Windows Analysis Report
http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=113101066887499677331010214400001&access_token=43b263fc-3d1d-46c0-91a2-e154caad35dd

Overview

General Information

Sample URL:	http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=113101066887499677331010214400001&access_token=43b263fc-3d1d-46c0-91a2-e154caad35dd
Analysis ID:	680978
Infos:

Detection

Score:	20
Range:	0 - 100
Whitelisted:	false
Confidence:	80%

Signatures

Uses known network protocols on non-standard ports

Classification

Signatures

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Local\Temp\6140_158424456\LICENSE.txt

Jump to behavior

Source: unknown	HTTPS traffic detected: 117.184.226.43:443 -> 192.168.2.4:49804 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 117.184.226.43:443 -> 192.168.2.4:49805 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 117.184.226.1:443 -> 192.168.2.4:49821 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 117.184.226.1:443 -> 192.168.2.4:49822 version: TLS 1.2

Networking

Uses known network protocols on non-standard ports

Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 9022
Source: unknown	Network traffic detected: HTTP traffic on port 9022 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 9022
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 9022
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 9022
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 9022
Source: unknown	Network traffic detected: HTTP traffic on port 9022 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 9022 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 9022 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 9022 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 9022
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 9022
Source: unknown	Network traffic detected: HTTP traffic on port 9022 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 9022 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 9022
Source: unknown	Network traffic detected: HTTP traffic on port 9022 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 9022
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 9022
Source: unknown	Network traffic detected: HTTP traffic on port 9022 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 9022 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 9022
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 9022
Source: unknown	Network traffic detected: HTTP traffic on port 9022 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 9022 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 9022
Source: unknown	Network traffic detected: HTTP traffic on port 9022 -> 49748

Source: unknown

DNS traffic detected: queries for: clients2.google.com

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49865
Source: unknown	Network traffic detected: HTTP traffic on port 49890 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49863
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49861
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49860
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49875 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49912 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49859
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49858
Source: unknown	Network traffic detected: HTTP traffic on port 49881 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49857
Source: unknown	Network traffic detected: HTTP traffic on port 49889 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49866 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49974
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 49858 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49893 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49915 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49861 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49847
Source: unknown	Network traffic detected: HTTP traffic on port 49886 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49869 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49892 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49887 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49910 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49895 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49913 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49907 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 49867 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 49865 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 49974 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49871 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49894 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 49868 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49885 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49899
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49898
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49897
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49896
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49895
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49894
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49893
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49892
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49891
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49890
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49897 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49876 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49911 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 49882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49905 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49889
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49888
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49887
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49886
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49885
Source: unknown	Network traffic detected: HTTP traffic on port 49863 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49884
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49883
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49882
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49881
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49880
Source: unknown	Network traffic detected: HTTP traffic on port 49857 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49896 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49877 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49914 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49860 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49883 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49915
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49914
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49913
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49912
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49911
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49877
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49910
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49876
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49875
Source: unknown	Network traffic detected: HTTP traffic on port 49891 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49871
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49899 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49880 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49907
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49905
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49869
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49868
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49867
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49866
Source: unknown	Network traffic detected: HTTP traffic on port 49888 -> 443

Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70

Source: global traffic	HTTP traffic detected: GET /service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-GB&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1 HTTP/1.1Host: clients2.google.comConnection: keep-aliveX-Goog-Update-Interactivity: fgX-Goog-Update-AppId: nmmhkkegccagdldgiimedpiccmgmieda,pkedcjkdefgpdelpbcmbmeomcjbeemfmX-Goog-Update-Updater: chromecrx-85.0.4183.121Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /govPortals/common/css/common_new.css HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: http://zwdt.sh.gov.cn/zwdtSW/dphead/head/head.jspAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/head/head.jsp HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: http://zwdt.sh.gov.cn/zwdtSW/dphead/head/head.jspAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /uc/zwdtSW/dphead/img/wzabst.png HTTP/1.1Host: lxm.qrcode.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://zwdt.sh.gov.cn/zwdtSW/dphead/foot/foot.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /uc/zwdtSW/dphead/img/ico1.png HTTP/1.1Host: lxm.qrcode.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://zwdt.sh.gov.cn/zwdtSW/dphead/foot/foot.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /uc/zwdtSW/dphead/css/footer.css?v=1.0.0.2 HTTP/1.1Host: lxm.qrcode.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: http://zwdt.sh.gov.cn/zwdtSW/dphead/foot/foot.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /uc/zwdtSW/dphead/img/ico2.png HTTP/1.1Host: lxm.qrcode.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://zwdt.sh.gov.cn/zwdtSW/dphead/foot/foot.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /uc/zwdtSW/dphead/img/foot-icp.png HTTP/1.1Host: lxm.qrcode.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://zwdt.sh.gov.cn/zwdtSW/dphead/foot/foot.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /uc/zwdtSW/dphead/img/ico3.png HTTP/1.1Host: lxm.qrcode.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://zwdt.sh.gov.cn/zwdtSW/dphead/foot/foot.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /govPortals/common/css/common_new.css HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: http://zwdt.sh.gov.cn/zwdtSW/dphead/head/head.jspAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/head/head.jsp HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: http://zwdt.sh.gov.cn/zwdtSW/dphead/head/head.jspAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /uc/zwdtSW/dphead/img/foot-ga.png HTTP/1.1Host: lxm.qrcode.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://zwdt.sh.gov.cn/zwdtSW/dphead/foot/foot.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /uc/zwdtSW/dphead/img/footer.jpg HTTP/1.1Host: lxm.qrcode.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://lxm.qrcode.sh.gov.cn/uc/zwdtSW/dphead/css/footer.css?v=1.0.0.2Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/plugin/bootstrap/css/bootstrap.min.css HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://zwdt.sh.gov.cn/zwdtSW/dphead/head/head.jspAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/plugin/fontawesome/css/font-awesome.min.css HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://zwdt.sh.gov.cn/zwdtSW/dphead/head/head.jspAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/css/head.css?1660049840950 HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://zwdt.sh.gov.cn/zwdtSW/dphead/head/head.jspAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /govPortals/common/css/common_new.css HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://zwdt.sh.gov.cn/zwdtSW/dphead/head/head.jspAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Range: bytes=17018-17018If-Range: "62da8dd3-d6d9"
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/plugin/jquery-1.7.2.min.js HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://zwdt.sh.gov.cn/zwdtSW/dphead/head/head.jspAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /govPortals/common/css/common_new.css HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://zwdt.sh.gov.cn/zwdtSW/dphead/head/head.jspAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Range: bytes=17018-55000If-Range: "62da8dd3-d6d9"
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/head/header.js?1660049840950 HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://zwdt.sh.gov.cn/zwdtSW/dphead/head/head.jspAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/data/dept.json HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveAccept: application/json, text/javascript, /; q=0.01User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36X-Requested-With: XMLHttpRequestSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://zwdt.sh.gov.cn/zwdtSW/dphead/head/head.jspAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/img/sublogo.png HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://zwdt.sh.gov.cn/zwdtSW/dphead/head/head.jspAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/img/common-logo.png HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://zwdt.sh.gov.cn/zwdtSW/dphead/css/head.css?1660049840950Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/img/header-icon-03.png HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://zwdt.sh.gov.cn/zwdtSW/dphead/css/head.css?1660049840950Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /uc/zwdtSW/dphead/img/ico2.png HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: lxm.qrcode.sh.gov.cn
Source: global traffic	HTTP traffic detected: GET /uc/zwdtSW/dphead/img/wzabst.png HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: lxm.qrcode.sh.gov.cn
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/img/location.png HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://zwdt.sh.gov.cn/zwdtSW/dphead/css/head.css?1660049840950Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /uc/usercenter/userinfo.jsp HTTP/1.1Host: zwdtuser.sh.gov.cnConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://zwdt.sh.gov.cn/zwdtSW/dphead/head/head.jspAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/plugin/bootstrap/fonts/glyphicons-halflings-regular.woff2 HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveOrigin: https://zwdt.sh.gov.cnUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://zwdt.sh.gov.cn/zwdtSW/dphead/plugin/bootstrap/css/bootstrap.min.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /uc/zwdtSW/dphead/img/ico1.png HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: lxm.qrcode.sh.gov.cn
Source: global traffic	HTTP traffic detected: GET /uc/zwdtSW/dphead/img/ico3.png HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: lxm.qrcode.sh.gov.cn
Source: global traffic	HTTP traffic detected: GET /uc/zwdtSW/dphead/img/foot-icp.png HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: lxm.qrcode.sh.gov.cn
Source: global traffic	HTTP traffic detected: GET /uc/zwdtSW/dphead/img/foot-ga.png HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: lxm.qrcode.sh.gov.cn
Source: global traffic	HTTP traffic detected: GET /uc/zwdtSW/dphead/img/footer.jpg HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: lxm.qrcode.sh.gov.cn
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/img/sublogo.png HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: zwdt.sh.gov.cn
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/img/common-logo.png HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: zwdt.sh.gov.cn
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/img/header-icon-03.png HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: zwdt.sh.gov.cn
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/img/location.png HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: zwdt.sh.gov.cn
Source: global traffic	HTTP traffic detected: GET /exposure/jiucuo.html?site_code=3100000044&url=https%3A%2F%2Fwww.shanghai.g HTTP/1.1Host: zfwzgl.www.gov.cnConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.g HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://zfwzgl.www.gov.cn/exposure/jiucuo.html?site_code=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /check_web/css/master_cn_v1.0.css HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01
Source: global traffic	HTTP traffic detected: GET /check_web/css/jquery.dataTables_themeroller.css HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01
Source: global traffic	HTTP traffic detected: GET /check_web/css/EDM.css HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01
Source: global traffic	HTTP traffic detected: GET /check_web/js/flexslider/flexslider.css HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01
Source: global traffic	HTTP traffic detected: GET /check_web/css/xinxikf.css HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01
Source: global traffic	HTTP traffic detected: GET /check_web/css/find_mistakes.css HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01
Source: global traffic	HTTP traffic detected: GET /check_web/css/base.css HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01
Source: global traffic	HTTP traffic detected: GET /check_web/js/jquery/jquery-1.10.2.js HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01
Source: global traffic	HTTP traffic detected: GET /check_web/js/kindeditor/themes/default/default.css HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01
Source: global traffic	HTTP traffic detected: GET /check_web/js/jquery/jquery.validate.js HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01
Source: global traffic	HTTP traffic detected: GET /check_web/js/jquery/jquery.form.js HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01
Source: global traffic	HTTP traffic detected: GET /check_web/js/jquery/jquery.dataTables.js HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01
Source: global traffic	HTTP traffic detected: GET /check_web/js/jquery/fnReloadAjax.js HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01
Source: global traffic	HTTP traffic detected: GET /check_web/js/placeholder.js HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01
Source: global traffic	HTTP traffic detected: GET /check_web/js/util.js HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01
Source: global traffic	HTTP traffic detected: GET /check_web/js/jquery.tips.js HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01; JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01
Source: global traffic	HTTP traffic detected: GET /check_web/images/jiuc_header.jpg HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://zfwzzc.www.gov.cn/check_web/css/find_mistakes.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01
Source: global traffic	HTTP traffic detected: GET /check_web/images/jc/jiuc_img8.jpg HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01
Source: global traffic	HTTP traffic detected: GET /check_web/images/right_doub.png HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://zfwzzc.www.gov.cn/check_web/css/find_mistakes.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01
Source: global traffic	HTTP traffic detected: GET /check_web/images/jc/red_asterisk.png HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://zfwzzc.www.gov.cn/check_web/css/find_mistakes.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01
Source: global traffic	HTTP traffic detected: GET /check_web/js/jquery/jquery.select.js HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01; JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01; JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01
Source: global traffic	HTTP traffic detected: GET /2016public/bottom.htm HTTP/1.1Host: www.gov.cnConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /govweb/xhtml/2016gov/css/base.css HTTP/1.1Host: www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.gov.cn/2016public/bottom.htmAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /govweb/xhtml/2016gov/css/common.css HTTP/1.1Host: www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.gov.cn/2016public/bottom.htmAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /govweb/xhtml/2016gov/guowuyuan/20190301gwykhd/images/icon_1234.png HTTP/1.1Host: www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.gov.cn/2016public/bottom.htmAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /govweb/xhtml/2016gov/guowuyuan/20190301gwykhd/images/icon_724.png HTTP/1.1Host: www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.gov.cn/2016public/bottom.htmAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /check_web/js/kindeditor/kindeditor-all.js HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01; JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01
Source: global traffic	HTTP traffic detected: GET /govweb/xhtml/2016gov/js/jquery-1.8.3.min.js HTTP/1.1Host: www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.gov.cn/2016public/bottom.htmAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /govweb/xhtml/2016gov/guowuyuan/20190301gwykhd/images/icon_1434.png HTTP/1.1Host: www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.gov.cn/2016public/bottom.htmAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /govweb/xhtml/2016gov/guowuyuan/20190301gwykhd/images/icon_1534.png HTTP/1.1Host: www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.gov.cn/2016public/bottom.htmAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /govweb/xhtml/2016gov/images/index/2018guohui03.png HTTP/1.1Host: www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.gov.cn/2016public/bottom.htmAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /govweb/xhtml/2016gov/images/public/select_jiantou.jpg HTTP/1.1Host: www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.gov.cn/govweb/xhtml/2016gov/css/common.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /check_web/js/flexslider/jquery.flexslider.js HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01; JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01; JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01
Source: global traffic	HTTP traffic detected: GET /check_web/js/slider.js HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01; JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01
Source: global traffic	HTTP traffic detected: GET /check_web/map/js/echarts.js HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01
Source: global traffic	HTTP traffic detected: GET /hm.js?3a125f686abed6dc0209db1fb2efac2b HTTP/1.1Host: hm.baidu.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /check_web/js/jcInfoNew.js?v=202002181 HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01; JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01
Source: global traffic	HTTP traffic detected: GET /check_web/kaptcha.jpg?1563507290545 HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01
Source: global traffic	HTTP traffic detected: GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=913&et=0&ja=0&ln=en-gb&lo=0&rnd=871009239&si=3a125f686abed6dc0209db1fb2efac2b&su=https%3A%2F%2Fzfwzgl.www.gov.cn%2Fexposure%2Fjiucuo.html%3Fsite_code%3D3100000044%26url%3Dhttps%253A%252F%252Fwww.shanghai.g&v=1.2.96&lv=1&sn=48325&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fzfwzzc.www.gov.cn%2Fcheck_web%2FerrorInfo%2FjcInfoNew%3FsiteCode%3D3100000044%26url%3Dhttps%253A%252F%252Fwww.shanghai.g&tt=%E6%88%91%E8%A6%81%E6%89%BE%E9%94%99 HTTP/1.1Host: hm.baidu.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: HMACCOUNT_BFESS=60A9DFC3875D1EBF
Source: global traffic	HTTP traffic detected: GET /check_web/errorInfo_querySearch.action?sEcho=1&iColumns=7&sColumns=%2C%2C%2C%2C%2C%2C&iDisplayStart=0&iDisplayLength=10&mDataProp_0=dataNumber&sSearch_0=&bRegex_0=false&bSearchable_0=true&bSortable_0=false&mDataProp_1=sitecode&sSearch_1=&bRegex_1=false&bSearchable_1=true&bSortable_1=false&mDataProp_2=wzmc&sSearch_2=&bRegex_2=false&bSearchable_2=true&bSortable_2=false&mDataProp_3=problem_id&sSearch_3=&bRegex_3=false&bSearchable_3=true&bSortable_3=false&mDataProp_4=bgdate&sSearch_4=&bRegex_4=false&bSearchable_4=true&bSortable_4=false&mDataProp_5=blzt&sSearch_5=&bRegex_5=false&bSearchable_5=true&bSortable_5=false&mDataProp_6=chakan&sSearch_6=&bRegex_6=false&bSearchable_6=true&bSortable_6=false&sSearch=&bRegex=false&iSortCol_0=0&sSortDir_0=asc&iSortingCols=1&status=0%2C1%2C5%2C6%2C7%2C8%2C9%2C16%2C17%2C18&sitecodebg=&problemIdbg=&tt=Tue+Aug+09+2022+14%3A57%3A55+GMT%2B0200+(Central+European+Summer+Time)&size=10&pos=1&pageNo=1&_t=1660049875337 HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveAccept: application/json, text/javascript, /; q=0.01User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36X-Requested-With: XMLHttpRequestSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01; Hm_lvt_3a125f686abed6dc0209db1fb2efac2b=1660049875; Hm_lpvt_3a125f686abed6dc0209db1fb2efac2b=1660049875
Source: global traffic	HTTP traffic detected: GET /check_web/images/jc/bgt.png HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://zfwzzc.www.gov.cn/check_web/css/find_mistakes.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01; JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01; JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01; Hm_lvt_3a125f686abed6dc0209db1fb2efac2b=1660049875; Hm_lpvt_3a125f686abed6dc0209db1fb2efac2b=1660049875
Source: global traffic	HTTP traffic detected: GET /check_web/images/magnify-icon.png HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://zfwzzc.www.gov.cn/check_web/css/find_mistakes.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01; JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01; Hm_lvt_3a125f686abed6dc0209db1fb2efac2b=1660049875; Hm_lpvt_3a125f686abed6dc0209db1fb2efac2b=1660049875
Source: global traffic	HTTP traffic detected: GET /check_web/images/jc/down_i.png HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://zfwzzc.www.gov.cn/check_web/css/find_mistakes.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01; JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01; JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01; Hm_lvt_3a125f686abed6dc0209db1fb2efac2b=1660049875; Hm_lpvt_3a125f686abed6dc0209db1fb2efac2b=1660049875
Source: global traffic	HTTP traffic detected: GET /check_web/kaptcha.jpg?1660049875267 HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01; Hm_lvt_3a125f686abed6dc0209db1fb2efac2b=1660049875; Hm_lpvt_3a125f686abed6dc0209db1fb2efac2b=1660049875
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: zfwzgl.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://zfwzgl.www.gov.cn/exposure/jiucuo.html?site_code=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=113101066887499677331010214400001&access_token=43b263fc-3d1d-46c0-91a2-e154caad35dd HTTP/1.1Host: 117.184.226.70:9022Connection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Accept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /ac-guide-ext/resources/bootstrap-3.3.5/css/bootstrap.min.css HTTP/1.1Host: 117.184.226.70:9022Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Referer: http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=113101066887499677331010214400001&access_token=43b263fc-3d1d-46c0-91a2-e154caad35ddAccept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=BCD46D732791F2B858868A31117F5A8E
Source: global traffic	HTTP traffic detected: GET /ac-guide-ext/resources/layer/2.5/css/layui.css HTTP/1.1Host: 117.184.226.70:9022Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Referer: http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=113101066887499677331010214400001&access_token=43b263fc-3d1d-46c0-91a2-e154caad35ddAccept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=BCD46D732791F2B858868A31117F5A8E
Source: global traffic	HTTP traffic detected: GET /ac-guide-ext/fillform/onething-city2/css/index.css HTTP/1.1Host: 117.184.226.70:9022Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Referer: http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=113101066887499677331010214400001&access_token=43b263fc-3d1d-46c0-91a2-e154caad35ddAccept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=BCD46D732791F2B858868A31117F5A8E
Source: global traffic	HTTP traffic detected: GET /ac-guide-ext/fillform/common/js/jquery-1.11.0.min.js HTTP/1.1Host: 117.184.226.70:9022Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Referer: http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=113101066887499677331010214400001&access_token=43b263fc-3d1d-46c0-91a2-e154caad35ddAccept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=BCD46D732791F2B858868A31117F5A8E
Source: global traffic	HTTP traffic detected: GET /zwdtSW/plugin/fontawesome/css/font-awesome.min.css HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Referer: http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=113101066887499677331010214400001&access_token=43b263fc-3d1d-46c0-91a2-e154caad35ddAccept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /govPortals/common/css/common_new.css HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Referer: http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=113101066887499677331010214400001&access_token=43b263fc-3d1d-46c0-91a2-e154caad35ddAccept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/head/head.jsp HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Referer: http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=113101066887499677331010214400001&access_token=43b263fc-3d1d-46c0-91a2-e154caad35ddAccept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/foot/foot.html HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Referer: http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=113101066887499677331010214400001&access_token=43b263fc-3d1d-46c0-91a2-e154caad35ddAccept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /ac-guide-ext/fillform/notity/js/vue.min.js HTTP/1.1Host: 117.184.226.70:9022Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Referer: http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=113101066887499677331010214400001&access_token=43b263fc-3d1d-46c0-91a2-e154caad35ddAccept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=BCD46D732791F2B858868A31117F5A8E
Source: global traffic	HTTP traffic detected: GET /ac-guide-ext/resources/bootstrap-3.3.5/js/bootstrap.min.js HTTP/1.1Host: 117.184.226.70:9022Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Referer: http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=113101066887499677331010214400001&access_token=43b263fc-3d1d-46c0-91a2-e154caad35ddAccept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=BCD46D732791F2B858868A31117F5A8E
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/common/js/version.js?time=0.4290670805374541 HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Referer: http://zwdt.sh.gov.cn/zwdtSW/dphead/foot/foot.htmlAccept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/plugin/bootstrap/css/bootstrap.min.css HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Referer: http://zwdt.sh.gov.cn/zwdtSW/dphead/head/head.jspAccept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/plugin/fontawesome/css/font-awesome.min.css HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Referer: http://zwdt.sh.gov.cn/zwdtSW/dphead/head/head.jspAccept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/css/head.css?1660049838314 HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Referer: http://zwdt.sh.gov.cn/zwdtSW/dphead/head/head.jspAccept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/plugin/jquery-1.7.2.min.js HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Referer: http://zwdt.sh.gov.cn/zwdtSW/dphead/head/head.jspAccept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /ac-guide-ext/resources/layer/2.5/layui.js HTTP/1.1Host: 117.184.226.70:9022Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Referer: http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=113101066887499677331010214400001&access_token=43b263fc-3d1d-46c0-91a2-e154caad35ddAccept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=BCD46D732791F2B858868A31117F5A8E
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/head/header.js?1660049838314 HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Referer: http://zwdt.sh.gov.cn/zwdtSW/dphead/head/head.jspAccept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /ac-guide-ext/resources/layer/2.5/lay/modules/layer.js HTTP/1.1Host: 117.184.226.70:9022Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Referer: http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=113101066887499677331010214400001&access_token=43b263fc-3d1d-46c0-91a2-e154caad35ddAccept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=BCD46D732791F2B858868A31117F5A8E
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/head/head.jsp HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Referer: http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=113101066887499677331010214400001&access_token=43b263fc-3d1d-46c0-91a2-e154caad35ddAccept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/common/js/version.js?time=0.7040889451629797 HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Referer: http://zwdt.sh.gov.cn/zwdtSW/dphead/foot/foot.htmlAccept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /ac-guide-ext/resources/layer/2.5/css/modules/layer/default/layer.css?v=3.1.1 HTTP/1.1Host: 117.184.226.70:9022Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Referer: http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=113101066887499677331010214400001&access_token=43b263fc-3d1d-46c0-91a2-e154caad35ddAccept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=BCD46D732791F2B858868A31117F5A8E
Source: global traffic	HTTP traffic detected: GET /ac-guide-ext/resources/layer/2.5/lay/modules/upload.js HTTP/1.1Host: 117.184.226.70:9022Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Referer: http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=113101066887499677331010214400001&access_token=43b263fc-3d1d-46c0-91a2-e154caad35ddAccept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=BCD46D732791F2B858868A31117F5A8E
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/css/head.css?1660049839811 HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Referer: http://zwdt.sh.gov.cn/zwdtSW/dphead/head/head.jspAccept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/head/header.js?1660049839811 HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Referer: http://zwdt.sh.gov.cn/zwdtSW/dphead/head/head.jspAccept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/img/sublogo.png HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Referer: http://zwdt.sh.gov.cn/zwdtSW/dphead/head/head.jspAccept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: 117.184.226.70:9022Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Referer: http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=113101066887499677331010214400001&access_token=43b263fc-3d1d-46c0-91a2-e154caad35ddAccept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 09 Aug 2022 12:58:37 GMTContent-Type: text/html; charset=utf-8Content-Length: 522Connection: closeServer: elb
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.15.6.1 CrowDate: Tue, 09 Aug 2022 12:57:25 GMTContent-Type: text/htmlContent-Length: 562Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 35 2e 36 2e 31 20 43 72 6f 77 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx/1.15.6.1 Crow</center></body></html><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page -->

