSync	IEXPLORE.EXE
Set value (int)	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\taobao.com\Total = "0"	IEXPLORE.EXE
Key created	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\SOFTWARE\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage	iexplore.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-1926387074-3400613176-3566796709-1000\SOFTWARE\Microsoft\Internet Explorer\DOMStorage\Total\ = "144069"	IEXPLORE.EXE

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
1764	iexplore.exe

Suspicious use of FindShellTrayWindow 1 IoCs

pid	Process
1764	iexplore.exe

Suspicious use of SetWindowsHookEx 6 IoCs

pid	Process
1764	iexplore.exe
1764	iexplore.exe
4488	IEXPLORE.EXE
4488	IEXPLORE.EXE
4488	IEXPLORE.EXE
4488	IEXPLORE.EXE

Suspicious use of WriteProcessMemory 5 IoCs

description	pid	Process	procid_target
PID 4192 wrote to memory of 1764	4192	2023-08-26_186bd3449422b4a0c6db7d28d86019a7_mafia_JC.exe	84
PID 4192 wrote to memory of 1764	4192	2023-08-26_186bd3449422b4a0c6db7d28d86019a7_mafia_JC.exe	84
PID 1764 wrote to memory of 4488	1764	iexplore.exe	85
PID 1764 wrote to memory of 4488	1764	iexplore.exe	85
PID 1764 wrote to memory of 4488	1764	iexplore.exe	85

C:\Users\Admin\AppData\Local\Temp\2023-08-26_186bd3449422b4a0c6db7d28d86019a7_mafia_JC.exe
"C:\Users\Admin\AppData\Local\Temp\2023-08-26_186bd3449422b4a0c6db7d28d86019a7_mafia_JC.exe"
1⤵
- Checks computer location settings
- Suspicious use of WriteProcessMemory
PID:4192
- C:\Program Files\Internet Explorer\iexplore.exe
  "C:\Program Files\Internet Explorer\iexplore.exe" http://skjp.zcjczj.cn/ds2taob.html?s=92&v=93&c=94&a=376&m=&t=1614299382
  2⤵
  - Modifies Internet Explorer settings
  - Suspicious behavior: GetForegroundWindowSpam
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SetWindowsHookEx
  - Suspicious use of WriteProcessMemory
  PID:1764
- - C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1764 CREDAT:17410 /prefetch:2
    3⤵
    - Modifies Internet Explorer settings
    - Suspicious use of SetWindowsHookEx
    PID:4488

Network

DNS

208.194.73.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

208.194.73.20.in-addr.arpa

IN PTR

Response
DNS

tj.flyfile.cn

2023-08-26_186bd3449422b4a0c6db7d28d86019a7_mafia_JC.exe

Remote address:

8.8.8.8:53

Request

tj.flyfile.cn

IN A

Response

tj.flyfile.cn

IN A

123.56.15.95
DNS

tj.flyfile.cn

2023-08-26_186bd3449422b4a0c6db7d28d86019a7_mafia_JC.exe

Remote address:

8.8.8.8:53

Request

tj.flyfile.cn

IN A

Response

tj.flyfile.cn

IN A

123.56.15.95
DNS

skjp.zcjczj.cn

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

skjp.zcjczj.cn

IN A

Response

skjp.zcjczj.cn

IN CNAME

skjp.zcjczj.cn.w.kunlunaq.com

skjp.zcjczj.cn.w.kunlunaq.com

IN A

117.21.178.211

skjp.zcjczj.cn.w.kunlunaq.com

IN A

117.21.178.212

skjp.zcjczj.cn.w.kunlunaq.com

IN A

117.21.178.213

skjp.zcjczj.cn.w.kunlunaq.com

IN A

117.21.178.214

skjp.zcjczj.cn.w.kunlunaq.com

IN A

117.21.178.216

skjp.zcjczj.cn.w.kunlunaq.com

IN A

117.21.178.217

skjp.zcjczj.cn.w.kunlunaq.com

IN A

117.21.178.218

skjp.zcjczj.cn.w.kunlunaq.com

IN A

117.21.178.219

skjp.zcjczj.cn.w.kunlunaq.com

IN A

117.21.178.220

skjp.zcjczj.cn.w.kunlunaq.com

IN A

117.21.178.221

skjp.zcjczj.cn.w.kunlunaq.com

IN A

117.21.178.222

skjp.zcjczj.cn.w.kunlunaq.com

IN A

117.21.178.223

skjp.zcjczj.cn.w.kunlunaq.com

IN A

117.21.178.224

skjp.zcjczj.cn.w.kunlunaq.com

IN A

117.21.178.225

skjp.zcjczj.cn.w.kunlunaq.com

IN A

117.21.178.204

skjp.zcjczj.cn.w.kunlunaq.com

IN A

117.21.178.210
GET

http://skjp.zcjczj.cn/ds2taob.html?s=92&v=93&c=94&a=376&m=&t=1614299382

IEXPLORE.EXE

Remote address:

117.21.178.211:80

Request

GET /ds2taob.html?s=92&v=93&c=94&a=376&m=&t=1614299382 HTTP/1.1
Accept: text/html, application/xhtml+xml, image/jxr, */*
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: skjp.zcjczj.cn
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Server: Tengine
Content-Type: text/html
Content-Length: 315
Connection: keep-alive
Date: Tue, 17 Oct 2023 12:21:41 GMT
Last-Modified: Fri, 26 Feb 2021 02:45:58 GMT
ETag: "603860e6-13b"
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1697545301
Via: cache34.l2cn3122[65,65,200-0,M], cache26.l2cn3122[66,0], kunlun5.cn5263[84,83,200-0,M], kunlun5.cn5263[245,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Tue, 17 Oct 2023 12:21:41 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 7515b28616975453014797351e
GET

http://skjp.zcjczj.cn/favicon.ico

IEXPLORE.EXE

Remote address:

117.21.178.211:80

Request

GET /favicon.ico HTTP/1.1
Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: skjp.zcjczj.cn
Connection: Keep-Alive

Response

HTTP/1.1 404 Not Found

Server: Tengine
Content-Type: text/html
Content-Length: 146
Connection: keep-alive
Date: Tue, 17 Oct 2023 12:21:58 GMT
Ali-Swift-Global-Savetime: 1697545318
Via: cache77.l2cn3122[108,108,404-1280,M], cache8.l2cn3122[109,0], kunlun4.cn5263[133,133,404-1280,M], kunlun5.cn5263[134,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-Error: orig response 4XX error
X-Swift-SaveTime: Tue, 17 Oct 2023 12:21:58 GMT
X-Swift-CacheTime: 1
Timing-Allow-Origin: *
EagleId: 7515b28616975453179831422e
DNS

211.178.21.117.in-addr.arpa

Remote address:

8.8.8.8:53

Request

211.178.21.117.in-addr.arpa

IN PTR

Response
DNS

76.32.126.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

76.32.126.40.in-addr.arpa

IN PTR

Response
DNS

108.211.229.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

108.211.229.192.in-addr.arpa

IN PTR

Response
DNS

158.240.127.40.in-addr.arpa

Remote address:

8.8.8.8:53

Request

158.240.127.40.in-addr.arpa

IN PTR

Response
DNS

config.dshfioy.cn

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

config.dshfioy.cn

IN A

Response

config.dshfioy.cn

IN CNAME

config.dshfioy.cn.w.kunlunaq.com

config.dshfioy.cn.w.kunlunaq.com

IN CNAME

offline.specialcdnstatus.com

offline.specialcdnstatus.com

IN A

169.254.254.254
DNS

ai.taobao.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

ai.taobao.com

IN A

Response

ai.taobao.com

IN CNAME

na61-na62.wagbridge.alibaba.taobao.com

na61-na62.wagbridge.alibaba.taobao.com

IN CNAME

na61-na62.wagbridge.alibaba.taobao.com.gds.alibabadns.com

na61-na62.wagbridge.alibaba.taobao.com.gds.alibabadns.com

IN A

59.82.121.179
GET

https://ai.taobao.com/?pid=mm_30434367_11956336_111175400398&union_lens=lensId%3APUB%401614154932%400bba8ed9_0edc_177d321a27b_0600%4001

IEXPLORE.EXE

Remote address:

59.82.121.179:443

Request

GET /?pid=mm_30434367_11956336_111175400398&union_lens=lensId%3APUB%401614154932%400bba8ed9_0edc_177d321a27b_0600%4001 HTTP/2.0
host: ai.taobao.com
accept: text/html, application/xhtml+xml, image/jxr, */*
referer: http://skjp.zcjczj.cn/ds2taob.html?s=92&v=93&c=94&a=376&m=&t=1614299382
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
accept-encoding: gzip, deflate

Response

HTTP/2.0 200

date: Tue, 17 Oct 2023 12:22:01 GMT
content-type: text/html; charset=utf-8
server: Tengine
vary: Accept-Encoding
vary: Origin
x-server-id: d7736b0396b657ea1182fec6897ab01391ffd37d9775b27b88b494450dd15e150bf3cb262721f0df
set-cookie: ctoken=zjJzNpE0iY8RURTKb4WOmlsV; path=/; secure
set-cookie: lego2_cna=MY2018XCDT2TUE505CWCE00K; path=/; max-age=31536000; expires=Wed, 16 Oct 2024 12:22:01 GMT; httponly
x-lego2-id: 4709284
x-lego2-type: 1
x-lego2-site-id: 34
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
strict-transport-security: max-age=31536000
x-readtime: 22
content-encoding: gzip
strict-transport-security: max-age=31536000
ups-target-key: ai.taobao.com
x-protocol: HTTP/2.0
eagleeye-traceid: 213e293016975453218221124e149a
GET

https://ai.taobao.com/favicon.ico

IEXPLORE.EXE

Remote address:

59.82.121.179:443

Request

GET /favicon.ico HTTP/2.0
host: ai.taobao.com
accept: */*
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
cookie: ctoken=zjJzNpE0iY8RURTKb4WOmlsV; lego2_cna=MY2018XCDT2TUE505CWCE00K; __wpkreporterwid_=d91b98f2-27e5-43e4-37d8-20c0b67c6d4d

Response

HTTP/2.0 302

date: Tue, 17 Oct 2023 12:22:15 GMT
content-type: text/html; charset=utf-8
content-length: 159
location: https://img.alicdn.com/tps/TB1PlWbKFXXXXbmXFXXXXXXXXXX-16-16.ico
server: Tengine
vary: Origin
x-server-id: d7736b0396b657ea3048faff76e2b93060d842ef32cacc1b88b494450dd15e150bf3cb262721f0df
x-readtime: 1
strict-transport-security: max-age=31536000
ups-target-key: ai.taobao.com
x-protocol: HTTP/2.0
eagleeye-traceid: 213e293016975453358252046e149a
DNS

179.121.82.59.in-addr.arpa

Remote address:

8.8.8.8:53

Request

179.121.82.59.in-addr.arpa

IN PTR

Response
DNS

226.20.18.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

226.20.18.104.in-addr.arpa

IN PTR

Response
DNS

g.alicdn.com

iexplore.exe

Remote address:

8.8.8.8:53

Request

g.alicdn.com

IN A

Response

g.alicdn.com

IN CNAME

g.alicdn.com.danuoyi.alicdn.com

g.alicdn.com.danuoyi.alicdn.com

IN A

47.246.48.251

g.alicdn.com.danuoyi.alicdn.com

IN A

47.246.48.252
DNS

mo.m.taobao.com

iexplore.exe

Remote address:

8.8.8.8:53

Request

mo.m.taobao.com

IN A

Response

mo.m.taobao.com

IN CNAME

mo.m.taobao.com.gds.alibabadns.com

mo.m.taobao.com.gds.alibabadns.com

IN CNAME

international.tengine.ingress.alibabacorp.com

international.tengine.ingress.alibabacorp.com

IN CNAME

international.tengine.ingress.alibabacorp.com.gds.alibabadns.com

international.tengine.ingress.alibabacorp.com.gds.alibabadns.com

IN CNAME

international.ovs.de.tengine.ingress.alibabacorp.com

international.ovs.de.tengine.ingress.alibabacorp.com

IN CNAME

international.ovs.de.tengine.ingress.alibabacorp.com.gds.alibabadns.com

international.ovs.de.tengine.ingress.alibabacorp.com.gds.alibabadns.com

IN A

47.246.146.192
DNS

mos.m.taobao.com

iexplore.exe

Remote address:

8.8.8.8:53

Request

mos.m.taobao.com

IN A

Response

mos.m.taobao.com

IN CNAME

mos.m.taobao.com.w.alikunlun.com

mos.m.taobao.com.w.alikunlun.com

IN A

47.246.48.232

mos.m.taobao.com.w.alikunlun.com

IN A

47.246.48.233
DNS

gw.alicdn.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

gw.alicdn.com

IN A

Response

gw.alicdn.com

IN CNAME

gw.alicdn.com.danuoyi.tbcache.com

gw.alicdn.com.danuoyi.tbcache.com

IN A

47.246.48.252

gw.alicdn.com.danuoyi.tbcache.com

IN A

47.246.48.251
DNS

h5api.m.taobao.com

iexplore.exe

Remote address:

8.8.8.8:53

Request

h5api.m.taobao.com

IN A

Response

h5api.m.taobao.com

IN CNAME

guide-acs.m.taobao.com

guide-acs.m.taobao.com

IN CNAME

guide-acs.m.taobao.com.gds.alibabadns.com

guide-acs.m.taobao.com.gds.alibabadns.com

IN CNAME

unitbrain-guide-unit-v6-pub.m.taobao.com

unitbrain-guide-unit-v6-pub.m.taobao.com

IN CNAME

unitbrain-guide-unit-v6-pub.m.taobao.com.gds.alibabadns.com

unitbrain-guide-unit-v6-pub.m.taobao.com.gds.alibabadns.com

IN A

47.246.64.92
DNS

h5api.m.taobao.com

iexplore.exe

Remote address:

8.8.8.8:53

Request

h5api.m.taobao.com

IN A

Response

h5api.m.taobao.com

IN CNAME

guide-acs.m.taobao.com

guide-acs.m.taobao.com

IN CNAME

guide-acs.m.taobao.com.gds.alibabadns.com

guide-acs.m.taobao.com.gds.alibabadns.com

IN CNAME

unitbrain-guide-unit-v6-pub.m.taobao.com

unitbrain-guide-unit-v6-pub.m.taobao.com

IN CNAME

unitbrain-guide-unit-v6-pub.m.taobao.com.gds.alibabadns.com

unitbrain-guide-unit-v6-pub.m.taobao.com.gds.alibabadns.com

IN A

47.246.64.92
DNS

img.alicdn.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

img.alicdn.com

IN A

Response

img.alicdn.com

IN CNAME

img.alicdn.com.danuoyi.alicdn.com

img.alicdn.com.danuoyi.alicdn.com

IN A

47.246.48.252

img.alicdn.com.danuoyi.alicdn.com

IN A

47.246.48.251
DNS

log.mmstat.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

log.mmstat.com

IN A

Response

log.mmstat.com

IN CNAME

log.mmstat.com.gds.alibabadns.com

log.mmstat.com.gds.alibabadns.com

IN CNAME

log-v6.mmstat.com

log-v6.mmstat.com

IN CNAME

log-v6.mmstat.com.gds.alibabadns.com

log-v6.mmstat.com.gds.alibabadns.com

IN A

59.82.33.226
DNS

lego.alicdn.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

lego.alicdn.com

IN A

Response

lego.alicdn.com

IN CNAME

lego.alicdn.com.danuoyi.tbcache.com

lego.alicdn.com.danuoyi.tbcache.com

IN A

47.246.48.251

lego.alicdn.com.danuoyi.tbcache.com

IN A

47.246.48.252
DNS

o.alicdn.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

o.alicdn.com

IN A

Response

o.alicdn.com

IN CNAME

o.alicdn.com.w.cdngslb.com

o.alicdn.com.w.cdngslb.com

IN A

47.246.45.251

o.alicdn.com.w.cdngslb.com

IN A

47.246.45.252
DNS

226.21.18.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

226.21.18.104.in-addr.arpa

IN PTR

Response
DNS

aeu.alicdn.com

iexplore.exe

Remote address:

