urlscan.io logo urlscan.io
SecurityTrails logo

www.iciba.com Open in urlscan Pro
120.92.59.211  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.iciba.com/kidnapping
Submission: On August 30 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 6 domains to perform 54 HTTP transactions. The main IP is 120.92.59.211, located in Beijing, China and belongs to BJKSCNET Beijing Kingsoft Cloud Internet Technology Co., Ltd, CN. The main domain is www.iciba.com.
This is the only time www.iciba.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 120.92.59.211 59019 (BJKSCNET ...)
14 150.138.216.175 58540 (CHINATELE...)
5 123.59.12.94 ()
1 119.146.74.49 58543 (CHINATELE...)
1 119.146.74.34 58543 (CHINATELE...)
6 115.239.210.141 58461 (CT-HANGZH...)
9 2a00:1450:400... 15169 (GOOGLE)
1 120.92.220.178 59019 (BJKSCNET ...)
1 122.228.95.178 134771 (CHINANET-...)
1 120.92.3.58 59019 (BJKSCNET ...)
1 140.205.60.79 37963 (CNNIC-ALI...)
54 12
8    120.92.59.211 (Beijing, China)

ASN59019 (BJKSCNET Beijing Kingsoft Cloud Internet Technology Co., Ltd, CN)
www.iciba.com
14    150.138.216.175 (Jinan, China)

ASN58540 (CHINATELECOM-HUNAN-ZHUZHOU-MAN Zhuzhou, CN)
cdn.iciba.com
5    123.59.12.94 (Beijing, China)

ASN- ()
open.iciba.com
1    119.146.74.49 (Guangzhou, China)

ASN58543 (CHINATELECOM-GUANGDONG-IDC Guangdong, CN)
dup.baidustatic.com
1    119.146.74.34 (Guangzhou, China)

ASN58543 (CHINATELECOM-GUANGDONG-IDC Guangdong, CN)
cpro.baidustatic.com
6    115.239.210.141 (Hangzhou, China)

ASN58461 (CT-HANGZHOU-IDC No.288,Fu-chun Road, CN)
pos.baidu.com
9    2a00:1450:4001:818::2002 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
pagead2.googlesyndication.com
1    120.92.220.178 (Beijing, China)

ASN59019 (BJKSCNET Beijing Kingsoft Cloud Internet Technology Co., Ltd, CN)
activity.iciba.com
1    122.228.95.178 (Wenzhou, China)

ASN134771 (CHINANET-SICHUAN-CHENGDU-MAN CHINANET Sichuan province Chengdu MAN network, CN)
s11.cnzz.com
1    120.92.3.58 (Beijing, China)

ASN59019 (BJKSCNET Beijing Kingsoft Cloud Internet Technology Co., Ltd, CN)
dict-mobile.iciba.com
1    140.205.60.79 (Hangzhou, China)

ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)
z13.cnzz.com
Domain Requested by
14 cdn.iciba.com www.iciba.com
cdn.iciba.com
9 pagead2.googlesyndication.com dup.baidustatic.com
pagead2.googlesyndication.com
www.iciba.com
8 www.iciba.com www.iciba.com
open.iciba.com
cdn.iciba.com
6 pos.baidu.com dup.baidustatic.com
5 open.iciba.com www.iciba.com
open.iciba.com
cdn.iciba.com
1 z13.cnzz.com www.iciba.com
1 dict-mobile.iciba.com cdn.iciba.com
1 s11.cnzz.com www.iciba.com
1 activity.iciba.com cdn.iciba.com
1 cpro.baidustatic.com www.iciba.com
1 dup.baidustatic.com www.iciba.com
0 googleads.g.doubleclick.net Failed pagead2.googlesyndication.com
54 12
Subject Issuer Validity Valid
*.googleusercontent.com
Google Internet Authority G2		 2017-08-22 -
2017-11-14		 3 months crt.sh

This page contains 10 frames:

Primary Page: http://www.iciba.com/kidnapping
Frame ID: 31757.1
Requests: 43 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20170828/r20170110/zrt_lookup.html
Frame ID: 31757.3
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20170828/r20170110/show_ads_impl.js
Frame ID: 31757.2
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5208124588633775&format=960x50&output=html&h=50&slotname=3231000645&adk=3746465131&adf=2548115941&w=960&lmt=1504109593&ea=0&flash=0&url=http%3A%2F%2Fwww.iciba.com%2Fkidnapping&wgl=1&dt=1504109593577&bpp=7&bdt=5481&fdt=8&idt=105&shv=r20170828&cbv=r20170110&saldr=aa&correlator=4027100165558&frm=20&ga_vid=781827475.1504109594&ga_sid=1504109594&ga_hid=1788240769&ga_fc=0&pv=2&iag=3&icsg=2&nhd=1&dssz=2&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=118&biw=1585&bih=1200&abxe=1&eid=575144605%2C21060715&oid=3&rx=0&eae=2&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=1&dtd=124
Frame ID: 31757.4
Requests: 1 HTTP requests in this frame

Frame: http://pos.baidu.com/kchm?sz=640x200&rdid=2673745&dc=3&di=u2673745&dri=0&dis=0&dai=1&ps=0x0&coa=at%3D3%26rsi0%3D640%26rsi1%3D200%26pat%3D6%26tn%3DbaiduCustNativeAD%26rss1%3D%2523FFFFFF%26conBW%3D0%26adp%3D1%26ptt%3D0%26titFF%3D%2525E5%2525BE%2525AE%2525E8%2525BD%2525AF%2525E9%25259B%252585%2525E9%2525BB%252591%26titFS%3D14%26rss2%3D%2523000000%26titSU%3D0%26ptbg%3D90%26piw%3D0%26pih%3D0%26ptp%3D0&dcb=___adblockplus&dtm=HTML_POST&dvi=0.0&dci=-1&dpt=none&tsr=0&tpr=1504109592947&ti=kidnapping%E6%98%AF%E4%BB%80%E4%B9%88%E6%84%8F%E6%80%9D_kidnapping%E7%9A%84%E7%BF%BB%E8%AF%91_%E9%9F%B3%E6%A0%87_%E8%AF%BB%E9%9F%B3_%E7%94%A8%E6%B3%95_%E4%BE%8B%E5%8F%A5_%E7%88%B1%E8%AF%8D%E9%9C%B8%E5%9C%A8%E7%BA%BF%E8%AF%8D%E5%85%B8&ari=2&dbv=2&drs=1&pcs=1585x1200&pss=1585x1527&cfv=0&cpl=0&chi=2&cce=true&cec=UTF-8&tlm=1504109594&rw=1200&ltu=http%3A%2F%2Fwww.iciba.com%2Fkidnapping&ecd=1&uc=1600x1200&pis=-1x-1&sr=1600x1200&tcn=1504109594&qn=47c5991d09d4c9f9&tt=1504109592936.1090.1301.1302
Frame ID: 31757.7
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20170828/r20170110/show_ads_impl.js
Frame ID: 31757.8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5208124588633775&format=300x250&output=html&h=250&slotname=1561501844&adk=3627929119&adf=336141353&w=300&lmt=1504109594&avail_w=300&ea=0&flash=0&url=http%3A%2F%2Fwww.iciba.com%2Fkidnapping&wgl=1&dt=1504109594243&bpp=12&bdt=6148&fdt=13&idt=42&shv=r20170828&cbv=r20170110&saldr=aa&prev_fmts=960x50&correlator=4027100165558&frm=20&ga_vid=781827475.1504109594&ga_sid=1504109594&ga_hid=1788240769&ga_fc=0&pv=1&iag=3&icsg=2&nhd=1&dssz=2&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=993&ady=297&biw=1585&bih=1200&abxe=1&eid=575144605%2C21060715&oid=3&rx=0&eae=2&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=2&dtd=56
Frame ID: 31757.9
Requests: 1 HTTP requests in this frame

Frame: http://pagead2.googlesyndication.com/pagead/js/r20170828/r20170110/show_ads_impl.js
Frame ID: 31757.11
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5208124588633775&format=300x250&output=html&h=250&slotname=1561501844&adk=636811660&adf=3640993726&w=300&lmt=1504109594&avail_w=300&ea=0&flash=0&url=http%3A%2F%2Fwww.iciba.com%2Fkidnapping&wgl=1&dt=1504109594527&bpp=4&bdt=6431&fdt=4&idt=6&shv=r20170828&cbv=r20170110&saldr=aa&prev_fmts=960x50%2C300x250&correlator=4027100165558&frm=20&ga_vid=781827475.1504109594&ga_sid=1504109594&ga_hid=1788240769&ga_fc=0&pv=1&iag=3&icsg=2&nhd=1&dssz=2&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=993&ady=559&biw=1585&bih=1200&abxe=1&eid=575144605%2C21060715&oid=3&rx=0&eae=2&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=3&dtd=10
Frame ID: 31757.12
Requests: 1 HTTP requests in this frame

Frame: https://pos.baidu.com/wh/o.htm?ltr=
Frame ID: 31757.14
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

