Overview

URL preukson.com/a/xinwen/xingyexinwen/985.html
IP52.78.124.149
ASN
Location United States
Report completed2019-02-18 17:09:29 CET
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2019-02-18 2 preukson.com/a/xinwen/xingyexinwen/985.html Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 52.78.124.149

Date UQ / IDS / BL URL IP
2019-02-18 16:30:42 +0100
0 - 0 - 1 vxniuniu.com/item/1.html 52.78.124.149
2019-02-18 14:22:02 +0100
0 - 0 - 1 ghtt3.gddixing.com/ 52.78.124.149
2019-02-17 21:12:20 +0100
0 - 0 - 1 m.d7tuan.com/ 52.78.124.149
2019-02-17 16:53:05 +0100
0 - 0 - 1 cswlzx.com/cy/890.html 52.78.124.149
2019-02-16 19:05:16 +0100
0 - 1 - 0 g6series.com/wp-content/plugins/304.exe 52.78.124.149
2019-02-16 17:56:36 +0100
0 - 0 - 1 dadaowl.com/racing/68346.html 52.78.124.149
2019-02-14 05:22:06 +0100
0 - 0 - 1 cl2.qnxzq.com/download/03d2xsavde_20@3489.exe 52.78.124.149
2019-02-12 15:20:13 +0100
0 - 0 - 1 cl2.qnxzq.com/download/linuxdeepin_68@16353.exe 52.78.124.149
2019-02-12 07:13:31 +0100
0 - 0 - 1 cl2.dldhyx.com/download/%C3%A41%E2%81%844%20% (...) 52.78.124.149
2019-02-11 15:58:08 +0100
0 - 0 - 1 mi1998.com/zuixindongtai/33.html 52.78.124.149

Last 10 reports on ASN:

Date UQ / IDS / BL URL IP
2019-06-20 04:00:29 +0200
0 - 0 - 0 rsvpeople.space/jpworldofwarships/1972/index. (...) 138.68.244.123
2019-06-20 03:58:52 +0200
0 - 0 - 0 https://qiita.com/playontv2349/items/bb7228c5 (...) 13.114.115.169
2019-06-20 03:57:45 +0200
0 - 0 - 0 https://www.ana-white.com/community-projects/ (...) 52.42.61.250
2019-06-20 03:55:41 +0200
0 - 0 - 0 dropbox.com 162.125.248.1
2019-06-20 03:51:43 +0200
0 - 0 - 0 https://www.spreaker.com/show/mexico-vs-canad (...) 52.51.101.146
2019-06-20 03:50:36 +0200
0 - 0 - 0 https://www.spreaker.com/show/3579752 52.51.101.146
2019-06-20 03:39:32 +0200
0 - 0 - 0 https://coderwall.com/p/ogfpkq/the-handmaid-s (...) 34.224.236.142
2019-06-20 03:38:57 +0200
0 - 0 - 0 https://www.plumslice.com 34.205.208.52
2019-06-20 03:33:10 +0200
0 - 0 - 0 piratebay.com 3.213.64.73
2019-06-20 03:32:29 +0200
0 - 0 - 0 https://qiita.com/interesting/items/ffe197226 (...) 13.113.76.47

No other reports on domain: preukson.com



JavaScript

Executed Scripts (19)


Executed Evals (1)

#1 JavaScript::Eval (size: 446, repeated: 1) - SHA256: d2db2246b0358ff2e8c8efd278dcca849ffb023e92d3d5a8a7368f229e6655ed

                                        var a, b, c, d, e;
a = [112, 112, 114, 98, 108, 116, 116, 110, 106, 106, 121];
b = a.map(j).map(i).join("");
c = String.fromCharCode(95);
d = String.fromCharCode(45);
e = b.replace(c, d);
f = [104, 116, 116, 112, 58, 47, 47, 99, 108, 111, 117, 100, 99, 100, 110, 46, 100, 111, 112, 97, 46, 99, 111, 109, 47, 105, 109, 103, 47, 49, 56, 51, 54, 47];
g = [46, 112, 110, 103];
h = f.map(i).join("") + e + g.map(i).join("");
document.getElementById(b).children[0].removeAttribute("src");
document.getElementById(b).children[0].src = h
                                    

Executed Writes (4)