8.8.8.8:53

Request

aeu.alicdn.com

IN A

Response

aeu.alicdn.com

IN CNAME

wildcard.alicdn.com.edgekey.net

wildcard.alicdn.com.edgekey.net

IN CNAME

e11956.x.akamaiedge.net

e11956.x.akamaiedge.net

IN A

23.207.107.56
DNS

t.alicdn.com

iexplore.exe

Remote address:

8.8.8.8:53

Request

t.alicdn.com

IN A

Response

t.alicdn.com

IN CNAME

t.alicdn.com.danuoyi.tbcache.com

t.alicdn.com.danuoyi.tbcache.com

IN A

47.246.48.251

t.alicdn.com.danuoyi.tbcache.com

IN A

47.246.48.252
DNS

uaction.alicdn.com

iexplore.exe

Remote address:

8.8.8.8:53

Request

uaction.alicdn.com

IN A

Response

uaction.alicdn.com

IN CNAME

uaction.alicdn.com.danuoyi.tbcache.com

uaction.alicdn.com.danuoyi.tbcache.com

IN A

47.246.48.252

uaction.alicdn.com.danuoyi.tbcache.com

IN A

47.246.48.251
GET

https://gw.alicdn.com/tfs/TB1HxCbreL2gK0jSZPhXXahvXXa-65-70.gif

IEXPLORE.EXE

Remote address:

47.246.48.252:443

Request

GET /tfs/TB1HxCbreL2gK0jSZPhXXahvXXa-65-70.gif HTTP/2.0
host: gw.alicdn.com
accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
referer: https://ai.taobao.com/?pid=mm_30434367_11956336_111175400398&union_lens=lensId%3APUB%401614154932%400bba8ed9_0edc_177d321a27b_0600%4001
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
accept-encoding: gzip, deflate

Response

HTTP/2.0 200

server: Tengine
content-type: image/png
content-length: 16082
date: Mon, 24 Jul 2023 06:21:18 GMT
last-modified: Tue, 08 Nov 2022 12:29:16 GMT
picasso-ret-code: SUCCESS
picasso-cache-info: MISS
request-time: 0.005
traceid: 2ff62e9916901796785483503e
cache-control: max-age=31536000
ali-swift-global-savetime: 1690179678
via: cache29.l2us1[0,0,200-0,H], cache11.l2us1[1,0], cache3.nl2[0,3,200-0,H], cache4.nl2[5,0]
access-control-allow-origin: *
age: 7365646
x-cache: HIT TCP_HIT dirn:8:285397231
x-swift-savetime: Mon, 24 Jul 2023 06:21:40 GMT
x-swift-cachetime: 31535978
s-rt: 5
vary: Accept
timing-allow-origin: *
eagleid: 2ff6309816975453242863387e
GET

https://gw.alicdn.com/tfs/TB1jwakrbH1gK0jSZFwXXc7aXXa-20-20.png

IEXPLORE.EXE

Remote address:

47.246.48.252:443

Request

GET /tfs/TB1jwakrbH1gK0jSZFwXXc7aXXa-20-20.png HTTP/2.0
host: gw.alicdn.com
accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
referer: https://ai.taobao.com/?pid=mm_30434367_11956336_111175400398&union_lens=lensId%3APUB%401614154932%400bba8ed9_0edc_177d321a27b_0600%4001
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
accept-encoding: gzip, deflate

Response

HTTP/2.0 200

server: Tengine
content-type: image/gif
content-length: 2905
date: Mon, 28 Aug 2023 00:29:18 GMT
last-modified: Tue, 28 Jun 2022 05:38:52 GMT
picasso-ret-code: SUCCESS
picasso-cache-info: MISS
request-time: 0.044
traceid: 2ff6309816931825586331782e
cache-control: max-age=31536000
ali-swift-global-savetime: 1693182559
via: cache20.l2us1[0,0,200-0,H], cache15.l2us1[1,0], cache5.nl2[0,9,200-0,H], cache4.nl2[29,0]
access-control-allow-origin: *
age: 4362765
x-cache: HIT TCP_HIT dirn:11:82156095
x-swift-savetime: Mon, 28 Aug 2023 09:28:10 GMT
x-swift-cachetime: 31503669
s-rt: 29
vary: Accept
timing-allow-origin: *
eagleid: 2ff6309816975453242853382e
GET

https://lego.alicdn.com/mm/lego2??cellx-pc/0.0.8/index.js,mv/cellxLayout-adv/0.0.1/index.js

IEXPLORE.EXE

Remote address:

47.246.48.251:443

Request

GET /mm/lego2??cellx-pc/0.0.8/index.js,mv/cellxLayout-adv/0.0.1/index.js HTTP/2.0
host: lego.alicdn.com
accept: application/javascript, */*;q=0.8
referer: https://ai.taobao.com/?pid=mm_30434367_11956336_111175400398&union_lens=lensId%3APUB%401614154932%400bba8ed9_0edc_177d321a27b_0600%4001
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
accept-encoding: gzip, deflate

Response

HTTP/2.0 200

server: Tengine
content-type: application/javascript
content-length: 775
date: Tue, 17 Oct 2023 10:24:23 GMT
x-server-id: 1670d27cba1dd2ef6c992e12550bddfd5025e3f0943a77b8d6da202022bc7f0fb0d4e101792d1717
access-control-allow-origin: *
cache-control: max-age=7200,s-maxage=7200
x-download-options: noopen
x-readtime: 2
strict-transport-security: max-age=31536000
ups-target-key: lego2-assets.vipserver
x-protocol: HTTP/1.1
eagleeye-traceid: 2ff6029816975382625587793e
ali-swift-global-savetime: 1697538263
via: cache40.l2us1[0,0,200-0,H], cache12.l2us1[1,0], cache2.nl2[0,0,200-0,H], cache5.nl2[3,0]
age: 7061
x-cache: HIT TCP_HIT dirn:4:253280707
x-swift-savetime: Tue, 17 Oct 2023 11:03:21 GMT
x-swift-cachetime: 4862
timing-allow-origin: *
eagleid: 2ff6309916975453242998264e
GET

https://lego.alicdn.com/mm/lego2??cellx-pc/0.0.8/index.css,mv/cellxLayout-adv/0.0.1/index.css

IEXPLORE.EXE

Remote address:

47.246.48.251:443

Request

GET /mm/lego2??cellx-pc/0.0.8/index.css,mv/cellxLayout-adv/0.0.1/index.css HTTP/2.0
host: lego.alicdn.com
accept: text/css, */*
referer: https://ai.taobao.com/?pid=mm_30434367_11956336_111175400398&union_lens=lensId%3APUB%401614154932%400bba8ed9_0edc_177d321a27b_0600%4001
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
accept-encoding: gzip, deflate

Response

HTTP/2.0 200

server: Tengine
content-type: text/css
content-length: 507
date: Tue, 17 Oct 2023 12:00:09 GMT
vary: Accept-Encoding
x-server-id: 1670d27cba1dd2ef6c992e12550bddfdcd0b93491510f663d6da202022bc7f0fbe93192261c5c71d
access-control-allow-origin: *
cache-control: max-age=7200,s-maxage=7200
x-download-options: noopen
x-readtime: 2
content-encoding: gzip
strict-transport-security: max-age=31536000
ups-target-key: lego2-assets.vipserver
x-protocol: HTTP/1.1
eagleeye-traceid: 2ff62e9a16975440089932061e
ali-swift-global-savetime: 1697544009
via: cache25.l2us1[0,0,200-0,H], cache22.l2us1[1,0], cache7.nl2[355,355,200-0,M], cache5.nl2[358,0]
age: 1315
x-cache: MISS TCP_MISS dirn:2:247116131
x-swift-savetime: Tue, 17 Oct 2023 12:22:04 GMT
x-swift-cachetime: 5885
timing-allow-origin: *
eagleid: 2ff6309916975453243008270e
GET

https://o.alicdn.com/tbhome/tbnav/index.js

IEXPLORE.EXE

Remote address:

47.246.45.251:443

Request

GET /tbhome/tbnav/index.js HTTP/2.0
host: o.alicdn.com
accept: application/javascript, */*;q=0.8
referer: https://ai.taobao.com/?pid=mm_30434367_11956336_111175400398&union_lens=lensId%3APUB%401614154932%400bba8ed9_0edc_177d321a27b_0600%4001
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
accept-encoding: gzip, deflate

Response

HTTP/2.0 200

server: Tengine
content-type: text/css
vary: Accept-Encoding
vary: Accept-Encoding
date: Tue, 17 Oct 2023 12:19:36 GMT
x-oss-request-id: 652E7BD8485C4F70B6473DD5
x-oss-cdn-auth: success
x-oss-object-type: Normal
x-oss-storage-class: Standard
cache-control: max-age=300,s-maxage=600
content-md5: N3rDvl8lYzqGqtOZgwYe7A==
x-oss-server-time: 2
ali-swift-global-savetime: 1697545176
via: cache21.l2de2[0,0,304-0,H], cache11.l2de2[1,0], cache3.es2[0,0,200-0,H], cache4.es2[2,0], cache1.es2[12,0]
etag: W/"377AC3BE5F25633A86AAD39983061EEC"
last-modified: Thu, 24 Aug 2023 07:07:36 GMT
vary: Accept-Encoding
vary: Accept-Encoding
vary: Accept-Encoding
vary: Accept-Encoding
vary: Accept-Encoding
vary: Accept-Encoding
vary: Accept-Encoding
x-oss-hash-crc64ecma: 13513199788688821357
age: 148
x-cache: HIT TCP_MEM_HIT dirn:9:362934279
x-swift-savetime: Tue, 17 Oct 2023 12:19:56 GMT
x-swift-cachetime: 580
x-assets-grey: false
x-assets-path: /tbhome/tbnav/index.css
access-control-allow-origin: *
x-er-version: 0.0.6
x-assets-pt: pt0
timing-allow-origin: *
eagleid: 2ff62d9516975453243155932e
content-encoding: gzip
GET

https://o.alicdn.com/tbhome/tbnav/index.css

IEXPLORE.EXE

Remote address:

47.246.45.251:443

Request

GET /tbhome/tbnav/index.css HTTP/2.0
host: o.alicdn.com
accept: text/css, */*
referer: https://ai.taobao.com/?pid=mm_30434367_11956336_111175400398&union_lens=lensId%3APUB%401614154932%400bba8ed9_0edc_177d321a27b_0600%4001
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
accept-encoding: gzip, deflate

Response

HTTP/2.0 200

server: Tengine
content-type: application/javascript
vary: Accept-Encoding
vary: Accept-Encoding
date: Tue, 17 Oct 2023 12:21:29 GMT
x-oss-request-id: 652E7C49523B0AB3E1495721
x-oss-cdn-auth: success
x-oss-object-type: Normal
x-oss-storage-class: Standard
cache-control: max-age=300,s-maxage=600
content-md5: CidHW954BkZnipZnwLw/Qg==
x-oss-server-time: 2
ali-swift-global-savetime: 1697545289
via: cache2.l2de2[270,108,304-0,C], cache10.l2de2[109,0], cache4.es2[0,0,200-0,H], cache6.es2[2,0], cache1.es2[16,0]
etag: W/"0A27475BDE780646678A9667C0BC3F42"
last-modified: Thu, 24 Aug 2023 07:07:36 GMT
vary: Accept-Encoding
vary: Accept-Encoding
vary: Accept-Encoding
vary: Accept-Encoding
vary: Accept-Encoding
x-oss-hash-crc64ecma: 13977287184722383351
age: 35
x-cache: HIT TCP_MEM_HIT dirn:8:390060714
x-swift-savetime: Tue, 17 Oct 2023 12:21:29 GMT
x-swift-cachetime: 600
x-assets-grey: false
x-assets-path: /tbhome/tbnav/index.js
access-control-allow-origin: *
x-er-version: 0.0.6
x-assets-pt: pt0
timing-allow-origin: *
eagleid: 2ff62d9516975453243145928e
content-encoding: gzip
DNS

251.48.246.47.in-addr.arpa

Remote address:

8.8.8.8:53

Request

251.48.246.47.in-addr.arpa

IN PTR

Response
GET

https://img.alicdn.com/tps/i4/T1VVv9FABeXXbtCInf-38-42.png

IEXPLORE.EXE

Remote address:

47.246.48.252:443

Request

GET /tps/i4/T1VVv9FABeXXbtCInf-38-42.png HTTP/2.0
host: img.alicdn.com
accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
referer: https://ai.taobao.com/?pid=mm_30434367_11956336_111175400398&union_lens=lensId%3APUB%401614154932%400bba8ed9_0edc_177d321a27b_0600%4001
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
accept-encoding: gzip, deflate

Response

HTTP/2.0 200

server: Tengine
content-type: image/png
content-length: 4381
date: Mon, 07 Aug 2023 02:02:59 GMT
last-modified: Tue, 08 Nov 2022 11:35:19 GMT
picasso-ret-code: SUCCESS
picasso-cache-info: MISS
request-time: 0.028
traceid: 2ff6309816913737791022182e
cache-control: max-age=31536000
ali-swift-global-savetime: 1691373779
via: cache31.l2us1[0,0,200-0,H], cache31.l2us1[1,0], cache7.nl2[0,0,200-0,H], cache4.nl2[5,0]
access-control-allow-origin: *
age: 6171545
x-cache: HIT TCP_MEM_HIT dirn:11:373776997
x-swift-savetime: Mon, 07 Aug 2023 04:50:41 GMT
x-swift-cachetime: 31525938
s-rt: 5
vary: Accept
timing-allow-origin: *
eagleid: 2ff6309816975453243113439e
GET

https://img.alicdn.com/tps/i2/T1C3z7FudfXXcsE9Te-40-42.png

IEXPLORE.EXE

Remote address:

47.246.48.252:443

Request

GET /tps/i2/T1C3z7FudfXXcsE9Te-40-42.png HTTP/2.0
host: img.alicdn.com
accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
referer: https://ai.taobao.com/?pid=mm_30434367_11956336_111175400398&union_lens=lensId%3APUB%401614154932%400bba8ed9_0edc_177d321a27b_0600%4001
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
accept-encoding: gzip, deflate

Response

HTTP/2.0 200

server: Tengine
content-type: image/png
content-length: 4278
date: Fri, 29 Sep 2023 01:04:20 GMT
last-modified: Tue, 08 Nov 2022 09:18:14 GMT
picasso-ret-code: SUCCESS
picasso-cache-info: MISS
request-time: 0.006
traceid: 0819529916959494599581828e
picasso-image-type: normal
cache-control: max-age=31536000
ali-swift-global-savetime: 1695949460
via: cache24.l2us1[0,0,200-0,H], cache24.l2us1[1,0], cache2.nl2[0,0,200-0,H], cache4.nl2[5,0]
access-control-allow-origin: *
age: 1595864
x-cache: HIT TCP_MEM_HIT dirn:2:403973142
x-swift-savetime: Mon, 16 Oct 2023 08:23:04 GMT
x-swift-cachetime: 30040876
s-rt: 5
vary: Accept
timing-allow-origin: *
eagleid: 2ff6309816975453243113448e
GET

https://img.alicdn.com/tps/TB1PlWbKFXXXXbmXFXXXXXXXXXX-16-16.ico

IEXPLORE.EXE

Remote address:

47.246.48.252:443

Request

GET /tps/TB1PlWbKFXXXXbmXFXXXXXXXXXX-16-16.ico HTTP/2.0
host: img.alicdn.com
accept: */*
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko

