Overview

URL ghtt3.gddixing.com/
IP52.78.124.149
ASN
Location United States
Report completed2019-02-18 14:22:02 CET
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2019-02-18 2 ghtt3.gddixing.com/ Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 52.78.124.149

Date UQ / IDS / BL URL IP
2019-02-18 17:09:29 +0100
0 - 0 - 1 preukson.com/a/xinwen/xingyexinwen/985.html 52.78.124.149
2019-02-18 16:30:42 +0100
0 - 0 - 1 vxniuniu.com/item/1.html 52.78.124.149
2019-02-17 21:12:20 +0100
0 - 0 - 1 m.d7tuan.com/ 52.78.124.149
2019-02-17 16:53:05 +0100
0 - 0 - 1 cswlzx.com/cy/890.html 52.78.124.149
2019-02-16 19:05:16 +0100
0 - 1 - 0 g6series.com/wp-content/plugins/304.exe 52.78.124.149
2019-02-16 17:56:36 +0100
0 - 0 - 1 dadaowl.com/racing/68346.html 52.78.124.149
2019-02-14 05:22:06 +0100
0 - 0 - 1 cl2.qnxzq.com/download/03d2xsavde_20@3489.exe 52.78.124.149
2019-02-12 15:20:13 +0100
0 - 0 - 1 cl2.qnxzq.com/download/linuxdeepin_68@16353.exe 52.78.124.149
2019-02-12 07:13:31 +0100
0 - 0 - 1 cl2.dldhyx.com/download/%C3%A41%E2%81%844%20% (...) 52.78.124.149
2019-02-11 15:58:08 +0100
0 - 0 - 1 mi1998.com/zuixindongtai/33.html 52.78.124.149

Last 10 reports on ASN:

Date UQ / IDS / BL URL IP
2019-07-02 09:48:15 +0200
0 - 0 - 0 https://www.imdb.com/list/ls049696316/ 143.204.52.228
2019-07-02 09:48:17 +0200
0 - 0 - 0 https://www.imdb.com/list/ls049696333/ 143.204.52.228
2019-07-02 09:48:03 +0200
0 - 0 - 0 https://www.spreaker.com/show/ver-peru-x-urug (...) 52.51.101.146
2019-07-01 11:37:34 +0200
0 - 0 - 0 https://www.tig-uk.com/tts/nbn4298k3o7tvns8vp (...) 144.217.235.30
2019-07-01 11:37:22 +0200
0 - 0 - 0 https://www.tig-uk.com/tts/nbn4298k3o7tvns8vp (...) 144.217.235.30
2019-07-01 11:36:59 +0200
0 - 0 - 0 https://healthadviserpro.com/power-efficiency (...) 108.179.246.37
2019-07-01 11:35:37 +0200
0 - 0 - 0 https://www.imdb.com/list/ls049291106/ 143.204.52.228
2019-07-01 11:31:59 +0200
0 - 0 - 1 https://fp.bwjf.cn/downInvoice/98d3884f381b46 (...) 39.107.217.15
2019-07-01 11:28:01 +0200
0 - 0 - 0 https://d9.flashtalking.com/d9core 52.211.104.166
2019-07-01 11:27:51 +0200
0 - 0 - 0 https://www.launchora.com/story/123movies-wat (...) 52.38.238.5

No other reports on domain: gddixing.com



JavaScript

Executed Scripts (19)


Executed Evals (0)


Executed Writes (4)

#1 JavaScript::Write (size: 48, repeated: 1) - SHA256: b70f5bba02ab221cc2bb9eefec4515fec8f790f188b5f7a2d0c53d3688a55c36

                                        < div id = "_dtn53w59u0q"
style = "width:100%" > < /div>
                                    

#2 JavaScript::Write (size: 120, repeated: 1) - SHA256: 093a8dbae83360a01e1845458a38c0eb408a9dd1b9ecb1effbe59284d7a524ca

