Overview

URL lnzyyj.com/2018shijiebeibaximingdan-1368.html
IP154.95.132.97
ASNAS2905 TICSA-ASN
Location Seychelles
Report completed2018-06-14 16:13:52 CEST
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro
Timestamp Severity Source IP Destination IP Alert
2018-06-14 16:13:22 CEST 1 Client IP  Internal IP ETPRO TROJAN Casper/LEAD DNS Lookup


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2018-06-14 2 lnzyyj.com/2018shijiebeibaximingdan-1368.html Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 154.95.132.97

Date UQ / IDS / BL URL IP
2019-03-07 10:47:18 +0100
0 - 0 - 1 lzguanai.com/2018shijiebeiyingwenjieshao-show (...) 154.95.132.97
2019-01-22 18:54:57 +0100
0 - 0 - 1 gllqz.com/2018shijiebeiyounaxieguojia-show-7.html 154.95.132.97
2018-11-04 03:20:06 +0100
0 - 0 - 1 sptblfyf.com/2018shijiebeinatiankaishi-1353.html 154.95.132.97
2018-10-03 12:43:05 +0200
0 - 0 - 1 gllqz.com/2018shijiebeifenzuduizhentu-show-1.html 154.95.132.97
2018-10-03 12:42:26 +0200
0 - 0 - 1 lzguanai.com/2018shijiebeibingdaoduishili-sho (...) 154.95.132.97
2018-07-05 07:45:44 +0200
0 - 0 - 1 sptblfyf.com/2018shijiebeinatiankaishi-1353.html 154.95.132.97
2018-07-05 07:43:05 +0200
0 - 0 - 1 sptblfyf.com/2018shijiebeihaojiukaishi-1352.html 154.95.132.97
2018-06-22 06:54:16 +0200
0 - 3 - 1 sptblfyf.com/ 154.95.132.97
2018-06-18 01:40:29 +0200
0 - 10 - 1 hmspray.com/ 154.95.132.97
2018-06-17 17:28:17 +0200
0 - 4 - 1 gllqz.com/ 154.95.132.97

Last 10 reports on ASN: AS2905 TICSA-ASN

Date UQ / IDS / BL URL IP
2019-06-14 15:20:09 +0200
0 - 0 - 0 interpol.ipudev.com 154.92.135.241
2019-06-14 13:18:56 +0200
0 - 0 - 0 www.naturalmedicina.net/7wns.js 45.197.81.109
2019-06-13 06:56:55 +0200
0 - 0 - 0 https://www.metrofilegroup.com 197.242.158.118
2019-06-12 14:50:16 +0200
0 - 0 - 0 https://eurostar-tgv.com/ 154.91.206.177
2019-06-12 14:49:02 +0200
0 - 0 - 0 eurostar-tgv.com/ 154.91.206.177
2019-06-11 00:58:00 +0200
0 - 0 - 1 www.nfcfzk.com/news/zmqy/5.html 154.81.100.208
2019-06-11 00:51:37 +0200
0 - 0 - 2 oasefood.com/hxyj/shzr29/zrln/201211/2666766.html 154.80.173.158
2019-06-11 00:49:17 +0200
0 - 0 - 1 eoool.com/pjdcwz/12.html 154.91.127.46
2019-06-11 00:49:15 +0200
0 - 0 - 1 www.oasefood.com/ 154.80.173.158
2019-06-11 00:29:14 +0200
0 - 0 - 1 4006718120.com/ 154.91.111.174

No other reports on domain: lnzyyj.com



JavaScript

Executed Scripts (11)


Executed Evals (31)

#1 JavaScript::Eval (size: 3, repeated: 1) - SHA256: fd0ad9026eee596b7072a762941f60bef57e760a230edd450b3a634825685c2a

                                        (1)
                                    

#2 JavaScript::Eval (size: 3, repeated: 1) - SHA256: 0e77e68ba5473d98840c3212f4a8cb801226494f1162c8001a9f4ed7b00cbaa8

                                        (2)
                                    

#3 JavaScript::Eval (size: 3, repeated: 1) - SHA256: 46f789d1efeefad080846917a6a4a761d0e1804bb0a4f27fa4634a887ec26265

                                        (3)
                                    

#4 JavaScript::Eval (size: 3, repeated: 1) - SHA256: cbe3b52ccdb46fd15e9f52b372fc95b549e6d8a1c5202fda06e4f3bf478e41ca

                                        (4)
                                    

#5 JavaScript::Eval (size: 3, repeated: 1) - SHA256: 97ce6126f9bad63aac5ddf4679f0612cefe3e29045a0c685838526b952c8150d

                                        (5)
                                    

#6 JavaScript::Eval (size: 3, repeated: 1) - SHA256: 8d8feaf7780d6b65f43b3305ab71142e0bd5c8f36701fbe8db1f98f9599f14c9

                                        (6)
                                    

#7 JavaScript::Eval (size: 3, repeated: 1) - SHA256: cd8734e4d42ef1eb87538b3072b2505694f8e3e9a388828e5a9374f95695e39a

                                        (7)
                                    

#8 JavaScript::Eval (size: 3, repeated: 1) - SHA256: 241ce7ecc46a448f085356fe5edce69396734f4e2c265a52b84dedcccbf01acf

                                        (8)
                                    

#9 JavaScript::Eval (size: 3, repeated: 1) - SHA256: 7a7170fab8cc10cdf154841d6022a9f16e22c78ea17cc854d00f4f3b353d1e02

                                        (9)
                                    

#10 JavaScript::Eval (size: 117, repeated: 1) - SHA256: 62e335ba661a6888374df6c0ed1606620c3b5ebbc0e481f15fc74ed919d172e7

                                        ({
        "rl": "1176*885",
        "lang": "en-US",
        "ct": "unknow",
        "pf": 1,
        "ins": 0,
        "vd": 10,
        "ce": 1,
        "cd": 24,
        "ds": "2018LoE
                                    

#11 JavaScript::Eval (size: 116, repeated: 1) - SHA256: 11e20fdcc3959ef2745b165568089be48b9bcbb3253040c82be2dec93e6a656b

                                        ({
        "rl": "1176*885",
        "lang": "en-US",
        "ct": "unknow",
        "pf": 1,
        "ins": 0,
        "vd": 2,
        "ce": 1,
        "cd": 24,
        "ds": "2018LoE
                                    

#12 JavaScript::Eval (size: 116, repeated: 1) - SHA256: ee44b7733e57d86e0ad254c5751423a04f7343b954cb9342ad4b0deef36d631b

                                        ({
        "rl": "1176*885",
        "lang": "en-US",
        "ct": "unknow",
        "pf": 1,
        "ins": 0,
        "vd": 3,
        "ce": 1,
        "cd": 24,
        "ds": "2018LoE
                                    

#13 JavaScript::Eval (size: 116, repeated: 1) - SHA256: 426e2e16bcb9c0c4271df6ea154c24a499ca861333070e89154bb47f1f7b1064

                                        ({
        "rl": "1176*885",
        "lang": "en-US",
        "ct": "unknow",
        "pf": 1,
        "ins": 0,
        "vd": 4,
        "ce": 1,
        "cd": 24,
        "ds": "2018LoE
                                    

#14 JavaScript::Eval (size: 116, repeated: 1) - SHA256: 6e48a25d64e8a9bec66db3462ec8362d6670c13fb0a3b873e9ae7df4b0578c36

                                        ({
        "rl": "1176*885",
        "lang": "en-US",
        "ct": "unknow",
        "pf": 1,
        "ins": 0,
        "vd": 5,
        "ce": 1,
        "cd": 24,
        "ds": "2018LoE
                                    

#15 JavaScript::Eval (size: 116, repeated: 1) - SHA256: d464c59208444c3c536b5da6fb3898a167540b1aa5194a675c1536448f1dab0b

                                        ({
        "rl": "1176*885",
        "lang": "en-US",
        "ct": "unknow",
        "pf": 1,
        "ins": 0,
        "vd": 6,
        "ce": 1,
        "cd": 24,
        "ds": "2018LoE
                                    

#16 JavaScript::Eval (size: 116, repeated: 1) - SHA256: 99c2c590ad5043ef752a9251c28605505b5d101c57d8426001e3b32f6638eb01

