Overview

URL vxniuniu.com/item/1.html
IP52.78.124.149
ASN
Location United States
Report completed2019-02-18 16:30:42 CET
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2019-02-18 2 vxniuniu.com/item/1.html Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 52.78.124.149

Date UQ / IDS / BL URL IP
2019-02-18 17:09:29 +0100
0 - 0 - 1 preukson.com/a/xinwen/xingyexinwen/985.html 52.78.124.149
2019-02-18 14:22:02 +0100
0 - 0 - 1 ghtt3.gddixing.com/ 52.78.124.149
2019-02-17 21:12:20 +0100
0 - 0 - 1 m.d7tuan.com/ 52.78.124.149
2019-02-17 16:53:05 +0100
0 - 0 - 1 cswlzx.com/cy/890.html 52.78.124.149
2019-02-16 19:05:16 +0100
0 - 1 - 0 g6series.com/wp-content/plugins/304.exe 52.78.124.149
2019-02-16 17:56:36 +0100
0 - 0 - 1 dadaowl.com/racing/68346.html 52.78.124.149
2019-02-14 05:22:06 +0100
0 - 0 - 1 cl2.qnxzq.com/download/03d2xsavde_20@3489.exe 52.78.124.149
2019-02-12 15:20:13 +0100
0 - 0 - 1 cl2.qnxzq.com/download/linuxdeepin_68@16353.exe 52.78.124.149
2019-02-12 07:13:31 +0100
0 - 0 - 1 cl2.dldhyx.com/download/%C3%A41%E2%81%844%20% (...) 52.78.124.149
2019-02-11 15:58:08 +0100
0 - 0 - 1 mi1998.com/zuixindongtai/33.html 52.78.124.149

Last 10 reports on ASN:

Date UQ / IDS / BL URL IP
2019-07-02 09:48:15 +0200
0 - 0 - 0 https://www.imdb.com/list/ls049696316/ 143.204.52.228
2019-07-02 09:48:17 +0200
0 - 0 - 0 https://www.imdb.com/list/ls049696333/ 143.204.52.228
2019-07-02 09:48:03 +0200
0 - 0 - 0 https://www.spreaker.com/show/ver-peru-x-urug (...) 52.51.101.146
2019-07-01 11:37:34 +0200
0 - 0 - 0 https://www.tig-uk.com/tts/nbn4298k3o7tvns8vp (...) 144.217.235.30
2019-07-01 11:37:22 +0200
0 - 0 - 0 https://www.tig-uk.com/tts/nbn4298k3o7tvns8vp (...) 144.217.235.30
2019-07-01 11:36:59 +0200
0 - 0 - 0 https://healthadviserpro.com/power-efficiency (...) 108.179.246.37
2019-07-01 11:35:37 +0200
0 - 0 - 0 https://www.imdb.com/list/ls049291106/ 143.204.52.228
2019-07-01 11:31:59 +0200
0 - 0 - 1 https://fp.bwjf.cn/downInvoice/98d3884f381b46 (...) 39.107.217.15
2019-07-01 11:28:01 +0200
0 - 0 - 0 https://d9.flashtalking.com/d9core 52.211.104.166
2019-07-01 11:27:51 +0200
0 - 0 - 0 https://www.launchora.com/story/123movies-wat (...) 52.38.238.5

No other reports on domain: vxniuniu.com



JavaScript

Executed Scripts (11)


Executed Evals (1)

#1 JavaScript::Eval (size: 446, repeated: 1) - SHA256: d2db2246b0358ff2e8c8efd278dcca849ffb023e92d3d5a8a7368f229e6655ed

                                        var a, b, c, d, e;
a = [112, 112, 114, 98, 108, 116, 116, 110, 106, 106, 121];
b = a.map(j).map(i).join("");
c = String.fromCharCode(95);
d = String.fromCharCode(45);
e = b.replace(c, d);
f = [104, 116, 116, 112, 58, 47, 47, 99, 108, 111, 117, 100, 99, 100, 110, 46, 100, 111, 112, 97, 46, 99, 111, 109, 47, 105, 109, 103, 47, 49, 56, 51, 54, 47];
g = [46, 112, 110, 103];
h = f.map(i).join("") + e + g.map(i).join("");
document.getElementById(b).children[0].removeAttribute("src");
document.getElementById(b).children[0].src = h
                                    