#1 JavaScript::Write (size: 48, repeated: 1) - SHA256: b3349d5b9fba20b34b83c3dc208663c949e1f86fecdaef40e5401ff7bd8c3853

                                        < div id = "_31vmb7twlyq"
style = "width:100%" > < /div>
                                    

#2 JavaScript::Write (size: 120, repeated: 1) - SHA256: 093a8dbae83360a01e1845458a38c0eb408a9dd1b9ecb1effbe59284d7a524ca

                                        < script src = 'http://c.cnzz.com/core.php?web_id=1262101851&show=pic&t=z'
charset = 'utf-8'
type = 'text/javascript' > < /script>
                                    

#3 JavaScript::Write (size: 161, repeated: 1) - SHA256: 25aea139e2b73160f7a6957d20b86d9b387ad7dc70acd402de6f8b9875453bdf

                                        < span class = "buy" > < a target = "_blank"
class = "buy"
href = "http://www.xinnet.com"
style = "text-decoration:none;" > �����0� T���� F� 9 < /a></span >
                                    

#4 JavaScript::Write (size: 145, repeated: 1) - SHA256: 4c49eaa42019ae1b00fba3d9a6bda6bf3f9b148f2fb6e0841f072d6a155cfd19

                                        < span id = 'cnzz_stat_icon_1262101851' > < /span><script src=' http:/ / s22.cnzz.com / z_stat.php ? id = 1262101851 & show = pic ' type='
text / javascript '></script>
                                    


HTTP Transactions (27)


Request Response
                                        
                                            GET /a/xinwen/xingyexinwen/985.html HTTP/1.1 
Host: preukson.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         52.78.124.149
HTTP/1.1 404 Not Found
Content-Type: text/html;charset=utf-8
                                        
Server: nginx/yumi@404
Date: Mon, 18 Feb 2019 16:08:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.3
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   404
Md5:    6dab8b0bfa1914286972b7afa7e7ffdc
Sha1:   d46681e3b91c5fe5e27a5dec9c2658e86eb0e0d6
Sha256: 8a78637d6f5b0d46762f1b937d9822e04e304a87d63a193f59d68dd68e5870d0

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: preukson.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         52.78.124.149
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx/yumi@404
Date: Mon, 18 Feb 2019 16:08:57 GMT
Content-Length: 824
Last-Modified: Mon, 21 May 2018 09:40:46 GMT
Connection: keep-alive
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PC bitmap, Windows 3.x format, 16 x 16 x 24
Size:   824
Md5:    372f7464617155cf179b2fd79552745c
Sha1:   be5f29eb0c80ca04b7377809266b574920dbaad2
Sha256: 39662edca941e4f14a7f9261fe1ddae08346b773883de02954b1a1059c669be5
                                        
                                            GET /?dm=preukson.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB&poprequest=1 HTTP/1.1 
Host: 597.ok365.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         183.134.218.69
HTTP/1.1 200 OK
Content-Type: text/html;charset=utf-8
                                        
Server: Tengine/1.4.2
Date: Mon, 18 Feb 2019 16:08:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.3.10
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   3279
Md5:    ce14dfd438420783730ae067eabfc445
Sha1:   aa53549ea3fa6e2320ab5861869a4e0335a74a6a
Sha256: b9b342c83093a5fae462e8e479ce7ae1f9c6b202bdadcd651ccb2a6a8513f624
                                        
                                            GET /css/t_834_20171103.css?201712042 HTTP/1.1 
Host: a1.dnbizcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://597.ok365.com.cn/?dm=preukson.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB&poprequest=1

                                         
                                         50.117.125.244
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: Tengine/1.4.2
Date: Mon, 18 Feb 2019 16:08:58 GMT
Last-Modified: Thu, 15 Mar 2018 01:43:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   3354
Md5:    18fb1cd097d83f588d7bc6aa17a08a0d
Sha1:   312d7a4ad0d5b7f87efcc84b4d42355ed2b5950e
Sha256: be4d9fa8ca2449801be7ce71b6d225df69e8aeb0ef9de9e73d51a9bd00b2bb88
                                        