Response

HTTP/2.0 200

server: Tengine
content-type: image/x-icon
content-length: 1150
date: Fri, 04 Aug 2023 04:40:54 GMT
last-modified: Wed, 24 Aug 2022 09:47:14 GMT
picasso-ret-code: SUCCESS
picasso-cache-info: MISS
request-time: 0.064
traceid: 2ff6169a16911240542457983e
cache-control: max-age=31536000
ali-swift-global-savetime: 1691124054
via: cache34.l2us1[0,0,200-0,H], cache12.l2us1[1,0], cache7.nl2[0,0,200-0,H], cache4.nl2[1,0]
access-control-allow-origin: *
age: 6421282
x-cache: HIT TCP_MEM_HIT dirn:2:295275005
x-swift-savetime: Mon, 07 Aug 2023 14:57:27 GMT
x-swift-cachetime: 31239807
s-rt: 1
vary: Accept
timing-allow-origin: *
eagleid: 2ff6309816975453360076152e
GET

https://g.alicdn.com/cell/cell-cellx-boot/0.0.13/index.js

IEXPLORE.EXE

Remote address:

47.246.48.251:443

Request

GET /cell/cell-cellx-boot/0.0.13/index.js HTTP/2.0
host: g.alicdn.com
accept: application/javascript, */*;q=0.8
referer: https://ai.taobao.com/?pid=mm_30434367_11956336_111175400398&union_lens=lensId%3APUB%401614154932%400bba8ed9_0edc_177d321a27b_0600%4001
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
accept-encoding: gzip, deflate

Response

HTTP/2.0 200

server: Tengine
content-type: application/javascript
content-length: 13495
date: Tue, 17 Oct 2023 09:20:43 GMT
vary: Accept-Encoding
x-oss-request-id: 652E51EB10A93F3235B68008
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8537778517801554220
x-oss-storage-class: Standard
cache-control: max-age=2592000,s-maxage=86400
content-md5: CAUXr0qk7O0aCp/5bXZlcQ==
x-oss-server-time: 15
content-encoding: gzip
access-control-allow-origin: *
x-bucket-code: 3
ali-swift-global-savetime: 1697534443
via: cache16.l2de2[0,0,200-0,H], cache23.l2de2[2,0], cache23.l2de2[2,0], cache3.nl2[0,0,200-0,H], cache5.nl2[3,0]
age: 10881
x-cache: HIT TCP_HIT dirn:8:122954628
x-swift-savetime: Tue, 17 Oct 2023 09:50:48 GMT
x-swift-cachetime: 84595
timing-allow-origin: *
eagleid: 2ff6309916975453242928234e
GET

https://g.alicdn.com/mtb/wpk/1.3.1/wpk.js

IEXPLORE.EXE

Remote address:

47.246.48.251:443

Request

GET /mtb/wpk/1.3.1/wpk.js HTTP/2.0
host: g.alicdn.com
accept: application/javascript, */*;q=0.8
referer: https://ai.taobao.com/?pid=mm_30434367_11956336_111175400398&union_lens=lensId%3APUB%401614154932%400bba8ed9_0edc_177d321a27b_0600%4001
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
accept-encoding: gzip, deflate

Response

HTTP/2.0 200

server: Tengine
content-type: application/javascript
content-length: 11322
date: Tue, 17 Oct 2023 09:45:21 GMT
vary: Accept-Encoding
x-oss-request-id: 652E57B10A184B373227CE12
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 7736425324804685630
x-oss-storage-class: Standard
cache-control: max-age=2592000,s-maxage=86400
content-md5: WyYXSwT1bSHMTGcIVgX3aw==
x-oss-server-time: 37
content-encoding: gzip
access-control-allow-origin: *
x-bucket-code: 3
ali-swift-global-savetime: 1697535921
via: cache21.l2de2[0,0,200-0,H], cache8.l2de2[1,0], cache8.l2de2[1,0], cache7.nl2[0,8,200-0,H], cache5.nl2[11,0]
age: 9403
x-cache: HIT TCP_HIT dirn:5:163272943
x-swift-savetime: Tue, 17 Oct 2023 11:01:24 GMT
x-swift-cachetime: 81837
timing-allow-origin: *
eagleid: 2ff6309916975453242928230e
GET

https://g.alicdn.com/thx/cube/1.1.0/cube-min.css

IEXPLORE.EXE

Remote address:

47.246.48.251:443

Request

GET /thx/cube/1.1.0/cube-min.css HTTP/2.0
host: g.alicdn.com
accept: text/css, */*
referer: https://ai.taobao.com/?pid=mm_30434367_11956336_111175400398&union_lens=lensId%3APUB%401614154932%400bba8ed9_0edc_177d321a27b_0600%4001
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
accept-encoding: gzip, deflate

Response

HTTP/2.0 200

server: Tengine
content-type: application/javascript
content-length: 17225
date: Mon, 16 Oct 2023 12:30:15 GMT
vary: Accept-Encoding
x-oss-request-id: 652D2CD70A184B383952670F
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 980643336108864795
x-oss-storage-class: Standard
cache-control: max-age=2592000,s-maxage=86400
content-md5: KGILfDEExJWh9lfaArfW9A==
x-oss-server-time: 3
access-control-allow-origin: *
x-bucket-code: 3
content-encoding: gzip
ali-swift-global-savetime: 1697459415
via: cache20.l2de2[0,0,200-0,H], cache21.l2de2[1,0], cache21.l2de2[1,0], cache8.nl2[9,9,200-0,M], cache5.nl2[11,0]
age: 85909
x-cache: MISS TCP_MISS dirn:11:18581997
x-swift-savetime: Tue, 17 Oct 2023 12:22:04 GMT
x-swift-cachetime: 491
timing-allow-origin: *
eagleid: 2ff6309916975453242958242e
GET

https://g.alicdn.com/??cell/lib-zepto/0.0.2/index.js,cell/lib-seajs/0.1.3/index.js,cell/lib-magix/0.1.7/index.js,mtb/lib-httpurl/1.3.8/httpurl.js,mtb/lib-windvane/3.0.4/windvane.js,mtb/lib-login/1.6.4/login.js,mtb/lib-promise/3.1.3/polyfillB.js,cell/lib-pagestate/0.0.8/index.js,cell/lib-img/0.1.2/index.js,mtb/lib-mtop/2.6.1/mtop.js,cell/lib-util/0.3.5/index.js,cell/lib-mtop/1.0.12/index.js,cell/lib-mtop/1.0.12/adapt.js,cell/lib-mtop/1.0.12/errorlog.js,cell/lib-mtop/1.0.12/datainject.js,cell/lib-mtop/1.0.12/taishan.js,cell/lib-mtop/1.0.12/play.js,cell/lib-mtop/1.0.12/link.js,cell/lib-mtop/1.0.12/optimus.js,cell/lib-track/0.2.0/index.js,cell/lib-trace/0.0.5/index.js,dt/tracker/4.1.0/tracker.Tracker.js,dt/tracker/4.1.0/tracker.performanceTrackerPlugin.js,cell/cellex-etao-util/0.0.23/index.js,cell/cellex-etao-init/0.0.4/index.js,cell/lib-opennew/0.0.11/index.js,cell/lib-intersectionObserver/0.0.2/index.js,cell/lib-intersectionObserver/0.0.2/init.js,cell/cell-lib-event-bus/0.0.2/index.js,cell/lib-lazy-manager/0.1.6/index.js,cell/lib-lazy-manager/0.1.6/sticky-lazy.js,cell/lib-lazy-manager/0.1.6/img-lazy.js,cell/cell-lib-back-notice/0.0.1/index.js,cell/cell-lib-json2html/0.1.0/index.js,cell/cell-lib-datasource/0.0.1/index.js,cell/cell-lib-cellx/0.2.2/index.js,cell-lego/cell-lib-logic-exec/0.0.8/index.js,cell/cell-lib-back-notice/0.0.1/index.js,cell/cell-lib-dynamic-schema-exec/0.0.1/index.js,cell/cell-item-render/2.2.0/index.js

IEXPLORE.EXE

Remote address:

47.246.48.251:443

Request

GET /??cell/lib-zepto/0.0.2/index.js,cell/lib-seajs/0.1.3/index.js,cell/lib-magix/0.1.7/index.js,mtb/lib-httpurl/1.3.8/httpurl.js,mtb/lib-windvane/3.0.4/windvane.js,mtb/lib-login/1.6.4/login.js,mtb/lib-promise/3.1.3/polyfillB.js,cell/lib-pagestate/0.0.8/index.js,cell/lib-img/0.1.2/index.js,mtb/lib-mtop/2.6.1/mtop.js,cell/lib-util/0.3.5/index.js,cell/lib-mtop/1.0.12/index.js,cell/lib-mtop/1.0.12/adapt.js,cell/lib-mtop/1.0.12/errorlog.js,cell/lib-mtop/1.0.12/datainject.js,cell/lib-mtop/1.0.12/taishan.js,cell/lib-mtop/1.0.12/play.js,cell/lib-mtop/1.0.12/link.js,cell/lib-mtop/1.0.12/optimus.js,cell/lib-track/0.2.0/index.js,cell/lib-trace/0.0.5/index.js,dt/tracker/4.1.0/tracker.Tracker.js,dt/tracker/4.1.0/tracker.performanceTrackerPlugin.js,cell/cellex-etao-util/0.0.23/index.js,cell/cellex-etao-init/0.0.4/index.js,cell/lib-opennew/0.0.11/index.js,cell/lib-intersectionObserver/0.0.2/index.js,cell/lib-intersectionObserver/0.0.2/init.js,cell/cell-lib-event-bus/0.0.2/index.js,cell/lib-lazy-manager/0.1.6/index.js,cell/lib-lazy-manager/0.1.6/sticky-lazy.js,cell/lib-lazy-manager/0.1.6/img-lazy.js,cell/cell-lib-back-notice/0.0.1/index.js,cell/cell-lib-json2html/0.1.0/index.js,cell/cell-lib-datasource/0.0.1/index.js,cell/cell-lib-cellx/0.2.2/index.js,cell-lego/cell-lib-logic-exec/0.0.8/index.js,cell/cell-lib-back-notice/0.0.1/index.js,cell/cell-lib-dynamic-schema-exec/0.0.1/index.js,cell/cell-item-render/2.2.0/index.js HTTP/2.0
host: g.alicdn.com
accept: application/javascript, */*;q=0.8
referer: https://ai.taobao.com/?pid=mm_30434367_11956336_111175400398&union_lens=lensId%3APUB%401614154932%400bba8ed9_0edc_177d321a27b_0600%4001
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
accept-encoding: gzip, deflate

Response

HTTP/2.0 200

server: Tengine
content-type: application/javascript
date: Tue, 17 Oct 2023 12:22:04 GMT
vary: Accept-Encoding
x-oss-request-id: 652E7C6C0A184B393856AAB9
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 12175409597112827170
x-oss-storage-class: Standard
content-md5: VQNpa+T8TO9fIUG9hgNuCA==
x-oss-server-time: 2
cache-control: max-age=2592000,s-maxage=3600
access-control-allow-origin: *
x-bucket-code: 3
content-encoding: gzip
ali-swift-global-savetime: 1697545324
via: cache7.l2de2[15,20,200-0,M], cache11.l2de2[22,0], cache11.l2de2[22,0], cache5.nl2[36,42,200-0,M], cache5.nl2[48,0]
x-cache: MISS TCP_REFRESH_MISS dirn:7:174406868
x-swift-savetime: Tue, 17 Oct 2023 12:22:04 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff6309916975453242928239e
GET

https://g.alicdn.com/??cell/cellex-boom-item-atb-pc-1v5-card/0.0.3/seajs/index/placeholder.js,cell/cellex-boom-item-atb-pc-1v5-card/0.0.3/seajs/index.js,cell/cellex-cellx-boom/0.0.14/seajs/index/m2.js,cell/cell-cellx-pc-title-h3/0.0.1/seajs/index/m2.js,cell/cell-cellx-atb-pc-main-cates/0.0.3/seajs/index/m2.js,cell/cell-cellx-atb-pc-search/0.0.1/seajs/index/m2.js,cell/cell-api-function-at-common/0.0.4/seajs/index.js

IEXPLORE.EXE

Remote address:

47.246.48.251:443

Request

GET /??cell/cellex-boom-item-atb-pc-1v5-card/0.0.3/seajs/index/placeholder.js,cell/cellex-boom-item-atb-pc-1v5-card/0.0.3/seajs/index.js,cell/cellex-cellx-boom/0.0.14/seajs/index/m2.js,cell/cell-cellx-pc-title-h3/0.0.1/seajs/index/m2.js,cell/cell-cellx-atb-pc-main-cates/0.0.3/seajs/index/m2.js,cell/cell-cellx-atb-pc-search/0.0.1/seajs/index/m2.js,cell/cell-api-function-at-common/0.0.4/seajs/index.js HTTP/2.0
host: g.alicdn.com
accept: application/javascript, */*;q=0.8
referer: https://ai.taobao.com/?pid=mm_30434367_11956336_111175400398&union_lens=lensId%3APUB%401614154932%400bba8ed9_0edc_177d321a27b_0600%4001
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
accept-encoding: gzip, deflate

Response

HTTP/2.0 200

server: Tengine
content-type: text/css
date: Tue, 17 Oct 2023 12:22:04 GMT
vary: Accept-Encoding
x-oss-request-id: 652E7C6C0A184B383950AAB9
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 10491674275038000191
x-oss-storage-class: Standard
content-md5: TRskcQOiU96y/7c8ybyIBA==
x-oss-server-time: 63
content-encoding: gzip
cache-control: max-age=2592000,s-maxage=3600
access-control-allow-origin: *
x-bucket-code: 3
ali-swift-global-savetime: 1697545324
via: cache9.l2de2[77,76,200-0,M], cache1.l2de2[78,0], cache1.l2de2[78,0], cache7.nl2[86,92,200-0,M], cache5.nl2[96,0]
x-cache: MISS TCP_REFRESH_MISS dirn:2:22852581
x-swift-savetime: Tue, 17 Oct 2023 12:22:04 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff6309916975453242928236e
GET

https://g.alicdn.com/alilog/mlog/aplus_v2.js

IEXPLORE.EXE

Remote address:

47.246.48.251:443

Request

GET /alilog/mlog/aplus_v2.js HTTP/2.0
host: g.alicdn.com
accept: application/javascript, */*;q=0.8
referer: https://ai.taobao.com/?pid=mm_30434367_11956336_111175400398&union_lens=lensId%3APUB%401614154932%400bba8ed9_0edc_177d321a27b_0600%4001
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
accept-encoding: gzip, deflate

Response

HTTP/2.0 200

server: Tengine
content-type: application/javascript
content-length: 6553
date: Tue, 17 Oct 2023 12:11:37 GMT
vary: Accept-Encoding
x-oss-request-id: 652E79F98DA3F63836373F85
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 298721280791488177
x-oss-storage-class: Standard
cache-control: max-age=3600,s-maxage=1800
content-md5: hn9gCIAfpF9oCFffV8D+Bw==
x-oss-server-time: 2
content-encoding: gzip
access-control-allow-origin: *
x-bucket-code: 3
ali-swift-global-savetime: 1697544697
via: cache2.l2de2[0,-1,200-0,H], cache5.l2de2[3,0], cache5.l2de2[4,0], cache3.nl2[0,0,200-0,H], cache5.nl2[2,0]
age: 629
x-cache: HIT TCP_MEM_HIT dirn:3:144293206
x-swift-savetime: Tue, 17 Oct 2023 12:11:37 GMT
x-swift-cachetime: 1800
timing-allow-origin: *
eagleid: 2ff6309916975453267702553e
GET

https://g.alicdn.com/alilog/??s/8.15.22/plugin/aplus_client.js,aplus_cplugin/0.7.12/toolkit.js,aplus_cplugin/0.7.12/monitor.js,s/8.15.22/plugin/aplus_ws.js,s/8.15.22/aplus_std.js,s/8.15.22/plugin/aplus_spmact.js?v=20230912175145

IEXPLORE.EXE

Remote address:

47.246.48.251:443

Request

GET /alilog/??s/8.15.22/plugin/aplus_client.js,aplus_cplugin/0.7.12/toolkit.js,aplus_cplugin/0.7.12/monitor.js,s/8.15.22/plugin/aplus_ws.js,s/8.15.22/aplus_std.js,s/8.15.22/plugin/aplus_spmact.js?v=20230912175145 HTTP/2.0
host: g.alicdn.com
accept: */*
referer: https://ai.taobao.com/?pid=mm_30434367_11956336_111175400398&union_lens=lensId%3APUB%401614154932%400bba8ed9_0edc_177d321a27b_0600%4001
accept-language: en-US
origin: https://ai.taobao.com
accept-encoding: gzip, deflate
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko

Response

HTTP/2.0 200

server: Tengine
content-type: application/javascript
content-length: 51221
date: Tue, 01 Aug 2023 12:40:33 GMT
vary: Accept-Encoding
x-oss-request-id: 64C8FD419B865C39340EE449
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 16531388080846265225
x-oss-storage-class: Standard
cache-control: max-age=31104000,s-maxage=31104000
content-md5: qYmixGAcqoaHsy9TniOi1A==
x-oss-server-time: 1
access-control-allow-origin: *
x-bucket-code: 3
content-encoding: gzip
ali-swift-global-savetime: 1690893633
via: cache21.l2de2[0,0,200-0,H], cache12.l2de2[1,0], cache12.l2de2[1,0], cache2.nl2[0,0,200-0,H], cache5.nl2[4,0]
age: 6651695
x-cache: HIT TCP_MEM_HIT dirn:5:1277941181
x-swift-savetime: Tue, 01 Aug 2023 23:49:48 GMT
x-swift-cachetime: 31063845
timing-allow-origin: *
eagleid: 2ff6309916975453281968115e
GET

https://g.alicdn.com/dinamic/barrier-free/0.0.12/aria.js?appid=7e39dd4d92f393f9450d8fc1f6bafdf9

IEXPLORE.EXE

Remote address:

47.246.48.251:443

Request

GET /dinamic/barrier-free/0.0.12/aria.js?appid=7e39dd4d92f393f9450d8fc1f6bafdf9 HTTP/2.0
host: g.alicdn.com
accept: application/javascript, */*;q=0.8
referer: https://ai.taobao.com/?pid=mm_30434367_11956336_111175400398&union_lens=lensId%3APUB%401614154932%400bba8ed9_0edc_177d321a27b_0600%4001
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
accept-encoding: gzip, deflate

Response

HTTP/2.0 200

server: Tengine
content-type: application/javascript
content-length: 5989
date: Tue, 17 Oct 2023 11:05:19 GMT
vary: Accept-Encoding
x-oss-request-id: 652E6A6F01FB553038088D5A
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 13423220439464787984
x-oss-storage-class: Standard
cache-control: max-age=2592000,s-maxage=86400
content-md5: hYpJ3LOel2tCSo+94+zHPQ==
x-oss-server-time: 123
content-encoding: gzip
access-control-allow-origin: *
x-bucket-code: 3
ali-swift-global-savetime: 1697540719
via: cache3.l2de2[0,0,200-0,H], cache19.l2de2[1,0], cache19.l2de2[1,0], cache3.nl2[0,0,200-0,H], cache5.nl2[1,0]
age: 4621
x-cache: HIT TCP_MEM_HIT dirn:3:76073363
x-swift-savetime: Tue, 17 Oct 2023 11:05:29 GMT
x-swift-cachetime: 86390
timing-allow-origin: *
eagleid: 2ff6309916975453402086869e
GET

https://g.alicdn.com/sd/baxia-entry/index.js?t=235383

IEXPLORE.EXE

Remote address:

47.246.48.251:443

Request

GET /sd/baxia-entry/index.js?t=235383 HTTP/2.0
host: g.alicdn.com
accept: application/javascript, */*;q=0.8
referer: https://ai.taobao.com/?pid=mm_30434367_11956336_111175400398&union_lens=lensId%3APUB%401614154932%400bba8ed9_0edc_177d321a27b_0600%4001
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
accept-encoding: gzip, deflate

Response

HTTP/2.0 200

server: Tengine
content-type: application/javascript
content-length: 1867
date: Tue, 17 Oct 2023 12:11:00 GMT
vary: Accept-Encoding
x-oss-request-id: 652E79D4AF49DB3830ACD8A8
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 16973907804184469369
x-oss-storage-class: Standard
cache-control: max-age=900,s-maxage=900
content-md5: KAVrHkYM7y+22PzUpge5xA==
x-oss-server-time: 1
content-encoding: gzip
access-control-allow-origin: *
x-bucket-code: 3
ali-swift-global-savetime: 1697544660
via: cache4.l2de2[0,0,200-0,H], cache16.l2de2[0,0], cache16.l2de2[1,0], cache7.nl2[0,0,200-0,H], cache5.nl2[1,0]
age: 681
x-cache: HIT TCP_MEM_HIT dirn:5:225136164
x-swift-savetime: Tue, 17 Oct 2023 12:11:00 GMT
x-swift-cachetime: 900
timing-allow-origin: *
eagleid: 2ff6309916975453417104994e
GET

https://g.alicdn.com/secdev/entry/index.js?t=235383

IEXPLORE.EXE

Remote address:

47.246.48.251:443

Request

GET /secdev/entry/index.js?t=235383 HTTP/2.0
host: g.alicdn.com
accept: application/javascript, */*;q=0.8
referer: https://ai.taobao.com/?pid=mm_30434367_11956336_111175400398&union_lens=lensId%3APUB%401614154932%400bba8ed9_0edc_177d321a27b_0600%4001
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
accept-encoding: gzip, deflate

Response

HTTP/2.0 200

server: Tengine
content-type: application/javascript
content-length: 2450
date: Tue, 17 Oct 2023 11:41:07 GMT
vary: Accept-Encoding
x-oss-request-id: 652E72D3989F153831B286A2
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 2707307743633329396
x-oss-storage-class: Standard
cache-control: max-age=7200,s-maxage=3600
content-md5: gcIArEFNjUJsOQk4Zi8uBA==
x-oss-server-time: 1
content-encoding: gzip
access-control-allow-origin: *
x-bucket-code: 3
ali-swift-global-savetime: 1697542867
via: cache21.l2de2[0,0,200-0,H], cache10.l2de2[1,0], cache10.l2de2[1,0], cache3.nl2[0,0,200-0,H], cache5.nl2[1,0]
age: 2474
x-cache: HIT TCP_MEM_HIT dirn:3:113601004
x-swift-savetime: Tue, 17 Oct 2023 11:41:07 GMT
x-swift-cachetime: 3600
timing-allow-origin: *
eagleid: 2ff6309916975453417265060e
GET

https://g.alicdn.com/AWSC/AWSC/awsc.js

IEXPLORE.EXE

Remote address:

47.246.48.251:443

Request

GET /AWSC/AWSC/awsc.js HTTP/2.0
host: g.alicdn.com
accept: application/javascript, */*;q=0.8
referer: https://ai.taobao.com/?pid=mm_30434367_11956336_111175400398&union_lens=lensId%3APUB%401614154932%400bba8ed9_0edc_177d321a27b_0600%4001
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
accept-encoding: gzip, deflate

Response

HTTP/2.0 200

server: Tengine
content-type: application/javascript
content-length: 3365
date: Tue, 17 Oct 2023 11:37:50 GMT
vary: Accept-Encoding
x-oss-request-id: 652E720EE477A23133DF9E10
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 4965608046239515837
x-oss-storage-class: Standard
cache-control: max-age=7200,s-maxage=3600
content-md5: CQlX8vFKrg9TJNSDSuTFmg==
x-oss-server-time: 2
content-encoding: gzip
access-control-allow-origin: *
x-bucket-code: 3
ali-swift-global-savetime: 1697542670
via: cache4.l2de2[0,0,200-0,H], cache20.l2de2[1,0], cache20.l2de2[1,0], cache5.nl2[0,0,200-0,H], cache5.nl2[2,0]
age: 2671
x-cache: HIT TCP_MEM_HIT dirn:11:14430762
x-swift-savetime: Tue, 17 Oct 2023 11:37:51 GMT
x-swift-cachetime: 3599
timing-allow-origin: *
eagleid: 2ff6309916975453417385110e
GET

https://g.alicdn.com/sd/baxia/2.5.3/baxiaCommon.js

IEXPLORE.EXE

Remote address:

47.246.48.251:443

Request

GET /sd/baxia/2.5.3/baxiaCommon.js HTTP/2.0
host: g.alicdn.com
accept: application/javascript, */*;q=0.8
referer: https://ai.taobao.com/?pid=mm_30434367_11956336_111175400398&union_lens=lensId%3APUB%401614154932%400bba8ed9_0edc_177d321a27b_0600%4001
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
accept-encoding: gzip, deflate

Response

HTTP/2.0 200

server: Tengine
content-type: application/javascript
content-length: 9260
date: Tue, 17 Oct 2023 08:37:30 GMT
vary: Accept-Encoding
x-oss-request-id: 652E47CA01FB553733C806C5
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 5179173457092165503
x-oss-storage-class: Standard
cache-control: max-age=2592000,s-maxage=86400
content-md5: PcxW2T/YSaIil6Y0MlE5FQ==
x-oss-server-time: 2
content-encoding: gzip
access-control-allow-origin: *
x-bucket-code: 3
ali-swift-global-savetime: 1697531850
via: cache12.l2de2[0,0,200-0,H], cache11.l2de2[1,0], cache11.l2de2[1,0], cache5.nl2[0,0,200-0,H], cache5.nl2[2,0]
age: 13491
x-cache: HIT TCP_MEM_HIT dirn:11:303645092
x-swift-savetime: Tue, 17 Oct 2023 08:37:38 GMT
x-swift-cachetime: 86392
timing-allow-origin: *
eagleid: 2ff6309916975453417385117e
GET

https://g.alicdn.com/secdev/sufei_data/3.9.10/index.js

IEXPLORE.EXE

Remote address:

47.246.48.251:443

Request

GET /secdev/sufei_data/3.9.10/index.js HTTP/2.0
host: g.alicdn.com
accept: application/javascript, */*;q=0.8
referer: https://ai.taobao.com/?pid=mm_30434367_11956336_111175400398&union_lens=lensId%3APUB%401614154932%400bba8ed9_0edc_177d321a27b_0600%4001
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
origin: https://ai.taobao.com
accept-encoding: gzip, deflate

Response

HTTP/2.0 200

server: Tengine
content-type: application/javascript
content-length: 7571
date: Mon, 16 Oct 2023 13:28:52 GMT
vary: Accept-Encoding
x-oss-request-id: 652D3A94502B6E3539681BA4
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 13500841233386616122
x-oss-storage-class: Standard
cache-control: max-age=2592000,s-maxage=86400
content-md5: CtQlEVirudc6Vat90k+/Zg==
x-oss-server-time: 35
content-encoding: gzip
access-control-allow-origin: *
x-bucket-code: 3
ali-swift-global-savetime: 1697462932
via: cache21.l2de2[0,0,200-0,H], cache14.l2de2[1,0], cache14.l2de2[1,0], cache4.nl2[0,0,200-0,H], cache5.nl2[2,0]
age: 82409
x-cache: HIT TCP_MEM_HIT dirn:1:348615238
x-swift-savetime: Mon, 16 Oct 2023 13:28:53 GMT
x-swift-cachetime: 86399
timing-allow-origin: *
eagleid: 2ff6309916975453417555189e
GET

https://g.alicdn.com/secdev/nsv/1.0.87/ns_f_95_3_n.js?v=1

IEXPLORE.EXE

Remote address:

47.246.48.251:443

Request

GET /secdev/nsv/1.0.87/ns_f_95_3_n.js?v=1 HTTP/2.0
host: g.alicdn.com
accept: application/javascript, */*;q=0.8
referer: https://ai.taobao.com/?pid=mm_30434367_11956336_111175400398&union_lens=lensId%3APUB%401614154932%400bba8ed9_0edc_177d321a27b_0600%4001
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
origin: https://ai.taobao.com
accept-encoding: gzip, deflate

Response

HTTP/2.0 200

server: Tengine
content-type: application/javascript
content-length: 49984
date: Mon, 16 Oct 2023 14:09:59 GMT
vary: Accept-Encoding
x-oss-request-id: 652D443776D420373628F173
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17681698704558740719
x-oss-storage-class: Standard
cache-control: max-age=2592000,s-maxage=86400
content-md5: b8ufXoOESVkqRh5etNHmmQ==
x-oss-server-time: 5
content-encoding: gzip
access-control-allow-origin: *
x-bucket-code: 3
ali-swift-global-savetime: 1697465399
via: cache1.l2de2[0,0,200-0,H], cache6.l2de2[0,0], cache6.l2de2[2,0], cache2.nl2[0,0,200-0,H], cache5.nl2[3,0]
age: 79942
x-cache: HIT TCP_MEM_HIT dirn:2:230025564
x-swift-savetime: Mon, 16 Oct 2023 14:09:59 GMT
x-swift-cachetime: 86400
timing-allow-origin: *
eagleid: 2ff6309916975453417575196e
GET

https://g.alicdn.com/AWSC/et/1.70.4/et_n.js

IEXPLORE.EXE

Remote address:

47.246.48.251:443

Request

GET /AWSC/et/1.70.4/et_n.js HTTP/2.0
host: g.alicdn.com
accept: application/javascript, */*;q=0.8
referer: https://ai.taobao.com/?pid=mm_30434367_11956336_111175400398&union_lens=lensId%3APUB%401614154932%400bba8ed9_0edc_177d321a27b_0600%4001
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
origin: https://ai.taobao.com
accept-encoding: gzip, deflate

Response

HTTP/2.0 200

server: Tengine
content-type: application/javascript
content-length: 70652
date: Tue, 17 Oct 2023 07:30:19 GMT
x-oss-request-id: 652E380B601F6236337F7242
accept-ranges: bytes
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 12881573342088410338
x-oss-storage-class: Standard
content-encoding: gzip
cache-control: max-age=2592000,s-maxage=86400
content-md5: hHEOnICVx0MBgbDkY20u3A==
x-oss-server-time: 53
access-control-allow-origin: *
x-bucket-code: 3
ali-swift-global-savetime: 1697527819
via: cache6.l2de2[0,0,200-0,H], cache25.l2de2[1,0], cache25.l2de2[1,0], cache2.nl2[0,0,200-0,H], cache5.nl2[3,0]
age: 17522
x-cache: HIT TCP_MEM_HIT dirn:0:1235658700
x-swift-savetime: Tue, 17 Oct 2023 07:30:19 GMT
x-swift-cachetime: 86400
timing-allow-origin: *
eagleid: 2ff6309916975453417605206e
DNS

252.48.246.47.in-addr.arpa

Remote address:

8.8.8.8:53

Request

252.48.246.47.in-addr.arpa

IN PTR

Response
DNS

251.45.246.47.in-addr.arpa

Remote address:

8.8.8.8:53

Request

251.45.246.47.in-addr.arpa

IN PTR

Response
DNS

59.128.231.4.in-addr.arpa

Remote address:

8.8.8.8:53

Request

59.128.231.4.in-addr.arpa

IN PTR

Response
DNS

px.effirst.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

px.effirst.com

IN A

Response

px.effirst.com

IN CNAME

wpk-hb3c-lbg.ude.effirst.com

wpk-hb3c-lbg.ude.effirst.com

IN A

111.63.205.135
GET

https://px.effirst.com/api/v1/jconfig?wpk-header=app%3Dalimama_lego2_bad_error%26tm%3D1694761872%26ud%3D8515656e-1cb5-4c9c-2e05-ef83a6a13432%26sver%3D0.7.7%26sign%3Dc41e43c828c16c16a6eb1c9c1e68e8ce

IEXPLORE.EXE

Remote address:

111.63.205.135:443

Request

GET /api/v1/jconfig?wpk-header=app%3Dalimama_lego2_bad_error%26tm%3D1694761872%26ud%3D8515656e-1cb5-4c9c-2e05-ef83a6a13432%26sver%3D0.7.7%26sign%3Dc41e43c828c16c16a6eb1c9c1e68e8ce HTTP/1.1
Accept: */*
Referer: https://ai.taobao.com/?pid=mm_30434367_11956336_111175400398&union_lens=lensId%3APUB%401614154932%400bba8ed9_0edc_177d321a27b_0600%4001
Accept-Language: en-US
Origin: https://ai.taobao.com
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: px.effirst.com
Connection: Keep-Alive
GET

https://px.effirst.com/api/v1/jconfig?wpk-header=app%3Dalimama_lego2_alpvis%26tm%3D1694761872%26ud%3D26c966f1-2aee-4b39-bb3f-8a2157bd3bfa%26sver%3D0.7.7%26sign%3Dc41e43c828c16c16a6eb1c9c1e68e8ce