Executed Writes (2)

#1 JavaScript::Write (size: 120, repeated: 1) - SHA256: fab0d42fa4cf7e963cb2d5ea441eb036d4349a2ebb734cfda047787bec8914e2

                                        < script src = 'http://c.cnzz.com/core.php?web_id=1273523440&show=pic&t=z'
charset = 'utf-8'
type = 'text/javascript' > < /script>
                                    

#2 JavaScript::Write (size: 145, repeated: 1) - SHA256: 843b89e4b5e0320230075c28c97f9e1fd9f8c846d4f94c5d031b5f95db4882d3

                                        < span id = 'cnzz_stat_icon_1273523440' > < /span><script src=' http:/ / s19.cnzz.com / z_stat.php ? id = 1273523440 & show = pic ' type='
text / javascript '></script>
                                    


HTTP Transactions (21)


Request Response
                                        
                                            GET /item/1.html HTTP/1.1 
Host: vxniuniu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         52.78.124.149
HTTP/1.1 200 OK
Content-Type: text/html;charset=utf-8
                                        
Server: nginx/yumi@404
Date: Mon, 18 Feb 2019 15:30:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.3
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   404
Md5:    82b4d62b7188fb44bea4546cd1816fb6
Sha1:   d1c7f3c5d9abdfc983092d285e11f3481beb4c59
Sha256: 7d0b126179eeb0bc856436d0588396017f063eafcfd632719a718df14eef4a82

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: vxniuniu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         52.78.124.149
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx/yumi@404
Date: Mon, 18 Feb 2019 15:30:12 GMT
Content-Length: 824
Last-Modified: Mon, 21 May 2018 09:40:46 GMT
Connection: keep-alive
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PC bitmap, Windows 3.x format, 16 x 16 x 24
Size:   824
Md5:    372f7464617155cf179b2fd79552745c
Sha1:   be5f29eb0c80ca04b7377809266b574920dbaad2
Sha256: 39662edca941e4f14a7f9261fe1ddae08346b773883de02954b1a1059c669be5
                                        
                                            GET /?dm=vxniuniu.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB&poprequest=1 HTTP/1.1 
Host: 597.ok365.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://vxniuniu.com/item/1.html

                                         
                                         183.134.218.69
HTTP/1.1 200 OK
Content-Type: text/html;charset=utf-8
                                        
Server: Tengine/1.4.2
Date: Mon, 18 Feb 2019 15:30:15 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.3.10
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   417
Md5:    9761f2c2b3e11d3c9abd9eb08cf42887
Sha1:   aa3b57dab67be78fedba9829e7fa229224e4e956
Sha256: 3d14a19c2d7c7bc3b41f96fbb3db019000202cedc6da259df37ba56bfac90625
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: 597.ok365.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         183.134.218.69
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: Tengine/1.4.2
Date: Mon, 18 Feb 2019 15:30:16 GMT
Content-Length: 824
Last-Modified: Mon, 21 May 2018 09:40:46 GMT
Connection: keep-alive
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PC bitmap, Windows 3.x format, 16 x 16 x 24
Size:   824
Md5:    372f7464617155cf179b2fd79552745c
Sha1:   be5f29eb0c80ca04b7377809266b574920dbaad2
Sha256: 39662edca941e4f14a7f9261fe1ddae08346b773883de02954b1a1059c669be5
                                        
                                            GET /?dm=vxniuniu.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB&poprequest=1&ref=http://vxniuniu.com/item/1.html HTTP/1.1 
Host: 839.dopa.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         183.134.218.69
HTTP/1.1 200 OK
Content-Type: text/html;charset=utf-8
                                        
Server: Tengine/1.4.2
Date: Mon, 18 Feb 2019 15:30:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.3.10
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   3657
Md5:    772fc99436be9c25a03f3e254d0c9b65
Sha1:   1cccbdee5d98cfa50a32e7b3cf906d83bd701dd3
Sha256: 3d3aa341877b45bda22b9ae34cda75770b395909537b8e5b36d28173b8f3ca92
                                        