                                        < script src = 'http://c.cnzz.com/core.php?web_id=1262101851&show=pic&t=z'
charset = 'utf-8'
type = 'text/javascript' > < /script>
                                    

#3 JavaScript::Write (size: 161, repeated: 1) - SHA256: 25aea139e2b73160f7a6957d20b86d9b387ad7dc70acd402de6f8b9875453bdf

                                        < span class = "buy" > < a target = "_blank"
class = "buy"
href = "http://www.xinnet.com"
style = "text-decoration:none;" > �����0� T���� F� 9 < /a></span >
                                    

#4 JavaScript::Write (size: 145, repeated: 1) - SHA256: 4c49eaa42019ae1b00fba3d9a6bda6bf3f9b148f2fb6e0841f072d6a155cfd19

                                        < span id = 'cnzz_stat_icon_1262101851' > < /span><script src=' http:/ / s22.cnzz.com / z_stat.php ? id = 1262101851 & show = pic ' type='
text / javascript '></script>
                                    


HTTP Transactions (25)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: ghtt3.gddixing.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         52.78.124.149
HTTP/1.1 200 OK
Content-Type: text/html;charset=utf-8
                                        
Server: nginx/yumi@404
Date: Mon, 18 Feb 2019 13:21:25 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.3
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   404
Md5:    19728f0c3f6f2536c2d51657f02a875d
Sha1:   e6e0a8c423e2bf9207f82e6545d31896946e9730
Sha256: 6a19c377253a3b11945e5e9ec6a683a8cbf9d9a13f76cc29a72f37ee298a3b54

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: ghtt3.gddixing.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         52.78.124.149
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx/yumi@404
Date: Mon, 18 Feb 2019 13:21:26 GMT
Content-Length: 824
Last-Modified: Mon, 21 May 2018 09:40:46 GMT
Connection: keep-alive
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PC bitmap, Windows 3.x format, 16 x 16 x 24
Size:   824
Md5:    372f7464617155cf179b2fd79552745c
Sha1:   be5f29eb0c80ca04b7377809266b574920dbaad2
Sha256: 39662edca941e4f14a7f9261fe1ddae08346b773883de02954b1a1059c669be5
                                        
                                            GET /?dm=gddixing.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB&poprequest=1 HTTP/1.1 
Host: 597.ok365.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         183.134.218.69
HTTP/1.1 200 OK
Content-Type: text/html;charset=utf-8
                                        
Server: Tengine/1.4.2
Date: Mon, 18 Feb 2019 13:21:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.3.10
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   3279
Md5:    b45abda8078393de7f1732fe6ff75d47
Sha1:   dbd062450eb7e89f900489b602142430dc970d9f
Sha256: 8cad7e7af8c7c15584b050b574ca605bdae9f136a11cfe7460a7440068618ae6
                                        
                                            GET /js/baidu.js?t=201712071 HTTP/1.1 
Host: a1.dnbizcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://597.ok365.com.cn/?dm=gddixing.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB&poprequest=1

                                         
                                         50.117.125.244
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: Tengine/1.4.2
Date: Mon, 18 Feb 2019 13:21:27 GMT
Last-Modified: Thu, 07 Dec 2017 01:04:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1336
Md5:    f0c3a438234bbf4a3ea814012f31d829
Sha1:   eeeea0cb3b863ba201350a5766767bf79bee4241
Sha256: b02150926b8446f8fecd8cb9cf1d455f12c63d0adb988da464bed8ec44acd66e
                                        
                                            GET /img/1834/logo_dopa.jpg HTTP/1.1 
Host: a1.dnbizcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://597.ok365.com.cn/?dm=gddixing.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB&poprequest=1

                                         
                                         50.117.125.244
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine/1.4.2
Date: Mon, 18 Feb 2019 13:21:27 GMT
Content-Length: 7445
Last-Modified: Fri, 17 Nov 2017 03:16:16 GMT
Connection: keep-alive
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, EXIF standard
Size:   7445
Md5:    620cfeb8bc0361990eb6da6b2a10697a
Sha1:   8fcf964519ad0d02ac67219b69424334021cc49f
Sha256: dd4e9c311fe30d9aebb0965007420b6e34d42b6e9bb5333a956d1f0b6fc4e384
                                        