Source: History Provider Cache.0.dr	String found in binary or memory: http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=1131
Source: 27decaa4-e983-4dfb-b2f0-27c2c068c25f.tmp.1.dr, 1c8eee4e-6528-4e49-a6c0-212bc86c9990.tmp.1.dr	String found in binary or memory: https://accounts.google.com
Source: craw_window.js.0.dr, craw_window.js0.0.dr	String found in binary or memory: https://accounts.google.com/MergeSession
Source: 27decaa4-e983-4dfb-b2f0-27c2c068c25f.tmp.1.dr, 1c8eee4e-6528-4e49-a6c0-212bc86c9990.tmp.1.dr	String found in binary or memory: https://apis.google.com
Source: 27decaa4-e983-4dfb-b2f0-27c2c068c25f.tmp.1.dr, 1c8eee4e-6528-4e49-a6c0-212bc86c9990.tmp.1.dr	String found in binary or memory: https://clients2.google.com
Source: manifest.json.0.dr, manifest.json2.0.dr	String found in binary or memory: https://clients2.google.com/service/update2/crx
Source: 27decaa4-e983-4dfb-b2f0-27c2c068c25f.tmp.1.dr, 1c8eee4e-6528-4e49-a6c0-212bc86c9990.tmp.1.dr	String found in binary or memory: https://clients2.googleusercontent.com
Source: 27decaa4-e983-4dfb-b2f0-27c2c068c25f.tmp.1.dr	String found in binary or memory: https://content-autofill.googleapis.com
Source: LICENSE.txt.0.dr	String found in binary or memory: https://creativecommons.org/.
Source: LICENSE.txt.0.dr	String found in binary or memory: https://creativecommons.org/compatiblelicenses
Source: 4e795b3c-3c2c-49a8-80bb-0db96d6ccb7b.tmp.1.dr, 27decaa4-e983-4dfb-b2f0-27c2c068c25f.tmp.1.dr, 321675e0-8103-480a-a7e8-b38cce85d665.tmp.1.dr, 1c8eee4e-6528-4e49-a6c0-212bc86c9990.tmp.1.dr	String found in binary or memory: https://dns.google
Source: LICENSE.txt.0.dr	String found in binary or memory: https://easylist.to/)
Source: 27decaa4-e983-4dfb-b2f0-27c2c068c25f.tmp.1.dr, 1c8eee4e-6528-4e49-a6c0-212bc86c9990.tmp.1.dr	String found in binary or memory: https://fonts.googleapis.com
Source: 27decaa4-e983-4dfb-b2f0-27c2c068c25f.tmp.1.dr, 1c8eee4e-6528-4e49-a6c0-212bc86c9990.tmp.1.dr	String found in binary or memory: https://fonts.gstatic.com
Source: LICENSE.txt.0.dr	String found in binary or memory: https://github.com/easylist)
Source: craw_window.js.0.dr, craw_background.js.0.dr, craw_window.js0.0.dr, craw_background.js0.0.dr	String found in binary or memory: https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
Source: 27decaa4-e983-4dfb-b2f0-27c2c068c25f.tmp.1.dr, 1c8eee4e-6528-4e49-a6c0-212bc86c9990.tmp.1.dr	String found in binary or memory: https://ogs.google.com
Source: craw_window.js.0.dr, craw_window.js0.0.dr, manifest.json.0.dr, manifest.json2.0.dr	String found in binary or memory: https://payments.google.com/payments/v4/js/integrator.js
Source: 27decaa4-e983-4dfb-b2f0-27c2c068c25f.tmp.1.dr, 1c8eee4e-6528-4e49-a6c0-212bc86c9990.tmp.1.dr	String found in binary or memory: https://play.google.com
Source: 1c8eee4e-6528-4e49-a6c0-212bc86c9990.tmp.1.dr	String found in binary or memory: https://r5---sn-h0jeln7l.gvt1.com
Source: 27decaa4-e983-4dfb-b2f0-27c2c068c25f.tmp.1.dr, 1c8eee4e-6528-4e49-a6c0-212bc86c9990.tmp.1.dr	String found in binary or memory: https://redirector.gvt1.com
Source: craw_window.js.0.dr, craw_window.js0.0.dr, manifest.json.0.dr, manifest.json2.0.dr	String found in binary or memory: https://sandbox.google.com/payments/v4/js/integrator.js
Source: 27decaa4-e983-4dfb-b2f0-27c2c068c25f.tmp.1.dr, 1c8eee4e-6528-4e49-a6c0-212bc86c9990.tmp.1.dr	String found in binary or memory: https://ssl.gstatic.com
Source: craw_window.js.0.dr, craw_background.js.0.dr, craw_window.js0.0.dr, craw_background.js0.0.dr	String found in binary or memory: https://www-googleapis-staging.sandbox.google.com
Source: 27decaa4-e983-4dfb-b2f0-27c2c068c25f.tmp.1.dr, 1c8eee4e-6528-4e49-a6c0-212bc86c9990.tmp.1.dr	String found in binary or memory: https://www.google.com
Source: manifest.json.0.dr, manifest.json2.0.dr	String found in binary or memory: https://www.google.com/
Source: craw_window.js.0.dr, craw_window.js0.0.dr	String found in binary or memory: https://www.google.com/accounts/OAuthLogin?issueuberauth=1
Source: craw_window.js.0.dr, craw_window.js0.0.dr	String found in binary or memory: https://www.google.com/images/cleardot.gif
Source: craw_window.js.0.dr, craw_window.js0.0.dr	String found in binary or memory: https://www.google.com/images/dot2.gif
Source: craw_window.js.0.dr, craw_window.js0.0.dr	String found in binary or memory: https://www.google.com/images/x2.gif
Source: craw_background.js.0.dr, craw_background.js0.0.dr	String found in binary or memory: https://www.google.com/intl/en-US/chrome/blank.html
Source: craw_window.js.0.dr, craw_background.js.0.dr, 27decaa4-e983-4dfb-b2f0-27c2c068c25f.tmp.1.dr, craw_window.js0.0.dr, craw_background.js0.0.dr, 1c8eee4e-6528-4e49-a6c0-212bc86c9990.tmp.1.dr	String found in binary or memory: https://www.googleapis.com
Source: manifest.json.0.dr, manifest.json2.0.dr	String found in binary or memory: https://www.googleapis.com/
Source: manifest.json.0.dr, manifest.json2.0.dr	String found in binary or memory: https://www.googleapis.com/auth/chromewebstore
Source: manifest.json.0.dr, manifest.json2.0.dr	String found in binary or memory: https://www.googleapis.com/auth/chromewebstore.readonly
Source: manifest.json.0.dr, manifest.json2.0.dr	String found in binary or memory: https://www.googleapis.com/auth/sierra
Source: manifest.json.0.dr, manifest.json2.0.dr	String found in binary or memory: https://www.googleapis.com/auth/sierrasandbox
Source: 27decaa4-e983-4dfb-b2f0-27c2c068c25f.tmp.1.dr, 1c8eee4e-6528-4e49-a6c0-212bc86c9990.tmp.1.dr	String found in binary or memory: https://www.gstatic.com

Source: unknown

HTTP traffic detected: POST /ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard HTTP/1.1Host: accounts.google.comConnection: keep-aliveContent-Length: 1Origin: https://www.google.comContent-Type: application/x-www-form-urlencodedSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8

Source: unknown	HTTPS traffic detected: 117.184.226.43:443 -> 192.168.2.4:49804 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 117.184.226.43:443 -> 192.168.2.4:49805 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 117.184.226.1:443 -> 192.168.2.4:49821 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 117.184.226.1:443 -> 192.168.2.4:49822 version: TLS 1.2

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Local\Temp\3f482a4b-2899-4262-be89-6ad22fc4361c.tmp

Jump to behavior

Source: classification engine

Classification label: sus20.troj.win@39/159@21/17

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1588,1720915609517302198,2750695470635868226,131072 --lang=en-GB --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1960 /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe" "http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=113101066887499677331010214400001&access_token=43b263fc-3d1d-46c0-91a2-e154caad35dd
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1588,1720915609517302198,2750695470635868226,131072 --lang=en-GB --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1960 /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe" "http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=113101066887499677331010214400001&access_token=43b263fc-3d1d-46c0-91a2-e154caad35dd	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Local\Google\Chrome\User Data\BrowserMetrics\BrowserMetrics-62F259A9-17FC.pma

Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Local\Temp\6140_158424456\LICENSE.txt

Jump to behavior

Hooking and other Techniques for Hiding and Protection

Uses known network protocols on non-standard ports

Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 9022
Source: unknown	Network traffic detected: HTTP traffic on port 9022 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 9022
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 9022
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 9022
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 9022
Source: unknown	Network traffic detected: HTTP traffic on port 9022 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 9022 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 9022 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 9022 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 9022
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 9022
Source: unknown	Network traffic detected: HTTP traffic on port 9022 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 9022 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 9022
Source: unknown	Network traffic detected: HTTP traffic on port 9022 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 9022
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 9022
Source: unknown	Network traffic detected: HTTP traffic on port 9022 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 9022 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 9022
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 9022
Source: unknown	Network traffic detected: HTTP traffic on port 9022 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 9022 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 9022
Source: unknown	Network traffic detected: HTTP traffic on port 9022 -> 49748

