Gen.Variant.Mikey.34444_04ad700e3a

by malwarelabrobot on June 5th, 2016 in Malware Descriptions.

Gen:Variant.Mikey.34444 (B) (Emsisoft), Gen:Variant.Mikey.34444 (AdAware), Trojan-PSW.Win32.MSNPassword.FD, Trojan.Win32.FlyStudio.FD, TrojanFlyStudio.YR (Lavasoft MAS)
Behaviour: Trojan-PSW, Trojan


The description has been automatically generated by Lavasoft Malware Analysis System and it may contain incomplete or inaccurate information.

Requires JavaScript enabled!

Summary
Dynamic Analysis
Static Analysis
Network Activity
Map
Strings from Dumps
Removals

MD5: 04ad700e3a44ca7c59d6eafb5205c847
SHA1: e1f81811143aa923642da0492e84bef9f3216deb
SHA256: 143079948f96f881a9958e05903b762a31ee8d4249ccecb5b61265f750f7f8a8
SSDeep: 98304:2Nh2e0nFrgsV87TcmWYcmW4PxDsGNIHcmWDcmWZ:rnn9GTDNDl2bHD DC
Size: 4911104 bytes
File type: EXE
Platform: WIN32
Entropy: Not Packed
PEID: UPolyXv05_v6, MicrosoftVisualC, MicrosoftVisualCv50v60MFC, MicrosoftVisualC50, Armadillov171
Company: no certificate found
Created at: 2015-07-15 08:18:22
Analyzed on: WindowsXP SP3 32-bit


Summary:

Trojan-PSW. Trojan program intended for stealing users passwords.

Payload

No specific payload has been found.

Process activity

The Trojan creates the following process(es):

%original file name%.exe:632

The Trojan injects its code into the following process(es):

lore.exe:484
adlll.exe:224

Mutexes

The following mutexes were created/opened:
No objects were found.

File activity

The process lore.exe:484 makes changes in the file system.
The Trojan creates and/or writes to the following file(s):

%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\d7wtWVZErbEAAAAAAAAuj2mMZr0392[1].jpg (392 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\tanx[1].gif (43 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\NjM0YWQxNGQtOWIzNy00Yjg1LWI4MjMtZGNmOWJlZTM4ZDU1[1].jpg (7254 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\CA09UJ49.gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\1501809610_1465004462[1].jpg (4548 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\headfoot.mix[1].css (5 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\j[1].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\j[14].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\72578111[1].htm (1 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\CAMJWHAJ.gif (35 bytes)
%Documents and Settings%\%current user%\UserData\YJM90VAL\www.yy[1].xml (2170 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\1391682584[1].htm (39336 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\1391682584[1].htm (21156 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\defaultScene[1].swf (7730 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\CANF59GE.gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\j[13].gif (35 bytes)
%Documents and Settings%\%current user%\Cookies\[email protected][1].txt (187 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\MGFhN2YyZTEtZWM1YS00MWJiLWFkZjAtNWYyYTExZDQzNTg0[1].jpg (6172 bytes)
%Documents and Settings%\%current user%\Cookies\[email protected][2].txt (942 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\CAIYBNDS.gif (35 bytes)
%Documents and Settings%\%current user%\Cookies\Current_User@tanx[2].txt (163 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\tz0M9Vahn78AAAAAAABHwm5wG-M269[1].jpg (776 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\studio[1].css (34225 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\yy[1].htm (2241 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\hm[3].js (363 bytes)
%Documents and Settings%\%current user%\Cookies\Current_User@mmstat[2].txt (168 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\j[12].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\user[3].gif (43 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\j[20].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\CAYV81I1.gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\j[3].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\j[9].gif (35 bytes)
%Documents and Settings%\%current user%\Cookies\[email protected][2].txt (184 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\core[1].htm (52522 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\w-head-sprite[1].png (5 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\yy[1] (720 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\duowan[1].js (1681 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\hm[2].js (1370 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\login-close[1].png (1 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\udb.sdk.getmm.min[1].js (1 bytes)
%Documents and Settings%\%current user%\Cookies\[email protected][1].txt (184 bytes)
%Documents and Settings%\%current user%\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sxx (547 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\user[6].gif (43 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\CASXWV8F.gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\icons-index[1].png (7 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\CAMNW3JS.gif (35 bytes)
%Documents and Settings%\%current user%\Cookies\index.dat (29204 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\72578111[2].htm (1 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\ZTE4NDIzY2MtZDA5OS00YjQzLWI2NGUtMzBmODc3M2ZmMzQz[1].jpg (20881 bytes)
%Documents and Settings%\%current user%\Cookies\Current_User@yy[1].txt (3048 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\CAAZ05I3.gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\1391682584[2].htm (7791 bytes)
%Documents and Settings%\%current user%\Application Data\Macromedia\Flash Player\#SharedObjects\QEA5Z3QJ\c2.web.yystatic.com\r\rc\yycomscene\main\1\11\main.swf\main_guest_sobj.sxx (484 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\liveCard[2].swf (5559 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\main[2].swf (608 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\hm[3].js (1243 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\hm[2].js (3 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\udb.sdk.pcweb.embed.min[1].js (1228 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\StatisticsAction[2].json (84 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\detail[1] (145 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\j[7].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\require[1].js (5 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\w-liveplayer-sprite[1].png (6 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\72578111[4].htm (1 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\72578111[3].htm (1 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\icons-leftMenu2[1].png (3 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\72578111[2].htm (1 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\CATRZ9O8.gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\d7wtWVZMVGYAAAAAAAAsUBB5Ylo338[1].jpg (392 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\j[2].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\w-liveplayerToolBar-sprite[1].png (392 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\72578111[1] (1846 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\CAQPZDGK.gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\2wm[1].png (392 bytes)
%Documents and Settings%\%current user%\Cookies\Current_User@mmstat[1].txt (168 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\alpha-bg[1].png (1 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\loading-white-mini[1].gif (392 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\72578111[1] (791 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\OWJjZjY1NjYtY2U4OS00NzkwLTg4M2MtM2QxNjY2ODkyMWQx[1].jpg (7658 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\j[9].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\j[12].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\j[2].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\j[21].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\headfoot.mix[1].js (392 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\72578111[1].htm (1 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\StatisticsAction[3].json (84 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\yy[1].htm (1573 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\72578111[5].htm (1 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\j[11].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\CAZA9C1X.gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\j[15].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\user[7].gif (43 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\default_load[1].png (4 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\tz0M9VahqFgAAAAAAAAk6C0I27c747[1].jpg (1870 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\j[11].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\j[5].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\yy[1] (376 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\c[1].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\YzY1ODZlNDQtN2M1Ni00MmFlLWI0NGMtNmQ2ZjhhNjIwYjM5[1].jpg (4491 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\studio[1].js (66337 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\j[1].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\CA096DCX.gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\j[10].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\CAN6QHRF.gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\j[6].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\j[3].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\headfoot.mix[2].js (1216 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\StatisticsAction[1].json (84 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\j[3].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\user[8].gif (43 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\user[3].gif (43 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\liveBaseSceneConfig[2].xml (918 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\udb.sdk.pcweb.embed.min[2].js (136 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\136724[1] (1968 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\j[7].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\user[1].gif (43 bytes)
%Documents and Settings%\%current user%\Cookies\[email protected][2].txt (374 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\controlBar[1].swf (5162 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\CANLHVD7.gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\crossdomain[1].htm (260 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\72578111[1].htm (1 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\default_portrait[1].jpg (7 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\j[15].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\CAMZIFY1.gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\user[5].gif (43 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\hiido_internal[1].js (6553 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\j[7].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\j[12].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\72578111[3].htm (1 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\1391682584[1].htm (32000 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\MGU2NTExZWItYTI1Mi00N2VmLTg5NDgtOWUwY2UxNGUzMjQ2[1].jpg (8964 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\detail[2] (210 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\CAA7WBV4.gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\yy[1] (720 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\xelogin.sdk[1].css (667 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\w-liveplayer-sprite-p24[1].png (932 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\YjRkNjY5ODUtMWEyYy00MTQxLThlYjAtZjRhMzYzMjAwNTEw[1].jpg (7224 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\hm[1].js (392 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\CAG3BNEC.gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\d7wtWVcpnn4AAAAAAAAsxTKw0FU569[1].jpg (392 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\CAXXR7JF.gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\headfoot.mix[2].css (26 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\hm[2].js (363 bytes)
%Documents and Settings%\%current user%\UserData\2Z89WTQV\www.yy[1].xml (1240 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\CAUV45EB.gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\j[10].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\72578111[1] (3977 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\liveplayerInline[1].js (145 bytes)
%Documents and Settings%\%current user%\Cookies\Current_User@yystatic[2].txt (365 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\NDQ1NzI4OTctZjBkMi00NzRkLTk4OGItYWRkN2NjZWU4ZjY4[1].jpg (4364 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\j[15].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\j[9].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\icons-menuclose[1].png (1 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\hm[2].js (726 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\main[3].swf (16377 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\w-liveplayer-sprite[1].png (3 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\gradeIco[1].swf (290 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\j[8].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\user[1].gif (43 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\1391682584[1].htm (17911 bytes)
%Documents and Settings%\%current user%\Cookies\Current_User@yy[2].txt (758 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\c[1].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\tz0M9VbtNkMAAAAAAAA9VFYDCvU355[1].jpg (392 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\j[14].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\tanx[1].gif (43 bytes)
%Documents and Settings%\%current user%\Cookies\[email protected][1].txt (2045 bytes)
%Documents and Settings%\%current user%\Cookies\Current_User@tanx[1].txt (163 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\j[2].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\user[1].gif (43 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\72578111[1].htm (1 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\require[1].js (14 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\keywords[1] (34039 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\detail[1] (210 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\udb.sdk.getmm.min[1].js (2 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\hm[1].js (784 bytes)
%Documents and Settings%\%current user%\Cookies\[email protected][2].txt (164 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\j[16].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\72578111[1] (2379 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\CAJECRZD.gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\user[2].gif (43 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\ShowBackground[1].swf (1634 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\72578111[4].htm (1 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\detail[1] (145 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\j[6].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\crossdomain[2].xml (260 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\StatisticsAction[1].json (84 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\user[6].gif (43 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\danmaku[2].swf (4845 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\136724[1].htm (1002 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\j[19].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\hm[1].js (2852 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\NTk0MmFiOTYtMDEzOS00M2RmLTk2NzQtYWQ5NjhhZGU3MzQw[1].jpg (5753 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\hm[1].js (363 bytes)
%Documents and Settings%\%current user%\Cookies\Current_User@yystatic[1].txt (189 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\login_btn[1].png (392 bytes)

The Trojan deletes the following file(s):

%Documents and Settings%\%current user%\UserData\2Z89WTQV\www.yy[1].xml (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\j[7].gif (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\hm[2].js (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\udb.sdk.pcweb.embed.min[1].js (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\detail[1] (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\1391682584[1].htm (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\core[1].htm (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\require[1].js (0 bytes)
%Documents and Settings%\%current user%\UserData\YJM90VAL\www.yy[1].xml (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\1391682584[1].htm (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\hm[3].js (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\yy[1] (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\w-liveplayer-sprite[1].png (0 bytes)
%Documents and Settings%\%current user%\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol (0 bytes)
%Documents and Settings%\%current user%\Cookies\[email protected][1].txt (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\136724[1] (0 bytes)
%Documents and Settings%\%current user%\Cookies\Current_User@yystatic[1].txt (0 bytes)
%Documents and Settings%\%current user%\Cookies\[email protected][2].txt (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\72578111[1] (0 bytes)
%Documents and Settings%\%current user%\Cookies\Current_User@tanx[2].txt (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\yy[1] (0 bytes)
%Documents and Settings%\%current user%\Cookies\Current_User@mmstat[1].txt (0 bytes)
%Documents and Settings%\%current user%\Application Data\Macromedia\Flash Player\#SharedObjects\QEA5Z3QJ\c2.web.yystatic.com\r\rc\yycomscene\main\1\11\main.swf\main_guest_sobj.sol (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\crossdomain[1].htm (0 bytes)
%Documents and Settings%\%current user%\Cookies\Current_User@tanx[1].txt (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\1391682584[2].htm (0 bytes)
%Documents and Settings%\%current user%\Cookies\Current_User@mmstat[2].txt (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\StatisticsAction[2].json (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\keywords[1] (0 bytes)
%Documents and Settings%\%current user%\Cookies\[email protected][1].txt (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\headfoot.mix[1].css (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\loading-white-mini[1].gif (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\w-liveplayer-sprite[2].png (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\1391682584[1].htm (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\StatisticsAction[1].json (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\hm[2].js (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\hm[1].js (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\studio[1].css (0 bytes)
%Documents and Settings%\%current user%\Cookies\[email protected][1].txt (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\1391682584[1].htm (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\StatisticsAction[3].json (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\StatisticsAction[1].json (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\headfoot.mix[2].css (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\yy[1].htm (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\hm[1].js (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\hm[1].js (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\yy[1].htm (0 bytes)
%Documents and Settings%\%current user%\Cookies\Current_User@yy[2].txt (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\udb.sdk.getmm.min[1].js (0 bytes)
%Documents and Settings%\%current user%\Cookies\[email protected][1].txt (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\72578111[1] (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\detail[1] (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\StatisticsAction[1].json (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\alpha-bg[1].png (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\hm[2].js (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\duowan[1].js (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\j[15].gif (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\72578111[1] (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\headfoot.mix[1].js (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\yy[1] (0 bytes)
%Documents and Settings%\%current user%\Cookies\Current_User@yy[1].txt (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\72578111[1] (0 bytes)

The process adlll.exe:224 makes changes in the file system.
The Trojan creates and/or writes to the following file(s):

%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\j[1].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\CAZ9H3MQ.gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\j[4].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\liveCard[1].swf (6435 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\j[10].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\j[18].gif (35 bytes)
%Documents and Settings%\%current user%\UserData\YJM90VAL\www.yy[1].xml (1196 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\MTMyYjhhMzYtODhjNS00MmJhLTk1M2ItNzBkY2YzYzVhMGMy[1].jpg (10986 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\StatisticsAction[1].json (42 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\CAG5EPK1.gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\j[11].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\CAS1ALZW.gif (35 bytes)
%Documents and Settings%\%current user%\Cookies\[email protected][1].txt (374 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\default_portrait[2].jpg (7 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\86415000[1] (2639 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\j[6].gif (35 bytes)
%Documents and Settings%\%current user%\Cookies\[email protected][2].txt (1413 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\N2FjOGQ3MGItODQxYS00ODA5LThkOGQtMWZmNWE2MWI1NzM5[1].jpg (2600 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\crossdomain[1].xml (199 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\86415000[1].htm (1 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\j[4].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\86415000[4].htm (1 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\d7wtWVI1Ol0AAAAAAAA5sxARP9E766[1].jpg (392 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\j[5].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\hm[1].js (2399 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\w-liveplayer-sprite[2].png (3 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\j[14].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\CAYJKPYF.gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\1371549646[2].htm (10365 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini (67 bytes)
%Documents and Settings%\%current user%\Cookies\[email protected][1].txt (164 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\CATFNP7P.gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\danmaku[1].swf (4770 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\tz0M9VcuazEAAAAAAAAvAhGaUQY835[1].jpg (392 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\yy[1].htm (1681 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\hm[1].js (755 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\j[2].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\CADR717H.gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\main[1].swf (4121 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\CAILCVYX.gif (35 bytes)
%Documents and Settings%\%current user%\Cookies\[email protected][1].txt (184 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\user[4].gif (43 bytes)
%Documents and Settings%\%current user%\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sxx (547 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\user[2].gif (43 bytes)
%Documents and Settings%\%current user%\Cookies\index.dat (23036 bytes)
%Documents and Settings%\%current user%\Cookies\[email protected][2].txt (357 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\tz0M9VZdRP8AAAAAAABOGkURMpY256[1].jpg (3384 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\udb.sdk.pcweb.embed.min[2].js (136 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\desktop.ini (67 bytes)
%Documents and Settings%\%current user%\Cookies\Current_User@yy[1].txt (522 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\d7wtWVcggoIAAAAAAABEjk6S4z4003[1].jpg (776 bytes)
%Documents and Settings%\%current user%\Application Data\Macromedia\Flash Player\#SharedObjects\QEA5Z3QJ\c2.web.yystatic.com\r\rc\yycomscene\main\1\11\main.swf\main_guest_sobj.sxx (480 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\86415000[2].htm (1 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\j[9].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\hm[2].js (392 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\j[5].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\CAWDQ7S5.gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\1371549646[2].htm (7095 bytes)
%Documents and Settings%\%current user%\UserData\2Z89WTQV\www.yy[1].xml (2436 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\1371549646[1].htm (40733 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\w-liveplayer-sprite-p24[1].png (932 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\liveBaseSceneConfig[1].xml (918 bytes)
%Documents and Settings%\%current user%\Cookies\Current_User@yystatic[1].txt (365 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\86415000[2].htm (1 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\desktop.ini (67 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\user[3].gif (43 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\j[14].gif (35 bytes)
%Documents and Settings%\%current user%\Cookies\Current_User@mmstat[1].txt (168 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\86415000[2].htm (1 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\j[17].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\desktop.ini (67 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\crossdomain[1].htm (260 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\user[2].gif (43 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\user[4].gif (43 bytes)
%Documents and Settings%\%current user%\Application Data\Macromedia\Flash Player\#SharedObjects\QEA5Z3QJ\c2.web.yystatic.com\pcInfo.sxx (70 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\tz0M9VcXMfcAAAAAAABR2ACo4I4351[1].jpg (776 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\j[3].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\main[1].swf (14457 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\defaultScene[1].swf (6016 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\210075[1].htm (816 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\CAN6QHRF.gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\w-liveplayer-sprite[2].png (3 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\NmRhYmZjOTAtYWFiOC00ZDAyLWFhOTUtMmIwNDI3OTk0YTgz[1].jpg (10690 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\yy[1].htm (292 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\CAY38DQF.gif (35 bytes)
%Documents and Settings%\%current user%\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#c2.web.yystatic.com\settings.sxx (220 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\1264046092_1465050091.600552[1].jpg (392 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\login-close[1].png (1 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\playui[1].swf (1 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\j[8].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\duowan[1].js (1681 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\j[16].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\yy[1] (776 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\j[4].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\j[10].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\j[7].gif (70 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\udb.sdk.getmm.min[2].js (1 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\86415000[1].htm (1 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\core[1].htm (43686 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\tz0M9VdPA9EAAAAAAAA61AG8C_o574[1].jpg (392 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\keywords[1] (6303 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\CASDU7O9.gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\crossdomain[1].xml (263 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\StatisticsAction[1].json (42 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\j[13].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\tz0M9VcY1jwAAAAAAABER38yZBk347[1].jpg (776 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\hm[3].js (363 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\user[4].gif (43 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\headfoot.mix[1].css (5 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\86415000[3].htm (1 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\j[13].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\icons-index[2].png (7 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\w-liveplayer-errbg[1].jpg (3629 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\hm[3].js (363 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\StatisticsAction[1].json (58 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\user[5].gif (43 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\w-liveplayerToolBar-sprite[1].png (392 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\86415000[1].htm (1 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\user[1].gif (43 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\CAW16FG9.gif (35 bytes)
%Documents and Settings%\%current user%\Cookies\Current_User@yystatic[2].txt (365 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\j[4].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\ZGI4OGIzN2ItYjAzZS00NGFkLWEyNTQtZjQ1YjFhMDg4YzY4[1].jpg (6127 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\loading-white-mini[1].gif (392 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\CAGH2L1A.gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\YzczODkwMjMtNmJmZi00ZjBiLTk0NDYtNTcyNGVlOWYxODQ4[1].jpg (4902 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\j[11].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\tanx[1].gif (43 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\c[2].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\j[1].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\CABF5L8E.gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\user[2].gif (43 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\detail[1] (144 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\hm[2].js (726 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\require[1].js (1405 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\studio[1].css (29631 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\86415000[1] (1590 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\user[9].gif (43 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\MTQxYmJhMjMtODRkMi00MDU2LWI4ODktYzk3MDFkNGJhNWIx[1].jpg (392 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\CAVQ0FB1.gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\j[8].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\CAM7W161.gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\j[5].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\w-liveplayer-sprite[1].png (3 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\CA3RHP4Q.gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\1371549646[1].htm (20099 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\NjBhMWM0YjktYTY0ZC00MDI4LThkZGUtM2RjNzI1NGU1MGQ3[1].jpg (1928 bytes)
%Documents and Settings%\%current user%\Cookies\Current_User@yy[2].txt (3033 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\desktop.ini (67 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\tz0M9VcDglUAAAAAAAA0AFVcLuE178[1].jpg (392 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\icons-leftMenu2[1].png (3 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\udb.sdk.pcweb.embed.min[1].js (1228 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\detail[2] (210 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\user[3].gif (43 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\default_load[2].png (4 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\1371549646[1].htm (19609 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\udb.sdk.getmm.min[1].js (2 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\1371549646[1].htm (23407 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\jquery-1.11.1.min[1].js (46001 bytes)
%Documents and Settings%\%current user%\Cookies\[email protected][1].txt (471 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\j[8].gif (35 bytes)
%Documents and Settings%\%current user%\Cookies\Current_User@tanx[1].txt (163 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\StatisticsAction[2].json (168 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\yy[2] (360 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\CALR91OA.gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\86415000[5].htm (1 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\hm[1].js (2323 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\StatisticsAction[1].json (84 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\210075[1] (2522 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\j[6].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\86415000[1] (1573 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\j[12].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\headfoot.mix[2].css (26 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\CAO1YN8B.gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\j[13].gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\hiido_internal[1].js (6553 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\hm[1].js (3209 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\86415000[1].htm (1 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\CAC1AV45.gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\alpha-bg[1].png (1 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\86415000[1] (2401 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\hm[4].js (363 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\CA0TQROP.gif (35 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\require[2].js (123 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\j[15].gif (70 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\CAHYJJ56.gif (35 bytes)