                                            GET /img/favicon_dopa.ico HTTP/1.1 
Host: a1.dnbizcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         50.117.125.244
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: Tengine/1.4.2
Date: Mon, 18 Feb 2019 16:08:58 GMT
Content-Length: 824
Last-Modified: Fri, 04 May 2018 09:53:13 GMT
Connection: keep-alive
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PC bitmap, Windows 3.x format, 16 x 16 x 24
Size:   824
Md5:    372f7464617155cf179b2fd79552745c
Sha1:   be5f29eb0c80ca04b7377809266b574920dbaad2
Sha256: 39662edca941e4f14a7f9261fe1ddae08346b773883de02954b1a1059c669be5
                                        
                                            GET /img/1834/logo_dopa.jpg HTTP/1.1 
Host: a1.dnbizcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://597.ok365.com.cn/?dm=preukson.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB&poprequest=1

                                         
                                         50.117.125.244
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: Tengine/1.4.2
Date: Mon, 18 Feb 2019 16:08:58 GMT
Content-Length: 7445
Last-Modified: Fri, 17 Nov 2017 03:16:16 GMT
Connection: keep-alive
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, EXIF standard
Size:   7445
Md5:    620cfeb8bc0361990eb6da6b2a10697a
Sha1:   8fcf964519ad0d02ac67219b69424334021cc49f
Sha256: dd4e9c311fe30d9aebb0965007420b6e34d42b6e9bb5333a956d1f0b6fc4e384
                                        
                                            GET /js/b/caf.js HTTP/1.1 
Host: a1.dnbizcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://597.ok365.com.cn/?dm=preukson.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB&poprequest=1

                                         
                                         50.117.125.244
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: Tengine/1.4.2
Date: Mon, 18 Feb 2019 16:08:58 GMT
Last-Modified: Fri, 07 Dec 2018 05:15:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   3278
Md5:    5da6cb13b1cbd2e9f3cbb69cc876b186
Sha1:   7dc44282d309b37a6cbcea7f5ecbd85d459bca63
Sha256: 3cbd035f11fa9163ce86bebcaf26e164f5ad64b5f523fc2bc95dcce68db012d7
                                        
                                            POST /gsorganizationvalsha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 111
Content-Type: application/ocsp-request

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Mon, 18 Feb 2019 16:08:58 GMT
Content-Length: 1570
Connection: keep-alive
Set-Cookie: __cfduid=d5a20268f12118f4bbada607b74ee93bf1550506138; expires=Tue, 18-Feb-20 16:08:58 GMT; path=/; domain=.globalsign.com; HttpOnly
Last-Modified: Mon, 18 Feb 2019 15:01:55 GMT
Expires: Fri, 22 Feb 2019 15:01:55 GMT
Etag: "34c1c5874371804a693f5f6db8b8fdec4851552c"
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 4ab1c1667a3f4285-OSL


--- Additional Info ---
Magic:  data
Size:   1570
Md5:    c64a5cf83a6524e24fb64e23d5523789
Sha1:   34c1c5874371804a693f5f6db8b8fdec4851552c
Sha256: c43142d21455451f21736e3edbf1c142ab50bb1e6b59d47a03678ae5cd09406e
                                        
                                            GET /js/baidu.js?t=201712071 HTTP/1.1 
Host: a1.dnbizcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://597.ok365.com.cn/?dm=preukson.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB&poprequest=1

                                         
                                         50.117.125.244
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: Tengine/1.4.2
Date: Mon, 18 Feb 2019 16:08:58 GMT
Last-Modified: Thu, 07 Dec 2017 01:04:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1336
Md5:    f0c3a438234bbf4a3ea814012f31d829
Sha1:   eeeea0cb3b863ba201350a5766767bf79bee4241
Sha256: b02150926b8446f8fecd8cb9cf1d455f12c63d0adb988da464bed8ec44acd66e
                                        
                                            GET /5bVWsj_p_tVS5dKfpU_Y_D3/res/r/image/2017-09-26/352f1d243122cf52462a2e6cdcb5ed6d.png HTTP/1.1 
Host: gss0.bdstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://597.ok365.com.cn/?dm=preukson.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB&poprequest=1