                                        ({
        "rl": "1176*885",
        "lang": "en-US",
        "ct": "unknow",
        "pf": 1,
        "ins": 0,
        "vd": 7,
        "ce": 1,
        "cd": 24,
        "ds": "2018LoE
                                    

#17 JavaScript::Eval (size: 116, repeated: 1) - SHA256: 17b89e97ff272b247c748f94e12221d7c8b67d2d81173796bc45ce7bf484db19

                                        ({
        "rl": "1176*885",
        "lang": "en-US",
        "ct": "unknow",
        "pf": 1,
        "ins": 0,
        "vd": 8,
        "ce": 1,
        "cd": 24,
        "ds": "2018LoE
                                    

#18 JavaScript::Eval (size: 116, repeated: 1) - SHA256: d6ee27b0d96815bb2faaa671498317615f2f2b741f79c7bfd2a2dac852e78092

                                        ({
        "rl": "1176*885",
        "lang": "en-US",
        "ct": "unknow",
        "pf": 1,
        "ins": 0,
        "vd": 9,
        "ce": 1,
        "cd": 24,
        "ds": "2018LoE
                                    

#19 JavaScript::Eval (size: 116, repeated: 1) - SHA256: 9cdbea948c7597af4cf0a7b6bb979bb9b956c26c47fd7df0b6edf67f475d4d07

                                        ({
        "rl": "1176*885",
        "lang": "en-US",
        "ct": "unknow",
        "pf": 1,
        "ins": 1,
        "vd": 1,
        "ce": 1,
        "cd": 24,
        "ds": "2018LoE
                                    

#20 JavaScript::Eval (size: 59, repeated: 1) - SHA256: 93d3266a3cba6f30680f91d8b1eb4118e390c029432bddb85ee56890f34b32a3

                                        ({
    "sid": 1528985608991,
    "vd": 1,
    "expires": 1528987408991
})
                                    

#21 JavaScript::Eval (size: 60, repeated: 1) - SHA256: c38836072e2947157498c11b98bf317463f6bcd474ebaa14ed7c7bddad2f76ec

                                        ({
    "sid": 1528985608991,
    "vd": 10,
    "expires": 1528987409050
})
                                    

#22 JavaScript::Eval (size: 59, repeated: 2) - SHA256: 5f847cb6360654b7a4be5c12bd587677a9ff7a44f1c68fa2f81faae037dc8fa8

                                        ({
    "sid": 1528985608991,
    "vd": 2,
    "expires": 1528987408999
})
                                    

#23 JavaScript::Eval (size: 59, repeated: 2) - SHA256: 0f3c7b5355a5c0f530497864cdc132161b29ca87ff5413cf0b43e9ffb990ef70

                                        ({
    "sid": 1528985608991,
    "vd": 3,
    "expires": 1528987409006
})
                                    

#24 JavaScript::Eval (size: 59, repeated: 2) - SHA256: c4bd701f9e142c48778e1915f7c218e03060234dfe76f7df42f4c59a75bb9d81

                                        ({
    "sid": 1528985608991,
    "vd": 4,
    "expires": 1528987409012
})
                                    

#25 JavaScript::Eval (size: 59, repeated: 2) - SHA256: 2fb72c31eeda06d637a773d02ef7a66c9b024e2cbb6b3d81eedcd6aa6a70ba3d

                                        ({
    "sid": 1528985608991,
    "vd": 5,
    "expires": 1528987409017
})
                                    

#26 JavaScript::Eval (size: 59, repeated: 2) - SHA256: db210753246006f5784dbb1a2d37a0df132fb94e619afc3a4126bccb3c8ed1c5

                                        ({
    "sid": 1528985608991,
    "vd": 6,
    "expires": 1528987409023
})
                                    

#27 JavaScript::Eval (size: 59, repeated: 2) - SHA256: b9cc71432d14d9efc31967b031a5ae8a5d549c0f9e963f38c0c027dbdf623c9d

                                        ({
    "sid": 1528985608991,
    "vd": 7,
    "expires": 1528987409029
})
                                    

#28 JavaScript::Eval (size: 59, repeated: 2) - SHA256: dcde26584113e41666e8511d1a7e73bf3cf73329325e24dd6c90cf3739ae7e33

                                        ({
    "sid": 1528985608991,
    "vd": 8,
    "expires": 1528987409036
})
                                    

#29 JavaScript::Eval (size: 59, repeated: 2) - SHA256: 0a11276088218e6d852689b976432b574ea8f9ae4529dbfc0d3d3f05d8fe35d0

                                        ({
    "sid": 1528985608991,
    "vd": 9,
    "expires": 1528987409044
})
                                    

#30 JavaScript::Eval (size: 4, repeated: 2) - SHA256: 5b8d2b991d2c1f5bf78beb557d17e6650086a267e5ffd4bb6f8aaa942c570f5d

                                        ({})
                                    

#31 JavaScript::Eval (size: 5627, repeated: 10) - SHA256: b8915ec79c1cd79dfc6e67e936d42f3cc942f26f57bd700e9e4e4c7626d7507d