The Trojan deletes the following file(s):

%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\hm[2].js (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\liveCard[2].swf (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\w-liveplayer-sprite[1].png (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\udb.sdk.getmm.min[2].js (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\hm[3].js (0 bytes)
%Documents and Settings%\%current user%\Cookies\Current_User@yy[2].txt (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\1371549646[1].htm (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\StatisticsAction[1].json (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\require[1].js (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\1371549646[1].htm (0 bytes)
%Documents and Settings%\%current user%\UserData\2Z89WTQV\www.aaa[1].xml (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\w-liveplayer-sprite[1].png (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\StatisticsAction[1].json (0 bytes)
%Documents and Settings%\%current user%\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\1371549646[1].htm (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\yy[2] (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\headfoot.mix[1].css (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\icons-leftMenu2[1].png (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\liveBaseSceneConfig[2].xml (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\udb.sdk.pcweb.embed.min[2].js (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\hm[4].js (0 bytes)
%Documents and Settings%\%current user%\Cookies\Current_User@yystatic[1].txt (0 bytes)
%Documents and Settings%\%current user%\Cookies\[email protected][2].txt (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\w-liveplayerToolBar-sprite[1].png (0 bytes)
%Documents and Settings%\%current user%\Local Settings\History\History.IE5\MSHist012014041520140416\index.dat (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\86415000[1] (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\danmaku[2].swf (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\keywords[1] (0 bytes)
%Documents and Settings%\%current user%\Application Data\Macromedia\Flash Player\#SharedObjects\QEA5Z3QJ\c2.web.yystatic.com\r\rc\yycomscene\main\1\11\main.swf\main_guest_sobj.sol (0 bytes)
%Documents and Settings%\%current user%\Cookies\[email protected][1].txt (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\w-liveplayer-sprite[2].png (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\default_portrait[1].jpg (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\1371549646[2].htm (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\StatisticsAction[2].json (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\hm[2].js (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\yy[1].htm (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\udb.sdk.pcweb.embed.min[1].js (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\hiido_internal[1].js (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\require[1].js (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\1371549646[1].htm (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\defaultScene[1].swf (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\210075[1] (0 bytes)
%Documents and Settings%\%current user%\Cookies\[email protected][2].txt (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\hm[1].js (0 bytes)
%Documents and Settings%\%current user%\Cookies\[email protected][2].txt (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\hm[1].js (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\86415000[1] (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\StatisticsAction[3].json (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\StatisticsAction[1].json (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\w-liveplayer-sprite-p24[1].png (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\yy[1].htm (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\hm[1].js (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\hm[2].js (0 bytes)
%Documents and Settings%\%current user%\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#c2.web.yystatic.com\settings.sol (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\login-close[1].png (0 bytes)
%Documents and Settings%\%current user%\Cookies\[email protected][1].txt (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\yy[1] (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\detail[1] (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\default_load[1].png (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\icons-index[1].png (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\hm[2].js (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\86415000[1] (0 bytes)
%Documents and Settings%\%current user%\Local Settings\History\History.IE5\MSHist012014041520140416 (0 bytes)
%Documents and Settings%\%current user%\UserData\2Z89WTQV\www.yy[1].xml (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\1371549646[2].htm (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\86415000[1] (0 bytes)
%Documents and Settings%\%current user%\UserData\YJM90VAL\www.yy[1].xml (0 bytes)
%Documents and Settings%\%current user%\Cookies\Current_User@yystatic[2].txt (0 bytes)
%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\hm[1].js (0 bytes)
%Documents and Settings%\%current user%\Cookies\Current_User@yy[1].txt (0 bytes)

The process %original file name%.exe:632 makes changes in the file system.
The Trojan creates and/or writes to the following file(s):

%System%\adlll.exe (12289 bytes)
%System%\lore.exe (12289 bytes)

Registry activity

The process lore.exe:484 makes changes in the system registry.
The Trojan creates and/or sets the following values in system registry:

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c155cd72-744b-11e2-8294-806d6172696f}]
"BaseClass" = "Drive"

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths]
"Directory" = "%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5"

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\path4]
"CacheLimit" = "65452"
"CachePath" = "%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\Cache4"

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\path2]
"CacheLimit" = "65452"

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"AppData" = "%Documents and Settings%\%current user%\Application Data"

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c155cd73-744b-11e2-8294-806d6172696f}]
"BaseClass" = "Drive"

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"Cookies" = "%Documents and Settings%\%current user%\Cookies"

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\path2]
"CachePath" = "%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\Cache2"

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"Common AppData" = "%Documents and Settings%\All Users\Application Data"

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c155cd75-744b-11e2-8294-806d6172696f}]
"BaseClass" = "Drive"

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"Cache" = "%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files"

[HKLM\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication]
"Name" = "lore.exe"

[HKCR\TypeLib\{1EA4DBF0-3C3B-11CF-810C-00AA00389B71}\1.1\0\win32]
"(Default)" = "C:\Windows\System32\oleacc.dll"

[HKLM\System\CurrentControlSet\Hardware Profiles\0001\Software\Microsoft\windows\CurrentVersion\Internet Settings]
"ProxyEnable" = "0"

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\path1]
"CacheLimit" = "65452"

[HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections]
"SavedLegacySettings" = "3C 00 00 00 1E 00 00 00 01 00 00 00 00 00 00 00"

[HKLM\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication]
"ID" = "1434625514"

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"Local AppData" = "%Documents and Settings%\%current user%\Local Settings\Application Data"

[HKLM\SOFTWARE\Microsoft\Cryptography\RNG]
"Seed" = "7A DE BA 00 90 95 0F F7 A8 FC 26 C6 B8 02 90 56"

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\path1]
"CachePath" = "%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\Cache1"

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\path3]
"CacheLimit" = "65452"

[HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"MigrateProxy" = "1"

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"History" = "%Documents and Settings%\%current user%\Local Settings\History"

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b98117e8-75ca-11e2-81b2-000c293708fb}]
"BaseClass" = "Drive"

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\path3]
"CachePath" = "%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\Cache3"

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths]
"Paths" = "4"

[HKCU\Software\Microsoft\Internet Explorer\Main]
"Play_Background_Sounds" = "no"

The Trojan modifies IE settings for security zones to map all local web-nodes with no dots which do not refer to any zone to the Intranet Zone:

[HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap]
"UNCAsIntranet" = "1"

To automatically run itself each time Windows is booted, the Trojan adds the following link to its file to the system registry autorun key:

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"lore.exe" = "C:\Windows\System32\lore.exe"

The Trojan modifies IE settings for security zones to map all web-nodes that bypassing the proxy to the Intranet Zone:

[HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap]
"ProxyBypass" = "1"

Proxy settings are disabled:

[HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = "0"

The Trojan modifies IE settings for security zones to map all urls to the Intranet Zone:

[HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap]
"IntranetName" = "1"

The Trojan deletes the following value(s) in system registry:

[HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"AutoConfigURL"
"ProxyServer"
"ProxyOverride"

The process adlll.exe:224 makes changes in the system registry.
The Trojan creates and/or sets the following values in system registry:

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c155cd72-744b-11e2-8294-806d6172696f}]
"BaseClass" = "Drive"

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths]
"Directory" = "%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5"

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\path4]
"CacheLimit" = "65452"
"CachePath" = "%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\Cache4"

[HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections]
"SavedLegacySettings" = "3C 00 00 00 1D 00 00 00 01 00 00 00 00 00 00 00"

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"AppData" = "%Documents and Settings%\%current user%\Application Data"

[HKCU\AppEvents\Schemes\Apps\Explorer\Navigating\.Current]
"(Default)" = "%SystemRoot%\media\Windows XP Start.wav1"

[HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012016060420160605]
"CachePath" = "%USERPROFILE%\Local Settings\History\History.IE5\MSHist012016060420160605\"

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c155cd73-744b-11e2-8294-806d6172696f}]
"BaseClass" = "Drive"

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"Cookies" = "%Documents and Settings%\%current user%\Cookies"

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\path2]
"CachePath" = "%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\Cache2"

[HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012016060420160605]
"CachePrefix" = ":2016060420160605:"

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"Common AppData" = "%Documents and Settings%\All Users\Application Data"

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c155cd75-744b-11e2-8294-806d6172696f}]
"BaseClass" = "Drive"

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"Cache" = "%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files"

[HKLM\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication]
"Name" = "adlll.exe"

[HKCR\TypeLib\{1EA4DBF0-3C3B-11CF-810C-00AA00389B71}\1.1\0\win32]
"(Default)" = "C:\Windows\System32\oleacc.dll"

[HKLM\System\CurrentControlSet\Hardware Profiles\0001\Software\Microsoft\windows\CurrentVersion\Internet Settings]
"ProxyEnable" = "0"

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\path1]
"CacheLimit" = "65452"

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\path2]
"CacheLimit" = "65452"

[HKLM\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication]
"ID" = "1436931101"

[HKLM\SOFTWARE\Microsoft\Cryptography\RNG]
"Seed" = "4F 9A B3 2B D1 D1 C4 79 ED 62 C9 F7 CD 98 DC 6B"

[HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012016060420160605]
"CacheOptions" = "11"
"CacheLimit" = "8192"

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\path1]
"CachePath" = "%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\Cache1"

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\path3]
"CacheLimit" = "65452"

[HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"MigrateProxy" = "1"

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"History" = "%Documents and Settings%\%current user%\Local Settings\History"

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b98117e8-75ca-11e2-81b2-000c293708fb}]
"BaseClass" = "Drive"

[HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012016060420160605]
"CacheRepair" = "0"

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths\path3]
"CachePath" = "%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\Cache3"

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Paths]
"Paths" = "4"

[HKCU\Software\Microsoft\Internet Explorer\Main]
"Play_Background_Sounds" = "no"

The Trojan modifies IE settings for security zones to map all local web-nodes with no dots which do not refer to any zone to the Intranet Zone:

[HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap]
"UNCAsIntranet" = "1"

The Trojan modifies IE settings for security zones to map all web-nodes that bypassing the proxy to the Intranet Zone:

"ProxyBypass" = "1"

Proxy settings are disabled:

[HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"ProxyEnable" = "0"

The Trojan modifies IE settings for security zones to map all urls to the Intranet Zone:

[HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap]
"IntranetName" = "1"

To automatically run itself each time Windows is booted, the Trojan adds the following link to its file to the system registry autorun key:

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"adlll.exe" = "C:\Windows\System32\adlll.exe"

The Trojan deletes the following registry key(s):

[HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012014041520140416]

The Trojan deletes the following value(s) in system registry:

[HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
"AutoConfigURL"
"ProxyServer"
"ProxyOverride"

The process %original file name%.exe:632 makes changes in the system registry.
The Trojan creates and/or sets the following values in system registry:

[HKLM\SOFTWARE\Microsoft\Cryptography\RNG]
"Seed" = "0F A2 42 84 4B 6E 1C 6A 5E 9B DB E1 46 77 9C F5"

Dropped PE files

MD5 File path
14a04852aa66db5b60b9af0ec9f0d7c0 c:\WINDOWS\system32\adlll.exe
a25e84b4626ceb0bcd238871d1cd0fad c:\WINDOWS\system32\lore.exe

HOSTS file anomalies

No changes have been detected.

Rootkit activity

No anomalies have been detected.

Propagation

VersionInfo

Company Name:
Product Name: ?????????????????
Product Version: 1.0.0.0
Legal Copyright: ?????? ????????
Legal Trademarks:
Original Filename:
Internal Name:
File Version: 1.0.0.0
File Description: ?????
Comments: ??????????(http://www.eyuyan.com)
Language: Chinese (Simplified, PRC)

PE Sections

Name Virtual Address Virtual Size Raw Size Entropy Section MD5
.text 4096 512234 516096 4.54677 3d61eab896b2e178bdd2f11610072806
.rdata 520192 4291934 4292608 4.1475 d7ce2976f11ae73eac49e40c39aba86d
.data 4812800 188394 73728 3.5237 5a321cf3d204ae7545d1c20fd21b21af
.rsrc 5001216 23820 24576 3.37679 a6b967c127021522b9e4c113e4f340c6

Dropped from:

Downloaded by:

Similar by SSDeep:

Similar by Lavasoft Polymorphic Checker:

URLs

URL IP
hxxp://www.yy.com/210075 221.228.79.225
hxxp://c1.web.yy.com/r/rc/main/main/1/46/main.swf?type=yyscene&topSid=85593777&subSid=85593777 171.91.157.135
hxxp://www.yy.com/136724 221.228.79.225
hxxp://c1.web.yy.com/r/rc/main/main/1/46/main.swf?type=yyscene&topSid=45937111&subid=45937111 171.91.157.135
hxxp://duowan.xdwscache.ourglb0.com/pc/js/lib/jQuery/jquery-1.11.1.min.js
hxxp://duowan.xdwscache.ourglb0.com/pc/css/studio.css?20160603212726
hxxp://duowan.xdwscache.ourglb0.com/pc/css/headfoot.mix.css?20160603212726
hxxp://www.yy.com/crossdomain.xml 221.228.79.225
hxxp://duowan.xdwscache.ourglb0.com/duowan.js
hxxp://ylog.hiido.com/j.gif?act=web&zd=www@yy|&ui=0.20794194939660737&sp=0&fl=11&sl=0&ss=2&bs=6&mb=0&nw=0&fd=0&hiido=0&sn=0&ls=0&ut=1465062548411&wd=0&passport=&sns=null&pcmb=1&pl=http://www.yy.com/136724&v=T20160526.01&rnd=0.207941949396607371465062548411 14.17.112.237
hxxp://duowan.xdwscache.ourglb0.com/hiido_internal.js?siteid=www@yy
hxxp://ylog.hiido.com/j.gif?act=web&zd=www@yy|&ui=0.20794194939660737&sp=0&fl=11&sl=0&ss=2&bs=6&mb=0&nw=0&fd=0&hiido=0&sn=0&ls=0&ut=1465062548583&wd=0&passport=&sns=null&pcmb=1&pl=http://www.yy.com/136724&v=T20160526.01&rnd=0.207941949396607371465062548583 14.17.112.237
hxxp://ylog.hiido.com/j.gif?act=web&zd=www@yy|&ui=0.20794194939660737&sp=0&fl=11&sl=0&ss=2&bs=6&mb=0&nw=0&fd=0&hiido=0&sn=0&ls=0&ut=1465062548286&wd=0&passport=&sns=null&pcmb=1&pl=http://www.yy.com/210075&v=T20160526.01&rnd=0.207941949396607371465062548286 14.17.112.237
hxxp://res.udb.duowan.com/lgn/js/oauth/udbsdk/pcweb/udb.sdk.pcweb.embed.min.js 222.73.61.81
hxxp://cm.hiido.cn/cm/user?time=1465062548&domain=yy.com&zds=www@yy|&hiido_ui=0.20794194939660737 113.107.236.195
hxxp://www.yy.com/cm/user?time=1465062548&domain=yy.com&zds=www@yy|&hiido_ui=0.20794194939660737 221.228.79.225
hxxp://cm.hiido.cn/cm/user?hi_tc=1&domain=yy.com&hiido_ui=0.20794194939660737&time=1465062548&zds=www@yy|& 113.107.236.195
hxxp://ylog.hiido.com/j.gif?act=webstat&ht=www.yy.com&siteid=www@yy&speid=&ui=0.9037752212777944&sc=1276.846&cl=32-bit&pcmb=1&os=win|xp&bs=ie6&mb=&se=&wd=&rfh=&rf=&sns=&fl=-1&ln=&ja=1&ck=1&ot=&lt=&xy=&ext=&v=v0.8.0&pl=http://www.yy.com/136724&isnew=1&hsid=0.4559120123177925&io=1&ut=1465062549724&rnd=0.90377522127779441465062549724 14.17.112.237
hxxp://duowan.xdwscache.ourglb0.com/pc/js/headfoot.mix.js?20160603212726
hxxp://www.yy.com/cm/user?hi_tc=1&domain=yy.com&hiido_ui=0.20794194939660737&time=1465062548&zds=www@yy|& 221.228.79.225
hxxp://duowan.xdwscache.ourglb0.com/pc/images/default_portrait.jpg
hxxp://res.udb.duowan.com/lgn/js/oauth/udbsdk/udb.sdk.getmm.min.js 222.73.61.81
hxxp://duowan.xdwscache.ourglb0.com/pc/images/2wm.png
hxxp://duowan.xdwscache.ourglb0.com/pc/js/liveplayerInline.js?20160603212726
hxxp://duowan.xdwscache.ourglb0.com/pc/images/components/w-head/images/w-head-sprite.png?$cssjsdate
hxxp://duowan.xdwscache.ourglb0.com/pc/images/components/w-leftMenu/images/icons-menuclose.png
hxxp://ylog.hiido.com/j.gif?act=webstat&ht=www.yy.com&siteid=www@yy&speid=&ui=0.9037752212777944&sc=1276.846&cl=32-bit&pcmb=1&os=win|xp&bs=ie6&mb=&se=&wd=&rfh=&rf=&sns=&fl=-1&ln=&ja=1&ck=1&ot=&lt=&xy=&ext=&v=v0.8.0&pl=http://www.yy.com/210075&hsid=0.4215254752462996&io=1&ut=1465062550068&rnd=0.90377522127779441465062550068 14.17.112.237
hxxp://duowan.xdwscache.ourglb0.com/pc/images/components/w-leftMenu/images/icons-leftMenu2.png
hxxp://duowan.xdwscache.ourglb0.com/pc/images/components/w-liveplayerToolBar/images/w-liveplayerToolBar-sprite.png?201605261526
hxxp://duowan.xdwscache.ourglb0.com/pc/images/default_load.png
hxxp://duowan.xdwscache.ourglb0.com/pc/images/components/w-liveplayer/images/w-liveplayer-sprite-p24.png?201605261526
hxxp://duowan.xdwscache.ourglb0.com/pc/js/lib/requirejs/require.js?20160603212726
hxxp://duowan.xdwscache.ourglb0.com/pc/images/components/w-chatroom/images/alpha-bg.png
hxxp://duowan.xdwscache.ourglb0.com/pc/images/icons-index.png?20160505002
hxxp://res.udb.duowan.com/lgn/css/oauth/udbsdk/xelogin.sdk.css 222.73.61.81
hxxp://duowan.xdwscache.ourglb0.com/pc/images/components/w-thirdpartyLogin/images/login-close.png
hxxp://ad.wagbridge.tanx.com.gds.alibabadns.com/t.gif?tanx_nid=109887427&tanx_cm&domain=yy.com&hiido_ui=0.20794194939660737&time=1465062548&zds=www@yy|&hi_cmui=buCLmnR1GIMVgMVaX93GCw==&hi_cmuiv=0.6&
hxxp://hm.e.shifen.com/hm.js?c493393610cdccbddc1f124d567e36ab
hxxp://ad.wagbridge.tanx.com.gds.alibabadns.com/t.gif?tanx_nid=109887427&tanx_cm&domain=yy.com&hiido_ui=0.20794194939660737&time=1465062548&zds=www@yy|&hi_cmui=yzwRC8sZVk qFEJH3ShePQ==&hi_cmuiv=0.6&
hxxp://duowan.xdwscache.ourglb0.com/pc/images/components/w-thirdpartyLogin/images/login_btn.png
hxxp://duowan.xdwscache.ourglb0.com/pc/js/studio.js?20160603212726
hxxp://weblbs.yystatic.com/s/72578111/72578111/yycomscene.swf 171.91.157.237
hxxp://weblbs.yystatic.com/s/86415000/86415000/yycomscene.swf 171.91.157.237
hxxp://www.yy.com/ 221.228.79.225
hxxp://duowan.xdwscache.ourglb0.com/pc/images/loading-white-mini.gif?201605261526
hxxp://duowan.xdwscache.ourglb0.com/pc/images/components/w-liveplayer/images/w-liveplayer-sprite.png?201605261526
hxxp://log.gds.mmstat.com/cm.gif?url=http://cms.tanx.com/t.gif?tanx_nid=109887427&tanx_cm&domain=yy.com&hiido_ui=0.20794194939660737&time=1465062548&zds=www@yy|&hi_cmui=yzwRC8sZVk+qFEJH3ShePQ==&hi_cmuiv=0.6
hxxp://hm.e.shifen.com/hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&et=0&fl=11.6&ja=1&ln=en-us&lo=0&nv=1&rnd=646224961&si=c493393610cdccbddc1f124d567e36ab&st=1&v=1.1.26&lv=1&tt=[K歌]花樣年華〆娱乐休闲会所 我的电脑会唱歌,叫醒你的耳朵~-正在直播-中国领先的直播网站
hxxp://log.gds.mmstat.com/cm.gif?url=http://cms.tanx.com/t.gif?tanx_nid=109887427&tanx_cm&domain=yy.com&hiido_ui=0.20794194939660737&time=1465062548&zds=www@yy|&hi_cmui=buCLmnR1GIMVgMVaX93GCw==&hi_cmuiv=0.6
hxxp://duowan.xdwscache.ourglb0.com/group16/M00/BC/E7/tz0M9Vahn78AAAAAAABHwm5wG-M269.jpg
hxxp://duowan.xdwscache.ourglb0.com/group16/M00/CB/2B/tz0M9VbtNkMAAAAAAAA9VFYDCvU355.jpg
hxxp://duowan.xdwscache.ourglb0.com/YzY1ODZlNDQtN2M1Ni00MmFlLWI0NGMtNmQ2ZjhhNjIwYjM5.jpg
hxxp://duowan.xdwscache.ourglb0.com/group16/M00/BC/E9/tz0M9VahqFgAAAAAAAAk6C0I27c747.jpg
hxxp://duowan.xdwscache.ourglb0.com/MGFhN2YyZTEtZWM1YS00MWJiLWFkZjAtNWYyYTExZDQzNTg0.jpg
hxxp://duowan.xdwscache.ourglb0.com/ZTE4NDIzY2MtZDA5OS00YjQzLWI2NGUtMzBmODc3M2ZmMzQz.jpg
hxxp://duowan.xdwscache.ourglb0.com/group16/M00/DA/69/tz0M9VcuazEAAAAAAAAvAhGaUQY835.jpg
hxxp://duowan.xdwscache.ourglb0.com/group16/M00/AB/90/tz0M9VZdRP8AAAAAAABOGkURMpY256.jpg
hxxp://duowan.xdwscache.ourglb0.com/MTMyYjhhMzYtODhjNS00MmJhLTk1M2ItNzBkY2YzYzVhMGMy.jpg
hxxp://duowan.xdwscache.ourglb0.com/group16/M00/A8/67/d7wtWVZMVGYAAAAAAAAsUBB5Ylo338.jpg
hxxp://ylog.hiido.com/j.gif?act=webevent&eventid=10008953&value=1&sys=3&uid=0&ui=0.20794194939660737&sid=86415000&act_type=1&source=0_0&bak1=0_0&parm1=0&time=1465062552&username= 14.17.112.237
hxxp://duowan.xdwscache.ourglb0.com/1264046092_1465050091.600552.jpg?ips_thumbnail/4/0/w/363/h/330/format=jpeg
hxxp://duowan.xdwscache.ourglb0.com/group16/M00/D0/82/tz0M9VcDglUAAAAAAAA0AFVcLuE178.jpg
hxxp://duowan.xdwscache.ourglb0.com/YzczODkwMjMtNmJmZi00ZjBiLTk0NDYtNTcyNGVlOWYxODQ4.jpg
hxxp://duowan.xdwscache.ourglb0.com/N2FjOGQ3MGItODQxYS00ODA5LThkOGQtMWZmNWE2MWI1NzM5.jpg
hxxp://duowan.xdwscache.ourglb0.com/group16/M00/C5/F0/d7wtWVcpnn4AAAAAAAAsxTKw0FU569.jpg
hxxp://duowan.xdwscache.ourglb0.com/NjM0YWQxNGQtOWIzNy00Yjg1LWI4MjMtZGNmOWJlZTM4ZDU1.jpg
hxxp://duowan.xdwscache.ourglb0.com/OWJjZjY1NjYtY2U4OS00NzkwLTg4M2MtM2QxNjY2ODkyMWQx.jpg
hxxp://duowan.xdwscache.ourglb0.com/group16/M00/C4/E8/d7wtWVcggoIAAAAAAABEjk6S4z4003.jpg
hxxp://duowan.xdwscache.ourglb0.com/group16/M00/A7/1F/d7wtWVZErbEAAAAAAAAuj2mMZr0392.jpg
hxxp://duowan.xdwscache.ourglb0.com/group16/M00/9E/CC/d7wtWVI1Ol0AAAAAAAA5sxARP9E766.jpg
hxxp://duowan.xdwscache.ourglb0.com/NmRhYmZjOTAtYWFiOC00ZDAyLWFhOTUtMmIwNDI3OTk0YTgz.jpg
hxxp://ylog.hiido.com/j.gif?act=webevent&eventid=10008953&value=1&sys=3&uid=0&ui=0.20794194939660737&sid=72578111&act_type=1&source=0_0&bak1=0_0&parm1=0&time=1465062552&username= 14.17.112.237
hxxp://duowan.xdwscache.ourglb0.com/group16/M00/D5/3D/tz0M9VcXMfcAAAAAAABR2ACo4I4351.jpg
hxxp://duowan.xdwscache.ourglb0.com/group16/M00/E1/52/tz0M9VdPA9EAAAAAAAA61AG8C_o574.jpg
hxxp://ad.wagbridge.tanx.com.gds.alibabadns.com/t.gif?tanx_nid=109887427&tanx_cm&domain=yy.com&hiido_ui=0.20794194939660737&time=1465062548&zds=www@yy|&hi_cmui=yzwRC8sZVk qFEJH3ShePQ==&hi_cmuiv=0.6&cna=jwLaD3iTjxECAcLyYNpUr7X5
hxxp://duowan.xdwscache.ourglb0.com/group16/M00/D5/AE/tz0M9VcY1jwAAAAAAABER38yZBk347.jpg
hxxp://duowan.xdwscache.ourglb0.com/NjBhMWM0YjktYTY0ZC00MDI4LThkZGUtM2RjNzI1NGU1MGQ3.jpg
hxxp://duowan.xdwscache.ourglb0.com/ZGI4OGIzN2ItYjAzZS00NGFkLWEyNTQtZjQ1YjFhMDg4YzY4.jpg
hxxp://ad.wagbridge.tanx.com.gds.alibabadns.com/t.gif?tanx_nid=109887427&tanx_cm&domain=yy.com&hiido_ui=0.20794194939660737&time=1465062548&zds=www@yy|&hi_cmui=buCLmnR1GIMVgMVaX93GCw==&hi_cmuiv=0.6&cna=kALaD7rWWhICAcLyYNokUOf8
hxxp://ad.wagbridge.tanx.com.gds.alibabadns.com/t.gif?tanx_nid=109887427&tanx_cm&domain=yy.com&hiido_ui=0.20794194939660737&time=1465062548&zds=www@yy|&hi_cmui=buCLmnR1GIMVgMVaX93GCw==&hi_cmuiv=0.6&cna=kALaD6m0UlUCAcLyYNpLlIs0
hxxp://duowan.xdwscache.ourglb0.com/MTQxYmJhMjMtODRkMi00MDU2LWI4ODktYzk3MDFkNGJhNWIx.jpg
hxxp://duowan.xdwscache.ourglb0.com/1501809610_1465004462.jpg?ips_thumbnail/4/0/w/363/h/330/format=jpeg
hxxp://duowan.xdwscache.ourglb0.com/NTk0MmFiOTYtMDEzOS00M2RmLTk2NzQtYWQ5NjhhZGU3MzQw.jpg
hxxp://www.yy.com/cm/adx/tanx?tanx_ver=1&domain=yy.com&hiido_ui=0.20794194939660737&time=1465062548&zds=www@yy|&hi_cmui=yzwRC8sZVk qFEJH3ShePQ==&hi_cmuiv=0.6&tanx_tid=WVXU1KqJTQU= 221.228.79.225
hxxp://dw.dlmix.ourdvs.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=86415000&subSid=86415000&newtuna=1&referer=http://www.yy.com/210075
hxxp://ylog.hiido.com/j.gif?act=webevent&eventid=10008953&value=1&sys=3&uid=0&ui=0.20794194939660737&act_type=201&source=0_0&time=1465062553&username= 14.17.112.237
hxxp://duowan.xdwscache.ourglb0.com/MGU2NTExZWItYTI1Mi00N2VmLTg5NDgtOWUwY2UxNGUzMjQ2.jpg
hxxp://cm.hiido.cn/cm/adx/tanx?tanx_ver=1&domain=yy.com&hiido_ui=0.20794194939660737&time=1465062548&zds=www@yy|&hi_cmui=buCLmnR1GIMVgMVaX93GCw==&hi_cmuiv=0.6&tanx_tid=zSgTVhBnj3I= 113.107.236.195
hxxp://cm.hiido.cn/cm/adx/tanx?tanx_ver=1&domain=yy.com&hiido_ui=0.20794194939660737&time=1465062548&zds=www@yy|&hi_cmui=buCLmnR1GIMVgMVaX93GCw==&hi_cmuiv=0.6&tanx_tid=mh7AnrnlrII= 113.107.236.195
hxxp://dw.dlmix.ourdvs.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=72578111&subSid=72578111&newtuna=1&referer=http://www.yy.com/136724
hxxp://hm.e.shifen.com/hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&ep=2719,2719&et=3&fl=11.6&ja=1&ln=en-us&lo=0&nv=0&rnd=510011058&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=1
hxxp://www.yy.com/cm/user?time=1465062555&domain=yy.com&zds=www@yy|&hiido_ui=0.20794194939660737 221.228.79.225
hxxp://duowan.xdwscache.ourglb0.com/NDQ1NzI4OTctZjBkMi00NzRkLTk4OGItYWRkN2NjZWU4ZjY4.jpg
hxxp://ylog.hiido.com/j.gif?act=webstat&ht=www.yy.com&siteid=www@yy&speid=&ui=0.9037752212777944&sc=1276.846&cl=32-bit&pcmb=1&os=win|xp&bs=ie6&mb=&se=&wd=&rfh=&rf=&sns=&fl=-1&ln=&ja=1&ck=1&ot=&lt=4890&xy=&ext=&v=v0.8.0&pl=http://www.yy.com/210075&hsid=0.4215254752462996&io=0&ut=1465062554974&rnd=0.90377522127779441465062554974 14.17.112.237
hxxp://ylog.hiido.com/j.gif?act=web&zd=www@yy|&ui=0.20794194939660737&sp=0&fl=11&sl=0&ss=2&bs=6&mb=0&nw=0&fd=0&hiido=0&sn=0&ls=0&ut=1465062555036&wd=0&passport=&sns=null&pcmb=1&pl=http://www.yy.com/210075&v=T20160526.01&rnd=0.207941949396607371465062555036 14.17.112.237
hxxp://hm.e.shifen.com/hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&et=0&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062552&nv=0&rnd=389553210&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2&tt=[K歌]花樣年華〆娱乐休闲会所 我的电脑会唱歌,叫醒你的耳朵~-正在直播-中国领先的直播网站
hxxp://ylog.hiido.com/j.gif?act=webstat&ht=www.yy.com&siteid=www@yy&speid=&ui=0.9037752212777944&sc=1276.846&cl=32-bit&pcmb=1&os=win|xp&bs=ie6&mb=&se=&wd=&rfh=&rf=&sns=&fl=-1&ln=&ja=1&ck=1&ot=&lt=&xy=&ext=&v=v0.8.0&pl=http://www.yy.com/210075&hsid=0.4215254752462996&io=1&ut=1465062555755&rnd=0.90377522127779441465062555755 14.17.112.237
hxxp://ylog.hiido.com/j.gif?act=webevent&eventid=10008953&value=1&sys=3&uid=0&ui=0.20794194939660737&act_type=201&source=0_0&time=1465062552&username= 14.17.112.237
hxxp://hm.e.shifen.com/hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&et=0&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=1&rnd=461872113&si=c493393610cdccbddc1f124d567e36ab&st=1&v=1.1.26&lv=2&tt=传奇人生-正在直播-中国领先的直播网站
hxxp://ylog.hiido.com/j.gif?act=webevent&eventid=10008953&value=1&sys=3&uid=0&ui=0.20794194939660737&act_type=201&source=0_0&time=1465062556&username= 14.17.112.237
hxxp://weblbs.yystatic.com/crossdomain.xml 171.91.157.237
hxxp://weblbs.yystatic.com//get-data/86415000?subSid=86415000&type=yycomscene&referer=hxxp://www.yy.com/210075&_=23019838 171.91.157.237
hxxp://weblbs.yystatic.com//get-data/72578111?subSid=72578111&type=yycomscene&referer=hxxp://www.yy.com/136724&_=32552383 171.91.157.237
hxxp://hm.e.shifen.com/hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&ep=1188,1188&et=3&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=1791133847&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2
hxxp://cm.hiido.cn/cm/user?time=1465062557&domain=yy.com&zds=www@yy|&hiido_ui=0.20794194939660737 113.107.236.195
hxxp://ylog.hiido.com/j.gif?act=webstat&ht=www.yy.com&siteid=www@yy&speid=&ui=0.9037752212777944&sc=1276.846&cl=32-bit&pcmb=1&os=win|xp&bs=ie6&mb=&se=&wd=&rfh=&rf=&sns=&fl=-1&ln=&ja=1&ck=1&ot=&lt=8078&xy=&ext=&v=v0.8.0&pl=http://www.yy.com/136724&isnew=1&hsid=0.4559120123177925&io=0&ut=1465062557818&rnd=0.90377522127779441465062557818 14.17.112.237
hxxp://hm.e.shifen.com/hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&et=0&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=134596779&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2&tt=传奇人生-正在直播-中国领先的直播网站
hxxp://ylog.hiido.com/j.gif?act=web&zd=www@yy|&ui=0.20794194939660737&sp=0&fl=11&sl=0&ss=2&bs=6&mb=0&nw=0&fd=0&hiido=0&sn=0&ls=0&ut=1465062557880&wd=0&passport=&sns=null&pcmb=1&pl=http://www.yy.com/136724&v=T20160526.01&rnd=0.207941949396607371465062557880 14.17.112.237
