Overview

URL www.maidimile.com/kuplay_238_27304.exe
IP154.213.243.120
ASN
Location Unknown
Report completed2019-06-07 15:49:26 CEST
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2019-06-07 2 www.maidimile.com/kuplay_238_27304.exe Malware
2019-06-07 2 www.maidimile.com/js/jquery-1.11.1.min.js Malware
2019-06-07 2 www.maidimile.com/51la.js Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 154.213.243.120

Date UQ / IDS / BL URL IP
2019-06-07 17:03:38 +0200
0 - 0 - 3 www.maidimile.com/aa3999xfyy_238_15270.exe 154.213.243.120
2019-06-07 17:03:25 +0200
0 - 0 - 1 maidimile.com/aa3999xfyy_238_15270.exe 154.213.243.120
2019-06-07 17:02:21 +0200
0 - 0 - 4 maidimile.com/fghgytudf_238_53360.exe 154.213.243.120
2019-06-07 15:49:39 +0200
0 - 0 - 4 maidimile.com/kuplay_238_27304.exe 154.213.243.120
2019-06-07 15:49:30 +0200
0 - 0 - 3 www.maidimile.com/jkmGza_238_15270.exe 154.213.243.120
2019-06-07 15:49:25 +0200
0 - 0 - 3 www.maidimile.com/QvodSetupPlus5971489_238_50 (...) 154.213.243.120
2019-06-07 15:49:24 +0200
0 - 0 - 3 www.maidimile.com/jkPuTP_238_15270.exe 154.213.243.120
2019-06-07 15:49:24 +0200
0 - 0 - 3 www.maidimile.com/aa3669xfyy_238_15270.exe 154.213.243.120
2019-06-07 15:47:42 +0200
0 - 0 - 4 maidimile.com/zzxiazai_238_61390.exe 154.213.243.120
2019-06-07 15:47:37 +0200
0 - 0 - 4 maidimile.com/dumpling_238_55472.exe 154.213.243.120

Last 10 reports on ASN:

Date UQ / IDS / BL URL IP
2019-07-02 09:48:15 +0200
0 - 0 - 0 https://www.imdb.com/list/ls049696316/ 143.204.52.228
2019-07-02 09:48:17 +0200
0 - 0 - 0 https://www.imdb.com/list/ls049696333/ 143.204.52.228
2019-07-02 09:48:03 +0200
0 - 0 - 0 https://www.spreaker.com/show/ver-peru-x-urug (...) 52.51.101.146
2019-07-01 11:37:34 +0200
0 - 0 - 0 https://www.tig-uk.com/tts/nbn4298k3o7tvns8vp (...) 144.217.235.30
2019-07-01 11:37:22 +0200
0 - 0 - 0 https://www.tig-uk.com/tts/nbn4298k3o7tvns8vp (...) 144.217.235.30
2019-07-01 11:36:59 +0200
0 - 0 - 0 https://healthadviserpro.com/power-efficiency (...) 108.179.246.37
2019-07-01 11:35:37 +0200
0 - 0 - 0 https://www.imdb.com/list/ls049291106/ 143.204.52.228
2019-07-01 11:31:59 +0200
0 - 0 - 1 https://fp.bwjf.cn/downInvoice/98d3884f381b46 (...) 39.107.217.15
2019-07-01 11:28:01 +0200
0 - 0 - 0 https://d9.flashtalking.com/d9core 52.211.104.166
2019-07-01 11:27:51 +0200
0 - 0 - 0 https://www.launchora.com/story/123movies-wat (...) 52.38.238.5

No other reports on domain: maidimile.com



JavaScript

Executed Scripts (13)


Executed Evals (11)

#1 JavaScript::Eval (size: 3, repeated: 1) - SHA256: fd0ad9026eee596b7072a762941f60bef57e760a230edd450b3a634825685c2a

                                        (1)
                                    

#2 JavaScript::Eval (size: 3, repeated: 1) - SHA256: 0e77e68ba5473d98840c3212f4a8cb801226494f1162c8001a9f4ed7b00cbaa8

                                        (2)
                                    