54
Requests

4 %
HTTPS

9 %
IPv6

6
Domains

12
Subdomains

12
IPs

2
Countries

437 kB
Transfer

1518 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

54 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request kidnapping
www.iciba.com/ 		51 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.iciba.com/kidnapping
Protocol
HTTP/1.1
Server
120.92.59.211 Beijing, China, ASN59019 (BJKSCNET Beijing Kingsoft Cloud Internet Technology Co., Ltd, CN),
Reverse DNS
Software
/ PHP/5.5.25
Resource Hash
38dad5bc92cc7e36dff786789efb59992abc540bd507ab10797f4b0b8dd104d6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date
Wed, 30 Aug 2017 16:13:07 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/5.5.25
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
1.9.1.min.js
cdn.iciba.com/www/js/jquery/ 		91 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.iciba.com/www/js/jquery/1.9.1.min.js
Requested by
Host: www.iciba.com
URL: http://www.iciba.com/kidnapping
Protocol
HTTP/1.1
Server
150.138.216.175 Jinan, China, ASN58540 (CHINATELECOM-HUNAN-ZHUZHOU-MAN Zhuzhou, CN),
Reverse DNS
Software
marco/1.7 /
Resource Hash
affd617539a05a9c2d9b445744af8cee3e7cdb2ac24b5cbad3900e56f3081d79

Request headers

Referer
http://www.iciba.com/kidnapping
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date
Wed, 30 Aug 2017 16:13:11 GMT
Via
T.22136.H.1, V.mix-sd-dst-039, T.216174.R.1, M.ctn-sd-tna-172
Age
1115
Transfer-Encoding
chunked
Connection
keep-alive
Content-Encoding
gzip
X-M-Reqid
DxUAAFcUG7VOetQU
X-Request-Id
19d2a6ee6d1bdd86fc05275536d835e7; cedccfdab2618f23f5e15ca45979f693
X-M-Log
QNM:xs461;QNM2
Last-Modified
Fri, 09 Sep 2016 09:24:40 GMT
Server
marco/1.7
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=1800
X-Source
C/200
X-Qnm-Cache
Hit
Expires
Wed, 30 Aug 2017 16:01:39 GMT
search.css
www.iciba.com/css/ 		35 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.iciba.com/css/search.css?t=1504082931962
Requested by
Host: www.iciba.com
URL: http://www.iciba.com/kidnapping
Protocol
HTTP/1.1
Server
120.92.59.211 Beijing, China, ASN59019 (BJKSCNET Beijing Kingsoft Cloud Internet Technology Co., Ltd, CN),
Reverse DNS
Software
/
Resource Hash
38d84600516da337287d4bed0842ecc3bd0246c20dc3faed48c79d977ee0ed7c

Request headers

Referer
http://www.iciba.com/kidnapping
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date
Wed, 30 Aug 2017 16:13:08 GMT
Content-Encoding
gzip
Last-Modified
Wed, 30 Aug 2017 09:10:42 GMT
ETag
"59a68112-8bea"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 29 Sep 2017 16:13:04 GMT
huaci.js
open.iciba.com/huaci_new/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://open.iciba.com/huaci_new/huaci.js
Requested by
Host: www.iciba.com
URL: http://www.iciba.com/kidnapping
Protocol
HTTP/1.1
Server
123.59.12.94 Beijing, China, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
d87731a73c6ba368bfaf95d8d1e8a4a3a50147e6492b0f9af404ff85db56fb52

Request headers

Referer
http://www.iciba.com/kidnapping
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date
Wed, 30 Aug 2017 16:13:08 GMT
Last-Modified
Fri, 09 Jun 2017 03:13:24 GMT
Server
nginx
Content-Type
application/x-javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3672
Expires
Thu, 31 Dec 2037 23:55:55 GMT
avalon.1.5.5.min.js
cdn.iciba.com/www/js/ 		73 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.iciba.com/www/js/avalon.1.5.5.min.js
Requested by
Host: www.iciba.com
URL: http://www.iciba.com/kidnapping
Protocol
HTTP/1.1
Server
150.138.216.175 Jinan, China, ASN58540 (CHINATELECOM-HUNAN-ZHUZHOU-MAN Zhuzhou, CN),
Reverse DNS
Software
marco/1.7 /
Resource Hash
1e9e018fc4603861a20ef7fb0b5148f2d3d92c29a88bdf90c7255c3eca1450ea

Request headers

Referer
http://www.iciba.com/kidnapping
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date
Wed, 30 Aug 2017 16:13:11 GMT
Via
T.22143.R.1, V.mix-sd-dst-036, T.216174.R.1, M.ctn-sd-tna-174
Age
1048
Transfer-Encoding
chunked
Connection
keep-alive
Content-Encoding
gzip
X-M-Reqid
qhsAAHX0DtbIetQU
X-Request-Id
ae89fa515b96cf7da753203fa8c114c8; da291cd9be6751e0ba1634ba808b2967
X-M-Log
QNM:xs475;QNM2
Last-Modified
Wed, 06 Jul 2016 12:15:20 GMT
Server
marco/1.7
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=1800
X-Source
C/200
X-Qnm-Cache
Hit
Expires
Wed, 30 Aug 2017 15:39:09 GMT
require.js
cdn.iciba.com/www/js/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.iciba.com/www/js/require.js
Requested by
Host: www.iciba.com
URL: http://www.iciba.com/kidnapping
Protocol
HTTP/1.1
Server
150.138.216.175 Jinan, China, ASN58540 (CHINATELECOM-HUNAN-ZHUZHOU-MAN Zhuzhou, CN),
Reverse DNS
Software
marco/1.7 /
Resource Hash
44f102914437f183e376405c1a190c1877e10a1a26e380bab8149616c2b02ca4

Request headers

Referer
http://www.iciba.com/kidnapping
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date
Wed, 30 Aug 2017 16:13:11 GMT
Via
T.22135.R.1, V.mix-sd-dst-036, T.216170.R.1, M.ctn-sd-tna-170
Age
1221
Transfer-Encoding
chunked
Connection
keep-alive
Content-Encoding
gzip
X-M-Reqid
DRQAAFUVddPjeNQU
X-Request-Id
6753d2c449f0c9ca9d8ea63c1b16c5d1; 4939afc295235bf6d61fa242043e984e
X-M-Log
QNM:xs451;QNM2
Last-Modified
Tue, 28 Jun 2016 03:15:35 GMT
Server
marco/1.7
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=1800
X-Source
C/200
X-Qnm-Cache
Hit
Expires
Wed, 30 Aug 2017 15:47:25 GMT
search.js
www.iciba.com/js/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.iciba.com/js/search.js
Requested by
Host: www.iciba.com
URL: http://www.iciba.com/kidnapping
Protocol
HTTP/1.1
Server
120.92.59.211 Beijing, China, ASN59019 (BJKSCNET Beijing Kingsoft Cloud Internet Technology Co., Ltd, CN),
Reverse DNS
Software
/
Resource Hash
69d3819029d630efe1778f790ad5230ba0023ebc4cb81cbf41182f37bcab5155

Request headers

Referer
http://www.iciba.com/kidnapping
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date
Wed, 30 Aug 2017 16:13:08 GMT
Content-Encoding
gzip
Last-Modified
Fri, 28 Jul 2017 10:56:07 GMT
ETag
"597b1847-9d25"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 29 Sep 2017 16:13:04 GMT
active-11-11.js
cdn.iciba.com/www/img/activity/common/ 		39 B
39 B 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.iciba.com/www/img/activity/common/active-11-11.js
Requested by
Host: www.iciba.com
URL: http://www.iciba.com/kidnapping
Protocol
HTTP/1.1
Server
150.138.216.175 Jinan, China, ASN58540 (CHINATELECOM-HUNAN-ZHUZHOU-MAN Zhuzhou, CN),
Reverse DNS
Software
marco/1.7 /
Resource Hash
70868aa777e1dbed40291aff9167380d7a356d659d22c6f0846495037cf862f4

Request headers

Referer
http://www.iciba.com/kidnapping
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date
Wed, 30 Aug 2017 16:13:11 GMT
Via
T.22139.R.1, V.mix-sd-dst-037, T.216173.R.1, M.ctn-sd-tna-170
Age
905
X-Source
C/200
Connection
keep-alive
Content-Length
39
X-M-Reqid
uBsAAGyGnTjOetQU
X-Request-Id
d935f52c8d8bf3273d7aa59ba7de8397; 732c297741929b706b3852ee74c7c41d
X-M-Log
QNM:xs473;QNM2
Last-Modified
Mon, 14 Nov 2016 03:37:19 GMT
Server
marco/1.7
Content-Type
application/x-javascript
Cache-Control
max-age=1800
Accept-Ranges
bytes
X-Qnm-Cache
Hit
Expires
Wed, 30 Aug 2017 16:01:28 GMT
wx-small-program.png
cdn.iciba.com/www/img/www/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.iciba.com/www/img/www/wx-small-program.png
Requested by
Host: www.iciba.com
URL: http://www.iciba.com/kidnapping
Protocol
HTTP/1.1
Server
150.138.216.175 Jinan, China, ASN58540 (CHINATELECOM-HUNAN-ZHUZHOU-MAN Zhuzhou, CN),
Reverse DNS
Software
marco/1.7 /
Resource Hash
c21dbc6c896b7f8d62e050611f3adbf98b3ab493b1da77e07fc23b4105347018

