Overview

URL cz-xinfeng.com/
IP192.157.197.143
ASNAS18978 Enzu Inc
Location United States
Report completed2019-02-23 02:22:27 CET
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2019-02-23 2 js.users.51.la/18939430.js Malware
2019-02-23 2 js.users.51.la/16767031.js Malware
2019-02-23 2 js.users.51.la/17120461.js Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

No other reports on IP: 192.157.197.143


Last 10 reports on ASN: AS18978 Enzu Inc

Date UQ / IDS / BL URL IP
2019-05-22 01:20:17 +0200
0 - 0 - 1 nssnj.com/item/2182.aspx 23.89.23.168
2019-05-22 01:03:26 +0200
0 - 0 - 1 zt4.zhutizhijia.net/win7/201802/18022208.rar 107.183.192.186
2019-05-22 00:45:44 +0200
0 - 0 - 1 cao009.com/categories 23.89.116.54
2019-05-22 00:23:50 +0200
0 - 0 - 11 chaop999.com/user/3/playlist 23.89.116.241
2019-05-22 00:22:52 +0200
0 - 0 - 1 noyetn.com/jsj/jiaoxueguanli/peiyangfangan 23.88.72.71
2019-05-21 23:52:56 +0200
0 - 0 - 3 siggbienesraices.com/XAVJAV.exe 199.193.254.5
2019-05-21 22:50:05 +0200
0 - 0 - 2 chao111.com/video/17081/%E6%9C%80%E6%96%B0%E5 (...) 23.89.116.232
2019-05-21 22:45:48 +0200
0 - 4 - 2 592piaoyi.com/Item/2049.aspx 23.88.153.7
2019-05-21 22:30:58 +0200
0 - 0 - 38 www.samhuds.com/ 198.71.84.196
2019-05-21 22:12:17 +0200
0 - 3 - 0 genetzakis.ml/ 192.157.252.17

No other reports on domain: cz-xinfeng.com



JavaScript

Executed Scripts (31)


Executed Evals (24)

#1 JavaScript::Eval (size: 3, repeated: 3) - SHA256: fd0ad9026eee596b7072a762941f60bef57e760a230edd450b3a634825685c2a

                                        (1)
                                    

#2 JavaScript::Eval (size: 3, repeated: 2) - SHA256: 0e77e68ba5473d98840c3212f4a8cb801226494f1162c8001a9f4ed7b00cbaa8

                                        (2)
                                    

#3 JavaScript::Eval (size: 3, repeated: 1) - SHA256: 46f789d1efeefad080846917a6a4a761d0e1804bb0a4f27fa4634a887ec26265

                                        (3)
                                    

#4 JavaScript::Eval (size: 280, repeated: 1) - SHA256: ce80b74e6c875d7ae6b9dfb4726fa8cf002256e13f9f8d92d40c3ebbe664ebc6

                                        ({
    "rl": "1176*885",
    "lang": "en-US",
    "ct": "unknow",
    "pf": 1,
    "ins": 0,
    "vd": 2,
    "ce": 1,
    "cd": 24,
    "ds": "",
    "ing": 2,
    "ekc": "",
    "sid": 1550884920108,
    "tt": "��r2018",
    "kw": "",
    "cu": "http://www.jiejg79279.com.kf89k89.com/?id=js192157-114",
    "pu": "http://cz-xinfeng.com/"
})
                                    

#5 JavaScript::Eval (size: 328, repeated: 1) - SHA256: dcec869f4dc7e4f4e5e3b966af716bf70e8e211771087c3188745fc951690780

                                        ({
    "rl": "1176*885",
    "lang": "en-US",
    "ct": "unknow",
    "pf": 1,
    "ins": 0,
    "vd": 2,
    "ce": 1,
    "cd": 24,
    "ds": "",
    "ing": 2,
    "ekc": "",
    "sid": 1550884922285,
    "tt": "�iQ@'h",
    "kw": "",
    "cu": "http://dxwl.3alian.net/code/Ncode20161123.php?size=2&b=1&zi=2D374B&u=3635",
    "pu": "http://www.jiejg79279.com.kf89k89.com/?id=js192157-114"
})
                                    

#6 JavaScript::Eval (size: 325, repeated: 1) - SHA256: dfd8ccfe2aca3d4c4a02c66b3aca4c868cb0cdc213cd2d607ccf4be78e938e06

                                        ({
    "rl": "1176*885",
    "lang": "en-US",
    "ct": "unknow",
    "pf": 1,
    "ins": 0,
    "vd": 2,
    "ce": 1,
    "cd": 24,
    "ds": "",
    "ing": 2,
    "ekc": "",
    "sid": 1550884924240,
    "tt": "�iQ@'h",
    "kw": "",
    "cu": "http://dx.84lm.net/code/Ncode20161123.php?size=1&b=2&zi=2D374B&u=45975",
    "pu": "http://www.jiejg79279.com.kf89k89.com/?id=js192157-114"
})
                                    

#7 JavaScript::Eval (size: 328, repeated: 1) - SHA256: 8c9701e0490f47a2448075f4978cf532e9ba6be84db1300db05973adb40f1a0a

                                        ({
    "rl": "1176*885",
    "lang": "en-US",
    "ct": "unknow",
    "pf": 1,
    "ins": 0,
    "vd": 3,
    "ce": 1,
    "cd": 24,
    "ds": "",
    "ing": 3,
    "ekc": "",
    "sid": 1550884922285,
    "tt": "�iQ@'h",
    "kw": "",
    "cu": "http://dxwl.3alian.net/code/Ncode20161123.php?size=2&b=4&zi=2D374B&u=3635",
    "pu": "http://www.jiejg79279.com.kf89k89.com/?id=js192157-114"
})
                                    

#8 JavaScript::Eval (size: 342, repeated: 1) - SHA256: e99782b6f9ed4911d7a478406bf3a2c65eb576b142a63a45fb934035878302bc

                                        ({
    "rl": "1176*885",
    "lang": "en-US",
    "ct": "unknow",
    "pf": 1,
    "ins": 0,
    "vd": 3,
    "ce": 1,
    "cd": 24,
    "ds": "",
    "ing": 3,
    "ekc": "",
    "sid": 1550884924240,
    "tt": "�iQ@'h",
    "kw": "",
    "cu": "http://dx.84lm.net/code/adview_pic12.php?b=D6D6D6&p=ED240E&s=C90000&u=45975&at=p1&tt=t1",
    "pu": "http://www.jiejg79279.com.kf89k89.com/?id=js192157-114"
})
                                    

#9 JavaScript::Eval (size: 371, repeated: 1) - SHA256: 5bcf16f300e863edddcc7d484bf7bab77647b976bac551d3c2d5dd7a9ed89922

                                        ({
    "rl": "1176*885",
    "lang": "en-US",
    "ct": "unknow",
    "pf": 1,
    "ins": 0,
    "vd": 4,
    "ce": 1,
    "cd": 24,
    "ds": "",
    "ing": 4,
    "ekc": "",
    "sid": 1550884924240,
    "tt": "�iQ@'h",
    "kw": "",
    "cu": "http://dx.84lm.net/code/adview_pic3.php?r=1&c=7&w=950&h=175&b=FFFFCC&s=818181&bg=FFFFFF&p=FFFFFF&u=45975&at=p0&tt=t1",
    "pu": "http://www.jiejg79279.com.kf89k89.com/?id=js192157-114"
})
                                    

#10 JavaScript::Eval (size: 280, repeated: 1) - SHA256: 444ee6522bf6421be3f0962d7421a46155a62c07dbcdd24af1b6cf4941688d58

                                        ({
    "rl": "1176*885",
    "lang": "en-US",
    "ct": "unknow",
    "pf": 1,
    "ins": 1,
    "vd": 1,
    "ce": 1,
    "cd": 24,
    "ds": "",
    "ing": 1,
    "ekc": "",
    "sid": 1550884920108,
    "tt": "��r2018",
    "kw": "",
    "cu": "http://www.jiejg79279.com.kf89k89.com/?id=js192157-114",
    "pu": "http://cz-xinfeng.com/"
})
                                    

#11 JavaScript::Eval (size: 298, repeated: 1) - SHA256: 9436595757cf695e967e42b975b5f2ae16c893f15c61b4f57d7609caf2def07a

                                        ({
    "rl": "1176*885",
    "lang": "en-US",
    "ct": "unknow",
    "pf": 1,
    "ins": 1,
    "vd": 1,
    "ce": 1,
    "cd": 24,
    "ds": "",
    "ing": 1,
    "ekc": "",
    "sid": 1550884922285,
    "tt": "�	Q@",
    "kw": "",
    "cu": "http://dxwl.3alian.net/code/go_nav.php?u=3635",
    "pu": "http://www.jiejg79279.com.kf89k89.com/?id=js192157-114"
})
                                    

#12 JavaScript::Eval (size: 372, repeated: 1) - SHA256: e28024215faf2002bdd0fac4793513f6ecaec698928180d6176fb8d663bec507

                                        ({
    "rl": "1176*885",
    "lang": "en-US",
    "ct": "unknow",
    "pf": 1,
    "ins": 1,
    "vd": 1,
    "ce": 1,
    "cd": 24,
    "ds": "",
    "ing": 1,
    "ekc": "",
    "sid": 1550884924240,
    "tt": "�iQ@'h",
    "kw": "",
    "cu": "http://dx.84lm.net/code/adview_pic14.php?r=1&c=6&w=960&h=220&b=0080ff&s=CC0000&bg=FFFFFF&p=FFFFCC&u=45975&at=p0&tt=t1",
    "pu": "http://www.jiejg79279.com.kf89k89.com/?id=js192157-114"
})
                                    

#13 JavaScript::Eval (size: 59, repeated: 1) - SHA256: 4db8c52e58a203f8ae9325b55e5f97eccead344b035c5441d9def134fca593fd

                                        ({
    "sid": 1550884920108,
    "vd": 1,
    "expires": 1550886720108
})
                                    

#14 JavaScript::Eval (size: 59, repeated: 1) - SHA256: e844b418df0b9b2bb158b7f9fd0b1ef85c1b8dbccd302005b467c9b2911424d5

                                        ({
    "sid": 1550884920108,
    "vd": 2,
    "expires": 1550886720589
})
                                    

#15 JavaScript::Eval (size: 59, repeated: 1) - SHA256: 00a5cfcacef697838bba0830d1016781b91bf5977e4d52be3e194f4a722786cb

                                        ({
    "sid": 1550884922285,
    "vd": 1,
    "expires": 1550886722285
})
                                    

#16 JavaScript::Eval (size: 59, repeated: 2) - SHA256: be4527bef43db40e8bae8e48e17add7d89cbfa4fbbaaf8f01b86c4b38f7b4d99

                                        ({
    "sid": 1550884922285,
    "vd": 2,
    "expires": 1550886723668
})
                                    

#17 JavaScript::Eval (size: 59, repeated: 1) - SHA256: dd38d9bd1b31cfbd5dc25d2846dbf1af56972e354a5f4dbed9e8c8404db04f64

                                        ({
    "sid": 1550884922285,
    "vd": 3,
    "expires": 1550886723674
})
                                    

#18 JavaScript::Eval (size: 59, repeated: 1) - SHA256: fbc46f73917bf949319e4b469304f814111f35fb62515eaa110a01a915683783

                                        ({
    "sid": 1550884924240,
    "vd": 1,
    "expires": 1550886724240
})
                                    

#19 JavaScript::Eval (size: 59, repeated: 2) - SHA256: 7d3ebea7513e9201857088fd062c820ce37996fa3465296cb645080bbb2099b4

                                        ({
    "sid": 1550884924240,
    "vd": 2,
    "expires": 1550886724273
})
                                    

#20 JavaScript::Eval (size: 59, repeated: 2) - SHA256: 0722340eff040bb655d90baf26798a3571755bae1152b53b132388ab39f1a91d

                                        ({
    "sid": 1550884924240,
    "vd": 3,
    "expires": 1550886724287
})
                                    

#21 JavaScript::Eval (size: 59, repeated: 1) - SHA256: c49dc330143f9d1fe5dbda22341a7939c8ebf6b841f29e9ace69e4a6cee38640