IEXPLORE.EXE

Remote address:

111.63.205.135:443

Request

GET /api/v1/jconfig?wpk-header=app%3Dalimama_lego2_alpvis%26tm%3D1694761872%26ud%3D26c966f1-2aee-4b39-bb3f-8a2157bd3bfa%26sver%3D0.7.7%26sign%3Dc41e43c828c16c16a6eb1c9c1e68e8ce HTTP/1.1
Accept: */*
Referer: https://ai.taobao.com/?pid=mm_30434367_11956336_111175400398&union_lens=lensId%3APUB%401614154932%400bba8ed9_0edc_177d321a27b_0600%4001
Accept-Language: en-US
Origin: https://ai.taobao.com
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: px.effirst.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Tue, 17 Oct 2023 12:22:14 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: Tengine/2.1.3_400
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, POST, PUT, DELETE, CONNECT, OPTIONS, TRACE
Content-Encoding: gzip
GET

https://px.effirst.com/api/v1/jssdk/upload?wpk-header=app%3Dalimama_lego2_bad_error%26cp%3Dnone%26de%3D4%26seq%3D1694761881454%26tm%3D1694761881%26ud%3Dd91b98f2-27e5-43e4-37d8-20c0b67c6d4d%26ver%3Dnull%26type%3Dflow%26sver%3D0.7.7%26sign%3D9bf8a190ef82c5049df7b199c599c45b&data=%7B%22w_url%22%3A%22https%3A%2F%2Fai.taobao.com%2F%22%2C%22w_query%22%3A%22%3Fpid%3Dmm_30434367_11956336_111175400398%26union_lens%3DlensId%253APUB%25401614154932%25400bba8ed9_0edc_177d321a27b_0600%254001%22%2C%22w_ref%22%3A%22%22%2C%22w_title%22%3A%22%E7%88%B1%E6%B7%98%E5%AE%9DPC%E7%89%88%22%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20WOW64%3B%20Trident%2F7.0%3B%20.NET4.0C%3B%20.NET4.0E%3B%20.NET%20CLR%202.0.50727%3B%20.NET%20CLR%203.0.30729%3B%20.NET%20CLR%203.5.30729%3B%20rv%3A11.0)%20like%20Gecko%22%2C%22referrer%22%3A%22http%3A%2F%2Fskjp.zcjczj.cn%2Fds2taob.html%3Fs%3D92%26v%3D93%26c%3D94%26a%3D376%26m%3D%26t%3D1614299382%22%2C%22dsp_dpi%22%3A1%2C%22dsp_w%22%3A1280%2C%22dsp_h%22%3A720%2C%22net%22%3A%22%22%2C%22category%22%3A5%2C%22sampleRate%22%3A1%2C%22w_bid%22%3A%22alimama_lego2_bad_error%22%2C%22w_cid%22%3Anull%2C%22w_rel%22%3Anull%2C%22w_spa%22%3Afalse%2C%22w_tm%22%3A1694761881446%2C%22w_cnt%22%3A1%2C%22uid%22%3A%22d91b98f2-27e5-43e4-37d8-20c0b67c6d4d%22%2C%22type%22%3A%22flow%22%2C%22sdk_ver%22%3A%220.7.7%22%2C%22log_src%22%3A%22jssdk%22%2C%22uc_param%22%3A%22%22%2C%22wid%22%3A%22d91b98f2-27e5-43e4-37d8-20c0b67c6d4d%22%2C%22w_frmid%22%3A%22ede32b4a-0efc-4e59-398e-ac00f27b7e1e%22%2C%22w_send_mode%22%3A%22imgsrc%22%7D

IEXPLORE.EXE

Remote address:

111.63.205.135:443

Request

GET /api/v1/jssdk/upload?wpk-header=app%3Dalimama_lego2_bad_error%26cp%3Dnone%26de%3D4%26seq%3D1694761881454%26tm%3D1694761881%26ud%3Dd91b98f2-27e5-43e4-37d8-20c0b67c6d4d%26ver%3Dnull%26type%3Dflow%26sver%3D0.7.7%26sign%3D9bf8a190ef82c5049df7b199c599c45b&data=%7B%22w_url%22%3A%22https%3A%2F%2Fai.taobao.com%2F%22%2C%22w_query%22%3A%22%3Fpid%3Dmm_30434367_11956336_111175400398%26union_lens%3DlensId%253APUB%25401614154932%25400bba8ed9_0edc_177d321a27b_0600%254001%22%2C%22w_ref%22%3A%22%22%2C%22w_title%22%3A%22%E7%88%B1%E6%B7%98%E5%AE%9DPC%E7%89%88%22%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20WOW64%3B%20Trident%2F7.0%3B%20.NET4.0C%3B%20.NET4.0E%3B%20.NET%20CLR%202.0.50727%3B%20.NET%20CLR%203.0.30729%3B%20.NET%20CLR%203.5.30729%3B%20rv%3A11.0)%20like%20Gecko%22%2C%22referrer%22%3A%22http%3A%2F%2Fskjp.zcjczj.cn%2Fds2taob.html%3Fs%3D92%26v%3D93%26c%3D94%26a%3D376%26m%3D%26t%3D1614299382%22%2C%22dsp_dpi%22%3A1%2C%22dsp_w%22%3A1280%2C%22dsp_h%22%3A720%2C%22net%22%3A%22%22%2C%22category%22%3A5%2C%22sampleRate%22%3A1%2C%22w_bid%22%3A%22alimama_lego2_bad_error%22%2C%22w_cid%22%3Anull%2C%22w_rel%22%3Anull%2C%22w_spa%22%3Afalse%2C%22w_tm%22%3A1694761881446%2C%22w_cnt%22%3A1%2C%22uid%22%3A%22d91b98f2-27e5-43e4-37d8-20c0b67c6d4d%22%2C%22type%22%3A%22flow%22%2C%22sdk_ver%22%3A%220.7.7%22%2C%22log_src%22%3A%22jssdk%22%2C%22uc_param%22%3A%22%22%2C%22wid%22%3A%22d91b98f2-27e5-43e4-37d8-20c0b67c6d4d%22%2C%22w_frmid%22%3A%22ede32b4a-0efc-4e59-398e-ac00f27b7e1e%22%2C%22w_send_mode%22%3A%22imgsrc%22%7D HTTP/1.1
Accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
Referer: https://ai.taobao.com/?pid=mm_30434367_11956336_111175400398&union_lens=lensId%3APUB%401614154932%400bba8ed9_0edc_177d321a27b_0600%4001
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
Accept-Encoding: gzip, deflate
Host: px.effirst.com
Connection: Keep-Alive

Response

HTTP/1.1 200 OK

Date: Tue, 17 Oct 2023 12:22:21 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: Tengine/2.1.3_400
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, HEAD, POST, PUT, DELETE, CONNECT, OPTIONS, TRACE
Content-Encoding: gzip
DNS

183.59.114.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

183.59.114.20.in-addr.arpa

IN PTR

Response
DNS

135.205.63.111.in-addr.arpa

Remote address:

8.8.8.8:53

Request

135.205.63.111.in-addr.arpa

IN PTR

Response
DNS

56.126.166.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

56.126.166.20.in-addr.arpa

IN PTR

Response
DNS

126.24.238.8.in-addr.arpa

Remote address:

8.8.8.8:53

Request

126.24.238.8.in-addr.arpa

IN PTR

Response
DNS

at.alicdn.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

at.alicdn.com

IN A

Response

at.alicdn.com

IN CNAME

at.alicdn.com.danuoyi.alicdn.com

at.alicdn.com.danuoyi.alicdn.com

IN A

47.246.48.251

at.alicdn.com.danuoyi.alicdn.com

IN A

47.246.48.252
GET

https://at.alicdn.com/t/font_1404888168_2057645.eot?

IEXPLORE.EXE

Remote address:

47.246.48.251:443

Request

GET /t/font_1404888168_2057645.eot? HTTP/2.0
host: at.alicdn.com
accept: */*
referer: https://ai.taobao.com/?pid=mm_30434367_11956336_111175400398&union_lens=lensId%3APUB%401614154932%400bba8ed9_0edc_177d321a27b_0600%4001
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
origin: https://ai.taobao.com
accept-encoding: gzip, deflate

Response

HTTP/2.0 200

server: Tengine
content-type: application/octet-stream
content-length: 8652
date: Mon, 02 Oct 2023 08:06:48 GMT
x-oss-request-id: 651A7A17FC091B3239389EB2
vary: Origin
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, HEAD
access-control-expose-headers: ETag, x-oss-request-id
access-control-max-age: 0
accept-ranges: bytes
etag: "1DA30AE7733100C4411A11D851465533"
last-modified: Fri, 24 Dec 2021 14:41:16 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 16620618281699977157
x-oss-storage-class: Standard
cache-control: max-age=63072000
content-md5: HaMK53MxAMRBGhHYUUZVMw==
x-oss-server-time: 1
ali-swift-global-savetime: 1696234008
via: cache22.l2us1[0,3,200-0,H], cache28.l2us1[4,0], cache4.nl2[96,100,200-0,M], cache4.nl2[104,0]
age: 1311327
x-cache: MISS TCP_MISS dirn:1:46302759
x-swift-savetime: Tue, 17 Oct 2023 12:22:15 GMT
x-swift-cachetime: 29792673
timing-allow-origin: *
eagleid: 2ff6309816975453356294896e
DNS

fragment.tmall.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

fragment.tmall.com

IN A

Response

fragment.tmall.com

IN CNAME

fragment.tmall.com.danuoyi.alicdn.com

fragment.tmall.com.danuoyi.alicdn.com

IN A

47.246.48.233

fragment.tmall.com.danuoyi.alicdn.com

IN A

47.246.48.232
GET

https://fragment.tmall.com/tbhome/default/tbnav-toolkit?wh_biz=tm&wh_callback=true&callback=tbnavtoolkit

IEXPLORE.EXE

Remote address:

47.246.48.233:443

Request

GET /tbhome/default/tbnav-toolkit?wh_biz=tm&wh_callback=true&callback=tbnavtoolkit HTTP/2.0
host: fragment.tmall.com
accept: application/javascript, */*;q=0.8
referer: https://ai.taobao.com/?pid=mm_30434367_11956336_111175400398&union_lens=lensId%3APUB%401614154932%400bba8ed9_0edc_177d321a27b_0600%4001
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
accept-encoding: gzip, deflate

Response

HTTP/2.0 200

server: Tengine
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
date: Tue, 17 Oct 2023 12:21:30 GMT
x-server-id: 28c3d6b2523ca52c32ad72931842b19a65602a3b705a72af48a380e658d2799b18860f5b9ea54579
x-air-hostname: air-ual033061104015.center.na610
x-air-trace-id: a3b55c9816975452900031536e
x-wormhole-fragment: true
cache-control: max-age=0, s-maxage=148
x-node: 6f93244408736726697c42b35dfaa4d9
x-eagleeye-id: a3b55c9816975452900031536e
x-retmsg: ok
x-content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
streaming-parser: open
x-retcode: SUCCESS
x-readtime: 92
x-via: de5.l1, ens-cache2.de5, l2de2.l2, cache12.l2de2, wormholesource033080002219.center.na610
x-air-source: proxy
x-xss-protection: 1; mode=block
eagleeye-traceid: a3b55c9816975452900031536e
strict-transport-security: max-age=31536000
timing-allow-origin: *, *
x-snapshot-date: 1697545035562
ali-swift-global-savetime: 1697545290
via: cache12.l2de2[0,0,304-0,H], cache20.l2de2[0,0], cache2.nl2[0,-1,200-0,H], cache2.nl2[3,0]
backup-by-error: 503
backup-from: OSS
vary: Accept-Encoding, Origin
etag: W/"5e9-JPQY43t6XgZsvZg2g8cl9UpcRug"
age: 50
x-cache: HIT TCP_MEM_HIT dirn:4:377806185
x-swift-savetime: Tue, 17 Oct 2023 12:21:31 GMT
x-swift-cachetime: 147
x-air-pt: pt0
eagleid: 2ff6309616975453405104102e
content-encoding: gzip
GET

https://log.mmstat.com/eg.js?t=1694761886519

IEXPLORE.EXE

Remote address:

59.82.33.226:443

Request

GET /eg.js?t=1694761886519 HTTP/2.0
host: log.mmstat.com
accept: application/javascript, */*;q=0.8
referer: https://ai.taobao.com/?pid=mm_30434367_11956336_111175400398&union_lens=lensId%3APUB%401614154932%400bba8ed9_0edc_177d321a27b_0600%4001
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
accept-encoding: gzip, deflate

Response

HTTP/2.0 200

server: nginx
date: Tue, 17 Oct 2023 12:22:21 GMT
content-type: application/javascript
content-length: 91
etag: "fWq1HWvksioCAZo9Rw0waEi2"
stag: 2
set-cookie: cna=fWq1HWvksioCAZo9Rw0waEi2; expires=Fri, 14-Oct-33 12:22:21 GMT; path=/; domain=.mmstat.com;
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
DNS

233.48.246.47.in-addr.arpa

Remote address:

8.8.8.8:53

Request

233.48.246.47.in-addr.arpa

IN PTR

Response
DNS

ws.mmstat.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

ws.mmstat.com

IN A

Response

ws.mmstat.com

IN CNAME

ws.mmstat.com.gds.alibabadns.com

ws.mmstat.com.gds.alibabadns.com

IN A

59.82.34.236
DNS

ws.mmstat.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

ws.mmstat.com

IN A

Response

ws.mmstat.com

IN CNAME

ws.mmstat.com.gds.alibabadns.com

ws.mmstat.com.gds.alibabadns.com

IN A

59.82.34.234
DNS

fourier.taobao.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

fourier.taobao.com

IN A

Response

fourier.taobao.com

IN CNAME

fourier.taobao.com.gds.alibabadns.com

fourier.taobao.com.gds.alibabadns.com

IN CNAME

dualstack.cn.zb.4431.wagbridge.alibaba.taobao.com

dualstack.cn.zb.4431.wagbridge.alibaba.taobao.com

IN CNAME

tao.cn.zb.aserver.tengine.ingress.alibabacorp.com

tao.cn.zb.aserver.tengine.ingress.alibabacorp.com

IN CNAME

tao.cn.zb.aserver.tengine.ingress.alibabacorp.com.gds.alibabadns.com

tao.cn.zb.aserver.tengine.ingress.alibabacorp.com.gds.alibabadns.com

IN A

59.82.122.10
DNS

fourier.taobao.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

fourier.taobao.com

IN A

Response

fourier.taobao.com

IN CNAME

fourier.taobao.com.gds.alibabadns.com

fourier.taobao.com.gds.alibabadns.com

IN CNAME

dualstack.cn.zb.4431.wagbridge.alibaba.taobao.com

dualstack.cn.zb.4431.wagbridge.alibaba.taobao.com

IN CNAME

tao.cn.zb.aserver.tengine.ingress.alibabacorp.com

tao.cn.zb.aserver.tengine.ingress.alibabacorp.com

IN CNAME

tao.cn.zb.aserver.tengine.ingress.alibabacorp.com.gds.alibabadns.com

tao.cn.zb.aserver.tengine.ingress.alibabacorp.com.gds.alibabadns.com

IN A

59.82.122.10
DNS

gm.mmstat.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

gm.mmstat.com

IN A

Response

gm.mmstat.com

IN CNAME

gm.mmstat.com.gds.alibabadns.com

gm.mmstat.com.gds.alibabadns.com

IN CNAME

gm-v6.mmstat.com

gm-v6.mmstat.com

IN CNAME

gm-v6.mmstat.com.gds.alibabadns.com

gm-v6.mmstat.com.gds.alibabadns.com

IN A

59.82.33.226
DNS

gm.mmstat.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

gm.mmstat.com

IN A

Response

gm.mmstat.com

IN CNAME

gm.mmstat.com.gds.alibabadns.com

gm.mmstat.com.gds.alibabadns.com

IN CNAME

gm-v6.mmstat.com

gm-v6.mmstat.com

IN CNAME

gm-v6.mmstat.com.gds.alibabadns.com

gm-v6.mmstat.com.gds.alibabadns.com

IN A

59.82.33.227
DNS

226.33.82.59.in-addr.arpa

Remote address:

8.8.8.8:53

Request

226.33.82.59.in-addr.arpa

IN PTR

Response
GET

https://ws.mmstat.com/ws

IEXPLORE.EXE

Remote address:

59.82.34.236:443

Request

GET /ws HTTP/1.1
Origin: https://ai.taobao.com
Sec-WebSocket-Key: pCoYRNxY5NZNblXsqZ6rew==
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Version: 13
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
Host: ws.mmstat.com
Cache-Control: no-cache
Cookie: cna=fWq1HWvksioCAZo9Rw0waEi2

Response

HTTP/1.1 101 Switching Protocols

Date: Tue, 17 Oct 2023 12:22:23 GMT
Connection: upgrade
Set-Cookie: atpsidas=b004a7f8a085757ce9b36dac_1697545343_1; expires=Fri, 14-Oct-33 12:22:23 GMT; path=/; domain=.mmstat.com
Set-Cookie: sca=424178b6; expires=Fri, 14-Oct-33 12:22:23 GMT; path=/; domain=.mmstat.com
Sec-WebSocket-Accept: YM5ICIWLDDATl+Fq4f3X5WTVB6w=
Upgrade: websocket
DNS

acjs.aliyun.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

acjs.aliyun.com

IN A

Response

acjs.aliyun.com

IN CNAME

na61-na62.wagbridge.alibaba.aliyun.com

na61-na62.wagbridge.alibaba.aliyun.com

IN CNAME

na61-na62.wagbridge.alibaba.aliyun.com.gds.alibabadns.com

na61-na62.wagbridge.alibaba.aliyun.com.gds.alibabadns.com

IN A

203.119.175.231
DNS

acjs.aliyun.com

IEXPLORE.EXE

Remote address:

8.8.8.8:53

Request

acjs.aliyun.com

IN A

Response

acjs.aliyun.com

IN CNAME

na61-na62.wagbridge.alibaba.aliyun.com

na61-na62.wagbridge.alibaba.aliyun.com

IN CNAME

na61-na62.wagbridge.alibaba.aliyun.com.gds.alibabadns.com

na61-na62.wagbridge.alibaba.aliyun.com.gds.alibabadns.com

IN A

203.119.144.45
GET

https://gm.mmstat.com/fsp.1.1?code=1&msg=funcion%3Aload%20AWSC%20success.%20msg%3A%20https%3A%2F%2Fg.alicdn.com%2FAWSC%2FAWSC%2Fawsc.js&pid=baxia-fast&page=https%3A%2F%2Fai.taobao.com%2F&query=pid%3Dmm_30434367_11956336_111175400398%26union_lens%3DlensId%253APUB%25401614154932%25400bba8ed9_0edc_177d321a27b_0600%254001&hash=&referrer=http%3A%2F%2Fskjp.zcjczj.cn%2Fds2taob.html%3Fs%3D92%26v%3D93%26c%3D94%26a%3D376%26m%3D%26t%3D1614299382&title=%E7%88%B1%E6%B7%98%E5%AE%9DPC%E7%89%88&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20WOW64%3B%20Trident%2F7.0%3B%20.NET4.0C%3B%20.NET4.0E%3B%20.NET%20CLR%202.0.50727%3B%20.NET%20CLR%203.0.30729%3B%20.NET%20CLR%203.5.30729%3B%20rv%3A11.0)%20like%20Gecko

IEXPLORE.EXE

Remote address:

59.82.33.226:443

Request

GET /fsp.1.1?code=1&msg=funcion%3Aload%20AWSC%20success.%20msg%3A%20https%3A%2F%2Fg.alicdn.com%2FAWSC%2FAWSC%2Fawsc.js&pid=baxia-fast&page=https%3A%2F%2Fai.taobao.com%2F&query=pid%3Dmm_30434367_11956336_111175400398%26union_lens%3DlensId%253APUB%25401614154932%25400bba8ed9_0edc_177d321a27b_0600%254001&hash=&referrer=http%3A%2F%2Fskjp.zcjczj.cn%2Fds2taob.html%3Fs%3D92%26v%3D93%26c%3D94%26a%3D376%26m%3D%26t%3D1614299382&title=%E7%88%B1%E6%B7%98%E5%AE%9DPC%E7%89%88&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20WOW64%3B%20Trident%2F7.0%3B%20.NET4.0C%3B%20.NET4.0E%3B%20.NET%20CLR%202.0.50727%3B%20.NET%20CLR%203.0.30729%3B%20.NET%20CLR%203.5.30729%3B%20rv%3A11.0)%20like%20Gecko HTTP/2.0
host: gm.mmstat.com
accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
referer: https://ai.taobao.com/?pid=mm_30434367_11956336_111175400398&union_lens=lensId%3APUB%401614154932%400bba8ed9_0edc_177d321a27b_0600%4001
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
accept-encoding: gzip, deflate
cookie: cna=fWq1HWvksioCAZo9Rw0waEi2

Response

HTTP/2.0 200

server: nginx
date: Tue, 17 Oct 2023 12:22:23 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
cross-origin-resource-policy: cross-origin
set-cookie: sca=9d2aeb50; path=/; domain=.mmstat.com
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
pragma: no-cache
GET

https://acjs.aliyun.com/error?v=et_d27&j=27&e=Unable%20to%20get%20property%20'dataset'%20of%20undefined%20or%20null%20reference&stack=TypeError%3A%20Unable%20to%20get%20property%20'dataset'%20of%20undefined%20or%20null%20reference%0A%20%20%20at%20A%20(https%3A%2F%2Fg.alicdn.com%2FAWSC%2Fet%2F1.70.4%2Fet_n.js%3A3%3A24656)%0A%20%20%20at%20Anonymous%20function%20(https%3A%2F%2Fg.alicdn.com%2FAWSC%2Fet%2F1.70.4%2Fet_n.js%3A8%3A708)%0A%20%20%20at%20Global%20code%20(https%3A%2F%2Fg.alicdn.com%2FAWSC%2Fet%2F1.70.4%2Fet_n.js%3A1%3A2)&line=0&type=9

IEXPLORE.EXE

Remote address:

203.119.175.231:443

Request

GET /error?v=et_d27&j=27&e=Unable%20to%20get%20property%20'dataset'%20of%20undefined%20or%20null%20reference&stack=TypeError%3A%20Unable%20to%20get%20property%20'dataset'%20of%20undefined%20or%20null%20reference%0A%20%20%20at%20A%20(https%3A%2F%2Fg.alicdn.com%2FAWSC%2Fet%2F1.70.4%2Fet_n.js%3A3%3A24656)%0A%20%20%20at%20Anonymous%20function%20(https%3A%2F%2Fg.alicdn.com%2FAWSC%2Fet%2F1.70.4%2Fet_n.js%3A8%3A708)%0A%20%20%20at%20Global%20code%20(https%3A%2F%2Fg.alicdn.com%2FAWSC%2Fet%2F1.70.4%2Fet_n.js%3A1%3A2)&line=0&type=9 HTTP/2.0
host: acjs.aliyun.com
accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
referer: https://ai.taobao.com/?pid=mm_30434367_11956336_111175400398&union_lens=lensId%3APUB%401614154932%400bba8ed9_0edc_177d321a27b_0600%4001
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
accept-encoding: gzip, deflate

Response

HTTP/2.0 200

date: Tue, 17 Oct 2023 12:22:23 GMT
content-type: application/octet-stream
content-length: 0
server: Tengine/Aserver
eagleeye-traceid: 215043f816975453435308214e1b98
strict-transport-security: max-age=0
timing-allow-origin: *
GET

https://fourier.taobao.com/ts?url=http%3A%2F%2Fskjp.zcjczj.cn%2Fds2taob.html%3Fs%3D92%26v%3D93%26c%3D94%26a%3D376%26m%3D%26t%3D1614299382&token=BHFxLQkNsAT8HRwQwKl2_KiuiP0LXuXQvbgP8lOGbThXepHMm671oB-MmpQcqX0I&cna=fWq1HWvksioCAZo9Rw0waEi2&ext=1

IEXPLORE.EXE

Remote address:

59.82.122.10:443

Request

GET /ts?url=http%3A%2F%2Fskjp.zcjczj.cn%2Fds2taob.html%3Fs%3D92%26v%3D93%26c%3D94%26a%3D376%26m%3D%26t%3D1614299382&token=BHFxLQkNsAT8HRwQwKl2_KiuiP0LXuXQvbgP8lOGbThXepHMm671oB-MmpQcqX0I&cna=fWq1HWvksioCAZo9Rw0waEi2&ext=1 HTTP/2.0
host: fourier.taobao.com
accept: image/png, image/svg+xml, image/jxr, image/*;q=0.8, */*;q=0.5
referer: https://ai.taobao.com/?pid=mm_30434367_11956336_111175400398&union_lens=lensId%3APUB%401614154932%400bba8ed9_0edc_177d321a27b_0600%4001
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
accept-encoding: gzip, deflate
cookie: cna=fWq1HWvksioCAZo9Rw0waEi2; l=fBOpDd54POEDOSGzBOfaFurza77OSCRYYuPzaNbMi9fPO_CB5Cm5W1h-Zx86C36OF6PeR3PnVGg6BeYBq3xonxvTeO9dPaMmndLHR35..; isg=BOzsO7yWpbtBprGH9YIDE4XFtcoepZBPoCMiBUYt-Bc6UYxbbrVg3-Lzd4NpQsin

Response

HTTP/2.0 200

date: Tue, 17 Oct 2023 12:22:23 GMT
content-type: application/javascript;charset=UTF-8
vary: Accept-Encoding
server: Tengine
cache-control: no-store
access-control-allow-credentials: true
bxuuid: a6cdb968eae81b3778542dbac95ac025
use-raw: true
bxuuid: {"login-token":"a6cdb968eae81b3778542dbac95ac025___null___fc94c9009eb35b9ed34428fe121b0101"}
set-cookie: x5secdata=xd006870652d5dbe8fa6cdb968eae81b3778542dbac95ac0251697545343a-717315356a1993109894abazc2aaa__bx__fourier.taobao.com%3A443%2Frp; Max-Age=20; Expires=Tue, 17-Oct-2023 12:22:43 GMT; Domain=taobao.com; Path=/
bxpunish: 1
via: tengine-ingress.033080066013.na620[web,200]
content-encoding: gzip
GET

https://fourier.taobao.com/rp?ext=51&data=jm_fWq1HWvksioCAZo9Rw0waEi2&random=5150150671039817&href=https%3A%2F%2Fai.taobao.com%2F%3Fpid%3Dmm_30434367_11956336_111175400398%26union_lens%3DlensId%253APUB%25401614154932%25400bba8ed9_0edc_177d321a27b_0600%254001&protocol=https:&callback=jsonpCallback

IEXPLORE.EXE

Remote address:

59.82.122.10:443

Request

GET /rp?ext=51&data=jm_fWq1HWvksioCAZo9Rw0waEi2&random=5150150671039817&href=https%3A%2F%2Fai.taobao.com%2F%3Fpid%3Dmm_30434367_11956336_111175400398%26union_lens%3DlensId%253APUB%25401614154932%25400bba8ed9_0edc_177d321a27b_0600%254001&protocol=https:&callback=jsonpCallback HTTP/2.0
host: fourier.taobao.com
accept: application/javascript, */*;q=0.8
referer: https://ai.taobao.com/?pid=mm_30434367_11956336_111175400398&union_lens=lensId%3APUB%401614154932%400bba8ed9_0edc_177d321a27b_0600%4001
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
accept-encoding: gzip, deflate
cookie: cna=fWq1HWvksioCAZo9Rw0waEi2

Response

HTTP/2.0 200

date: Tue, 17 Oct 2023 12:22:23 GMT
content-type: image/gif
content-length: 0
server: Tengine
strict-transport-security: max-age=31536000
ups-target-key: security-fourierhost
x-protocol: HTTP/2.0
eagleeye-traceid: 2150420d16975453439102473e1562
DNS

236.34.82.59.in-addr.arpa

Remote address:

8.8.8.8:53

Request

236.34.82.59.in-addr.arpa

IN PTR

Response
DNS

231.175.119.203.in-addr.arpa

Remote address:

8.8.8.8:53

Request

231.175.119.203.in-addr.arpa

IN PTR

Response
DNS

10.122.82.59.in-addr.arpa

Remote address:

8.8.8.8:53

Request

10.122.82.59.in-addr.arpa

IN PTR

Response
DNS

234.17.178.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

234.17.178.52.in-addr.arpa

IN PTR

Response

123.56.15.95:80

tj.flyfile.cn

2023-08-26_186bd3449422b4a0c6db7d28d86019a7_mafia_JC.exe

260 B
5
123.56.15.95:80

tj.flyfile.cn

2023-08-26_186bd3449422b4a0c6db7d28d86019a7_mafia_JC.exe

260 B
5
209.197.3.8:80

322 B
7
117.21.178.211:80

skjp.zcjczj.cn

IEXPLORE.EXE

340 B
184 B
7
4
117.21.178.211:80

http://skjp.zcjczj.cn/favicon.ico

http

IEXPLORE.EXE

1.7kB
2.8kB
15
11

HTTP Request

GET http://skjp.zcjczj.cn/ds2taob.html?s=92&v=93&c=94&a=376&m=&t=1614299382

HTTP Response

200

HTTP Request

GET http://skjp.zcjczj.cn/favicon.ico

HTTP Response

404
169.254.254.254:80

config.dshfioy.cn

IEXPLORE.EXE

156 B
3
169.254.254.254:80

config.dshfioy.cn

IEXPLORE.EXE

104 B
2
169.254.254.254:80

config.dshfioy.cn

IEXPLORE.EXE

156 B
3
59.82.121.179:443

ai.taobao.com

tls, http2

IEXPLORE.EXE

1.3kB
12.5kB
20
16
59.82.121.179:443

https://ai.taobao.com/favicon.ico

tls, http2

IEXPLORE.EXE

2.4kB
22.8kB
33
27

HTTP Request

GET https://ai.taobao.com/?pid=mm_30434367_11956336_111175400398&union_lens=lensId%3APUB%401614154932%400bba8ed9_0edc_177d321a27b_0600%4001

HTTP Response

200

HTTP Request

GET https://ai.taobao.com/favicon.ico

HTTP Response

302
47.246.48.251:443

g.alicdn.com

tls, http2

IEXPLORE.EXE

1.1kB
5.4kB
15
13
47.246.48.251:443

g.alicdn.com

tls, http2

IEXPLORE.EXE

1.1kB
5.4kB
16
13
47.246.48.251:443

g.alicdn.com

tls, http2

IEXPLORE.EXE

1.1kB
5.4kB
16
13
47.246.48.252:443

https://gw.alicdn.com/tfs/TB1jwakrbH1gK0jSZFwXXc7aXXa-20-20.png

tls, http2

IEXPLORE.EXE

2.3kB
25.8kB
33
27

HTTP Request

GET https://gw.alicdn.com/tfs/TB1HxCbreL2gK0jSZPhXXahvXXa-65-70.gif

HTTP Request

GET https://gw.alicdn.com/tfs/TB1jwakrbH1gK0jSZFwXXc7aXXa-20-20.png

HTTP Response

200

HTTP Response

200
47.246.48.252:443

gw.alicdn.com

tls, http2

IEXPLORE.EXE

1.1kB
5.4kB
15
13
47.246.48.251:443

https://lego.alicdn.com/mm/lego2??cellx-pc/0.0.8/index.css,mv/cellxLayout-adv/0.0.1/index.css

tls, http2

IEXPLORE.EXE

1.8kB
7.7kB
21
16

HTTP Request

GET https://lego.alicdn.com/mm/lego2??cellx-pc/0.0.8/index.js,mv/cellxLayout-adv/0.0.1/index.js