Request headers

Referer
http://www.iciba.com/kidnapping
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date
Wed, 30 Aug 2017 16:13:11 GMT
Via
T.22144.R.1, V.mix-sd-dst-044, T.216173.R.1, M.ctn-sd-tna-172
Age
1561
X-Source
C/304
Connection
keep-alive
Content-Length
23938
X-M-Reqid
P2QAAAYL0SmFVdYU, P2QAAI_JtiOFVdYU
X-Request-Id
e7a6f83f57d37285404068b821ab1f6c; d42ac1652d045733495efc718c9560c5
X-M-Log
QNM:xs442;SRCPROXY:xs488;SRCPROXY:31/304;QNM2/304
Last-Modified
Tue, 10 Jan 2017 01:56:55 GMT
Server
marco/1.7
Content-Type
image/png
Cache-Control
max-age=1800
Accept-Ranges
bytes
X-Qnm-Cache
Miss,Proxy
Expires
Wed, 30 Aug 2017 15:36:15 GMT
top.css
cdn.iciba.com/www/top/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://cdn.iciba.com/www/top/top.css
Requested by
Host: www.iciba.com
URL: http://www.iciba.com/kidnapping
Protocol
HTTP/1.1
Server
150.138.216.175 Jinan, China, ASN58540 (CHINATELECOM-HUNAN-ZHUZHOU-MAN Zhuzhou, CN),
Reverse DNS
Software
marco/1.7 /
Resource Hash
1c08764451dbb511e73c8955f11e00a231c80d0a5e99fd1cfb48ea0fda2e3d51

Request headers

Referer
http://www.iciba.com/kidnapping
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date
Wed, 30 Aug 2017 16:13:11 GMT
Via
T.22141.R.1, V.mix-sd-dst-037, T.216172.R.1, M.ctn-sd-tna-173
Age
173
Transfer-Encoding
chunked
Connection
keep-alive
Content-Encoding
gzip
X-M-Reqid
URsAAIsn4YLvetQU
X-Request-Id
641d1ab2def1aa627bee50624c3f836d; c8a6744bd4114d3b5964827032b23999
X-M-Log
QNM:xs468;QNM2
Last-Modified
Thu, 12 Jan 2017 11:09:03 GMT
Server
marco/1.7
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=1800
X-Source
C/200
X-Qnm-Cache
Hit
Expires
Wed, 30 Aug 2017 16:02:09 GMT
top.js
cdn.iciba.com/www/top/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.iciba.com/www/top/top.js
Requested by
Host: www.iciba.com
URL: http://www.iciba.com/kidnapping
Protocol
HTTP/1.1
Server
150.138.216.175 Jinan, China, ASN58540 (CHINATELECOM-HUNAN-ZHUZHOU-MAN Zhuzhou, CN),
Reverse DNS
Software
marco/1.7 /
Resource Hash
8cdb40334fc992fb705840ddeb07449c05a3ab2ec0f5d44b2b510e3e70a92619

Request headers

Referer
http://www.iciba.com/kidnapping
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date
Wed, 30 Aug 2017 16:13:11 GMT
Via
T.22144.R.1, V.mix-sd-dst-037, T.216174.R.1, M.ctn-sd-tna-174
Age
1122
Transfer-Encoding
chunked
Connection
keep-alive
Content-Encoding
gzip
X-M-Reqid
FWwAAIXCLTHVedUU
X-Request-Id
d1e862821e5cfe789318dff67a17ec09; fdd0dbd97edc85c88f3bf18509a90b89
X-M-Log
QNM:xs449;QNM2
Last-Modified
Fri, 28 Jul 2017 11:04:12 GMT
Server
marco/1.7
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=1800
X-Source
C/200
X-Qnm-Cache
Hit
Expires
Wed, 30 Aug 2017 15:54:30 GMT
pc-pic.png
www.iciba.com/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.iciba.com/images/pc-pic.png?t=123123123123
Requested by
Host: www.iciba.com
URL: http://www.iciba.com/kidnapping
Protocol
HTTP/1.1
Server
120.92.59.211 Beijing, China, ASN59019 (BJKSCNET Beijing Kingsoft Cloud Internet Technology Co., Ltd, CN),
Reverse DNS
Software
/
Resource Hash
b73a3efbde5247e86a364a7af658e20439c9f89154368779c67c63cbc6645c2e

Request headers

Referer
http://www.iciba.com/kidnapping
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date
Wed, 30 Aug 2017 16:13:12 GMT
Last-Modified
Thu, 29 Jun 2017 08:24:58 GMT
ETag
"5954b95a-2972"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10610
Expires
Fri, 29 Sep 2017 16:13:08 GMT
os.js
dup.baidustatic.com/js/ 		114 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://dup.baidustatic.com/js/os.js
Requested by
Host: www.iciba.com
URL: http://www.iciba.com/kidnapping
Protocol
HTTP/1.1
Server
119.146.74.49 Guangzhou, China, ASN58543 (CHINATELECOM-GUANGDONG-IDC Guangdong, CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
7cf40fe9ca8e918ec504ce6ef77d85235892cf65b767df8baa55530e1ac07ab8

Request headers

Referer
http://www.iciba.com/kidnapping
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date
Wed, 30 Aug 2017 16:13:12 GMT
Content-Encoding
gzip
Ohc-Response-Time
1 0 0 0 0 0
Last-Modified
Tue, 29 Aug 2017 14:55:19 GMT
Server
JSP3/2.0.14
Age
746
ETag
"59a58057-7e97"
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
close
Accept-Ranges
bytes
Content-Length
32407
Expires
Wed, 30 Aug 2017 17:00:46 GMT
c.js
cpro.baidustatic.com/cpro/ui/ 		114 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cpro.baidustatic.com/cpro/ui/c.js
Requested by
Host: www.iciba.com
URL: http://www.iciba.com/kidnapping
Protocol
HTTP/1.1
Server
119.146.74.34 Guangzhou, China, ASN58543 (CHINATELECOM-GUANGDONG-IDC Guangdong, CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
7cf40fe9ca8e918ec504ce6ef77d85235892cf65b767df8baa55530e1ac07ab8

Request headers

Referer
http://www.iciba.com/kidnapping
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date
Wed, 30 Aug 2017 16:13:12 GMT
Content-Encoding
gzip
Ohc-Response-Time
1 0 0 0 0 0
Last-Modified
Tue, 29 Aug 2017 14:55:19 GMT
Server
JSP3/2.0.14
Age
1262
ETag
"59a58057-7e97"
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
close
Accept-Ranges
bytes
Content-Length
32407
Expires
Wed, 30 Aug 2017 16:52:10 GMT
ico_ft.gif
cdn.iciba.com/web/static/images/ 		393 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.iciba.com/web/static/images/ico_ft.gif
Requested by
Host: www.iciba.com
URL: http://www.iciba.com/kidnapping
Protocol
HTTP/1.1
Server
150.138.216.175 Jinan, China, ASN58540 (CHINATELECOM-HUNAN-ZHUZHOU-MAN Zhuzhou, CN),
Reverse DNS
Software
marco/1.7 /
Resource Hash
7720d65e93ac53c60915680e13256021eff0e6df115f281fc4646ec3a70f2273

Request headers

Referer
http://www.iciba.com/kidnapping
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date
Wed, 30 Aug 2017 16:13:11 GMT
Via
T.22135.R.1, V.mix-sd-dst-036, T.216171.R.1, M.ctn-sd-tna-170
Age
1081
X-Source
C/200
Connection
keep-alive
Content-Length
393
X-M-Reqid
XBEAAIPR1QTLeNQU, XBEAAIcjSbfKeNQU
X-Request-Id
b0b3936b4837ba44014f153608eafdfe; 3dc00ff4cd32540fe602bfcfca048611
X-M-Log
QNM:xs444;SRCPROXY:xs485;SRCPROXY:2445;QNM2:1432
Last-Modified
Fri, 20 Jul 2012 10:04:46 GMT
Server
marco/1.7
Content-Type
image/gif
Cache-Control
max-age=1800
Accept-Ranges
bytes
X-Qnm-Cache
Miss,Proxy,Cache
Expires
Wed, 30 Aug 2017 16:08:14 GMT
huaci.css
open.iciba.com/huaci_new/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://open.iciba.com/huaci_new/huaci.css
Requested by
Host: open.iciba.com
URL: http://open.iciba.com/huaci_new/huaci.js
Protocol
HTTP/1.1
Server
123.59.12.94 Beijing, China, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ac93c65cbd121403abec3e16b7b88ad4c5fc975ffb25e0f0bf36715d16fa43f3

Request headers

Referer
http://www.iciba.com/kidnapping
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date
Wed, 30 Aug 2017 16:13:11 GMT
Content-Encoding
gzip
Last-Modified
Fri, 09 Jun 2017 03:13:24 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=604800
Connection
keep-alive
Expires
Wed, 06 Sep 2017 16:13:11 GMT
dict.php
open.iciba.com/huaci_new/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://open.iciba.com/huaci_new/dict.php
Requested by
Host: open.iciba.com
URL: http://open.iciba.com/huaci_new/huaci.js
Protocol
HTTP/1.1
Server
123.59.12.94 Beijing, China, ASN (),
Reverse DNS
Software
nginx / PHP/5.5.24
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.iciba.com/kidnapping
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date
Wed, 30 Aug 2017 16:13:11 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
X-Powered-By
PHP/5.5.24
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
ICIBA_HUACI_COM.js
open.iciba.com/huaci_new/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://open.iciba.com/huaci_new/ICIBA_HUACI_COM.js
Requested by
Host: open.iciba.com
URL: http://open.iciba.com/huaci_new/huaci.js
Protocol
HTTP/1.1
Server
123.59.12.94 Beijing, China, ASN (),
Reverse DNS
Software
nginx /
Resource Hash
a3e142e006da47db93c377d6a6d3c50bf41456b87e7275f81d920dbe7a08f3f9