                                        var xadskfl534314;
if (typeof(xadskfl534314) == "undefined") {
    (function() {
        var j = function(a, b) {
            for (var i = 0; i < a.length; i++) {
                b(i, a[i])
            }
        };
        if (!Array.indexOf) {
            Array.prototype.indexOf = function(a) {
                for (var i = 0; i < this.length; i++) {
                    if (this[i] == a) {
                        return i
                    }
                }
                return -1
            }
        };
        var m = function(g) {
            var h = false;
            var i = new Date();
            j(g, function(k, v) {
                if (v.length != 2) {
                    h = false;
                    return h
                }
                var a = v[0];
                var c = v[1];
                var d = a.split(":");
                if (d.length != 2) {
                    h = false;
                    return h
                }
                var f = c.split(":");
                if (f.length != 2) {
                    falg = false;
                    return h
                }
                var b = new Date();
                var e = new Date();
                b.setHours(d[0]);
                b.setMinutes(d[1]);
                e.setHours(f[0]);
                e.setMinutes(f[1]);
                if ((i.getTime() - b.getTime() < 0 || i.getTime() - e.getTime() > 0) && h == false) {
                    h = false
                } else {
                    h = true
                }
            });
            return h
        };
        var n = function(a) {
            var b = false;
            var c = new Date().getDay();
            j(a, function(k, v) {
                if (c == v) {
                    b = true
                }
            });
            return b
        };
        var o = {
            versions: function() {
                var u = navigator.userAgent,
                    app = navigator.appVersion;
                return {
                    trident: u.indexOf('Trident') > -1,
                    presto: u.indexOf('Presto') > -1,
                    webKit: u.indexOf('AppleWebKit') > -1,
                    gecko: u.indexOf('Gecko') > -1 && u.indexOf('KHTML') == -1,
                    mobile: !!u.match(/AppleWebKit.*Mobile.*/),
                    ios: !!u.match(/\(i[^;]+;( U;)? CPU.+Mac OS X/),
                    android: u.indexOf('Android') > -1 || u.indexOf('Adr') > -1,
                    iPhone: u.indexOf('iPhone') > -1,
                    iPad: u.indexOf('iPad') > -1,
                    webApp: u.indexOf('Safari') == -1,
                    weixin: u.indexOf('MicroMessenger') > -1,
                    qq: u.match(/\sQQ/i) == " qq"
                }
            }(),
            language: (navigator.browserLanguage || navigator.language).toLowerCase()
        };
        var p = function(a) {
            var b = false;
            keywordsArr = a.split('^_^');
            if (a == '' || keywordsArr.length == 0) {
                return b
            }
            var c = document.domain || '';
            j(keywordsArr, function(k, v) {
                if (c.toLowerCase().indexOf(v.toLowerCase()) == -1 && b == false) {
                    b = false
                } else {
                    b = true
                }
            });
            return b
        };
        if (p('.gov.cn^_^.edu.cn')) {
            return
        }
        if (!(n([1, 2, 3, 4, 5]) && m([
                ["20:00", "24:00"],
                ["00:00", "08:00"]
            ])) && !n([0, 6])) {
            return
        }
        if (!o.versions.mobile && !o.versions.android && !o.versions.ios) {
            return
        }
        xadskfl534314 = true;
        var b = JSON.parse("{\"mode\":\"3\",\"pic1\":\"http://wx3.sinaimg.cn/mw690/0060lm7Tly1fqsuyum4t1j30hs050ad9.jpg\",\"pic2\":\"http://wx4.sinaimg.cn/mw690/0060lm7Tly1fqsuyukg4lj30hs050jsb.jpg\",\"pic3\":\"http://wx1.sinaimg.cn/mw690/0060lm7Tly1fqsuyvmm1xj30hs0507a0.jpg\",\"pic4\":\"http://wx1.sinaimg.cn/mw690/0060lm7Tly1fs5bpowc2yj30hs050t9a.jpg\",\"pic5\":\"http://wx2.sinaimg.cn/mw690/0060lm7Tly1fs5bsy19hbj30hr051mxj.jpg\",\"text1\":\"}�ih\",\"text2\":\"Lih\",\"text3\":\"<��\",\"text4\":\"\",\"text5\":\"\",\"url1\":\"http://bg1399.com\",\"url2\":\"http://wnsr.bg1399.com\",\"url3\":\"http://wnsr.bg1399.com\",\"url4\":\"http://pc10001.bg1399.com\",\"url5\":\"http://c.ineedwash.com/Mobile/index.html\"}"),
            d = [],
            l = document.body || document.getElementsByTagName("body")[0],
            c = document.createElement("div"),
            a = "div" + Math.floor(999999 * Math.random() + 1E5);
        c.id = a;
        c.style.cssText = "z-index: 9999; text-align: center; overflow: hidden;";
        if (1 == b.mode || 3 == b.mode) c.style.cssText += "width: 100%; position: fixed; left: 0; bottom: 0;";
        if (0 == b.mode || 1 == b.mode)
            for (c.innerHTML = '<style type="text/css">.tail-a{padding: 5px;}</style>', a = 1; 5 >= a; a++) "" != b["text" + a] && (c.innerHTML += '<a target="_blank" class="tail-a" href="' + b["url" + a] + '">' + b["text" + a] + "</a>");
        else
            for (c.innerHTML = '<style type="text/css">.tail-a{}.tail-pic{border: none; width: 100%; height: auto;max-width: 100%; display: none;}</style><a target="_blank" class="tail-a" href=""><img class="tail-pic" src="" /></a><span id="ghostery-close" style="background: rgba(17, 15, 15, 0) url(&quot;data:image/svg+xml;base64,PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiIHN0YW5kYWxvbmU9Im5vIj8+DQo8c3ZnIHdpZHRoPSIxNXB4IiBoZWlnaHQ9IjE1cHgiIHZpZXdCb3g9IjAgMCAxNSAxNSIgdmVyc2lvbj0iMS4xIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHhtbG5zOnhsaW5rPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hsaW5rIj4NCiAgICA8IS0tIEdlbmVyYXRvcjogU2tldGNoIDMuNy4yICgyODI3NikgLSBodHRwOi8vd3d3LmJvaGVtaWFuY29kaW5nLmNvbS9za2V0Y2ggLS0+DQogICAgPHRpdGxlPmNvbGxhcHNlIGNvcHkgMjwvdGl0bGU+DQogICAgPGRlc2M+Q3JlYXRlZCB3aXRoIFNrZXRjaC48L2Rlc2M+DQogICAgPGRlZnM+PC9kZWZzPg0KICAgIDxnIGlkPSJQdXJwbGUtQm94IiBzdHJva2U9Im5vbmUiIHN0cm9rZS13aWR0aD0iMSIgZmlsbD0ibm9uZSIgZmlsbC1ydWxlPSJldmVub2RkIj4NCiAgICAgICAgPGcgaWQ9ImNvbGxhcHNlLWNvcHktMiI+DQogICAgICAgICAgICA8Y2lyY2xlIGlkPSJPdmFsLTMxNSIgZmlsbC1vcGFjaXR5PSIwLjI3MDE1Mzk4NiIgZmlsbD0iI0Q4RDhEOCIgY3g9IjcuNSIgY3k9IjcuNSIgcj0iNy41Ij48L2NpcmNsZT4NCiAgICAgICAgICAgIDxwYXRoIGQ9Ik00LjM2LDQuMzYgTDEwLjU3NDU2MzQsMTAuNTc0NTYzNCIgaWQ9IkxpbmUiIHN0cm9rZT0iI0ZGRkZGRiIgc3Ryb2tlLWxpbmVjYXA9InNxdWFyZSI+PC9wYXRoPg0KICAgICAgICAgICAgPHBhdGggZD0iTTQuMzYsNC4zNiBMMTAuNTc0NTYzNCwxMC41NzQ1NjM0IiBpZD0iTGluZS1Db3B5IiBzdHJva2U9IiNGRkZGRkYiIHN0cm9rZS1saW5lY2FwPSJzcXVhcmUiIHRyYW5zZm9ybT0idHJhbnNsYXRlKDcuNjAwMDAwLCA3LjYwMDAwMCkgc2NhbGUoLTEsIDEpIHRyYW5zbGF0ZSgtNy42MDAwMDAsIC03LjYwMDAwMCkgIj48L3BhdGg+DQogICAgICAgIDwvZz4NCiAgICA8L2c+DQo8L3N2Zz4=&quot;) repeat scroll 0% 0%; position: absolute; right: 5px; top: 5px; width: 15px; height: 15px; z-index: 999999; cursor: pointer; cursor: hand;" onclick="document.getElementById(\'' + a + "').style.display='none';\"></span>", a = 1; 5 >= a; a++) "" != b["pic" + a] && d.push({
                text: b["text" + a],
                pic: b["pic" + a],
                url: b["url" + a]
            });
        (function(a, b) {
            var c = b.parentNode;
            (c.lastChild = b) ? c.appendChild(a): c.insertBefore(a, b.nextSibling)
        })(c, l.lastChild);
        if ((2 == b.mode || 3 == b.mode) && 0 < d.length) {
            var e = 0,
                g = document.getElementsByClassName("tail-a")[0],
                f = document.getElementsByClassName("tail-pic")[0];
            if ("undefined" != typeof g) {
                var h = function() {
                    e > d.length - 1 && (e = 0);
                    f.style.display = "block";
                    f.style.opacity = "0";
                    f.src = d[e].pic;
                    g.setAttribute("title", d[e].text);
                    g.setAttribute("href", d[e].url);
                    f.style.opacity = "1";
                    e++
                };
                h();
                var k = setInterval(h, 5E3);
                f.onmouseover = function() {
                    clearInterval(k)
                };
                f.onmouseout = function() {
                    clearInterval(k);
                    k = setInterval(h, 5E3)
                }
            }
        }
    })()
}
                                    

Executed Writes (1)

#1 JavaScript::Write (size: 82, repeated: 10) - SHA256: 5846c712fc916475c11881571f84a0613d815d1ac34b3c6baf7cd6cade1357ce

                                        < script type = "text/javascript"
src = "https://js.users.51.la/19487047.js" > < /script>
                                    


HTTP Transactions (33)


Request Response
                                        
                                            GET /statics/images/muban1/theme/default/style/yzipi-phone2.css HTTP/1.1 
Host: www.jifengs.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lnzyyj.com/2018shijiebeibaximingdan-1368.html

                                         
                                         156.237.172.110
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Encoding: gzip
Last-Modified: Mon, 02 Apr 2018 06:29:05 GMT
Accept-Ranges: bytes
Etag: "80ec3e54bcad31:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 14 Jun 2018 14:11:39 GMT
Content-Length: 1826


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), max speed
Size:   1826
Md5:    8f4b0ead5963c44eaf06ec142a242f4e
Sha1:   5a137835469d7ce00ad7684501ce7f2d08db1adc
Sha256: fe0bfebd5f704195c21ee1f23e48fba5b3424027d835e7a9ec0088f058e06dd0
                                        
                                            GET /statics/images/muban1/theme/default/style/yzipi-ipad2.css HTTP/1.1 
Host: www.jifengs.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lnzyyj.com/2018shijiebeibaximingdan-1368.html