hxxp://dw.dlmix.ourdvs.com/r/rc/yycomscene/core/1/19/core.bmp
hxxp://87.245.198.80/c2.web.yystatic.com/r/rc/yycomscene/core/1/19/core.bmp?wsiphost=local
hxxp://ylog.hiido.com/j.gif?act=webevent&eventid=10008953&value=1&sys=3&uid=0&ui=0.20794194939660737&sid=72578111&act_type=1&source=0_0&bak1=0_0&parm1=0&time=1465062558&username= 14.17.112.237
hxxp://ylog.hiido.com/j.gif?act=webstat&ht=www.yy.com&siteid=www@yy&speid=&ui=0.9037752212777944&sc=1276.846&cl=32-bit&pcmb=1&os=win|xp&bs=ie6&mb=&se=&wd=&rfh=&rf=&sns=&fl=-1&ln=&ja=1&ck=1&ot=&lt=&xy=&ext=&v=v0.8.0&pl=http://www.yy.com/136724&hsid=0.4559120123177925&io=1&ut=1465062558583&rnd=0.90377522127779441465062558583 14.17.112.237
hxxp://ylog.hiido.com/j.gif?act=webevent&eventid=10008953&value=1&sys=3&uid=0&ui=0.20794194939660737&sid=86415000&act_type=1&source=0_0&bak1=0_0&parm1=0&time=1465062555&username= 14.17.112.237
hxxp://weblbs.yystatic.com//get-data/72578111?subSid=72578111&type=yycomscene&referer=hxxp://www.yy.com/136724&_=15580213 171.91.157.237
hxxp://87.245.198.80/crossdomain.xml
hxxp://ylog.hiido.com/j.gif?act=webevent&eventid=10008953&value=1&sys=3&uid=0&ui=0.20794194939660737&act_type=201&source=0_0&time=1465062558&username= 14.17.112.237
hxxp://www.yy.com/statistics/StatisticsAction.json?uri=studio_ie6_windows xp&value=1 221.228.79.225
hxxp://dw.dlmix.ourdvs.com/r/sc/yycomscene/defaultScene/1/76/defaultScene.swf
hxxp://hm.e.shifen.com/hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&ep=6953,6953&et=3&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062552&nv=0&rnd=1721426335&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2
hxxp://www.yy.com/cm/user?time=1465062562&domain=yy.com&zds=www@yy|&hiido_ui=0.20794194939660737 221.228.79.225
hxxp://www.yy.com/statistics/YycomPageLoadTimeStatisticsAction.json?uri=head-headfoot.mix.css&time=32 221.228.79.225
hxxp://ylog.hiido.com/j.gif?act=webstat&ht=www.yy.com&siteid=www@yy&speid=&ui=0.9037752212777944&sc=1276.846&cl=32-bit&pcmb=1&os=win|xp&bs=ie6&mb=&se=&wd=&rfh=&rf=&sns=&fl=-1&ln=&ja=1&ck=1&ot=&lt=6953&xy=&ext=&v=v0.8.0&pl=http://www.yy.com/210075&hsid=0.4215254752462996&io=0&ut=1465062562724&rnd=0.90377522127779441465062562724 14.17.112.237
hxxp://ylog.hiido.com/j.gif?act=web&zd=www@yy|&ui=0.20794194939660737&sp=0&fl=11&sl=0&ss=2&bs=6&mb=0&nw=0&fd=0&hiido=0&sn=0&ls=0&ut=1465062562786&wd=0&passport=&sns=null&pcmb=1&pl=http://www.yy.com/210075&v=T20160526.01&rnd=0.207941949396607371465062562786 14.17.112.237
hxxp://hm.e.shifen.com/hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&et=0&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=1720588834&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2&tt=[K歌]花樣年華〆娱乐休闲会所 我的电脑会唱歌,叫醒你的耳朵~-正在直播-中国领先的直播网站
hxxp://hm.e.shifen.com/hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&ep=6063,6063&et=3&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=1064664793&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2
hxxp://weblbs.yystatic.com//get-data/86415000?subSid=86415000&type=yycomscene&referer=hxxp://www.yy.com/210075&_=10871583 171.91.157.237
hxxp://cm.hiido.cn/cm/user?time=1465062564&domain=yy.com&zds=www@yy|&hiido_ui=0.20794194939660737 113.107.236.195
hxxp://ylog.hiido.com/j.gif?act=webstat&ht=www.yy.com&siteid=www@yy&speid=&ui=0.9037752212777944&sc=1276.846&cl=32-bit&pcmb=1&os=win|xp&bs=ie6&mb=&se=&wd=&rfh=&rf=&sns=&fl=-1&ln=&ja=1&ck=1&ot=&lt=5406&xy=&ext=&v=v0.8.0&pl=http://www.yy.com/136724&hsid=0.4559120123177925&io=0&ut=1465062564005&rnd=0.90377522127779441465062564005 14.17.112.237
hxxp://hm.e.shifen.com/hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&et=0&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=594117554&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2&tt=传奇人生-正在直播-中国领先的直播网站
hxxp://weblbs.yystatic.com//get-data/72578111?subSid=72578111&type=yycomscene&referer=hxxp://www.yy.com/136724&_=20658772 171.91.157.237
hxxp://ylog.hiido.com/j.gif?act=web&zd=www@yy|&ui=0.20794194939660737&sp=0&fl=11&sl=0&ss=2&bs=6&mb=0&nw=0&fd=0&hiido=0&sn=0&ls=0&ut=1465062564114&wd=0&passport=&sns=null&pcmb=1&pl=http://www.yy.com/136724&v=T20160526.01&rnd=0.207941949396607371465062564114 14.17.112.237
hxxp://ylog.hiido.com/j.gif?act=webevent&eventid=10008953&value=1&sys=3&uid=0&ui=0.20794194939660737&act_type=201&source=0_0&time=1465062563&username= 14.17.112.237
hxxp://ylog.hiido.com/j.gif?act=webevent&eventid=10008953&value=1&sys=3&uid=0&ui=0.20794194939660737&sid=86415000&act_type=1&source=0_0&bak1=0_0&parm1=0&time=1465062563&username= 14.17.112.237
hxxp://ylog.hiido.com/j.gif?act=webevent&eventid=10008953&value=1&sys=3&uid=0&ui=0.20794194939660737&sid=72578111&act_type=1&source=0_0&bak1=0_0&parm1=0&time=1465062564&username= 14.17.112.237
hxxp://ylog.hiido.com/j.gif?act=webevent&eventid=10008953&value=1&sys=3&uid=0&ui=0.20794194939660737&act_type=201&source=0_0&time=1465062565&username= 14.17.112.237
hxxp://dw.dlmix.ourdvs.com/r/sc/yycomscene/defaultScene/1/76/liveBaseSceneConfig.xml
hxxp://duowan.xdwscache.ourglb0.com/pc/images/components/w-liveplayer/images/w-liveplayer-errbg.jpg?201605261526
hxxp://dw.dlmix.ourdvs.com/r/rc/yycomscene/core/1/19/playui.swf
hxxp://cm.hiido.cn/d.gif?sed=ac2d7764b9edb680&te=2&rl=yycomscene&td=0&ip=null&sd=72578111&sbd=72578111&ud=null&ot=1465062568&dr=0&wy=cc515ea9f79d46d0a143e95390998e1b&rf=http://www.yy.com/136724&sr=0&cd=0&ui=0.20794194939660737&in=null 113.107.236.195
hxxp://dw.dlmix.ourdvs.com/r/sc/yycomscene/defaultScene/1/76/liveCard.swf
hxxp://dw.dlmix.ourdvs.com/r/sc/yycomscene/defaultScene/1/76/danmaku.swf
hxxp://www.yy.com/live/detail?uid=0&sid=86415000&ssid=86415000&_=1465062569880 221.228.79.225
hxxp://hm.e.shifen.com/hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&ep=7015,7015&et=3&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=175963089&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2
hxxp://www.yy.com/cm/user?time=1465062570&domain=yy.com&zds=www@yy|&hiido_ui=0.20794194939660737 221.228.79.225
hxxp://ylog.hiido.com/j.gif?act=webstat&ht=www.yy.com&siteid=www@yy&speid=&ui=0.9037752212777944&sc=1276.846&cl=32-bit&pcmb=1&os=win|xp&bs=ie6&mb=&se=&wd=&rfh=&rf=&sns=&fl=-1&ln=&ja=1&ck=1&ot=&lt=&xy=&ext=&v=v0.8.0&pl=http://www.yy.com/210075&hsid=0.4215254752462996&io=1&ut=1465062570489&rnd=0.90377522127779441465062570489 14.17.112.237
hxxp://ylog.hiido.com/j.gif?act=webstat&ht=www.yy.com&siteid=www@yy&speid=&ui=0.9037752212777944&sc=1276.846&cl=32-bit&pcmb=1&os=win|xp&bs=ie6&mb=&se=&wd=&rfh=&rf=&sns=&fl=-1&ln=&ja=1&ck=1&ot=&lt=110&xy=&ext=&v=v0.8.0&pl=http://www.yy.com/210075&hsid=0.4215254752462996&io=0&ut=1465062570614&rnd=0.90377522127779441465062570614 14.17.112.237
hxxp://www.yy.com/live/detail?uid=0&sid=72578111&ssid=72578111&_=1465062570755 221.228.79.225
hxxp://hm.e.shifen.com/hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&et=0&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=385932941&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2&tt=[K歌]花樣年華〆娱乐休闲会所 我的电脑会唱歌,叫醒你的耳朵~-正在直播-中国领先的直播网站
hxxp://dw.dlmix.ourdvs.com/r/sc/yycomscene/defaultScene/1/76/controlBar.swf
hxxp://ylog.hiido.com/j.gif?act=web&zd=www@yy|&ui=0.20794194939660737&sp=0&fl=11&sl=0&ss=2&bs=6&mb=0&nw=0&fd=0&hiido=0&sn=0&ls=0&ut=1465062570693&wd=0&passport=&sns=null&pcmb=1&pl=http://www.yy.com/210075&v=T20160526.01&rnd=0.207941949396607371465062570693 14.17.112.237
hxxp://cm.hiido.cn/g.gif?sed=8540687eb08eaa51&te=2&rl=yycomscene&td=0&ip=null&sd=72578111&sbd=72578111&ud=null&ot=1465062571&dr=0&wy=cc515ea9f79d46d0a143e95390998e1b&rf=http://www.yy.com/136724&sr=0&cd=0&ui=0.20794194939660737&in=null&lk=0&res=null&ra=null&hz=null&fs=0&mid=null&hid=null 113.107.236.195
hxxp://ylog.hiido.com/j.gif?act=webstat&ht=www.yy.com&siteid=www@yy&speid=&ui=0.9037752212777944&sc=1276.846&cl=32-bit&pcmb=1&os=win|xp&bs=ie6&mb=&se=&wd=&rfh=&rf=&sns=&fl=-1&ln=&ja=1&ck=1&ot=&lt=&xy=&ext=&v=v0.8.0&pl=http://www.yy.com/210075&hsid=0.4215254752462996&io=1&ut=1465062570708&rnd=0.90377522127779441465062570708 14.17.112.237
hxxp://hm.e.shifen.com/hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&ep=6797,6797&et=3&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=1429594728&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2
hxxp://cm.hiido.cn/cm/user?time=1465062571&domain=yy.com&zds=www@yy|&hiido_ui=0.20794194939660737 113.107.236.195
hxxp://ylog.hiido.com/j.gif?act=web&zd=www@yy|&ui=0.20794194939660737&sp=0&fl=11&sl=0&ss=2&bs=6&mb=0&nw=0&fd=0&hiido=0&sn=0&ls=0&ut=1465062571630&wd=0&passport=&sns=null&pcmb=1&pl=http://www.yy.com/136724&v=T20160526.01&rnd=0.207941949396607371465062571630 14.17.112.237
hxxp://hm.e.shifen.com/hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&et=0&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=2114723665&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2&tt=传奇人生-正在直播-中国领先的直播网站
hxxp://ylog.hiido.com/j.gif?act=webstat&ht=www.yy.com&siteid=www@yy&speid=&ui=0.9037752212777944&sc=1276.846&cl=32-bit&pcmb=1&os=win|xp&bs=ie6&mb=&se=&wd=&rfh=&rf=&sns=&fl=-1&ln=&ja=1&ck=1&ot=&lt=&xy=&ext=&v=v0.8.0&pl=http://www.yy.com/136724&hsid=0.4559120123177925&io=1&ut=1465062571677&rnd=0.90377522127779441465062571677 14.17.112.237
hxxp://stat2.web.yy.com/crossdomain.xml 183.61.143.81
hxxp://weblbs.yystatic.com//get-data/86415000?subSid=86415000&type=yycomscene&referer=hxxp://www.yy.com/210075&_=31637856 171.91.157.237
hxxp://ylog.hiido.com/j.gif?act=webevent&eventid=10008953&value=1&sys=3&uid=0&ui=0.20794194939660737&sid=86415000&act_type=1&source=0_0&bak1=0_0&parm1=0&time=1465062572&username= 14.17.112.237
hxxp://weblbs.yystatic.com//get-data/72578111?subSid=72578111&type=yycomscene&referer=hxxp://www.yy.com/136724&_=19990055 171.91.157.237
hxxp://ylog.hiido.com/j.gif?act=webevent&eventid=10008953&value=1&sys=3&uid=0&ui=0.20794194939660737&act_type=201&source=0_0&time=1465062572&username= 14.17.112.237
hxxp://ylog.hiido.com/j.gif?act=webevent&eventid=10008953&value=1&sys=3&uid=0&ui=0.20794194939660737&act_type=201&source=0_0&time=1465062573&username= 14.17.112.237
hxxp://cm.hiido.cn/d.gif?sed=2721b1f0627548b7&te=2&rl=yycomscene&td=0&ip=null&sd=72578111&sbd=72578111&ud=null&ot=1465062575&dr=0&wy=cc515ea9f79d46d0a143e95390998e1b&rf=http://www.yy.com/136724&sr=0&cd=0&ui=0.20794194939660737&in=null 113.107.236.195
hxxp://ylog.hiido.com/j.gif?act=webevent&eventid=10008953&value=1&sys=3&uid=0&ui=0.20794194939660737&sid=72578111&act_type=1&source=0_0&bak1=0_0&parm1=0&time=1465062572&username= 14.17.112.237
hxxp://stat2.web.yy.com/c.gif?act=webyysceneload&rel=yycomscene&ver=1.19&ref=http://www.yy.com/136724&tlt=0&took=1844&ip=194.242.96.218&time=1465062576505&wyy=cc515ea9f79d46d0a143e95390998e1b&sid=72578111&sidsub=72578111 183.61.143.81
hxxp://dw.dlmix.ourdvs.com/r/sc/yycomscene/defaultScene/1/76/gradeIco.swf
hxxp://dw.dlmix.ourdvs.com/r/sc/yycomscene/defaultScene/1/76/ShowBackground.swf
hxxp://www.yy.com/video/keywords 221.228.79.225
hxxp://cm.hiido.cn/d.gif?sed=e17f0f1299ae37ae&te=2&rl=yycomscene&td=0&ip=null&sd=86415000&sbd=86415000&ud=null&ot=1465062575&dr=0&wy=cc515ea9f79d46d0a143e95390998e1b&rf=http://www.yy.com/210075&sr=0&cd=0&ui=0.20794194939660737&in=null 113.107.236.195
hxxp://www.yy.com/live/detail?uid=0&sid=72578111&ssid=72578111&_=1465062578318 221.228.79.225
hxxp://stat2.web.yy.com/c.gif?act=webyylogin&uid=2105266317&rel=yycomscene&ver=1.19&ref=http://www.yy.com/136724&took=4047&pp=null:0&ip=194.242.96.218&time=1465062578599&wyy=cc515ea9f79d46d0a143e95390998e1b&sid=72578111&sidsub=72578111&hiido_ui=0.20794194939660737 183.61.143.81
hxxp://cm.hiido.cn/g.gif?sed=302d848f8da56965&te=2&rl=yycomscene&td=0&ip=null&sd=72578111&sbd=72578111&ud=null&ot=1465062579&dr=0&wy=cc515ea9f79d46d0a143e95390998e1b&rf=http://www.yy.com/136724&sr=0&cd=0&ui=0.20794194939660737&in=null&lk=0&res=0_0&ra=null&hz=48&fs=0&mid=null&hid=null 113.107.236.195
hxxp://hm.e.shifen.com/hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&ep=7687,453&et=3&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=1791280354&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2
hxxp://cm.hiido.cn/d.gif?sed=2721b1f0627548b7&te=3&rl=yycomscene&td=0&ip=null&sd=72578111&sbd=72578111&ud=null&ot=1465062580&dr=5&wy=cc515ea9f79d46d0a143e95390998e1b&rf=http://www.yy.com/136724&sr=0&cd=0&ui=0.20794194939660737&in=null 113.107.236.195
hxxp://cm.hiido.cn/cm/user?time=1465062579&domain=yy.com&zds=www@yy|&hiido_ui=0.20794194939660737 113.107.236.195
hxxp://www.yy.com/live/detail?uid=0&sid=86415000&ssid=86415000&_=1465062579443 221.228.79.225
hxxp://ylog.hiido.com/j.gif?act=webstat&ht=www.yy.com&siteid=www@yy&speid=&ui=0.9037752212777944&sc=1276.846&cl=32-bit&pcmb=1&os=win|xp&bs=ie6&mb=&se=&wd=&rfh=&rf=&sns=&fl=-1&ln=&ja=1&ck=1&ot=&lt=7235&xy=&ext=&v=v0.8.0&pl=http://www.yy.com/136724&hsid=0.4559120123177925&io=0&ut=1465062579583&rnd=0.90377522127779441465062579583 14.17.112.237
hxxp://ylog.hiido.com/j.gif?act=web&zd=www@yy|&ui=0.20794194939660737&sp=0&fl=11&sl=0&ss=2&bs=6&mb=0&nw=0&fd=0&hiido=0&sn=0&ls=0&ut=1465062579677&wd=0&passport=&sns=null&pcmb=1&pl=http://www.yy.com/136724&v=T20160526.01&rnd=0.207941949396607371465062579677 14.17.112.237
hxxp://cm.hiido.cn/g.gif?sed=c441386191746fb5&te=2&rl=yycomscene&td=0&ip=null&sd=86415000&sbd=86415000&ud=null&ot=1465062580&dr=0&wy=cc515ea9f79d46d0a143e95390998e1b&rf=http://www.yy.com/210075&sr=0&cd=0&ui=0.20794194939660737&in=null&lk=0&res=0_0&ra=null&hz=48&fs=0&mid=null&hid=null 113.107.236.195
hxxp://hm.e.shifen.com/hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&ep=8984,47&et=3&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=1518234277&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2
hxxp://hm.e.shifen.com/hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&et=0&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=1978565649&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2&tt=传奇人生-正在直播-中国领先的直播网站
hxxp://www.yy.com/cm/user?time=1465062580&domain=yy.com&zds=www@yy|&hiido_ui=0.20794194939660737 221.228.79.225
hxxp://ylog.hiido.com/j.gif?act=webstat&ht=www.yy.com&siteid=www@yy&speid=&ui=0.9037752212777944&sc=1276.846&cl=32-bit&pcmb=1&os=win|xp&bs=ie6&mb=&se=&wd=&rfh=&rf=&sns=&fl=-1&ln=&ja=1&ck=1&ot=&lt=8890&xy=&ext=&v=v0.8.0&pl=http://www.yy.com/210075&hsid=0.4215254752462996&io=0&ut=1465062580099&rnd=0.90377522127779441465062580099 14.17.112.237