Request headers

Referer
http://www.iciba.com/kidnapping
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date
Wed, 30 Aug 2017 16:13:12 GMT
Content-Encoding
gzip
Last-Modified
Fri, 09 Jun 2017 03:13:24 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.tinyscrollbar.js
www.iciba.com/static/scripts/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.iciba.com/static/scripts/jquery.tinyscrollbar.js
Requested by
Host: open.iciba.com
URL: http://open.iciba.com/huaci_new/huaci.js
Protocol
HTTP/1.1
Server
120.92.59.211 Beijing, China, ASN59019 (BJKSCNET Beijing Kingsoft Cloud Internet Technology Co., Ltd, CN),
Reverse DNS
Software
/
Resource Hash
fc270948335cdb8ec1ee2b81e7d9cfeb2f04af1873610a25171d37026c32e433

Request headers

Referer
http://www.iciba.com/kidnapping
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date
Wed, 30 Aug 2017 16:13:12 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 May 2016 10:19:12 GMT
ETag
"5729cca0-32a9"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Fri, 29 Sep 2017 16:13:06 GMT
logo.png
cdn.iciba.com/www/top/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.iciba.com/www/top/logo.png
Requested by
Host: cdn.iciba.com
URL: http://cdn.iciba.com/www/top/top.js
Protocol
HTTP/1.1
Server
150.138.216.175 Jinan, China, ASN58540 (CHINATELECOM-HUNAN-ZHUZHOU-MAN Zhuzhou, CN),
Reverse DNS
Software
marco/1.7 /
Resource Hash
2db682c2b394a6ce6deb6db516474844fe9b2d27406bfbcc5c3634c8b8e54b80

Request headers

Referer
http://cdn.iciba.com/www/top/top.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date
Wed, 30 Aug 2017 16:13:12 GMT
Via
T.22141.H.1, V.mix-sd-dst-043, T.216171.R.1, M.ctn-sd-tna-170
Age
488
X-Source
C/200
Connection
keep-alive
Content-Length
1220
X-M-Reqid
TgMAAA235T8_xNYU
X-Request-Id
d4f767891fcb47bd95d0b8c53ac9ac48; 7286ce0d3d533870520a9225fd4f753d
X-M-Log
QNM:xs465;QNM2
Last-Modified
Tue, 28 Jun 2016 02:51:37 GMT
Server
marco/1.7
Content-Type
image/png
Cache-Control
max-age=1800
Accept-Ranges
bytes
X-Qnm-Cache
Hit
Expires
Wed, 30 Aug 2017 16:22:14 GMT
wxsp2-hover.png
cdn.iciba.com/www/top/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.iciba.com/www/top/wxsp2-hover.png
Requested by
Host: cdn.iciba.com
URL: http://cdn.iciba.com/www/top/top.js
Protocol
HTTP/1.1
Server
150.138.216.175 Jinan, China, ASN58540 (CHINATELECOM-HUNAN-ZHUZHOU-MAN Zhuzhou, CN),
Reverse DNS
Software
marco/1.7 /
Resource Hash
83cffac496bb7fcb47870af6c6c4f7d06ff7e7ecb07b42e74d19e889fcf29c8b

Request headers

Referer
http://cdn.iciba.com/www/top/top.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date
Wed, 30 Aug 2017 16:13:12 GMT
Via
T.22136.N.1, S.mix-sd-dst-036, V.mix-sd-dst-043, T.216173.R.1, M.ctn-sd-tna-172
Age
1695
X-Source
C/200
Connection
keep-alive
Content-Length
1287
X-M-Reqid
uhEAAOEz1BXPetQU
X-Request-Id
68aa25640ca93bed1cbcb95def7a965f; 0ae829bbad0d2fdc0e6a147be9189d82
X-M-Log
QNM:xs431;SRCPROXY:xs489;SRCPROXY:25;QNM2:26
Last-Modified
Tue, 10 Jan 2017 09:44:32 GMT
Server
marco/1.7
Content-Type
image/png
Cache-Control
max-age=1800
Accept-Ranges
bytes
X-Qnm-Cache
Miss,Proxy,Cache
Expires
Wed, 30 Aug 2017 15:49:32 GMT
wxsp2.png
cdn.iciba.com/www/top/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.iciba.com/www/top/wxsp2.png
Requested by
Host: cdn.iciba.com
URL: http://cdn.iciba.com/www/top/top.js
Protocol
HTTP/1.1
Server
150.138.216.175 Jinan, China, ASN58540 (CHINATELECOM-HUNAN-ZHUZHOU-MAN Zhuzhou, CN),
Reverse DNS
Software
marco/1.7 /
Resource Hash
fd165db3c3868ac6f23779692708c3bc69ffb0ee9b69b354413e671c0081a134

Request headers

Referer
http://cdn.iciba.com/www/top/top.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date
Wed, 30 Aug 2017 16:13:12 GMT
Via
T.22137.N.1, S.mix-sd-dst-038, V.mix-sd-dst-035, T.216172.R.1, M.ctn-sd-tna-174
Age
94
X-Source
C/200
Connection
keep-alive
Content-Length
1110
X-M-Reqid
URsAAD3r3eBKedQU
X-Request-Id
167ac75a21a0aebb60e56d98c6f1450f; da8c883859f7436cab4ae6c4ff102f18
X-M-Log
QNM:xs468;QNM2
Last-Modified
Tue, 10 Jan 2017 09:44:32 GMT
Server
marco/1.7
Content-Type
image/png
Cache-Control
max-age=1800
Accept-Ranges
bytes
X-Qnm-Cache
Hit
Expires
Wed, 30 Aug 2017 16:19:31 GMT
index.php
www.iciba.com/ 		253 B
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://www.iciba.com/index.php?c=navigationbar&m=index&callback=jQuery19009880110611267945_1504109591888&_=1504109591889
Requested by
Host: cdn.iciba.com
URL: http://cdn.iciba.com/www/js/jquery/1.9.1.min.js
Protocol
HTTP/1.1
Server
120.92.59.211 Beijing, China, ASN59019 (BJKSCNET Beijing Kingsoft Cloud Internet Technology Co., Ltd, CN),
Reverse DNS
Software
/ PHP/5.5.25
Resource Hash
b12c6f5e811093fbdb3ad67108d7d33c2b651d1d41f33ab115a990066aa4c120

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
http://www.iciba.com/kidnapping
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date
Wed, 30 Aug 2017 16:13:12 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/5.5.25
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
index.php
open.iciba.com/admin/ 		103 B
125 B 		Script
General
Check archive.org
Download Go to
Full URL
http://open.iciba.com/admin/index.php?callback=jQuery19009880110611267945_1504109591890&c=community&m=identity&uid=0&_=1504109591891
Requested by
Host: cdn.iciba.com
URL: http://cdn.iciba.com/www/js/jquery/1.9.1.min.js
Protocol
HTTP/1.1
Server
123.59.12.94 Beijing, China, ASN (),
Reverse DNS
Software
nginx / PHP/5.5.24
Resource Hash
c5161c206c32c12af71b1dc0233cfd4dd14608a77eba74774f238f331a69c690

Request headers

Referer
http://www.iciba.com/kidnapping
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date
Wed, 30 Aug 2017 16:13:12 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/5.5.24
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST
Content-Type
text/html
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
wxsp2-scan.png
cdn.iciba.com/www/top/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.iciba.com/www/top/wxsp2-scan.png
Requested by
Host: www.iciba.com
URL: http://www.iciba.com/kidnapping
Protocol
HTTP/1.1
Server
150.138.216.175 Jinan, China, ASN58540 (CHINATELECOM-HUNAN-ZHUZHOU-MAN Zhuzhou, CN),
Reverse DNS
Software
marco/1.7 /
Resource Hash
cf0aaf4e8ef9f351f7cc1c6ba137518104c4c8b71cda54fea70232f083cdf082

Request headers

Referer
http://www.iciba.com/kidnapping
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date
Wed, 30 Aug 2017 16:13:12 GMT
Via
T.22138.H.1, V.mix-sd-dst-038, T.216170.R.1, M.ctn-sd-tna-170
Age
782
X-Source
C/304
Connection
keep-alive
Content-Length
12847
X-M-Reqid
Qj0AAErRSX8Nzd0U
X-Request-Id
22165f93e73f6295faf45440e1ce714f; 4839cab8ee14e006d873ea56499a2c14
X-M-Log
QNM:tj25;QNM2/304
Last-Modified
Tue, 10 Jan 2017 09:44:32 GMT
Server
marco/1.7
Content-Type
image/png
Cache-Control
max-age=1800
Accept-Ranges
bytes
X-Qnm-Cache
Hit
Expires
Wed, 30 Aug 2017 16:19:09 GMT
head.png
www.iciba.com/static/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.iciba.com/static/images/head.png
Requested by
Host: www.iciba.com
URL: http://www.iciba.com/kidnapping
Protocol
HTTP/1.1
Server
120.92.59.211 Beijing, China, ASN59019 (BJKSCNET Beijing Kingsoft Cloud Internet Technology Co., Ltd, CN),
Reverse DNS
Software
/
Resource Hash
3f37dcdcb07611f41e5da5aa290ba264d889c84ffbc23117e862ed40b697d401

Request headers

Referer
http://www.iciba.com/kidnapping
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date
Wed, 30 Aug 2017 16:13:12 GMT
Last-Modified
Wed, 04 May 2016 10:19:11 GMT
ETag
"5729cc9f-605"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1541
Expires
Fri, 29 Sep 2017 16:13:07 GMT
ad_tag.png
cdn.iciba.com/www/img/www/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.iciba.com/www/img/www/ad_tag.png
Requested by
Host: www.iciba.com
URL: http://www.iciba.com/kidnapping
Protocol
HTTP/1.1
Server
150.138.216.175 Jinan, China, ASN58540 (CHINATELECOM-HUNAN-ZHUZHOU-MAN Zhuzhou, CN),
Reverse DNS
Software
marco/1.7 /
Resource Hash
666ac901458c26212c034904b11086889b9009971fc0a205da11b08a6786c33c