#3 JavaScript::Eval (size: 3, repeated: 1) - SHA256: 46f789d1efeefad080846917a6a4a761d0e1804bb0a4f27fa4634a887ec26265

                                        (3)
                                    

#4 JavaScript::Eval (size: 142, repeated: 2) - SHA256: 751b60939f123d5012e21007fdbc9f52346425c8c402e2128fe4251c4d134ea3

                                        ({
        "rl": "1176*885",
        "lang": "en-US",
        "ct": "unknow",
        "pf": 1,
        "ins": 0,
        "vd": 2,
        "ce": 1,
        "cd": 24,
        "ds": "�/2018pl��Q,]�plQ,l��[
                                    

#5 JavaScript::Eval (size: 238, repeated: 1) - SHA256: 1fcb2a4874deb2cfaea87d51770a93c9c37a2e0a61029925f60b3aa5db82dd15

                                        ({
    "rl": "1176*885",
    "lang": "en-US",
    "ct": "unknow",
    "pf": 1,
    "ins": 1,
    "vd": 1,
    "ce": 1,
    "cd": 24,
    "ds": "",
    "ing": 1,
    "ekc": "",
    "sid": 1559915346113,
    "tt": "",
    "kw": "",
    "cu": "http://www.maidimile.com/kuplay_238_27304.exe",
    "pu": ""
})
                                    

#6 JavaScript::Eval (size: 238, repeated: 1) - SHA256: b3c64e8478fa80c077ed20292b724d5e548253a1dfbaee2a60496db9d06fd5a4

                                        ({
    "rl": "1176*885",
    "lang": "en-US",
    "ct": "unknow",
    "pf": 1,
    "ins": 1,
    "vd": 1,
    "ce": 1,
    "cd": 24,
    "ds": "",
    "ing": 2,
    "ekc": "",
    "sid": 1559915348540,
    "tt": "",
    "kw": "",
    "cu": "http://www.maidimile.com/kuplay_238_27304.exe",
    "pu": ""
})
                                    

#7 JavaScript::Eval (size: 59, repeated: 1) - SHA256: 992d4a28bb8a2994b0be6f823756d872439ca0dc8cb0e06efdbdb1139c63b8f6

                                        ({
    "sid": 1559915346113,
    "vd": 1,
    "expires": 1559917146113
})
                                    

#8 JavaScript::Eval (size: 59, repeated: 1) - SHA256: b305391dabe2d3338bc0598e891aed671e11eca7900bd7dae8bb59df2de82d22

                                        ({
    "sid": 1559915346113,
    "vd": 2,
    "expires": 1559917149500
})
                                    

#9 JavaScript::Eval (size: 59, repeated: 1) - SHA256: c064575c11bb27d50e4c24e23b5f13553d0451c3fe2b6d03ca3b4429a124e058

                                        ({
    "sid": 1559915348540,
    "vd": 1,
    "expires": 1559917148540
})
                                    

#10 JavaScript::Eval (size: 59, repeated: 1) - SHA256: 50a8693f489a98bd6c717d2cfb36dfe28e2375b565ae264cb18f16be777780a0

                                        ({
    "sid": 1559915348540,
    "vd": 2,
    "expires": 1559917150451
})
                                    

#11 JavaScript::Eval (size: 4, repeated: 3) - SHA256: 5b8d2b991d2c1f5bf78beb557d17e6650086a267e5ffd4bb6f8aaa942c570f5d

                                        ({})
                                    

Executed Writes (7)

#1 JavaScript::Write (size: 258, repeated: 2) - SHA256: f40510edcb5c0f3403d5e80ba0e78d7c964a1449335779b019254b97658b10c4

                                        < a href = "https://www.51.la/?comId=19838527"
title = "51.La Q�A�ߡ��"
target = "_blank" > < span style = "display:inline-block;background-color:#FFCA28;color:#fff;padding:2px 5px;font-family:arial;font-size:12px;font-weight:bold;line-height:1;" > 51 La < /span></a >
                                    