                                            GET /css/t_834_20171103.css?201712042 HTTP/1.1 
Host: a1.dnbizcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://597.ok365.com.cn/?dm=gddixing.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB&poprequest=1

                                         
                                         50.117.125.244
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: Tengine/1.4.2
Date: Mon, 18 Feb 2019 13:21:27 GMT
Last-Modified: Thu, 15 Mar 2018 01:43:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   3354
Md5:    18fb1cd097d83f588d7bc6aa17a08a0d
Sha1:   312d7a4ad0d5b7f87efcc84b4d42355ed2b5950e
Sha256: be4d9fa8ca2449801be7ce71b6d225df69e8aeb0ef9de9e73d51a9bd00b2bb88
                                        
                                            GET /img/favicon_dopa.ico HTTP/1.1 
Host: a1.dnbizcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         50.117.125.244
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: Tengine/1.4.2
Date: Mon, 18 Feb 2019 13:21:27 GMT
Content-Length: 824
Last-Modified: Fri, 04 May 2018 09:53:13 GMT
Connection: keep-alive
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PC bitmap, Windows 3.x format, 16 x 16 x 24
Size:   824
Md5:    372f7464617155cf179b2fd79552745c
Sha1:   be5f29eb0c80ca04b7377809266b574920dbaad2
Sha256: 39662edca941e4f14a7f9261fe1ddae08346b773883de02954b1a1059c669be5
                                        
                                            GET /js/b/caf.js HTTP/1.1 
Host: a1.dnbizcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://597.ok365.com.cn/?dm=gddixing.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB&poprequest=1

                                         
                                         50.117.125.244
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: Tengine/1.4.2
Date: Mon, 18 Feb 2019 13:21:27 GMT
Last-Modified: Fri, 07 Dec 2018 05:15:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   3278
Md5:    5da6cb13b1cbd2e9f3cbb69cc876b186
Sha1:   7dc44282d309b37a6cbcea7f5ecbd85d459bca63
Sha256: 3cbd035f11fa9163ce86bebcaf26e164f5ad64b5f523fc2bc95dcce68db012d7
                                        
                                            GET /rd.121.com/js/jquery-1.7.2.min.js HTTP/1.1 
Host: a1.dnbizcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://597.ok365.com.cn/?dm=gddixing.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB&poprequest=1

                                         
                                         50.117.125.244
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: Tengine/1.4.2
Date: Mon, 18 Feb 2019 13:21:27 GMT
Last-Modified: Fri, 05 Jun 2015 06:29:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   37730
Md5:    ec191a7d8c00acc3e5a6f623b7ee66cf
Sha1:   82ec937cbc22ea7e204d654dc5b5d3a270257ea1
Sha256: 60731c5d515d65f19d3c5802b46a275940e1058dcf310f75bc13c1ea79997fe6
                                        
                                            POST /gsorganizationvalsha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 111
Content-Type: application/ocsp-request

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 18 Feb 2019 13:21:29 GMT
Content-Length: 1570
Connection: keep-alive
Set-Cookie: __cfduid=db9e10d338e327451b9cb16afa9df8e761550496089; expires=Tue, 18-Feb-20 13:21:29 GMT; path=/; domain=.globalsign.com; HttpOnly
Last-Modified: Mon, 18 Feb 2019 11:45:34 GMT
Expires: Fri, 22 Feb 2019 11:45:34 GMT
Etag: "c9d33eb38065ccef49888b67534beffe0893de6d"
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4ab0cc0e99644267-OSL


--- Additional Info ---
Magic:  data
Size:   1570
Md5:    065b885ae213a90fd93639373b19cec5
Sha1:   c9d33eb38065ccef49888b67534beffe0893de6d
Sha256: 472f3c93717659aa838f57c480edadbe55910b24688b746470d2ab18aba83e19
                                        