Request headers

Referer
http://www.iciba.com/css/search.css?t=1504082931962
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date
Wed, 30 Aug 2017 16:13:12 GMT
Via
T.22139.N.1, S.mix-sd-dst-039, V.mix-sd-dst-040, T.216173.R.1, M.ctn-sd-tna-173
Age
965
X-Source
C/200
Connection
keep-alive
Content-Length
1803
X-M-Reqid
8BoAANLfTd-0etQU
X-Request-Id
04f1b42be346bd8676a8952192cc6370; 637407038fc917823d8dbff88657d58d
X-M-Log
QNM:xs477;SRCPROXY:xs492;SRCPROXY:27;QNM2:28
Last-Modified
Thu, 08 Sep 2016 07:44:43 GMT
Server
marco/1.7
Content-Type
image/png
Cache-Control
max-age=1800
Accept-Ranges
bytes
X-Qnm-Cache
Miss,Proxy,Cache
Expires
Wed, 30 Aug 2017 16:16:03 GMT
kchm
pos.baidu.com/ 		1 KB
697 B 		Script
General
Check archive.org
Download Go to
Full URL
http://pos.baidu.com/kchm?di=2697813&dri=0&dis=0&dai=0&ps=60x312&dcb=___adblockplus&dtm=SSP_JSONP&dvi=0.0&dci=-1&dpt=none&tsr=0&tpr=1504109592947&ti=kidnapping%E6%98%AF%E4%BB%80%E4%B9%88%E6%84%8F%E6%80%9D_kidnapping%E7%9A%84%E7%BF%BB%E8%AF%91_%E9%9F%B3%E6%A0%87_%E8%AF%BB%E9%9F%B3_%E7%94%A8%E6%B3%95_%E4%BE%8B%E5%8F%A5_%E7%88%B1%E8%AF%8D%E9%9C%B8%E5%9C%A8%E7%BA%BF%E8%AF%8D%E5%85%B8&ari=2&dbv=2&drs=1&pcs=1585x1200&pss=1585x151&cfv=0&cpl=0&chi=2&cce=true&cec=UTF-8&tlm=1504109592&rw=1200&ltu=http%3A%2F%2Fwww.iciba.com%2Fkidnapping&ecd=1&uc=1600x1200&pis=-1x-1&sr=1600x1200&tcn=1504109593
Requested by
Host: dup.baidustatic.com
URL: http://dup.baidustatic.com/js/os.js
Protocol
HTTP/1.1
Server
115.239.210.141 Hangzhou, China, ASN58461 (CT-HANGZHOU-IDC No.288,Fu-chun Road, CN),
Reverse DNS
Software
nginx /
Resource Hash
16134c3f634e0be05119db24c10e0be3fc82659ca04caab678aca3bf0c3c01a8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://www.iciba.com/kidnapping
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 30 Aug 2017 16:13:13 GMT
Content-Encoding
gzip
Last-Modified
Thu Aug 31 00:13:13 2017
Server
nginx
P3p
CP=" OTI DSP COR IVA OUR IND COM ", CP=" OTI DSP COR IVA OUR IND COM "
Cache-Control
post-check=0, pre-check=0
Connection
keep-alive
Content-Type
application/javascript;charset=UTF-8
Content-Length
697
X-Xss-Protection
0
Expires
Mon, 26 Jul 1997 05:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		62 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: dup.baidustatic.com
URL: http://dup.baidustatic.com/js/os.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:818::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
cafe /
Resource Hash
727f3c99220955f38df824992169a0d725db37b3c6e7000ed88a6e9ff0282e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.iciba.com/kidnapping
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date
Wed, 30 Aug 2017 15:41:57 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
Age
1876
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
ETag
8615970380926213268
Content-Type
text/javascript; charset=UTF-8
Cache-Control
public, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
23088
X-XSS-Protection
1; mode=block
Expires
Wed, 30 Aug 2017 16:41:57 GMT
search.png
www.iciba.com/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.iciba.com/images/search.png?t=1504082940532
Requested by
Host: www.iciba.com
URL: http://www.iciba.com/kidnapping
Protocol
HTTP/1.1
Server
120.92.59.211 Beijing, China, ASN59019 (BJKSCNET Beijing Kingsoft Cloud Internet Technology Co., Ltd, CN),
Reverse DNS
Software
/
Resource Hash
8d1a64f34c90b6eeed4189e66fd2c58ca62f28ea805f057417a1b6d0068155c8

Request headers

Referer
http://www.iciba.com/css/search.css?t=1504082931962
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date
Wed, 30 Aug 2017 16:13:13 GMT
Last-Modified
Fri, 28 Jul 2017 10:56:07 GMT
ETag
"597b1847-1c9a"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7322
Expires
Fri, 29 Sep 2017 16:13:08 GMT
kchm
pos.baidu.com/ 		1 KB
933 B 		Script
General
Check archive.org
Download Go to
Full URL
http://pos.baidu.com/kchm?di=2613320&dri=0&dis=0&dai=0&ps=0x0&dcb=___adblockplus&dtm=SSP_JSONP&dvi=0.0&dci=-1&dpt=none&tsr=0&tpr=1504109592947&ti=kidnapping%E6%98%AF%E4%BB%80%E4%B9%88%E6%84%8F%E6%80%9D_kidnapping%E7%9A%84%E7%BF%BB%E8%AF%91_%E9%9F%B3%E6%A0%87_%E8%AF%BB%E9%9F%B3_%E7%94%A8%E6%B3%95_%E4%BE%8B%E5%8F%A5_%E7%88%B1%E8%AF%8D%E9%9C%B8%E5%9C%A8%E7%BA%BF%E8%AF%8D%E5%85%B8&ari=2&dbv=2&drs=1&pcs=1585x1200&pss=1585x1527&cfv=0&cpl=0&chi=2&cce=true&cec=UTF-8&tlm=1504109593&rw=1200&ltu=http%3A%2F%2Fwww.iciba.com%2Fkidnapping&ecd=1&uc=1600x1200&pis=-1x-1&sr=1600x1200&tcn=1504109594
Requested by
Host: dup.baidustatic.com
URL: http://dup.baidustatic.com/js/os.js
Protocol
HTTP/1.1
Server
115.239.210.141 Hangzhou, China, ASN58461 (CT-HANGZHOU-IDC No.288,Fu-chun Road, CN),
Reverse DNS
Software
nginx /
Resource Hash
1aaa89f14d05b4b4385d11d4d7695236eabee606a9648524e265b4513ab8cbe5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://www.iciba.com/kidnapping
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 30 Aug 2017 16:13:13 GMT
Content-Encoding
gzip
Last-Modified
Thu Aug 31 00:13:13 2017
Server
nginx
P3p
CP=" OTI DSP COR IVA OUR IND COM "
Cache-Control
post-check=0, pre-check=0
Connection
keep-alive
Content-Type
application/javascript;charset=UTF-8
Content-Length
933
X-Xss-Protection
0
Expires
Mon, 26 Jul 1997 05:00:00 GMT
ca-pub-5208124588633775.js
pagead2.googlesyndication.com/pub-config/r20160913/ 		359 B
207 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-5208124588633775.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:818::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
sffe /
Resource Hash
1593a9ef72a3b9e91fe9232653fbfa570c83b40e4712cc8a00c898622368879a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.iciba.com/kidnapping
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

date
Wed, 30 Aug 2017 15:04:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 29 Aug 2017 20:24:00 GMT
server
sffe
age
4123
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=43200
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="39,38,37,35",quic=":443"; ma=2592000; v="39,38,37,35"
content-length
198
x-xss-protection
1; mode=block
expires
Thu, 31 Aug 2017 03:04:30 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20170828/r20170110/ Frame 3175 		0
0
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20170828/r20170110/ Frame 3175 		189 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/r20170828/r20170110/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:818::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
cafe /
Resource Hash
28c9baaadc929eb9df22b419c3c15f746f0b6c7876635ff3411efd36d73b0095
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.iciba.com/kidnapping
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date
Wed, 30 Aug 2017 16:13:13 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
ETag
2515649387406978413
Content-Type
text/javascript; charset=UTF-8
Cache-Control
private, max-age=1209600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
70882
X-XSS-Protection
1; mode=block
Expires
Wed, 30 Aug 2017 16:13:13 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 3175 		0
0
osd.js
pagead2.googlesyndication.com/pagead/js/r20170828/r20170110/ Frame 3175 		83 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20170828/r20170110/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/r20170828/r20170110/show_ads_impl.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:818::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
cafe /
Resource Hash
52e9b88d0f6f86ba2ddc0e0e483204808446c97a6e705186a20b1602f46a83b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.iciba.com/kidnapping
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