#2 JavaScript::Write (size: 258, repeated: 2) - SHA256: e9dd9169fe7c1ee520ef5248a658615fb712970c1f8a6bf662476ce7039de1c9

                                        < a href = "https://www.51.la/?comId=19838531"
title = "51.La Q�A�ߡ��"
target = "_blank" > < span style = "display:inline-block;background-color:#9B27B0;color:#fff;padding:2px 5px;font-family:arial;font-size:12px;font-weight:bold;line-height:1;" > 51 La < /span></a >
                                    

#3 JavaScript::Write (size: 86, repeated: 1) - SHA256: 5c91c11cdc85479246ff7207bec8d0ff32ade5aa7c9ebe8d8c8671ab8d820e85

                                        < script charset = "utf-8"
src = "http://s6.qhres.com/static/ab77b6ea7f3fbf79.js" > < /script>
                                    

#4 JavaScript::Write (size: 101, repeated: 1) - SHA256: a8cfadeead5dc6cea91179735b7b57b93fb7a23e8f6ce220e6cd16dcea8918c4

                                        < script language = "javascript"
src = "http://www.cf8e8fa888go8od.com:5688/jump/jump_500vip.js" > < /script>
                                    

#5 JavaScript::Write (size: 107, repeated: 1) - SHA256: fe88734c7642c4f880b72fa317f447703b69173b7f05c3a0ba0b3506c7a9e150

                                        < script src = "http://js.passport.qihucdn.com/11.0.1.js?0cafbe109ab248eb7be06d7f99c4009f"
id = "sozz" > < /script>
                                    

#6 JavaScript::Write (size: 82, repeated: 2) - SHA256: 6b8b8bf2a2b6b230760cd25b0a9a1b79d82ef8e1c17dd7cbc1b00d19f8fc1356

                                        < script type = "text/javascript"
src = "https://js.users.51.la/19838527.js" > < /script>
                                    

#7 JavaScript::Write (size: 82, repeated: 2) - SHA256: 11fbbbfc7ed75f05eb74f44eb1e4212f9cb7ce84b10603c04781de862c40fc2f

                                        < script type = "text/javascript"
src = "https://js.users.51.la/19838531.js" > < /script>
                                    


HTTP Transactions (23)


Request Response
                                        
                                            GET /kuplay_238_27304.exe HTTP/1.1 
Host: www.maidimile.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         154.213.243.120
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 07 Jun 2019 13:48:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1463
Md5:    d570901b40cecc8c9bf54818dcf8bbd4
Sha1:   56155f5dd94e899ce4640622f3f9e2757a1c5156
Sha256: e0a650c7275752d58db2d6f3347642a555851adcf3697ed28f0d7f1802023685

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /js/jquery-1.11.1.min.js HTTP/1.1 
Host: www.maidimile.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.maidimile.com/kuplay_238_27304.exe

                                         
                                         154.213.243.120
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 07 Jun 2019 13:48:44 GMT
Content-Length: 157
Last-Modified: Thu, 24 Jan 2019 08:36:07 GMT
Connection: keep-alive
Etag: "5c4978f7-9d"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with CR line terminators
Size:   157
Md5:    e9e0cd1a0bfc097a99ee3d6dff1dd4f0
Sha1:   13bcb46fa66ae52c85c54711cc725f4219d0086e
Sha256: 8fd7d34f055c0161ce002d6856c9286daeedf8522bcb69e8465fd5876009d81a

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /51la.js HTTP/1.1 
Host: www.maidimile.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.maidimile.com/kuplay_238_27304.exe

                                         
                                         154.213.243.120
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 07 Jun 2019 13:48:45 GMT
Content-Length: 711
Last-Modified: Thu, 10 Jan 2019 08:06:13 GMT
Connection: keep-alive
Etag: "5c36fcf5-2c7"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text
Size:   711
Md5:    f0077792fe86f76a104db6e23f1e001c
Sha1:   e20d8643586d4172e2c5cd01ca0c7e01e7c05df4
Sha256: 37bf4924fe3f16a2d7410ae85d06c2e498924ce5ade4318d1599a072e47eda6e