                                        ({
    "sid": 1550884924240,
    "vd": 4,
    "expires": 1550886724352
})
                                    

#22 JavaScript::Eval (size: 4, repeated: 6) - SHA256: 5b8d2b991d2c1f5bf78beb557d17e6650086a267e5ffd4bb6f8aaa942c570f5d

                                        ({})
                                    

#23 JavaScript::Eval (size: 125, repeated: 1) - SHA256: f563d5000d08ccf423cf10d23aeec860bfd2fe634c62fb51f014adf22ccf6b44

                                        document.write("<script type=\"text/javascript\" src=\"http:\/\/www.hgjwglg.ccom.ufj28j8.com\/js192157-114.js\"><\/script>");
                                    

#24 JavaScript::Eval (size: 993, repeated: 2) - SHA256: fd9109f32660f502e6b340acc906ac15fcc944ca569ca1138fa21411eb15916f

                                        function getQueryString(a) {
    var b = window.location.search.match(new RegExp("[\?\&]" + a + "=([^\&]+)", "i"));
    if (b == null || b.length < 1) {
        return ""
    }
    return b[1]
}
var str = getQueryString("id");
if (str.indexOf("js173234-66") != -1) {
    document.write('<script type="text/javascript" src="https://js.users.51.la/19396916.js"></script>')
}
if (str.indexOf("js173234-146") != -1) {
    document.write('<script type="text/javascript" src="https://js.users.51.la/19518387.js"></script>')
}
if (str.indexOf("js2388-146") != -1) {
    document.write('<script type="text/javascript" src="https://js.users.51.la/19595165.js"></script>')
}
if (str.indexOf("js23244-2") != -1) {
    document.write('<script type="text/javascript" src="https://js.users.51.la/19429793.js"></script>')
}
if (str.indexOf("js192157-114") != -1) {
    document.write('<script type="text/javascript" src="https://js.users.51.la/18939430.js"></script>')
}
if (str.indexOf("js23106-28") != -1) {
    document.write('<script type="text/javascript" src="https://js.users.51.la/19273238.js"></script>')
}
str = null;
                                    

Executed Writes (26)

#1 JavaScript::Write (size: 244, repeated: 3) - SHA256: ce8e1627b596b108cc23bf86e36188fcc2a9d833ab2911c54cf4f4724b81a6fc

                                        < a href = "https://www.51.la/?comId=16767031"
title = "51.La Q�A�ߡ��"
target = "_blank" > < span style = "display:inline-block;background-color:#EF5350;color:#fff;padding:2px 5px;font-family:arial;font-size:12px;font-weight:bold;" > 51 La < /span></a >
                                    

#2 JavaScript::Write (size: 244, repeated: 4) - SHA256: 8cb01516cfac62277d20e5d208ced9437f4a351f41cfe839d4a3faa988698f01

                                        < a href = "https://www.51.la/?comId=17120461"
title = "51.La Q�A�ߡ��"
target = "_blank" > < span style = "display:inline-block;background-color:#EF5350;color:#fff;padding:2px 5px;font-family:arial;font-size:12px;font-weight:bold;" > 51 La < /span></a >
                                    

#3 JavaScript::Write (size: 258, repeated: 2) - SHA256: b6bd0f6d578e31737626d3d1ea152d284f0a0a0c343b2e07e42afcff39143894

                                        < a href = "https://www.51.la/?comId=18939430"
title = "51.La Q�A�ߡ��"
target = "_blank" > < span style = "display:inline-block;background-color:#EF5350;color:#fff;padding:2px 5px;font-family:arial;font-size:12px;font-weight:bold;line-height:1;" > 51 La < /span></a >
                                    

#4 JavaScript::Write (size: 154, repeated: 6) - SHA256: 150455c06f6a7bfeb669b073098e4e4d28ea36b70e1c0ac958366f8e88274c19

                                        < a href = 'https://www.cnzz.com/stat/website.php?web_id=1240968'
target = _blank title = '&#31449;&#38271;&#32479;&#35745;' > & #31449;&# 38271; & #32479;&# 35745; < /a>
                                    

#5 JavaScript::Write (size: 157, repeated: 3) - SHA256: f0da11f6de785d26dec29b69afab00eb7192c8150fc0bbba3a109056b4c79724

                                        < a href = 'https://www.cnzz.com/stat/website.php?web_id=1274030207'
target = _blank title = '&#31449;&#38271;&#32479;&#35745;' > & #31449;&# 38271; & #32479;&# 35745; < /a>
                                    

#6 JavaScript::Write (size: 158, repeated: 1) - SHA256: 17e23672168b5808ab514ff0bb3de209c3b0d2d31d62f556d440bc7eb637deab

                                        < iframe height = '120'
width = '960'
frameborder = 'no'
scrolling = 'no'
src = 'http://www.feixin2.com/code/adview_h.php?b=ffffff&f=ffffff&h=40&w=106&u=3619' > < /iframe>
                                    

#7 JavaScript::Write (size: 202, repeated: 1) - SHA256: 26dfa62d1c66af8c7c569005c84bd6ef43bcc4f2f808cbabf364d2f77cebe86e

                                        < iframe height = '120'
width = '960'
frameborder = 'no'
scrolling = 'no'
src = 'http://www.feixin2.com/code/adview_pic_t.php?r=1&c=4&w=960&h=120&b=0080ff&s=004080&bg=FFFFFF&p=808080&u=3619&at=p0&tt=t1' > < /iframe>
                                    

#8 JavaScript::Write (size: 127, repeated: 1) - SHA256: f974e122350b2e95212bd7e6eb0c19c5edfd20660ae81b62de7e3c78f2fb5d03

                                        < iframe height = '130'
width = '960'
frameborder = 'no'
scrolling = 'no'
src = 'http://dxwl.3alian.net/code/go_nav.php?u=3635' > < /iframe>
                                    

#9 JavaScript::Write (size: 169, repeated: 1) - SHA256: 31f4d266481b4f83548bbbedcd07b1fd2340dadce74ffac8eb631b7bd42ad94d

                                        < iframe height = '132'
width = '960'
frameborder = 'no'
scrolling = 'no'
src = 'http://dx.84lm.net/code/adview_pic12.php?b=D6D6D6&p=ED240E&s=C90000&u=45975&at=p1&tt=t1' > < /iframe>
                                    

#10 JavaScript::Write (size: 197, repeated: 1) - SHA256: 236a88eb21f5b9517dfe1d4cdf42aed7e1d078c425f7671c97e8e5503e858de5

                                        < iframe height = '175'
width = '950'
frameborder = 'no'
scrolling = 'no'
src = 'http://dx.84lm.net/code/adview_pic3.php?r=1&c=7&w=950&h=175&b=FFFFCC&s=818181&bg=FFFFFF&p=FFFFFF&u=45975&at=p0&tt=t1' > < /iframe>
                                    

#11 JavaScript::Write (size: 203, repeated: 2) - SHA256: 91b878dd6f0021c2023436abb82ce43d8bea5144bbead2babc7ec36e455c77fd

                                        < iframe height = '176'
width = '960'
frameborder = 'no'
scrolling = 'no'
src = 'http://www.feixin2.com/code/adview_pic_av.php?r=1&c=9&w=960&h=176&b=000000&s=000000&bg=FFFFFF&p=808080&u=3619&at=p0&tt=t1' > < /iframe>
                                    

#12 JavaScript::Write (size: 199, repeated: 1) - SHA256: ae33363bfce4041e7e0a8a6f6921f4dbc048a49e5d222b685172a67bc5a8a413

                                        < iframe height = '220'
width = '960'
frameborder = 'no'
scrolling = 'no'
src = 'http://dx.84lm.net/code/adview_pic14.php?r=1&c=6&w=960&h=220&b=0080ff&s=CC0000&bg=FFFFFF&p=FFFFCC&u=45975&at=p0&tt=t1' > < /iframe>
                                    

#13 JavaScript::Write (size: 151, repeated: 1) - SHA256: e6f28f19badcdd9769679db1490cfdf8e2152c0529068fe8b857b07ca09a05d0

                                        < iframe height = '300'
width = '980'
frameborder = 'no'
scrolling = 'no'
src = 'http://dx.84lm.net/code/Ncode20161123.php?size=1&b=2&zi=2D374B&u=45975' > < /iframe>
                                    

#14 JavaScript::Write (size: 153, repeated: 1) - SHA256: d37d2023970bcf0d78e8df35c9e03e1b50a33c34b10636a225d086e643aa335d

                                        < iframe height = '39'
width = '960'
frameborder = 'no'
scrolling = 'no'
src = 'http://dxwl.3alian.net/code/Ncode20161123.php?size=2&b=1&zi=2D374B&u=3635' > < /iframe>
                                    

#15 JavaScript::Write (size: 153, repeated: 1) - SHA256: ebe7c663782998b376006d10398c04868f0989ee2f409c39004e0adf5b14a53c

                                        < iframe height = '39'
width = '960'
frameborder = 'no'
scrolling = 'no'
src = 'http://dxwl.3alian.net/code/Ncode20161123.php?size=2&b=4&zi=2D374B&u=3635' > < /iframe>
                                    

#16 JavaScript::Write (size: 165, repeated: 1) - SHA256: e5e2a3e82d5668717746af4875330c384e2ef45396beb4ebd97882c164d4b32b

                                        < iframe id = 'newfrm'
height = '120'
width = '960'
frameborder = 'no'
scrolling = 'no'
src = 'http://yyv1c2.vvcpad2.com/code/view_banner6.php?r=1&c=7&f=FF0000&u=1026' > < /iframe>
                                    

#17 JavaScript::Write (size: 156, repeated: 1) - SHA256: 0592dd6463609ee430fc8094177240f7b89c31b16e75be71ea171212511715cd

                                        < iframe id = 'newfrm'
height = '120'
width = '960'
frameborder = 'no'
scrolling = 'no'
src = 'http://yyv1c2.vvcpad2.com/code/view_text_c.php?c=2&s=11&u=1026' > < /iframe>
                                    

#18 JavaScript::Write (size: 102, repeated: 3) - SHA256: 06e9c94cbdd906d09d375224b8df21e56947d375e7147b62f4298e93801f5ba9

                                        < script language = "javascript"
type = "text/javascript"
src = "http://js.users.51.la/16767031.js" > < /script>
                                    

#19 JavaScript::Write (size: 102, repeated: 4) - SHA256: 9d8f0b44f013fd55b9ffe1ef7713aec5a73b5c422d143f62d1a87fabe56c1552

                                        < script language = "javascript"
type = "text/javascript"
src = "http://js.users.51.la/17120461.js" > < /script>
                                    

#20 JavaScript::Write (size: 108, repeated: 6) - SHA256: 8c93347cbece95b222f75b093bc3632cd285be89e6f8540dfb02f682bd07de9a

                                        < script src = 'http://c.cnzz.com/core.php?web_id=1240968&t=z'
charset = 'utf-8'
type = 'text/javascript' > < /script>
                                    

#21 JavaScript::Write (size: 111, repeated: 2) - SHA256: e7fddfe0049f77e34a43ee5e9b8fed6b0770593a1e215d3e909b80a6081fedd8

                                        < script src = 'http://c.cnzz.com/core.php?web_id=1274030207&t=z'
charset = 'utf-8'
type = 'text/javascript' > < /script>
                                    

#22 JavaScript::Write (size: 112, repeated: 1) - SHA256: d741a04861f5923a52871a85b1ec158270afe8077911a38319d643531534da0a

                                        < script src = 'https://c.cnzz.com/core.php?web_id=1274030207&t=z'
charset = 'utf-8'
type = 'text/javascript' > < /script>
                                    

#23 JavaScript::Write (size: 109, repeated: 3) - SHA256: da4eac35060e2dbddf8da18c7858719ccab689fc6a1e9031fb0d1849b1564a14

                                        < script src = 'https://s19.cnzz.com/z_stat.php?id=1274030207&web_id=1274030207'
language = 'JavaScript' > < /script>
                                    

#24 JavaScript::Write (size: 101, repeated: 1) - SHA256: 0367ebeeb1b3ee75cca24a03e5f43d3000a12eadce1d3e86e779ad9dc48d43de