hxxp://hm.e.shifen.com/hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&et=0&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=1100045455&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2&tt=[K歌]花樣年華〆娱乐休闲会所 我的电脑会唱歌,叫醒你的耳朵~-正在直播-中国领先的直播网站
hxxp://ylog.hiido.com/j.gif?act=web&zd=www@yy|&ui=0.20794194939660737&sp=0&fl=11&sl=0&ss=2&bs=6&mb=0&nw=0&fd=0&hiido=0&sn=0&ls=0&ut=1465062580286&wd=0&passport=&sns=null&pcmb=1&pl=http://www.yy.com/210075&v=T20160526.01&rnd=0.207941949396607371465062580286 14.17.112.237
hxxp://weblbs.yystatic.com//get-data/72578111?subSid=72578111&type=yycomscene&referer=hxxp://www.yy.com/136724&_=34825432 171.91.157.237
hxxp://ylog.hiido.com/j.gif?act=webstat&ht=www.yy.com&siteid=www@yy&speid=&ui=0.9037752212777944&sc=1276.846&cl=32-bit&pcmb=1&os=win|xp&bs=ie6&mb=&se=&wd=&rfh=&rf=&sns=&fl=-1&ln=&ja=1&ck=1&ot=&lt=&xy=&ext=&v=v0.8.0&pl=http://www.yy.com/210075&hsid=0.4215254752462996&io=1&ut=1465062580864&rnd=0.90377522127779441465062580864 14.17.112.237
hxxp://weblbs.yystatic.com//get-data/86415000?subSid=86415000&type=yycomscene&referer=hxxp://www.yy.com/210075&_=45925731 171.91.157.237
hxxp://hm.e.shifen.com/hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&ep=6015,6015&et=3&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=1034336498&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2
hxxp://www.yy.com/cm/user?time=1465062586&domain=yy.com&zds=www@yy|&hiido_ui=0.20794194939660737 221.228.79.225
hxxp://ylog.hiido.com/j.gif?act=webevent&eventid=10008953&value=1&sys=3&uid=0&ui=0.20794194939660737&sid=72578111&act_type=1&source=0_0&bak1=0_0&parm1=0&time=1465062581&username= 14.17.112.237
hxxp://hm.e.shifen.com/hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&et=0&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=160802413&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2&tt=[K歌]花樣年華〆娱乐休闲会所 我的电脑会唱歌,叫醒你的耳朵~-正在直播-中国领先的直播网站
hxxp://ylog.hiido.com/j.gif?act=webstat&ht=www.yy.com&siteid=www@yy&speid=&ui=0.9037752212777944&sc=1276.846&cl=32-bit&pcmb=1&os=win|xp&bs=ie6&mb=&se=&wd=&rfh=&rf=&sns=&fl=-1&ln=&ja=1&ck=1&ot=&lt=&xy=&ext=&v=v0.8.0&pl=http://www.yy.com/136724&hsid=0.4559120123177925&io=1&ut=1465062581068&rnd=0.90377522127779441465062581068 14.17.112.237
hxxp://ylog.hiido.com/j.gif?act=webevent&eventid=10008953&value=1&sys=3&uid=0&ui=0.20794194939660737&sid=86415000&act_type=1&source=0_0&bak1=0_0&parm1=0&time=1465062581&username= 14.17.112.237
hxxp://ylog.hiido.com/j.gif?act=webevent&eventid=10008953&value=1&sys=3&uid=0&ui=0.20794194939660737&act_type=201&source=0_0&time=1465062581&username= 14.17.112.237
hxxp://stat2.web.yy.com/c.gif?act=webyysceneload&rel=yycomscene&ver=1.19&ref=http://www.yy.com/210075&tlt=0&took=4282&ip=194.242.96.218&time=1465062578927&wyy=cc515ea9f79d46d0a143e95390998e1b&sid=86415000&sidsub=86415000 183.61.143.81
hxxp://hm.e.shifen.com/hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&ep=7734,7734&et=3&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=122391367&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2
hxxp://weblbs.yystatic.com//get-data/86415000?subSid=86415000&type=yycomscene&referer=hxxp://www.yy.com/210075&_=39794521 171.91.157.237
hxxp://cm.hiido.cn/cm/user?time=1465062588&domain=yy.com&zds=www@yy|&hiido_ui=0.20794194939660737 113.107.236.195
hxxp://ylog.hiido.com/j.gif?act=webstat&ht=www.yy.com&siteid=www@yy&speid=&ui=0.9037752212777944&sc=1276.846&cl=32-bit&pcmb=1&os=win|xp&bs=ie6&mb=&se=&wd=&rfh=&rf=&sns=&fl=-1&ln=&ja=1&ck=1&ot=&lt=6875&xy=&ext=&v=v0.8.0&pl=http://www.yy.com/136724&hsid=0.4559120123177925&io=0&ut=1465062587958&rnd=0.90377522127779441465062587958 14.17.112.237
hxxp://ylog.hiido.com/j.gif?act=webstat&ht=www.yy.com&siteid=www@yy&speid=&ui=0.9037752212777944&sc=1276.846&cl=32-bit&pcmb=1&os=win|xp&bs=ie6&mb=&se=&wd=&rfh=&rf=&sns=&fl=-1&ln=&ja=1&ck=1&ot=&lt=5625&xy=&ext=&v=v0.8.0&pl=http://www.yy.com/210075&hsid=0.4215254752462996&io=0&ut=1465062586536&rnd=0.90377522127779441465062586536 14.17.112.237
hxxp://ylog.hiido.com/j.gif?act=web&zd=www@yy|&ui=0.20794194939660737&sp=0&fl=11&sl=0&ss=2&bs=6&mb=0&nw=0&fd=0&hiido=0&sn=0&ls=0&ut=1465062586614&wd=0&passport=&sns=null&pcmb=1&pl=http://www.yy.com/210075&v=T20160526.01&rnd=0.207941949396607371465062586614 14.17.112.237
hxxp://ylog.hiido.com/j.gif?act=web&zd=www@yy|&ui=0.20794194939660737&sp=0&fl=11&sl=0&ss=2&bs=6&mb=0&nw=0&fd=0&hiido=0&sn=0&ls=0&ut=1465062588114&wd=0&passport=&sns=null&pcmb=1&pl=http://www.yy.com/136724&v=T20160526.01&rnd=0.207941949396607371465062588114 14.17.112.237
hxxp://hm.e.shifen.com/hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&et=0&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=394224880&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2&tt=传奇人生-正在直播-中国领先的直播网站
hxxp://weblbs.yystatic.com//get-data/72578111?subSid=72578111&type=yycomscene&referer=hxxp://www.yy.com/136724&_=44812174 171.91.157.237
hxxp://ylog.hiido.com/j.gif?act=webstat&ht=www.yy.com&siteid=www@yy&speid=&ui=0.9037752212777944&sc=1276.846&cl=32-bit&pcmb=1&os=win|xp&bs=ie6&mb=&se=&wd=&rfh=&rf=&sns=&fl=-1&ln=&ja=1&ck=1&ot=&lt=&xy=&ext=&v=v0.8.0&pl=http://www.yy.com/136724&hsid=0.4559120123177925&io=1&ut=1465062588630&rnd=0.90377522127779441465062588630 14.17.112.237
hxxp://ylog.hiido.com/j.gif?act=webevent&eventid=10008953&value=1&sys=3&uid=0&ui=0.20794194939660737&sid=86415000&act_type=1&source=0_0&bak1=0_0&parm1=0&time=1465062587&username= 14.17.112.237
hxxp://ylog.hiido.com/j.gif?act=webstat&ht=www.yy.com&siteid=www@yy&speid=&ui=0.9037752212777944&sc=1276.846&cl=32-bit&pcmb=1&os=win|xp&bs=ie6&mb=&se=&wd=&rfh=&rf=&sns=&fl=-1&ln=&ja=1&ck=1&ot=&lt=&xy=&ext=&v=v0.8.0&pl=http://www.yy.com/210075&hsid=0.4215254752462996&io=1&ut=1465062587536&rnd=0.90377522127779441465062587536 14.17.112.237
hxxp://ylog.hiido.com/j.gif?act=webevent&eventid=10008953&value=1&sys=3&uid=0&ui=0.20794194939660737&act_type=201&source=0_0&time=1465062587&username= 14.17.112.237
hxxp://ylog.hiido.com/j.gif?act=webevent&eventid=10008953&value=1&sys=3&uid=0&ui=0.20794194939660737&sid=72578111&act_type=1&source=0_0&bak1=0_0&parm1=0&time=1465062589&username= 14.17.112.237
hxxp://ylog.hiido.com/j.gif?act=webevent&eventid=10008953&value=1&sys=3&uid=0&ui=0.20794194939660737&act_type=201&source=0_0&time=1465062589&username= 14.17.112.237
hxxp://hm.e.shifen.com/hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&ep=7062,31&et=3&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=1023115031&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2
hxxp://ylog.hiido.com/j.gif?act=webstat&ht=www.yy.com&siteid=www@yy&speid=&ui=0.9037752212777944&sc=1276.846&cl=32-bit&pcmb=1&os=win|xp&bs=ie6&mb=&se=&wd=&rfh=&rf=&sns=&fl=-1&ln=&ja=1&ck=1&ot=&lt=7000&xy=&ext=&v=v0.8.0&pl=http://www.yy.com/210075&hsid=0.4215254752462996&io=0&ut=1465062594614&rnd=0.90377522127779441465062594614 14.17.112.237
hxxp://www.yy.com/cm/user?time=1465062595&domain=yy.com&zds=www@yy|&hiido_ui=0.20794194939660737 221.228.79.225
hxxp://ylog.hiido.com/j.gif?act=web&zd=www@yy|&ui=0.20794194939660737&sp=0&fl=11&sl=0&ss=2&bs=6&mb=0&nw=0&fd=0&hiido=0&sn=0&ls=0&ut=1465062595099&wd=0&passport=&sns=null&pcmb=1&pl=http://www.yy.com/210075&v=T20160526.01&rnd=0.207941949396607371465062595099 14.17.112.237
hxxp://cm.hiido.cn/d.gif?sed=88cb609a6797cf75&te=2&rl=yycomscene&td=0&ip=null&sd=72578111&sbd=72578111&ud=null&ot=1465062595&dr=0&wy=cc515ea9f79d46d0a143e95390998e1b&rf=http://www.yy.com/136724&sr=0&cd=0&ui=0.20794194939660737&in=null 113.107.236.195
hxxp://hm.e.shifen.com/hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&et=0&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=336900312&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2&tt=[K歌]花樣年華〆娱乐休闲会所 我的电脑会唱歌,叫醒你的耳朵~-正在直播-中国领先的直播网站
hxxp://ylog.hiido.com/j.gif?act=webstat&ht=www.yy.com&siteid=www@yy&speid=&ui=0.9037752212777944&sc=1276.846&cl=32-bit&pcmb=1&os=win|xp&bs=ie6&mb=&se=&wd=&rfh=&rf=&sns=&fl=-1&ln=&ja=1&ck=1&ot=&lt=&xy=&ext=&v=v0.8.0&pl=http://www.yy.com/210075&hsid=0.4215254752462996&io=1&ut=1465062595646&rnd=0.90377522127779441465062595646 14.17.112.237
hxxp://hm.e.shifen.com/hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&ep=7594,7594&et=3&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=686386291&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2
hxxp://cm.hiido.cn/d.gif?sed=88cb609a6797cf75&te=3&rl=yycomscene&td=0&ip=null&sd=72578111&sbd=72578111&ud=null&ot=1465062596&dr=1&wy=cc515ea9f79d46d0a143e95390998e1b&rf=http://www.yy.com/136724&sr=0&cd=0&ui=0.20794194939660737&in=null 113.107.236.195
hxxp://cm.hiido.cn/cm/user?time=1465062596&domain=yy.com&zds=www@yy|&hiido_ui=0.20794194939660737 113.107.236.195
hxxp://weblbs.yystatic.com//get-data/86415000?subSid=86415000&type=yycomscene&referer=hxxp://www.yy.com/210075&_=9060850 171.91.157.237
hxxp://ylog.hiido.com/j.gif?act=webstat&ht=www.yy.com&siteid=www@yy&speid=&ui=0.9037752212777944&sc=1276.846&cl=32-bit&pcmb=1&os=win|xp&bs=ie6&mb=&se=&wd=&rfh=&rf=&sns=&fl=-1&ln=&ja=1&ck=1&ot=&lt=7406&xy=&ext=&v=v0.8.0&pl=http://www.yy.com/136724&hsid=0.4559120123177925&io=0&ut=1465062596114&rnd=0.90377522127779441465062596114 14.17.112.237
hxxp://ylog.hiido.com/j.gif?act=web&zd=www@yy|&ui=0.20794194939660737&sp=0&fl=11&sl=0&ss=2&bs=6&mb=0&nw=0&fd=0&hiido=0&sn=0&ls=0&ut=1465062596318&wd=0&passport=&sns=null&pcmb=1&pl=http://www.yy.com/136724&v=T20160526.01&rnd=0.207941949396607371465062596318 14.17.112.237
hxxp://hm.e.shifen.com/hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&et=0&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=657929662&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2&tt=传奇人生-正在直播-中国领先的直播网站
hxxp://weblbs.yystatic.com//get-data/72578111?subSid=72578111&type=yycomscene&referer=hxxp://www.yy.com/136724&_=9648186 171.91.157.237
hxxp://ylog.hiido.com/j.gif?act=webevent&eventid=10008953&value=1&sys=3&uid=0&ui=0.20794194939660737&sid=86415000&act_type=1&source=0_0&bak1=0_0&parm1=0&time=1465062596&username= 14.17.112.237
hxxp://ylog.hiido.com/j.gif?act=webevent&eventid=10008953&value=1&sys=3&uid=0&ui=0.20794194939660737&act_type=201&source=0_0&time=1465062596&username= 14.17.112.237
hxxp://ylog.hiido.com/j.gif?act=webstat&ht=www.yy.com&siteid=www@yy&speid=&ui=0.9037752212777944&sc=1276.846&cl=32-bit&pcmb=1&os=win|xp&bs=ie6&mb=&se=&wd=&rfh=&rf=&sns=&fl=-1&ln=&ja=1&ck=1&ot=&lt=&xy=&ext=&v=v0.8.0&pl=http://www.yy.com/136724&hsid=0.4559120123177925&io=1&ut=1465062596911&rnd=0.90377522127779441465062596911 14.17.112.237
hxxp://ylog.hiido.com/j.gif?act=webevent&eventid=10008953&value=1&sys=3&uid=0&ui=0.20794194939660737&sid=72578111&act_type=1&source=0_0&bak1=0_0&parm1=0&time=1465062597&username= 14.17.112.237
hxxp://ylog.hiido.com/j.gif?act=webevent&eventid=10008953&value=1&sys=3&uid=0&ui=0.20794194939660737&act_type=201&source=0_0&time=1465062597&username= 14.17.112.237
hxxp://hm.e.shifen.com/hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&ep=7000,7000&et=3&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=1870802401&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2
hxxp://www.yy.com/cm/user?time=1465062602&domain=yy.com&zds=www@yy|&hiido_ui=0.20794194939660737 221.228.79.225
hxxp://ylog.hiido.com/j.gif?act=webstat&ht=www.yy.com&siteid=www@yy&speid=&ui=0.9037752212777944&sc=1276.846&cl=32-bit&pcmb=1&os=win|xp&bs=ie6&mb=&se=&wd=&rfh=&rf=&sns=&fl=-1&ln=&ja=1&ck=1&ot=&lt=6907&xy=&ext=&v=v0.8.0&pl=http://www.yy.com/210075&hsid=0.4215254752462996&io=0&ut=1465062602583&rnd=0.90377522127779441465062602583 14.17.112.237
hxxp://res.m.yystatic.com/group16/M00/AB/90/tz0M9VZdRP8AAAAAAABOGkURMpY256.jpg 87.245.198.83
hxxp://hm.baidu.com/hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&et=0&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=160802413&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2&tt=[K歌]花樣年華〆娱乐休闲会所 我的电脑会唱歌,叫醒你的耳朵~-正在直播-中国领先的直播网站 220.181.7.190
hxxp://res.m.yystatic.com/group16/M00/CB/2B/tz0M9VbtNkMAAAAAAAA9VFYDCvU355.jpg 87.245.198.83
hxxp://emyfs.bs2cdn.yy.com/MGU2NTExZWItYTI1Mi00N2VmLTg5NDgtOWUwY2UxNGUzMjQ2.jpg 87.245.198.83
hxxp://dataaq.yy.com/d.gif?sed=2721b1f0627548b7&te=2&rl=yycomscene&td=0&ip=null&sd=72578111&sbd=72578111&ud=null&ot=1465062575&dr=0&wy=cc515ea9f79d46d0a143e95390998e1b&rf=http://www.yy.com/136724&sr=0&cd=0&ui=0.20794194939660737&in=null 14.17.109.66
hxxp://cm.hiido.cn/cm/user?time=1465062562&domain=yy.com&zds=www@yy|&hiido_ui=0.20794194939660737 113.107.236.195
hxxp://yyweb.yystatic.com/pc/images/components/w-liveplayer/images/w-liveplayer-errbg.jpg?201605261526 87.245.198.83
hxxp://hm.baidu.com/hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&et=0&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062552&nv=0&rnd=389553210&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2&tt=[K歌]花樣年華〆娱乐休闲会所 我的电脑会唱歌,叫醒你的耳朵~-正在直播-中国领先的直播网站 220.181.7.190
hxxp://yyweb.yystatic.com/pc/images/components/w-thirdpartyLogin/images/login-close.png 87.245.198.83
hxxp://res.m.yystatic.com/group16/M00/BC/E7/tz0M9Vahn78AAAAAAABHwm5wG-M269.jpg 87.245.198.83
hxxp://yyweb.yystatic.com/pc/js/studio.js?20160603212726 87.245.198.83
hxxp://res.m.yystatic.com/group16/M00/E1/52/tz0M9VdPA9EAAAAAAAA61AG8C_o574.jpg 87.245.198.83
hxxp://hm.baidu.com/hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&et=0&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=394224880&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2&tt=传奇人生-正在直播-中国领先的直播网站 220.181.7.190
hxxp://mobilelivephoto.bs2dl.yy.com/1264046092_1465050091.600552.jpg?ips_thumbnail/4/0/w/363/h/330/format=jpeg 87.245.198.83
hxxp://hm.baidu.com/hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&et=0&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=594117554&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2&tt=传奇人生-正在直播-中国领先的直播网站 220.181.7.190
hxxp://log.mmstat.com/cm.gif?url=http://cms.tanx.com/t.gif?tanx_nid=109887427&tanx_cm&domain=yy.com&hiido_ui=0.20794194939660737&time=1465062548&zds=www@yy|&hi_cmui=buCLmnR1GIMVgMVaX93GCw==&hi_cmuiv=0.6 140.205.96.3
hxxp://res.m.yystatic.com/group16/M00/D5/3D/tz0M9VcXMfcAAAAAAABR2ACo4I4351.jpg 87.245.198.83