                                         
                                         104.193.90.89
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: JSP3/2.0.14
Date: Mon, 18 Feb 2019 16:08:58 GMT
Content-Length: 5718
Connection: keep-alive
Etag: "3c3a1818d726afe0cf4eb341833281e0"
Last-Modified: Mon, 16 Apr 2018 06:04:40 GMT
Expires: Tue, 19 Feb 2019 21:03:59 GMT
Age: 155096
Accept-Ranges: bytes
Cache-Control: max-age=259200
Content-MD5: PDoYGNcmr+DPTrNBgzKB4A==
x-bce-content-crc32: 0
x-bce-debug-id: pfz/v52G7CCM1fcM/GkDlV+qy7PSWfzUrUC4mt9Ww+DmL/vQGapXCwuZVP7zjdTHma8tLUfA101Ek83095m+aw==
x-bce-request-id: 846bde44-0927-4c10-bfd1-6f8b18889845
x-bce-storage-class: STANDARD
Ohc-File-Size: 5718
Timing-Allow-Origin: *
Ohc-Response-Time: 1 0 0 0 0 0


--- Additional Info ---
Magic:  PNG image, 256 x 84, 8-bit/color RGBA, interlaced
Size:   5718
Md5:    3c3a1818d726afe0cf4eb341833281e0
Sha1:   45ffad4ad9b894feb0df3faa75421611fa047872
Sha256: 839ee4f84ddcc97560075a125df8fc8e450bf2ab2915e06aece76e3a4fda40a2
                                        
                                            GET /rd.121.com/js/jquery-1.7.2.min.js HTTP/1.1 
Host: a1.dnbizcdn.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://597.ok365.com.cn/?dm=preukson.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB&poprequest=1

                                         
                                         50.117.125.244
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: Tengine/1.4.2
Date: Mon, 18 Feb 2019 16:08:58 GMT
Last-Modified: Fri, 05 Jun 2015 06:29:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   37730
Md5:    ec191a7d8c00acc3e5a6f623b7ee66cf
Sha1:   82ec937cbc22ea7e204d654dc5b5d3a270257ea1
Sha256: 60731c5d515d65f19d3c5802b46a275940e1058dcf310f75bc13c1ea79997fe6
                                        
                                            GET /ezriryywocgorvwy.js HTTP/1.1 
Host: bd1.dopa.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://597.ok365.com.cn/?dm=preukson.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB&poprequest=1

                                         
                                         115.231.186.131
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
                                        
Date: Mon, 18 Feb 2019 16:08:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=3600
Expires: Mon, 18 Feb 2019 17:08:58 GMT
Last-Modified: Tue, 29 Jan 2019 09:52:29 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Set-Cookie: BAIDUID=0A0656215C5C8A1F3FF499FF9971C1C7:FG=1; expires=Thu, 30-Jan-20 01:36:29 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
Server: yunjiasu-nginx
YJS-CacheStatus: HIT
YJS-ID: 7782cf0c835c2b6e-111
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1185
Md5:    453325e109e78c599417e3d4220a2843
Sha1:   5f9c7d917ff6c2f0634301ace9ddbecc8c909105
Sha256: 7acc20a36247620fdbc0f74535f05674edf125e87d0b64a0dd32dccd87de0973
                                        
                                            GET /tracking.php?q=A4YpTvlwHnYnN403zKkca7z20jXlBVop34EL-PNe6iJEeH9vQ_hVbOWP3-4I9x-2xbveTAHZeJSmLk-vmkuZg8_QGBN5iOn2t2R5UKVZRUMAJ7oagmnPfxOw-uerhdqorjPXwL40XVsFInlYfBYfFmyNG4q4ytzSr__xH9R1otkXAsvnWPOrFzzB5vgujzPPdELX1qqIsiHZhHX4oZGiAr7QWDrUbmkyDBYLG4PbfOiCUaoHD3SXei7TAE-P3mEjNfMOQTZtFRv6XXH0AZxGaQ1LfvOMrDv1XZJVovxiuuoS_-q0CpR1dyApSm4Canv0qYevPFI9VFep3grqGMDpTS_jK9v9YADgeQcQGu3IIgTJkixNbLNsA1eVPx9YshzXvzFJh0yhkZKEqJT1RcYX2vzD4cmbERgnLIsrGPrCiaNMgyCDEV0nv74RPnZbb5w_FmtFTL4sWRDkPRuMhZLQIOjY9KD1se6rOg1Ipyg3YvK_O0uomq7qgnSBal0gHnWJCpR32rMHjc4MOnHPQR8WwRlavKqi1EeXsc3Od1CLRusPng24_KHsgZpooRD5IU4vfmnsR-RgVZYUjW5jXxfe2q7Uz1nPYMUGNc8kBtiYceXyOUDKJV_QCR48Sgh-CtOsN-r0KRepPFPlfYjxFYMoulSMD4-ER4-wMx-ozIXxl-X0NzR34qiPDTFZlHmONx_4t3c2auYaEpZaEMmhRuZAAbhHcB3fLIyMWXLGa3kQnJ5cc5qNhMBKp-1bIYEb4ag_&p=121&oc=true&ac=0,12&kc=0,10&sw=1176&sh=885&if=false&ia=false&nr=false&tz=-60&ck=&req_url=http%3A%2F%2F597.ok365.com.cn%2F%3Fdm%3Dpreukson.com%26acc%3D96F52E2F-2CB3-468B-900C-1A4B76552CAB%26poprequest%3D1&method=index&mm=false HTTP/1.1 
Host: 597.ok365.com.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://597.ok365.com.cn/?dm=preukson.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB&poprequest=1