                                            GET /5bVWsj_p_tVS5dKfpU_Y_D3/res/r/image/2017-09-26/352f1d243122cf52462a2e6cdcb5ed6d.png HTTP/1.1 
Host: gss0.bdstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://597.ok365.com.cn/?dm=gddixing.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB&poprequest=1

                                         
                                         104.193.90.89
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: JSP3/2.0.14
Date: Mon, 18 Feb 2019 13:21:29 GMT
Content-Length: 5718
Connection: keep-alive
Etag: "3c3a1818d726afe0cf4eb341833281e0"
Last-Modified: Mon, 16 Apr 2018 06:04:40 GMT
Expires: Tue, 19 Feb 2019 21:03:59 GMT
Age: 145047
Accept-Ranges: bytes
Cache-Control: max-age=259200
Content-MD5: PDoYGNcmr+DPTrNBgzKB4A==
x-bce-content-crc32: 0
x-bce-debug-id: pfz/v52G7CCM1fcM/GkDlV+qy7PSWfzUrUC4mt9Ww+DmL/vQGapXCwuZVP7zjdTHma8tLUfA101Ek83095m+aw==
x-bce-request-id: 846bde44-0927-4c10-bfd1-6f8b18889845
x-bce-storage-class: STANDARD
Ohc-File-Size: 5718
Timing-Allow-Origin: *
Ohc-Response-Time: 1 0 0 0 0 0


--- Additional Info ---
Magic:  PNG image, 256 x 84, 8-bit/color RGBA, interlaced
Size:   5718
Md5:    3c3a1818d726afe0cf4eb341833281e0
Sha1:   45ffad4ad9b894feb0df3faa75421611fa047872
Sha256: 839ee4f84ddcc97560075a125df8fc8e450bf2ab2915e06aece76e3a4fda40a2
                                        
                                            GET /ezriryywocgorvwy.js HTTP/1.1 
Host: bd1.dopa.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://597.ok365.com.cn/?dm=gddixing.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB&poprequest=1

                                         
                                         115.231.186.131
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
                                        
Date: Mon, 18 Feb 2019 13:21:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=3600
Expires: Mon, 18 Feb 2019 14:21:38 GMT
Last-Modified: Tue, 29 Jan 2019 09:52:29 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Set-Cookie: BAIDUID=0A0656215C5C8A1F3FF499FF9971C1C7:FG=1; expires=Thu, 30-Jan-20 01:36:29 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
Server: yunjiasu-nginx
YJS-CacheStatus: HIT
YJS-ID: 778146dacec32b6c-111
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1185
Md5:    453325e109e78c599417e3d4220a2843
Sha1:   5f9c7d917ff6c2f0634301ace9ddbecc8c909105
Sha256: 7acc20a36247620fdbc0f74535f05674edf125e87d0b64a0dd32dccd87de0973
                                        