hxxp://yyweb.yystatic.com/pc/images/components/w-leftMenu/images/icons-menuclose.png 87.245.198.83
hxxp://yyweb.yystatic.com/pc/images/default_portrait.jpg 87.245.198.83
hxxp://dataaq.yy.com/d.gif?sed=88cb609a6797cf75&te=2&rl=yycomscene&td=0&ip=null&sd=72578111&sbd=72578111&ud=null&ot=1465062595&dr=0&wy=cc515ea9f79d46d0a143e95390998e1b&rf=http://www.yy.com/136724&sr=0&cd=0&ui=0.20794194939660737&in=null 14.17.109.66
hxxp://hdjs.hiido.com/hiido_internal.js?siteid=www@yy 87.245.198.83
hxxp://emyfs.bs2cdn.yy.com/MTQxYmJhMjMtODRkMi00MDU2LWI4ODktYzk3MDFkNGJhNWIx.jpg 87.245.198.83
hxxp://m.yy.com/zone/1391682584/ 183.61.6.181
hxxp://hm.baidu.com/hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&ep=8984,47&et=3&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=1518234277&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2 220.181.7.190
hxxp://yyweb.yystatic.com/pc/images/loading-white-mini.gif?201605261526 87.245.198.83
hxxp://yyweb.yystatic.com/pc/js/lib/requirejs/require.js?20160603212726 87.245.198.83
hxxp://hm.baidu.com/hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&et=0&fl=11.6&ja=1&ln=en-us&lo=0&nv=1&rnd=646224961&si=c493393610cdccbddc1f124d567e36ab&st=1&v=1.1.26&lv=1&tt=[K歌]花樣年華〆娱乐休闲会所 我的电脑会唱歌,叫醒你的耳朵~-正在直播-中国领先的直播网站 220.181.7.190
hxxp://yyweb.yystatic.com/pc/js/liveplayerInline.js?20160603212726 87.245.198.83
hxxp://hm.baidu.com/hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&ep=7000,7000&et=3&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=1870802401&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2 220.181.7.190
hxxp://m.yy.com/zone/1371549646/ 183.61.6.181
hxxp://hm.baidu.com/hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&ep=7687,453&et=3&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=1791280354&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2 220.181.7.190
hxxp://m.yy.com/zone/1391682584 183.61.6.181
hxxp://c2.web.yystatic.com/r/sc/yycomscene/defaultScene/1/76/defaultScene.swf 87.245.198.84
hxxp://hm.baidu.com/hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&ep=7734,7734&et=3&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=122391367&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2 220.181.7.190
hxxp://yyweb.yystatic.com/pc/images/default_load.png 87.245.198.83
hxxp://emyfs.bs2cdn.yy.com/YjRkNjY5ODUtMWEyYy00MTQxLThlYjAtZjRhMzYzMjAwNTEw.jpg 87.245.198.83
hxxp://yyweb.yystatic.com/pc/images/components/w-liveplayerToolBar/images/w-liveplayerToolBar-sprite.png?201605261526 87.245.198.83
hxxp://yyweb.yystatic.com/pc/images/2wm.png 87.245.198.83
hxxp://cms.tanx.com/t.gif?tanx_nid=109887427&tanx_cm&domain=yy.com&hiido_ui=0.20794194939660737&time=1465062548&zds=www@yy|&hi_cmui=buCLmnR1GIMVgMVaX93GCw==&hi_cmuiv=0.6&cna=kALaD6m0UlUCAcLyYNpLlIs0 140.205.243.64
hxxp://hm.baidu.com/hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&et=0&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=1&rnd=461872113&si=c493393610cdccbddc1f124d567e36ab&st=1&v=1.1.26&lv=2&tt=传奇人生-正在直播-中国领先的直播网站 220.181.7.190
hxxp://hm.baidu.com/hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&et=0&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=657929662&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2&tt=传奇人生-正在直播-中国领先的直播网站 220.181.7.190
hxxp://c2.web.yystatic.com/r/sc/yycomscene/defaultScene/1/76/liveBaseSceneConfig.xml 87.245.198.84
hxxp://cm.hiido.cn/cm/user?time=1465062555&domain=yy.com&zds=www@yy|&hiido_ui=0.20794194939660737 113.107.236.195
hxxp://cm.hiido.cn/cm/user?time=1465062580&domain=yy.com&zds=www@yy|&hiido_ui=0.20794194939660737 113.107.236.195
hxxp://statistics.yy.com/statistics/StatisticsAction.json?uri=studio_ie6_windows xp&value=1 221.228.79.225
hxxp://hm.baidu.com/hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&et=0&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=1100045455&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2&tt=[K歌]花樣年華〆娱乐休闲会所 我的电脑会唱歌,叫醒你的耳朵~-正在直播-中国领先的直播网站 220.181.7.190
hxxp://cm.hiido.cn/cm/user?time=1465062595&domain=yy.com&zds=www@yy|&hiido_ui=0.20794194939660737 113.107.236.195
hxxp://emyfs.bs2cdn.yy.com/NTk0MmFiOTYtMDEzOS00M2RmLTk2NzQtYWQ5NjhhZGU3MzQw.jpg 87.245.198.83
hxxp://c2.web.yystatic.com/r/rc/yycomscene/core/1/19/playui.swf 87.245.198.84
hxxp://c2.web.yystatic.com/r/sc/yycomscene/defaultScene/1/76/danmaku.swf 87.245.198.84
hxxp://hm.baidu.com/hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&et=0&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=1978565649&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2&tt=传奇人生-正在直播-中国领先的直播网站 220.181.7.190
hxxp://dataaq.yy.com/d.gif?sed=ac2d7764b9edb680&te=2&rl=yycomscene&td=0&ip=null&sd=72578111&sbd=72578111&ud=null&ot=1465062568&dr=0&wy=cc515ea9f79d46d0a143e95390998e1b&rf=http://www.yy.com/136724&sr=0&cd=0&ui=0.20794194939660737&in=null 14.17.109.66
hxxp://hm.baidu.com/hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&ep=1188,1188&et=3&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=1791133847&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2 220.181.7.190
hxxp://emyfs.bs2cdn.yy.com/N2FjOGQ3MGItODQxYS00ODA5LThkOGQtMWZmNWE2MWI1NzM5.jpg 87.245.198.83
hxxp://hm.baidu.com/hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&ep=6015,6015&et=3&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=1034336498&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2 220.181.7.190
hxxp://emyfs.bs2cdn.yy.com/NDQ1NzI4OTctZjBkMi00NzRkLTk4OGItYWRkN2NjZWU4ZjY4.jpg 87.245.198.83
hxxp://hm.baidu.com/hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&ep=7594,7594&et=3&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=686386291&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2 220.181.7.190
hxxp://emyfs.bs2cdn.yy.com/NjM0YWQxNGQtOWIzNy00Yjg1LWI4MjMtZGNmOWJlZTM4ZDU1.jpg 87.245.198.83
hxxp://c2.web.yystatic.com/r/sc/yycomscene/defaultScene/1/76/ShowBackground.swf 87.245.198.84
hxxp://emyfs.bs2dl.yy.com/MGFhN2YyZTEtZWM1YS00MWJiLWFkZjAtNWYyYTExZDQzNTg0.jpg 87.245.198.83
hxxp://m.yy.com/zone/1371549646 183.61.6.181
hxxp://cm.hiido.cn/cm/adx/tanx?tanx_ver=1&domain=yy.com&hiido_ui=0.20794194939660737&time=1465062548&zds=www@yy|&hi_cmui=yzwRC8sZVk qFEJH3ShePQ==&hi_cmuiv=0.6&tanx_tid=WVXU1KqJTQU= 113.107.236.195
hxxp://yyweb.yystatic.com/pc/images/components/w-head/images/w-head-sprite.png?$cssjsdate 87.245.198.83
hxxp://yyweb.yystatic.com/pc/images/components/w-liveplayer/images/w-liveplayer-sprite.png?201605261526 87.245.198.83
hxxp://cm.hiido.cn/cm/user?time=1465062570&domain=yy.com&zds=www@yy|&hiido_ui=0.20794194939660737 113.107.236.195
hxxp://res.m.yystatic.com/group16/M00/BC/E9/tz0M9VahqFgAAAAAAAAk6C0I27c747.jpg 87.245.198.83
hxxp://res.m.yystatic.com/group16/M00/DA/69/tz0M9VcuazEAAAAAAAAvAhGaUQY835.jpg 87.245.198.83
hxxp://cms.tanx.com/t.gif?tanx_nid=109887427&tanx_cm&domain=yy.com&hiido_ui=0.20794194939660737&time=1465062548&zds=www@yy|&hi_cmui=buCLmnR1GIMVgMVaX93GCw==&hi_cmuiv=0.6&cna=kALaD7rWWhICAcLyYNokUOf8 140.205.243.64
hxxp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=86415000&subSid=86415000&newtuna=1&referer=http://www.yy.com/210075 87.245.198.84
hxxp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=72578111&subSid=72578111&newtuna=1&referer=http://www.yy.com/136724 87.245.198.84
hxxp://yyweb.yystatic.com/pc/css/headfoot.mix.css?20160603212726 87.245.198.83
hxxp://yyweb.yystatic.com/pc/images/components/w-chatroom/images/alpha-bg.png 87.245.198.83
hxxp://hm.baidu.com/hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&ep=6063,6063&et=3&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=1064664793&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2 220.181.7.190
hxxp://emyfs.bs2dl.yy.com/OWJjZjY1NjYtY2U4OS00NzkwLTg4M2MtM2QxNjY2ODkyMWQx.jpg 87.245.198.83
hxxp://cms.tanx.com/t.gif?tanx_nid=109887427&tanx_cm&domain=yy.com&hiido_ui=0.20794194939660737&time=1465062548&zds=www@yy|&hi_cmui=yzwRC8sZVk qFEJH3ShePQ==&hi_cmuiv=0.6& 140.205.243.64
hxxp://hm.baidu.com/hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&ep=7015,7015&et=3&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=175963089&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2 220.181.7.190
hxxp://www.duowan.com/duowan.js 87.245.198.83
hxxp://yyweb.yystatic.com/pc/images/components/w-thirdpartyLogin/images/login_btn.png 87.245.198.83
hxxp://hm.baidu.com/hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&et=0&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=385932941&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2&tt=[K歌]花樣年華〆娱乐休闲会所 我的电脑会唱歌,叫醒你的耳朵~-正在直播-中国领先的直播网站 220.181.7.190
hxxp://c2.web.yystatic.com/r/rc/yycomscene/core/1/19/core.bmp 87.245.198.84
hxxp://emyfs.bs2cdn.yy.com/YzczODkwMjMtNmJmZi00ZjBiLTk0NDYtNTcyNGVlOWYxODQ4.jpg 87.245.198.83
hxxp://res.m.yystatic.com/group16/M00/D5/AE/tz0M9VcY1jwAAAAAAABER38yZBk347.jpg 87.245.198.83
hxxp://res.m.yystatic.com/group16/M00/A8/67/d7wtWVZMVGYAAAAAAAAsUBB5Ylo338.jpg 87.245.198.83
hxxp://mobilelivephoto.bs2dl.yy.com/1501809610_1465004462.jpg?ips_thumbnail/4/0/w/363/h/330/format=jpeg 87.245.198.83
hxxp://cms.tanx.com/t.gif?tanx_nid=109887427&tanx_cm&domain=yy.com&hiido_ui=0.20794194939660737&time=1465062548&zds=www@yy|&hi_cmui=yzwRC8sZVk qFEJH3ShePQ==&hi_cmuiv=0.6&cna=jwLaD3iTjxECAcLyYNpUr7X5 140.205.243.64
hxxp://dataaq.yy.com/g.gif?sed=302d848f8da56965&te=2&rl=yycomscene&td=0&ip=null&sd=72578111&sbd=72578111&ud=null&ot=1465062579&dr=0&wy=cc515ea9f79d46d0a143e95390998e1b&rf=http://www.yy.com/136724&sr=0&cd=0&ui=0.20794194939660737&in=null&lk=0&res=0_0&ra=null&hz=48&fs=0&mid=null&hid=null 14.17.109.66
hxxp://res.m.yystatic.com/group16/M00/9E/CC/d7wtWVI1Ol0AAAAAAAA5sxARP9E766.jpg 87.245.198.83
hxxp://res.m.yystatic.com/group16/M00/C5/F0/d7wtWVcpnn4AAAAAAAAsxTKw0FU569.jpg 87.245.198.83
hxxp://emyfs.bs2cdn.yy.com/NmRhYmZjOTAtYWFiOC00ZDAyLWFhOTUtMmIwNDI3OTk0YTgz.jpg 87.245.198.83
hxxp://log.mmstat.com/cm.gif?url=http://cms.tanx.com/t.gif?tanx_nid=109887427&tanx_cm&domain=yy.com&hiido_ui=0.20794194939660737&time=1465062548&zds=www@yy|&hi_cmui=yzwRC8sZVk+qFEJH3ShePQ==&hi_cmuiv=0.6 140.205.96.3
hxxp://hm.baidu.com/hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&et=0&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=1720588834&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2&tt=[K歌]花樣年華〆娱乐休闲会所 我的电脑会唱歌,叫醒你的耳朵~-正在直播-中国领先的直播网站 220.181.7.190
hxxp://emyfs.bs2cdn.yy.com/NjBhMWM0YjktYTY0ZC00MDI4LThkZGUtM2RjNzI1NGU1MGQ3.jpg 87.245.198.83
hxxp://hm.baidu.com/hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&et=0&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=2114723665&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2&tt=传奇人生-正在直播-中国领先的直播网站 220.181.7.190
hxxp://hm.baidu.com/hm.js?c493393610cdccbddc1f124d567e36ab 220.181.7.190
hxxp://res.m.yystatic.com/group16/M00/D0/82/tz0M9VcDglUAAAAAAAA0AFVcLuE178.jpg 87.245.198.83
hxxp://yyweb.yystatic.com/pc/images/components/w-liveplayer/images/w-liveplayer-sprite-p24.png?201605261526 87.245.198.83
hxxp://hm.baidu.com/hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&et=0&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=336900312&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2&tt=[K歌]花樣年華〆娱乐休闲会所 我的电脑会唱歌,叫醒你的耳朵~-正在直播-中国领先的直播网站 220.181.7.190
hxxp://emyfs.bs2dl.yy.com/ZTE4NDIzY2MtZDA5OS00YjQzLWI2NGUtMzBmODc3M2ZmMzQz.jpg 87.245.198.83
hxxp://hm.baidu.com/hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&ep=6953,6953&et=3&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062552&nv=0&rnd=1721426335&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2 220.181.7.190
hxxp://hm.baidu.com/hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&ep=2719,2719&et=3&fl=11.6&ja=1&ln=en-us&lo=0&nv=0&rnd=510011058&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=1 220.181.7.190
hxxp://res.m.yystatic.com/group16/M00/A7/1F/d7wtWVZErbEAAAAAAAAuj2mMZr0392.jpg 87.245.198.83
hxxp://yyweb.yystatic.com/pc/js/lib/jQuery/jquery-1.11.1.min.js 87.245.198.83
hxxp://emyfs.bs2cdn.yy.com/YzY1ODZlNDQtN2M1Ni00MmFlLWI0NGMtNmQ2ZjhhNjIwYjM5.jpg 87.245.198.83
hxxp://hm.baidu.com/hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&et=0&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=134596779&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2&tt=传奇人生-正在直播-中国领先的直播网站 220.181.7.190
hxxp://hm.baidu.com/hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&ep=6797,6797&et=3&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=1429594728&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2 220.181.7.190
hxxp://dataaq.yy.com/d.gif?sed=e17f0f1299ae37ae&te=2&rl=yycomscene&td=0&ip=null&sd=86415000&sbd=86415000&ud=null&ot=1465062575&dr=0&wy=cc515ea9f79d46d0a143e95390998e1b&rf=http://www.yy.com/210075&sr=0&cd=0&ui=0.20794194939660737&in=null 14.17.109.66
hxxp://yyweb.yystatic.com/pc/css/studio.css?20160603212726 87.245.198.83
hxxp://yyweb.yystatic.com/pc/images/icons-index.png?20160505002 87.245.198.83
hxxp://emyfs.bs2cdn.yy.com/ZGI4OGIzN2ItYjAzZS00NGFkLWEyNTQtZjQ1YjFhMDg4YzY4.jpg 87.245.198.83
hxxp://yyweb.yystatic.com/pc/js/headfoot.mix.js?20160603212726 87.245.198.83
hxxp://c2.web.yystatic.com/r/sc/yycomscene/defaultScene/1/76/gradeIco.swf 87.245.198.84
hxxp://res.m.yystatic.com/group16/M00/C4/E8/d7wtWVcggoIAAAAAAABEjk6S4z4003.jpg 87.245.198.83
hxxp://c2.web.yystatic.com/r/sc/yycomscene/defaultScene/1/76/controlBar.swf 87.245.198.84
hxxp://yyweb.yystatic.com/pc/images/components/w-leftMenu/images/icons-leftMenu2.png 87.245.198.83
hxxp://cms.tanx.com/t.gif?tanx_nid=109887427&tanx_cm&domain=yy.com&hiido_ui=0.20794194939660737&time=1465062548&zds=www@yy|&hi_cmui=buCLmnR1GIMVgMVaX93GCw==&hi_cmuiv=0.6& 140.205.243.64
hxxp://emyfs.bs2dl.yy.com/MTMyYjhhMzYtODhjNS00MmJhLTk1M2ItNzBkY2YzYzVhMGMy.jpg 87.245.198.83
hxxp://c2.web.yystatic.com/r/sc/yycomscene/defaultScene/1/76/liveCard.swf 87.245.198.84
hxxp://yy.com/crossdomain.xml 113.107.236.195
hxxp://hm.baidu.com/hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&ep=7062,31&et=3&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=1023115031&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2 220.181.7.190
hxxp://cm.hiido.cn/cm/user?time=1465062586&domain=yy.com&zds=www@yy|&hiido_ui=0.20794194939660737 113.107.236.195
aq.yy.com 140.206.200.32
lgn.yy.com 111.206.234.57