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            POST /gsdomainvalsha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 111
Content-Type: application/ocsp-request

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 07 Jun 2019 13:49:06 GMT
Content-Length: 1562
Connection: keep-alive
Set-Cookie: __cfduid=d8b18bcb347f02b7c861f475e89ca13891559915346; expires=Sat, 06-Jun-20 13:49:06 GMT; path=/; domain=.globalsign.com; HttpOnly
Expires: Tue, 11 Jun 2019 10:33:35 GMT
X-Powered-By: Undertow/1
Etag: "f66c6e325e69650a9db71e50c5350422991c3463"
Last-Modified: Fri, 07 Jun 2019 10:33:35 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4e3316608a7442b3-OSL


--- Additional Info ---
Magic:  data
Size:   1562
Md5:    1e2aa4281773dfa365807c064088fd4f
Sha1:   f66c6e325e69650a9db71e50c5350422991c3463
Sha256: a40d51e0c6bdedfef8a28488dc6922dc62d692011b82df405ecd67dc8826ac57
                                        
                                            GET /19838531.js HTTP/1.1 
Host: js.users.51.la
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.maidimile.com/kuplay_238_27304.exe

                                         
                                         163.171.128.16
HTTP/1.1 200 OK
Content-Type: application/javascript;charset=UTF-8
                                        
Date: Fri, 07 Jun 2019 13:49:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.14.0
id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSenGHp0A8xzGNqVIBfwhVFF0ivsqngh
Etag: "6b31d3b5e3ade4d95108d0b94a81bf2a"
x-id: 19838531
version-id: G001116835C32B01FFFF900701BC5685
Last-Modified: Thu Jan 10 11:16:49 CST 2019
request-id: 0000016B1277EF88900B98D114B95CCC
x-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
Content-Disposition: inline;filename=f.txt
Vary: Accept-Encoding
Content-Encoding: gzip
Age: 62637
X-Via: 1.1 ld88:8 (Cdn Cache Server V2.0)[480 200 2], 1.1 VMdgflkfFRA1ow64:2 (Cdn Cache Server V2.0)[0 200 0]


--- Additional Info ---
Magic:  gzip compressed data, from Unix, last modified: Sat Jun 01 11:56:18 2019
Size:   2547
Md5:    e5752b6ee14ac0e347c139bccf9f41e8
Sha1:   a73c936a0e24d6a67987a7b299cf2f038a8156b1
Sha256: 5640fc10b21a4442961aed63bf1cb7b267609602d12f474810592ca65f71e712
                                        
                                            GET /19838527.js HTTP/1.1 
Host: js.users.51.la
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.maidimile.com/kuplay_238_27304.exe

                                         
                                         163.171.128.16
HTTP/1.1 200 OK
Content-Type: application/javascript;charset=UTF-8
                                        
Date: Fri, 07 Jun 2019 13:49:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx/1.14.0
id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSmT8HCrJYraZqDXfybM94s2V7LhdWna
Etag: "8591797d0158027cc25a20b8e43d046c"
x-id: 19838527
version-id: G001116835C02502FFFF904B01938498
Last-Modified: Thu Jan 10 11:13:31 CST 2019
request-id: 0000016B19669E1A900B7AD79C49DF34
x-reserved: amazon, aws and amazon web services are trademarks or registered trademarks of Amazon Technologies, Inc
Content-Disposition: inline;filename=f.txt
Vary: Accept-Encoding
Content-Encoding: gzip
Age: 62637
X-Via: 1.1 ld93:7 (Cdn Cache Server V2.0)[268 200 2], 1.1 VMdgflkfFRA1ow64:3 (Cdn Cache Server V2.0)[1 200 0]


--- Additional Info ---
Magic:  gzip compressed data, from Unix, last modified: Sun Jun 02 20:14:44 2019
Size:   2547
Md5:    ff3e2f719c3055a5d00a4da57d4f7b69
Sha1:   e414c42da4257fbc1094e0f7c5047bc63f990e49
Sha256: d6767fcf682eff00cd69d11827f3dff9e11a4e39468a025dbae4856d9078599c
                                        