                                        < script type = "text/javascript"
src = "http://www.hgjwglg.ccom.ufj28j8.com/js192157-114-tj.js" > < /script>
                                    

#25 JavaScript::Write (size: 98, repeated: 1) - SHA256: 5b8636f1c612c24127daf5aabc66a4d532b84b68f85df2de972b6062518db9fa

                                        < script type = "text/javascript"
src = "http://www.hgjwglg.ccom.ufj28j8.com/js192157-114.js" > < /script>
                                    

#26 JavaScript::Write (size: 81, repeated: 2) - SHA256: 8604f2491b67cbb5d0af9564d41cd2834eb65a10310af585333bd8f52c0609ad

                                        < script type = "text/javascript"
src = "https://js.users.51.la/18939430.js" > < /script>
                                    


HTTP Transactions (141)


Request Response
                                        
                                            GET /images/style%5B2%5D_(1).css HTTP/1.1 
Host: cz-xinfeng.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://cz-xinfeng.com/

                                         
                                         192.157.197.143
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Length: 68268
Last-Modified: Mon, 09 Oct 2017 07:43:19 GMT
Accept-Ranges: bytes
Etag: "ea7e7546d240d31:17a5c"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 23 Feb 2019 01:21:52 GMT


--- Additional Info ---
Magic:  Little-endian UTF-16 Unicode C program text, with CRLF, CR line terminators
Size:   68268
Md5:    0f513ddd10dda0e12dec3567699b2649
Sha1:   c902277039c476a4c5bfa4466e7beb49342b891a
Sha256: ebc24e2a6c6bcfeb52d75fe7637d9ac0b337ec7d13cf9f3d28ba877661344cdf
                                        
                                            GET /js192157-114.js HTTP/1.1 
Host: www.hgjwglg.ccom.ufj28j8.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://cz-xinfeng.com/

                                         
                                         112.175.124.131
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Last-Modified: Mon, 24 Dec 2018 05:07:13 GMT
Accept-Ranges: bytes
Etag: "483aef87469bd41:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 23 Feb 2019 01:23:07 GMT
Content-Length: 205


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   205
Md5:    f56941027f9447e81539d9e64ebc11c5
Sha1:   129f39f7529252d8abd78b59537f05aab719826e
Sha256: 034198417cc2c63ec977237ca6900e681df738fac83929622bfc235fe25b99ce
                                        
                                            GET /?id=js192157-114 HTTP/1.1 
Host: www.jiejg79279.com.kf89k89.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://cz-xinfeng.com/

                                         
                                         112.175.124.131
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Content-Encoding: gzip
Last-Modified: Fri, 15 Feb 2019 15:04:34 GMT
Accept-Ranges: bytes
Etag: "02da8c23fc5d41:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 23 Feb 2019 01:23:08 GMT
Content-Length: 2615


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), max speed
Size:   2615
Md5:    15627f81b598eadea27b71e38005e9d3
Sha1:   f64cdc2b896f9cccf283fbdab08c7079f8eb4cd3
Sha256: dbafc4148cbfc78a4c7101a6403207ca00d490edbe8a64fe0a904bb5881815e1
                                        
                                            GET /style.css HTTP/1.1 
Host: www.jiejg79279.com.kf89k89.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.jiejg79279.com.kf89k89.com/?id=js192157-114

                                         
                                         112.175.124.131
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Encoding: gzip
Last-Modified: Fri, 01 Sep 2017 08:47:17 GMT
Accept-Ranges: bytes
Etag: "801831eafe22d31:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 23 Feb 2019 01:23:08 GMT
Content-Length: 2468


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), max speed
Size:   2468
Md5:    35cb773e38994fda7f88ed013f184195
Sha1:   c08f2092e39417aaf43ed19aefc88036d043ae36
Sha256: ff8e6f8c9dd609db95aaa5fbde48f4f2152fd85bc4ddf7c58be2ac840e1a197d
                                        
                                            GET /ujs.js HTTP/1.1 
Host: www.jiejg79279.com.kf89k89.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.jiejg79279.com.kf89k89.com/?id=js192157-114

                                         
                                         112.175.124.131
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Last-Modified: Fri, 18 Jan 2019 17:47:23 GMT
Accept-Ranges: bytes
Etag: "59985bde55afd41:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 23 Feb 2019 01:23:08 GMT
Content-Length: 1114


--- Additional Info ---
Magic:  ASCII text, with very long lines, with no line terminators
Size:   1114
Md5:    336805e251eef749c05e4d305de42577
Sha1:   055daa1e70fc69540f0a692f1c3a0e871aa8ee8d
Sha256: 466f52f341413842277e8c25ff29a3ce6b2f63e0e8156ffc78dfb59900b8d55e
                                        
                                            POST /gsdomainvalsha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 111
Content-Type: application/ocsp-request

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 23 Feb 2019 01:21:59 GMT
Content-Length: 1558
Connection: keep-alive
Set-Cookie: __cfduid=d7235fe2327db33a958e64ac32951bd071550884919; expires=Sun, 23-Feb-20 01:21:59 GMT; path=/; domain=.globalsign.com; HttpOnly
Last-Modified: Fri, 22 Feb 2019 23:32:09 GMT
Expires: Tue, 26 Feb 2019 23:32:09 GMT
Etag: "2d888120bf651b1b9c342b6bf9064749bd19d0f6"
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4ad5e0fa9e99426d-OSL


--- Additional Info ---
Magic:  data
Size:   1558
Md5:    7a9d062e9cefa74eeecddd14494d1e62
Sha1:   2d888120bf651b1b9c342b6bf9064749bd19d0f6
Sha256: 73c41ba2278761fa26dbc4f6a5be3281b47206f67875ba3fdf9ffcd7e0340fbc
                                        
                                            GET /18939430.js HTTP/1.1 
Host: js.users.51.la
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.jiejg79279.com.kf89k89.com/?id=js192157-114

                                         
                                         120.52.140.30
HTTP/1.1 200 OK
Content-Type: application/javascript;charset=UTF-8
                                        
Date: Sat, 23 Feb 2019 01:21:59 GMT
Content-Length: 5207
Connection: keep-alive
Server: openresty
id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSY1xKl0KZWiz7CPvHbWmI6hXXnirB74
Etag: "44e803ac5e056c238af02513d9e8831c"
version-id: G00111680EA1417BFFFF90470222A47C
Last-Modified: Wed Jan 02 20:54:35 CST 2019
request-id: 00000168998ED426904624F1B3900FC4
x-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
Content-Disposition: inline;filename=f.txt
Via: - pop1dev2883, - pop1dev2883
x-hcs-proxy-type: 1
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
nginx-hit: 1
Age: 2098828
Accept-Ranges: bytes
Strict-Transport-Security: max-age=0


--- Additional Info ---
Magic:  ASCII text, with very long lines, with no line terminators
Size:   5207
Md5:    44e803ac5e056c238af02513d9e8831c
Sha1:   889fa85f54b6bcdc44fa47ffaada9356bea35979
Sha256: 991d17750d4099f69b0c722235dbea4e77d3383a99f4da6abce11ab69b660fc8

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /images/bg.jpg HTTP/1.1 
Host: www.jiejg79279.com.kf89k89.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.jiejg79279.com.kf89k89.com/style.css

                                         
                                         112.175.124.131
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 23 Feb 2019 01:23:10 GMT
Content-Length: 1163


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   1163
Md5:    8363acaeab9cbb099b59b78a44127ca6
Sha1:   aef448ce5500e3734059ec285cf6ec0b547075f2
Sha256: 9b342ae7f25d65bdb817d8c995f3211ac398e41575fc5d149d994c1dcb008f0a
                                        
                                            GET /?id=js192157-114 HTTP/1.1 
Host: www.jiejg79279.com.kf89k89.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.jiejg79279.com.kf89k89.com/?id=js192157-114
Cookie: __tins__18939430=%7B%22sid%22%3A%201550884920108%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201550886720108%7D; __51cke__=; __51laig__=1
If-Modified-Since: Fri, 15 Feb 2019 15:04:34 GMT
If-None-Match: "02da8c23fc5d41:0"

                                         
                                         112.175.124.131
HTTP/1.1 304 Not Modified
                                        
Last-Modified: Fri, 15 Feb 2019 15:04:34 GMT
Accept-Ranges: bytes
Etag: "02da8c23fc5d41:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 23 Feb 2019 01:23:11 GMT


--- Additional Info ---
                                        
                                            GET /go1?id=18939430&rt=1550884920108&rl=1176*885&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1550884920108&tt=%25E6%2592%25B8%25E6%2592%25B8%25E8%2589%25B22018&kw=&cu=http%253A%252F%252Fwww.jiejg79279.com.kf89k89.com%252F%253Fid%253Djs192157-114&pu=http%253A%252F%252Fcz-xinfeng.com%252F HTTP/1.1 
Host: ia.51.la
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.jiejg79279.com.kf89k89.com/?id=js192157-114

                                         
                                         183.131.207.78
HTTP/1.1 200
Content-Type: application/octet-stream
                                        
Server: HuaweiCloudWAF
Date: Sat, 23 Feb 2019 01:22:00 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=46a69206be5e5fbce3ca; path=/ HWWAFSESTIME=1550884916323; path=/


--- Additional Info ---
                                        
                                            GET /go1?id=18939430&rt=1550884920589&rl=1176*885&lang=en-US&ct=unknow&pf=1&ins=0&vd=2&ce=1&cd=24&ds=&ing=2&ekc=&sid=1550884920108&tt=%25E6%2592%25B8%25E6%2592%25B8%25E8%2589%25B22018&kw=&cu=http%253A%252F%252Fwww.jiejg79279.com.kf89k89.com%252F%253Fid%253Djs192157-114&pu=http%253A%252F%252Fcz-xinfeng.com%252F HTTP/1.1 
Host: ia.51.la
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.jiejg79279.com.kf89k89.com/?id=js192157-114

                                         
                                         183.131.207.78
HTTP/1.1 200
Content-Type: application/octet-stream
                                        
Server: HuaweiCloudWAF
Date: Sat, 23 Feb 2019 01:20:26 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=e3dfc29d12a48200f836; path=/ HWWAFSESTIME=1550884821479; path=/


--- Additional Info ---
                                        
                                            GET /code/go_nav.php?u=3635 HTTP/1.1 
Host: dxwl.3alian.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.jiejg79279.com.kf89k89.com/?id=js192157-114

                                         
                                         38.27.96.232
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: Microsoft-IIS/7.5
X-Powered-By: PHP/5.2.17
Date: Sat, 23 Feb 2019 01:21:52 GMT
Content-Length: 7490


--- Additional Info ---
Magic:  HTML document text\012 exported SGML document text
Size:   16883
Md5:    f30f0b28a1671562801a6143dc45cb9e
Sha1:   8490d93c22de4301875a89a8acaadc87238b6025
Sha256: 0164f9dd5a1576954c23bc666065a851f71197ef6a2f62807b8f7dcb33d6f28a
                                        
                                            GET /code/Ncode20161123.php?size=2&b=1&zi=2D374B&u=3635 HTTP/1.1 
Host: dxwl.3alian.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.jiejg79279.com.kf89k89.com/?id=js192157-114

                                         
                                         38.27.96.232
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: Microsoft-IIS/7.5
X-Powered-By: PHP/5.2.17
Date: Sat, 23 Feb 2019 01:21:52 GMT
Content-Length: 11654


--- Additional Info ---
Magic:  Non-ISO extended-ASCII C program text, with very long lines, with CRLF line terminators
Size:   11654
Md5:    7b9217ac65b01d6bf5fa016e5a5122b2
Sha1:   d59971f4aa8350a0eb68a5cb321e81533f1b218f
Sha256: 75e9dd8627f408e28f5bd0131e179586bb4d2e0a523aac2060146f542012b402
                                        
                                            GET /code/Ncode20161123.php?size=2&b=4&zi=2D374B&u=3635 HTTP/1.1 
Host: dxwl.3alian.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.jiejg79279.com.kf89k89.com/?id=js192157-114