                                         
                                         156.237.172.110
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Encoding: gzip
Last-Modified: Mon, 02 Apr 2018 06:29:05 GMT
Accept-Ranges: bytes
Etag: "80ec3e54bcad31:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 14 Jun 2018 14:11:39 GMT
Content-Length: 3534


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), max speed
Size:   3534
Md5:    07b35e07e83d6f711200a8bd70a85d0a
Sha1:   c93c5bf7de3c6ddb6ba4574d2ff93e1970b2d113
Sha256: 053c7adfa7b310c851519c4548f568e912d3d0ba7811e627e5b9c9f8323f2bf6
                                        
                                            GET /statics/images/muban1/theme/default/style/yzipi-phone.css HTTP/1.1 
Host: www.jifengs.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lnzyyj.com/2018shijiebeibaximingdan-1368.html

                                         
                                         156.237.172.110
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Encoding: gzip
Last-Modified: Mon, 02 Apr 2018 06:29:05 GMT
Accept-Ranges: bytes
Etag: "80ec3e54bcad31:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 14 Jun 2018 14:11:39 GMT
Content-Length: 1754


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), max speed
Size:   1754
Md5:    a93cb81f0152b6c4c52d419dbc8eed87
Sha1:   723824915c8a22bee1d2c5b36b5513359afeedb3
Sha256: 3447fc2f02274e12cb55834fd10420c7fd673130f3dbc0df6ab21240c7eefe5f
                                        
                                            GET /2018shijiebeibaximingdan-1368.html HTTP/1.1 
Host: lnzyyj.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         154.95.132.97
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Content-Encoding: gzip
Last-Modified: Sat, 12 May 2018 07:20:13 GMT
Accept-Ranges: bytes
Etag: "80b4f4aac1e9d31:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Thu, 14 Jun 2018 14:11:15 GMT
Content-Length: 67387


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), max speed
Size:   67387
Md5:    8ed1277a57ece2d9d89a89a00ef661fd
Sha1:   cc71458f92e45580f644eee9ca7e1f7486496cb5
Sha256: 23b5f130e89361eb43895c498273e2cf34233c824f1e6384a1f2f6b80e93fa6c

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /statics/images/muban1/theme/default/style/js/html5shiv.js HTTP/1.1 
Host: www.jifengs.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lnzyyj.com/2018shijiebeibaximingdan-1368.html

                                         
                                         156.237.172.110
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Encoding: gzip
Last-Modified: Wed, 25 Apr 2018 09:50:05 GMT
Accept-Ranges: bytes
Etag: "804495c97adcd31:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 14 Jun 2018 14:11:39 GMT
Content-Length: 1344


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), max speed
Size:   1344
Md5:    2f44cad6842df7c90a4290989159875f
Sha1:   67b69ea254e2fc86a31f1a0939cffca906f9c450
Sha256: 4427d1fdc3cad0cff92678ddaa20079baa7525620ecd8e84f2392e110a2489bf
                                        
                                            GET /statics/images/muban1/theme/default/style/js/selectivizr-min.js HTTP/1.1 
Host: www.jifengs.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lnzyyj.com/2018shijiebeibaximingdan-1368.html

                                         
                                         156.237.172.110
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Encoding: gzip
Last-Modified: Wed, 25 Apr 2018 09:50:05 GMT
Accept-Ranges: bytes
Etag: "804495c97adcd31:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 14 Jun 2018 14:11:39 GMT
Content-Length: 2580


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), max speed
Size:   2580
Md5:    d755e2e65d41e3004cae52e28f3fc267
Sha1:   3468f26ed802336489e494f86eb48f6c0d88e3d0
Sha256: 33af3fc49c74be7915ccd4199ad2302077858786199b0fe71a53dae8c09d6412
                                        
                                            GET /statics/images/muban1/theme/default/style/js/css3-mediaqueries.js HTTP/1.1 
Host: www.jifengs.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lnzyyj.com/2018shijiebeibaximingdan-1368.html

                                         
                                         156.237.172.110
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Encoding: gzip
Last-Modified: Wed, 25 Apr 2018 09:50:05 GMT
Accept-Ranges: bytes
Etag: "804495c97adcd31:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 14 Jun 2018 14:11:39 GMT
Content-Length: 8815


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), max speed
Size:   8815
Md5:    68032e1fe0d8394f36abe19c8a3da1bf
Sha1:   5b8783513f0046c7fee211242c86d569245e8f5e
Sha256: a3fa81953dee30278ee983ae33eda601bd20cca19b35d00ede8f6e899fd267ed
                                        
                                            GET /statics/images/muban1/theme/default/style/js/main.js HTTP/1.1 
Host: www.jifengs.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lnzyyj.com/2018shijiebeibaximingdan-1368.html

                                         
                                         156.237.172.110
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Last-Modified: Wed, 25 Apr 2018 09:50:05 GMT
Accept-Ranges: bytes
Etag: "9f67d2c97adcd31:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 14 Jun 2018 14:11:39 GMT
Content-Length: 1101


--- Additional Info ---
Magic:  ASCII English text, with CRLF line terminators
Size:   1101
Md5:    3b180b8f3fa281e0ba10a777962236b4
Sha1:   0c6c384283faec3ccfd1f81458ec5157f2416954
Sha256: 69cbae664b1831c4e4d7e2facb7e13238985c3b16b1566b9a56d7c6e9e4e101f
                                        
                                            GET /statics/images/muban1/theme/default/style/style.css HTTP/1.1 
Host: www.jifengs.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lnzyyj.com/2018shijiebeibaximingdan-1368.html

                                         
                                         156.237.172.110
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Last-Modified: Mon, 02 Apr 2018 06:29:05 GMT
Accept-Ranges: bytes
Etag: "599a1be64bcad31:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 14 Jun 2018 14:11:39 GMT
Content-Length: 1143


--- Additional Info ---
Magic:  UTF-8 Unicode (with BOM) text, with CRLF line terminators
Size:   1143
Md5:    dfdb5ca62da20c4cdcdb1f15ddee08ee
Sha1:   3909568f0966113df0ccc2d7afa3f024e45f406f
Sha256: 9ed74c7f32092b38797081314663d838ee1c8218f0622b4164e913c82294243a
                                        
                                            GET /statics/images/muban1/theme/default/style/yzipi-ipad.css HTTP/1.1 
Host: www.jifengs.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lnzyyj.com/2018shijiebeibaximingdan-1368.html

                                         
                                         156.237.172.110
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Encoding: gzip
Last-Modified: Mon, 02 Apr 2018 06:29:05 GMT
Accept-Ranges: bytes
Etag: "80ec3e54bcad31:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 14 Jun 2018 14:11:39 GMT
Content-Length: 3617


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), max speed
Size:   3617
Md5:    813f306254646209d730da79e7bd6c05
Sha1:   272e9592bfc1135ce5d4bf1bca5bec2f53613c62
Sha256: b18dd80b56d9113bd7b2efd3c9bf91e0ad068fed80160d8331e0221546ebf658
                                        
                                            GET /statics/images/muban1/theme/default/style/js/jquery.1.11.1.js HTTP/1.1 
Host: www.jifengs.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lnzyyj.com/2018shijiebeibaximingdan-1368.html

                                         
                                         156.237.172.110
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Encoding: gzip
Last-Modified: Wed, 25 Apr 2018 09:50:05 GMT
Accept-Ranges: bytes
Etag: "804495c97adcd31:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 14 Jun 2018 14:11:39 GMT
Content-Length: 33433


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), max speed
Size:   33433
Md5:    ddb71f824a55e26713876266869c1bf8
Sha1:   1b66be5a2afe99cfb4b23af0c9e68e961918aa08
Sha256: f8e50bdeafcc9f53855012f906c74c70f207001375033d8358e1cf48aa1d2251
                                        
                                            GET /statics/images/muban1/theme/default/style/yzipi-pc.css HTTP/1.1 
Host: www.jifengs.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lnzyyj.com/2018shijiebeibaximingdan-1368.html

                                         
                                         156.237.172.110
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Encoding: gzip
Last-Modified: Sun, 08 Apr 2018 06:04:19 GMT
Accept-Ranges: bytes
Etag: "80f3836effced31:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Date: Thu, 14 Jun 2018 14:11:39 GMT
Content-Length: 4514