                                            POST / HTTP/1.1 
Host: status.thawte.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=170977
Date: Mon, 18 Feb 2019 15:30:17 GMT
Etag: "5c6a246c-1d7"
Expires: Wed, 20 Feb 2019 14:59:54 GMT
Last-Modified: Mon, 18 Feb 2019 03:20:12 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    642f1e52fcc181f2aa244c15bd8c125d
Sha1:   6c4288c131b915f0faef372b9b6a64d7665a01ee
Sha256: b70d8e77760702ddaa6e100fbf8ea4316035e951fdba36739763eb1546620272
                                        
                                            GET /img/favicon_dopa.ico HTTP/1.1 
Host: a1.dnbizcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         50.117.125.244
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: Tengine/1.4.2
Date: Mon, 18 Feb 2019 15:30:17 GMT
Content-Length: 824
Last-Modified: Fri, 04 May 2018 09:53:13 GMT
Connection: keep-alive
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PC bitmap, Windows 3.x format, 16 x 16 x 24
Size:   824
Md5:    372f7464617155cf179b2fd79552745c
Sha1:   be5f29eb0c80ca04b7377809266b574920dbaad2
Sha256: 39662edca941e4f14a7f9261fe1ddae08346b773883de02954b1a1059c669be5
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=158802
Date: Mon, 18 Feb 2019 15:30:17 GMT
Etag: "5c6a768b-1d7"
Expires: Wed, 20 Feb 2019 11:36:59 GMT
Last-Modified: Mon, 18 Feb 2019 09:10:35 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    30d6e2648576d30ab5e7eef1c515ce10
Sha1:   32f576914f7bc0d1d1f3ba55be2eb86e2c742f3e
Sha256: 2d598f418d42ef6bd4b91bd5d91d8af7e713a4e8702ccfddc3bc779084c1a4ee
                                        
                                            GET /js/b/caf.js HTTP/1.1 
Host: a1.dnbizcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://839.dopa.com/?dm=vxniuniu.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB&poprequest=1&ref=http://vxniuniu.com/item/1.html

                                         
                                         50.117.125.244
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: Tengine/1.4.2
Date: Mon, 18 Feb 2019 15:30:17 GMT
Last-Modified: Fri, 07 Dec 2018 05:15:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   3278
Md5:    5da6cb13b1cbd2e9f3cbb69cc876b186
Sha1:   7dc44282d309b37a6cbcea7f5ecbd85d459bca63
Sha256: 3cbd035f11fa9163ce86bebcaf26e164f5ad64b5f523fc2bc95dcce68db012d7
                                        
                                            GET /fs-bin/show?id=N3Fl8WZqO0Y&bids=584883.165&subid=0&type=4&gridnum=0 HTTP/1.1 
Host: ad.linksynergy.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://839.dopa.com/?dm=vxniuniu.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB&poprequest=1&ref=http://vxniuniu.com/item/1.html

                                         
                                         34.198.100.55
HTTP/1.1 302 Found
Content-Type: text/html;charset=utf-8
                                        
Server: Apache-Coyote/1.1
Expires: Mon, 18 Feb 2019 16:30:17 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa OUR BUS STA"
Location: https://mproxy.banner.linksynergy.com/fs/banners/43301/43301_165.jpg
Connection: close, close
Set-Cookie: rmuid=15f5b663-34e7-4a93-9c90-7ecbc48a3f84; Domain=.linksynergy.com; Expires=Tue, 18-Feb-2020 15:30:17 GMT; Path=/
Content-Length: 91
Date: Mon, 18 Feb 2019 15:30:17 GMT