                                         
                                         38.27.96.232
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: Microsoft-IIS/7.5
X-Powered-By: PHP/5.2.17
Date: Sat, 23 Feb 2019 01:21:52 GMT
Content-Length: 11654


--- Additional Info ---
Magic:  Non-ISO extended-ASCII C program text, with very long lines, with CRLF line terminators
Size:   11654
Md5:    bd4da362a416da09fefb4f97fb5196ac
Sha1:   9c779d9a578b2543b4b0379ed1684c64a038ce63
Sha256: a37fe4ea5cad7d75b13b79c57e2ac375be09545fc8f2174ee8b0bd96adcef000
                                        
                                            GET /include/js/1line.png HTTP/1.1 
Host: dxwl.3alian.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dxwl.3alian.net/code/go_nav.php?u=3635

                                         
                                         38.27.96.232
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Last-Modified: Mon, 15 May 2017 16:46:24 GMT
Accept-Ranges: bytes
Etag: "070b6c99acdd21:0"
Server: Microsoft-IIS/7.5
Date: Sat, 23 Feb 2019 01:21:52 GMT
Content-Length: 569


--- Additional Info ---
Magic:  PNG image, 1 x 18, 8-bit/color RGBA, interlaced
Size:   569
Md5:    bfaf80cd43d7dd630ef3b9e236d16e16
Sha1:   9ab85eef3955a714a84a5131ee6da53d2b2ca446
Sha256: e60ce5338c9734125be80810691e53ddfec8a4591a3fbfec74c0db38f2d0ec3b
                                        
                                            GET /include/js/xiaowu.png HTTP/1.1 
Host: dxwl.3alian.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dxwl.3alian.net/code/go_nav.php?u=3635

                                         
                                         38.27.96.232
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Last-Modified: Mon, 15 May 2017 16:46:14 GMT
Accept-Ranges: bytes
Etag: "08fc0c39acdd21:0"
Server: Microsoft-IIS/7.5
Date: Sat, 23 Feb 2019 01:21:52 GMT
Content-Length: 710


--- Additional Info ---
Magic:  PNG image, 11 x 10, 8-bit/color RGBA, interlaced
Size:   710
Md5:    28783b9ffa10e3cf8bd4d1eaabb85742
Sha1:   e9ce3f203c76df94fc6f490204c2be58a3dad93b
Sha256: f9a266f09db2103c191aa4ac97030dd4923d91006c439bf45dbe60fcb981fe49
                                        
                                            GET /include/js/cq.png HTTP/1.1 
Host: dx.84lm.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/Ncode20161123.php?size=1&b=2&zi=2D374B&u=45975

                                         
                                         45.61.247.67
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Last-Modified: Thu, 11 May 2017 08:24:36 GMT
Accept-Ranges: bytes
Etag: "03a4b630cad21:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 23 Feb 2019 01:07:09 GMT
Content-Length: 4865


--- Additional Info ---
Magic:  PNG image, 48 x 48, 8-bit/color RGBA, non-interlaced
Size:   4865
Md5:    f4aa2bc45a3110304b73856025880936
Sha1:   840c2178e7ffaa8b2da92abd12a07bf53b91db7d
Sha256: 2bb6e184626aee5c75241f6e6bd7d59a7a71a79777282b649736eebf73412b9f
                                        
                                            GET /include/js/bq.png HTTP/1.1 
Host: dx.84lm.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/Ncode20161123.php?size=1&b=2&zi=2D374B&u=45975

                                         
                                         45.61.247.67
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Last-Modified: Thu, 11 May 2017 08:23:28 GMT
Accept-Ranges: bytes
Etag: "040c3dd2fcad21:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 23 Feb 2019 01:07:09 GMT
Content-Length: 4728


--- Additional Info ---
Magic:  PNG image, 48 x 48, 8-bit/color RGBA, non-interlaced
Size:   4728
Md5:    c8bc91bc8abd6c40facad56cc1dcac70
Sha1:   a11c2f6f0914a7885d586816832691a2396cced9
Sha256: aefdfa5622b63d12850efea56f442cc26f3aaf0e0b362971133668485650aa3c
                                        
                                            GET /include/js/gq.png HTTP/1.1 
Host: dx.84lm.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/Ncode20161123.php?size=1&b=2&zi=2D374B&u=45975

                                         
                                         45.61.247.67
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Last-Modified: Thu, 11 May 2017 08:24:44 GMT
Accept-Ranges: bytes
Etag: "0eefb30cad21:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 23 Feb 2019 01:07:09 GMT
Content-Length: 4568


--- Additional Info ---
Magic:  PNG image, 48 x 48, 8-bit/color RGBA, non-interlaced
Size:   4568
Md5:    dabe64ee60ec9caa954e4bf67ff21abb
Sha1:   a20ba1e0299b695755bc781b7c71510c18a38136
Sha256: 4567ad2771a9dee88891b3010513d3b04c34e0a1366362e1f6b9b954a89825e5
                                        
                                            GET /ps.js HTTP/1.1 
Host: dxwl.3alian.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dxwl.3alian.net/code/go_nav.php?u=3635

                                         
                                         38.27.96.232
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Last-Modified: Thu, 26 Jul 2018 07:41:27 GMT
Accept-Ranges: bytes
Etag: "333262fb424d41:0"
Server: Microsoft-IIS/7.5
Date: Sat, 23 Feb 2019 01:21:53 GMT
Content-Length: 854


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   854
Md5:    04a0d6e8c6c7f6a6ca4c21a22bd571e7
Sha1:   2812ec95486ff260c47bc9a55d102fe5b0cffa67
Sha256: e3a45fa531fd0e552ec51f9ec5bccd69f9773d58079281f40b0e3349830c920b
                                        
                                            GET /include/js/bq.png HTTP/1.1 
Host: dxwl.3alian.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dxwl.3alian.net/code/Ncode20161123.php?size=2&b=1&zi=2D374B&u=3635

                                         
                                         38.27.96.232
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Last-Modified: Thu, 11 May 2017 08:23:28 GMT
Accept-Ranges: bytes
Etag: "040c3dd2fcad21:0"
Server: Microsoft-IIS/7.5
Date: Sat, 23 Feb 2019 01:21:53 GMT
Content-Length: 4728


--- Additional Info ---
Magic:  PNG image, 48 x 48, 8-bit/color RGBA, non-interlaced
Size:   4728
Md5:    c8bc91bc8abd6c40facad56cc1dcac70
Sha1:   a11c2f6f0914a7885d586816832691a2396cced9
Sha256: aefdfa5622b63d12850efea56f442cc26f3aaf0e0b362971133668485650aa3c
                                        
                                            GET /ps.js HTTP/1.1 
Host: ad.84lm.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic14.php?r=1&c=6&w=960&h=220&b=0080ff&s=CC0000&bg=FFFFFF&p=FFFFCC&u=45975&at=p0&tt=t1

                                         
                                         45.61.247.67
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Encoding: gzip
Last-Modified: Thu, 26 Jul 2018 07:02:06 GMT
Accept-Ranges: bytes
Etag: "64692590ae24d41:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 23 Feb 2019 01:07:09 GMT
Content-Length: 449


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), max speed
Size:   449
Md5:    266c75231f6ecc5f3f843e3863a156a5
Sha1:   e2e96a9bbe18a1d436a20f243c40fde2afc674c7
Sha256: 0fb591841d449e262778db994d7cd15f76ea909fffc89cc0f833deed92fbfed2
                                        
                                            GET /os.js HTTP/1.1 
Host: ad.84lm.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic14.php?r=1&c=6&w=960&h=220&b=0080ff&s=CC0000&bg=FFFFFF&p=FFFFCC&u=45975&at=p0&tt=t1

                                         
                                         45.61.247.67
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Content-Encoding: gzip
Last-Modified: Thu, 26 Jul 2018 07:02:31 GMT
Accept-Ranges: bytes
Etag: "d9baf79eae24d41:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 23 Feb 2019 01:07:09 GMT
Content-Length: 738


--- Additional Info ---
Magic:  gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), max speed
Size:   738
Md5:    1443cd6d188061727cfd24820c9f55a4
Sha1:   b09bdc5efec7abe1b6f0a372e23d84904e80017d
Sha256: b091a6f07371fb9d1b33181b1aeab188dbdbf2d034441ce995815bd4d8d6a1b0
                                        
                                            GET /include/js/cq.png HTTP/1.1 
Host: dxwl.3alian.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dxwl.3alian.net/code/Ncode20161123.php?size=2&b=1&zi=2D374B&u=3635

                                         
                                         38.27.96.232
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Last-Modified: Thu, 11 May 2017 08:24:36 GMT
Accept-Ranges: bytes
Etag: "03a4b630cad21:0"
Server: Microsoft-IIS/7.5
Date: Sat, 23 Feb 2019 01:21:53 GMT
Content-Length: 4865


--- Additional Info ---
Magic:  PNG image, 48 x 48, 8-bit/color RGBA, non-interlaced
Size:   4865
Md5:    f4aa2bc45a3110304b73856025880936
Sha1:   840c2178e7ffaa8b2da92abd12a07bf53b91db7d
Sha256: 2bb6e184626aee5c75241f6e6bd7d59a7a71a79777282b649736eebf73412b9f
                                        
                                            GET /os.js HTTP/1.1 
Host: dxwl.3alian.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dxwl.3alian.net/code/Ncode20161123.php?size=2&b=1&zi=2D374B&u=3635

                                         
                                         38.27.96.232
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Last-Modified: Thu, 26 Jul 2018 07:41:57 GMT
Accept-Ranges: bytes
Etag: "64b35621b424d41:0"
Server: Microsoft-IIS/7.5
Date: Sat, 23 Feb 2019 01:21:53 GMT
Content-Length: 1336


--- Additional Info ---
Magic:  ASCII text, with very long lines, with CRLF line terminators
Size:   1336
Md5:    84f275dace812dbeae3603362643206b
Sha1:   be656db8875129b6d9c99493e02c83058ffa9d98
Sha256: 46cab1ba908a23841eb89063932d52754f3c9a379b42e7d2ab6fc1e76225b946
                                        
                                            GET /include/js/bg_bt.jpg HTTP/1.1 
Host: dx.84lm.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/Ncode20161123.php?size=1&b=2&zi=2D374B&u=45975

                                         
                                         45.61.247.67
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Last-Modified: Thu, 11 May 2017 11:30:34 GMT
Accept-Ranges: bytes
Etag: "0e9fa04acad21:0"
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Sat, 23 Feb 2019 01:07:09 GMT
Content-Length: 16643


--- Additional Info ---
Magic:  JPEG image data, EXIF standard
Size:   16643
Md5:    29cc85d40c74c7be2d761a0fb71940a9
Sha1:   635abaacec66bdeb1f5a2fd5ed7d618ad4982b20
Sha256: 497db711c64d96027b8d0df60a74bb610ef2a48a88c4a65736c152b91ce80214
                                        
                                            GET /include/js/gq.png HTTP/1.1 
Host: dxwl.3alian.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dxwl.3alian.net/code/Ncode20161123.php?size=2&b=1&zi=2D374B&u=3635

                                         
                                         38.27.96.232
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Last-Modified: Thu, 11 May 2017 08:24:44 GMT
Accept-Ranges: bytes
Etag: "0eefb30cad21:0"
Server: Microsoft-IIS/7.5
Date: Sat, 23 Feb 2019 01:21:53 GMT
Content-Length: 4568


--- Additional Info ---
Magic:  PNG image, 48 x 48, 8-bit/color RGBA, non-interlaced
Size:   4568
Md5:    dabe64ee60ec9caa954e4bf67ff21abb
Sha1:   a20ba1e0299b695755bc781b7c71510c18a38136
Sha256: 4567ad2771a9dee88891b3010513d3b04c34e0a1366362e1f6b9b954a89825e5
                                        
                                            GET /16767031.js HTTP/1.1 
Host: js.users.51.la
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dxwl.3alian.net/code/go_nav.php?u=3635