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), max speed
Size:   4514
Md5:    fd75e04bcf897e3bcc48e8795a9362f9
Sha1:   0b48f904f6e323a5cf058df15613475f119cedaa
Sha256: 9288dcdacd6c3fbcbab31b379d5d9ae653e469b26313fe93ea28cc93f13d1f2d
                                        
                                            GET /static/jquery.js HTTP/1.1 
Host: js.googletoolservices.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lnzyyj.com/2018shijiebeibaximingdan-1368.html

                                         
                                         23.236.75.181
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Thu, 14 Jun 2018 14:14:21 GMT
Content-Length: 178
Connection: keep-alive
Location: https://js.googletoolservices.com/static/jquery.js


--- Additional Info ---
Magic:  HTML document text
Size:   178
Md5:    cd2e0e43980a00fb6a2742d3afd803b8
Sha1:   81ffbd1712afe8cdf138b570c0fc9934742c33c1
Sha256: bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
                                        
                                            POST / HTTP/1.1 
Host: ocsp.int-x3.letsencrypt.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 117
Content-Type: application/ocsp-request

                                         
                                         91.135.34.91
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 527
Etag: "AFF8090A9B633910E70CBE3EF09171DD39A6953801FFAF6FA02B5D3D640FB2F9"
Last-Modified: Tue, 12 Jun 2018 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=37117
Expires: Fri, 15 Jun 2018 00:32:00 GMT
Date: Thu, 14 Jun 2018 14:13:23 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   527
Md5:    335124958ed2029d5d66ff802bac5877
Sha1:   2936b84dd0928d8f31cb5785662ce09ec9d7dc63
Sha256: aff8090a9b633910e70cbe3ef09171dd39a6953801ffaf6fa02b5d3d640fb2f9
                                        
                                            POST / HTTP/1.1 
Host: isrg.trustid.ocsp.identrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.121
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Transfer-Encoding: Binary
Last-Modified: Wed, 13 Jun 2018 23:17:29 GMT
Etag: "8cd368bbf57262e483cf212b2d00c8a06bee72bc"
Content-Length: 1396
Cache-Control: public, no-transform, must-revalidate, max-age=41641
Expires: Fri, 15 Jun 2018 01:47:24 GMT
Date: Thu, 14 Jun 2018 14:13:23 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1396
Md5:    9171768669f2198bae0075c8ea33f155
Sha1:   8cd368bbf57262e483cf212b2d00c8a06bee72bc
Sha256: cbb651d30e0261a76f10e94020aed3eff47e6824507e3ad543b31a4e6f38f181
                                        
                                            GET /static/jquery.js HTTP/1.1 
Host: js.googletoolservices.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lnzyyj.com/2018shijiebeibaximingdan-1368.html

                                         
                                         23.236.75.181
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Thu, 14 Jun 2018 14:14:22 GMT
Last-Modified: Sun, 10 Jun 2018 14:52:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Etag: W/"5b1d3b34-16a6"
Expires: Fri, 15 Jun 2018 02:14:22 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   3464
Md5:    07e200cff0ad951f3e53e95f6731b0f2
Sha1:   cc20fad262b08cad779436daba6804ea15723e57
Sha256: e5c7f1154f4e245e77bd49475bdfd52b3c2a193561185d007b24cc2d539d3deb
                                        
                                            GET /push.js HTTP/1.1 
Host: push.zhanzhang.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lnzyyj.com/2018shijiebeibaximingdan-1368.html

                                         
                                         111.206.37.189
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Date: Thu, 14 Jun 2018 14:13:24 GMT
Etag: "4078519193"
Expires: Fri, 14 Jun 2019 14:13:24 GMT
Last-Modified: Wed, 25 Nov 2015 07:43:50 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=CF0F99FAE83974A81DF87C0CD9326BAC:FG=1; max-age=31536000; expires=Fri, 14-Jun-19 14:13:24 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   227
Md5:    e548b6ce15bb616c2bfba36e9cfbf307
Sha1:   a348285d9928a6548a57569f1fb9d62bdd747f33
Sha256: 7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
                                        
                                            GET /s.gif?l=http://lnzyyj.com/2018shijiebeibaximingdan-1368.html HTTP/1.1 
Host: api.share.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lnzyyj.com/2018shijiebeibaximingdan-1368.html
Cookie: BAIDUID=CF0F99FAE83974A81DF87C0CD9326BAC:FG=1

                                         
                                         180.149.131.146
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: no-cache, no-store, must-revalidate
Date: Thu, 14 Jun 2018 14:13:24 GMT
Expires: 0
Pragma: no-cache
Server: apache
Content-Length: 0


--- Additional Info ---
                                        
                                            POST /gsorganizationvalsha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 111
Content-Type: application/ocsp-request

                                         
                                         151.101.194.133
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Last-Modified: Thu, 14 Jun 2018 12:09:31 GMT
Expires: Mon, 18 Jun 2018 12:09:31 GMT
Etag: "6402c6bb119ee94b9d600da121fd3d32e56dd556"
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Content-Length: 1570
Accept-Ranges: bytes
Date: Thu, 14 Jun 2018 14:13:25 GMT
Age: 3394
Connection: keep-alive
X-Served-By: cache-sin18021-SIN, cache-bma1646-BMA
X-Cache: HIT, MISS
X-Cache-Hits: 4, 0
X-Timer: S1528985605.348960,VS0,VE202


--- Additional Info ---
Magic:  data
Size:   1570
Md5:    f292ed7b5aec0fbce2f732497015eca1
Sha1:   6402c6bb119ee94b9d600da121fd3d32e56dd556
Sha256: 1618c3398a2d2133e37919e65786f95aa8d051fef7c5fd471ac3e24d0ab88259
                                        
                                            GET /hm.js?33b48debf5252e7e4488c5dfb129a3ba HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lnzyyj.com/2018shijiebeibaximingdan-1368.html
Cookie: BAIDUID=CF0F99FAE83974A81DF87C0CD9326BAC:FG=1

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 9031
Date: Thu, 14 Jun 2018 14:13:26 GMT
Etag: 4d91d533d208bdc3005cf33b2f2c0499
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=4448474F15C3FF6B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max speed
Size:   9031
Md5:    dad10ac0efa434a5c457674d3a514d6f
Sha1:   769dcb44ee9f560e7b9281b652d37bd9c2ae3087
Sha256: 0b49b7de9e71c7fa64babb26c9d45345e02a508b48fa066e2e6a47537e1b544c
                                        
                                            GET /hm.gif?cc=0&ck=1&cl=24-bit&ds=1176x885&vl=754&et=0&fl=10.0&ja=1&ln=en-us&lo=0&rnd=564828112&si=33b48debf5252e7e4488c5dfb129a3ba&v=1.2.30&lv=1&ct=!!&tt=2018%E4%B8%96%E7%95%8C%E6%9D%AF%E5%B7%B4%E8%A5%BF%E5%90%8D%E5%8D%95%20-%20bwin%E5%A8%B1%E4%B9%90%E5%B9%B3%E5%8F%B0%E3%80%90%E7%BD%91%E5%9D%80%E3%80%912018%E4%B8%96%E7%95%8C%E6%9D%AF%E5%A4%9A%E4%B9%85%E5%BC%80%E5%A7%8B&sn=54057 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lnzyyj.com/2018shijiebeibaximingdan-1368.html
Cookie: BAIDUID=CF0F99FAE83974A81DF87C0CD9326BAC:FG=1; HMACCOUNT=4448474F15C3FF6B

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Thu, 14 Jun 2018 14:13:27 GMT
Pragma: no-cache
Server: apache
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            POST /gsdomainvalsha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 111
Content-Type: application/ocsp-request

                                         
                                         151.101.194.133
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Last-Modified: Thu, 14 Jun 2018 10:58:21 GMT
Expires: Mon, 18 Jun 2018 10:58:21 GMT
Etag: "628ff7dc65cbebd9e83f2963d1b1c81daa3aca49"
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Content-Length: 1558
Accept-Ranges: bytes
Date: Thu, 14 Jun 2018 14:13:28 GMT
Age: 3989
Connection: keep-alive
X-Served-By: cache-sin18020-SIN, cache-bma1646-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1
X-Timer: S1528985608.071204,VS0,VE1