                                            GET /tracking.php?q=A4YpTvlwHna8rdgQlrNQGm1mRZNJz3pJ34EL-PNe6iJEeH9vQ_hVbOWP3-4I9x-2xbveTAHZeJSmLk-vmkuZg8_QGBN5iOn2t2R5UKVZRUMAJ7oagmnPfxOw-uerhdqorjPXwL40XVsFInlYfBYfFmyNG4q4ytzSr__xH9R1otkXAsvnWPOrFzzB5vgujzPPdELX1qqIsiHZhHX4oZGiAr7QWDrUbmkyDBYLG4PbfOiCUaoHD3SXei7TAE-P3mEjNfMOQTZtFRv6XXH0AZxGaQ1LfvOMrDv1XZJVovxiuuoS_-q0CpR1dyApSm4Canv0qYevPFI9VFep3grqGMDpTS_jK9v9YADgeQcQGu3IIgTJkixNbLNsA1eVPx9YshzXvzFJh0yhkZKEqJT1RcYX2vzD4cmbERgnLIsrGPrCiaNMgyCDEV0nv74RPnZbb5w_FmtFTL4sWRDkPRuMhZLQIOjY9KD1se6rOg1Ipyg3YvK_O0uomq7qgnSBal0gHnWJCpR32rMHjc4MOnHPQR8WwRlavKqi1EeXsc3Od1CLRusPng24_KHsgZpooRD5IU4vfmnsR-RgVZYUjW5jXxfe2q7Uz1nPYMUGNc8kBtiYceXyOUDKJV_QCR48Sgh-CtOsN-r0KRepPFPlfYjxFYMoulSMD4-ER4-wMx-ozIXxl-X0NzR34qiPDTFZlHmONx_4t3c2auYaEpZaEMmhRuZAAbhHcB3fLIyMWXLGa3kQnJ5cc5qNhMBKp-1bIYEb4ag_&p=121&oc=true&ac=0,12&kc=0,10&sw=1176&sh=885&if=false&ia=false&nr=false&tz=-60&ck=&req_url=http%3A%2F%2F597.ok365.com.cn%2F%3Fdm%3Dgddixing.com%26acc%3D96F52E2F-2CB3-468B-900C-1A4B76552CAB%26poprequest%3D1&method=index&mm=false HTTP/1.1 
Host: 597.ok365.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://597.ok365.com.cn/?dm=gddixing.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB&poprequest=1

                                         
                                         183.134.218.69
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: Tengine/1.4.2
Date: Mon, 18 Feb 2019 13:21:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.3.10
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   20
Md5:    7029066c27ac6f5ef18d660d5741979a
Sha1:   46c6643f07aa7f6bfe7118de926b86defc5087c4
Sha256: 59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
                                        
                                            GET /lfjnxv.js HTTP/1.1 
Host: bd1.dopa.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://597.ok365.com.cn/?dm=gddixing.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB&poprequest=1

                                         
                                         115.231.186.131
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
                                        
Date: Mon, 18 Feb 2019 13:21:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=3600
Expires: Mon, 18 Feb 2019 14:21:39 GMT
Last-Modified: Tue, 29 Jan 2019 09:52:29 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Set-Cookie: BAIDUID=FED63F68FF2214A7433AC986781E1FFA:FG=1; expires=Thu, 30-Jan-20 01:17:15 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
Server: yunjiasu-nginx
YJS-CacheStatus: HIT
YJS-ID: 778146dfcf0a2b6c-111
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21132
Md5:    cdebbf12380ebc9237e6be30f55690d8
Sha1:   32b23c31fb7db1586faf91c9d987bdd75f84893d
Sha256: e16004a8d133d639dc9a26c08fbb51f865aafc03b388b148943826159da1bb9a
                                        
                                            GET /rs.jpg?type=pvLog&date=1550496101362stamp=0.7223185955837775 HTTP/1.1 
Host: eclick.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://597.ok365.com.cn/?dm=gddixing.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB&poprequest=1

                                         
                                         111.202.114.81
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Accept-Ranges: bytes
Cache-Control: max-age=0
Connection: keep-alive
Content-Length: 0
Date: Mon, 18 Feb 2019 13:21:42 GMT
Etag: "5c64f8b3-0"
Expires: Mon, 18 Feb 2019 13:21:42 GMT
Last-Modified: Thu, 14 Feb 2019 05:12:19 GMT
Server: nginx


--- Additional Info ---
                                        
                                            GET /cpro/ui/pr.js HTTP/1.1 
Host: cpro.baidustatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://597.ok365.com.cn/?dm=gddixing.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB&poprequest=1

                                         
                                         61.163.171.34
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: JSP3/2.0.14
Date: Mon, 18 Feb 2019 13:21:42 GMT
Content-Length: 190
Connection: keep-alive
Etag: "5c64f8a8-be"
Last-Modified: Thu, 14 Feb 2019 05:12:08 GMT
Expires: Mon, 18 Feb 2019 13:51:47 GMT
Age: 1795
Accept-Ranges: bytes
Cache-Control: max-age=3600
Content-Encoding: gzip
Ohc-Response-Time: 1 0 0 0 0 0