                                         
                                         120.52.140.30
HTTP/1.1 200 OK
Content-Type: application/javascript;charset=UTF-8
                                        
Date: Sat, 23 Feb 2019 01:22:02 GMT
Content-Length: 5193
Connection: keep-alive
Server: openresty
id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSxWPG9ZCXhG6bBdOs+jSmFhjPIj5pUf
Etag: "6b5617c09fdc16dc413603245de515c3"
version-id: G0011165406131AEFFFF900B002C9F85
Last-Modified: Thu Aug 16 09:37:16 CST 2018
request-id: 00000168FEFCE5FE900667C5214D4702
x-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
Content-Disposition: inline;filename=f.txt
Via: - pop1dev2881
x-hcs-proxy-type: 1
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
nginx-hit: 1
Age: 350442
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines, with no line terminators
Size:   5193
Md5:    6b5617c09fdc16dc413603245de515c3
Sha1:   51bd2aa059a5b8f321f0a8014ad2668923ae3ff6
Sha256: 3d961dabc73845d9caddf582a85821304c3e2a5f7b00165e9d7e810542945112

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /include/js/bg_bt.jpg HTTP/1.1 
Host: dxwl.3alian.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dxwl.3alian.net/code/Ncode20161123.php?size=2&b=1&zi=2D374B&u=3635

                                         
                                         38.27.96.232
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Last-Modified: Thu, 11 May 2017 11:30:34 GMT
Accept-Ranges: bytes
Etag: "0e9fa04acad21:0"
Server: Microsoft-IIS/7.5
Date: Sat, 23 Feb 2019 01:21:53 GMT
Content-Length: 16643


--- Additional Info ---
Magic:  JPEG image data, EXIF standard
Size:   16643
Md5:    29cc85d40c74c7be2d761a0fb71940a9
Sha1:   635abaacec66bdeb1f5a2fd5ed7d618ad4982b20
Sha256: 497db711c64d96027b8d0df60a74bb610ef2a48a88c4a65736c152b91ce80214
                                        
                                            GET /stat.php?id=1240968&web_id=1240968 HTTP/1.1 
Host: s14.cnzz.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic14.php?r=1&c=6&w=960&h=220&b=0080ff&s=CC0000&bg=FFFFFF&p=FFFFCC&u=45975&at=p0&tt=t1

                                         
                                         211.138.122.200
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: Tengine
Content-Length: 11731
Connection: keep-alive
Date: Sat, 23 Feb 2019 00:19:07 GMT
Last-Modified: Sat, 23 Feb 2019 00:19:07 GMT
Cache-Control: max-age=5400,s-maxage=5400
Ali-Swift-Global-Savetime: 1550881147
Via: cache6.l2cm9[0,200-0,H], cache25.l2cm9[0,0], kunlun9.cn3[0,200-0,H], kunlun2.cn3[0,0]
Age: 3775
X-Cache: HIT TCP_MEM_HIT dirn:9:212178417
X-Swift-SaveTime: Sat, 23 Feb 2019 00:19:09 GMT
X-Swift-CacheTime: 5398
Timing-Allow-Origin: *
EagleId: d38a7a2015508849226867457e


--- Additional Info ---
Magic:  ASCII text, with very long lines
Size:   11731
Md5:    8c103e4d4332a1219c86546a396cfbed
Sha1:   730a54b0b21944b1a8e10b7acd656f1b6cd4dcc0
Sha256: ebc8c5407985959814abf72f420a164b7fa9e4a3957a62d519db603dd82ed164
                                        
                                            GET /go1?id=16767031&rt=1550884922285&rl=1176*885&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1550884922285&tt=%25E7%25B2%25BE%25E9%2580%2589%25E7%25BD%2591%25E5%259D%2580&kw=&cu=http%253A%252F%252Fdxwl.3alian.net%252Fcode%252Fgo_nav.php%253Fu%253D3635&pu=http%253A%252F%252Fwww.jiejg79279.com.kf89k89.com%252F%253Fid%253Djs192157-114 HTTP/1.1 
Host: ia.51.la
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dxwl.3alian.net/code/go_nav.php?u=3635
Cookie: HWWAFSESID=e3dfc29d12a48200f836; HWWAFSESTIME=1550884821479

                                         
                                         183.131.207.78
HTTP/1.1 200
                                        
Server: HuaweiCloudWAF
Date: Sat, 23 Feb 2019 01:20:28 GMT
Content-Length: 0
Connection: keep-alive


--- Additional Info ---
                                        
                                            GET /core.php?web_id=1240968&t=z HTTP/1.1 
Host: c.cnzz.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic14.php?r=1&c=6&w=960&h=220&b=0080ff&s=CC0000&bg=FFFFFF&p=FFFFCC&u=45975&at=p0&tt=t1

                                         
                                         211.138.122.200
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: Tengine
Content-Length: 996
Connection: keep-alive
Date: Sat, 23 Feb 2019 01:19:04 GMT
Last-Modified: Sat, 23 Feb 2019 01:19:04 GMT
Expires: Sat, 23 Feb 2019 01:34:04 GMT
Ali-Swift-Global-Savetime: 1550884744
Via: cache47.l2cm9[0,200-0,H], cache2.l2cm9[1,0], kunlun3.cn3[0,200-0,H], kunlun8.cn3[0,0]
Age: 179
X-Cache: HIT TCP_MEM_HIT dirn:-2:-2
X-Swift-SaveTime: Sat, 23 Feb 2019 01:20:10 GMT
X-Swift-CacheTime: 834
Timing-Allow-Origin: *
EagleId: d38a7a2615508849235558508e


--- Additional Info ---
Magic:  ASCII text, with very long lines, with no line terminators
Size:   996
Md5:    c38714eff08834ca11cfa5284bd5a4da
Sha1:   e94eda42553b0f46dc520dfdcd697709b587cba0
Sha256: 6cb32f56361ca64a2d357395194dbf45c8ebe2b1f909ec83e34baa65a69bb166
                                        
                                            POST /gsorganizationvalsha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 111
Content-Type: application/ocsp-request
Cookie: __cfduid=d7235fe2327db33a958e64ac32951bd071550884919

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sat, 23 Feb 2019 01:22:03 GMT
Content-Length: 1570
Connection: keep-alive
Last-Modified: Fri, 22 Feb 2019 22:22:22 GMT
Expires: Tue, 26 Feb 2019 22:22:22 GMT
Etag: "d116a795210e792ee74d2c70016bba937ebdcac2"
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4ad5e1163ac642a9-OSL


--- Additional Info ---
Magic:  data
Size:   1570
Md5:    7e7e0067fb9938d9e6ef22ab3f6c4f17
Sha1:   d116a795210e792ee74d2c70016bba937ebdcac2
Sha256: c70b478a9b5499f00dec5ccd627dd17f574c9ce623961fcf07a360535d760476
                                        
                                            GET /go1?id=16767031&rt=1550884923668&rl=1176*885&lang=en-US&ct=unknow&pf=1&ins=0&vd=2&ce=1&cd=24&ds=&ing=2&ekc=&sid=1550884922285&tt=%25E7%25B2%25BE%25E5%25BD%25A9%25E7%25BD%2591%25E5%259D%2580%25E5%25A4%25A7%25E5%2585%25A8&kw=&cu=http%253A%252F%252Fdxwl.3alian.net%252Fcode%252FNcode20161123.php%253Fsize%253D2~_~b%253D1~_~zi%253D2D374B~_~u%253D3635&pu=http%253A%252F%252Fwww.jiejg79279.com.kf89k89.com%252F%253Fid%253Djs192157-114 HTTP/1.1 
Host: ia.51.la
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dxwl.3alian.net/code/Ncode20161123.php?size=2&b=1&zi=2D374B&u=3635
Cookie: HWWAFSESID=e3dfc29d12a48200f836; HWWAFSESTIME=1550884821479

                                         
                                         183.131.207.78
HTTP/1.1 200
                                        
Server: HuaweiCloudWAF
Date: Sat, 23 Feb 2019 01:20:29 GMT
Content-Length: 0
Connection: keep-alive


--- Additional Info ---
                                        
                                            GET /17120461.js HTTP/1.1 
Host: js.users.51.la
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic14.php?r=1&c=6&w=960&h=220&b=0080ff&s=CC0000&bg=FFFFFF&p=FFFFCC&u=45975&at=p0&tt=t1

                                         
                                         120.52.140.30
HTTP/1.1 200 OK
Content-Type: application/javascript;charset=UTF-8
                                        
Date: Sat, 23 Feb 2019 01:22:04 GMT
Content-Length: 5193
Connection: keep-alive
Server: openresty
id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSeJqjQeAZb+g9J03lp/t3iLeR+2Mq/z
Etag: "bf7131814bcf37c7d7ed9c81cb1c65ec"
version-id: G00111654098677AFFFF900B003139C1
Last-Modified: Thu Aug 16 10:37:34 CST 2018
request-id: 00000168FF058D80900B72639DD3DF1F
x-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
Content-Disposition: inline;filename=f.txt
Via: - pop1dev2886
x-hcs-proxy-type: 1
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
nginx-hit: 1
Age: 406656
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines, with no line terminators
Size:   5193
Md5:    bf7131814bcf37c7d7ed9c81cb1c65ec
Sha1:   3b3accb4ad04787c8f5c7444505c9b790687bfe5
Sha256: 425cc77bccd552ca4607431021861564b500600f07ceb89759a9d1a039d2e8df

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /go1?id=16767031&rt=1550884923674&rl=1176*885&lang=en-US&ct=unknow&pf=1&ins=0&vd=3&ce=1&cd=24&ds=&ing=3&ekc=&sid=1550884922285&tt=%25E7%25B2%25BE%25E5%25BD%25A9%25E7%25BD%2591%25E5%259D%2580%25E5%25A4%25A7%25E5%2585%25A8&kw=&cu=http%253A%252F%252Fdxwl.3alian.net%252Fcode%252FNcode20161123.php%253Fsize%253D2~_~b%253D4~_~zi%253D2D374B~_~u%253D3635&pu=http%253A%252F%252Fwww.jiejg79279.com.kf89k89.com%252F%253Fid%253Djs192157-114 HTTP/1.1 
Host: ia.51.la
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dxwl.3alian.net/code/Ncode20161123.php?size=2&b=4&zi=2D374B&u=3635
Cookie: HWWAFSESID=e3dfc29d12a48200f836; HWWAFSESTIME=1550884821479

                                         
                                         183.131.207.78
HTTP/1.1 200
                                        
Server: HuaweiCloudWAF
Date: Sat, 23 Feb 2019 01:20:29 GMT
Content-Length: 0
Connection: keep-alive


--- Additional Info ---
                                        
                                            GET /z_stat.php?id=1274030207&web_id=1274030207 HTTP/1.1 
Host: s19.cnzz.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dxwl.3alian.net/code/go_nav.php?u=3635

                                         
                                         211.138.122.126
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: Tengine
Content-Length: 11734
Connection: keep-alive
Date: Sat, 23 Feb 2019 00:06:58 GMT
Last-Modified: Sat, 23 Feb 2019 00:06:58 GMT
Cache-Control: max-age=5400,s-maxage=5400
Ali-Swift-Global-Savetime: 1550880418
Via: cache29.l2cn104[0,200-0,H], cache32.l2cn104[0,0], kunlun6.cn3[0,200-0,H], kunlun7.cn3[0,0]
Age: 4506
X-Cache: HIT TCP_MEM_HIT dirn:0:415319364
X-Swift-SaveTime: Sat, 23 Feb 2019 00:07:06 GMT
X-Swift-CacheTime: 5392
Timing-Allow-Origin: *
EagleId: d38a7a2515508849243923603e


--- Additional Info ---
Magic:  ASCII text, with very long lines
Size:   11734
Md5:    34ea55249c943c24ebb595443dbe358c
Sha1:   6dbc770d1cdfeed5302252323d7671448af2a1cc
Sha256: 15179fdb2e3f38b4f554a648232af41c2975de7835a5edab417d4ba43f49d40d
                                        