                                            POST /gsorganizationvalsha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 111
Content-Type: application/ocsp-request
Cookie: __cfduid=d8b18bcb347f02b7c861f475e89ca13891559915346

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 07 Jun 2019 13:49:06 GMT
Content-Length: 1574
Connection: keep-alive
Expires: Tue, 11 Jun 2019 11:42:12 GMT
X-Powered-By: Undertow/1
Etag: "f61de5d3fa65449b175f5cafa7ea4fd4e8cfdee0"
Last-Modified: Fri, 07 Jun 2019 11:42:12 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4e331663fd2842b3-OSL


--- Additional Info ---
Magic:  data
Size:   1574
Md5:    7d58c402518f7de532cfca6597d984c4
Sha1:   f61de5d3fa65449b175f5cafa7ea4fd4e8cfdee0
Sha256: 5fc1c2786797a620aeafacf3a9279074a79b40649b198534c619be6a74878581
                                        
                                            GET /go1?id=19838531&rt=1559915346113&rl=1176*885&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1559915346113&tt=&kw=&cu=http%253A%252F%252Fwww.maidimile.com%252Fkuplay_238_27304.exe&pu= HTTP/1.1 
Host: ia.51.la
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.maidimile.com/kuplay_238_27304.exe

                                         
                                         183.131.207.66
HTTP/1.1 200
Content-Type: application/octet-stream
                                        
Server: HuaweiCloudWAF
Date: Fri, 07 Jun 2019 13:49:06 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=ef2e230136ddb301520; path=/ HWWAFSESTIME=1559915346243; path=/


--- Additional Info ---
                                        
                                            GET /hm.js?bdc72b904f05fd758a055325855bd6bf HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.maidimile.com/kuplay_238_27304.exe

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11875
Date: Fri, 07 Jun 2019 13:49:07 GMT
Etag: 0c3f4f1c6205a1bdd70cd32e1c03aefc
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=0711CB0CD31C785A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max speed
Size:   11875
Md5:    47d35e6f5a8d7012b03c8c509ff14bc9
Sha1:   3a64137ff747097188ef77c1ed862611e950a8b6
Sha256: 4ba4471a5c43642364a8d11f91161e7ca6e1b068f81dd70d0a03b5529ffb3a38
                                        
                                            GET /hm.js?174f9004bf6fda0727b87f07b70a7dfa HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.maidimile.com/kuplay_238_27304.exe

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11876
Date: Fri, 07 Jun 2019 13:49:07 GMT
Etag: f1ad81af3049afeb295962033ad44523
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=564EB2AF50BA7702; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max speed
Size:   11876
Md5:    4a1953eb94bb7af052c2eb8b7248622b
Sha1:   b2e4135e1028c43310c0fa5ab23627ed2bb51114
Sha256: 7160c077b1c9c7aa16300e538046594c66242c120771b3e773d214c45393ee7b
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.maidimile.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __tins__19838531=%7B%22sid%22%3A%201559915346113%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201559917146113%7D; __51cke__=; __51laig__=2; Hm_lvt_bdc72b904f05fd758a055325855bd6bf=1559915348; Hm_lpvt_bdc72b904f05fd758a055325855bd6bf=1559915348; Hm_lvt_174f9004bf6fda0727b87f07b70a7dfa=1559915349; Hm_lpvt_174f9004bf6fda0727b87f07b70a7dfa=1559915349; __tins__19838527=%7B%22sid%22%3A%201559915348540%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201559917148540%7D

                                         
                                         154.213.243.120
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx
Date: Fri, 07 Jun 2019 13:49:08 GMT
Content-Length: 5686
Last-Modified: Tue, 27 Sep 2016 02:33:28 GMT
Connection: keep-alive
Etag: "57e9da78-1636"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  MS Windows icon resource - 2 icons, 16x16, 256-colors
Size:   5686
Md5:    cae06cd4b5b7be327ccb00a6dd6f588c
Sha1:   91ab18740e8c44d89f0c66485dee5e616999921b
Sha256: 0031ac87d8b67d608bf586ee097204782580ee645891c5d3d05591ae00f47953
                                        