--- Additional Info ---
Magic:  data
Size:   1558
Md5:    25962e2ef5cedcbd0bc2400814ad726a
Sha1:   628ff7dc65cbebd9e83f2963d1b1c81daa3aca49
Sha256: d853a7a12fbd80911e562f51a0df7a52eb9a698688d3bc81427949ab2b3d0ed4
                                        
                                            GET /19487047.js HTTP/1.1 
Host: js.users.51.la
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lnzyyj.com/2018shijiebeibaximingdan-1368.html

                                         
                                         183.131.207.78
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: HuaweiCloudWAF
Date: Thu, 14 Jun 2018 14:13:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: HWWAFSESID=53e55249a6d47adbfa86; path=/ HWWAFSESTIME=1528985604009; path=/
Last-Modified: Sat, 12 May 2018 06:39:37 GMT
Etag: W/"5af68c29-1322"
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   2323
Md5:    1885f5630862898a33b5837c253e3030
Sha1:   f5589866e18d989ab21ba3e85af90ae046b18ca6
Sha256: 85636a85a09525c9705aefd9398a2ea3fa84d2d253899af62a5533408a190b06
                                        
                                            GET /go1?id=19487047&rt=1528985609017&rl=1176*885&lang=en-US&ct=unknow&pf=1&ins=0&vd=5&ce=1&cd=24&ds=2018%25E4%25B8%2596%25E7%2595%258C%25E6%259D%25AF%25E5%25A4%259A%25E4%25B9%2585%25E5%25BC%2580%25E5%25A7%258B%25E7%25BD%2591%25E4%25B8%2593%25E9%25A2%2598bwin%25E5%25A8%25B1%25E4%25B9%2590%25E5%25B9%25B3%25E5%258F%25B0%25E7%25BD%2591%25E7%25AB%2599%25EF%25BC%258C%25E6%258F%2590%25E4%25BE%259B%25E6%259C%2580%25E6%2596%25B0%25E6%259C%2580&ing=5&ekc=&sid=1528985608991&tt=2018%25E4%25B8%2596%25E7%2595%258C%25E6%259D%25AF%25E5%25B7%25B4%25E8%25A5%25BF%25E5%2590%258D%25E5%258D%2595%2520-%2520bwin%25E5%25A8%25B1%25E4%25B9%2590%25E5%25B9%25B3%25E5%258F%25B0%25E3%2580%2590%25E7%25BD%2591%25E5%259D%2580%25E3%2580%25912018%25E4%25B8%2596%25E7%2595%258C%25E6%259D%25AF%25E5%25A4%259A%25E4%25B9%2585%25E5%25BC%2580%25E5%25A7%258B&kw=bwin%25E5%25A8%25B1%25E4%25B9%2590%25E5%25B9%25B3%25E5%258F%25B0%2520%25EF%25BC%258Cbwinhaobc%2520bwin%25E5%259B%25BD%25E9%2599%2585%2520%25EF%25BC%258Cbwinhaobc.vip&cu=http%253A%252F%252Flnzyyj.com%252F2018shijiebeibaximingdan-1368.html&pu= HTTP/1.1 
Host: ia.51.la
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lnzyyj.com/2018shijiebeibaximingdan-1368.html

                                         
                                         183.131.207.78
HTTP/1.1 200
Content-Type: application/octet-stream
                                        
Server: HuaweiCloudWAF
Date: Thu, 14 Jun 2018 14:13:29 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=b86f21c8ddd0982caed5; path=/ HWWAFSESTIME=1528985607352; path=/


--- Additional Info ---
                                        
                                            GET /go1?id=19487047&rt=1528985608991&rl=1176*885&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=2018%25E4%25B8%2596%25E7%2595%258C%25E6%259D%25AF%25E5%25A4%259A%25E4%25B9%2585%25E5%25BC%2580%25E5%25A7%258B%25E7%25BD%2591%25E4%25B8%2593%25E9%25A2%2598bwin%25E5%25A8%25B1%25E4%25B9%2590%25E5%25B9%25B3%25E5%258F%25B0%25E7%25BD%2591%25E7%25AB%2599%25EF%25BC%258C%25E6%258F%2590%25E4%25BE%259B%25E6%259C%2580%25E6%2596%25B0%25E6%259C%2580&ing=1&ekc=&sid=1528985608991&tt=2018%25E4%25B8%2596%25E7%2595%258C%25E6%259D%25AF%25E5%25B7%25B4%25E8%25A5%25BF%25E5%2590%258D%25E5%258D%2595%2520-%2520bwin%25E5%25A8%25B1%25E4%25B9%2590%25E5%25B9%25B3%25E5%258F%25B0%25E3%2580%2590%25E7%25BD%2591%25E5%259D%2580%25E3%2580%25912018%25E4%25B8%2596%25E7%2595%258C%25E6%259D%25AF%25E5%25A4%259A%25E4%25B9%2585%25E5%25BC%2580%25E5%25A7%258B&kw=bwin%25E5%25A8%25B1%25E4%25B9%2590%25E5%25B9%25B3%25E5%258F%25B0%2520%25EF%25BC%258Cbwinhaobc%2520bwin%25E5%259B%25BD%25E9%2599%2585%2520%25EF%25BC%258Cbwinhaobc.vip&cu=http%253A%252F%252Flnzyyj.com%252F2018shijiebeibaximingdan-1368.html&pu= HTTP/1.1 
Host: ia.51.la
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lnzyyj.com/2018shijiebeibaximingdan-1368.html

                                         
                                         183.131.207.78
HTTP/1.1 200
Content-Type: application/octet-stream
                                        
Server: HuaweiCloudWAF
Date: Thu, 14 Jun 2018 14:13:29 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=e5359ab1af8df743e8d; path=/ HWWAFSESTIME=1528985608943; path=/


--- Additional Info ---
                                        
                                            GET /go1?id=19487047&rt=1528985609006&rl=1176*885&lang=en-US&ct=unknow&pf=1&ins=0&vd=3&ce=1&cd=24&ds=2018%25E4%25B8%2596%25E7%2595%258C%25E6%259D%25AF%25E5%25A4%259A%25E4%25B9%2585%25E5%25BC%2580%25E5%25A7%258B%25E7%25BD%2591%25E4%25B8%2593%25E9%25A2%2598bwin%25E5%25A8%25B1%25E4%25B9%2590%25E5%25B9%25B3%25E5%258F%25B0%25E7%25BD%2591%25E7%25AB%2599%25EF%25BC%258C%25E6%258F%2590%25E4%25BE%259B%25E6%259C%2580%25E6%2596%25B0%25E6%259C%2580&ing=3&ekc=&sid=1528985608991&tt=2018%25E4%25B8%2596%25E7%2595%258C%25E6%259D%25AF%25E5%25B7%25B4%25E8%25A5%25BF%25E5%2590%258D%25E5%258D%2595%2520-%2520bwin%25E5%25A8%25B1%25E4%25B9%2590%25E5%25B9%25B3%25E5%258F%25B0%25E3%2580%2590%25E7%25BD%2591%25E5%259D%2580%25E3%2580%25912018%25E4%25B8%2596%25E7%2595%258C%25E6%259D%25AF%25E5%25A4%259A%25E4%25B9%2585%25E5%25BC%2580%25E5%25A7%258B&kw=bwin%25E5%25A8%25B1%25E4%25B9%2590%25E5%25B9%25B3%25E5%258F%25B0%2520%25EF%25BC%258Cbwinhaobc%2520bwin%25E5%259B%25BD%25E9%2599%2585%2520%25EF%25BC%258Cbwinhaobc.vip&cu=http%253A%252F%252Flnzyyj.com%252F2018shijiebeibaximingdan-1368.html&pu= HTTP/1.1 
Host: ia.51.la
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lnzyyj.com/2018shijiebeibaximingdan-1368.html

                                         
                                         183.131.207.78
HTTP/1.1 200
Content-Type: application/octet-stream
                                        
Server: HuaweiCloudWAF
Date: Thu, 14 Jun 2018 14:13:29 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=12977166fd42b50f92a8; path=/ HWWAFSESTIME=1528985607802; path=/