                                            GET /go1?id=17120461&rt=1550884924240&rl=1176*885&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1550884924240&tt=%25E7%25B2%25BE%25E5%25BD%25A9%25E7%25BD%2591%25E5%259D%2580%25E5%25A4%25A7%25E5%2585%25A8&kw=&cu=http%253A%252F%252Fdx.84lm.net%252Fcode%252Fadview_pic14.php%253Fr%253D1~_~c%253D6~_~w%253D960~_~h%253D220~_~b%253D0080ff~_~s%253DCC0000~_~bg%253DFFFFFF~_~p%253DFFFFCC~_~u%253D45975~_~at%253Dp0~_~tt%253Dt1&pu=http%253A%252F%252Fwww.jiejg79279.com.kf89k89.com%252F%253Fid%253Djs192157-114 HTTP/1.1 
Host: ia.51.la
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic14.php?r=1&c=6&w=960&h=220&b=0080ff&s=CC0000&bg=FFFFFF&p=FFFFCC&u=45975&at=p0&tt=t1
Cookie: HWWAFSESID=e3dfc29d12a48200f836; HWWAFSESTIME=1550884821479

                                         
                                         183.131.207.78
HTTP/1.1 200
                                        
Server: HuaweiCloudWAF
Date: Sat, 23 Feb 2019 01:20:29 GMT
Content-Length: 0
Connection: keep-alive


--- Additional Info ---
                                        
                                            GET /go1?id=17120461&rt=1550884924352&rl=1176*885&lang=en-US&ct=unknow&pf=1&ins=0&vd=4&ce=1&cd=24&ds=&ing=4&ekc=&sid=1550884924240&tt=%25E7%25B2%25BE%25E5%25BD%25A9%25E7%25BD%2591%25E5%259D%2580%25E5%25A4%25A7%25E5%2585%25A8&kw=&cu=http%253A%252F%252Fdx.84lm.net%252Fcode%252Fadview_pic3.php%253Fr%253D1~_~c%253D7~_~w%253D950~_~h%253D175~_~b%253DFFFFCC~_~s%253D818181~_~bg%253DFFFFFF~_~p%253DFFFFFF~_~u%253D45975~_~at%253Dp0~_~tt%253Dt1&pu=http%253A%252F%252Fwww.jiejg79279.com.kf89k89.com%252F%253Fid%253Djs192157-114 HTTP/1.1 
Host: ia.51.la
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic3.php?r=1&c=7&w=950&h=175&b=FFFFCC&s=818181&bg=FFFFFF&p=FFFFFF&u=45975&at=p0&tt=t1
Cookie: HWWAFSESID=e3dfc29d12a48200f836; HWWAFSESTIME=1550884821479

                                         
                                         183.131.207.78
HTTP/1.1 200
                                        
Server: HuaweiCloudWAF
Date: Sat, 23 Feb 2019 01:20:29 GMT
Content-Length: 0
Connection: keep-alive


--- Additional Info ---
                                        
                                            GET /core.php?web_id=1274030207&t=z HTTP/1.1 
Host: c.cnzz.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dxwl.3alian.net/code/Ncode20161123.php?size=2&b=1&zi=2D374B&u=3635

                                         
                                         211.138.122.200
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: Tengine
Content-Length: 996
Connection: keep-alive
Date: Sat, 23 Feb 2019 01:20:20 GMT
Last-Modified: Sat, 23 Feb 2019 01:20:20 GMT
Expires: Sat, 23 Feb 2019 01:35:20 GMT
Ali-Swift-Global-Savetime: 1550884820
Via: cache20.l2cm9[0,200-0,H], cache46.l2cm9[0,0], kunlun1.cn3[0,200-0,H], kunlun8.cn3[0,0]
Age: 104
X-Cache: HIT TCP_MEM_HIT dirn:-2:-2
X-Swift-SaveTime: Sat, 23 Feb 2019 01:20:20 GMT
X-Swift-CacheTime: 900
Timing-Allow-Origin: *
EagleId: d38a7a2615508849247402728e


--- Additional Info ---
Magic:  ASCII text, with very long lines, with no line terminators
Size:   996
Md5:    f106037e0444a5542887f53659933464
Sha1:   a312bc9b6d19730aa0af58319be4cebc7298c88c
Sha256: b7ca19c28f98605352a5fbd3c15ec6b45413fb8269ef2e545cbde36ee7534329
                                        
                                            GET /go1?id=17120461&rt=1550884924273&rl=1176*885&lang=en-US&ct=unknow&pf=1&ins=0&vd=2&ce=1&cd=24&ds=&ing=2&ekc=&sid=1550884924240&tt=%25E7%25B2%25BE%25E5%25BD%25A9%25E7%25BD%2591%25E5%259D%2580%25E5%25A4%25A7%25E5%2585%25A8&kw=&cu=http%253A%252F%252Fdx.84lm.net%252Fcode%252FNcode20161123.php%253Fsize%253D1~_~b%253D2~_~zi%253D2D374B~_~u%253D45975&pu=http%253A%252F%252Fwww.jiejg79279.com.kf89k89.com%252F%253Fid%253Djs192157-114 HTTP/1.1 
Host: ia.51.la
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/Ncode20161123.php?size=1&b=2&zi=2D374B&u=45975
Cookie: HWWAFSESID=e3dfc29d12a48200f836; HWWAFSESTIME=1550884821479

                                         
                                         183.131.207.78
HTTP/1.1 200
                                        
Server: HuaweiCloudWAF
Date: Sat, 23 Feb 2019 01:22:04 GMT
Content-Length: 0
Connection: keep-alive


--- Additional Info ---
                                        
                                            GET /go1?id=17120461&rt=1550884924287&rl=1176*885&lang=en-US&ct=unknow&pf=1&ins=0&vd=3&ce=1&cd=24&ds=&ing=3&ekc=&sid=1550884924240&tt=%25E7%25B2%25BE%25E5%25BD%25A9%25E7%25BD%2591%25E5%259D%2580%25E5%25A4%25A7%25E5%2585%25A8&kw=&cu=http%253A%252F%252Fdx.84lm.net%252Fcode%252Fadview_pic12.php%253Fb%253DD6D6D6~_~p%253DED240E~_~s%253DC90000~_~u%253D45975~_~at%253Dp1~_~tt%253Dt1&pu=http%253A%252F%252Fwww.jiejg79279.com.kf89k89.com%252F%253Fid%253Djs192157-114 HTTP/1.1 
Host: ia.51.la
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic12.php?b=D6D6D6&p=ED240E&s=C90000&u=45975&at=p1&tt=t1
Cookie: HWWAFSESID=e3dfc29d12a48200f836; HWWAFSESTIME=1550884821479

                                         
                                         183.131.207.78
HTTP/1.1 200
                                        
Server: HuaweiCloudWAF
Date: Sat, 23 Feb 2019 01:20:30 GMT
Content-Length: 0
Connection: keep-alive


--- Additional Info ---
                                        
                                            GET /core.php?web_id=1274030207&t=z HTTP/1.1 
Host: c.cnzz.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dxwl.3alian.net/code/go_nav.php?u=3635

                                         
                                         211.138.122.200
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: Tengine
Content-Length: 630
Connection: keep-alive
Date: Sat, 23 Feb 2019 01:14:43 GMT
Vary: Accept-Encoding
X-Powered-By: PHP/5.5.25
Last-Modified: Sat, 23 Feb 2019 01:14:43 GMT
Expires: Sat, 23 Feb 2019 01:29:43 GMT
Content-Encoding: gzip
Ali-Swift-Global-Savetime: 1550882673
Via: cache47.l2cn104[0,200-0,H], cache44.l2cn104[0,0], kunlun1.cn3[0,200-0,H], kunlun8.cn3[1,0]
Age: 442
X-Cache: HIT TCP_MEM_HIT dirn:-2:-2
X-Swift-SaveTime: Sat, 23 Feb 2019 01:15:33 GMT
X-Swift-CacheTime: 850
Timing-Allow-Origin: *
EagleId: d38a7a2615508849255254245e


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   630
Md5:    bca0f958f34983860421ef1cd94d86af
Sha1:   e8eafe17b509e4cedc0efafc1278bfeb75b8956b
Sha256: fcffd0d6610340d002af4bc3d7b5a9bc97b30c01e062e9908407735af1255ded
                                        
                                            GET /stat.htm?id=1240968&r=http%3A%2F%2Fwww.jiejg79279.com.kf89k89.com%2F%3Fid%3Djs192157-114&lg=en-us&ntime=1550881147&cnzz_eid=1291994440-1550881147-http%3A%2F%2Fwww.jiejg79279.com.kf89k89.com%2F&showp=1176x885&t=%E7%B2%BE%E5%BD%A9%E7%BD%91%E5%9D%80%E5%A4%A7%E5%85%A8&umuuid=16917f1e71912b-07b85be15f1646-6c242d76-fe178-16917f1e71a10d&h=1&rnd=726480295 HTTP/1.1 
Host: hzs14.cnzz.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dxwl.3alian.net/code/Ncode20161123.php?size=2&b=4&zi=2D374B&u=3635

                                         
                                         203.119.129.114
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: Tengine
Date: Sat, 23 Feb 2019 01:22:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   22
Md5:    8bd3e739a9ba80a435f0214811da0c2a
Sha1:   bfc17d1e04e56542eb8037f08ed142efd252ea82
Sha256: a2dd5774b01bbfc29140279e02fea087df42a4c257dce8858226737a2e521986
                                        
                                            GET /stat.htm?id=1240968&r=http%3A%2F%2Fwww.jiejg79279.com.kf89k89.com%2F%3Fid%3Djs192157-114&lg=en-us&ntime=none&cnzz_eid=236666119-1550881147-http%3A%2F%2Fwww.jiejg79279.com.kf89k89.com%2F&showp=1176x885&t=%E7%B2%BE%E5%BD%A9%E7%BD%91%E5%9D%80%E5%A4%A7%E5%85%A8&umuuid=16917f1e6afd0-01b096e44ad991-6c242d76-fe178-16917f1e6b0106&h=1&rnd=1067563999 HTTP/1.1 
Host: hzs14.cnzz.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic14.php?r=1&c=6&w=960&h=220&b=0080ff&s=CC0000&bg=FFFFFF&p=FFFFCC&u=45975&at=p0&tt=t1

                                         
                                         203.119.129.114
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: Tengine
Date: Sat, 23 Feb 2019 01:22:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   22
Md5:    8bd3e739a9ba80a435f0214811da0c2a
Sha1:   bfc17d1e04e56542eb8037f08ed142efd252ea82
Sha256: a2dd5774b01bbfc29140279e02fea087df42a4c257dce8858226737a2e521986
                                        
                                            GET /stat.htm?id=1240968&r=http%3A%2F%2Fwww.jiejg79279.com.kf89k89.com%2F%3Fid%3Djs192157-114&lg=en-us&ntime=1550881147&cnzz_eid=236666119-1550881147-http%3A%2F%2Fwww.jiejg79279.com.kf89k89.com%2F&showp=1176x885&t=%E7%B2%BE%E5%BD%A9%E7%BD%91%E5%9D%80%E5%A4%A7%E5%85%A8&umuuid=16917f1e6afd0-01b096e44ad991-6c242d76-fe178-16917f1e6b0106&h=1&rnd=887049120 HTTP/1.1 
Host: hzs14.cnzz.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic3.php?r=1&c=7&w=950&h=175&b=FFFFCC&s=818181&bg=FFFFFF&p=FFFFFF&u=45975&at=p0&tt=t1

                                         
                                         203.119.129.114
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: Tengine
Date: Sat, 23 Feb 2019 01:22:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   22
Md5:    8bd3e739a9ba80a435f0214811da0c2a
Sha1:   bfc17d1e04e56542eb8037f08ed142efd252ea82
Sha256: a2dd5774b01bbfc29140279e02fea087df42a4c257dce8858226737a2e521986
                                        
                                            GET /stat.htm?id=1240968&r=http%3A%2F%2Fwww.jiejg79279.com.kf89k89.com%2F%3Fid%3Djs192157-114&lg=en-us&ntime=1550881147&cnzz_eid=236666119-1550881147-http%3A%2F%2Fwww.jiejg79279.com.kf89k89.com%2F&showp=1176x885&t=%E7%B2%BE%E5%BD%A9%E7%BD%91%E5%9D%80%E5%A4%A7%E5%85%A8&umuuid=16917f1e6afd0-01b096e44ad991-6c242d76-fe178-16917f1e6b0106&h=1&rnd=877084781 HTTP/1.1 
Host: hzs14.cnzz.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/Ncode20161123.php?size=1&b=2&zi=2D374B&u=45975