--- Additional Info ---
Magic:  gzip compressed data, was "pr.js", from Unix, last modified: Thu Aug 30 05:35:59 2018
Size:   190
Md5:    68da3747190e85824325fa9e568045f3
Sha1:   9900b6c085de50e8280d04b4326508aaf0305743
Sha256: 3247f71eb86f935016c2db39834274d7b5260aa440cd1a9a73a5c1948dfabb45
                                        
                                            GET /s?hei=80&wid=640&di=u3136652&ltu=http%3A%2F%2F597.ok365.com.cn%2F%3Fdm%3Dgddixing.com%26acc%3D96F52E2F-2CB3-468B-900C-1A4B76552CAB%26poprequest%3D1&psi=2e74587d86577395ec3ad2ca8d1bde4d&pcs=1176x737&dis=0&cec=UTF-8&tpr=1550496101351&tlm=1550496087&cja=true&drs=1&pss=1222x737&col=en-US&dc=3&psr=1176x885&exps=111000,113000,110010&ant=0&dai=1&pis=-1x-1&ps=71x330&cmi=92&dri=0&cdo=-1&dtm=HTML_POST&cce=true&ti=gddixing.com&ari=2&cpl=10&ccd=24&cfv=10&chi=1&par=1176x855&tcn=1550496101 HTTP/1.1 
Host: pos.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://597.ok365.com.cn/?dm=gddixing.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB&poprequest=1

                                         
                                         115.239.210.141
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Cache-Control: post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 6202
Date: Mon, 18 Feb 2019 13:21:42 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Mon Feb 18 21:21:42 2019
P3p: CP=" OTI DSP COR IVA OUR IND COM ", CP=" OTI DSP COR IVA OUR IND COM "
Pragma: no-cache
Server: nginx
Set-Cookie: BAIDUID=D34B072A913D4B63D9953135EB980F7D:FG=1; expires=Tue, 18-Feb-50 13:21:42 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
X-Xss-Protection: 0


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   6202
Md5:    1040d0c115e8eb2d6c1ac4e87026f823
Sha1:   34d6a11452903ffb938485ace27df5c7d28ef7b2
Sha256: 7bb9146ae9f59bd65c5fb86dad0a451e5c913ecf7e357aaa3c34960798114b7c
                                        
                                            GET /rs.jpg?type=newTwiceCheck&key=prLoad&date=1550496102617stamp=0.8092994075197624 HTTP/1.1 
Host: eclick.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://597.ok365.com.cn/?dm=gddixing.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB&poprequest=1

                                         
                                         111.202.114.81
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Accept-Ranges: bytes
Cache-Control: max-age=0
Connection: keep-alive
Content-Length: 0
Date: Mon, 18 Feb 2019 13:21:42 GMT
Etag: "5c64f8b3-0"
Expires: Mon, 18 Feb 2019 13:21:42 GMT
Last-Modified: Thu, 14 Feb 2019 05:12:19 GMT
Server: nginx


--- Additional Info ---
                                        
                                            GET /z_stat.php?id=1262101851&show=pic HTTP/1.1 
Host: s22.cnzz.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://597.ok365.com.cn/?dm=gddixing.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB&poprequest=1

                                         
                                         223.111.24.106
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: Tengine
Content-Length: 11737
Connection: keep-alive
Date: Mon, 18 Feb 2019 12:09:05 GMT
Last-Modified: Mon, 18 Feb 2019 12:09:05 GMT
Cache-Control: max-age=5400,s-maxage=5400
Ali-Swift-Global-Savetime: 1550491745
Via: cache22.l2cm9[0,200-0,H], cache12.l2cm9[0,0], kunlun5.cn1416[0,200-0,H], kunlun1.cn1416[1,0]
Age: 4357
X-Cache: HIT TCP_MEM_HIT dirn:0:513172926
X-Swift-SaveTime: Mon, 18 Feb 2019 12:21:59 GMT
X-Swift-CacheTime: 4626
Timing-Allow-Origin: *
EagleId: df6f181515504961028507829e