--- Additional Info ---
Magic:  ASCII text
Size:   91
Md5:    38ddcf0054603f1e054f768cf28c97f7
Sha1:   09008e511685c65ca6d690ebad0fff241b2da3f9
Sha256: 8f03df501aff2ce681c2f1f706e0e5cb3d61bb9a6f4155609638ff65fa5ae869
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=143284
Date: Mon, 18 Feb 2019 15:30:18 GMT
Etag: "5c67ca25-1d7"
Expires: Wed, 20 Feb 2019 07:18:22 GMT
Last-Modified: Sat, 16 Feb 2019 08:30:29 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    b60e5a15ff53c3a574faf5e352fbb619
Sha1:   d490fc0b9001db89014cca633bee88fd211ccae5
Sha256: ab3702f6cb9a94b7ec006a9c2bdabb280ec17fe17b65de0de30d2a21d9e3c978
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=153588
Date: Mon, 18 Feb 2019 15:30:18 GMT
Etag: "5c6a6f70-1d7"
Expires: Wed, 20 Feb 2019 10:10:06 GMT
Last-Modified: Mon, 18 Feb 2019 08:40:16 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   471
Md5:    79dd79cde5c41be7d49570b0b75aadb5
Sha1:   ecd1ad04b92d04b6ff1633f1ad6ef83b144bfd7a
Sha256: 4ba7e3282492af36e2c876cc61a8a10067c7accd6f3f439cb58f2f9ba7f54ec9
                                        
                                            GET /tracking.php?q=T0YpgKjBvAzjJIrVmVPA1Hq5LcBw7rCi34EL-PNe6iJEeH9vQ_hVbOWP3-4I9x-2xbveTAHZeJSmLk-vmkuZg8_QGBN5iOn2t2R5UKVZRUMAJ7oagmnPf8MaNK0of_UaGb0N-vkkXUE9Z6baIzj3THq5LcBw7rCicCHVx0_J1cBaOHG3QiIBH1iP2qmG2IjDRA4zXfKeHwLL3j5iqvIovyQvPKkt5hJyN7d9f7IF-hFwVPh0sMauceFlKBH82MXRYBlGdoj9y8GZrNDefkyk29qWLb6tjwNkpycMb-KZ3h0lVFRZIIMs0SjKaqfXCanr_04YeQ5gkKoyj53MbwbCTGYjIBaVIS61J27HINoMECibmefQhHMMlv7IAIhRZVhLU3XNRU7nOydkuZTbJazn_S0MEn-9Za-v73wGbOH-NUDW-FHlA7bV9vhwQEA2PHNJFFP8mwemoEaWhruf2KWuxDyombvT0K0mgRqfe2kcyMivNGXh9LK90gJgCXlTNjB3Ftqf8mLMsTXSXwNHPLiaCYS550mWRd2_dR9eDPbWgmUPZL0W39DQ0L1dcI-1TBr4JtBcC-sVDF25nQ4imcduYfiITzcPdOhvVUPwXsl7Fx_79zB9KRhcPOsj5KD_kt_aowEt_iei_70HUT1UsDPk3y7EAe-YgAjH7BSOEJzOK65mJPR1Rm0oIaGGx3pjKzqOjx-9PAMiiU3VYUQq4hfOv90ktTrRR_erkmYdxWfIQU_mC5LqRKWL_V7ZsWwiqdzcT3CVuwrCKdIiw49ioWRsaCUYBypJT7yXc-nmnb0UkJArm0bx9spl-AMw1DiLhCetPXHsOFMUxtk&p=121&oc=true&ac=0,12&kc=0,10&sw=1176&sh=885&if=false&ia=false&nr=false&tz=-60&ck=&req_url=http%3A%2F%2F839.dopa.com%2F%3Fdm%3Dvxniuniu.com%26acc%3D96F52E2F-2CB3-468B-900C-1A4B76552CAB%26poprequest%3D1%26ref%3Dhttp%3A%2F%2Fvxniuniu.com%2Fitem%2F1.html&method=index&mm=false HTTP/1.1 
Host: 839.dopa.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://839.dopa.com/?dm=vxniuniu.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB&poprequest=1&ref=http://vxniuniu.com/item/1.html

                                         
                                         183.134.218.69
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: Tengine/1.4.2
Date: Mon, 18 Feb 2019 15:30:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.3.10
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   20
Md5:    7029066c27ac6f5ef18d660d5741979a
Sha1:   46c6643f07aa7f6bfe7118de926b86defc5087c4
Sha256: 59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
                                        