                                         
                                         203.119.129.114
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: Tengine
Date: Sat, 23 Feb 2019 01:22:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   22
Md5:    8bd3e739a9ba80a435f0214811da0c2a
Sha1:   bfc17d1e04e56542eb8037f08ed142efd252ea82
Sha256: a2dd5774b01bbfc29140279e02fea087df42a4c257dce8858226737a2e521986
                                        
                                            GET /stat.htm?id=1240968&r=http%3A%2F%2Fwww.jiejg79279.com.kf89k89.com%2F%3Fid%3Djs192157-114&lg=en-us&ntime=none&cnzz_eid=1291994440-1550881147-http%3A%2F%2Fwww.jiejg79279.com.kf89k89.com%2F&showp=1176x885&t=%E7%B2%BE%E5%BD%A9%E7%BD%91%E5%9D%80%E5%A4%A7%E5%85%A8&umuuid=16917f1e71912b-07b85be15f1646-6c242d76-fe178-16917f1e71a10d&h=1&rnd=1644096768 HTTP/1.1 
Host: hzs14.cnzz.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dxwl.3alian.net/code/Ncode20161123.php?size=2&b=1&zi=2D374B&u=3635

                                         
                                         203.119.129.114
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: Tengine
Date: Sat, 23 Feb 2019 01:22:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   22
Md5:    8bd3e739a9ba80a435f0214811da0c2a
Sha1:   bfc17d1e04e56542eb8037f08ed142efd252ea82
Sha256: a2dd5774b01bbfc29140279e02fea087df42a4c257dce8858226737a2e521986
                                        
                                            GET /stat.htm?id=1240968&r=http%3A%2F%2Fwww.jiejg79279.com.kf89k89.com%2F%3Fid%3Djs192157-114&lg=en-us&ntime=1550881147&cnzz_eid=236666119-1550881147-http%3A%2F%2Fwww.jiejg79279.com.kf89k89.com%2F&showp=1176x885&t=%E7%B2%BE%E5%BD%A9%E7%BD%91%E5%9D%80%E5%A4%A7%E5%85%A8&umuuid=16917f1e6afd0-01b096e44ad991-6c242d76-fe178-16917f1e6b0106&h=1&rnd=1989255566 HTTP/1.1 
Host: hzs14.cnzz.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic12.php?b=D6D6D6&p=ED240E&s=C90000&u=45975&at=p1&tt=t1

                                         
                                         203.119.129.114
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: Tengine
Date: Sat, 23 Feb 2019 01:22:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   22
Md5:    8bd3e739a9ba80a435f0214811da0c2a
Sha1:   bfc17d1e04e56542eb8037f08ed142efd252ea82
Sha256: a2dd5774b01bbfc29140279e02fea087df42a4c257dce8858226737a2e521986
                                        
                                            GET /stat.htm?id=1274030207&r=http%3A%2F%2Fwww.jiejg79279.com.kf89k89.com%2F%3Fid%3Djs192157-114&lg=en-us&ntime=1550880418&cnzz_eid=1337408998-1550880418-null&showp=1176x885&t=%E7%B2%BE%E5%BD%A9%E7%BD%91%E5%9D%80%E5%A4%A7%E5%85%A8&umuuid=16917f1e71912b-07b85be15f1646-6c242d76-fe178-16917f1e71a10d&h=1&rnd=248017986 HTTP/1.1 
Host: z8.cnzz.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dxwl.3alian.net/code/Ncode20161123.php?size=2&b=1&zi=2D374B&u=3635

                                         
                                         203.119.129.114
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: Tengine
Date: Sat, 23 Feb 2019 01:22:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   22
Md5:    8bd3e739a9ba80a435f0214811da0c2a
Sha1:   bfc17d1e04e56542eb8037f08ed142efd252ea82
Sha256: a2dd5774b01bbfc29140279e02fea087df42a4c257dce8858226737a2e521986
                                        
                                            GET /stat.htm?id=1274030207&r=http%3A%2F%2Fwww.jiejg79279.com.kf89k89.com%2F%3Fid%3Djs192157-114&lg=en-us&ntime=1550880418&cnzz_eid=1337408998-1550880418-null&showp=1176x885&t=%E7%B2%BE%E5%BD%A9%E7%BD%91%E5%9D%80%E5%A4%A7%E5%85%A8&umuuid=16917f1e71912b-07b85be15f1646-6c242d76-fe178-16917f1e71a10d&h=1&rnd=1314135811 HTTP/1.1 
Host: z8.cnzz.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dxwl.3alian.net/code/Ncode20161123.php?size=2&b=4&zi=2D374B&u=3635

                                         
                                         203.119.129.114
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: Tengine
Date: Sat, 23 Feb 2019 01:22:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   22
Md5:    8bd3e739a9ba80a435f0214811da0c2a
Sha1:   bfc17d1e04e56542eb8037f08ed142efd252ea82
Sha256: a2dd5774b01bbfc29140279e02fea087df42a4c257dce8858226737a2e521986
                                        
                                            GET /stat.htm?id=1274030207&r=http%3A%2F%2Fwww.jiejg79279.com.kf89k89.com%2F%3Fid%3Djs192157-114&lg=en-us&ntime=none&cnzz_eid=1337408998-1550880418-null&showp=1176x885&t=%E7%B2%BE%E9%80%89%E7%BD%91%E5%9D%80&umuuid=16917f1e71912b-07b85be15f1646-6c242d76-fe178-16917f1e71a10d&h=1&rnd=606233588 HTTP/1.1 
Host: z8.cnzz.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dxwl.3alian.net/code/go_nav.php?u=3635

                                         
                                         203.119.129.114
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: Tengine
Date: Sat, 23 Feb 2019 01:22:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   22
Md5:    8bd3e739a9ba80a435f0214811da0c2a
Sha1:   bfc17d1e04e56542eb8037f08ed142efd252ea82
Sha256: a2dd5774b01bbfc29140279e02fea087df42a4c257dce8858226737a2e521986
                                        
                                            GET /pic/3/18.jpg HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic3.php?r=1&c=7&w=950&h=175&b=FFFFCC&s=818181&bg=FFFFFF&p=FFFFFF&u=45975&at=p0&tt=t1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/3/22.jpg HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic3.php?r=1&c=7&w=950&h=175&b=FFFFCC&s=818181&bg=FFFFFF&p=FFFFFF&u=45975&at=p0&tt=t1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET / HTTP/1.1 
Host: cz-xinfeng.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         192.157.197.143
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Connection: close
Date: Sat, 23 Feb 2019 01:21:52 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET, PHP/5.2.17


--- Additional Info ---
                                        
                                            GET /code/adview_pic12.php?b=D6D6D6&p=ED240E&s=C90000&u=45975&at=p1&tt=t1 HTTP/1.1 
Host: dx.84lm.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.jiejg79279.com.kf89k89.com/?id=js192157-114

                                         
                                         45.61.247.67
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: PHP/5.2.17, ASP.NET
Date: Sat, 23 Feb 2019 01:07:08 GMT
Connection: close


--- Additional Info ---
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: cz-xinfeng.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         192.157.197.143
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Connection: close
Date: Sat, 23 Feb 2019 01:21:55 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET, PHP/5.2.17


--- Additional Info ---
                                        
                                            GET /js192157-114-tj.js HTTP/1.1 
Host: www.hgjwglg.ccom.ufj28j8.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://cz-xinfeng.com/

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /images/js.js HTTP/1.1 
Host: cz-xinfeng.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://cz-xinfeng.com/

                                         
                                         192.157.197.143
HTTP/1.1 200 OK
Content-Type: application/x-javascript; charset=gb2312
                                        
Connection: close
Date: Sat, 23 Feb 2019 01:21:52 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET, PHP/5.2.17


--- Additional Info ---
                                        
                                            GET /code/Ncode20161123.php?size=1&b=2&zi=2D374B&u=45975 HTTP/1.1 
Host: dx.84lm.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.jiejg79279.com.kf89k89.com/?id=js192157-114

                                         
                                         45.61.247.67
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: PHP/5.2.17, ASP.NET
Date: Sat, 23 Feb 2019 01:07:08 GMT
Connection: close


--- Additional Info ---
                                        
                                            GET /pic/playimg/0.jpg HTTP/1.1 
Host: 222.186.190.188:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dxwl.3alian.net/code/Ncode20161123.php?size=2&b=1&zi=2D374B&u=3635

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /code/adview_pic14.php?r=1&c=6&w=960&h=220&b=0080ff&s=CC0000&bg=FFFFFF&p=FFFFCC&u=45975&at=p0&tt=t1 HTTP/1.1 
Host: dx.84lm.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.jiejg79279.com.kf89k89.com/?id=js192157-114

                                         
                                         45.61.247.67
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: PHP/5.2.17, ASP.NET
Date: Sat, 23 Feb 2019 01:07:08 GMT
Connection: close


--- Additional Info ---
                                        
                                            GET /code/adview_pic_t.php?r=1&c=4&w=960&h=120&b=0080ff&s=004080&bg=FFFFFF&p=808080&u=3619&at=p0&tt=t1 HTTP/1.1 
Host: www.feixin2.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.jiejg79279.com.kf89k89.com/?id=js192157-114

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /code/view_banner6.php?r=1&c=7&f=FF0000&u=1026 HTTP/1.1 
Host: yyv1c2.vvcpad2.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.jiejg79279.com.kf89k89.com/?id=js192157-114

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /code/view_text_c.php?c=2&s=11&u=1026 HTTP/1.1 
Host: yyv1c2.vvcpad2.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.jiejg79279.com.kf89k89.com/?id=js192157-114

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /code/adview_h.php?b=ffffff&f=ffffff&h=40&w=106&u=3619 HTTP/1.1 
Host: www.feixin2.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.jiejg79279.com.kf89k89.com/?id=js192157-114

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /code/adview_pic_av.php?r=1&c=9&w=960&h=176&b=000000&s=000000&bg=FFFFFF&p=808080&u=3619&at=p0&tt=t1 HTTP/1.1 
Host: www.feixin2.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.jiejg79279.com.kf89k89.com/?id=js192157-114

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /code/adview_pic3.php?r=1&c=7&w=950&h=175&b=FFFFCC&s=818181&bg=FFFFFF&p=FFFFFF&u=45975&at=p0&tt=t1 HTTP/1.1 
Host: dx.84lm.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.jiejg79279.com.kf89k89.com/?id=js192157-114

                                         
                                         45.61.247.67
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: PHP/5.2.17, ASP.NET
Date: Sat, 23 Feb 2019 01:07:11 GMT
Connection: close


--- Additional Info ---
                                        
                                            GET /code/view_text_h.php?t=A30B00&s=6D5A1C&b=FFFFFF&f=FFFFFF&h=120&w=960&u=1026 HTTP/1.1 
Host: yyv1c2.vvcpad2.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.jiejg79279.com.kf89k89.com/?id=js192157-114

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/13/17.jpg HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic14.php?r=1&c=6&w=960&h=220&b=0080ff&s=CC0000&bg=FFFFFF&p=FFFFCC&u=45975&at=p0&tt=t1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/13/15.jpg HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic14.php?r=1&c=6&w=960&h=220&b=0080ff&s=CC0000&bg=FFFFFF&p=FFFFCC&u=45975&at=p0&tt=t1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/13/30.jpg HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic14.php?r=1&c=6&w=960&h=220&b=0080ff&s=CC0000&bg=FFFFFF&p=FFFFCC&u=45975&at=p0&tt=t1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/13/33.jpg HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic14.php?r=1&c=6&w=960&h=220&b=0080ff&s=CC0000&bg=FFFFFF&p=FFFFCC&u=45975&at=p0&tt=t1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/13/23.jpg HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic14.php?r=1&c=6&w=960&h=220&b=0080ff&s=CC0000&bg=FFFFFF&p=FFFFCC&u=45975&at=p0&tt=t1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/13/4.jpg HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic14.php?r=1&c=6&w=960&h=220&b=0080ff&s=CC0000&bg=FFFFFF&p=FFFFCC&u=45975&at=p0&tt=t1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/dt/5.gif HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic12.php?b=D6D6D6&p=ED240E&s=C90000&u=45975&at=p1&tt=t1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/playimg/2.jpg HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/Ncode20161123.php?size=1&b=2&zi=2D374B&u=45975