                                         
                                         183.134.218.69
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: Tengine/1.4.2
Date: Mon, 18 Feb 2019 16:08:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.3.10
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   20
Md5:    7029066c27ac6f5ef18d660d5741979a
Sha1:   46c6643f07aa7f6bfe7118de926b86defc5087c4
Sha256: 59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
                                        
                                            GET /z_stat.php?id=1262101851&show=pic HTTP/1.1 
Host: s22.cnzz.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://597.ok365.com.cn/?dm=preukson.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB&poprequest=1

                                         
                                         118.123.241.231
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: Tengine
Content-Length: 4039
Connection: keep-alive
Date: Mon, 18 Feb 2019 15:03:12 GMT
Vary: Accept-Encoding
X-Powered-By: PHP/5.5.25
Last-Modified: Mon, 18 Feb 2019 15:03:12 GMT
Cache-Control: max-age=5400,s-maxage=5400
Content-Encoding: gzip
Ali-Swift-Global-Savetime: 1550502192
Via: cache41.l2eu95-1[0,200-0,H], cache14.l2eu95-1[1,0], kunlun3.cn1435[0,200-0,H], kunlun1.cn1435[1,0]
Age: 3947
X-Cache: HIT TCP_MEM_HIT dirn:10:216343105
X-Swift-SaveTime: Mon, 18 Feb 2019 15:05:28 GMT
X-Swift-CacheTime: 5264
Timing-Allow-Origin: *
EagleId: 767bf19515505061395761906e


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   4039
Md5:    de5187f38075da1949933314e7aee67a
Sha1:   90dd26c1cd5a5b37bcddf8f30591f0e601c0d2d1
Sha256: 17354902907a77f01446f48a1fa30441bbcf10d0e1c0e0b8340d70422787e6c3
                                        
                                            GET /core.php?web_id=1262101851&show=pic&t=z HTTP/1.1 
Host: c.cnzz.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://597.ok365.com.cn/?dm=preukson.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB&poprequest=1

                                         
                                         118.123.241.231
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: Tengine
Content-Length: 629
Connection: keep-alive
Date: Mon, 18 Feb 2019 16:00:38 GMT
Vary: Accept-Encoding
X-Powered-By: PHP/5.5.25
Last-Modified: Mon, 18 Feb 2019 16:00:38 GMT
Expires: Mon, 18 Feb 2019 16:15:38 GMT
Content-Encoding: gzip
Ali-Swift-Global-Savetime: 1550505638
Via: cache43.l2eu95-1[0,200-0,H], cache34.l2eu95-1[5,0], kunlun6.cn1435[0,200-0,H], kunlun8.cn1435[1,0]
Age: 502
X-Cache: HIT TCP_MEM_HIT dirn:-2:-2
X-Swift-SaveTime: Mon, 18 Feb 2019 16:00:55 GMT
X-Swift-CacheTime: 883
Timing-Allow-Origin: *
EagleId: 767bf19c15505061401361254e


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   629
Md5:    a561d4f59f1b6abb973579857ceb701d
Sha1:   2e4883873ceeecb320f1a98476f739709f94f505
Sha256: 827ef8aa5e47c9939610cbb6bde5012aff88fc63b22f001616c66369ae1cf6ba
                                        