--- Additional Info ---
Magic:  ASCII text, with very long lines
Size:   11737
Md5:    23e1d93c226afe93f4d7c0ad0651d7b8
Sha1:   55925f1e1cb6da83cd0398d6bf5572a44ba8c30e
Sha256: 4f5ed745eb0cda649a752d6615262a717e19181acc30b0bf22b4cf010f269140
                                        
                                            GET /core.php?web_id=1262101851&show=pic&t=z HTTP/1.1 
Host: c.cnzz.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://597.ok365.com.cn/?dm=gddixing.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB&poprequest=1

                                         
                                         223.111.24.106
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: Tengine
Content-Length: 998
Connection: keep-alive
Date: Mon, 18 Feb 2019 13:21:43 GMT
Last-Modified: Mon, 18 Feb 2019 13:21:43 GMT
Expires: Mon, 18 Feb 2019 13:36:43 GMT
Ali-Swift-Global-Savetime: 1550496103
Via: cache28.l2cm9[276,200-0,M], cache3.l2cm9[277,0], kunlun10.cn1416[293,200-0,M], kunlun10.cn1416[294,0]
X-Cache: MISS TCP_REFRESH_MISS dirn:10:347829393
X-Swift-SaveTime: Mon, 18 Feb 2019 13:21:43 GMT
X-Swift-CacheTime: 900
Timing-Allow-Origin: *
EagleId: df6f181e15504961036288609e


--- Additional Info ---
Magic:  ASCII text, with very long lines, with no line terminators
Size:   998
Md5:    2fd5cb1e06b3b75c6bd8ffc4edba753d
Sha1:   8380c1a3af1fc2ad9daf6b9675b8ca6461a83894
Sha256: 942ac40e8eb34d562b3a8f9418b50129b39b062ff5e6e74f7885282722de9e23
                                        
                                            GET /stat.htm?id=1262101851&r=&lg=en-us&ntime=none&cnzz_eid=1794677413-1550491745-&showp=1176x885&t=gddixing.com&umuuid=16900c4fa1034-06a58466455b11-6c242d76-fe178-16900c4fa114e&h=1&rnd=74572737 HTTP/1.1 
Host: z1.cnzz.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://597.ok365.com.cn/?dm=gddixing.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB&poprequest=1

                                         
                                         203.119.206.93
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: Tengine
Date: Mon, 18 Feb 2019 13:21:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   22
Md5:    8bd3e739a9ba80a435f0214811da0c2a
Sha1:   bfc17d1e04e56542eb8037f08ed142efd252ea82
Sha256: a2dd5774b01bbfc29140279e02fea087df42a4c257dce8858226737a2e521986
                                        
                                            GET /adx.php?c=d25pZD1lNDM1YmJlMjUwN2JmNTZhAHM9ZTQzNWJiZTI1MDdiZjU2YQB0PTE1NTA0OTYxMDIAc2U9MQBidT00AHByaWNlPVhHcXhaZ0FJdFhGN2pFcGdXNUlBOHF1OTU1dHJkek80bS14SHNnAGNoYXJnZV9wcmljZT04AHNoYXJpbmdfcHJpY2U9ODAwMAB3aW5fZHNwPTQAY2htZD0xAGJkaWQ9AGNwcm9pZD0Ad2Q9MAB0dT11MzEzNjY1MgBhZGNsYXNzPTAAc3JjdD0wAHBvcz0wAGJjaG1kPTAAdj0xAGk9YjVkZjBlOGQ HTTP/1.1 
Host: wn.pos.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://pos.baidu.com/s?hei=80&wid=640&di=u3136652&ltu=http%3A%2F%2F597.ok365.com.cn%2F%3Fdm%3Dgddixing.com%26acc%3D96F52E2F-2CB3-468B-900C-1A4B76552CAB%26poprequest%3D1&psi=2e74587d86577395ec3ad2ca8d1bde4d&pcs=1176x737&dis=0&cec=UTF-8&tpr=1550496101351&tlm=1550496087&cja=true&drs=1&pss=1222x737&col=en-US&dc=3&psr=1176x885&exps=111000,113000,110010&ant=0&dai=1&pis=-1x-1&ps=71x330&cmi=92&dri=0&cdo=-1&dtm=HTML_POST&cce=true&ti=gddixing.com&ari=2&cpl=10&ccd=24&cfv=10&chi=1&par=1176x855&tcn=1550496101
Cookie: BAIDUID=D34B072A913D4B63D9953135EB980F7D:FG=1