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
128.1.77.230	zgovweb.v.bsgslb.cn	United States	21859	ZNETUS	false
219.141.240.182	dcs.conac.cn	China	4847	CNIX-APChinaNetworksInter-ExchangeCN	false
219.141.240.178	bszs.conac.cn	China	4847	CNIX-APChinaNetworksInter-ExchangeCN	false
117.184.226.70	unknown	China	24400	CMNET-V4SHANGHAI-AS-APShanghaiMobileCommunicationsCoLt	false
114.251.191.206	unknown	China	4808	CHINA169-BJChinaUnicomBeijingProvinceNetworkCN	false
172.217.168.14	clients.l.google.com	United States	15169	GOOGLEUS	false
103.235.46.191	hm.e.shifen.com	Hong Kong	55967	BAIDUBeijingBaiduNetcomScienceandTechnologyCoLtd	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
114.246.31.165	zfwzzc.www.gov.cn	China	4808	CHINA169-BJChinaUnicomBeijingProvinceNetworkCN	false
117.184.226.43	lxm.qrcode.sh.gov.cn	China	24400	CMNET-V4SHANGHAI-AS-APShanghaiMobileCommunicationsCoLt	false
117.184.226.7	zwdtuser.sh.gov.cn	China	24400	CMNET-V4SHANGHAI-AS-APShanghaiMobileCommunicationsCoLt	false
114.251.191.210	unknown	China	4808	CHINA169-BJChinaUnicomBeijingProvinceNetworkCN	false
117.184.226.1	zwdt.sh.gov.cn	China	24400	CMNET-V4SHANGHAI-AS-APShanghaiMobileCommunicationsCoLt	false
36.112.20.164	zfwzgl.www.gov.cn	China	4847	CNIX-APChinaNetworksInter-ExchangeCN	false
142.250.203.109	accounts.google.com	United States	15169	GOOGLEUS	false

Private

IP
192.168.2.1
127.0.0.1

Contacted Domains

Name	IP	Active
lxm.qrcode.sh.gov.cn	117.184.226.43	true
accounts.google.com	142.250.203.109	true
zwdtuser.sh.gov.cn	117.184.226.7	true
bszs.conac.cn	219.141.240.178	true
zfwzzc.www.gov.cn	114.246.31.165	true
zfwzgl.www.gov.cn	36.112.20.164	true
hm.e.shifen.com	103.235.46.191	true
23a72c571eab6919.cdn.jiashule.com	119.39.205.85	true
dcs.conac.cn	219.141.240.182	true
zgovweb.v.bsgslb.cn	128.1.77.230	true
www.beian.gov.cn	219.142.142.150	true
3z4qr0nn.slt-dk.sched.tdnsv8.com	61.54.91.250	true
clients.l.google.com	172.217.168.14	true
zwdt.sh.gov.cn	117.184.226.1	true
www.gov.cn	unknown	unknown
clients2.google.com	unknown	unknown
www.12377.cn	unknown	unknown
beian.miit.gov.cn	unknown	unknown
hm.baidu.com	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://zfwzzc.www.gov.cn/check_web/js/jquery/jquery.form.js	false	Avira URL Cloud: safe	unknown
https://zfwzzc.www.gov.cn/check_web/js/jquery/jquery.validate.js	false	Avira URL Cloud: safe	unknown
https://zfwzzc.www.gov.cn/check_web/images/jc/red_asterisk.png	false	Avira URL Cloud: safe	unknown
https://zfwzzc.www.gov.cn/check_web/css/EDM.css	false	Avira URL Cloud: safe	unknown
http://zwdt.sh.gov.cn/zwdtSW/dphead/plugin/fontawesome/css/font-awesome.min.css	false	Avira URL Cloud: safe	unknown
https://zfwzzc.www.gov.cn/check_web/js/jcInfoNew.js?v=202002181	false	Avira URL Cloud: safe	unknown
http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=113101066887499677331010214400001&access_token=43b263fc-3d1d-46c0-91a2-e154caad35dd	false		unknown
https://zwdt.sh.gov.cn/zwdtSW/dphead/img/sublogo.png	false	Avira URL Cloud: safe	unknown
https://zwdt.sh.gov.cn/zwdtSW/dphead/head/header.js?1660049840950	false	Avira URL Cloud: safe	unknown
https://zfwzzc.www.gov.cn/check_web/js/flexslider/jquery.flexslider.js	false	Avira URL Cloud: safe	unknown
http://117.184.226.70:9022/ac-guide-ext/resources/layer/2.5/lay/modules/layer.js	false	Avira URL Cloud: safe	unknown
http://117.184.226.70:9022/ac-guide-ext/resources/bootstrap-3.3.5/css/bootstrap.min.css	false	Avira URL Cloud: safe	unknown
http://117.184.226.70:9022/ac-guide-ext/resources/layer/2.5/layui.js	false	Avira URL Cloud: safe	unknown
https://zfwzzc.www.gov.cn/check_web/css/base.css	false	Avira URL Cloud: safe	unknown
https://www.gov.cn/govweb/xhtml/2016gov/images/public/select_jiantou.jpg	false	Avira URL Cloud: safe	unknown
https://zfwzzc.www.gov.cn/check_web/js/jquery/jquery.select.js	false	Avira URL Cloud: safe	unknown
http://117.184.226.70:9022/ac-guide-ext/fillform/notity/js/vue.min.js	false	Avira URL Cloud: safe	unknown
https://zwdt.sh.gov.cn/zwdtSW/dphead/img/location.png	false	Avira URL Cloud: safe	unknown
http://zwdt.sh.gov.cn/zwdtSW/dphead/css/head.css?1660049839811	false	Avira URL Cloud: safe	unknown
https://zfwzzc.www.gov.cn/check_web/css/master_cn_v1.0.css	false	Avira URL Cloud: safe	unknown
https://zwdt.sh.gov.cn/zwdtSW/dphead/plugin/fontawesome/css/font-awesome.min.css	false	Avira URL Cloud: safe	unknown
https://zfwzzc.www.gov.cn/check_web/js/jquery/jquery.dataTables.js	false	Avira URL Cloud: safe	unknown
https://zwdtuser.sh.gov.cn/uc/usercenter/userinfo.jsp	false	Avira URL Cloud: safe	unknown
https://zwdt.sh.gov.cn/zwdtSW/dphead/plugin/bootstrap/fonts/glyphicons-halflings-regular.woff2	false	Avira URL Cloud: safe	unknown
https://www.gov.cn/govweb/xhtml/2016gov/guowuyuan/20190301gwykhd/images/icon_1534.png	false	Avira URL Cloud: safe	unknown
https://zfwzzc.www.gov.cn/check_web/js/slider.js	false	Avira URL Cloud: safe	unknown
http://117.184.226.70:9022/ac-guide-ext/fillform/common/js/jquery-1.11.0.min.js	false	Avira URL Cloud: safe	unknown
https://zwdt.sh.gov.cn/zwdtSW/dphead/head/head.jsp	true		unknown
https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.g	true		unknown
https://lxm.qrcode.sh.gov.cn/uc/zwdtSW/dphead/img/ico2.png	false	Avira URL Cloud: safe	unknown
https://zfwzzc.www.gov.cn/check_web/js/placeholder.js	false	Avira URL Cloud: safe	unknown
https://lxm.qrcode.sh.gov.cn/uc/zwdtSW/dphead/img/foot-ga.png	false	Avira URL Cloud: safe	unknown
https://zfwzzc.www.gov.cn/check_web/js/util.js	false	Avira URL Cloud: safe	unknown
http://117.184.226.70:9022/favicon.ico	false	Avira URL Cloud: safe	unknown
https://www.gov.cn/govweb/xhtml/2016gov/images/index/2018guohui03.png	false	Avira URL Cloud: safe	unknown
https://zfwzzc.www.gov.cn/check_web/css/xinxikf.css	false	Avira URL Cloud: safe	unknown
https://zfwzzc.www.gov.cn/check_web/css/find_mistakes.css	false	Avira URL Cloud: safe	unknown
https://zfwzzc.www.gov.cn/check_web/kaptcha.jpg?1660049875267	false	Avira URL Cloud: safe	unknown
https://zfwzzc.www.gov.cn/check_web/js/kindeditor/themes/default/default.css	false	Avira URL Cloud: safe	unknown
http://zwdt.sh.gov.cn/zwdtSW/dphead/head/head.jsp	false	Avira URL Cloud: safe	unknown
http://zwdt.sh.gov.cn/zwdtSW/dphead/plugin/jquery-1.7.2.min.js	false	Avira URL Cloud: safe	unknown
https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-GB&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1	false		high
http://117.184.226.70:9022/ac-guide-ext/resources/layer/2.5/css/modules/layer/default/layer.css?v=3.1.1	false	Avira URL Cloud: safe	unknown
http://117.184.226.70:9022/ac-guide-ext/resources/layer/2.5/css/layui.css	false	Avira URL Cloud: safe	unknown
https://www.gov.cn/2016public/bottom.htm	false		unknown
https://zwdt.sh.gov.cn/zwdtSW/dphead/plugin/bootstrap/css/bootstrap.min.css	false	Avira URL Cloud: safe	unknown
https://zfwzzc.www.gov.cn/check_web/images/right_doub.png	false	Avira URL Cloud: safe	unknown
http://zwdt.sh.gov.cn/zwdtSW/plugin/fontawesome/css/font-awesome.min.css	false	Avira URL Cloud: safe	unknown
http://117.184.226.70:9022/ac-guide-ext/resources/bootstrap-3.3.5/js/bootstrap.min.js	false	Avira URL Cloud: safe	unknown
https://zfwzzc.www.gov.cn/check_web/images/jiuc_header.jpg	false	Avira URL Cloud: safe	unknown
https://zwdt.sh.gov.cn/zwdtSW/dphead/css/head.css?1660049840950	false	Avira URL Cloud: safe	unknown
http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=113101066887499677331010214400001&access_token=43b263fc-3d1d-46c0-91a2-e154caad35dd	true		unknown
https://zfwzzc.www.gov.cn/check_web/images/jc/jiuc_img8.jpg	false	Avira URL Cloud: safe	unknown
http://zwdt.sh.gov.cn/zwdtSW/dphead/foot/foot.html	true		unknown
https://zfwzzc.www.gov.cn/check_web/images/magnify-icon.png	false	Avira URL Cloud: safe	unknown
https://zwdt.sh.gov.cn/zwdtSW/dphead/plugin/jquery-1.7.2.min.js	false	Avira URL Cloud: safe	unknown
https://zfwzzc.www.gov.cn/check_web/js/jquery.tips.js	false	Avira URL Cloud: safe	unknown
https://www.gov.cn/govweb/xhtml/2016gov/css/base.css	false	Avira URL Cloud: safe	unknown
https://www.gov.cn/govweb/xhtml/2016gov/guowuyuan/20190301gwykhd/images/icon_1434.png	false	Avira URL Cloud: safe	unknown
http://117.184.226.70:9022/ac-guide-ext/fillform/onething/initQA.do	false	Avira URL Cloud: safe	unknown
http://zwdt.sh.gov.cn/zwdtSW/dphead/img/sublogo.png	false	Avira URL Cloud: safe	unknown
https://lxm.qrcode.sh.gov.cn/uc/zwdtSW/dphead/img/foot-icp.png	false	Avira URL Cloud: safe	unknown
http://zwdt.sh.gov.cn/zwdtSW/dphead/foot/foot.html	false		unknown
https://zwdt.sh.gov.cn/govPortals/common/css/common_new.css	false	Avira URL Cloud: safe	unknown
https://zfwzzc.www.gov.cn/check_web/js/jquery/jquery-1.10.2.js	false	Avira URL Cloud: safe	unknown
https://hm.baidu.com/hm.js?3a125f686abed6dc0209db1fb2efac2b	false		high
http://zwdt.sh.gov.cn/govPortals/common/css/common_new.css	false	Avira URL Cloud: safe	unknown
http://zwdt.sh.gov.cn/zwdtSW/dphead/head/header.js?1660049839811	false	Avira URL Cloud: safe	unknown
https://zfwzzc.www.gov.cn/check_web/js/flexslider/flexslider.css	false	Avira URL Cloud: safe	unknown
https://www.gov.cn/2016public/bottom.htm	true		unknown
https://lxm.qrcode.sh.gov.cn/uc/zwdtSW/dphead/img/ico3.png	false	Avira URL Cloud: safe	unknown
https://zfwzzc.www.gov.cn/check_web/images/jc/bgt.png	false	Avira URL Cloud: safe	unknown
https://zfwzzc.www.gov.cn/check_web/errorInfo_querySearch.action?sEcho=1&iColumns=7&sColumns=%2C%2C%2C%2C%2C%2C&iDisplayStart=0&iDisplayLength=10&mDataProp_0=dataNumber&sSearch_0=&bRegex_0=false&bSearchable_0=true&bSortable_0=false&mDataProp_1=sitecode&sSearch_1=&bRegex_1=false&bSearchable_1=true&bSortable_1=false&mDataProp_2=wzmc&sSearch_2=&bRegex_2=false&bSearchable_2=true&bSortable_2=false&mDataProp_3=problem_id&sSearch_3=&bRegex_3=false&bSearchable_3=true&bSortable_3=false&mDataProp_4=bgdate&sSearch_4=&bRegex_4=false&bSearchable_4=true&bSortable_4=false&mDataProp_5=blzt&sSearch_5=&bRegex_5=false&bSearchable_5=true&bSortable_5=false&mDataProp_6=chakan&sSearch_6=&bRegex_6=false&bSearchable_6=true&bSortable_6=false&sSearch=&bRegex=false&iSortCol_0=0&sSortDir_0=asc&iSortingCols=1&status=0%2C1%2C5%2C6%2C7%2C8%2C9%2C16%2C17%2C18&sitecodebg=&problemIdbg=&tt=Tue+Aug+09+2022+14%3A57%3A55+GMT%2B0200+(Central+European+Summer+Time)&size=10&pos=1&pageNo=1&_t=1660049875337	false	Avira URL Cloud: safe	unknown
https://zfwzzc.www.gov.cn/check_web/map/js/echarts.js	false	Avira URL Cloud: safe	unknown
https://zfwzgl.www.gov.cn/favicon.ico	false	Avira URL Cloud: safe	unknown
https://zwdt.sh.gov.cn/zwdtSW/dphead/data/dept.json	false	Avira URL Cloud: safe	unknown
http://zwdt.sh.gov.cn/zwdtSW/dphead/common/js/version.js?time=0.4290670805374541	false	Avira URL Cloud: safe	unknown
https://lxm.qrcode.sh.gov.cn/uc/zwdtSW/dphead/img/ico1.png	false	Avira URL Cloud: safe	unknown
http://zwdt.sh.gov.cn/zwdtSW/dphead/head/header.js?1660049838314	false	Avira URL Cloud: safe	unknown