                                            GET /stat.htm?id=1262101851&r=&lg=en-us&ntime=none&cnzz_eid=2046128803-1550502192-&showp=1176x885&t=preukson.com&umuuid=169015e203b29-08a16da21b34cb8-6c242d76-fe178-169015e203c5c&h=1&rnd=1471547608 HTTP/1.1 
Host: z1.cnzz.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://597.ok365.com.cn/?dm=preukson.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB&poprequest=1

                                         
                                         203.119.128.195
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: Tengine
Date: Mon, 18 Feb 2019 16:09:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   22
Md5:    8bd3e739a9ba80a435f0214811da0c2a
Sha1:   bfc17d1e04e56542eb8037f08ed142efd252ea82
Sha256: a2dd5774b01bbfc29140279e02fea087df42a4c257dce8858226737a2e521986
                                        
                                            GET /9.gif?abc=1&rnd=1824708647 HTTP/1.1 
Host: cnzz.mmstat.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://597.ok365.com.cn/?dm=preukson.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB&poprequest=1

                                         
                                         198.11.132.221
HTTP/1.1 302 Found
Content-Type: image/gif
                                        
Date: Mon, 18 Feb 2019 16:09:02 GMT
Content-Length: 43
Connection: close
P3p: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
Set-Cookie: cna=nsbxFHFB0jICAU0ogXtTaLt2; expires=Thu, 15-Feb-29 16:09:02 GMT; path=/; domain=.mmstat.com sca=b5917ee4; path=/; domain=.cnzz.mmstat.com atpsida=990c184df6cf872622020b61_1550506142_1; path=/; domain=.cnzz.mmstat.com
Location: http://pcookie.cnzz.com/app.gif?&cna=nsbxFHFB0jICAU0ogXtTaLt2
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Pragma: no-cache


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /lfjnxv.js HTTP/1.1 
Host: bd1.dopa.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://597.ok365.com.cn/?dm=preukson.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB&poprequest=1

                                         
                                         115.231.186.131
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
                                        
Date: Mon, 18 Feb 2019 16:09:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=3600
Expires: Mon, 18 Feb 2019 17:09:01 GMT
Last-Modified: Tue, 29 Jan 2019 09:52:29 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Set-Cookie: BAIDUID=FED63F68FF2214A7433AC986781E1FFA:FG=1; expires=Thu, 30-Jan-20 01:17:15 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
Server: yunjiasu-nginx
YJS-CacheStatus: HIT
YJS-ID: 7782cf2a80a52b6e-111
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   21132
Md5:    cdebbf12380ebc9237e6be30f55690d8
Sha1:   32b23c31fb7db1586faf91c9d987bdd75f84893d
Sha256: e16004a8d133d639dc9a26c08fbb51f865aafc03b388b148943826159da1bb9a
                                        
                                            GET /rs.jpg?type=pvLog&date=1550506143304stamp=0.8887110308560063 HTTP/1.1 
Host: eclick.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://597.ok365.com.cn/?dm=preukson.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB&poprequest=1

                                         
                                         111.202.114.81
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Accept-Ranges: bytes
Cache-Control: max-age=0
Connection: keep-alive
Content-Length: 0
Date: Mon, 18 Feb 2019 16:09:03 GMT
Etag: "5c64f8b3-0"
Expires: Mon, 18 Feb 2019 16:09:03 GMT
Last-Modified: Thu, 14 Feb 2019 05:12:19 GMT
Server: nginx


--- Additional Info ---
                                        
                                            GET /cpro/ui/pr.js HTTP/1.1 
Host: cpro.baidustatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://597.ok365.com.cn/?dm=preukson.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB&poprequest=1

                                         
                                         61.163.171.34
HTTP/1.1 200 OK
Content-Type: application/x-javascript
                                        
Server: JSP3/2.0.14
Date: Mon, 18 Feb 2019 16:09:03 GMT
Content-Length: 190
Connection: keep-alive
Etag: "5c64f8a8-be"
Last-Modified: Thu, 14 Feb 2019 05:12:08 GMT
Expires: Mon, 18 Feb 2019 16:51:47 GMT
Age: 1036
Accept-Ranges: bytes
Cache-Control: max-age=3600
Content-Encoding: gzip
Ohc-Response-Time: 1 0 0 0 0 0