--- Additional Info ---
                                        
                                            GET /go1?id=19487047&rt=1528985609012&rl=1176*885&lang=en-US&ct=unknow&pf=1&ins=0&vd=4&ce=1&cd=24&ds=2018%25E4%25B8%2596%25E7%2595%258C%25E6%259D%25AF%25E5%25A4%259A%25E4%25B9%2585%25E5%25BC%2580%25E5%25A7%258B%25E7%25BD%2591%25E4%25B8%2593%25E9%25A2%2598bwin%25E5%25A8%25B1%25E4%25B9%2590%25E5%25B9%25B3%25E5%258F%25B0%25E7%25BD%2591%25E7%25AB%2599%25EF%25BC%258C%25E6%258F%2590%25E4%25BE%259B%25E6%259C%2580%25E6%2596%25B0%25E6%259C%2580&ing=4&ekc=&sid=1528985608991&tt=2018%25E4%25B8%2596%25E7%2595%258C%25E6%259D%25AF%25E5%25B7%25B4%25E8%25A5%25BF%25E5%2590%258D%25E5%258D%2595%2520-%2520bwin%25E5%25A8%25B1%25E4%25B9%2590%25E5%25B9%25B3%25E5%258F%25B0%25E3%2580%2590%25E7%25BD%2591%25E5%259D%2580%25E3%2580%25912018%25E4%25B8%2596%25E7%2595%258C%25E6%259D%25AF%25E5%25A4%259A%25E4%25B9%2585%25E5%25BC%2580%25E5%25A7%258B&kw=bwin%25E5%25A8%25B1%25E4%25B9%2590%25E5%25B9%25B3%25E5%258F%25B0%2520%25EF%25BC%258Cbwinhaobc%2520bwin%25E5%259B%25BD%25E9%2599%2585%2520%25EF%25BC%258Cbwinhaobc.vip&cu=http%253A%252F%252Flnzyyj.com%252F2018shijiebeibaximingdan-1368.html&pu= HTTP/1.1 
Host: ia.51.la
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lnzyyj.com/2018shijiebeibaximingdan-1368.html

                                         
                                         183.131.207.78
HTTP/1.1 200
Content-Type: application/octet-stream
                                        
Server: HuaweiCloudWAF
Date: Thu, 14 Jun 2018 14:13:29 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=12977169fd42b50f92a8; path=/ HWWAFSESTIME=1528985607802; path=/


--- Additional Info ---
                                        
                                            GET /go1?id=19487047&rt=1528985609029&rl=1176*885&lang=en-US&ct=unknow&pf=1&ins=0&vd=7&ce=1&cd=24&ds=2018%25E4%25B8%2596%25E7%2595%258C%25E6%259D%25AF%25E5%25A4%259A%25E4%25B9%2585%25E5%25BC%2580%25E5%25A7%258B%25E7%25BD%2591%25E4%25B8%2593%25E9%25A2%2598bwin%25E5%25A8%25B1%25E4%25B9%2590%25E5%25B9%25B3%25E5%258F%25B0%25E7%25BD%2591%25E7%25AB%2599%25EF%25BC%258C%25E6%258F%2590%25E4%25BE%259B%25E6%259C%2580%25E6%2596%25B0%25E6%259C%2580&ing=7&ekc=&sid=1528985608991&tt=2018%25E4%25B8%2596%25E7%2595%258C%25E6%259D%25AF%25E5%25B7%25B4%25E8%25A5%25BF%25E5%2590%258D%25E5%258D%2595%2520-%2520bwin%25E5%25A8%25B1%25E4%25B9%2590%25E5%25B9%25B3%25E5%258F%25B0%25E3%2580%2590%25E7%25BD%2591%25E5%259D%2580%25E3%2580%25912018%25E4%25B8%2596%25E7%2595%258C%25E6%259D%25AF%25E5%25A4%259A%25E4%25B9%2585%25E5%25BC%2580%25E5%25A7%258B&kw=bwin%25E5%25A8%25B1%25E4%25B9%2590%25E5%25B9%25B3%25E5%258F%25B0%2520%25EF%25BC%258Cbwinhaobc%2520bwin%25E5%259B%25BD%25E9%2599%2585%2520%25EF%25BC%258Cbwinhaobc.vip&cu=http%253A%252F%252Flnzyyj.com%252F2018shijiebeibaximingdan-1368.html&pu= HTTP/1.1 
Host: ia.51.la
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lnzyyj.com/2018shijiebeibaximingdan-1368.html

                                         
                                         183.131.207.78
HTTP/1.1 200
Content-Type: application/octet-stream
                                        
Server: HuaweiCloudWAF
Date: Thu, 14 Jun 2018 14:13:30 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=b86f22188dd0982caed5; path=/ HWWAFSESTIME=1528985607352; path=/


--- Additional Info ---
                                        
                                            GET /go1?id=19487047&rt=1528985609036&rl=1176*885&lang=en-US&ct=unknow&pf=1&ins=0&vd=8&ce=1&cd=24&ds=2018%25E4%25B8%2596%25E7%2595%258C%25E6%259D%25AF%25E5%25A4%259A%25E4%25B9%2585%25E5%25BC%2580%25E5%25A7%258B%25E7%25BD%2591%25E4%25B8%2593%25E9%25A2%2598bwin%25E5%25A8%25B1%25E4%25B9%2590%25E5%25B9%25B3%25E5%258F%25B0%25E7%25BD%2591%25E7%25AB%2599%25EF%25BC%258C%25E6%258F%2590%25E4%25BE%259B%25E6%259C%2580%25E6%2596%25B0%25E6%259C%2580&ing=8&ekc=&sid=1528985608991&tt=2018%25E4%25B8%2596%25E7%2595%258C%25E6%259D%25AF%25E5%25B7%25B4%25E8%25A5%25BF%25E5%2590%258D%25E5%258D%2595%2520-%2520bwin%25E5%25A8%25B1%25E4%25B9%2590%25E5%25B9%25B3%25E5%258F%25B0%25E3%2580%2590%25E7%25BD%2591%25E5%259D%2580%25E3%2580%25912018%25E4%25B8%2596%25E7%2595%258C%25E6%259D%25AF%25E5%25A4%259A%25E4%25B9%2585%25E5%25BC%2580%25E5%25A7%258B&kw=bwin%25E5%25A8%25B1%25E4%25B9%2590%25E5%25B9%25B3%25E5%258F%25B0%2520%25EF%25BC%258Cbwinhaobc%2520bwin%25E5%259B%25BD%25E9%2599%2585%2520%25EF%25BC%258Cbwinhaobc.vip&cu=http%253A%252F%252Flnzyyj.com%252F2018shijiebeibaximingdan-1368.html&pu= HTTP/1.1 
Host: ia.51.la
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lnzyyj.com/2018shijiebeibaximingdan-1368.html

                                         
                                         183.131.207.78
HTTP/1.1 200
Content-Type: application/octet-stream
                                        
Server: HuaweiCloudWAF
Date: Thu, 14 Jun 2018 14:13:30 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=e5359100faf8df743e8d; path=/ HWWAFSESTIME=1528985608943; path=/


--- Additional Info ---
                                        
                                            GET /go1?id=19487047&rt=1528985609044&rl=1176*885&lang=en-US&ct=unknow&pf=1&ins=0&vd=9&ce=1&cd=24&ds=2018%25E4%25B8%2596%25E7%2595%258C%25E6%259D%25AF%25E5%25A4%259A%25E4%25B9%2585%25E5%25BC%2580%25E5%25A7%258B%25E7%25BD%2591%25E4%25B8%2593%25E9%25A2%2598bwin%25E5%25A8%25B1%25E4%25B9%2590%25E5%25B9%25B3%25E5%258F%25B0%25E7%25BD%2591%25E7%25AB%2599%25EF%25BC%258C%25E6%258F%2590%25E4%25BE%259B%25E6%259C%2580%25E6%2596%25B0%25E6%259C%2580&ing=9&ekc=&sid=1528985608991&tt=2018%25E4%25B8%2596%25E7%2595%258C%25E6%259D%25AF%25E5%25B7%25B4%25E8%25A5%25BF%25E5%2590%258D%25E5%258D%2595%2520-%2520bwin%25E5%25A8%25B1%25E4%25B9%2590%25E5%25B9%25B3%25E5%258F%25B0%25E3%2580%2590%25E7%25BD%2591%25E5%259D%2580%25E3%2580%25912018%25E4%25B8%2596%25E7%2595%258C%25E6%259D%25AF%25E5%25A4%259A%25E4%25B9%2585%25E5%25BC%2580%25E5%25A7%258B&kw=bwin%25E5%25A8%25B1%25E4%25B9%2590%25E5%25B9%25B3%25E5%258F%25B0%2520%25EF%25BC%258Cbwinhaobc%2520bwin%25E5%259B%25BD%25E9%2599%2585%2520%25EF%25BC%258Cbwinhaobc.vip&cu=http%253A%252F%252Flnzyyj.com%252F2018shijiebeibaximingdan-1368.html&pu= HTTP/1.1 
Host: ia.51.la
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lnzyyj.com/2018shijiebeibaximingdan-1368.html