HTTP Request

GET https://lego.alicdn.com/mm/lego2??cellx-pc/0.0.8/index.css,mv/cellxLayout-adv/0.0.1/index.css

HTTP Response

200

HTTP Response

200
47.246.48.251:443

lego.alicdn.com

tls, http2

IEXPLORE.EXE

1.1kB
5.4kB
15
13
47.246.45.251:443

https://o.alicdn.com/tbhome/tbnav/index.css

tls, http2

IEXPLORE.EXE

2.7kB
42.0kB
44
39

HTTP Request

GET https://o.alicdn.com/tbhome/tbnav/index.js

HTTP Request

GET https://o.alicdn.com/tbhome/tbnav/index.css

HTTP Response

200

HTTP Response

200
47.246.45.251:443

o.alicdn.com

tls, http2

IEXPLORE.EXE

1.1kB
5.4kB
15
13
47.246.48.252:443

https://img.alicdn.com/tps/TB1PlWbKFXXXXbmXFXXXXXXXXXX-16-16.ico

tls, http2

IEXPLORE.EXE

2.2kB
18.3kB
30
23

HTTP Request

GET https://img.alicdn.com/tps/i4/T1VVv9FABeXXbtCInf-38-42.png

HTTP Request

GET https://img.alicdn.com/tps/i2/T1C3z7FudfXXcsE9Te-40-42.png

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://img.alicdn.com/tps/TB1PlWbKFXXXXbmXFXXXXXXXXXX-16-16.ico

HTTP Response

200
47.246.48.252:443

img.alicdn.com

tls, http2

IEXPLORE.EXE

1.2kB
6.9kB
17
14
47.246.48.251:443

https://g.alicdn.com/AWSC/et/1.70.4/et_n.js

tls, http2

IEXPLORE.EXE

19.0kB
428.0kB
347
331

HTTP Request

GET https://g.alicdn.com/cell/cell-cellx-boot/0.0.13/index.js

HTTP Request

GET https://g.alicdn.com/mtb/wpk/1.3.1/wpk.js

HTTP Request

GET https://g.alicdn.com/thx/cube/1.1.0/cube-min.css

HTTP Request

GET https://g.alicdn.com/??cell/lib-zepto/0.0.2/index.js,cell/lib-seajs/0.1.3/index.js,cell/lib-magix/0.1.7/index.js,mtb/lib-httpurl/1.3.8/httpurl.js,mtb/lib-windvane/3.0.4/windvane.js,mtb/lib-login/1.6.4/login.js,mtb/lib-promise/3.1.3/polyfillB.js,cell/lib-pagestate/0.0.8/index.js,cell/lib-img/0.1.2/index.js,mtb/lib-mtop/2.6.1/mtop.js,cell/lib-util/0.3.5/index.js,cell/lib-mtop/1.0.12/index.js,cell/lib-mtop/1.0.12/adapt.js,cell/lib-mtop/1.0.12/errorlog.js,cell/lib-mtop/1.0.12/datainject.js,cell/lib-mtop/1.0.12/taishan.js,cell/lib-mtop/1.0.12/play.js,cell/lib-mtop/1.0.12/link.js,cell/lib-mtop/1.0.12/optimus.js,cell/lib-track/0.2.0/index.js,cell/lib-trace/0.0.5/index.js,dt/tracker/4.1.0/tracker.Tracker.js,dt/tracker/4.1.0/tracker.performanceTrackerPlugin.js,cell/cellex-etao-util/0.0.23/index.js,cell/cellex-etao-init/0.0.4/index.js,cell/lib-opennew/0.0.11/index.js,cell/lib-intersectionObserver/0.0.2/index.js,cell/lib-intersectionObserver/0.0.2/init.js,cell/cell-lib-event-bus/0.0.2/index.js,cell/lib-lazy-manager/0.1.6/index.js,cell/lib-lazy-manager/0.1.6/sticky-lazy.js,cell/lib-lazy-manager/0.1.6/img-lazy.js,cell/cell-lib-back-notice/0.0.1/index.js,cell/cell-lib-json2html/0.1.0/index.js,cell/cell-lib-datasource/0.0.1/index.js,cell/cell-lib-cellx/0.2.2/index.js,cell-lego/cell-lib-logic-exec/0.0.8/index.js,cell/cell-lib-back-notice/0.0.1/index.js,cell/cell-lib-dynamic-schema-exec/0.0.1/index.js,cell/cell-item-render/2.2.0/index.js

HTTP Request

GET https://g.alicdn.com/??cell/cellex-boom-item-atb-pc-1v5-card/0.0.3/seajs/index/placeholder.js,cell/cellex-boom-item-atb-pc-1v5-card/0.0.3/seajs/index.js,cell/cellex-cellx-boom/0.0.14/seajs/index/m2.js,cell/cell-cellx-pc-title-h3/0.0.1/seajs/index/m2.js,cell/cell-cellx-atb-pc-main-cates/0.0.3/seajs/index/m2.js,cell/cell-cellx-atb-pc-search/0.0.1/seajs/index/m2.js,cell/cell-api-function-at-common/0.0.4/seajs/index.js

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://g.alicdn.com/alilog/mlog/aplus_v2.js

HTTP Response

200

HTTP Request

GET https://g.alicdn.com/alilog/??s/8.15.22/plugin/aplus_client.js,aplus_cplugin/0.7.12/toolkit.js,aplus_cplugin/0.7.12/monitor.js,s/8.15.22/plugin/aplus_ws.js,s/8.15.22/aplus_std.js,s/8.15.22/plugin/aplus_spmact.js?v=20230912175145

HTTP Response

200

HTTP Request

GET https://g.alicdn.com/dinamic/barrier-free/0.0.12/aria.js?appid=7e39dd4d92f393f9450d8fc1f6bafdf9

HTTP Response

200

HTTP Request

GET https://g.alicdn.com/sd/baxia-entry/index.js?t=235383

HTTP Request

GET https://g.alicdn.com/secdev/entry/index.js?t=235383

HTTP Response

200

HTTP Request

GET https://g.alicdn.com/AWSC/AWSC/awsc.js

HTTP Request

GET https://g.alicdn.com/sd/baxia/2.5.3/baxiaCommon.js

HTTP Response

200

HTTP Request

GET https://g.alicdn.com/secdev/sufei_data/3.9.10/index.js

HTTP Request

GET https://g.alicdn.com/secdev/nsv/1.0.87/ns_f_95_3_n.js?v=1

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://g.alicdn.com/AWSC/et/1.70.4/et_n.js

HTTP Response

200

HTTP Response

200

HTTP Response

200
47.246.48.251:443

g.alicdn.com

tls, http2

IEXPLORE.EXE

1.1kB
5.4kB
16
14
111.63.205.135:443

https://px.effirst.com/api/v1/jconfig?wpk-header=app%3Dalimama_lego2_bad_error%26tm%3D1694761872%26ud%3D8515656e-1cb5-4c9c-2e05-ef83a6a13432%26sver%3D0.7.7%26sign%3Dc41e43c828c16c16a6eb1c9c1e68e8ce

tls, http

IEXPLORE.EXE

3.1kB
6.4kB
15
8

HTTP Request

GET https://px.effirst.com/api/v1/jconfig?wpk-header=app%3Dalimama_lego2_bad_error%26tm%3D1694761872%26ud%3D8515656e-1cb5-4c9c-2e05-ef83a6a13432%26sver%3D0.7.7%26sign%3Dc41e43c828c16c16a6eb1c9c1e68e8ce
111.63.205.135:443

https://px.effirst.com/api/v1/jssdk/upload?wpk-header=app%3Dalimama_lego2_bad_error%26cp%3Dnone%26de%3D4%26seq%3D1694761881454%26tm%3D1694761881%26ud%3Dd91b98f2-27e5-43e4-37d8-20c0b67c6d4d%26ver%3Dnull%26type%3Dflow%26sver%3D0.7.7%26sign%3D9bf8a190ef82c5049df7b199c599c45b&data=%7B%22w_url%22%3A%22https%3A%2F%2Fai.taobao.com%2F%22%2C%22w_query%22%3A%22%3Fpid%3Dmm_30434367_11956336_111175400398%26union_lens%3DlensId%253APUB%25401614154932%25400bba8ed9_0edc_177d321a27b_0600%254001%22%2C%22w_ref%22%3A%22%22%2C%22w_title%22%3A%22%E7%88%B1%E6%B7%98%E5%AE%9DPC%E7%89%88%22%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20WOW64%3B%20Trident%2F7.0%3B%20.NET4.0C%3B%20.NET4.0E%3B%20.NET%20CLR%202.0.50727%3B%20.NET%20CLR%203.0.30729%3B%20.NET%20CLR%203.5.30729%3B%20rv%3A11.0)%20like%20Gecko%22%2C%22referrer%22%3A%22http%3A%2F%2Fskjp.zcjczj.cn%2Fds2taob.html%3Fs%3D92%26v%3D93%26c%3D94%26a%3D376%26m%3D%26t%3D1614299382%22%2C%22dsp_dpi%22%3A1%2C%22dsp_w%22%3A1280%2C%22dsp_h%22%3A720%2C%22net%22%3A%22%22%2C%22category%22%3A5%2C%22sampleRate%22%3A1%2C%22w_bid%22%3A%22alimama_lego2_bad_error%22%2C%22w_cid%22%3Anull%2C%22w_rel%22%3Anull%2C%22w_spa%22%3Afalse%2C%22w_tm%22%3A1694761881446%2C%22w_cnt%22%3A1%2C%22uid%22%3A%22d91b98f2-27e5-43e4-37d8-20c0b67c6d4d%22%2C%22type%22%3A%22flow%22%2C%22sdk_ver%22%3A%220.7.7%22%2C%22log_src%22%3A%22jssdk%22%2C%22uc_param%22%3A%22%22%2C%22wid%22%3A%22d91b98f2-27e5-43e4-37d8-20c0b67c6d4d%22%2C%22w_frmid%22%3A%22ede32b4a-0efc-4e59-398e-ac00f27b7e1e%22%2C%22w_send_mode%22%3A%22imgsrc%22%7D

tls, http

IEXPLORE.EXE

6.5kB
7.0kB
21
15

HTTP Request

GET https://px.effirst.com/api/v1/jconfig?wpk-header=app%3Dalimama_lego2_alpvis%26tm%3D1694761872%26ud%3D26c966f1-2aee-4b39-bb3f-8a2157bd3bfa%26sver%3D0.7.7%26sign%3Dc41e43c828c16c16a6eb1c9c1e68e8ce

HTTP Response

200

HTTP Request

GET https://px.effirst.com/api/v1/jssdk/upload?wpk-header=app%3Dalimama_lego2_bad_error%26cp%3Dnone%26de%3D4%26seq%3D1694761881454%26tm%3D1694761881%26ud%3Dd91b98f2-27e5-43e4-37d8-20c0b67c6d4d%26ver%3Dnull%26type%3Dflow%26sver%3D0.7.7%26sign%3D9bf8a190ef82c5049df7b199c599c45b&data=%7B%22w_url%22%3A%22https%3A%2F%2Fai.taobao.com%2F%22%2C%22w_query%22%3A%22%3Fpid%3Dmm_30434367_11956336_111175400398%26union_lens%3DlensId%253APUB%25401614154932%25400bba8ed9_0edc_177d321a27b_0600%254001%22%2C%22w_ref%22%3A%22%22%2C%22w_title%22%3A%22%E7%88%B1%E6%B7%98%E5%AE%9DPC%E7%89%88%22%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20WOW64%3B%20Trident%2F7.0%3B%20.NET4.0C%3B%20.NET4.0E%3B%20.NET%20CLR%202.0.50727%3B%20.NET%20CLR%203.0.30729%3B%20.NET%20CLR%203.5.30729%3B%20rv%3A11.0)%20like%20Gecko%22%2C%22referrer%22%3A%22http%3A%2F%2Fskjp.zcjczj.cn%2Fds2taob.html%3Fs%3D92%26v%3D93%26c%3D94%26a%3D376%26m%3D%26t%3D1614299382%22%2C%22dsp_dpi%22%3A1%2C%22dsp_w%22%3A1280%2C%22dsp_h%22%3A720%2C%22net%22%3A%22%22%2C%22category%22%3A5%2C%22sampleRate%22%3A1%2C%22w_bid%22%3A%22alimama_lego2_bad_error%22%2C%22w_cid%22%3Anull%2C%22w_rel%22%3Anull%2C%22w_spa%22%3Afalse%2C%22w_tm%22%3A1694761881446%2C%22w_cnt%22%3A1%2C%22uid%22%3A%22d91b98f2-27e5-43e4-37d8-20c0b67c6d4d%22%2C%22type%22%3A%22flow%22%2C%22sdk_ver%22%3A%220.7.7%22%2C%22log_src%22%3A%22jssdk%22%2C%22uc_param%22%3A%22%22%2C%22wid%22%3A%22d91b98f2-27e5-43e4-37d8-20c0b67c6d4d%22%2C%22w_frmid%22%3A%22ede32b4a-0efc-4e59-398e-ac00f27b7e1e%22%2C%22w_send_mode%22%3A%22imgsrc%22%7D

HTTP Response

200
47.246.48.251:443

at.alicdn.com

tls, http2

IEXPLORE.EXE

1.1kB
5.4kB
16
13
47.246.48.251:443

https://at.alicdn.com/t/font_1404888168_2057645.eot?

tls, http2

IEXPLORE.EXE

1.7kB
14.9kB
22
18

HTTP Request

GET https://at.alicdn.com/t/font_1404888168_2057645.eot?

HTTP Response

200
111.63.205.135:443

px.effirst.com

tls

IEXPLORE.EXE

2.0kB
4.4kB
18
9
47.246.48.233:443

fragment.tmall.com

tls, http2

IEXPLORE.EXE

1.2kB
5.4kB
17
14
47.246.48.233:443

https://fragment.tmall.com/tbhome/default/tbnav-toolkit?wh_biz=tm&wh_callback=true&callback=tbnavtoolkit

tls, http2

IEXPLORE.EXE

1.5kB
7.1kB
18
13

HTTP Request

GET https://fragment.tmall.com/tbhome/default/tbnav-toolkit?wh_biz=tm&wh_callback=true&callback=tbnavtoolkit

HTTP Response

200
59.82.33.226:443

log.mmstat.com

tls, http2

IEXPLORE.EXE

1.1kB
4.2kB
15
11
59.82.33.226:443

https://log.mmstat.com/eg.js?t=1694761886519

tls, http2

IEXPLORE.EXE

1.5kB
4.5kB
17
12

HTTP Request

GET https://log.mmstat.com/eg.js?t=1694761886519

HTTP Response

200
59.82.34.236:443

https://ws.mmstat.com/ws

tls, http

IEXPLORE.EXE

1.8kB
4.5kB
15
10

HTTP Request

GET https://ws.mmstat.com/ws

HTTP Response

101
59.82.33.226:443

https://gm.mmstat.com/fsp.1.1?code=1&msg=funcion%3Aload%20AWSC%20success.%20msg%3A%20https%3A%2F%2Fg.alicdn.com%2FAWSC%2FAWSC%2Fawsc.js&pid=baxia-fast&page=https%3A%2F%2Fai.taobao.com%2F&query=pid%3Dmm_30434367_11956336_111175400398%26union_lens%3DlensId%253APUB%25401614154932%25400bba8ed9_0edc_177d321a27b_0600%254001&hash=&referrer=http%3A%2F%2Fskjp.zcjczj.cn%2Fds2taob.html%3Fs%3D92%26v%3D93%26c%3D94%26a%3D376%26m%3D%26t%3D1614299382&title=%E7%88%B1%E6%B7%98%E5%AE%9DPC%E7%89%88&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20WOW64%3B%20Trident%2F7.0%3B%20.NET4.0C%3B%20.NET4.0E%3B%20.NET%20CLR%202.0.50727%3B%20.NET%20CLR%203.0.30729%3B%20.NET%20CLR%203.5.30729%3B%20rv%3A11.0)%20like%20Gecko

tls, http2

IEXPLORE.EXE

1.9kB
4.5kB
16
11

HTTP Request

GET https://gm.mmstat.com/fsp.1.1?code=1&msg=funcion%3Aload%20AWSC%20success.%20msg%3A%20https%3A%2F%2Fg.alicdn.com%2FAWSC%2FAWSC%2Fawsc.js&pid=baxia-fast&page=https%3A%2F%2Fai.taobao.com%2F&query=pid%3Dmm_30434367_11956336_111175400398%26union_lens%3DlensId%253APUB%25401614154932%25400bba8ed9_0edc_177d321a27b_0600%254001&hash=&referrer=http%3A%2F%2Fskjp.zcjczj.cn%2Fds2taob.html%3Fs%3D92%26v%3D93%26c%3D94%26a%3D376%26m%3D%26t%3D1614299382&title=%E7%88%B1%E6%B7%98%E5%AE%9DPC%E7%89%88&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20WOW64%3B%20Trident%2F7.0%3B%20.NET4.0C%3B%20.NET4.0E%3B%20.NET%20CLR%202.0.50727%3B%20.NET%20CLR%203.0.30729%3B%20.NET%20CLR%203.5.30729%3B%20rv%3A11.0)%20like%20Gecko