                                            GET /go1?id=19838527&rt=1559915348540&rl=1176*885&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=2&ekc=&sid=1559915348540&tt=&kw=&cu=http%253A%252F%252Fwww.maidimile.com%252Fkuplay_238_27304.exe&pu= HTTP/1.1 
Host: ia.51.la
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.maidimile.com/kuplay_238_27304.exe
Cookie: HWWAFSESID=ef2e230136ddb301520; HWWAFSESTIME=1559915346243

                                         
                                         183.131.207.66
HTTP/1.1 200
                                        
Server: HuaweiCloudWAF
Date: Fri, 07 Jun 2019 13:49:08 GMT
Content-Length: 0
Connection: keep-alive


--- Additional Info ---
                                        
                                            GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1176x885&vl=754&et=0&fl=10.0&ja=1&ln=en-us&lo=0&rnd=1951809213&si=bdc72b904f05fd758a055325855bd6bf&v=1.2.51&lv=1&sn=51278&ct=!! HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.maidimile.com/kuplay_238_27304.exe
Cookie: HMACCOUNT=564EB2AF50BA7702

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Fri, 07 Jun 2019 13:49:08 GMT
Pragma: no-cache
Server: apache
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1176x885&vl=754&et=0&fl=10.0&ja=1&ln=en-us&lo=0&rnd=975960958&si=174f9004bf6fda0727b87f07b70a7dfa&v=1.2.51&lv=1&sn=51279&ct=!! HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.maidimile.com/kuplay_238_27304.exe
Cookie: HMACCOUNT=564EB2AF50BA7702

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Fri, 07 Jun 2019 13:49:08 GMT
Pragma: no-cache
Server: apache
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /push.js HTTP/1.1 
Host: push.zhanzhang.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.maidimile.com/kuplay_238_27304.exe

                                         
                                         111.206.37.189
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Date: Fri, 07 Jun 2019 13:49:08 GMT
Etag: "4078520090"
Expires: Sat, 06 Jun 2020 13:49:08 GMT
Last-Modified: Wed, 25 Nov 2015 07:46:13 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=49B0CF799B9920A69EEC419B46B8964D:FG=1; max-age=31536000; expires=Sat, 06-Jun-20 13:49:08 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   227
Md5:    e548b6ce15bb616c2bfba36e9cfbf307
Sha1:   a348285d9928a6548a57569f1fb9d62bdd747f33
Sha256: 7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
                                        
                                            GET /11.0.1.js?0cafbe109ab248eb7be06d7f99c4009f HTTP/1.1 
Host: js.passport.qihucdn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.maidimile.com/kuplay_238_27304.exe

                                         
                                         104.192.110.245
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Date: Fri, 07 Jun 2019 13:49:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 28 Nov 2018 07:43:22 GMT
Cache-Control: max-age=600
Expires: Fri, 07 Jun 2019 13:59:09 GMT
KCS-Via: HIT from w-fc01.lato;HIT from w-sc02.shm
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   115
Md5:    768d7cf546b56c9b427ee220647ec363
Sha1:   3810fcba03235f6742f2022fb4dd8254e9abf8c3
Sha256: 0591558b8416845b0d0065b4ec92b5e4c3fdbf3f7aceec489d67c312aa589d56
                                        
                                            GET /static/ab77b6ea7f3fbf79.js HTTP/1.1 
Host: s6.qhres.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.maidimile.com/kuplay_238_27304.exe

                                         
                                         143.204.51.174
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Content-Length: 478
Connection: keep-alive
Date: Tue, 10 Jul 2018 13:30:09 GMT
X-QSTATIC-HIT: 1
Last-Modified: Mon, 01 Jan 2018 00:00:00 GMT
Etag: W/"8cf237195b9fb7c3"
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, immutable
X-QHCDN: HIT
Expires: Fri, 07 Jul 2028 13:30:09 GMT
Age: 28685940
X-Cache: Hit from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 5sDjTvwFvMhOxg8OJg6cnMiWf_9n_G-xD5zgdLFSwJ4Pkpzsa41a0A==