Name	Type	MD5	SHA1	SHA256
C:\Users\user\AppData\Local\Google\Chrome\User Data\2de65193-9323-4bbc-9b33-7595d4a14e85.tmp	SysEx File -	2C3E7DDCEE9DC4BC580F24DD967CA0EB	1C3E36ECCF5202AE7CF21AA8BF62ADBEE8F6356D	4E1AF8C71C570E6CB7FA3F356ABCA5E9C9E2E80774124208BF21DE9E948BEF56
C:\Users\user\AppData\Local\Google\Chrome\User Data\40ab066d-491b-4a5f-bbc4-6f114b988baf.tmp	ASCII text, with very long lines, with no line terminators	D98074637FF8995E70589B16B918D7DD	4D43479FA29FBE3BC2C07CE58E381BFB248BCCB6	D12D22FDC0F8072F49323909D4A4FF4967DF27B55AD7C1612F7653C89E4ECA40
C:\Users\user\AppData\Local\Google\Chrome\User Data\54993c21-b51c-4757-9575-b220900a434a.tmp	ASCII text, with very long lines, with no line terminators	22F91F86964174581FC698CCD2F320DA	854AF000FCAA480656006DC7EB178A0749891891	3918A09D0023952A52D440AB037C2904156ADD84AF7B1FC6C13CCA4981160949
C:\Users\user\AppData\Local\Google\Chrome\User Data\7fa03d5c-c19f-4896-997a-ff2d91f86098.tmp	ASCII text, with very long lines, with no line terminators	1E3ACFC41712B21095573A105B7FA1D4	5BABCE9836A27B69F468BBBCD7E012BF9F7F342A	C9FD35D7F349E4B6C99011A9ED45C6D2FAEACC308C5AB1A5F4CE06CF0E72C4A1
C:\Users\user\AppData\Local\Google\Chrome\User Data\7fd73cad-aace-48ac-a55b-ba71a4834420.tmp	ASCII text, with very long lines, with no line terminators	49A1C7492041634E89719C7CD3D43830	DFE914A004C19DCF4DCD6CF7AAF8B37ACCE08516	CBDB1BE181C9E453256708115D2AB87019C7E52B0D5EF8B9C914E8B44878C680
C:\Users\user\AppData\Local\Google\Chrome\User Data\9ed38ada-65de-4475-a162-ba3e84ff162e.tmp	ASCII text, with very long lines, with no line terminators	51996655440C89ABF1F830695C600609	2106C0EE196EAEB134B21E61D3E8167A87196A4F	99689B212ED7566905C14F02CDACBB064977C3B1C20B02681423609EA8515C92
C:\Users\user\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat	data	7AE9008C2AA5ED3E5ED52743E082F5BF	CD90099842F51474494BFC490433578A89C1B539	94E7D9BF431A0E3F0FD02F0FBA7321F43DD8B523E3D32092AFC474D3FD5ABF62
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1c7f7819-c5b0-466c-96e3-b28e69fca4ac.tmp	very short file (no magic)	5058F1AF8388633F609CADB75A75DC9D	3A52CE780950D4D969792A2559CD519D7EE8C727	CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\1c8eee4e-6528-4e49-a6c0-212bc86c9990.tmp	ASCII text, with very long lines, with no line terminators	A1CDBC88F8B4CC8D10212775766B42CF	895505AE442DC20942D1D7A5094B01E3DCE208F4	AFB41143BF853D6784565FA685200B22EC79DFE2A846E8C774C1D4CBD5A9C82D
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\27decaa4-e983-4dfb-b2f0-27c2c068c25f.tmp	ASCII text, with very long lines, with no line terminators	81F04AD482B0E5C9969E429B892006EF	166C5A107100A4380DEBABE00C54D6801EE93B4D	94C212FA522F3F3B0D7181EB4E965A2BD499AECF8D77A4202DA1426E229A6816
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\4409b1fd-6fe6-4672-9064-de733a9d59c1.tmp	ASCII text, with very long lines, with no line terminators	9E75B77F9919741B07718D64A3142D6E	147FE01E5210C4EC90463F00ED313B35E0266425	8D969D2B461E96A3A2B42799A6FE56E20A3C23C4B7CFB7236129194E2842C89F
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\79afce29-70f3-4876-ab85-42e8c2f9f1e9.tmp	ASCII text, with very long lines, with no line terminators	A6C5F349CABA5810DC34DAF9E54A22AD	4B2E8319BB2B4A7E7E8254CADC0244768134660A	AD5070FF0CA409BBCC7B762AFA2271D50248EA866F6528E95DA969B03E18CAE7
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_metadata\computed_hashes.json	ASCII text, with very long lines, with no line terminators	90F880064A42B29CCFF51FE5425BF1A3	6A3CAE3996E9FFF653A1DDF731CED32B2BE2ACBF	965203D541E442C107DBC6D5B395168123D0397559774BEAE4E5B9ABC44EF268
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\000003.log	data	51A2CBB807F5085530DEC18E45CB8569	7AD88CD3DE5844C7FC269C4500228A630016AB5B	1C43A1BDA1E458863C46DFAE7FB43BFB3E27802169F37320399B1DD799A819AC
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG	ASCII text	4EC78335B20363DCC23DCA3060CF141C	E59332BA0E4C92E3D54FC653D992C2D484419C62	4D22D44FE66F28D321F538A542BB14886D5C415CEC41FF350D759170F88B00C5
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Feature Engagement Tracker\AvailabilityDB\LOG.old (copy)	ASCII text	4EC78335B20363DCC23DCA3060CF141C	E59332BA0E4C92E3D54FC653D992C2D484419C62	4D22D44FE66F28D321F538A542BB14886D5C415CEC41FF350D759170F88B00C5
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History Provider Cache	data	FFD8C668EAA17CA4DB4E7D834DF37151	1D259182B7A8C2A6BCF04833F1067C0BDDA4919A	D38EADFE3DFFA756A92E8AF974F8129566571CBA633AC58D3FEC28D13F6BE2FD
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network Persistent State (copy)	ASCII text, with very long lines, with no line terminators	81F04AD482B0E5C9969E429B892006EF	166C5A107100A4380DEBABE00C54D6801EE93B4D	94C212FA522F3F3B0D7181EB4E965A2BD499AECF8D77A4202DA1426E229A6816
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences (copy)	ASCII text, with very long lines, with no line terminators	A6C5F349CABA5810DC34DAF9E54A22AD	4B2E8319BB2B4A7E7E8254CADC0244768134660A	AD5070FF0CA409BBCC7B762AFA2271D50248EA866F6528E95DA969B03E18CAE7
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences (copy)	UTF-8 Unicode text, with very long lines, with no line terminators	BA4762856B01CE5DFF669C77AA894076	E02D4CE7C814FF298C14F7D92B72657E837122C2	582B1A287A15F48E8B10465EE8FE18186ACB48700069410946084129D43CD8AA
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\321675e0-8103-480a-a7e8-b38cce85d665.tmp	ASCII text, with very long lines, with no line terminators	A6C1D2076E0E7FFE40E5BFEC0BEAFAA7	F1CD6815325610D07455A215A1C4E724D2F1DC17	3B3BD7020547A67DD4A6A30E8ADBC4A5921570268D7E0182053BF5412F5BFF50
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\GPUCache\data_1	data	F50F89A0A91564D0B8A211F8921AA7DE	112403A17DD69D5B9018B8CEDE023CB3B54EAB7D	B1E963D702392FB7224786E7D56D43973E9B9EFD1B89C17814D7C558FFC0CDEC
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\gfdkimpbcpahaombhbimeihdjnejgicl\def\Network Persistent State (copy)	ASCII text, with very long lines, with no line terminators	A6C1D2076E0E7FFE40E5BFEC0BEAFAA7	F1CD6815325610D07455A215A1C4E724D2F1DC17	3B3BD7020547A67DD4A6A30E8ADBC4A5921570268D7E0182053BF5412F5BFF50
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\4e795b3c-3c2c-49a8-80bb-0db96d6ccb7b.tmp	ASCII text, with very long lines, with no line terminators	E94036DF834460DF6795F5DDCCCD0B69	0352869460986A77961DDB65A85572FFBF4AC0FF	4087DF4160118C6F53D2E18B0A65B23FD373796A4285116852AF4EF927C40FA8
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\GPUCache\data_1	data	F50F89A0A91564D0B8A211F8921AA7DE	112403A17DD69D5B9018B8CEDE023CB3B54EAB7D	B1E963D702392FB7224786E7D56D43973E9B9EFD1B89C17814D7C558FFC0CDEC
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Storage\ext\nmmhkkegccagdldgiimedpiccmgmieda\def\Network Persistent State (copy)	ASCII text, with very long lines, with no line terminators	E94036DF834460DF6795F5DDCCCD0B69	0352869460986A77961DDB65A85572FFBF4AC0FF	4087DF4160118C6F53D2E18B0A65B23FD373796A4285116852AF4EF927C40FA8
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\a16e0775-36c0-4d66-a918-07242a85afc1.tmp	UTF-8 Unicode text, with very long lines, with no line terminators	590D1EE41A67E0ED08A185F57BE2D248	D92A71AAD913EB8B7066AF42E11224760B26058B	81D12C4A3E35E77D0978A9E2B2601CD6A3C21B7D015BD1C73C1FC50E2C2DE1C0
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\aa00a0e4-e508-4131-badc-5eb0c5a54574.tmp	ASCII text, with very long lines, with no line terminators	5D5685164EE1744A7F5C614AAE15F610	734AA00A47F7BEFA30CA840CD99057CADCF0CA45	DEA093DD5788E28E02968A9658FEF609A21A257BE0DBB50305B24A349360B52C
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\c472a7b2-762b-4774-8fcd-a76600d09759.tmp	UTF-8 Unicode text, with very long lines, with no line terminators	2A171B3E47223F4B08500DA77368D74D	45EF03DD01FCC13A120AC1AF5606AB6E7C8E0852	AD5FB72F8112C2BA9AF2F68FF5E0E4BBAB354BFB137A72D7A94805EE2820B9B5
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\cc421846-2af2-4329-9c10-38c5e1cb7d90.tmp	UTF-8 Unicode text, with very long lines, with no line terminators	BA4762856B01CE5DFF669C77AA894076	E02D4CE7C814FF298C14F7D92B72657E837122C2	582B1A287A15F48E8B10465EE8FE18186ACB48700069410946084129D43CD8AA
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\ce054faf-ddbf-4e09-babb-6ebf8923b7fd.tmp	ASCII text, with very long lines, with no line terminators	580138859F465FABBA587ABC9D726CB8	2C79643A39C09900670F54E866E2964D5F49628D	E21139BC80346E3654FCDC6D41F8FB060DDA2EDC1039CC4080E0EBBF853E563B
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\000004.dbtmp	ASCII text	6752A1D65B201C13B62EA44016EB221F	58ECF154D01A62233ED7FB494ACE3C3D4FFCE08B	0861415CADA612EA5834D56E2CF1055D3E63979B69EB71D32AE9AE394D8306CD
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\data_reduction_proxy_leveldb\CURRENT (copy)	ASCII text	6752A1D65B201C13B62EA44016EB221F	58ECF154D01A62233ED7FB494ACE3C3D4FFCE08B	0861415CADA612EA5834D56E2CF1055D3E63979B69EB71D32AE9AE394D8306CD
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Browser	data	DE9EF0C5BCC012A3A1131988DEE272D8	FA9CCBDC969AC9E1474FCE773234B28D50951CD8	3615498FBEF408A96BF30E01C318DAC2D5451B054998119080E7FAAC5995F590
C:\Users\user\AppData\Local\Google\Chrome\User Data\Last Version	ASCII text, with no line terminators	C422F72BA41F662A919ED0B70E5C3289	AAD27C14B27F56B6E7C744A8EC5B1A7D767D7632	02E71EB4C587FEB7EE00CE8600F97411C2774C2FC34CB95B92D5538E7F30DA59
C:\Users\user\AppData\Local\Google\Chrome\User Data\Local State (copy)	ASCII text, with very long lines, with no line terminators	D98074637FF8995E70589B16B918D7DD	4D43479FA29FBE3BC2C07CE58E381BFB248BCCB6	D12D22FDC0F8072F49323909D4A4FF4967DF27B55AD7C1612F7653C89E4ECA40
C:\Users\user\AppData\Local\Google\Chrome\User Data\Module Info Cache (copy)	data	BD090F35A2DBD5AAA09F82D2CB5CDA81	0AE41A2BE34EB833E3B47AD832C2A60A8B786B6B	127F734DBA8A853E4D2D7F444F0342DFF4E4B5D67196F37450CF24E37F9E73DB
C:\Users\user\AppData\Local\Google\Chrome\User Data\acaa55c2-023a-448c-9697-2cff0dbc3f79.tmp	data	BD090F35A2DBD5AAA09F82D2CB5CDA81	0AE41A2BE34EB833E3B47AD832C2A60A8B786B6B	127F734DBA8A853E4D2D7F444F0342DFF4E4B5D67196F37450CF24E37F9E73DB
C:\Users\user\AppData\Local\Google\Chrome\User Data\f1840a41-4f50-4157-b519-9e53f5c0ecd3.tmp	ASCII text, with very long lines, with no line terminators	51996655440C89ABF1F830695C600609	2106C0EE196EAEB134B21E61D3E8167A87196A4F	99689B212ED7566905C14F02CDACBB064977C3B1C20B02681423609EA8515C92
C:\Users\user\AppData\Local\Temp\3b576cee-3db8-4e8c-8006-1374266a2684.tmp	Google Chrome extension, version 3	541F52E24FE1EF9F8E12377A6CCAE0C0	189898BB2DCAE7D5A6057BC2D98B8B450AFAEBB6	81E3A4D43A73699E1B7781723F56B8717175C536685C5450122B30789464AD82
C:\Users\user\AppData\Local\Temp\3f482a4b-2899-4262-be89-6ad22fc4361c.tmp	Google Chrome extension, version 3	541F52E24FE1EF9F8E12377A6CCAE0C0	189898BB2DCAE7D5A6057BC2D98B8B450AFAEBB6	81E3A4D43A73699E1B7781723F56B8717175C536685C5450122B30789464AD82
C:\Users\user\AppData\Local\Temp\6140_1085709407\Recovery.crx3	Google Chrome extension, version 3	EA1C1FFD3EA54D1FB117BFDBB3569C60	10958B0F690AE8F5240E1528B1CCFFFF28A33272	7C3A6A7D16AC44C3200F572A764BCE7D8FA84B9572DD028B15C59BDCCBC0A77D
C:\Users\user\AppData\Local\Temp\6140_1085709407\_metadata\verified_contents.json	ASCII text, with very long lines, with no line terminators	45821E6EB1AEC30435949B553DB67807	B3CADEB17FE5B76B5DBB428B8D3A07B341F8B1BC	E5FAE91295BECF7F66BFA4BE1061CA5537ED763EB5D01485F23ECFB583304FEE
C:\Users\user\AppData\Local\Temp\6140_1085709407\manifest.fingerprint	ASCII text, with no line terminators	2AE14F91312C4E8034366B09D49D5B18	AD4933A5D838D0FA0B960C327A5039A9E8249642	4F122332EF0F2BB490EF59619D3602C1A7277C0A7A19C132202DB4803A09BFA2
C:\Users\user\AppData\Local\Temp\6140_1085709407\manifest.json	ASCII text	7A8E3A0B6417948DF4D49F3915428D7A	4FC084AABDB13483567D5C417C7ED8FD16726A80	D1AC274CF1018020F2D9635A518ED1A1F21CC2CBE9E2A4392EC792D54B5B52FE
C:\Users\user\AppData\Local\Temp\6140_158424456\LICENSE.txt	ASCII text, with CRLF line terminators	D33AAA5246E1CE0A94FA15BA0C407AE2	11D197ACB61361657D638154A9416DC3249EC9FB	1D4FF95CE9C6E21FE4A4FF3B41E7A0DF88638DD449D909A7B46974D3DFAB7311
C:\Users\user\AppData\Local\Temp\6140_158424456\manifest.json	ASCII text	84B4713304342256D0C6F3AD26700D57	C664BB7165C408DF3DD3BADEDE7DBDFE806451FE	398DD1688588E4B590D69FAEC6A134819BF7A8E45235FDC14F2CAF2C6F2773B2
C:\Users\user\AppData\Local\Temp\ab3c7410-90c5-4216-a441-a4fd65482e58.tmp	very short file (no magic)	5058F1AF8388633F609CADB75A75DC9D	3A52CE780950D4D969792A2559CD519D7EE8C727	CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
C:\Users\user\AppData\Local\Temp\fbe537f8-f982-4c52-a461-84ce3ba85ad7.tmp	very short file (no magic)	5058F1AF8388633F609CADB75A75DC9D	3A52CE780950D4D969792A2559CD519D7EE8C727	CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\3f482a4b-2899-4262-be89-6ad22fc4361c.tmp	Google Chrome extension, version 3	541F52E24FE1EF9F8E12377A6CCAE0C0	189898BB2DCAE7D5A6057BC2D98B8B450AFAEBB6	81E3A4D43A73699E1B7781723F56B8717175C536685C5450122B30789464AD82
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\bg\messages.json	UTF-8 Unicode text, with CRLF line terminators	6F8E288A9AD5B1ED8633B430E2B4D4CA	F671D3D4BEFA431D1946D706F4192D44E29B6F08	A114E2783D0E9B12155017323BA70838F0F82A71C7EE8DC1F115AE36991241F8
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\ca\messages.json	UTF-8 Unicode text, with CRLF line terminators	1FDAFC926391BD580B655FBAF46ED260	C95743C3F43B2B099FEBEBC5BD850F0C20E820AC	C67898B67F9C9209EAFDA6532B62D5789863CFB855998DD6A70E7775316CEC20
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\cs\messages.json	UTF-8 Unicode text, with CRLF line terminators	76DEC64ED1556180B452A13C83171883	CFB1E56FD587BCDC459C1D9A683B71F9849058F9	32290D69A90E6BAAC428B10382C99221B12773BB9A184F3B93DFB48A4F6D7A40
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\da\messages.json	UTF-8 Unicode text, with CRLF line terminators	238B97A36E411E42FF37CEFAF2927ED1	4E47AC90BA24C8F4724D9293FA40CFD4ADA66FE0	4977D4A053542FF66967FAED6B06585DD70E68E20BFEB533B66FE3287F9655D9
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\de\messages.json	UTF-8 Unicode text, with CRLF line terminators	6B3E916E8C1991AA0453CBA00FEDCAAA	D6366D15912E40CA107FD42BFE9579C3336A51F9	A62FFAB910E31531758EEE48B2CC71A8857BEC3021DEAD50B668CBA3C8667053
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\el\messages.json	UTF-8 Unicode text, with CRLF line terminators	05C437A322C1148B5F78B2F341339147	AB53003A678E44A170E73711FBD9949833BBF3AA	A052C32B4FCAC61152EB0ADB2C260FB6A8256AD104AA0013DB93E9798D41A070
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\en\messages.json	ASCII text, with CRLF line terminators	91F5BC87FD478A007EC68C4E8ADF11AC	D07DD49E4EF3B36DAD7D038B7E999AE850C5BEF6	92F1246C21DD5FD7266EBFD65798C61E403D01A816CC3CF780DB5C8AA2E3D9C9
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\en_GB\messages.json	ASCII text, with CRLF line terminators	91F5BC87FD478A007EC68C4E8ADF11AC	D07DD49E4EF3B36DAD7D038B7E999AE850C5BEF6	92F1246C21DD5FD7266EBFD65798C61E403D01A816CC3CF780DB5C8AA2E3D9C9
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\es\messages.json	UTF-8 Unicode text, with CRLF line terminators	82719BD3999AD66193A9B0BB525F97CD	41194D511F1ACC16C1CA828AC81C18C8C6B47287	4DB9B2721E625C18B9E05C04B31AF5D9694712F1CAAF6219ABE34BB08E5DB1C7
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\es_419\messages.json	UTF-8 Unicode text, with CRLF line terminators	6B2583D8D1C147E36A69A88009CBEBC7	4D4DEEB4BE6AA0181825F3371A761ABC5B4D5937	6659BC3705311D7641A73995DCFEA80C7734F2F4EBBC3787B3892A240348324F
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\et\messages.json	UTF-8 Unicode text, with CRLF line terminators	CFF6CB76EC724B17C1BC920726CB35A7	14ED068251D65A840F00C05409D705259D329FFC	C85800BF45942FCC7FD6B1DF929C25F9CC2A977A6678966BD03D4B6B69889AFD
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\fi\messages.json	UTF-8 Unicode text, with CRLF line terminators	3A01FEE829445C482D1721FF63153D16	F3EAAADDC03F943FC88B30B67F534AA13E3336DD	0BDE54B20845124113383B6EB81E43A0F05E4EB0C44BEE3C1DFAC4CC5FEC2836
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\fil\messages.json	ASCII text, with CRLF line terminators	57AF5B654270A945BDA8053A83353A06	EEEF7A4F869F97CF471A05D345E74F982D15E167	EC002ED92359F67818B49455DFC579E140368E6A004080AF022FD4F57F6B03F2
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\fr\messages.json	UTF-8 Unicode text, with CRLF line terminators	8D11C90F44A6585B57B933AB38D1FFF8	3F9D44EA8807069A32AACA2AAAD02FD892E6CC90	599491F8C52B945C16C441ADF45BFD45AFAE046DA07757D97C56AF4DE75ED3B5
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\hi\messages.json	UTF-8 Unicode text, with CRLF line terminators	E376D757C8FD66AC70A7D2D49760B94E	1525C5B1312D409604F097768503298EC440CC4D	8106D98C4F8DA16DB698444409558E29CC96735E188BFA303C333A5D99231C1D
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\hr\messages.json	UTF-8 Unicode text, with CRLF line terminators	8185D0490C86363602A137F9A261CC50	5BD933B874441CEACB9201CCC941FF67BAED6DC0	A2B2EC359A9DD9DCCCE02859CE1E738BD30FAA4A05F1DC522893FFDF722BBC15
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\hu\messages.json	UTF-8 Unicode text, with CRLF line terminators	85609CF8623582A8376C206556ED2131	1E16EB70DB5E59BB684866FF3E3925C2DEF25A12	32A249749F12ADB6A220BF9ADC272C7E5D9AD5497A38B0086D961E3ABA17FBC6
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\id\messages.json	ASCII text, with CRLF line terminators	EAB2B946D1232AB98137E760954003AA	60BDC2937905B311D2C9844DF2D639D7AC9F7F67	C6E8800450602DE0F39FE9F6854472383813FB454B08ABAE7E25A9167CE004C3
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\it\messages.json	UTF-8 Unicode text, with CRLF line terminators	A328EEF5E841E0C72D3CD7366899C5C8	2851ED658385804E87911643F5A4200B1FB26E13	CD891C45F7586FB4A2514205A11F260E4A6D4482FA03D901909DD9F57BE0536D
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\ja\messages.json	UTF-8 Unicode text, with CRLF line terminators	9B3A5D473C3F2BBFAEECE94A07A940B8	61BACA342CF766BBA15C7B4D892A0E7DAC9405AA	706312A4A2AEF3317223F141EB2B82685345B7EED444F16BB4DF3A272716DA1F
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\ko\messages.json	UTF-8 Unicode text, with CRLF line terminators	9F6B4D82A70C74CA751E2EAE70FAB5CF	0534F125FFCE8222277CF2BE3401C59DAF9217F8	D1467B8D037114403E8F4EFC52E88C4A7FEB96126BE4CFF883FEFF1084EF7E68
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\lt\messages.json	UTF-8 Unicode text, with CRLF line terminators	4CA644F875606986A9898D04BDAE3EA5	722A10569E93975129D67FBDB75B537D9D622AD1	7C311AB751D840D750C11553C083785813E079C1D464FE568A98C9E3EF3DB96C
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\lv\messages.json	UTF-8 Unicode text, with CRLF line terminators	C5CE2C51391EAFD3DA9E4C71549A3C28	1F67FF6EF6E90C0CE3AAF56ED543A3EFD381574D	1FA1DF2CA8516DEF490FB8484E9AA498ACFF80EEF5C9258FFE42D3678E6C7DED
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\nb\messages.json	UTF-8 Unicode text, with CRLF line terminators	93C459A23BC6953FF744C35920CD2AF9	162F884972103A08ADB616A7EB3598431A2924C5	2CD700AEB57D89C2E73333D0702556EE3FF3863516170F85669BC680FCBDC4E0
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\nl\messages.json	ASCII text, with CRLF line terminators	7A8F9D0249C680F64DEC7650A432BD57	53477198AEE389F6580921B4876719B400A23CA1	92BE7C2DC9CFBE5A65E9CE6488D364C8D7EC19E7B67A31E4D43C1CB2B169671C
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\pl\messages.json	UTF-8 Unicode text, with CRLF line terminators	0E6194126AFCCD1E3098D276A7400175	E8127B905A640B1C46362FA6E1127BE172F4A40F	E2699F98C511B18A2AFB82EAE9A4804B646C4FF1077D80E77C17A3943A6373C2
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\pt_BR\messages.json	UTF-8 Unicode text, with CRLF line terminators	86A2B91FA18B867209024C522ED665D5	63DEC245637818C76655E01FCB6D59784BC7184E	6374880FDD1F8AF1EE8AEA6A06B73BE0AB265AFCEB4FE6F08BDE3B3989264B21
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\pt_PT\messages.json	UTF-8 Unicode text, with CRLF line terminators	750A4800EDB93FBE56495963F9FB3B94	8BFB915488A4EB3CB33D68E2E59F1F8447DB7D61	C1C94F65FABAF17DEF98A8587711A56D61B1E5607500E9B01F2824DB109F9E83
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\ro\messages.json	UTF-8 Unicode text, with CRLF line terminators	98D43E4B1054A65DF3FA3CC40AB6FB6D	46E0A21C4DA2BB5D4D8F837AE211C1B6FA26E7E2	113A13900CBA62FE8AED06751971C23A80A99B47F9BE219CF884D57DB19611D9