HTTP Response

200
59.82.33.226:443

gm.mmstat.com

tls, http2

IEXPLORE.EXE

1.0kB
4.1kB
13
10
203.119.175.231:443

https://acjs.aliyun.com/error?v=et_d27&j=27&e=Unable%20to%20get%20property%20'dataset'%20of%20undefined%20or%20null%20reference&stack=TypeError%3A%20Unable%20to%20get%20property%20'dataset'%20of%20undefined%20or%20null%20reference%0A%20%20%20at%20A%20(https%3A%2F%2Fg.alicdn.com%2FAWSC%2Fet%2F1.70.4%2Fet_n.js%3A3%3A24656)%0A%20%20%20at%20Anonymous%20function%20(https%3A%2F%2Fg.alicdn.com%2FAWSC%2Fet%2F1.70.4%2Fet_n.js%3A8%3A708)%0A%20%20%20at%20Global%20code%20(https%3A%2F%2Fg.alicdn.com%2FAWSC%2Fet%2F1.70.4%2Fet_n.js%3A1%3A2)&line=0&type=9

tls, http2

IEXPLORE.EXE

1.9kB
9.0kB
19
15

HTTP Request

GET https://acjs.aliyun.com/error?v=et_d27&j=27&e=Unable%20to%20get%20property%20'dataset'%20of%20undefined%20or%20null%20reference&stack=TypeError%3A%20Unable%20to%20get%20property%20'dataset'%20of%20undefined%20or%20null%20reference%0A%20%20%20at%20A%20(https%3A%2F%2Fg.alicdn.com%2FAWSC%2Fet%2F1.70.4%2Fet_n.js%3A3%3A24656)%0A%20%20%20at%20Anonymous%20function%20(https%3A%2F%2Fg.alicdn.com%2FAWSC%2Fet%2F1.70.4%2Fet_n.js%3A8%3A708)%0A%20%20%20at%20Global%20code%20(https%3A%2F%2Fg.alicdn.com%2FAWSC%2Fet%2F1.70.4%2Fet_n.js%3A1%3A2)&line=0&type=9

HTTP Response

200
203.119.175.231:443

acjs.aliyun.com

tls, http2

IEXPLORE.EXE

1.7kB
8.7kB
19
12
59.82.122.10:443

fourier.taobao.com

tls, http2

IEXPLORE.EXE

1.5kB
11.5kB
19
16
59.82.122.10:443

https://fourier.taobao.com/rp?ext=51&data=jm_fWq1HWvksioCAZo9Rw0waEi2&random=5150150671039817&href=https%3A%2F%2Fai.taobao.com%2F%3Fpid%3Dmm_30434367_11956336_111175400398%26union_lens%3DlensId%253APUB%25401614154932%25400bba8ed9_0edc_177d321a27b_0600%254001&protocol=https:&callback=jsonpCallback

tls, http2

IEXPLORE.EXE

3.4kB
13.2kB
23
19

HTTP Request

GET https://fourier.taobao.com/ts?url=http%3A%2F%2Fskjp.zcjczj.cn%2Fds2taob.html%3Fs%3D92%26v%3D93%26c%3D94%26a%3D376%26m%3D%26t%3D1614299382&token=BHFxLQkNsAT8HRwQwKl2_KiuiP0LXuXQvbgP8lOGbThXepHMm671oB-MmpQcqX0I&cna=fWq1HWvksioCAZo9Rw0waEi2&ext=1

HTTP Request

GET https://fourier.taobao.com/rp?ext=51&data=jm_fWq1HWvksioCAZo9Rw0waEi2&random=5150150671039817&href=https%3A%2F%2Fai.taobao.com%2F%3Fpid%3Dmm_30434367_11956336_111175400398%26union_lens%3DlensId%253APUB%25401614154932%25400bba8ed9_0edc_177d321a27b_0600%254001&protocol=https:&callback=jsonpCallback

HTTP Response

200

HTTP Response

200
204.79.197.200:443

ieonline.microsoft.com

tls, http2

iexplore.exe

1.2kB
8.3kB
15
14

8.8.8.8:53

208.194.73.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

208.194.73.20.in-addr.arpa
8.8.8.8:53

tj.flyfile.cn

dns

2023-08-26_186bd3449422b4a0c6db7d28d86019a7_mafia_JC.exe

118 B
150 B
2
2

DNS Request

tj.flyfile.cn

DNS Request

tj.flyfile.cn

DNS Response

123.56.15.95

DNS Response

123.56.15.95
8.8.8.8:53

skjp.zcjczj.cn

dns

IEXPLORE.EXE

60 B
359 B
1
1

DNS Request

skjp.zcjczj.cn

DNS Response

117.21.178.211

117.21.178.212

117.21.178.213

117.21.178.214

117.21.178.216

117.21.178.217

117.21.178.218

117.21.178.219

117.21.178.220

117.21.178.221

117.21.178.222

117.21.178.223

117.21.178.224

117.21.178.225

117.21.178.204

117.21.178.210
8.8.8.8:53

211.178.21.117.in-addr.arpa

dns

73 B
131 B
1
1

DNS Request

211.178.21.117.in-addr.arpa
8.8.8.8:53

76.32.126.40.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

76.32.126.40.in-addr.arpa
8.8.8.8:53

108.211.229.192.in-addr.arpa

dns

74 B
145 B
1
1

DNS Request

108.211.229.192.in-addr.arpa
8.8.8.8:53

158.240.127.40.in-addr.arpa

dns

73 B
147 B
1
1

DNS Request

158.240.127.40.in-addr.arpa
8.8.8.8:53

config.dshfioy.cn

dns

IEXPLORE.EXE

63 B
164 B
1
1

DNS Request

config.dshfioy.cn

DNS Response

169.254.254.254
8.8.8.8:53

ai.taobao.com

dns

IEXPLORE.EXE

59 B
185 B
1
1

DNS Request

ai.taobao.com

DNS Response

59.82.121.179
8.8.8.8:53

179.121.82.59.in-addr.arpa

dns

72 B
143 B
1
1

DNS Request

179.121.82.59.in-addr.arpa
8.8.8.8:53

226.20.18.104.in-addr.arpa

dns

72 B
134 B
1
1

DNS Request

226.20.18.104.in-addr.arpa
8.8.8.8:53

g.alicdn.com

dns

iexplore.exe

58 B
125 B
1
1

DNS Request

g.alicdn.com

DNS Response

47.246.48.251

47.246.48.252
8.8.8.8:53

mo.m.taobao.com

dns

iexplore.exe

61 B
304 B
1
1

DNS Request

mo.m.taobao.com

DNS Response

47.246.146.192
8.8.8.8:53

mos.m.taobao.com

dns

iexplore.exe

62 B
137 B
1
1

DNS Request

mos.m.taobao.com

DNS Response

47.246.48.232

47.246.48.233
8.8.8.8:53

gw.alicdn.com

dns

IEXPLORE.EXE

59 B
135 B
1
1

DNS Request

gw.alicdn.com

DNS Response

47.246.48.252

47.246.48.251
8.8.8.8:53

h5api.m.taobao.com

dns

iexplore.exe

128 B
480 B
2
2

DNS Request

h5api.m.taobao.com

DNS Request

h5api.m.taobao.com

DNS Response

47.246.64.92

DNS Response

47.246.64.92
8.8.8.8:53

img.alicdn.com

dns

IEXPLORE.EXE

60 B
129 B
1
1

DNS Request

img.alicdn.com

DNS Response

47.246.48.252

47.246.48.251
8.8.8.8:53

log.mmstat.com

dns

IEXPLORE.EXE

60 B
162 B
1
1

DNS Request

log.mmstat.com

DNS Response

59.82.33.226
8.8.8.8:53

lego.alicdn.com

dns

IEXPLORE.EXE

61 B
139 B
1
1

DNS Request

lego.alicdn.com

DNS Response

47.246.48.251

47.246.48.252
8.8.8.8:53

o.alicdn.com

dns

IEXPLORE.EXE

58 B
127 B
1
1

DNS Request

o.alicdn.com

DNS Response

47.246.45.251

47.246.45.252
8.8.8.8:53

226.21.18.104.in-addr.arpa

dns

72 B
134 B
1
1

DNS Request

226.21.18.104.in-addr.arpa
8.8.8.8:53

aeu.alicdn.com

dns

iexplore.exe

60 B
155 B
1
1

DNS Request

aeu.alicdn.com

DNS Response

23.207.107.56
8.8.8.8:53

t.alicdn.com

dns

iexplore.exe

58 B
133 B
1
1

DNS Request

t.alicdn.com

DNS Response

47.246.48.251

47.246.48.252
8.8.8.8:53

uaction.alicdn.com

dns

iexplore.exe

64 B
145 B
1
1

DNS Request

uaction.alicdn.com

DNS Response

47.246.48.252

47.246.48.251
8.8.8.8:53

251.48.246.47.in-addr.arpa

dns

72 B
143 B
1
1

DNS Request

251.48.246.47.in-addr.arpa
8.8.8.8:53

252.48.246.47.in-addr.arpa

dns

72 B
143 B
1
1

DNS Request

252.48.246.47.in-addr.arpa
8.8.8.8:53

251.45.246.47.in-addr.arpa

dns

72 B
143 B
1
1

DNS Request

251.45.246.47.in-addr.arpa
8.8.8.8:53

59.128.231.4.in-addr.arpa

dns

71 B
157 B
1
1

DNS Request

59.128.231.4.in-addr.arpa
8.8.8.8:53

px.effirst.com

dns

IEXPLORE.EXE

60 B
107 B
1
1

DNS Request

px.effirst.com

DNS Response

111.63.205.135
8.8.8.8:53

183.59.114.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

183.59.114.20.in-addr.arpa
8.8.8.8:53

135.205.63.111.in-addr.arpa

dns

73 B
136 B
1
1

DNS Request

135.205.63.111.in-addr.arpa
8.8.8.8:53

56.126.166.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

56.126.166.20.in-addr.arpa
8.8.8.8:53

126.24.238.8.in-addr.arpa

dns

71 B
125 B
1
1

DNS Request

126.24.238.8.in-addr.arpa
8.8.8.8:53

at.alicdn.com

dns

IEXPLORE.EXE

59 B
127 B
1
1

DNS Request

at.alicdn.com

DNS Response

47.246.48.251

47.246.48.252
8.8.8.8:53

fragment.tmall.com

dns

IEXPLORE.EXE

64 B
144 B
1
1

DNS Request

fragment.tmall.com

DNS Response

47.246.48.233

47.246.48.232
8.8.8.8:53

233.48.246.47.in-addr.arpa

dns

72 B
143 B
1
1

DNS Request

233.48.246.47.in-addr.arpa
8.8.8.8:53

ws.mmstat.com

dns

IEXPLORE.EXE

118 B
236 B
2
2

DNS Request

ws.mmstat.com

DNS Request

ws.mmstat.com

DNS Response

59.82.34.236

DNS Response

59.82.34.234
8.8.8.8:53

fourier.taobao.com

dns

IEXPLORE.EXE

128 B
602 B
2
2

DNS Request

fourier.taobao.com

DNS Request

fourier.taobao.com

DNS Response

59.82.122.10

DNS Response

59.82.122.10
8.8.8.8:53

gm.mmstat.com

dns

IEXPLORE.EXE

118 B
316 B
2
2

DNS Request

gm.mmstat.com

DNS Request

gm.mmstat.com

DNS Response

59.82.33.226

DNS Response

59.82.33.227
8.8.8.8:53

226.33.82.59.in-addr.arpa

dns

71 B
142 B
1
1

DNS Request

226.33.82.59.in-addr.arpa
8.8.8.8:53

acjs.aliyun.com

dns

IEXPLORE.EXE

122 B
374 B
2
2

DNS Request

acjs.aliyun.com

DNS Request

acjs.aliyun.com

DNS Response

203.119.175.231

DNS Response

203.119.144.45
8.8.8.8:53

236.34.82.59.in-addr.arpa

dns

71 B
142 B
1
1

DNS Request

236.34.82.59.in-addr.arpa
8.8.8.8:53

231.175.119.203.in-addr.arpa

dns

74 B
162 B
1
1

DNS Request

231.175.119.203.in-addr.arpa
8.8.8.8:53

10.122.82.59.in-addr.arpa

dns

71 B
142 B
1
1

DNS Request

10.122.82.59.in-addr.arpa
8.8.8.8:53

234.17.178.52.in-addr.arpa

dns

72 B
146 B
1
1

DNS Request

234.17.178.52.in-addr.arpa

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\DOMStore\1T6973M5\ai.taobao[1].xml

Filesize
169KB

MD5
42c6e2e79a76b6dcaa4e017e29942af7

SHA1
804ca5bf1a95ce400a734c1ab35520efc68740f9

SHA256
97eb0c516bdd00311265fa3af141ae357e7af993e5fe0a28cb0f53c2412d94b2

SHA512
65cf19be56ebbf2a8267eefd1c3094e25c129521651fc7ae3bdf6458955cda8dd566800966b9f39a8b751a7d424585ea9f92ca43dff0e7ec62ea63681449dfcd

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\myqr27u\imagestore.dat

Filesize
1KB

MD5
b47e0b93031a49f4d54ef0bd6a78e558

SHA1
94bcd6cd976a5221339ac81c6547008d4fd145ec

SHA256
f00dfdda0d956b0f7b25b4b8e14010f677f732af25a929e306e49d28df86a105

SHA512
a1f81108c0948018f5a5f99a2a268852e1ed3f84309e427acb258e4834e6204e1e98a124ae9dfee0358eeb5285c991356b7bc45ce634692c6f1a2511500565db

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\1RORH6TK\TB1PlWbKFXXXXbmXFXXXXXXXXXX-16-16[1].ico

Filesize
1KB

MD5
fb44dc89394b9c62bf847ee420eaf4b3

SHA1
af32d2a4d2213d734cca7ddf0ad309ba0fd2a3b8

SHA256
f238445369d41b33020f76c8adaa5774cebeab5045d6ef90c459b68ad1304143

SHA512
42849e934319aa28b46a07680d36ae00b83f26f42e61e7c1e5bb1e8f49f381393f0d4d93a9dbb54d7a7126ddb02951ae008d4687efdb6ee0dada6d14eb4cde83

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\1RORH6TK\suggestions[1].en-US

Filesize
17KB

MD5
5a34cb996293fde2cb7a4ac89587393a

SHA1
3c96c993500690d1a77873cd62bc639b3a10653f

SHA256
c6a5377cbc07eece33790cfc70572e12c7a48ad8296be25c0cc805a1f384dbad

SHA512
e1b7d0107733f81937415104e70f68b1be6fd0ca65dccf4ff72637943d44278d3a77f704aedff59d2dbc0d56a609b2590c8ec0dd6bc48ab30f1dad0c07a0a3ee

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response