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/playimg/8.jpg HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/Ncode20161123.php?size=1&b=2&zi=2D374B&u=45975

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/playimg/0.jpg HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/Ncode20161123.php?size=1&b=2&zi=2D374B&u=45975

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/playimg/1.jpg HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/Ncode20161123.php?size=1&b=2&zi=2D374B&u=45975

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/playimg/7.jpg HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/Ncode20161123.php?size=1&b=2&zi=2D374B&u=45975

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/playimg/3.jpg HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/Ncode20161123.php?size=1&b=2&zi=2D374B&u=45975

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/playimg/11.jpg HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/Ncode20161123.php?size=1&b=2&zi=2D374B&u=45975

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/playimg/5.jpg HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/Ncode20161123.php?size=1&b=2&zi=2D374B&u=45975

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/playimg/10.jpg HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/Ncode20161123.php?size=1&b=2&zi=2D374B&u=45975

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/playimg/4.jpg HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/Ncode20161123.php?size=1&b=2&zi=2D374B&u=45975

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/playimg/6.jpg HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/Ncode20161123.php?size=1&b=2&zi=2D374B&u=45975

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/playimg/9.jpg HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/Ncode20161123.php?size=1&b=2&zi=2D374B&u=45975

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/dt/6.gif HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic12.php?b=D6D6D6&p=ED240E&s=C90000&u=45975&at=p1&tt=t1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/dt/14.gif HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic12.php?b=D6D6D6&p=ED240E&s=C90000&u=45975&at=p1&tt=t1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/dt/12.gif HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic12.php?b=D6D6D6&p=ED240E&s=C90000&u=45975&at=p1&tt=t1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/dt/26.gif HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic12.php?b=D6D6D6&p=ED240E&s=C90000&u=45975&at=p1&tt=t1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/dt/25.gif HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic12.php?b=D6D6D6&p=ED240E&s=C90000&u=45975&at=p1&tt=t1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/playimg/1.jpg HTTP/1.1 
Host: 222.186.190.188:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dxwl.3alian.net/code/Ncode20161123.php?size=2&b=1&zi=2D374B&u=3635

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/playimg/9.jpg HTTP/1.1 
Host: 222.186.190.188:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dxwl.3alian.net/code/Ncode20161123.php?size=2&b=1&zi=2D374B&u=3635

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/playimg/5.jpg HTTP/1.1 
Host: 222.186.190.188:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dxwl.3alian.net/code/Ncode20161123.php?size=2&b=1&zi=2D374B&u=3635

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/playimg/7.jpg HTTP/1.1 
Host: 222.186.190.188:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dxwl.3alian.net/code/Ncode20161123.php?size=2&b=1&zi=2D374B&u=3635

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/playimg/8.jpg HTTP/1.1 
Host: 222.186.190.188:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dxwl.3alian.net/code/Ncode20161123.php?size=2&b=1&zi=2D374B&u=3635

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/playimg/10.jpg HTTP/1.1 
Host: 222.186.190.188:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dxwl.3alian.net/code/Ncode20161123.php?size=2&b=1&zi=2D374B&u=3635

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/playimg/2.jpg HTTP/1.1 
Host: 222.186.190.188:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dxwl.3alian.net/code/Ncode20161123.php?size=2&b=1&zi=2D374B&u=3635

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/playimg/4.jpg HTTP/1.1 
Host: 222.186.190.188:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dxwl.3alian.net/code/Ncode20161123.php?size=2&b=1&zi=2D374B&u=3635

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/playimg/6.jpg HTTP/1.1 
Host: 222.186.190.188:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dxwl.3alian.net/code/Ncode20161123.php?size=2&b=1&zi=2D374B&u=3635

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/playimg/11.jpg HTTP/1.1 
Host: 222.186.190.188:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dxwl.3alian.net/code/Ncode20161123.php?size=2&b=1&zi=2D374B&u=3635

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/playimg/3.jpg HTTP/1.1 
Host: 222.186.190.188:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dxwl.3alian.net/code/Ncode20161123.php?size=2&b=1&zi=2D374B&u=3635

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /code/adview_pic_av.php?r=1&c=9&w=960&h=176&b=000000&s=000000&bg=FFFFFF&p=808080&u=3619&at=p0&tt=t1 HTTP/1.1 
Host: www.feixin2.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.jiejg79279.com.kf89k89.com/?id=js192157-114

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/3/7.jpg HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic3.php?r=1&c=7&w=950&h=175&b=FFFFCC&s=818181&bg=FFFFFF&p=FFFFFF&u=45975&at=p0&tt=t1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/3/0.jpg HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic3.php?r=1&c=7&w=950&h=175&b=FFFFCC&s=818181&bg=FFFFFF&p=FFFFFF&u=45975&at=p0&tt=t1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/3/13.jpg HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic3.php?r=1&c=7&w=950&h=175&b=FFFFCC&s=818181&bg=FFFFFF&p=FFFFFF&u=45975&at=p0&tt=t1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/3/14.jpg HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic3.php?r=1&c=7&w=950&h=175&b=FFFFCC&s=818181&bg=FFFFFF&p=FFFFFF&u=45975&at=p0&tt=t1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/3/34.jpg HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic3.php?r=1&c=7&w=950&h=175&b=FFFFCC&s=818181&bg=FFFFFF&p=FFFFFF&u=45975&at=p0&tt=t1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/3/36.jpg HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic3.php?r=1&c=7&w=950&h=175&b=FFFFCC&s=818181&bg=FFFFFF&p=FFFFFF&u=45975&at=p0&tt=t1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/3/19.jpg HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic3.php?r=1&c=7&w=950&h=175&b=FFFFCC&s=818181&bg=FFFFFF&p=FFFFFF&u=45975&at=p0&tt=t1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/3/1.jpg HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic3.php?r=1&c=7&w=950&h=175&b=FFFFCC&s=818181&bg=FFFFFF&p=FFFFFF&u=45975&at=p0&tt=t1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/3/32.jpg HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic3.php?r=1&c=7&w=950&h=175&b=FFFFCC&s=818181&bg=FFFFFF&p=FFFFFF&u=45975&at=p0&tt=t1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/3/21.jpg HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic3.php?r=1&c=7&w=950&h=175&b=FFFFCC&s=818181&bg=FFFFFF&p=FFFFFF&u=45975&at=p0&tt=t1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/3/10.jpg HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic3.php?r=1&c=7&w=950&h=175&b=FFFFCC&s=818181&bg=FFFFFF&p=FFFFFF&u=45975&at=p0&tt=t1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/3/17.jpg HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic3.php?r=1&c=7&w=950&h=175&b=FFFFCC&s=818181&bg=FFFFFF&p=FFFFFF&u=45975&at=p0&tt=t1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/3/30.jpg HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic3.php?r=1&c=7&w=950&h=175&b=FFFFCC&s=818181&bg=FFFFFF&p=FFFFFF&u=45975&at=p0&tt=t1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/3/3.jpg HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic3.php?r=1&c=7&w=950&h=175&b=FFFFCC&s=818181&bg=FFFFFF&p=FFFFFF&u=45975&at=p0&tt=t1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/3/28.jpg HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic3.php?r=1&c=7&w=950&h=175&b=FFFFCC&s=818181&bg=FFFFFF&p=FFFFFF&u=45975&at=p0&tt=t1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/3/11.jpg HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic3.php?r=1&c=7&w=950&h=175&b=FFFFCC&s=818181&bg=FFFFFF&p=FFFFFF&u=45975&at=p0&tt=t1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/3/23.jpg HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic3.php?r=1&c=7&w=950&h=175&b=FFFFCC&s=818181&bg=FFFFFF&p=FFFFFF&u=45975&at=p0&tt=t1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/3/24.jpg HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic3.php?r=1&c=7&w=950&h=175&b=FFFFCC&s=818181&bg=FFFFFF&p=FFFFFF&u=45975&at=p0&tt=t1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/3/12.jpg HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic3.php?r=1&c=7&w=950&h=175&b=FFFFCC&s=818181&bg=FFFFFF&p=FFFFFF&u=45975&at=p0&tt=t1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/3/31.jpg HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic3.php?r=1&c=7&w=950&h=175&b=FFFFCC&s=818181&bg=FFFFFF&p=FFFFFF&u=45975&at=p0&tt=t1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/3/5.jpg HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic3.php?r=1&c=7&w=950&h=175&b=FFFFCC&s=818181&bg=FFFFFF&p=FFFFFF&u=45975&at=p0&tt=t1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/3/8.jpg HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic3.php?r=1&c=7&w=950&h=175&b=FFFFCC&s=818181&bg=FFFFFF&p=FFFFFF&u=45975&at=p0&tt=t1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/3/15.jpg HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic3.php?r=1&c=7&w=950&h=175&b=FFFFCC&s=818181&bg=FFFFFF&p=FFFFFF&u=45975&at=p0&tt=t1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/3/2.jpg HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic3.php?r=1&c=7&w=950&h=175&b=FFFFCC&s=818181&bg=FFFFFF&p=FFFFFF&u=45975&at=p0&tt=t1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/3/20.jpg HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic3.php?r=1&c=7&w=950&h=175&b=FFFFCC&s=818181&bg=FFFFFF&p=FFFFFF&u=45975&at=p0&tt=t1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/3/6.jpg HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic3.php?r=1&c=7&w=950&h=175&b=FFFFCC&s=818181&bg=FFFFFF&p=FFFFFF&u=45975&at=p0&tt=t1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/3/27.jpg HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic3.php?r=1&c=7&w=950&h=175&b=FFFFCC&s=818181&bg=FFFFFF&p=FFFFFF&u=45975&at=p0&tt=t1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/3/25.jpg HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic3.php?r=1&c=7&w=950&h=175&b=FFFFCC&s=818181&bg=FFFFFF&p=FFFFFF&u=45975&at=p0&tt=t1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/3/26.jpg HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic3.php?r=1&c=7&w=950&h=175&b=FFFFCC&s=818181&bg=FFFFFF&p=FFFFFF&u=45975&at=p0&tt=t1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/3/35.jpg HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic3.php?r=1&c=7&w=950&h=175&b=FFFFCC&s=818181&bg=FFFFFF&p=FFFFFF&u=45975&at=p0&tt=t1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/3/9.jpg HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic3.php?r=1&c=7&w=950&h=175&b=FFFFCC&s=818181&bg=FFFFFF&p=FFFFFF&u=45975&at=p0&tt=t1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/3/29.jpg HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic3.php?r=1&c=7&w=950&h=175&b=FFFFCC&s=818181&bg=FFFFFF&p=FFFFFF&u=45975&at=p0&tt=t1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/3/16.jpg HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic3.php?r=1&c=7&w=950&h=175&b=FFFFCC&s=818181&bg=FFFFFF&p=FFFFFF&u=45975&at=p0&tt=t1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/3/33.jpg HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic3.php?r=1&c=7&w=950&h=175&b=FFFFCC&s=818181&bg=FFFFFF&p=FFFFFF&u=45975&at=p0&tt=t1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/3/4.jpg HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic3.php?r=1&c=7&w=950&h=175&b=FFFFCC&s=818181&bg=FFFFFF&p=FFFFFF&u=45975&at=p0&tt=t1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /pic/3/.jpg HTTP/1.1 
Host: 222.186.190.136:8899
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://dx.84lm.net/code/adview_pic3.php?r=1&c=7&w=950&h=175&b=FFFFCC&s=818181&bg=FFFFFF&p=FFFFFF&u=45975&at=p0&tt=t1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---