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\ru\messages.json	UTF-8 Unicode text, with CRLF line terminators	DB2EDF1465946C06BD95C71A1E13AE64	FB4F3ECE9ECECEBBC6CA2A592A15FB9C1FDFB811	FBAF22CE6E16DE174CED8CB5EA3098CCA1C3426A2111FF33BD3E64DA64ED67AB
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\sk\messages.json	UTF-8 Unicode text, with CRLF line terminators	8DF215D1EFBDABB175CCDD68ED8DCB0A	2B374462137A38589A73FDD00A84CBDC7E50F9F4	7FA16AF97E6CFC52EC6008EB679D3F30E7E0C24F9EF2D18A9228EAF4DED9D63B
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\sl\messages.json	UTF-8 Unicode text, with CRLF line terminators	3943FA2A647AECEDFD685408B27139EE	0129DD19D28373359530B3B477FE8A9279DABB7D	18AFF072EE0DF7C3495045435C752A805606E6D5D462EF2321C443F1773F4B3A
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\sr\messages.json	UTF-8 Unicode text, with CRLF line terminators	D485DF17F085B6A37125694F85646FD0	24D51D8642CDC6EFD5D8D7A4430232D8CDE25108	7FFDE34C58E7C376C042DE64DEF6481DAE32BE8B70F0B18EDF536290CBE0C818
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\sv\messages.json	UTF-8 Unicode text, with CRLF line terminators	D372B8204EB743E16F45C7CBD3CAAF37	C96C57219D292B01016B37DCF82E7C79AD0DD1E8	B8BA77E0089B0676545EC16D32468B727812B444F90B33A7A5B748E6C36C4388
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\th\messages.json	UTF-8 Unicode text, with CRLF line terminators	83E2D1E97791A4B2C5C69926EFB629C9	429600425CB0F196DDD717F940E94DBD8BFF2837	2FECA577F43D97BAEEA464741D585892103585208FD0A935B810A03BDCE83C88
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\tr\messages.json	UTF-8 Unicode text, with CRLF line terminators	2CEAE0567B6BB1D240BBAD690A98CA3B	5944346FBD4A0797B13223895995CAB58E9ECD23	A7CB86F30C9C31FE5540282C308BA96ADB4EC16EF98C87129EB88105E5BEF5FC
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\uk\messages.json	UTF-8 Unicode text, with CRLF line terminators	AB0B56120E6B38C42CC3612BE948EF50	8B3F520E5713D9F116D68E71DAEED1F6E8D74629	68ABA284751EB9C856032062EF9B1651E2A1E5CE5FDA0977FFC97D63BA7BED9E
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\vi\messages.json	UTF-8 Unicode text, with CRLF line terminators	7EBB677FEAD8557D3676505225A7249A	F161B4B6001AEAEAB246FF8987F4D992B48D47BE	051F96ED874C11C4A13589B5F68964E4F5B03B52DDA223D56524F2CA23760C04
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\zh_CN\messages.json	UTF-8 Unicode text, with CRLF line terminators	BB73BF561BB79F89D9BF7C67C5AE5C65	2FADD3A1959B29C44830033A35C637D0311A8C9C	D804F2A040D21D7511EFD5213D8E1721D64964A1A0DBB48E21622CEEDC9D967E
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_locales\zh_TW\messages.json	UTF-8 Unicode text, with CRLF line terminators	5FF50C673CC0C661D615F0CFD0E6DCA0	60DFF98DEAB9C4746B288BDD9C94B3BCAE5EAA85	C6F8C640F3353A7B9B1432A0C139C1AEEC40133800E6C9B467B63991AD660308
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\_metadata\verified_contents.json	ASCII text, with very long lines, with no line terminators	0834821960CB5C6E9D477AEF649CB2E4	7D25F027D7CEE9E94E9CBDEE1F9220C8D20A1588	52A24FA2FB3BCB18D9D8571AE385C4A830FF98CE4C18384D40A84EA7F6BA7F69
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\craw_background.js	ASCII text, with very long lines	6EEBED29E6A6301E92A9B8B347807F5F	65DFB69B650560551110B33DCBA50B25E5B876DE	04CD9494B0ED83924DAD12202630B20D053D9E2819C8E826A386C814CC0A1697
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\craw_window.js	ASCII text, with very long lines	1709B6F00A136241185161AA3DF46A06	33DA7D262FFED1A5C2D85B7390E9DBC830CBE494	5721A4B3F8E09C869A629EFFD350B51C9D46F0AC136717D4DB6265C0EE6F9AC8
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\css\craw_window.css	ASCII text	67BF9AABE17541852F9DDFF8245096CD	A4AC74DD258E8E0689034FAA1B15A5C7C56DC3BB	10DFBD2D98950B79EE12F6B8E3885AABE31543048DE56AD4FC0A5E34D0D9D4EC
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\html\craw_window.html	HTML document, ASCII text	34A839BC40DEBC746BBD181D9EF9310C	8B4EAA74D31EED5B0BABA3CA5460201F6B10DA46	BB8742615E4CD996AE5D0200E443AE6A6F0B473255F03AFFDB8FB4660DE4554D
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\images\flapper.gif	GIF image data, version 89a, 30 x 30	398ABB308EEBC355DA70BCE907B22E29	CFFB77B8A1724B8F81D98C6D6AD0071D10162252	2B73533F47A99FFEA9CC405FFAFA9C4C53623F62487AEBFBA415945120B22040
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\images\icon_128.png	PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced	4DBC9F9E6F5A08D299BAC9E54DF07694	BB38F5DE34B1E0BE1109220BA55271087A4D9EA5	91C2718DD23B4356D71F88F6146868369033291086DF327534546DFA459BEB0E
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\images\icon_16.png	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced	FB9C46EA81AD3E456D90D58697C12C06	5FC450F7D73CCFAC8F0D818CB3392BA4D91B69DE	016CA659BA080E194FBFC0929602B16506ED60AA6019FAA51410C4FD93B583E8
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\images\topbar_floating_button.png	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced	8803665A6328D23CC1014A7B0E9BE295	9DA6EE729D5A6E9F30658B8EC954710F107A641F	D5F9234DC36E7FFA85F35B2359A4F82276F8395EFA76E4553507EA990B27FC6C
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\images\topbar_floating_button_close.png	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced	0599DFD9107C7647F27E69331B0A7D75	3198C0A5F34DB67F91A0035DBC297354CBC95525	131817CD9311C03DF22D769DD2AD7FA2E6E9558863A89F7E5E1657424031A937
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\images\topbar_floating_button_hover.png	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced	7CB6B9DC1A30F63B8BD976924B75AD96	0C40B0C496D2F2B5F2021C117EC8610AC03AB469	721B7AAA9A42A54A349881615A12E3A26983ACA48E173FD2F66E66AA0D725735
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\images\topbar_floating_button_maximize.png	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced	232CE72808B60CBE0F4FA788A76523DF	721A9C98C835D2CD734153BBE07833C6637ECD68	AFA4EA944CBDEC8543242E627EF46D5BFD3766DCAC664E7E50CDEEF2B352740C
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\images\topbar_floating_button_pressed.png	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced	E0862317407F2D54C85E12945799413B	FA557F8F761A04C41C9A4BA81994E43C6C275DBB	5C10CE0589EB115600F77381130B70AE0B7B3752614D86D4C89E857658AA222B
C:\Users\user\AppData\Local\Temp\scoped_dir6140_131488268\CRX_INSTALL\manifest.json	ASCII text, with CRLF line terminators	01334FB9D092AF2AA46C4185E405C627	47AD3C0E82362FFE5B881DF8D71D6F79AB7F5796	F52714812D68C577A445169D11E84DF6751C2D6886BC429643072BB5D61C6C27
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\3b576cee-3db8-4e8c-8006-1374266a2684.tmp	Google Chrome extension, version 3	541F52E24FE1EF9F8E12377A6CCAE0C0	189898BB2DCAE7D5A6057BC2D98B8B450AFAEBB6	81E3A4D43A73699E1B7781723F56B8717175C536685C5450122B30789464AD82
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\bg\messages.json	UTF-8 Unicode text, with CRLF line terminators	6F8E288A9AD5B1ED8633B430E2B4D4CA	F671D3D4BEFA431D1946D706F4192D44E29B6F08	A114E2783D0E9B12155017323BA70838F0F82A71C7EE8DC1F115AE36991241F8
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\ca\messages.json	UTF-8 Unicode text, with CRLF line terminators	1FDAFC926391BD580B655FBAF46ED260	C95743C3F43B2B099FEBEBC5BD850F0C20E820AC	C67898B67F9C9209EAFDA6532B62D5789863CFB855998DD6A70E7775316CEC20
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\cs\messages.json	UTF-8 Unicode text, with CRLF line terminators	76DEC64ED1556180B452A13C83171883	CFB1E56FD587BCDC459C1D9A683B71F9849058F9	32290D69A90E6BAAC428B10382C99221B12773BB9A184F3B93DFB48A4F6D7A40
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\da\messages.json	UTF-8 Unicode text, with CRLF line terminators	238B97A36E411E42FF37CEFAF2927ED1	4E47AC90BA24C8F4724D9293FA40CFD4ADA66FE0	4977D4A053542FF66967FAED6B06585DD70E68E20BFEB533B66FE3287F9655D9
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\de\messages.json	UTF-8 Unicode text, with CRLF line terminators	6B3E916E8C1991AA0453CBA00FEDCAAA	D6366D15912E40CA107FD42BFE9579C3336A51F9	A62FFAB910E31531758EEE48B2CC71A8857BEC3021DEAD50B668CBA3C8667053
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\el\messages.json	UTF-8 Unicode text, with CRLF line terminators	05C437A322C1148B5F78B2F341339147	AB53003A678E44A170E73711FBD9949833BBF3AA	A052C32B4FCAC61152EB0ADB2C260FB6A8256AD104AA0013DB93E9798D41A070
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\en\messages.json	ASCII text, with CRLF line terminators	91F5BC87FD478A007EC68C4E8ADF11AC	D07DD49E4EF3B36DAD7D038B7E999AE850C5BEF6	92F1246C21DD5FD7266EBFD65798C61E403D01A816CC3CF780DB5C8AA2E3D9C9
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\en_GB\messages.json	ASCII text, with CRLF line terminators	91F5BC87FD478A007EC68C4E8ADF11AC	D07DD49E4EF3B36DAD7D038B7E999AE850C5BEF6	92F1246C21DD5FD7266EBFD65798C61E403D01A816CC3CF780DB5C8AA2E3D9C9
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\es\messages.json	UTF-8 Unicode text, with CRLF line terminators	82719BD3999AD66193A9B0BB525F97CD	41194D511F1ACC16C1CA828AC81C18C8C6B47287	4DB9B2721E625C18B9E05C04B31AF5D9694712F1CAAF6219ABE34BB08E5DB1C7
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\es_419\messages.json	UTF-8 Unicode text, with CRLF line terminators	6B2583D8D1C147E36A69A88009CBEBC7	4D4DEEB4BE6AA0181825F3371A761ABC5B4D5937	6659BC3705311D7641A73995DCFEA80C7734F2F4EBBC3787B3892A240348324F
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\et\messages.json	ASCII text, with very long lines	0293A7BAE6EEE62C4067A80E262D6A2D	E76B07BD49FFBBFB6841B7335CBE7A9620714402	D06F20D4D68D1DBB89EF7D8E405D9499CB2EB2560217CD5B4A51AB1DD50CAB44
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\fi\messages.json	ASCII text, with very long lines	E5BBE7DBBE75F45BDCD49DB8C797106E	0F069D7D19768180945F0D8B67DC71262FD586A2	BFFB2248B4C66306133FA6ECBB1541F44B3BE22CC8D9A338D690E0B1D0C85532
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\fil\messages.json	ASCII text, with very long lines	658DAD2AF2DC3AC1567D84E8B95F68B0	EE1121215960EC5ED5F7B6BDB8E4680731EBF83D	978BA6D814CF290016833BBAC22DC7C05C2C575B1D6429B9BB14F8C2156BCF29
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\fr\messages.json	ASCII text, with very long lines	1E32A78526E3AC8108E73D384F17450B	BFE2E47D888BA530A27DD1BDE25C46433C2A545C	80F6EE69F1E022812BCCC1DE1CDC53772CDF90F4E93224161B23FA607D45136A
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\hi\messages.json	ASCII text, with very long lines	B739E3B798D3EEB8AFB3E368455A8E97	56E206DD0AC7EB7B179911BE3F7DD78059CBD4F3	BA7A53A1398168719F2ACD58CC5FE06AB0B769ECA896D70E7208B18085B42FFA
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\hr\messages.json	ASCII text, with very long lines	9CF848209FF50DBF68F5292B3421831C	D29880B7B15102469123D8747BF645706CE8595B	EA1744C3CFBAA684A31A00067E8493ED114EFF3E878C797C9C55A7B122D855CD
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\hu\messages.json	ASCII text, with very long lines	4AD92AFDE3408FBBE43B0C3C71677650	3488901077F336A3196F9AE116E36DF1674E1ACA	61258FE04C23AE14FDC99EE846CEA71CC703990CC0F80C3934299646E86C475E
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\id\messages.json	ASCII text, with very long lines	9008516AA1D8F8C2B8ECE70B7E4963AD	EA7AD4BE77A80A4B9FB1E59A340010830E494747	89CAB0AF2B53C6ABEB93C8C628DDCBDD286A7A2672FE03440411BB654E3A0675
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\it\messages.json	ASCII text, with very long lines	BB9C32BA62DDA02F9471C64B5F9CF916	9825037D5D9185C58456CDD887C77B10A41D8C84	43A0B113D3773BA78F82BB9E42DDC46F6892D0FBBB351F94A7C105E4A146E9C1
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\ja\messages.json	ASCII text, with very long lines	96C8CBD161D3CE9CB1A46CB2CD0C6583	78BBFCF035B5B620E353C8E520653ADD3F4E7DB8	81D8F1D9F72B3139BC5D9845BCF82990308FB6175D07514D8238B1E6D5D02E8A
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\ko\messages.json	ASCII text, with very long lines	3CAF23A8EA2332D78B725B6C99EC3202	95C3504F55A929449EF2E3AB92014562AACD39AD	BFE72BBC492B9018A599CB6575366696E431E6A38400E4B2ED06EAE3340D3AE5
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\lt\messages.json	ASCII text, with very long lines	41F2D63952202E528DBBB683B480F99C	9DD998542DBE6609299D4A5A25364A32FA7D7865	FF7C083CD1E6134DD8263C634336EB852274BAD1BFAD18762814C42BC65309D8
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\lv\messages.json	ASCII text, with very long lines	1D21ED2D46338636E24401F6E56E326F	24497EDB25724BC4A57823C5CD06F50DB9647DD4	434A375C32B8A21C435511C551F740FD4D170EC528A8F4EFC3D798EA4A07B606
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\nb\messages.json	ASCII text, with very long lines	8F0168B9A546D5A99FD8A262C975C80E	B0718071BD0B7251D4459E9C87DF50C14622FBD6	F03FA7384DF79EBA6E0274D570996030F595A3BF6B781929DD9DB6593262E41F
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\nl\messages.json	ASCII text, with very long lines	E7F74DCE7B6411E4E0D95E9252CF74FA	33CC6C73C5F8D0144C0260C2E5A9BD0DB3EF6477	3564AEF46C01602B19CC29FD8A79676C543427EDE98206D0C91B33AF0CCF3977
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\pl\messages.json	ASCII text, with very long lines	E16649D87E4CA6462192CF78EBE543EC	53097D592B13F3C1370366B25024EA72208B136A	EB435F7460A63576CA1ECB51948E7A3AD5168D2F175AE2B5836D469672923D84
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\pt_BR\messages.json	ASCII text, with very long lines	1F4BC8A5EFD59D61127ABEECD4B6CAE3	8647B4D2D643AE4F784ABDDC50D87A39AD02971A	E1950CBBF056F068EA56160DDB318F3E6232BFBBE096D221C7CA6FCAACE2A8B9
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\pt_PT\messages.json	ASCII text, with very long lines	D80ECE7E4B3741CD9CD29B89D006B864	8F0D587B78E36861ED00524ABF886FA20E14CAE4	C8FF9ACAEA1D3B6F8483339CB40F66BC563CCA8DD87F2337F813C492B20F451B
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\ro\messages.json	ASCII text, with very long lines	D63E66B94A4EA2085D80E76209582FB1	4ECAC3EB64DD6253310A0776E6D42257FC290D77	91A5AAD210C3E0241106E8821B3897EDEFEC9D85033C94DB2324FF3A5FDE5AC7
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\ru\messages.json	ASCII text, with very long lines	22F9E62ABAD82C2190A839851245A495	E7F79BD875918F0D0799DB5F45FAC6297FB66AF7	9FC1167626C97BCBFDAFF23C6033A44252F89A501AF1DF41C43CB3A994FEB09F
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\sk\messages.json	ASCII text, with very long lines	4BBAA10FD00AADBBA3EF6E805E8E1A62	1991901BD6A20C4A7977F09DF30C0CFF0524C504	906C4F7FDDE15DE4C841E7910BBF14D9175E894BCB244B56E8447A5ADFA5B7AB
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\sl\messages.json	ASCII text, with very long lines	F45DE58765A37FD095319D7DEB0F2FB6	B585A485C9BC1982EDF7AE0B9AC73A8E91D41CB5	8366774AA582035BC7D949F4E28FAEC371C305D01404DF56FFF5A78B4F6ECDB7
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\sr\messages.json	ASCII text, with very long lines	92C1FAC62EB7F92EC3794D4A141BEF32	2AFA41BF51BF9A1089B0B92A9D2DC74299B79813	9DF154C93B02695AF1CC39F085D9D178EC6AF131A62C2AFC65F125F8F9A5B7AC
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\sv\messages.json	ASCII text, with very long lines	6E1BE9CEE29818E54E3D1C7D483DD6F7	B9DD926B60E225C5BE8A1DBB7EF3ACE422A204A9	E348583D8C53F4A5DEC4551DA93785C17108466E427E06F84708AA383EA0E326
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\th\messages.json	ASCII text, with very long lines	283D5177FB2FC7082967988E2683EC7C	DEDE43967F3CEF9D9325F140872A63BFCE2AA8C5	E8D5820BDE31B66A7641068FDEDD1A5F20C1A783460B98887A670F38422099CF
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\tr\messages.json	ASCII text, with very long lines	1BF2AA4BB904B406C9C2B7DF769BB540	8D29C4B7A79AB0657747CA194D1934292A46D2A8	0F2E8285BA3E2BDBA6B16435FB941B07159AACFAC80196AD5941B79AB52B712A
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\uk\messages.json	ASCII text, with very long lines	FD1C9890679036E1AD914218753B1E8E	58160F7A0FC94110A2876223E406A517C8E2660B	39D19CC3387FFCE13A8F11DAD72E2FCBB7CD1A4367EC699AD7C40D6F52ECE717
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\vi\messages.json	ASCII text, with very long lines	7D52E9357AB847B4CC8DBC8CC4DA93F5	AF877F3992D8056C8F08462BD575595BF79FE5B0	313F71F3FFDCEFC76FC746FF2029FBF8FBE38BD83DCF952FC3DDCD8AA96D5CFB
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\zh_CN\messages.json	ASCII text, with very long lines	393680A09DEE0CB9046A62BDC0750B74	54E7F8215061A4AB241B87AE4E81C8F860EB2C2B	D5FB52C2897FD5C294784DB63C933AC77C609D10AC91431CCB295D87452CBEE6
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_locales\zh_TW\messages.json	ASCII text, with very long lines	CD30D132A7213FC1B7E03C6D0A49CCF7	1141DED39023B821FE9BB4682E0D1EB5469DAF76	5717F13D10E63255947F750C79CBB6BD04A6D97A08261E8D5764AF5EB0561A28
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\_metadata\verified_contents.json	ASCII text, with very long lines, with no line terminators	0834821960CB5C6E9D477AEF649CB2E4	7D25F027D7CEE9E94E9CBDEE1F9220C8D20A1588	52A24FA2FB3BCB18D9D8571AE385C4A830FF98CE4C18384D40A84EA7F6BA7F69
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\craw_background.js	ASCII text, with very long lines	6EEBED29E6A6301E92A9B8B347807F5F	65DFB69B650560551110B33DCBA50B25E5B876DE	04CD9494B0ED83924DAD12202630B20D053D9E2819C8E826A386C814CC0A1697
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\craw_window.js	ASCII text, with very long lines	1709B6F00A136241185161AA3DF46A06	33DA7D262FFED1A5C2D85B7390E9DBC830CBE494	5721A4B3F8E09C869A629EFFD350B51C9D46F0AC136717D4DB6265C0EE6F9AC8
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\css\craw_window.css	ASCII text	67BF9AABE17541852F9DDFF8245096CD	A4AC74DD258E8E0689034FAA1B15A5C7C56DC3BB	10DFBD2D98950B79EE12F6B8E3885AABE31543048DE56AD4FC0A5E34D0D9D4EC
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\html\craw_window.html	HTML document, ASCII text	34A839BC40DEBC746BBD181D9EF9310C	8B4EAA74D31EED5B0BABA3CA5460201F6B10DA46	BB8742615E4CD996AE5D0200E443AE6A6F0B473255F03AFFDB8FB4660DE4554D
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\images\flapper.gif	GIF image data, version 89a, 30 x 30	398ABB308EEBC355DA70BCE907B22E29	CFFB77B8A1724B8F81D98C6D6AD0071D10162252	2B73533F47A99FFEA9CC405FFAFA9C4C53623F62487AEBFBA415945120B22040
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\images\icon_128.png	PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced	4DBC9F9E6F5A08D299BAC9E54DF07694	BB38F5DE34B1E0BE1109220BA55271087A4D9EA5	91C2718DD23B4356D71F88F6146868369033291086DF327534546DFA459BEB0E
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\images\icon_16.png	PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced	FB9C46EA81AD3E456D90D58697C12C06	5FC450F7D73CCFAC8F0D818CB3392BA4D91B69DE	016CA659BA080E194FBFC0929602B16506ED60AA6019FAA51410C4FD93B583E8
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\images\topbar_floating_button.png	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced	8803665A6328D23CC1014A7B0E9BE295	9DA6EE729D5A6E9F30658B8EC954710F107A641F	D5F9234DC36E7FFA85F35B2359A4F82276F8395EFA76E4553507EA990B27FC6C
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\images\topbar_floating_button_close.png	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced	0599DFD9107C7647F27E69331B0A7D75	3198C0A5F34DB67F91A0035DBC297354CBC95525	131817CD9311C03DF22D769DD2AD7FA2E6E9558863A89F7E5E1657424031A937
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\images\topbar_floating_button_hover.png	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced	7CB6B9DC1A30F63B8BD976924B75AD96	0C40B0C496D2F2B5F2021C117EC8610AC03AB469	721B7AAA9A42A54A349881615A12E3A26983ACA48E173FD2F66E66AA0D725735
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\images\topbar_floating_button_maximize.png	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced	232CE72808B60CBE0F4FA788A76523DF	721A9C98C835D2CD734153BBE07833C6637ECD68	AFA4EA944CBDEC8543242E627EF46D5BFD3766DCAC664E7E50CDEEF2B352740C
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\images\topbar_floating_button_pressed.png	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced	E0862317407F2D54C85E12945799413B	FA557F8F761A04C41C9A4BA81994E43C6C275DBB	5C10CE0589EB115600F77381130B70AE0B7B3752614D86D4C89E857658AA222B
C:\Users\user\AppData\Local\Temp\scoped_dir6140_1523647220\CRX_INSTALL\manifest.json	ASCII text, with CRLF line terminators	01334FB9D092AF2AA46C4185E405C627	47AD3C0E82362FFE5B881DF8D71D6F79AB7F5796	F52714812D68C577A445169D11E84DF6751C2D6886BC429643072BB5D61C6C27