date
Tue, 29 Aug 2017 01:29:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
139432
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="39,38,37,35",quic=":443"; ma=2592000; v="39,38,37,35"
content-length
31253
x-xss-protection
1; mode=block
server
cafe
etag
15575069107522479346
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Sep 2017 01:29:21 GMT
kchm
pos.baidu.com/ 		1 KB
943 B 		Script
General
Check archive.org
Download Go to
Full URL
http://pos.baidu.com/kchm?di=2590892&dri=0&dis=0&dai=0&ps=0x0&dcb=___adblockplus&dtm=SSP_JSONP&dvi=0.0&dci=-1&dpt=none&tsr=0&tpr=1504109592947&ti=kidnapping%E6%98%AF%E4%BB%80%E4%B9%88%E6%84%8F%E6%80%9D_kidnapping%E7%9A%84%E7%BF%BB%E8%AF%91_%E9%9F%B3%E6%A0%87_%E8%AF%BB%E9%9F%B3_%E7%94%A8%E6%B3%95_%E4%BE%8B%E5%8F%A5_%E7%88%B1%E8%AF%8D%E9%9C%B8%E5%9C%A8%E7%BA%BF%E8%AF%8D%E5%85%B8&ari=2&dbv=2&drs=1&pcs=1585x1200&pss=1585x1527&cfv=0&cpl=0&chi=2&cce=true&cec=UTF-8&tlm=1504109593&rw=1200&ltu=http%3A%2F%2Fwww.iciba.com%2Fkidnapping&ecd=1&uc=1600x1200&pis=-1x-1&sr=1600x1200&tcn=1504109594
Requested by
Host: dup.baidustatic.com
URL: http://dup.baidustatic.com/js/os.js
Protocol
HTTP/1.1
Server
115.239.210.141 Hangzhou, China, ASN58461 (CT-HANGZHOU-IDC No.288,Fu-chun Road, CN),
Reverse DNS
Software
nginx /
Resource Hash
d67691c044dc02d190d4a7aa973b084ea0cd65eaf7ebe4511c3174ddd9ff29a4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://www.iciba.com/kidnapping
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 30 Aug 2017 16:13:13 GMT
Content-Encoding
gzip
Last-Modified
Thu Aug 31 00:13:13 2017
Server
nginx
P3p
CP=" OTI DSP COR IVA OUR IND COM "
Cache-Control
post-check=0, pre-check=0
Connection
keep-alive
Content-Type
application/javascript;charset=UTF-8
Content-Length
943
X-Xss-Protection
0
Expires
Mon, 26 Jul 1997 05:00:00 GMT
hot.png
cdn.iciba.com/www/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.iciba.com/www/img/hot.png
Requested by
Host: www.iciba.com
URL: http://www.iciba.com/kidnapping
Protocol
HTTP/1.1
Server
150.138.216.175 Jinan, China, ASN58540 (CHINATELECOM-HUNAN-ZHUZHOU-MAN Zhuzhou, CN),
Reverse DNS
Software
marco/1.7 /
Resource Hash
6d8a986e90d8d2d450dbc02b78a80b91d6cbe0ab8c3b7893c7449bc3fde344e0

Request headers

Referer
http://www.iciba.com/kidnapping
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date
Wed, 30 Aug 2017 16:13:14 GMT
Via
T.22138.N.1, S.mix-sd-dst-040, V.mix-sd-dst-040, T.216172.R.1, M.ctn-sd-tna-170
Age
1570
X-Source
C/200
Connection
keep-alive
Content-Length
1255
X-M-Reqid
fhMAAFEOP7ireNQU, fhMAANWACpGreNQU
X-Request-Id
c60baeb0bf513ce5a7079f3dbc4a8326; bc0378c8cb324587d084ca8fc16a1449
X-M-Log
QNM:xs433;SRCPROXY:xs491;SRCPROXY:2036;QNM2:1382
Last-Modified
Fri, 29 Jul 2016 06:48:30 GMT
Server
marco/1.7
Content-Type
image/png
Cache-Control
max-age=1800
Accept-Ranges
bytes
X-Qnm-Cache
Miss,Proxy,Cache
Expires
Wed, 30 Aug 2017 15:52:15 GMT
kchm
pos.baidu.com/ 		1 KB
746 B 		Script
General
Check archive.org
Download Go to
Full URL
http://pos.baidu.com/kchm?di=u2673745&dri=0&dis=0&dai=1&ps=0x0&coa=at%3D3%26rsi0%3D640%26rsi1%3D200%26pat%3D6%26tn%3DbaiduCustNativeAD%26rss1%3D%2523FFFFFF%26conBW%3D0%26adp%3D1%26ptt%3D0%26titFF%3D%2525E5%2525BE%2525AE%2525E8%2525BD%2525AF%2525E9%25259B%252585%2525E9%2525BB%252591%26titFS%3D14%26rss2%3D%2523000000%26titSU%3D0%26ptbg%3D90%26piw%3D0%26pih%3D0%26ptp%3D0&dcb=___adblockplus&dtm=SSP_JSONP&dvi=0.0&dci=-1&dpt=none&tsr=0&tpr=1504109592947&ti=kidnapping%E6%98%AF%E4%BB%80%E4%B9%88%E6%84%8F%E6%80%9D_kidnapping%E7%9A%84%E7%BF%BB%E8%AF%91_%E9%9F%B3%E6%A0%87_%E8%AF%BB%E9%9F%B3_%E7%94%A8%E6%B3%95_%E4%BE%8B%E5%8F%A5_%E7%88%B1%E8%AF%8D%E9%9C%B8%E5%9C%A8%E7%BA%BF%E8%AF%8D%E5%85%B8&ari=2&dbv=2&drs=1&pcs=1585x1200&pss=1585x1527&cfv=0&cpl=0&chi=2&cce=true&cec=UTF-8&tlm=1504109594&rw=1200&ltu=http%3A%2F%2Fwww.iciba.com%2Fkidnapping&ecd=1&uc=1600x1200&pis=-1x-1&sr=1600x1200&tcn=1504109594&sz=640x200
Requested by
Host: dup.baidustatic.com
URL: http://dup.baidustatic.com/js/os.js
Protocol
HTTP/1.1
Server
115.239.210.141 Hangzhou, China, ASN58461 (CT-HANGZHOU-IDC No.288,Fu-chun Road, CN),
Reverse DNS
Software
nginx /
Resource Hash
e9971577074bc17718c411d18595c25d3cd26c218ef727b278b56d40de785690
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://www.iciba.com/kidnapping
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Aug 2017 16:13:14 GMT
Content-Encoding
gzip
Last-Modified
Thu Aug 31 00:13:14 2017
Server
nginx
P3p
CP=" OTI DSP COR IVA OUR IND COM "
Cache-Control
post-check=0, pre-check=0
Connection
keep-alive
Content-Type
application/javascript;charset=UTF-8
Content-Length
746
X-Xss-Protection
0
Expires
Mon, 26 Jul 1997 05:00:00 GMT
kchm
pos.baidu.com/ 		1 KB
686 B 		Script
General
Check archive.org
Download Go to
Full URL
http://pos.baidu.com/kchm?di=3248620&dri=0&dis=0&dai=0&ps=297x992&dcb=___adblockplus&dtm=SSP_JSONP&dvi=0.0&dci=-1&dpt=none&tsr=0&tpr=1504109592947&ti=kidnapping%E6%98%AF%E4%BB%80%E4%B9%88%E6%84%8F%E6%80%9D_kidnapping%E7%9A%84%E7%BF%BB%E8%AF%91_%E9%9F%B3%E6%A0%87_%E8%AF%BB%E9%9F%B3_%E7%94%A8%E6%B3%95_%E4%BE%8B%E5%8F%A5_%E7%88%B1%E8%AF%8D%E9%9C%B8%E5%9C%A8%E7%BA%BF%E8%AF%8D%E5%85%B8&ari=2&dbv=2&drs=1&pcs=1585x1200&pss=1585x1527&cfv=0&cpl=0&chi=2&cce=true&cec=UTF-8&tlm=1504109594&rw=1200&ltu=http%3A%2F%2Fwww.iciba.com%2Fkidnapping&ecd=1&uc=1600x1200&pis=-1x-1&sr=1600x1200&tcn=1504109594
Requested by
Host: dup.baidustatic.com
URL: http://dup.baidustatic.com/js/os.js
Protocol
HTTP/1.1
Server
115.239.210.141 Hangzhou, China, ASN58461 (CT-HANGZHOU-IDC No.288,Fu-chun Road, CN),
Reverse DNS
Software
nginx /
Resource Hash
5e92681ef15c3a33ad62cac937e8eeb35642688ce7321151ba2a24982eb18f64
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://www.iciba.com/kidnapping
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 30 Aug 2017 16:13:14 GMT
Content-Encoding
gzip
Last-Modified
Thu Aug 31 00:13:14 2017
Server
nginx
P3p
CP=" OTI DSP COR IVA OUR IND COM "
Cache-Control
post-check=0, pre-check=0
Connection
keep-alive
Content-Type
application/javascript;charset=UTF-8
Content-Length
686
X-Xss-Protection
0
Expires
Mon, 26 Jul 1997 05:00:00 GMT
kchm
pos.baidu.com/ Frame 3175 		0
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		62 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: dup.baidustatic.com
URL: http://dup.baidustatic.com/js/os.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:818::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
cafe /
Resource Hash
727f3c99220955f38df824992169a0d725db37b3c6e7000ed88a6e9ff0282e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.iciba.com/kidnapping
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date
Wed, 30 Aug 2017 15:41:57 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
Age
1877
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
ETag
8615970380926213268
Content-Type
text/javascript; charset=UTF-8
Cache-Control
public, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
23088
X-XSS-Protection
1; mode=block
Expires
Wed, 30 Aug 2017 16:41:57 GMT
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20170828/r20170110/ Frame 3175 		189 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/r20170828/r20170110/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:818::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
cafe /
Resource Hash
28c9baaadc929eb9df22b419c3c15f746f0b6c7876635ff3411efd36d73b0095
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Response headers