                                         
                                         106.39.162.36
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Connection: keep-alive
Content-Length: 49
Date: Mon, 18 Feb 2019 13:21:44 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Server: nginx


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   49
Md5:    ed280a0ea3cc38f3cbbc747acfbef47d
Sha1:   6bdcb32ee75e957a5085c010f4dfd0c716bfdadc
Sha256: 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
                                        
                                            GET /9.gif?abc=1&rnd=1067393109 HTTP/1.1 
Host: cnzz.mmstat.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://597.ok365.com.cn/?dm=gddixing.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB&poprequest=1

                                         
                                         198.11.132.221
HTTP/1.1 302 Found
Content-Type: image/gif
                                        
Date: Mon, 18 Feb 2019 13:21:44 GMT
Content-Length: 43
Connection: close
P3p: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
Set-Cookie: cna=aJ/xFL2C7FcCAU0ogXt1Kkht; expires=Thu, 15-Feb-29 13:21:44 GMT; path=/; domain=.mmstat.com sca=60aa3c56; path=/; domain=.cnzz.mmstat.com atpsida=3e95f406464898e074e9fa39_1550496104_1; path=/; domain=.cnzz.mmstat.com
Location: http://pcookie.cnzz.com/app.gif?&cna=aJ/xFL2C7FcCAU0ogXt1Kkht
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Pragma: no-cache


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /app.gif?&cna=aJ/xFL2C7FcCAU0ogXt1Kkht HTTP/1.1 
Host: pcookie.cnzz.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://597.ok365.com.cn/?dm=gddixing.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB&poprequest=1

                                         
                                         106.11.94.6
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Mon, 18 Feb 2019 13:21:45 GMT
Content-Length: 43
Connection: close
P3p: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
Set-Cookie: cna=aJ/xFL2C7FcCAU0ogXt1Kkht; expires=Thu, 15-Feb-29 13:21:45 GMT; path=/; domain=.cnzz.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Pragma: no-cache


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /img/pic.gif HTTP/1.1 
Host: icon.cnzz.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://597.ok365.com.cn/?dm=gddixing.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB&poprequest=1

                                         
                                         112.54.108.105
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: Tengine
Content-Length: 719
Connection: keep-alive
Date: Mon, 18 Feb 2019 09:08:34 GMT
Last-Modified: Fri, 16 Jan 2009 08:10:47 GMT
Expires: Tue, 19 Feb 2019 09:08:34 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1550480914
Via: cache5.l2cn104[41,200-0,C], cache10.l2cn104[4,0], kunlun7.cn1478[0,200-0,H], kunlun6.cn1478[1,0]
Age: 15194
X-Cache: HIT TCP_MEM_HIT dirn:10:874567405
X-Swift-SaveTime: Mon, 18 Feb 2019 09:08:34 GMT
X-Swift-CacheTime: 86400
Timing-Allow-Origin: *
EagleId: 70366c1a15504961081641452e


--- Additional Info ---
Magic:  GIF image data, version 89a, 50 x 12
Size:   719
Md5:    bcdd9aa92c5876f207f70567d101a896
Sha1:   786c52002f857fcbff04a5781ec35792be11af4a
Sha256: 98a4ab97e12555ab969012d151a578dae7a3b8699d202485fcf8116e55497735