                                            GET /fs/banners/43301/43301_165.jpg HTTP/1.1 
Host: mproxy.banner.linksynergy.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://839.dopa.com/?dm=vxniuniu.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB&poprequest=1&ref=http://vxniuniu.com/item/1.html
Cookie: rmuid=15f5b663-34e7-4a93-9c90-7ecbc48a3f84

                                         
                                         192.229.133.205
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Accept-Ranges: bytes
Cache-Control: max-age=900
Date: Mon, 18 Feb 2019 15:30:18 GMT
Etag: "549188-24d83-57e9cd6f60a80"
Expires: Mon, 18 Feb 2019 15:45:18 GMT
Last-Modified: Fri, 04 Jan 2019 07:29:30 GMT
Server: Apache/2.2.27 (CentOS)
Content-Length: 150915


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   150915
Md5:    054b57de9eca47c176d52e49527e4ceb
Sha1:   04f2b8c3db2bde4b65b2bb235fc391a598017072
Sha256: e7acc44796c5aa57b8cb04ece311c94a89a71bcb0b5c52ff65fe1fb33a0536b9
                                        
                                            GET /z_stat.php?id=1273523440&show=pic HTTP/1.1 
Host: s19.cnzz.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://839.dopa.com/?dm=vxniuniu.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB&poprequest=1&ref=http://vxniuniu.com/item/1.html

                                         
                                         221.236.11.105
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: Tengine
Content-Length: 11737
Connection: keep-alive
Date: Mon, 18 Feb 2019 15:23:55 GMT
Last-Modified: Mon, 18 Feb 2019 15:23:55 GMT
Cache-Control: max-age=5400,s-maxage=5400
Ali-Swift-Global-Savetime: 1550503435
Via: cache31.l2cm9[0,200-0,H], cache31.l2cm9[1,0], kunlun10.cn1502[0,200-0,H], kunlun2.cn1502[0,0]
Age: 384
X-Cache: HIT TCP_MEM_HIT dirn:-2:-2
X-Swift-SaveTime: Mon, 18 Feb 2019 15:24:26 GMT
X-Swift-CacheTime: 5369
Timing-Allow-Origin: *
EagleId: ddec0b1615505038199885847e


--- Additional Info ---
Magic:  ASCII text, with very long lines
Size:   11737
Md5:    c2225c93ef9c51f8f2ab725077da28ee
Sha1:   1bfc7e6a2d335c403fe682e7e6755f4ce2d38a28
Sha256: 5c4e497a7b1824c890bae3b7bd161d31b1678110420fa3f8bd07ed394c2737e5
                                        
                                            GET /core.php?web_id=1273523440&show=pic&t=z HTTP/1.1 
Host: c.cnzz.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://839.dopa.com/?dm=vxniuniu.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB&poprequest=1&ref=http://vxniuniu.com/item/1.html

                                         
                                         221.236.11.105
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: Tengine
Content-Length: 629
Connection: keep-alive
Date: Mon, 18 Feb 2019 15:21:15 GMT
Vary: Accept-Encoding
X-Powered-By: PHP/5.5.25
Last-Modified: Mon, 18 Feb 2019 15:21:15 GMT
Expires: Mon, 18 Feb 2019 15:36:15 GMT
Content-Encoding: gzip
Ali-Swift-Global-Savetime: 1550503275
Via: cache27.l2cm9[0,200-0,H], cache33.l2cm9[1,0], kunlun9.cn1502[0,200-0,H], kunlun6.cn1502[0,0]
Age: 545
X-Cache: HIT TCP_MEM_HIT dirn:-2:-2
X-Swift-SaveTime: Mon, 18 Feb 2019 15:24:27 GMT
X-Swift-CacheTime: 708
Timing-Allow-Origin: *
EagleId: ddec0b1a15505038205306480e


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   629
Md5:    a0952a36080f0e3715f9ff2423625e37
Sha1:   b12a554830cec6ac79d27ce99f681f30c0195d7d
Sha256: 1b6dc3d77d76af31f390e3305cabe6c5768ba5f1101c344a83d4215f6ca66bfc
                                        