IDS verdicts (Suricata alerts: Emerging Threats ET ruleset)

ET POLICY Outdated Windows Flash Version IE

Traffic

GET /r/sc/yycomscene/defaultScene/1/76/ShowBackground.swf HTTP/1.1
Accept: */*
Accept-Language: en-US
Referer: hXXp://c2.web.yystatic.com/r/sc/yycomscene/defaultScene/1/76/liveCard.swf
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: c2.web.yystatic.com
Connection: Keep-Alive
Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b; hiido_ui=0.57246662237330648


HTTP/1.1 200 OK
Content-Length: 30064
Content-Type: application/x-shockwave-flash;charset=UTF-8
Last-Modified: Sat,05-Dec-15 05:49:27 GMT
Via: 1.1 db79:5011 (Cdn Cache Server V2.0)
Connection: close
CWS.m...x....\[email protected].&..`.w'.j......U.#j@
.Q..m...n.UB........R...xk...mw.........?.;....93.;...r.......].B.`R..
.6....0...hr.).Y.... &.o)..U..&.....k...G.(/.............[DU.].j......
..2.z0.V,)_Z.j...........J..~..`.?z-{...g}.,.)|......*b&DO..wU.dr...W.
........K..;.Y.UQ.b.......*zyqE....6d..........W..qO. ...../.^....5...
..>...h...U....ZlZ..pj\...Q..QqqY..&.&O.....496vJ..h... .....o.....
..5{...X....s..U..E.u....e.1... ^-_R..?.SXf..<cy.......0M.;...-..j.
.'$....b...'..fRrj|rb|.yRbR.......so..K^.'.O...o..?..sos.../].........
......ZX.tuaAZ..W..B....B..Rt?....g...._...y.....{ ...@....{[.........
...8......}.2`:.......D&..[[email protected]..".f.0...s{z..L..Y....
.....k...*...ik../YV.../........:fiA...........,M_W^8o...%..-I..M.....
^.E.s....u>...../-..U.Rt...c.ma..(/d......N..L..=!!q...F..B..Vc'FA@
H.89n....3.._........\.? ....y..06!.pRA.....Q....Q.......'...J....W.s?
..|n.).4=uRlR|......g...I.S..........'D.....<w..y......W.(.Z......R
.b..Hbe....QOd.../Y...s.._...G...E.9-5.<}..d..."1i..GSR......DS....
.......I...1..B...s../.(....v.a.<....=4([email protected]..?q.....8N.I.L..
[email protected]...*.S!O;.*. ....?m.@...
.H.....3..c....".."8..0..3..X..^{"..zr.......v...C.*..|.%Pb........e..
...a..x..W....r..{v!....n.4.....SR.g...O..&J.f....:...L..C|...qhF.....
F..<2..mO#=2...w..tq......-l....P.'y.p...0;.^.h..`as...}.6... ..a&2
.g.(N....S8G.F.#.#..AY.{.'{..m...G....$,;l....>,v....&#.1.......QG.
..e..l..$....L5..... ].....L....B.....J.eO.o.VG.....f.....Kx....R.
<<< skipped >>>


GET /hiido_internal.js?siteid=www@yy HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: hdjs.hiido.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Date: Sat, 04 Jun 2016 17:49:00 GMT
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Fri, 03 Jun 2016 09:39:08 GMT
ETag: W/"5bb3-15515a16a60"
Content-Type: application/javascript
Content-Length: 23475
X-Via: 1.1 db77:1 (Cdn Cache Server V2.0)
Connection: keep-alive
/*! hiido.js: v0.8.0 2016-06-03 17:39:06 */.!function(e){function n(t)
{if(i[t])return i[t].exports;var r=i[t]={exports:{},id:t,loaded:!1};re
turn e[t].call(r.exports,r,r.exports,n),r.loaded=!0,r.exports}var i={}
;return n.m=e,n.c=i,n.p="",n(0)}([function(e,n,i){"use strict";!functi
on(){var e=i(1),n=navigator.userAgent;try{new e(n,!0)}catch(t){console
.dir(t);var r=new Image(1,1),o="";for(var a in t)o =a ":" t[a] ";";var
 s=encodeURIComponent,u=t.stack?s(t.stack):"";r.src=window.location.pr
otocol "//wbugs.hiido.com/c.gif?e=" s(o) "|" u "|" s(window.location.h
ref) "|" s(n),r.onload=function(){}}}()},function(e,n,i){"use strict";
function t(e,n,i,t){e.addEventListener?e.addEventListener(n,i,!!t):e.a
ttachEvent&&(e["e" n i]=i,e[n i]=function(){e["e" n i](window.event)},
e.attachEvent("on" n,e[n i]))}function r(e){var n="; " document.cookie
,i=n.split("; " e "=");return 1===i.length?"":decodeURIComponent(i[1].
split(";")[0])}function o(e,n,i){i=i||{};var t=e "=" encodeURIComponen
t(n);if(i.expires&&"number"==typeof i.expires){var r=new Date;i.expire
s=1e3*i.expires*60*60*24,r=new Date(r.getTime() i.expires),t=t "; expi
res=" r.toUTCString()}i.path?t=t "; path=" i.path:"; path=/",i.domain?
t=t "; domain=" i.domain:"",document.cookie=t}function a(){return wind
ow.location.hostname}function s(){var e,n=window._hiido_wid,i=Object.p
rototype.toString;if(n)if("[object Array]"===i.call(n))e=n.join("|");e
lse if("function"==typeof n)try{e=n.call(window),"[object Array]"===i.
call(e)&&(e=e.join("|"))}catch(t){window.console.log("_hiido_wid .
<<< skipped >>>

GET /hiido_internal.js?siteid=www@yy HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
If-Modified-Since: Fri, 03 Jun 2016 09:39:08 GMT
If-None-Match: W/"5bb3-15515a16a60"
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: hdjs.hiido.com
Connection: Keep-Alive


HTTP/1.1 304 Not Modified
Date: Sat, 04 Jun 2016 17:49:08 GMT
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Fri, 03 Jun 2016 09:39:08 GMT
ETag: W/"5bb3-15515a16a60"
X-Via: 1.1 FM-31430C:8104 (Cdn Cache Server V2.0), 1.1 fuzhou189:8107 (Cdn Cache Server V2.0), 1.1 db77:1 (Cdn Cache Server V2.0)
Connection: keep-alive
HTTP/1.1 304 Not Modified..Date: Sat, 04 Jun 2016 17:49:08 GMT..X-Powe
red-By: Express..Accept-Ranges: bytes..Cache-Control: public, max-age=
0..Last-Modified: Fri, 03 Jun 2016 09:39:08 GMT..ETag: W/"5bb3-15515a1
6a60"..X-Via: 1.1 FM-31430C:8104 (Cdn Cache Server V2.0), 1.1 fuzhou18
9:8107 (Cdn Cache Server V2.0), 1.1 db77:1 (Cdn Cache Server V2.0)..Co
nnection: keep-alive......



GET /j.gif?act=webevent&eventid=10008953&value=1&sys=3&uid=0&ui=0.20794194939660737&sid=72578111&act_type=1&source=0_0&bak1=0_0&parm1=0&time=1465062572&username= HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /j.gif?act=webstat&ht=VVV.yy.com&siteid=www@yy&speid=&ui=0.9037752212777944&sc=1276.846&cl=32-bit&pcmb=1&os=win|xp&bs=ie6&mb=&se=&wd=&rfh=&rf=&sns=&fl=-1&ln=&ja=1&ck=1&ot=<=&xy=&ext=&v=v0.8.0&pl=http://VVV.yy.com/210075&hsid=0.4215254752462996&io=1&ut=1465062555755&rnd=0.90377522127779441465062555755 HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /hm.js?c493393610cdccbddc1f124d567e36ab HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: hm.baidu.com
Connection: Keep-Alive
Cookie: HMACCOUNT=45C9319AF5C9C37A


HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 8796
Content-Type: application/javascript
Date: Sat, 04 Jun 2016 17:49:06 GMT
Etag: a6182c7abd554fdec141e481c8a3b5e5
Server: apache
...............(function(){var h={},mt={},c={id:"c493393610cdccbddc1f1
24d567e36ab",dm:["yy.com"],js:"tongji.baidu.com/hm-web/js/",etrk:[],ic
on:'',ctrk:false,align:-1,nv:-1,vdur:1800000,age:31536000000,rec:0,rp:
[],trust:0,vcard:0,qiao:0,lxb:0,conv:0,med:0,cvcc:'',cvcf:[],apps:''};
.;.{......p..`5........l.]....X..I..l...c..IZ...wF.CN...{.....3....d.&
lt;5R.LB.....wi..E...;.9.....[.....,..a.....~H'.s..V.....Ij/2.>..8'
j........[..e..../6..k1~z;.......%.4.Oc.F.g5.F..../..D..*..x<^...f.
].M.....(...Pv..bvhd.Xa......U......T..^.~>.l..m..........GK&DI.D..
.kN..`2.UlAQ.Uov&r.,b/.......Y/A.|'..m.,`.X.Ox......3a...h.6L#..dV .m.
.m.m. ..........eg.4.N..|...)....}....0....v......<...EJ...8-..".&v
n..#....:.."..S.e....A.6.l..;..b9.{.$......7B.|x6...GZ......X.j1P.4...
....3.eox..d.$..2.6..|..k.... ..[RX.....j.....~{7......9...g.1....S4..
#Kb..F.......`.s.g....9H.....T0..D<.'.{%...&...Yd..@.."O..{...8....
$.,3.A.R.x.M,....J.....)...Q[. ` .....Z...?]B....[,....UMK.,Y..L.|...u
....p_.&.tE.D....9.&r%...t.Kf.H..d.i....&.....b...Xf..I.N.&`...&...-.Y
C...P.......%0.e..%_.....!..!ShaU..D0.........&...K.pJt.....H..V......
)(}.d...Z.d...*.Z~......T;... [email protected]}3...50.T
G....#..`K.|....~......,..c......E.4.|gp..a!^..w<Z.......Fh....(l*.
.ge.....i..,Y....I..`."5.3i.....F.........n......:*t.`..QL.<...v...
.ge..!.9...yt..@....`I......E.k._.'..(A...].0.........n... .......n!k.
..>...(x..Fnm....n...7.l...e3.f ..6S.LM.8..on...y#;....f.....F..#..
......".E..p......GM..3W....f..8.!. .b.>.c....J.......7I"..j...
<<< skipped >>>

GET /hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&ep=6953,6953&et=3&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062552&nv=0&rnd=1721426335&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2 HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: hm.baidu.com
Connection: Keep-Alive
Cookie: HMACCOUNT=45C9319AF5C9C37A


HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Jun 2016 17:49:13 GMT
Pragma: no-cache
Server: apache
X-Content-Type-Options: nosniff
GIF89a.............!.......,...........L..;HTTP/1.1 200 OK..Cache-Cont
rol: private, max-age=0, no-cache..Content-Length: 43..Content-Type: i
mage/gif..Date: Sat, 04 Jun 2016 17:49:13 GMT..Pragma: no-cache..Serve
r: apache..X-Content-Type-Options: nosniff..GIF89a.............!......
.,...........L..;....


GET /hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&et=0&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=1720588834&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2&tt=[K歌]花樣年華〆娱乐休闲会所 我的电脑会唱歌,叫醒你的耳朵~-正在直播-中国领先的直播网站 HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: hm.baidu.com
Connection: Keep-Alive
Cookie: HMACCOUNT=45C9319AF5C9C37A


HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Jun 2016 17:49:14 GMT
Pragma: no-cache
Server: apache
X-Content-Type-Options: nosniff
GIF89a.............!.......,...........L..;HTTP/1.1 200 OK..Cache-Cont
rol: private, max-age=0, no-cache..Content-Length: 43..Content-Type: i
mage/gif..Date: Sat, 04 Jun 2016 17:49:14 GMT..Pragma: no-cache..Serve
r: apache..X-Content-Type-Options: nosniff..GIF89a.............!......
.,...........L..;....


GET /hm.js?c493393610cdccbddc1f124d567e36ab HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: hm.baidu.com
Connection: Keep-Alive
Cookie: HMACCOUNT=45C9319AF5C9C37A


HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 8796
Content-Type: application/javascript
Date: Sat, 04 Jun 2016 17:49:21 GMT
Etag: a6182c7abd554fdec141e481c8a3b5e5
Server: apache
...............(function(){var h={},mt={},c={id:"c493393610cdccbddc1f1
24d567e36ab",dm:["yy.com"],js:"tongji.baidu.com/hm-web/js/",etrk:[],ic
on:'',ctrk:false,align:-1,nv:-1,vdur:1800000,age:31536000000,rec:0,rp:
[],trust:0,vcard:0,qiao:0,lxb:0,conv:0,med:0,cvcc:'',cvcf:[],apps:''};
.;.{......p..`5........l.]....X..I..l...c..IZ...wF.CN...{.....3....d.&
lt;5R.LB.....wi..E...;.9.....[.....,..a.....~H'.s..V.....Ij/2.>..8'
j........[..e..../6..k1~z;.......%.4.Oc.F.g5.F..../..D..*..x<^...f.
].M.....(...Pv..bvhd.Xa......U......T..^.~>.l..m..........GK&DI.D..
.kN..`2.UlAQ.Uov&r.,b/.......Y/A.|'..m.,`.X.Ox......3a...h.6L#..dV .m.
.m.m. ..........eg.4.N..|...)....}....0....v......<...EJ...8-..".&v
n..#....:.."..S.e....A.6.l..;..b9.{.$......7B.|x6...GZ......X.j1P.4...
....3.eox..d.$..2.6..|..k.... ..[RX.....j.....~{7......9...g.1....S4..
#Kb..F.......`.s.g....9H.....T0..D<.'.{%...&...Yd..@.."O..{...8....
$.,3.A.R.x.M,....J.....)...Q[. ` .....Z...?]B....[,....UMK.,Y..L.|...u
....p_.&.tE.D....9.&r%...t.Kf.H..d.i....&.....b...Xf..I.N.&`...&...-.Y
C...P.......%0.e..%_.....!..!ShaU..D0.........&...K.pJt.....H..V......
)(}.d...Z.d...*.Z~......T;... [email protected]}3...50.T
G....#..`K.|....~......,..c......E.4.|gp..a!^..w<Z.......Fh....(l*.
.ge.....i..,Y....I..`."5.3i.....F.........n......:*t.`..QL.<...v...
.ge..!.9...yt..@....`I......E.k._.'..(A...].0.........n... .......n!k.
..>...(x..Fnm....n...7.l...e3.f ..6S.LM.8..on...y#;....f.....F..#..
......".E..p......GM..3W....f..8.!. .b.>.c....J.......7I"..j...
<<< skipped >>>

GET /hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&ep=8984,47&et=3&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=1518234277&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2 HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: hm.baidu.com
Connection: Keep-Alive
Cookie: HMACCOUNT=45C9319AF5C9C37A


HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Jun 2016 17:49:30 GMT
Pragma: no-cache
Server: apache
X-Content-Type-Options: nosniff
GIF89a.............!.......,...........L..;HTTP/1.1 200 OK..Cache-Cont
rol: private, max-age=0, no-cache..Content-Length: 43..Content-Type: i
mage/gif..Date: Sat, 04 Jun 2016 17:49:30 GMT..Pragma: no-cache..Serve
r: apache..X-Content-Type-Options: nosniff..GIF89a.............!......
.,...........L..;....


GET /hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&ep=6015,6015&et=3&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=1034336498&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2 HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: hm.baidu.com
Connection: Keep-Alive
Cookie: HMACCOUNT=45C9319AF5C9C37A


HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Jun 2016 17:49:37 GMT
Pragma: no-cache
Server: apache
X-Content-Type-Options: nosniff
GIF89a.............!.......,...........L..;HTTP/1.1 200 OK..Cache-Cont
rol: private, max-age=0, no-cache..Content-Length: 43..Content-Type: i
mage/gif..Date: Sat, 04 Jun 2016 17:49:37 GMT..Pragma: no-cache..Serve
r: apache..X-Content-Type-Options: nosniff..GIF89a.............!......
.,...........L..;....


GET /hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&et=0&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=160802413&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2&tt=[K歌]花樣年華〆娱乐休闲会所 我的电脑会唱歌,叫醒你的耳朵~-正在直播-中国领先的直播网站 HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: hm.baidu.com
Connection: Keep-Alive
Cookie: HMACCOUNT=45C9319AF5C9C37A


HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Jun 2016 17:49:38 GMT
Pragma: no-cache
Server: apache
X-Content-Type-Options: nosniff
GIF89a.............!.......,...........L..;HTTP/1.1 200 OK..Cache-Cont
rol: private, max-age=0, no-cache..Content-Length: 43..Content-Type: i
mage/gif..Date: Sat, 04 Jun 2016 17:49:38 GMT..Pragma: no-cache..Serve
r: apache..X-Content-Type-Options: nosniff..GIF89a.............!......
.,...........L..;....


GET /hm.js?c493393610cdccbddc1f124d567e36ab HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: hm.baidu.com
Connection: Keep-Alive
Cookie: HMACCOUNT=45C9319AF5C9C37A


HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 8796
Content-Type: application/javascript
Date: Sat, 04 Jun 2016 17:49:45 GMT
Etag: a6182c7abd554fdec141e481c8a3b5e5
Server: apache
...............(function(){var h={},mt={},c={id:"c493393610cdccbddc1f1
24d567e36ab",dm:["yy.com"],js:"tongji.baidu.com/hm-web/js/",etrk:[],ic
on:'',ctrk:false,align:-1,nv:-1,vdur:1800000,age:31536000000,rec:0,rp:
[],trust:0,vcard:0,qiao:0,lxb:0,conv:0,med:0,cvcc:'',cvcf:[],apps:''};
.;.{......p..`5........l.]....X..I..l...c..IZ...wF.CN...{.....3....d.&
lt;5R.LB.....wi..E...;.9.....[.....,..a.....~H'.s..V.....Ij/2.>..8'
j........[..e..../6..k1~z;.......%.4.Oc.F.g5.F..../..D..*..x<^...f.
].M.....(...Pv..bvhd.Xa......U......T..^.~>.l..m..........GK&DI.D..
.kN..`2.UlAQ.Uov&r.,b/.......Y/A.|'..m.,`.X.Ox......3a...h.6L#..dV .m.
.m.m. ..........eg.4.N..|...)....}....0....v......<...EJ...8-..".&v
n..#....:.."..S.e....A.6.l..;..b9.{.$......7B.|x6...GZ......X.j1P.4...
....3.eox..d.$..2.6..|..k.... ..[RX.....j.....~{7......9...g.1....S4..
#Kb..F.......`.s.g....9H.....T0..D<.'.{%...&...Yd..@.."O..{...8....
$.,3.A.R.x.M,....J.....)...Q[. ` .....Z...?]B....[,....UMK.,Y..L.|...u
....p_.&.tE.D....9.&r%...t.Kf.H..d.i....&.....b...Xf..I.N.&`...&...-.Y
C...P.......%0.e..%_.....!..!ShaU..D0.........&...K.pJt.....H..V......
)(}.d...Z.d...*.Z~......T;... [email protected]}3...50.T
G....#..`K.|....~......,..c......E.4.|gp..a!^..w<Z.......Fh....(l*.
.ge.....i..,Y....I..`."5.3i.....F.........n......:*t.`..QL.<...v...
.ge..!.9...yt..@....`I......E.k._.'..(A...].0.........n... .......n!k.
..>...(x..Fnm....n...7.l...e3.f ..6S.LM.8..on...y#;....f.....F..#..
......".E..p......GM..3W....f..8.!. .b.>.c....J.......7I"..j...
<<< skipped >>>

GET /hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&ep=7000,7000&et=3&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=1870802401&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2 HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: hm.baidu.com
Connection: Keep-Alive
Cookie: HMACCOUNT=45C9319AF5C9C37A


HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Jun 2016 17:49:53 GMT
Pragma: no-cache
Server: apache
X-Content-Type-Options: nosniff
GIF89a.............!.......,...........L..;HTTP/1.1 200 OK..Cache..