--- Additional Info ---
Magic:  ASCII text, with very long lines, with no line terminators
Size:   478
Md5:    5dd27f8f2b042194c3cdabd62fd80110
Sha1:   c035036a939799d4c29b9c0f7229ae1953d03109
Sha256: 928131ab2183d971cdbfe2ed1329200212d0021db70574a35c89ae169c0f6e0a
                                        
                                            GET /s.gif?l=http://www.maidimile.com/kuplay_238_27304.exe HTTP/1.1 
Host: api.share.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.maidimile.com/kuplay_238_27304.exe
Cookie: BAIDUID=49B0CF799B9920A69EEC419B46B8964D:FG=1

                                         
                                         111.206.37.189
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 0
Date: Fri, 07 Jun 2019 13:49:09 GMT
Expires: 0
Pragma: no-cache
Server: apache


--- Additional Info ---
                                        
                                            GET /go1?id=19838531&rt=1559915349500&rl=1176*885&lang=en-US&ct=unknow&pf=1&ins=0&vd=2&ce=1&cd=24&ds=%25E9%25A6%2599%25E6%25B8%25AF2018%25E4%25B9%25B0%25E9%25A9%25AC%25E5%25AE%2598%25E6%2596%25B9%25E7%25BD%2591%252C%25E4%25B9%259D%25E9%25BE%2599%25E4%25B9%25B0%25E9%25A9%25AC%25E7%25BD%2591%252C%25E5%25B0%258F%25E9%25A9%25AC%25E5%2593%25A5%25E8%25AE%25BA%25E5%259D%259B%25E5%25BC%2580%25E5%25A5%2596%25E7%25BD%2591%25E4%25B9%25B0%25E9%25A9%25AC%25E4%25B8%2580%25E7%259B%25B4&ing=3&ekc=&sid=1559915346113&tt=404%2520-%2520%25E6%2589%25BE%25E4%25B8%258D%25E5%2588%25B0%25E6%2596%2587%25E4%25BB%25B6%25E6%2588%2596%25E7%259B%25AE%25E5%25BD%2595%25E3%2580%2582&kw=%25E9%25A6%2599%25E6%25B8%25AF2018%25E4%25B9%25B0%25E9%25A9%25AC%25E5%25AE%2598%25E6%2596%25B9%25E7%25BD%2591%252C%25E4%25B9%259D%25E9%25BE%2599%25E4%25B9%25B0%25E9%25A9%25AC%25E7%25BD%2591%252C%25E5%25B0%258F%25E9%25A9%25AC%25E5%2593%25A5%25E8%25AE%25BA%25E5%259D%259B%25E5%25BC%2580%25E5%25A5%2596%25E7%25BD%2591%25E4%25B9%25B0%25E9%25A9%25AC&cu=http%253A%252F%252Fwww.maidimile.com%252Fkuplay_238_27304.exe&pu= HTTP/1.1 
Host: ia.51.la
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.maidimile.com/kuplay_238_27304.exe
Cookie: HWWAFSESID=ef2e230136ddb301520; HWWAFSESTIME=1559915346243

                                         
                                         183.131.207.66
HTTP/1.1 200
                                        
Server: HuaweiCloudWAF
Date: Fri, 07 Jun 2019 13:49:09 GMT
Content-Length: 0
Connection: keep-alive


--- Additional Info ---
                                        
                                            GET /hm.js?174f9004bf6fda0727b87f07b70a7dfa HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.maidimile.com/kuplay_238_27304.exe
Cookie: HMACCOUNT=564EB2AF50BA7702; BAIDUID=49B0CF799B9920A69EEC419B46B8964D:FG=1
If-None-Match: f1ad81af3049afeb295962033ad44523

                                         
                                         103.235.46.191
HTTP/1.1 304 Not Modified
                                        
Cache-Control: max-age=0, must-revalidate
Date: Fri, 07 Jun 2019 13:49:09 GMT
Etag: f1ad81af3049afeb295962033ad44523
Server: apache
Strict-Transport-Security: max-age=172800