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Local\Temp\6140_158424456\LICENSE.txt

Jump to behavior

Source: unknown	HTTPS traffic detected: 117.184.226.43:443 -> 192.168.2.4:49804 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 117.184.226.43:443 -> 192.168.2.4:49805 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 117.184.226.1:443 -> 192.168.2.4:49821 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 117.184.226.1:443 -> 192.168.2.4:49822 version: TLS 1.2

Networking

Uses known network protocols on non-standard ports

Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 9022
Source: unknown	Network traffic detected: HTTP traffic on port 9022 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 9022
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 9022
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 9022
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 9022
Source: unknown	Network traffic detected: HTTP traffic on port 9022 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 9022 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 9022 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 9022 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 9022
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 9022
Source: unknown	Network traffic detected: HTTP traffic on port 9022 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 9022 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 9022
Source: unknown	Network traffic detected: HTTP traffic on port 9022 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 9022
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 9022
Source: unknown	Network traffic detected: HTTP traffic on port 9022 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 9022 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 9022
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 9022
Source: unknown	Network traffic detected: HTTP traffic on port 9022 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 9022 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 9022
Source: unknown	Network traffic detected: HTTP traffic on port 9022 -> 49748

Source: unknown

DNS traffic detected: queries for: clients2.google.com

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49865
Source: unknown	Network traffic detected: HTTP traffic on port 49890 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49863
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49861
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49860
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49875 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49912 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49859
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49858
Source: unknown	Network traffic detected: HTTP traffic on port 49881 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49857
Source: unknown	Network traffic detected: HTTP traffic on port 49889 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49866 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49974
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 49858 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49893 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49915 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49798 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49861 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49847
Source: unknown	Network traffic detected: HTTP traffic on port 49886 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49869 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49892 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49887 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49798
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49910 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49895 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49913 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49907 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 49867 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 49865 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 49974 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49871 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49894 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 49868 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49885 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49899
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49898
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49897
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49896
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49895
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49894
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49893
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49892
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49891
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49890
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49897 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49876 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49911 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 49882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 49905 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49889
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49800
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49888
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49887
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49886
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49885
Source: unknown	Network traffic detected: HTTP traffic on port 49863 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49884
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49883
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49882
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49881
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49880
Source: unknown	Network traffic detected: HTTP traffic on port 49857 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49896 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49877 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49914 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49860 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49883 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49915
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49914
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49913
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49912
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49911
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49877
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49910
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49876
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49875
Source: unknown	Network traffic detected: HTTP traffic on port 49891 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49871
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49899 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49880 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49907
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49905
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49869
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49868
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49867
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49866
Source: unknown	Network traffic detected: HTTP traffic on port 49888 -> 443

Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70
Source: unknown	TCP traffic detected without corresponding DNS query: 117.184.226.70

Source: global traffic	HTTP traffic detected: GET /service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=85.0.4183.121&lang=en-GB&acceptformat=crx3&x=id%3Dnmmhkkegccagdldgiimedpiccmgmieda%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D-1%2526e%253D1 HTTP/1.1Host: clients2.google.comConnection: keep-aliveX-Goog-Update-Interactivity: fgX-Goog-Update-AppId: nmmhkkegccagdldgiimedpiccmgmieda,pkedcjkdefgpdelpbcmbmeomcjbeemfmX-Goog-Update-Updater: chromecrx-85.0.4183.121Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /govPortals/common/css/common_new.css HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: http://zwdt.sh.gov.cn/zwdtSW/dphead/head/head.jspAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/head/head.jsp HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: http://zwdt.sh.gov.cn/zwdtSW/dphead/head/head.jspAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /uc/zwdtSW/dphead/img/wzabst.png HTTP/1.1Host: lxm.qrcode.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://zwdt.sh.gov.cn/zwdtSW/dphead/foot/foot.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /uc/zwdtSW/dphead/img/ico1.png HTTP/1.1Host: lxm.qrcode.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://zwdt.sh.gov.cn/zwdtSW/dphead/foot/foot.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /uc/zwdtSW/dphead/css/footer.css?v=1.0.0.2 HTTP/1.1Host: lxm.qrcode.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: http://zwdt.sh.gov.cn/zwdtSW/dphead/foot/foot.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /uc/zwdtSW/dphead/img/ico2.png HTTP/1.1Host: lxm.qrcode.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://zwdt.sh.gov.cn/zwdtSW/dphead/foot/foot.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /uc/zwdtSW/dphead/img/foot-icp.png HTTP/1.1Host: lxm.qrcode.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://zwdt.sh.gov.cn/zwdtSW/dphead/foot/foot.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /uc/zwdtSW/dphead/img/ico3.png HTTP/1.1Host: lxm.qrcode.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://zwdt.sh.gov.cn/zwdtSW/dphead/foot/foot.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /govPortals/common/css/common_new.css HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: http://zwdt.sh.gov.cn/zwdtSW/dphead/head/head.jspAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/head/head.jsp HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: http://zwdt.sh.gov.cn/zwdtSW/dphead/head/head.jspAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /uc/zwdtSW/dphead/img/foot-ga.png HTTP/1.1Host: lxm.qrcode.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: http://zwdt.sh.gov.cn/zwdtSW/dphead/foot/foot.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /uc/zwdtSW/dphead/img/footer.jpg HTTP/1.1Host: lxm.qrcode.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://lxm.qrcode.sh.gov.cn/uc/zwdtSW/dphead/css/footer.css?v=1.0.0.2Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/plugin/bootstrap/css/bootstrap.min.css HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://zwdt.sh.gov.cn/zwdtSW/dphead/head/head.jspAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/plugin/fontawesome/css/font-awesome.min.css HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://zwdt.sh.gov.cn/zwdtSW/dphead/head/head.jspAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/css/head.css?1660049840950 HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://zwdt.sh.gov.cn/zwdtSW/dphead/head/head.jspAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /govPortals/common/css/common_new.css HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://zwdt.sh.gov.cn/zwdtSW/dphead/head/head.jspAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Range: bytes=17018-17018If-Range: "62da8dd3-d6d9"
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/plugin/jquery-1.7.2.min.js HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://zwdt.sh.gov.cn/zwdtSW/dphead/head/head.jspAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /govPortals/common/css/common_new.css HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://zwdt.sh.gov.cn/zwdtSW/dphead/head/head.jspAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Range: bytes=17018-55000If-Range: "62da8dd3-d6d9"
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/head/header.js?1660049840950 HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://zwdt.sh.gov.cn/zwdtSW/dphead/head/head.jspAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/data/dept.json HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveAccept: application/json, text/javascript, /; q=0.01User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36X-Requested-With: XMLHttpRequestSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://zwdt.sh.gov.cn/zwdtSW/dphead/head/head.jspAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/img/sublogo.png HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://zwdt.sh.gov.cn/zwdtSW/dphead/head/head.jspAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/img/common-logo.png HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://zwdt.sh.gov.cn/zwdtSW/dphead/css/head.css?1660049840950Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/img/header-icon-03.png HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://zwdt.sh.gov.cn/zwdtSW/dphead/css/head.css?1660049840950Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /uc/zwdtSW/dphead/img/ico2.png HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: lxm.qrcode.sh.gov.cn
Source: global traffic	HTTP traffic detected: GET /uc/zwdtSW/dphead/img/wzabst.png HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: lxm.qrcode.sh.gov.cn
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/img/location.png HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://zwdt.sh.gov.cn/zwdtSW/dphead/css/head.css?1660049840950Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /uc/usercenter/userinfo.jsp HTTP/1.1Host: zwdtuser.sh.gov.cnConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://zwdt.sh.gov.cn/zwdtSW/dphead/head/head.jspAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/plugin/bootstrap/fonts/glyphicons-halflings-regular.woff2 HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveOrigin: https://zwdt.sh.gov.cnUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://zwdt.sh.gov.cn/zwdtSW/dphead/plugin/bootstrap/css/bootstrap.min.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /uc/zwdtSW/dphead/img/ico1.png HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: lxm.qrcode.sh.gov.cn
Source: global traffic	HTTP traffic detected: GET /uc/zwdtSW/dphead/img/ico3.png HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: lxm.qrcode.sh.gov.cn
Source: global traffic	HTTP traffic detected: GET /uc/zwdtSW/dphead/img/foot-icp.png HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: lxm.qrcode.sh.gov.cn
Source: global traffic	HTTP traffic detected: GET /uc/zwdtSW/dphead/img/foot-ga.png HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: lxm.qrcode.sh.gov.cn
Source: global traffic	HTTP traffic detected: GET /uc/zwdtSW/dphead/img/footer.jpg HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: lxm.qrcode.sh.gov.cn
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/img/sublogo.png HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: zwdt.sh.gov.cn
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/img/common-logo.png HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: zwdt.sh.gov.cn
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/img/header-icon-03.png HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: zwdt.sh.gov.cn
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/img/location.png HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36Host: zwdt.sh.gov.cn
Source: global traffic	HTTP traffic detected: GET /exposure/jiucuo.html?site_code=3100000044&url=https%3A%2F%2Fwww.shanghai.g HTTP/1.1Host: zfwzgl.www.gov.cnConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.g HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://zfwzgl.www.gov.cn/exposure/jiucuo.html?site_code=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /check_web/css/master_cn_v1.0.css HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01
Source: global traffic	HTTP traffic detected: GET /check_web/css/jquery.dataTables_themeroller.css HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01
Source: global traffic	HTTP traffic detected: GET /check_web/css/EDM.css HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01
Source: global traffic	HTTP traffic detected: GET /check_web/js/flexslider/flexslider.css HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01
Source: global traffic	HTTP traffic detected: GET /check_web/css/xinxikf.css HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01
Source: global traffic	HTTP traffic detected: GET /check_web/css/find_mistakes.css HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01
Source: global traffic	HTTP traffic detected: GET /check_web/css/base.css HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01
Source: global traffic	HTTP traffic detected: GET /check_web/js/jquery/jquery-1.10.2.js HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01
Source: global traffic	HTTP traffic detected: GET /check_web/js/kindeditor/themes/default/default.css HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01
Source: global traffic	HTTP traffic detected: GET /check_web/js/jquery/jquery.validate.js HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01
Source: global traffic	HTTP traffic detected: GET /check_web/js/jquery/jquery.form.js HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01
Source: global traffic	HTTP traffic detected: GET /check_web/js/jquery/jquery.dataTables.js HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01
Source: global traffic	HTTP traffic detected: GET /check_web/js/jquery/fnReloadAjax.js HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01
Source: global traffic	HTTP traffic detected: GET /check_web/js/placeholder.js HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01
Source: global traffic	HTTP traffic detected: GET /check_web/js/util.js HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01
Source: global traffic	HTTP traffic detected: GET /check_web/js/jquery.tips.js HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01; JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01
Source: global traffic	HTTP traffic detected: GET /check_web/images/jiuc_header.jpg HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://zfwzzc.www.gov.cn/check_web/css/find_mistakes.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01
Source: global traffic	HTTP traffic detected: GET /check_web/images/jc/jiuc_img8.jpg HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01
Source: global traffic	HTTP traffic detected: GET /check_web/images/right_doub.png HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://zfwzzc.www.gov.cn/check_web/css/find_mistakes.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01
Source: global traffic	HTTP traffic detected: GET /check_web/images/jc/red_asterisk.png HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://zfwzzc.www.gov.cn/check_web/css/find_mistakes.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01
Source: global traffic	HTTP traffic detected: GET /check_web/js/jquery/jquery.select.js HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01; JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01; JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01
Source: global traffic	HTTP traffic detected: GET /2016public/bottom.htm HTTP/1.1Host: www.gov.cnConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /govweb/xhtml/2016gov/css/base.css HTTP/1.1Host: www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.gov.cn/2016public/bottom.htmAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /govweb/xhtml/2016gov/css/common.css HTTP/1.1Host: www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://www.gov.cn/2016public/bottom.htmAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /govweb/xhtml/2016gov/guowuyuan/20190301gwykhd/images/icon_1234.png HTTP/1.1Host: www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.gov.cn/2016public/bottom.htmAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /govweb/xhtml/2016gov/guowuyuan/20190301gwykhd/images/icon_724.png HTTP/1.1Host: www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.gov.cn/2016public/bottom.htmAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /check_web/js/kindeditor/kindeditor-all.js HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01; JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01
Source: global traffic	HTTP traffic detected: GET /govweb/xhtml/2016gov/js/jquery-1.8.3.min.js HTTP/1.1Host: www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.gov.cn/2016public/bottom.htmAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /govweb/xhtml/2016gov/guowuyuan/20190301gwykhd/images/icon_1434.png HTTP/1.1Host: www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.gov.cn/2016public/bottom.htmAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /govweb/xhtml/2016gov/guowuyuan/20190301gwykhd/images/icon_1534.png HTTP/1.1Host: www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.gov.cn/2016public/bottom.htmAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /govweb/xhtml/2016gov/images/index/2018guohui03.png HTTP/1.1Host: www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.gov.cn/2016public/bottom.htmAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /govweb/xhtml/2016gov/images/public/select_jiantou.jpg HTTP/1.1Host: www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.gov.cn/govweb/xhtml/2016gov/css/common.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /check_web/js/flexslider/jquery.flexslider.js HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01; JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01; JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01
Source: global traffic	HTTP traffic detected: GET /check_web/js/slider.js HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01; JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01
Source: global traffic	HTTP traffic detected: GET /check_web/map/js/echarts.js HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01
Source: global traffic	HTTP traffic detected: GET /hm.js?3a125f686abed6dc0209db1fb2efac2b HTTP/1.1Host: hm.baidu.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /check_web/js/jcInfoNew.js?v=202002181 HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01; JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01
Source: global traffic	HTTP traffic detected: GET /check_web/kaptcha.jpg?1563507290545 HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01
Source: global traffic	HTTP traffic detected: GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=913&et=0&ja=0&ln=en-gb&lo=0&rnd=871009239&si=3a125f686abed6dc0209db1fb2efac2b&su=https%3A%2F%2Fzfwzgl.www.gov.cn%2Fexposure%2Fjiucuo.html%3Fsite_code%3D3100000044%26url%3Dhttps%253A%252F%252Fwww.shanghai.g&v=1.2.96&lv=1&sn=48325&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fzfwzzc.www.gov.cn%2Fcheck_web%2FerrorInfo%2FjcInfoNew%3FsiteCode%3D3100000044%26url%3Dhttps%253A%252F%252Fwww.shanghai.g&tt=%E6%88%91%E8%A6%81%E6%89%BE%E9%94%99 HTTP/1.1Host: hm.baidu.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: HMACCOUNT_BFESS=60A9DFC3875D1EBF
Source: global traffic	HTTP traffic detected: GET /check_web/errorInfo_querySearch.action?sEcho=1&iColumns=7&sColumns=%2C%2C%2C%2C%2C%2C&iDisplayStart=0&iDisplayLength=10&mDataProp_0=dataNumber&sSearch_0=&bRegex_0=false&bSearchable_0=true&bSortable_0=false&mDataProp_1=sitecode&sSearch_1=&bRegex_1=false&bSearchable_1=true&bSortable_1=false&mDataProp_2=wzmc&sSearch_2=&bRegex_2=false&bSearchable_2=true&bSortable_2=false&mDataProp_3=problem_id&sSearch_3=&bRegex_3=false&bSearchable_3=true&bSortable_3=false&mDataProp_4=bgdate&sSearch_4=&bRegex_4=false&bSearchable_4=true&bSortable_4=false&mDataProp_5=blzt&sSearch_5=&bRegex_5=false&bSearchable_5=true&bSortable_5=false&mDataProp_6=chakan&sSearch_6=&bRegex_6=false&bSearchable_6=true&bSortable_6=false&sSearch=&bRegex=false&iSortCol_0=0&sSortDir_0=asc&iSortingCols=1&status=0%2C1%2C5%2C6%2C7%2C8%2C9%2C16%2C17%2C18&sitecodebg=&problemIdbg=&tt=Tue+Aug+09+2022+14%3A57%3A55+GMT%2B0200+(Central+European+Summer+Time)&size=10&pos=1&pageNo=1&_t=1660049875337 HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveAccept: application/json, text/javascript, /; q=0.01User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36X-Requested-With: XMLHttpRequestSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01; Hm_lvt_3a125f686abed6dc0209db1fb2efac2b=1660049875; Hm_lpvt_3a125f686abed6dc0209db1fb2efac2b=1660049875
Source: global traffic	HTTP traffic detected: GET /check_web/images/jc/bgt.png HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://zfwzzc.www.gov.cn/check_web/css/find_mistakes.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01; JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01; JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01; Hm_lvt_3a125f686abed6dc0209db1fb2efac2b=1660049875; Hm_lpvt_3a125f686abed6dc0209db1fb2efac2b=1660049875
Source: global traffic	HTTP traffic detected: GET /check_web/images/magnify-icon.png HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://zfwzzc.www.gov.cn/check_web/css/find_mistakes.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01; JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01; Hm_lvt_3a125f686abed6dc0209db1fb2efac2b=1660049875; Hm_lpvt_3a125f686abed6dc0209db1fb2efac2b=1660049875
Source: global traffic	HTTP traffic detected: GET /check_web/images/jc/down_i.png HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://zfwzzc.www.gov.cn/check_web/css/find_mistakes.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01; JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01; JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01; Hm_lvt_3a125f686abed6dc0209db1fb2efac2b=1660049875; Hm_lpvt_3a125f686abed6dc0209db1fb2efac2b=1660049875
Source: global traffic	HTTP traffic detected: GET /check_web/kaptcha.jpg?1660049875267 HTTP/1.1Host: zfwzzc.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://zfwzzc.www.gov.cn/check_web/errorInfo/jcInfoNew?siteCode=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=9B1898D213B6788FD98B51B0F20C72C8.tomcat-gongkai-b01; Hm_lvt_3a125f686abed6dc0209db1fb2efac2b=1660049875; Hm_lpvt_3a125f686abed6dc0209db1fb2efac2b=1660049875
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: zfwzgl.www.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://zfwzgl.www.gov.cn/exposure/jiucuo.html?site_code=3100000044&url=https%3A%2F%2Fwww.shanghai.gAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=113101066887499677331010214400001&access_token=43b263fc-3d1d-46c0-91a2-e154caad35dd HTTP/1.1Host: 117.184.226.70:9022Connection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Accept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /ac-guide-ext/resources/bootstrap-3.3.5/css/bootstrap.min.css HTTP/1.1Host: 117.184.226.70:9022Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Referer: http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=113101066887499677331010214400001&access_token=43b263fc-3d1d-46c0-91a2-e154caad35ddAccept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=BCD46D732791F2B858868A31117F5A8E
Source: global traffic	HTTP traffic detected: GET /ac-guide-ext/resources/layer/2.5/css/layui.css HTTP/1.1Host: 117.184.226.70:9022Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Referer: http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=113101066887499677331010214400001&access_token=43b263fc-3d1d-46c0-91a2-e154caad35ddAccept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=BCD46D732791F2B858868A31117F5A8E
Source: global traffic	HTTP traffic detected: GET /ac-guide-ext/fillform/onething-city2/css/index.css HTTP/1.1Host: 117.184.226.70:9022Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Referer: http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=113101066887499677331010214400001&access_token=43b263fc-3d1d-46c0-91a2-e154caad35ddAccept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=BCD46D732791F2B858868A31117F5A8E
Source: global traffic	HTTP traffic detected: GET /ac-guide-ext/fillform/common/js/jquery-1.11.0.min.js HTTP/1.1Host: 117.184.226.70:9022Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Referer: http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=113101066887499677331010214400001&access_token=43b263fc-3d1d-46c0-91a2-e154caad35ddAccept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=BCD46D732791F2B858868A31117F5A8E
Source: global traffic	HTTP traffic detected: GET /zwdtSW/plugin/fontawesome/css/font-awesome.min.css HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Referer: http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=113101066887499677331010214400001&access_token=43b263fc-3d1d-46c0-91a2-e154caad35ddAccept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /govPortals/common/css/common_new.css HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Referer: http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=113101066887499677331010214400001&access_token=43b263fc-3d1d-46c0-91a2-e154caad35ddAccept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/head/head.jsp HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Referer: http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=113101066887499677331010214400001&access_token=43b263fc-3d1d-46c0-91a2-e154caad35ddAccept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/foot/foot.html HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Referer: http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=113101066887499677331010214400001&access_token=43b263fc-3d1d-46c0-91a2-e154caad35ddAccept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /ac-guide-ext/fillform/notity/js/vue.min.js HTTP/1.1Host: 117.184.226.70:9022Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Referer: http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=113101066887499677331010214400001&access_token=43b263fc-3d1d-46c0-91a2-e154caad35ddAccept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=BCD46D732791F2B858868A31117F5A8E
Source: global traffic	HTTP traffic detected: GET /ac-guide-ext/resources/bootstrap-3.3.5/js/bootstrap.min.js HTTP/1.1Host: 117.184.226.70:9022Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Referer: http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=113101066887499677331010214400001&access_token=43b263fc-3d1d-46c0-91a2-e154caad35ddAccept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=BCD46D732791F2B858868A31117F5A8E
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/common/js/version.js?time=0.4290670805374541 HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Referer: http://zwdt.sh.gov.cn/zwdtSW/dphead/foot/foot.htmlAccept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/plugin/bootstrap/css/bootstrap.min.css HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Referer: http://zwdt.sh.gov.cn/zwdtSW/dphead/head/head.jspAccept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/plugin/fontawesome/css/font-awesome.min.css HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Referer: http://zwdt.sh.gov.cn/zwdtSW/dphead/head/head.jspAccept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/css/head.css?1660049838314 HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Referer: http://zwdt.sh.gov.cn/zwdtSW/dphead/head/head.jspAccept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/plugin/jquery-1.7.2.min.js HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Referer: http://zwdt.sh.gov.cn/zwdtSW/dphead/head/head.jspAccept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /ac-guide-ext/resources/layer/2.5/layui.js HTTP/1.1Host: 117.184.226.70:9022Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Referer: http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=113101066887499677331010214400001&access_token=43b263fc-3d1d-46c0-91a2-e154caad35ddAccept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=BCD46D732791F2B858868A31117F5A8E
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/head/header.js?1660049838314 HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Referer: http://zwdt.sh.gov.cn/zwdtSW/dphead/head/head.jspAccept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /ac-guide-ext/resources/layer/2.5/lay/modules/layer.js HTTP/1.1Host: 117.184.226.70:9022Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Referer: http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=113101066887499677331010214400001&access_token=43b263fc-3d1d-46c0-91a2-e154caad35ddAccept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=BCD46D732791F2B858868A31117F5A8E
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/head/head.jsp HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9Referer: http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=113101066887499677331010214400001&access_token=43b263fc-3d1d-46c0-91a2-e154caad35ddAccept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/common/js/version.js?time=0.7040889451629797 HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Referer: http://zwdt.sh.gov.cn/zwdtSW/dphead/foot/foot.htmlAccept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /ac-guide-ext/resources/layer/2.5/css/modules/layer/default/layer.css?v=3.1.1 HTTP/1.1Host: 117.184.226.70:9022Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Referer: http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=113101066887499677331010214400001&access_token=43b263fc-3d1d-46c0-91a2-e154caad35ddAccept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=BCD46D732791F2B858868A31117F5A8E
Source: global traffic	HTTP traffic detected: GET /ac-guide-ext/resources/layer/2.5/lay/modules/upload.js HTTP/1.1Host: 117.184.226.70:9022Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Referer: http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=113101066887499677331010214400001&access_token=43b263fc-3d1d-46c0-91a2-e154caad35ddAccept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: JSESSIONID=BCD46D732791F2B858868A31117F5A8E
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/css/head.css?1660049839811 HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: text/css,/;q=0.1Referer: http://zwdt.sh.gov.cn/zwdtSW/dphead/head/head.jspAccept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/head/header.js?1660049839811 HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: /Referer: http://zwdt.sh.gov.cn/zwdtSW/dphead/head/head.jspAccept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /zwdtSW/dphead/img/sublogo.png HTTP/1.1Host: zwdt.sh.gov.cnConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Referer: http://zwdt.sh.gov.cn/zwdtSW/dphead/head/head.jspAccept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: 117.184.226.70:9022Connection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.121 Safari/537.36Accept: image/avif,image/webp,image/apng,image/,/*;q=0.8Referer: http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=113101066887499677331010214400001&access_token=43b263fc-3d1d-46c0-91a2-e154caad35ddAccept-Encoding: gzip, deflateAccept-Language: en-GB,en-US;q=0.9,en;q=0.8