Timing-Allow-Origin
*
Date
Wed, 30 Aug 2017 16:13:13 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
2515649387406978413
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=1209600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
70882
X-XSS-Protection
1; mode=block
Expires
Wed, 30 Aug 2017 16:13:13 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 3175 		0
0
kchm
pos.baidu.com/ 		1 KB
688 B 		Script
General
Check archive.org
Download Go to
Full URL
http://pos.baidu.com/kchm?di=3731389&dri=0&dis=0&dai=0&ps=559x992&dcb=___adblockplus&dtm=SSP_JSONP&dvi=0.0&dci=-1&dpt=none&tsr=0&tpr=1504109592947&ti=kidnapping%E6%98%AF%E4%BB%80%E4%B9%88%E6%84%8F%E6%80%9D_kidnapping%E7%9A%84%E7%BF%BB%E8%AF%91_%E9%9F%B3%E6%A0%87_%E8%AF%BB%E9%9F%B3_%E7%94%A8%E6%B3%95_%E4%BE%8B%E5%8F%A5_%E7%88%B1%E8%AF%8D%E9%9C%B8%E5%9C%A8%E7%BA%BF%E8%AF%8D%E5%85%B8&ari=2&dbv=2&drs=1&pcs=1585x1200&pss=1585x1527&cfv=0&cpl=0&chi=2&cce=true&cec=UTF-8&tlm=1504109594&rw=1200&ltu=http%3A%2F%2Fwww.iciba.com%2Fkidnapping&ecd=1&uc=1600x1200&pis=-1x-1&sr=1600x1200&tcn=1504109594
Requested by
Host: dup.baidustatic.com
URL: http://dup.baidustatic.com/js/os.js
Protocol
HTTP/1.1
Server
115.239.210.141 Hangzhou, China, ASN58461 (CT-HANGZHOU-IDC No.288,Fu-chun Road, CN),
Reverse DNS
Software
nginx /
Resource Hash
c3543dab09878ba0e47259ad573df6d323f8e9c41bad7c301da11cee46c85e5f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://www.iciba.com/kidnapping
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 30 Aug 2017 16:13:14 GMT
Content-Encoding
gzip
Last-Modified
Thu Aug 31 00:13:14 2017
Server
nginx
P3p
CP=" OTI DSP COR IVA OUR IND COM "
Cache-Control
post-check=0, pre-check=0
Connection
keep-alive
Content-Type
application/javascript;charset=UTF-8
Content-Length
688
X-Xss-Protection
0
Expires
Mon, 26 Jul 1997 05:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		62 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: dup.baidustatic.com
URL: http://dup.baidustatic.com/js/os.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:818::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
cafe /
Resource Hash
727f3c99220955f38df824992169a0d725db37b3c6e7000ed88a6e9ff0282e51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.iciba.com/kidnapping
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date
Wed, 30 Aug 2017 15:41:57 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
Age
1877
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
ETag
8615970380926213268
Content-Type
text/javascript; charset=UTF-8
Cache-Control
public, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Timing-Allow-Origin
*
Content-Length
23088
X-XSS-Protection
1; mode=block
Expires
Wed, 30 Aug 2017 16:41:57 GMT
show_ads_impl.js
pagead2.googlesyndication.com/pagead/js/r20170828/r20170110/ Frame 3175 		189 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/r20170828/r20170110/show_ads_impl.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:818::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
cafe /
Resource Hash
28c9baaadc929eb9df22b419c3c15f746f0b6c7876635ff3411efd36d73b0095
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Response headers

Timing-Allow-Origin
*
Date
Wed, 30 Aug 2017 16:13:13 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
2515649387406978413
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=1209600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
70882
X-XSS-Protection
1; mode=block
Expires
Wed, 30 Aug 2017 16:13:13 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 3175 		0
0
index.php
activity.iciba.com/ 		69 B
100 B 		Script
General
Check archive.org
Download Go to
Full URL
http://activity.iciba.com/index.php?c=pc_prize&m=isActive&callback=jQuery19009880110611267945_1504109591888&_=1504109591892
Requested by
Host: cdn.iciba.com
URL: http://cdn.iciba.com/www/js/jquery/1.9.1.min.js
Protocol
HTTP/1.1
Server
120.92.220.178 Beijing, China, ASN59019 (BJKSCNET Beijing Kingsoft Cloud Internet Technology Co., Ltd, CN),
Reverse DNS
Software
nginx / PHP/5.5.38
Resource Hash
4db78b3df582446b9db0a21e7f4847aa8674fa5d009cce332c7c3c7b55863008

Request headers

Referer
http://www.iciba.com/kidnapping
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date
Wed, 30 Aug 2017 16:13:15 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
X-Powered-By
PHP/5.5.38
Transfer-Encoding
chunked
Content-Type
text/html
z_stat.php
s11.cnzz.com/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://s11.cnzz.com/z_stat.php?id=1256556802&web_id=1256556802&t=1504109594576
Requested by
Host: www.iciba.com
URL: http://www.iciba.com/js/search.js
Protocol
HTTP/1.1
Server
122.228.95.178 Wenzhou, China, ASN134771 (CHINANET-SICHUAN-CHENGDU-MAN CHINANET Sichuan province Chengdu MAN network, CN),
Reverse DNS
Software
Tengine /
Resource Hash
28137be0e38b0c6c94366b251159df18f805f18370da8ce9a919e293c311694a

Request headers

Referer
http://www.iciba.com/kidnapping
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date
Wed, 30 Aug 2017 16:13:15 GMT
Via
cache11.l2et15[8,200-0,M], cache18.l2et15[9,0], kunlun7.cn250[20,200-0,M], kunlun1.cn250[21,0]
Last-Modified
Wed, 30 Aug 2017 16:13:15 GMT
Server
Tengine
X-Swift-CacheTime
5400
Transfer-Encoding
chunked
X-Cache
MISS TCP_MISS dirn:-2:-2
Content-Type
application/javascript
Cache-Control
max-age=5400,s-maxage=5400
Connection
keep-alive
Timing-Allow-Origin
*
EagleId
7ae44a8a15041095954533990e
X-Swift-SaveTime
Wed, 30 Aug 2017 16:13:15 GMT
index.php
dict-mobile.iciba.com/interface/ 		800 B
286 B 		Script
General
Check archive.org
Download Go to
Full URL
http://dict-mobile.iciba.com/interface/index.php?callback=jQuery19009880110611267945_1504109591890&c=hotword&m=getword&client=4&type=1&timestamp=1449818906&uuid=45E0C158-F794-4F5C-90BB-69FA54F9CD53&v=8.2.4&sv=iPhoneOS7.1.1&sign=7094eb96b203669e&uid=&wtype=1&size=10&lang=1&_=1504109591893
Requested by
Host: cdn.iciba.com
URL: http://cdn.iciba.com/www/js/jquery/1.9.1.min.js
Protocol
HTTP/1.1
Server
120.92.3.58 Beijing, China, ASN59019 (BJKSCNET Beijing Kingsoft Cloud Internet Technology Co., Ltd, CN),
Reverse DNS
Software
/ PHP/5.5.25
Resource Hash
780da0531925a33dfdb83f5d96c54f700e5f288e1a86515889add52b1e246bb8

Request headers

Referer
http://www.iciba.com/kidnapping
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date
Wed, 30 Aug 2017 16:13:15 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/5.5.25
Vary
Accept-Encoding
Content-Type
text/html
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3175 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://pagead2.googlesyndication.com/pagead/gen_204?id=resize&scrl=0&adk=636811660&adf=3640993726&fmt=300x250&str=false&ad_y=559&vph=1200&r_nh=0&qid=CP6N2fCs_9UCFSQw0wodLGoAOA&w=300&h=250&err=1&url=http%3A%2F%2Fwww.iciba.com%2Fkidnapping
Requested by
Host: www.iciba.com
URL: http://www.iciba.com/kidnapping
Protocol
HTTP/1.1
Server
2a00:1450:4001:818::2002 , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.iciba.com/kidnapping
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 30 Aug 2017 16:13:14 GMT
X-Content-Type-Options
nosniff
Server
cafe
Timing-Allow-Origin
*
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, must-revalidate
Content-Type
text/html; charset=UTF-8
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Fri, 01 Jan 1990 00:00:00 GMT
stat.htm
z13.cnzz.com/ 		2 B
33 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://z13.cnzz.com/stat.htm?id=1256556802&r=&lg=en-us&ntime=none&cnzz_eid=1882419376-1504109595-&showp=1600x1200&t=kidnapping%E6%98%AF%E4%BB%80%E4%B9%88%E6%84%8F%E6%80%9D_kidnapping%E7%9A%84%E7%BF%BB%E8%AF%91_%E9%9F%B3%E6%A0%87_%E8%AF%BB%E9%9F%B3_%E7%94%A8%E6%B3%95_%E4%BE%8B...&umuuid=15e33eb0bd1703-0ce9a33d933492-3965117a-1d4c00-15e33eb0bd21061&h=1&rnd=131438556
Requested by
Host: www.iciba.com
URL: http://www.iciba.com/kidnapping
Protocol
HTTP/1.1
Server
140.205.60.79 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.iciba.com/kidnapping
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.101 Safari/537.36