                                            GET /9.gif?abc=1&rnd=2036757345 HTTP/1.1 
Host: cnzz.mmstat.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://839.dopa.com/?dm=vxniuniu.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB&poprequest=1&ref=http://vxniuniu.com/item/1.html

                                         
                                         205.204.101.182
HTTP/1.1 302 Found
Content-Type: image/gif
                                        
Date: Mon, 18 Feb 2019 15:30:21 GMT
Content-Length: 43
Connection: close
P3P: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
Set-Cookie: cna=jb3xFEefqGACAU0ogXtmSLOz; expires=Thu, 15-Feb-29 15:30:21 GMT; path=/; domain=.mmstat.com sca=27cd5b3a; path=/; domain=.cnzz.mmstat.com atpsida=70c15be78bb719358a0f5233_1550503821_1; path=/; domain=.cnzz.mmstat.com
Location: http://pcookie.cnzz.com/app.gif?&cna=jb3xFEefqGACAU0ogXtmSLOz
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Pragma: no-cache


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /img/pic.gif HTTP/1.1 
Host: icon.cnzz.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://839.dopa.com/?dm=vxniuniu.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB&poprequest=1&ref=http://vxniuniu.com/item/1.html

                                         
                                         120.37.140.240
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: Tengine
Content-Length: 719
Connection: keep-alive
Date: Mon, 18 Feb 2019 09:56:23 GMT
Last-Modified: Fri, 16 Jan 2009 08:10:47 GMT
Expires: Tue, 19 Feb 2019 09:56:23 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
Via: cache36.l2cn62[0,304-0,H], cache6.l2cn62[1,0], kunlun5.cn199[0,200-0,H], kunlun4.cn199[1,0]
Ali-Swift-Global-Savetime: 1550051783
Age: 20039
X-Cache: HIT TCP_MEM_HIT dirn:0:97769532
X-Swift-SaveTime: Mon, 18 Feb 2019 09:56:23 GMT
X-Swift-CacheTime: 86400
Timing-Allow-Origin: *
EagleId: 78258ce315505038221313169e


--- Additional Info ---
Magic:  GIF image data, version 89a, 50 x 12
Size:   719
Md5:    bcdd9aa92c5876f207f70567d101a896
Sha1:   786c52002f857fcbff04a5781ec35792be11af4a
Sha256: 98a4ab97e12555ab969012d151a578dae7a3b8699d202485fcf8116e55497735
                                        
                                            GET /stat.htm?id=1273523440&r=&lg=en-us&ntime=none&cnzz_eid=834037219-1550503435-&showp=1176x885&t=Deploy%20WordPress%20on%20Alibaba%20Cloud%20Server...&umuuid=169013abb45156-0c1d33c365a0d18-6c242d76-fe178-169013abb46137&h=1&rnd=972875732 HTTP/1.1 
Host: z8.cnzz.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://839.dopa.com/?dm=vxniuniu.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB&poprequest=1&ref=http://vxniuniu.com/item/1.html

                                         
                                         203.119.128.195
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: Tengine
Date: Mon, 18 Feb 2019 15:30:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   22
Md5:    8bd3e739a9ba80a435f0214811da0c2a
Sha1:   bfc17d1e04e56542eb8037f08ed142efd252ea82
Sha256: a2dd5774b01bbfc29140279e02fea087df42a4c257dce8858226737a2e521986
                                        
                                            GET /app.gif?&cna=jb3xFEefqGACAU0ogXtmSLOz HTTP/1.1 
Host: pcookie.cnzz.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://839.dopa.com/?dm=vxniuniu.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB&poprequest=1&ref=http://vxniuniu.com/item/1.html

                                         
                                         106.11.92.6
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Mon, 18 Feb 2019 15:30:23 GMT
Content-Length: 43
Connection: close
P3P: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
Set-Cookie: cna=jb3xFEefqGACAU0ogXtmSLOz; expires=Thu, 15-Feb-29 15:30:23 GMT; path=/; domain=.cnzz.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Pragma: no-cache


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /?dm=vxniuniu.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB&poprequest=1 HTTP/1.1 
Host: 597.ok365.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         0.0.0.0
                                        


--- Additional Info ---