--- Additional Info ---
                                        
                                            GET /so/zz.gif?url=http%3A%2F%2Fwww.maidimile.com%2Fkuplay_238_27304.exe&sid=0cafbe109ab248eb7be06d7f99c4009f&token=0ecxaef.b4e0130792a_b823428_eyba HTTP/1.1 
Host: s.360.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.maidimile.com/kuplay_238_27304.exe

                                         
                                         180.163.251.231
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.7.7
Date: Fri, 07 Jun 2019 13:49:09 GMT
Content-Length: 0
Last-Modified: Mon, 23 Jul 2018 07:07:48 GMT
Connection: close
Etag: "5b557ec4-0"
Accept-Ranges: bytes


--- Additional Info ---
                                        
                                            GET /hm.js?bdc72b904f05fd758a055325855bd6bf HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.maidimile.com/kuplay_238_27304.exe
Cookie: HMACCOUNT=564EB2AF50BA7702; BAIDUID=49B0CF799B9920A69EEC419B46B8964D:FG=1
If-None-Match: 0c3f4f1c6205a1bdd70cd32e1c03aefc

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11875
Date: Fri, 07 Jun 2019 13:49:09 GMT
Etag: b26e5ee305faceda153399a39c332838
Server: apache
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  gzip compressed data, from Unix, max speed
Size:   11875
Md5:    d0822dd4f8d7b90b6c3eaf1a8b3aac3b
Sha1:   b254b8647d19de105012bf743e5b862f56ff1b77
Sha256: 5b82b667b8eafdf787a188a322928ec363ec25c5326d8ec8f48012d729f6ed67
                                        
                                            GET /go1?id=19838527&rt=1559915350451&rl=1176*885&lang=en-US&ct=unknow&pf=1&ins=0&vd=2&ce=1&cd=24&ds=%25E9%25A6%2599%25E6%25B8%25AF2018%25E4%25B9%25B0%25E9%25A9%25AC%25E5%25AE%2598%25E6%2596%25B9%25E7%25BD%2591%252C%25E4%25B9%259D%25E9%25BE%2599%25E4%25B9%25B0%25E9%25A9%25AC%25E7%25BD%2591%252C%25E5%25B0%258F%25E9%25A9%25AC%25E5%2593%25A5%25E8%25AE%25BA%25E5%259D%259B%25E5%25BC%2580%25E5%25A5%2596%25E7%25BD%2591%25E4%25B9%25B0%25E9%25A9%25AC%25E4%25B8%2580%25E7%259B%25B4&ing=4&ekc=&sid=1559915348540&tt=404%2520-%2520%25E6%2589%25BE%25E4%25B8%258D%25E5%2588%25B0%25E6%2596%2587%25E4%25BB%25B6%25E6%2588%2596%25E7%259B%25AE%25E5%25BD%2595%25E3%2580%2582&kw=%25E9%25A6%2599%25E6%25B8%25AF2018%25E4%25B9%25B0%25E9%25A9%25AC%25E5%25AE%2598%25E6%2596%25B9%25E7%25BD%2591%252C%25E4%25B9%259D%25E9%25BE%2599%25E4%25B9%25B0%25E9%25A9%25AC%25E7%25BD%2591%252C%25E5%25B0%258F%25E9%25A9%25AC%25E5%2593%25A5%25E8%25AE%25BA%25E5%259D%259B%25E5%25BC%2580%25E5%25A5%2596%25E7%25BD%2591%25E4%25B9%25B0%25E9%25A9%25AC&cu=http%253A%252F%252Fwww.maidimile.com%252Fkuplay_238_27304.exe&pu= HTTP/1.1 
Host: ia.51.la
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://www.maidimile.com/kuplay_238_27304.exe
Cookie: HWWAFSESID=ef2e230136ddb301520; HWWAFSESTIME=1559915346243

                                         
                                         183.131.207.66
HTTP/1.1 200
                                        
Server: HuaweiCloudWAF
Date: Fri, 07 Jun 2019 13:49:10 GMT
Content-Length: 0
Connection: keep-alive


--- Additional Info ---