--- Additional Info ---
Magic:  gzip compressed data, was "pr.js", from Unix, last modified: Thu Aug 30 05:35:59 2018
Size:   190
Md5:    68da3747190e85824325fa9e568045f3
Sha1:   9900b6c085de50e8280d04b4326508aaf0305743
Sha256: 3247f71eb86f935016c2db39834274d7b5260aa440cd1a9a73a5c1948dfabb45
                                        
                                            GET /s?hei=80&wid=640&di=u3136652&ltu=http%3A%2F%2F597.ok365.com.cn%2F%3Fdm%3Dpreukson.com%26acc%3D96F52E2F-2CB3-468B-900C-1A4B76552CAB%26poprequest%3D1&psi=4de44d68e331a3f6af29bae1a4a01bb3&chi=1&dis=0&exps=111000,110010&cfv=10&cmi=92&cdo=-1&dai=1&par=1176x855&ti=preukson.com&tpr=1550506143294&cpl=10&ant=0&cce=true&drs=3&tcn=1550506143&pis=-1x-1&dtm=HTML_POST&ps=71x330&dri=0&cja=true&ccd=24&pss=1222x737&dc=3&pcs=1176x737&psr=1176x885&tlm=1550506138&cec=UTF-8&ari=2&col=en-US HTTP/1.1 
Host: pos.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://597.ok365.com.cn/?dm=preukson.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB&poprequest=1

                                         
                                         115.239.210.141
HTTP/1.1 200 OK
Content-Type: text/html;charset=UTF-8
                                        
Cache-Control: post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 5949
Date: Mon, 18 Feb 2019 16:09:03 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Tue Feb 19 00:09:03 2019
P3p: CP=" OTI DSP COR IVA OUR IND COM ", CP=" OTI DSP COR IVA OUR IND COM "
Pragma: no-cache
Server: nginx
Set-Cookie: BAIDUID=DA69A06D3E8BD303DFAF4FBB5B400171:FG=1; expires=Tue, 18-Feb-50 16:09:03 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
X-Xss-Protection: 0


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   5949
Md5:    2213f6225385788f412914049bd25877
Sha1:   022e791408f5a4c09259c61b060db5e9234fe4c1
Sha256: bd99e931fa2020fa55aace07ff98e8aa746d1a8fafb34caba2c93ffd79e2494f
                                        
                                            GET /app.gif?&cna=nsbxFHFB0jICAU0ogXtTaLt2 HTTP/1.1 
Host: pcookie.cnzz.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://597.ok365.com.cn/?dm=preukson.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB&poprequest=1

                                         
                                         106.11.94.21
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Mon, 18 Feb 2019 16:09:04 GMT
Content-Length: 43
Connection: close
P3p: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
Set-Cookie: cna=nsbxFHFB0jICAU0ogXtTaLt2; expires=Thu, 15-Feb-29 16:09:04 GMT; path=/; domain=.cnzz.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Pragma: no-cache


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /rs.jpg?type=newTwiceCheck&key=prLoad&date=1550506143901stamp=0.24892164711959208 HTTP/1.1 
Host: eclick.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://597.ok365.com.cn/?dm=preukson.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB&poprequest=1

                                         
                                         111.202.114.81
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Accept-Ranges: bytes
Cache-Control: max-age=0
Connection: keep-alive
Content-Length: 0
Date: Mon, 18 Feb 2019 16:09:04 GMT
Etag: "5c64f8b3-0"
Expires: Mon, 18 Feb 2019 16:09:04 GMT
Last-Modified: Thu, 14 Feb 2019 05:12:19 GMT
Server: nginx