                                         
                                         183.131.207.78
HTTP/1.1 200
Content-Type: application/octet-stream
                                        
Server: HuaweiCloudWAF
Date: Thu, 14 Jun 2018 14:13:30 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=129771b58d42b50f92a8; path=/ HWWAFSESTIME=1528985607802; path=/


--- Additional Info ---
                                        
                                            GET /go1?id=19487047&rt=1528985609050&rl=1176*885&lang=en-US&ct=unknow&pf=1&ins=0&vd=10&ce=1&cd=24&ds=2018%25E4%25B8%2596%25E7%2595%258C%25E6%259D%25AF%25E5%25A4%259A%25E4%25B9%2585%25E5%25BC%2580%25E5%25A7%258B%25E7%25BD%2591%25E4%25B8%2593%25E9%25A2%2598bwin%25E5%25A8%25B1%25E4%25B9%2590%25E5%25B9%25B3%25E5%258F%25B0%25E7%25BD%2591%25E7%25AB%2599%25EF%25BC%258C%25E6%258F%2590%25E4%25BE%259B%25E6%259C%2580%25E6%2596%25B0%25E6%259C%2580&ing=10&ekc=&sid=1528985608991&tt=2018%25E4%25B8%2596%25E7%2595%258C%25E6%259D%25AF%25E5%25B7%25B4%25E8%25A5%25BF%25E5%2590%258D%25E5%258D%2595%2520-%2520bwin%25E5%25A8%25B1%25E4%25B9%2590%25E5%25B9%25B3%25E5%258F%25B0%25E3%2580%2590%25E7%25BD%2591%25E5%259D%2580%25E3%2580%25912018%25E4%25B8%2596%25E7%2595%258C%25E6%259D%25AF%25E5%25A4%259A%25E4%25B9%2585%25E5%25BC%2580%25E5%25A7%258B&kw=bwin%25E5%25A8%25B1%25E4%25B9%2590%25E5%25B9%25B3%25E5%258F%25B0%2520%25EF%25BC%258Cbwinhaobc%2520bwin%25E5%259B%25BD%25E9%2599%2585%2520%25EF%25BC%258Cbwinhaobc.vip&cu=http%253A%252F%252Flnzyyj.com%252F2018shijiebeibaximingdan-1368.html&pu= HTTP/1.1 
Host: ia.51.la
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lnzyyj.com/2018shijiebeibaximingdan-1368.html

                                         
                                         183.131.207.78
HTTP/1.1 200
Content-Type: application/octet-stream
                                        
Server: HuaweiCloudWAF
Date: Thu, 14 Jun 2018 14:13:30 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=129771bd0d42b50f92a8; path=/ HWWAFSESTIME=1528985607802; path=/


--- Additional Info ---
                                        
                                            GET /go1?id=19487047&rt=1528985609023&rl=1176*885&lang=en-US&ct=unknow&pf=1&ins=0&vd=6&ce=1&cd=24&ds=2018%25E4%25B8%2596%25E7%2595%258C%25E6%259D%25AF%25E5%25A4%259A%25E4%25B9%2585%25E5%25BC%2580%25E5%25A7%258B%25E7%25BD%2591%25E4%25B8%2593%25E9%25A2%2598bwin%25E5%25A8%25B1%25E4%25B9%2590%25E5%25B9%25B3%25E5%258F%25B0%25E7%25BD%2591%25E7%25AB%2599%25EF%25BC%258C%25E6%258F%2590%25E4%25BE%259B%25E6%259C%2580%25E6%2596%25B0%25E6%259C%2580&ing=6&ekc=&sid=1528985608991&tt=2018%25E4%25B8%2596%25E7%2595%258C%25E6%259D%25AF%25E5%25B7%25B4%25E8%25A5%25BF%25E5%2590%258D%25E5%258D%2595%2520-%2520bwin%25E5%25A8%25B1%25E4%25B9%2590%25E5%25B9%25B3%25E5%258F%25B0%25E3%2580%2590%25E7%25BD%2591%25E5%259D%2580%25E3%2580%25912018%25E4%25B8%2596%25E7%2595%258C%25E6%259D%25AF%25E5%25A4%259A%25E4%25B9%2585%25E5%25BC%2580%25E5%25A7%258B&kw=bwin%25E5%25A8%25B1%25E4%25B9%2590%25E5%25B9%25B3%25E5%258F%25B0%2520%25EF%25BC%258Cbwinhaobc%2520bwin%25E5%259B%25BD%25E9%2599%2585%2520%25EF%25BC%258Cbwinhaobc.vip&cu=http%253A%252F%252Flnzyyj.com%252F2018shijiebeibaximingdan-1368.html&pu= HTTP/1.1 
Host: ia.51.la
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lnzyyj.com/2018shijiebeibaximingdan-1368.html

                                         
                                         183.131.207.78
HTTP/1.1 200
Content-Type: application/octet-stream
                                        
Server: HuaweiCloudWAF
Date: Thu, 14 Jun 2018 14:13:32 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=3862e2cb0aec674cb863; path=/ HWWAFSESTIME=1528985608693; path=/


--- Additional Info ---
                                        
                                            GET /go1?id=19487047&rt=1528985608999&rl=1176*885&lang=en-US&ct=unknow&pf=1&ins=0&vd=2&ce=1&cd=24&ds=2018%25E4%25B8%2596%25E7%2595%258C%25E6%259D%25AF%25E5%25A4%259A%25E4%25B9%2585%25E5%25BC%2580%25E5%25A7%258B%25E7%25BD%2591%25E4%25B8%2593%25E9%25A2%2598bwin%25E5%25A8%25B1%25E4%25B9%2590%25E5%25B9%25B3%25E5%258F%25B0%25E7%25BD%2591%25E7%25AB%2599%25EF%25BC%258C%25E6%258F%2590%25E4%25BE%259B%25E6%259C%2580%25E6%2596%25B0%25E6%259C%2580&ing=2&ekc=&sid=1528985608991&tt=2018%25E4%25B8%2596%25E7%2595%258C%25E6%259D%25AF%25E5%25B7%25B4%25E8%25A5%25BF%25E5%2590%258D%25E5%258D%2595%2520-%2520bwin%25E5%25A8%25B1%25E4%25B9%2590%25E5%25B9%25B3%25E5%258F%25B0%25E3%2580%2590%25E7%25BD%2591%25E5%259D%2580%25E3%2580%25912018%25E4%25B8%2596%25E7%2595%258C%25E6%259D%25AF%25E5%25A4%259A%25E4%25B9%2585%25E5%25BC%2580%25E5%25A7%258B&kw=bwin%25E5%25A8%25B1%25E4%25B9%2590%25E5%25B9%25B3%25E5%258F%25B0%2520%25EF%25BC%258Cbwinhaobc%2520bwin%25E5%259B%25BD%25E9%2599%2585%2520%25EF%25BC%258Cbwinhaobc.vip&cu=http%253A%252F%252Flnzyyj.com%252F2018shijiebeibaximingdan-1368.html&pu= HTTP/1.1 
Host: ia.51.la
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://lnzyyj.com/2018shijiebeibaximingdan-1368.html

                                         
                                         0.0.0.0
                                        


--- Additional Info ---