Response headers

Date
Wed, 30 Aug 2017 16:13:16 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
Tengine
Connection
close
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
o.htm
pos.baidu.com/wh/ Frame 3175 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/html/r20170828/r20170110/zrt_lookup.html
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5208124588633775&format=960x50&output=html&h=50&slotname=3231000645&adk=3746465131&adf=2548115941&w=960&lmt=1504109593&ea=0&flash=0&url=http%3A%2F%2Fwww.iciba.com%2Fkidnapping&wgl=1&dt=1504109593577&bpp=7&bdt=5481&fdt=8&idt=105&shv=r20170828&cbv=r20170110&saldr=aa&correlator=4027100165558&frm=20&ga_vid=781827475.1504109594&ga_sid=1504109594&ga_hid=1788240769&ga_fc=0&pv=2&iag=3&icsg=2&nhd=1&dssz=2&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=118&biw=1585&bih=1200&abxe=1&eid=575144605%2C21060715&oid=3&rx=0&eae=2&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=1&dtd=124
Domain
pos.baidu.com
URL
http://pos.baidu.com/kchm?sz=640x200&rdid=2673745&dc=3&di=u2673745&dri=0&dis=0&dai=1&ps=0x0&coa=at%3D3%26rsi0%3D640%26rsi1%3D200%26pat%3D6%26tn%3DbaiduCustNativeAD%26rss1%3D%2523FFFFFF%26conBW%3D0%26adp%3D1%26ptt%3D0%26titFF%3D%2525E5%2525BE%2525AE%2525E8%2525BD%2525AF%2525E9%25259B%252585%2525E9%2525BB%252591%26titFS%3D14%26rss2%3D%2523000000%26titSU%3D0%26ptbg%3D90%26piw%3D0%26pih%3D0%26ptp%3D0&dcb=___adblockplus&dtm=HTML_POST&dvi=0.0&dci=-1&dpt=none&tsr=0&tpr=1504109592947&ti=kidnapping%E6%98%AF%E4%BB%80%E4%B9%88%E6%84%8F%E6%80%9D_kidnapping%E7%9A%84%E7%BF%BB%E8%AF%91_%E9%9F%B3%E6%A0%87_%E8%AF%BB%E9%9F%B3_%E7%94%A8%E6%B3%95_%E4%BE%8B%E5%8F%A5_%E7%88%B1%E8%AF%8D%E9%9C%B8%E5%9C%A8%E7%BA%BF%E8%AF%8D%E5%85%B8&ari=2&dbv=2&drs=1&pcs=1585x1200&pss=1585x1527&cfv=0&cpl=0&chi=2&cce=true&cec=UTF-8&tlm=1504109594&rw=1200&ltu=http%3A%2F%2Fwww.iciba.com%2Fkidnapping&ecd=1&uc=1600x1200&pis=-1x-1&sr=1600x1200&tcn=1504109594&qn=47c5991d09d4c9f9&tt=1504109592936.1090.1301.1302
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5208124588633775&format=300x250&output=html&h=250&slotname=1561501844&adk=3627929119&adf=336141353&w=300&lmt=1504109594&avail_w=300&ea=0&flash=0&url=http%3A%2F%2Fwww.iciba.com%2Fkidnapping&wgl=1&dt=1504109594243&bpp=12&bdt=6148&fdt=13&idt=42&shv=r20170828&cbv=r20170110&saldr=aa&prev_fmts=960x50&correlator=4027100165558&frm=20&ga_vid=781827475.1504109594&ga_sid=1504109594&ga_hid=1788240769&ga_fc=0&pv=1&iag=3&icsg=2&nhd=1&dssz=2&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=993&ady=297&biw=1585&bih=1200&abxe=1&eid=575144605%2C21060715&oid=3&rx=0&eae=2&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=2&dtd=56
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5208124588633775&format=300x250&output=html&h=250&slotname=1561501844&adk=636811660&adf=3640993726&w=300&lmt=1504109594&avail_w=300&ea=0&flash=0&url=http%3A%2F%2Fwww.iciba.com%2Fkidnapping&wgl=1&dt=1504109594527&bpp=4&bdt=6431&fdt=4&idt=6&shv=r20170828&cbv=r20170110&saldr=aa&prev_fmts=960x50%2C300x250&correlator=4027100165558&frm=20&ga_vid=781827475.1504109594&ga_sid=1504109594&ga_hid=1788240769&ga_fc=0&pv=1&iag=3&icsg=2&nhd=1&dssz=2&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=993&ady=559&biw=1585&bih=1200&abxe=1&eid=575144605%2C21060715&oid=3&rx=0&eae=2&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=1&ifi=3&dtd=10
Domain
pos.baidu.com
URL
https://pos.baidu.com/wh/o.htm?ltr=

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUnZ6E1t2TYaIiO3a6GijLi02VFt0IXGb7O4ffywhHlCcovr3ErmLmvenDFz
.baidu.com/ Name: BAIDUID
Value: FD2D9B25451C139415689C23EACD84FD:FG=1
www.iciba.com/ Name: CNZZDATA1256556802
Value: 1882419376-1504109595-%7C1504109595
.iciba.com/ Name: UM_distinctid
Value: 15e33eb0bd1703-0ce9a33d933492-3965117a-1d4c00-15e33eb0bd21061

1 Console Messages

Source Level URL
Text
console-api log URL: http://cdn.iciba.com/www/img/activity/common/active-11-11.js(Line 1)
Message:
双十一广告已下线

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

activity.iciba.com
cdn.iciba.com
cpro.baidustatic.com
dict-mobile.iciba.com
dup.baidustatic.com
googleads.g.doubleclick.net
open.iciba.com
pagead2.googlesyndication.com
pos.baidu.com
s11.cnzz.com
www.iciba.com
z13.cnzz.com
googleads.g.doubleclick.net
pos.baidu.com
115.239.210.141
119.146.74.34
119.146.74.49
120.92.220.178
120.92.3.58
120.92.59.211
122.228.95.178
123.59.12.94
140.205.60.79
150.138.216.175
2a00:1450:4001:818::2002
1593a9ef72a3b9e91fe9232653fbfa570c83b40e4712cc8a00c898622368879a
16134c3f634e0be05119db24c10e0be3fc82659ca04caab678aca3bf0c3c01a8
1aaa89f14d05b4b4385d11d4d7695236eabee606a9648524e265b4513ab8cbe5
1c08764451dbb511e73c8955f11e00a231c80d0a5e99fd1cfb48ea0fda2e3d51
1e9e018fc4603861a20ef7fb0b5148f2d3d92c29a88bdf90c7255c3eca1450ea
28137be0e38b0c6c94366b251159df18f805f18370da8ce9a919e293c311694a
28c9baaadc929eb9df22b419c3c15f746f0b6c7876635ff3411efd36d73b0095
2db682c2b394a6ce6deb6db516474844fe9b2d27406bfbcc5c3634c8b8e54b80
38d84600516da337287d4bed0842ecc3bd0246c20dc3faed48c79d977ee0ed7c
38dad5bc92cc7e36dff786789efb59992abc540bd507ab10797f4b0b8dd104d6
3f37dcdcb07611f41e5da5aa290ba264d889c84ffbc23117e862ed40b697d401
44f102914437f183e376405c1a190c1877e10a1a26e380bab8149616c2b02ca4
4db78b3df582446b9db0a21e7f4847aa8674fa5d009cce332c7c3c7b55863008
52e9b88d0f6f86ba2ddc0e0e483204808446c97a6e705186a20b1602f46a83b7
5e92681ef15c3a33ad62cac937e8eeb35642688ce7321151ba2a24982eb18f64
666ac901458c26212c034904b11086889b9009971fc0a205da11b08a6786c33c
69d3819029d630efe1778f790ad5230ba0023ebc4cb81cbf41182f37bcab5155
6d8a986e90d8d2d450dbc02b78a80b91d6cbe0ab8c3b7893c7449bc3fde344e0
70868aa777e1dbed40291aff9167380d7a356d659d22c6f0846495037cf862f4
727f3c99220955f38df824992169a0d725db37b3c6e7000ed88a6e9ff0282e51
7720d65e93ac53c60915680e13256021eff0e6df115f281fc4646ec3a70f2273
780da0531925a33dfdb83f5d96c54f700e5f288e1a86515889add52b1e246bb8
7cf40fe9ca8e918ec504ce6ef77d85235892cf65b767df8baa55530e1ac07ab8
83cffac496bb7fcb47870af6c6c4f7d06ff7e7ecb07b42e74d19e889fcf29c8b
8cdb40334fc992fb705840ddeb07449c05a3ab2ec0f5d44b2b510e3e70a92619
8d1a64f34c90b6eeed4189e66fd2c58ca62f28ea805f057417a1b6d0068155c8
a3e142e006da47db93c377d6a6d3c50bf41456b87e7275f81d920dbe7a08f3f9
ac93c65cbd121403abec3e16b7b88ad4c5fc975ffb25e0f0bf36715d16fa43f3
affd617539a05a9c2d9b445744af8cee3e7cdb2ac24b5cbad3900e56f3081d79
b12c6f5e811093fbdb3ad67108d7d33c2b651d1d41f33ab115a990066aa4c120
b73a3efbde5247e86a364a7af658e20439c9f89154368779c67c63cbc6645c2e
c21dbc6c896b7f8d62e050611f3adbf98b3ab493b1da77e07fc23b4105347018
c3543dab09878ba0e47259ad573df6d323f8e9c41bad7c301da11cee46c85e5f
c5161c206c32c12af71b1dc0233cfd4dd14608a77eba74774f238f331a69c690
cf0aaf4e8ef9f351f7cc1c6ba137518104c4c8b71cda54fea70232f083cdf082
d67691c044dc02d190d4a7aa973b084ea0cd65eaf7ebe4511c3174ddd9ff29a4
d87731a73c6ba368bfaf95d8d1e8a4a3a50147e6492b0f9af404ff85db56fb52
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9971577074bc17718c411d18595c25d3cd26c218ef727b278b56d40de785690
fc270948335cdb8ec1ee2b81e7d9cfeb2f04af1873610a25171d37026c32e433
fd165db3c3868ac6f23779692708c3bc69ffb0ee9b69b354413e671c0081a134