--- Additional Info ---
                                        
                                            GET /adx.php?c=d25pZD0yODUwYTUxODgwMmU2NDVjAHM9Mjg1MGE1MTg4MDJlNjQ1YwB0PTE1NTA1MDYxNDMAc2U9MQBidT00AHByaWNlPVhHcllud0FMYmcxN2pFcGdXNUlBOHJyRmVfbFhIYXZWV05NUldnAGNoYXJnZV9wcmljZT0yMgBzaGFyaW5nX3ByaWNlPTIyMDAwAHdpbl9kc3A9NABjaG1kPTEAYmRpZD0AY3Byb2lkPQB3ZD0wAHR1PXUzMTM2NjUyAGFkY2xhc3M9MABzcmN0PTAAcG9zPTAAYmNobWQ9MAB2PTEAaT03ODI0MjZhNQ HTTP/1.1 
Host: wn.pos.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://pos.baidu.com/s?hei=80&wid=640&di=u3136652&ltu=http%3A%2F%2F597.ok365.com.cn%2F%3Fdm%3Dpreukson.com%26acc%3D96F52E2F-2CB3-468B-900C-1A4B76552CAB%26poprequest%3D1&psi=4de44d68e331a3f6af29bae1a4a01bb3&chi=1&dis=0&exps=111000,110010&cfv=10&cmi=92&cdo=-1&dai=1&par=1176x855&ti=preukson.com&tpr=1550506143294&cpl=10&ant=0&cce=true&drs=3&tcn=1550506143&pis=-1x-1&dtm=HTML_POST&ps=71x330&dri=0&cja=true&ccd=24&pss=1222x737&dc=3&pcs=1176x737&psr=1176x885&tlm=1550506138&cec=UTF-8&ari=2&col=en-US
Cookie: BAIDUID=DA69A06D3E8BD303DFAF4FBB5B400171:FG=1

                                         
                                         106.39.162.36
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Connection: keep-alive
Content-Length: 49
Date: Mon, 18 Feb 2019 16:09:04 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Server: nginx


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   49
Md5:    ed280a0ea3cc38f3cbbc747acfbef47d
Sha1:   6bdcb32ee75e957a5085c010f4dfd0c716bfdadc
Sha256: 8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
                                        
                                            GET /rs.jpg?type=newTwiceCheck&key=setTimeout&date=1550506144100stamp=0.287638481836757 HTTP/1.1 
Host: eclick.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://597.ok365.com.cn/?dm=preukson.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB&poprequest=1
Cookie: BAIDUID=DA69A06D3E8BD303DFAF4FBB5B400171:FG=1

                                         
                                         111.202.114.81
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Accept-Ranges: bytes
Cache-Control: max-age=0
Connection: keep-alive
Content-Length: 0
Date: Mon, 18 Feb 2019 16:09:04 GMT
Etag: "5c64f8b3-0"
Expires: Mon, 18 Feb 2019 16:09:04 GMT
Last-Modified: Thu, 14 Feb 2019 05:12:19 GMT
Server: nginx


--- Additional Info ---
                                        
                                            GET /img/pic.gif HTTP/1.1 
Host: icon.cnzz.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://597.ok365.com.cn/?dm=preukson.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB&poprequest=1

                                         
                                         0.0.0.0
                                        


--- Additional Info ---
                                        
                                            GET /img/pic.gif HTTP/1.1 
Host: icon.cnzz.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://597.ok365.com.cn/?dm=preukson.com&acc=96F52E2F-2CB3-468B-900C-1A4B76552CAB&poprequest=1

                                         
                                         112.25.59.100
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: Tengine
Content-Length: 719
Connection: keep-alive
Date: Mon, 18 Feb 2019 09:08:34 GMT
Last-Modified: Fri, 16 Jan 2009 08:10:47 GMT
Expires: Tue, 19 Feb 2019 09:08:34 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
Ali-Swift-Global-Savetime: 1550480914
Via: cache5.l2cn104[41,200-0,C], cache40.l2cn104[29,0], kunlun1.cn171[0,200-0,H], kunlun8.cn171[1,0]
Age: 25248
X-Cache: HIT TCP_MEM_HIT dirn:10:473245398
X-Swift-SaveTime: Mon, 18 Feb 2019 09:08:34 GMT
X-Swift-CacheTime: 86400
Timing-Allow-Origin: *
EagleId: ddb5c89f15505061621168095e


--- Additional Info ---
Magic:  GIF image data, version 89a, 50 x 12
Size:   719
Md5:    bcdd9aa92c5876f207f70567d101a896
Sha1:   786c52002f857fcbff04a5781ec35792be11af4a
Sha256: 98a4ab97e12555ab969012d151a578dae7a3b8699d202485fcf8116e55497735