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundDate: Tue, 09 Aug 2022 12:58:37 GMTContent-Type: text/html; charset=utf-8Content-Length: 522Connection: closeServer: elb
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.15.6.1 CrowDate: Tue, 09 Aug 2022 12:57:25 GMTContent-Type: text/htmlContent-Length: 562Connection: keep-aliveData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 2f 31 2e 31 35 2e 36 2e 31 20 43 72 6f 77 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a 3c 21 2d 2d 20 61 20 70 61 64 64 69 6e 67 20 74 6f 20 64 69 73 61 62 6c 65 20 4d 53 49 45 20 61 6e 64 20 43 68 72 6f 6d 65 20 66 72 69 65 6e 64 6c 79 20 65 72 72 6f 72 20 70 61 67 65 20 2d 2d 3e 0d 0a Data Ascii: <html><head><title>404 Not Found</title></head><body><center><h1>404 Not Found</h1></center><hr><center>nginx/1.15.6.1 Crow</center></body></html><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page --><!-- a padding to disable MSIE and Chrome friendly error page -->

Source: History Provider Cache.0.dr	String found in binary or memory: http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=1131
Source: 27decaa4-e983-4dfb-b2f0-27c2c068c25f.tmp.1.dr, 1c8eee4e-6528-4e49-a6c0-212bc86c9990.tmp.1.dr	String found in binary or memory: https://accounts.google.com
Source: craw_window.js.0.dr, craw_window.js0.0.dr	String found in binary or memory: https://accounts.google.com/MergeSession
Source: 27decaa4-e983-4dfb-b2f0-27c2c068c25f.tmp.1.dr, 1c8eee4e-6528-4e49-a6c0-212bc86c9990.tmp.1.dr	String found in binary or memory: https://apis.google.com
Source: 27decaa4-e983-4dfb-b2f0-27c2c068c25f.tmp.1.dr, 1c8eee4e-6528-4e49-a6c0-212bc86c9990.tmp.1.dr	String found in binary or memory: https://clients2.google.com
Source: manifest.json.0.dr, manifest.json2.0.dr	String found in binary or memory: https://clients2.google.com/service/update2/crx
Source: 27decaa4-e983-4dfb-b2f0-27c2c068c25f.tmp.1.dr, 1c8eee4e-6528-4e49-a6c0-212bc86c9990.tmp.1.dr	String found in binary or memory: https://clients2.googleusercontent.com
Source: 27decaa4-e983-4dfb-b2f0-27c2c068c25f.tmp.1.dr	String found in binary or memory: https://content-autofill.googleapis.com
Source: LICENSE.txt.0.dr	String found in binary or memory: https://creativecommons.org/.
Source: LICENSE.txt.0.dr	String found in binary or memory: https://creativecommons.org/compatiblelicenses
Source: 4e795b3c-3c2c-49a8-80bb-0db96d6ccb7b.tmp.1.dr, 27decaa4-e983-4dfb-b2f0-27c2c068c25f.tmp.1.dr, 321675e0-8103-480a-a7e8-b38cce85d665.tmp.1.dr, 1c8eee4e-6528-4e49-a6c0-212bc86c9990.tmp.1.dr	String found in binary or memory: https://dns.google
Source: LICENSE.txt.0.dr	String found in binary or memory: https://easylist.to/)
Source: 27decaa4-e983-4dfb-b2f0-27c2c068c25f.tmp.1.dr, 1c8eee4e-6528-4e49-a6c0-212bc86c9990.tmp.1.dr	String found in binary or memory: https://fonts.googleapis.com
Source: 27decaa4-e983-4dfb-b2f0-27c2c068c25f.tmp.1.dr, 1c8eee4e-6528-4e49-a6c0-212bc86c9990.tmp.1.dr	String found in binary or memory: https://fonts.gstatic.com
Source: LICENSE.txt.0.dr	String found in binary or memory: https://github.com/easylist)
Source: craw_window.js.0.dr, craw_background.js.0.dr, craw_window.js0.0.dr, craw_background.js0.0.dr	String found in binary or memory: https://github.com/google/closure-library/wiki/goog.module:-an-ES6-module-like-alternative-to-goog.p
Source: 27decaa4-e983-4dfb-b2f0-27c2c068c25f.tmp.1.dr, 1c8eee4e-6528-4e49-a6c0-212bc86c9990.tmp.1.dr	String found in binary or memory: https://ogs.google.com
Source: craw_window.js.0.dr, craw_window.js0.0.dr, manifest.json.0.dr, manifest.json2.0.dr	String found in binary or memory: https://payments.google.com/payments/v4/js/integrator.js
Source: 27decaa4-e983-4dfb-b2f0-27c2c068c25f.tmp.1.dr, 1c8eee4e-6528-4e49-a6c0-212bc86c9990.tmp.1.dr	String found in binary or memory: https://play.google.com
Source: 1c8eee4e-6528-4e49-a6c0-212bc86c9990.tmp.1.dr	String found in binary or memory: https://r5---sn-h0jeln7l.gvt1.com
Source: 27decaa4-e983-4dfb-b2f0-27c2c068c25f.tmp.1.dr, 1c8eee4e-6528-4e49-a6c0-212bc86c9990.tmp.1.dr	String found in binary or memory: https://redirector.gvt1.com
Source: craw_window.js.0.dr, craw_window.js0.0.dr, manifest.json.0.dr, manifest.json2.0.dr	String found in binary or memory: https://sandbox.google.com/payments/v4/js/integrator.js
Source: 27decaa4-e983-4dfb-b2f0-27c2c068c25f.tmp.1.dr, 1c8eee4e-6528-4e49-a6c0-212bc86c9990.tmp.1.dr	String found in binary or memory: https://ssl.gstatic.com
Source: craw_window.js.0.dr, craw_background.js.0.dr, craw_window.js0.0.dr, craw_background.js0.0.dr	String found in binary or memory: https://www-googleapis-staging.sandbox.google.com
Source: 27decaa4-e983-4dfb-b2f0-27c2c068c25f.tmp.1.dr, 1c8eee4e-6528-4e49-a6c0-212bc86c9990.tmp.1.dr	String found in binary or memory: https://www.google.com
Source: manifest.json.0.dr, manifest.json2.0.dr	String found in binary or memory: https://www.google.com/
Source: craw_window.js.0.dr, craw_window.js0.0.dr	String found in binary or memory: https://www.google.com/accounts/OAuthLogin?issueuberauth=1
Source: craw_window.js.0.dr, craw_window.js0.0.dr	String found in binary or memory: https://www.google.com/images/cleardot.gif
Source: craw_window.js.0.dr, craw_window.js0.0.dr	String found in binary or memory: https://www.google.com/images/dot2.gif
Source: craw_window.js.0.dr, craw_window.js0.0.dr	String found in binary or memory: https://www.google.com/images/x2.gif
Source: craw_background.js.0.dr, craw_background.js0.0.dr	String found in binary or memory: https://www.google.com/intl/en-US/chrome/blank.html
Source: craw_window.js.0.dr, craw_background.js.0.dr, 27decaa4-e983-4dfb-b2f0-27c2c068c25f.tmp.1.dr, craw_window.js0.0.dr, craw_background.js0.0.dr, 1c8eee4e-6528-4e49-a6c0-212bc86c9990.tmp.1.dr	String found in binary or memory: https://www.googleapis.com
Source: manifest.json.0.dr, manifest.json2.0.dr	String found in binary or memory: https://www.googleapis.com/
Source: manifest.json.0.dr, manifest.json2.0.dr	String found in binary or memory: https://www.googleapis.com/auth/chromewebstore
Source: manifest.json.0.dr, manifest.json2.0.dr	String found in binary or memory: https://www.googleapis.com/auth/chromewebstore.readonly
Source: manifest.json.0.dr, manifest.json2.0.dr	String found in binary or memory: https://www.googleapis.com/auth/sierra
Source: manifest.json.0.dr, manifest.json2.0.dr	String found in binary or memory: https://www.googleapis.com/auth/sierrasandbox
Source: 27decaa4-e983-4dfb-b2f0-27c2c068c25f.tmp.1.dr, 1c8eee4e-6528-4e49-a6c0-212bc86c9990.tmp.1.dr	String found in binary or memory: https://www.gstatic.com

Source: unknown

Source: unknown	HTTPS traffic detected: 117.184.226.43:443 -> 192.168.2.4:49804 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 117.184.226.43:443 -> 192.168.2.4:49805 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 117.184.226.1:443 -> 192.168.2.4:49821 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 117.184.226.1:443 -> 192.168.2.4:49822 version: TLS 1.2

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Local\Temp\3f482a4b-2899-4262-be89-6ad22fc4361c.tmp

Jump to behavior

Source: classification engine

Classification label: sus20.troj.win@39/159@21/17

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1588,1720915609517302198,2750695470635868226,131072 --lang=en-GB --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1960 /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe" "http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=113101066887499677331010214400001&access_token=43b263fc-3d1d-46c0-91a2-e154caad35dd
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1588,1720915609517302198,2750695470635868226,131072 --lang=en-GB --service-sandbox-type=network --enable-audio-service-sandbox --mojo-platform-channel-handle=1960 /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe" "http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=113101066887499677331010214400001&access_token=43b263fc-3d1d-46c0-91a2-e154caad35dd	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Local\Google\Chrome\User Data\BrowserMetrics\BrowserMetrics-62F259A9-17FC.pma

Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

File created: C:\Users\user\AppData\Local\Temp\6140_158424456\LICENSE.txt

Jump to behavior

Hooking and other Techniques for Hiding and Protection

Uses known network protocols on non-standard ports

Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 9022
Source: unknown	Network traffic detected: HTTP traffic on port 9022 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 9022
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 9022
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 9022
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 9022
Source: unknown	Network traffic detected: HTTP traffic on port 9022 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 9022 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 9022 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 9022 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 9022
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 9022
Source: unknown	Network traffic detected: HTTP traffic on port 9022 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 9022 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 9022
Source: unknown	Network traffic detected: HTTP traffic on port 9022 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 9022
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 9022
Source: unknown	Network traffic detected: HTTP traffic on port 9022 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 9022 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 9022
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 9022
Source: unknown	Network traffic detected: HTTP traffic on port 9022 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 9022 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 9022
Source: unknown	Network traffic detected: HTTP traffic on port 9022 -> 49748

ID:	680978
Product:	CloudBasic
Start time:	14:56:09
Start date:	09.08.2022
Cookbook:	browseurl.jbs
System description:	Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
Architecture:	WINDOWS

Windows Analysis Report
http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=113101066887499677331010214400001&access_token=43b263fc-3d1d-46c0-91a2-e154caad35dd

Overview

General Information

Detection

Signatures

Classification

Signatures

Compliance

Networking

System Summary

Persistence and Installation Behavior

Hooking and other Techniques for Hiding and Protection

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=113101066887499677331010214400001&access_token=43b263fc-3d1d-46c0-91a2-e154caad35dd

Overview

General Information

Detection

Signatures

Classification

Signatures

Compliance

Networking

System Summary

Persistence and Installation Behavior

Hooking and other Techniques for Hiding and Protection

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
http://117.184.226.70:9022/ac-guide-ext/fillform/onething/main.do?oneCode=310102144000&itemCode=113101066887499677331010214400001&access_token=43b263fc-3d1d-46c0-91a2-e154caad35dd