GET /j.gif?act=web&zd=www@yy|&ui=0.20794194939660737&sp=0&fl=11&sl=0&ss=2&bs=6&mb=0&nw=0&fd=0&hiido=0&sn=0&ls=0&ut=1465062588114&wd=0&passport=&sns=null&pcmb=1&pl=http://VVV.yy.com/136724&v=T20160526.01&rnd=0.207941949396607371465062588114 HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /136724 HTTP/1.1
Accept: */*
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: VVV.yy.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:48:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Language: en-US
X-Cache: EXPIRED
Content-Encoding: gzip
4a4.............}.s.G...l.....|.|.Y..i.N...a.g.r.T..Ici........W..`.2$
..pB [email protected]...~.....I..nYE......O.>}........3R.H.y..v..O
...4.....D..<%...'P.......Q.zO@..,-.B....Ds .(..f$..e.aB..=.,'...=H
K.|....=..$.w.B.2(.Q...%1..._.y/L...bGZ$.,...0S.r..b.-v....l....zaD..'
H.*1#{..1I.}..:.I.....................|....f.....Cgs...G.AwD. p..)&[..
.D.Gh..d2.......Xnhp.x_..RZ..LQ.O#.@.^!.......~.M.v..=J..$z...8]b.....
..?.ir....`(..Q...x1...C,.....h...:...#......p.Cb.K.Xb$..ZY.A~tqeq.z.^
...Gyv.z.e...............S.;_........w.pa#....(/dE.m..w`.;j./.>.._.
frgi....F0........7y....R.<sC^8.........).c.....V..}....]..%&K.$...
.z..d.A.>..s.). ....*q.."..$..T$.1|r.V....2#4H6...2g.9...</.4..&
lt;[email protected]#.....,........H....`S......X.T
4...........S.......Y.2...Xp..Yp...T..zK..H..D.3.%;.....X*..L&>'.Xg
.3..<.M...x..D8....d.C.Ei[._..Hl].......6..h:..48H.;.I(...:...Y~.E.
(.YZ....x...$#.!Q*e...<~H.#.0h..!.d"..W...3..!u.K..2.....!.A.......
...Q.....H...o.....Z...bI.o..b....<h.`.. .X.............t.....&....
]..*m..6.5...t.S%).....0.4......u............u....8N........5....V..;.
,..&.6N|... ......N.......4..Y.7..OF.D..K0.)3H..q. ......D...v.P...<
;...Y~t'.g.Y..E.i&..J..W...I.........a)..2b6b..Q..`.`...-...J...._.3..
.......U..:x......<}.h..W3..S.....Te..... ...X.B.3.j.......I.......
xm......bm~^.z...X.......".O..%......GQ. 9...tG..1.......=!.....?*.B..
N.._...H.9.v'.,.......<.B.G.w.(c.P..k.......8*.R.....O....~...4..:.
...1e.D.Q...0.....#.>.....G.....n..f.3.p....,M..&J.....pj!.,..'
<<< skipped >>>


GET /j.gif?act=webstat&ht=VVV.yy.com&siteid=www@yy&speid=&ui=0.9037752212777944&sc=1276.846&cl=32-bit&pcmb=1&os=win|xp&bs=ie6&mb=&se=&wd=&rfh=&rf=&sns=&fl=-1&ln=&ja=1&ck=1&ot=<=&xy=&ext=&v=v0.8.0&pl=http://VVV.yy.com/210075&hsid=0.4215254752462996&io=1&ut=1465062570489&rnd=0.90377522127779441465062570489 HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET / HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: VVV.yy.com
Connection: Keep-Alive
Cookie: hiido_ui=0.20794194939660737; hdjs_ui=0.9037752212777944; hdjs_session_id=0.4559120123177925; hdjs_session_time=1465062549724


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:49:04 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 04 Jun 2016 17:49:03 GMT
Content-Encoding: gzip
4c8..............{w.G.7.w.Z.;.x..$..V./.0.A...Z....4k..,.],Y...m..Y...
.$..0..&....c0..~...$......._.V..!D..ruw......w...>..d1..M.........
...o*..........)>.Hd..r...k....t.;...x!.IW)[email protected]..&.}3...,/...
NN.J..']..r.T).?.'2]..(}.........9.D..\....DO.X...8U.._../c.<h.....
x:..c.T.g:9......'...n..t..9.=.I...K.#..u...f. .......6..m.o.#.....).?
.y}K.}........R....oB...x69.]......Rv.6.Z)N...=......p....D);....x).G%
.I.3.%.o%[email protected].\J4...D0W.......t.4....
..............v....|>.#.._~Z..A.;P]{ \..-..n.._:Z..RX:!.<.>_.
...?...}....3..W.......7....0.R{t..$.T{.".;S?.R;....<.T._.'...K...7
...6.=.........k..8q....(l.?./..........J..'...V..|.0..L6../<....[.
.f'k........m.. .}......Djn.XJ.u."..A......._.....O.k/./.....E........
.......h.....]J.i.R....r&....m0..r9...1..J....B(..P......&YF.eQ..24..x
19.....^..._,...\S!s.. .8.#........#J.me..t9..g`D>..._.m.......y.h}
..G[........b...........K.|..........i>......0h`../=......Ta<.Tp
.W.^g*.t.#...#g.._..M...J.$.."......J)m:[email protected]~.......g.OS....^D
.f.s...Gw.....y>0....!..Qb..v?.@..|V....|q..@&.L.&?.dR.l..."......E
...p2{ .....O......$..Rw!^..]..:.4^.. ..).*?......a.K..Y0U.~\l.=!|.R?y
..|...xuc..|@X|.8.!<..p^X=............Xo...g............).}:z..T.P.
..cY..t...1000.....z.....|......J.Dp.T.).JA01N... ..x)..nl<.....x..
..L`.x......P...,...h@%\|[email protected]...`P.........3".v..IP..X....
....:..>x.. ."8.NaR.....%.M.........P.[.....6.V.?...O......x.......
.T..O...sa....../.oL.&...r....39.n........u.....K...G..UF..!<|.
<<< skipped >>>

GET / HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: VVV.yy.com
Connection: Keep-Alive
Cookie: hiido_ui=0.20794194939660737; hdjs_ui=0.9037752212777944; hdjs_session_id=0.4559120123177925; hdjs_session_time=1465062549724


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:49:07 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 04 Jun 2016 17:49:05 GMT
Content-Encoding: gzip
1f20...............w.G.?.s.Z..A.g.$Y'.........9nyLd<..Y..$,.zx.6...
....mLB....6I0.H0.....r....r..[....j.3..8P.....k.O.].k....,&...T ..s..
..}....'....G...|.....x...?....t3].N.....>.*...T)U..$..>U....&.2
.xc.S...R.....r.t)u .'.].4(}.........y.D..|....DO.....8..?P..(c..h...3
..d...J.r.Lr.'9S.....E..{.S......k.....`..A|j..B...2W.m h....G{......?
.9}K.}......@;."..T...A..Lr....S..S...L..R,...;<.=07.......Rf.....R
..J.....H..J...Bj6....w.}[email protected][email protected]....`...e&....Ti&
gt;..'....A.OO>S....v...3|.. .._yZ..A.;P]. \...,..../...x),..V.W./K
.....g.}........dJj.......<-,.....6.........._.....i.E...........;.
..G[....p.vi.v.:(4._k<?..[...K.....{g.?.,l..>_.....p.|L:3../=.V6
.[V.2...Z..C..G....B......3...-..e..Hw.......s./....;O.././.........s.
. .................i.R..s.r:...Wm...r9...1..J....B(..P......&YG.eQ..24
..D19.....^..<P,.@.\S!K., .8.#........#j.me..L9....G...._.m.......9
.j}............b.v.........K.|....&......>.....).i.../=......T~".Tp
.7.^g*.0.........o..&J\~...p..J.O..h..6.([email protected]~.......g.OR....^D
.f.s...{w..3..9>0....!..Qb..v..@..|Z....\q..@:.L.....)..`|C.....3..
..x8.9.H....G].T..t.|y.;./OA....7M..$..pZ......vxU..R8q..U...6....^..8
^[....Xus..|@8..qdSxp....v..?[...../^{..X[....o.S..........t..K.8.4...
.. ...d...(.L.s.J.{O8(....Rq..*...8........I(v...x.||.......=......w@.
K3.,.G...p.Y.........q.9...n..A...3 .e......v.2IP.X,.....`w.....^.....
..C.."...xIlS....::SP.jrKw...o.oU..._~"W.,...'.ni.A..I..xa....[7~.....
.1...i....3]fr`..p.os.....!.?..T.........Kx..q.[...*[email protected]....(..
<<< skipped >>>


GET /j.gif?act=webstat&ht=VVV.yy.com&siteid=www@yy&speid=&ui=0.9037752212777944&sc=1276.846&cl=32-bit&pcmb=1&os=win|xp&bs=ie6&mb=&se=&wd=&rfh=&rf=&sns=&fl=-1&ln=&ja=1&ck=1&ot=<=&xy=&ext=&v=v0.8.0&pl=http://VVV.yy.com/136724&hsid=0.4559120123177925&io=1&ut=1465062581068&rnd=0.90377522127779441465062581068 HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /j.gif?act=webstat&ht=VVV.yy.com&siteid=www@yy&speid=&ui=0.9037752212777944&sc=1276.846&cl=32-bit&pcmb=1&os=win|xp&bs=ie6&mb=&se=&wd=&rfh=&rf=&sns=&fl=-1&ln=&ja=1&ck=1&ot=<=&xy=&ext=&v=v0.8.0&pl=http://VVV.yy.com/210075&hsid=0.4215254752462996&io=1&ut=1465062570708&rnd=0.90377522127779441465062570708 HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /j.gif?act=webstat&ht=VVV.yy.com&siteid=www@yy&speid=&ui=0.9037752212777944&sc=1276.846&cl=32-bit&pcmb=1&os=win|xp&bs=ie6&mb=&se=&wd=&rfh=&rf=&sns=&fl=-1&ln=&ja=1&ck=1&ot=<=&xy=&ext=&v=v0.8.0&pl=http://VVV.yy.com/210075&hsid=0.4215254752462996&io=1&ut=1465062580864&rnd=0.90377522127779441465062580864 HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /j.gif?act=web&zd=www@yy|&ui=0.20794194939660737&sp=0&fl=11&sl=0&ss=2&bs=6&mb=0&nw=0&fd=0&hiido=0&sn=0&ls=0&ut=1465062564114&wd=0&passport=&sns=null&pcmb=1&pl=http://VVV.yy.com/136724&v=T20160526.01&rnd=0.207941949396607371465062564114 HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /j.gif?act=webstat&ht=VVV.yy.com&siteid=www@yy&speid=&ui=0.9037752212777944&sc=1276.846&cl=32-bit&pcmb=1&os=win|xp&bs=ie6&mb=&se=&wd=&rfh=&rf=&sns=&fl=-1&ln=&ja=1&ck=1&ot=<=6953&xy=&ext=&v=v0.8.0&pl=http://VVV.yy.com/210075&hsid=0.4215254752462996&io=0&ut=1465062562724&rnd=0.90377522127779441465062562724 HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /cm/user?time=1465062548&domain=yy.com&zds=www@yy|&hiido_ui=0.20794194939660737 HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: cm.hiido.cn
Connection: Keep-Alive


HTTP/1.1 302 Found
Server: nginx
Date: Sat, 04 Jun 2016 17:49:00 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: hXXp://cm.hiido.cn/cm/user?hi_tc=1&domain=yy.com&hiido_ui=0.20794194939660737&time=1465062548&zds=www@yy|&
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Set-Cookie: cm_ui="buCLmnR1GIMVgMVaX93GCw==|0.6"; Expires=Thu, 01 Dec 2016 17:49:00 GMT; Path=/
....


GET /cm/user?hi_tc=1&domain=yy.com&hiido_ui=0.20794194939660737&time=1465062548&zds=www@yy|& HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: cm.hiido.cn
Connection: Keep-Alive
Cookie: cm_ui="buCLmnR1GIMVgMVaX93GCw==|0.6"


HTTP/1.1 302 Found
Server: nginx
Date: Sat, 04 Jun 2016 17:49:00 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: hXXp://cms.tanx.com/t.gif?tanx_nid=109887427&tanx_cm&domain=yy.com&hiido_ui=0.20794194939660737&time=1465062548&zds=www@yy|&hi_cmui=buCLmnR1GIMVgMVaX93GCw==&hi_cmuiv=0.6&
HTTP/1.1 302 Found..Server: nginx..Date: Sat, 04 Jun 2016 17:49:00 GMT
..Content-Type: text/plain; charset=UTF-8..Content-Length: 0..Connecti
on: keep-alive..Location: hXXp://cms.tanx.com/t.gif?tanx_nid=109887427
&tanx_cm&domain=yy.com&hiido_ui=0.20794194939660737&time=1465062548&zd
s=www@yy|&hi_cmui=buCLmnR1GIMVgMVaX93GCw==&hi_cmuiv=0.6&......


GET /cm/adx/tanx?tanx_ver=1&domain=yy.com&hiido_ui=0.20794194939660737&time=1465062548&zds=www@yy|&hi_cmui=buCLmnR1GIMVgMVaX93GCw==&hi_cmuiv=0.6&tanx_tid=mh7AnrnlrII= HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: cm.hiido.cn
Connection: Keep-Alive
Cookie: cm_ui="yzwRC8sZVk qFEJH3ShePQ==|0.6"


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:49:05 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Set-Cookie: cm_mapping=tanx|0|1465066145; Expires=Thu, 01 Dec 2016 17:49:05 GMT; Path=/
GIF89a.............!.......,...........L..;HTTP/1.1 200 OK..Server: ng
inx..Date: Sat, 04 Jun 2016 17:49:05 GMT..Content-Type: image/gif..Con
tent-Length: 43..Connection: keep-alive..P3P: CP="CURa ADMa DEVa PSAo 
PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"..Set-Coo
kie: cm_mapping=tanx|0|1465066145; Expires=Thu, 01 Dec 2016 17:49:05 G
MT; Path=/..GIF89a.............!.......,...........L..;....


GET /cm/user?time=1465062564&domain=yy.com&zds=www@yy|&hiido_ui=0.20794194939660737 HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: cm.hiido.cn
Connection: Keep-Alive
Cookie: cm_ui="yzwRC8sZVk qFEJH3ShePQ==|0.6"; cm_mapping=tanx|0|1465066145


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:49:14 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
GIF89a.............!.......,...........L..;HTTP/1.1 200 OK..Server: ng
inx..Date: Sat, 04 Jun 2016 17:49:14 GMT..Content-Type: image/gif..Con
tent-Length: 43..Connection: keep-alive..GIF89a.............!.......,.
..........L..;....


GET /cm/user?time=1465062579&domain=yy.com&zds=www@yy|&hiido_ui=0.20794194939660737 HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: cm.hiido.cn
Connection: Keep-Alive
Cookie: cm_ui="yzwRC8sZVk qFEJH3ShePQ==|0.6"; cm_mapping=tanx|0|1465066145


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:49:30 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
GIF89a.............!.......,...........L..;HTTP/1.1 200 OK..Server: ng
inx..Date: Sat, 04 Jun 2016 17:49:30 GMT..Content-Type: image/gif..Con
tent-Length: 43..Connection: keep-alive..GIF89a.............!.......,.
..........L..;....


GET /cm/user?time=1465062596&domain=yy.com&zds=www@yy|&hiido_ui=0.20794194939660737 HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: cm.hiido.cn
Connection: Keep-Alive
Cookie: cm_ui="yzwRC8sZVk qFEJH3ShePQ==|0.6"; cm_mapping=tanx|0|1465066145


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:49:47 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
GIF89a.............!.......,...........L..;HTTP/1.1 200 OK..Server: ng
inx..Date: Sat, 04 Jun 2016 17:49:47 GMT..Content-Type: image/gif..Con
tent-Length: 43..Connection: keep-alive..GIF89a.............!.......,.
..........L..;..



GET /j.gif?act=webevent&eventid=10008953&value=1&sys=3&uid=0&ui=0.20794194939660737&sid=86415000&act_type=1&source=0_0&bak1=0_0&parm1=0&time=1465062581&username= HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /j.gif?act=webstat&ht=VVV.yy.com&siteid=www@yy&speid=&ui=0.9037752212777944&sc=1276.846&cl=32-bit&pcmb=1&os=win|xp&bs=ie6&mb=&se=&wd=&rfh=&rf=&sns=&fl=-1&ln=&ja=1&ck=1&ot=<=8078&xy=&ext=&v=v0.8.0&pl=http://VVV.yy.com/136724&isnew=1&hsid=0.4559120123177925&io=0&ut=1465062557818&rnd=0.90377522127779441465062557818 HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /j.gif?act=webstat&ht=VVV.yy.com&siteid=www@yy&speid=&ui=0.9037752212777944&sc=1276.846&cl=32-bit&pcmb=1&os=win|xp&bs=ie6&mb=&se=&wd=&rfh=&rf=&sns=&fl=-1&ln=&ja=1&ck=1&ot=<=7235&xy=&ext=&v=v0.8.0&pl=http://VVV.yy.com/136724&hsid=0.4559120123177925&io=0&ut=1465062579583&rnd=0.90377522127779441465062579583 HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /r/sc/yycomscene/defaultScene/1/76/gradeIco.swf HTTP/1.1
Accept: */*
Accept-Language: en-US
Referer: hXXp://c2.web.yystatic.com/r/sc/yycomscene/defaultScene/1/76/danmaku.swf
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: c2.web.yystatic.com
Connection: Keep-Alive
Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b; hiido_ui=0.57246662237330648


HTTP/1.1 200 OK
Content-Length: 8475
Content-Type: application/x-shockwave-flash;charset=UTF-8
Last-Modified: Sat,05-Dec-15 05:49:28 GMT
Via: 1.1 db79:5011 (Cdn Cache Server V2.0)
Connection: close
CWS..(..x..zw\S..n...{.ED:!....).b... ..B...4.T...t....D.."HS. U....D.
.....>........"k.........c........,1 ...2`[email protected] .....gm`$...E...
W.".T..NN.00P6PA.Lq..WSS..`..X. B./.D.......h.......L!.P.d...5...O....
W. o.....d..d'..3.[...#'/........).<.L.%...tw.....~.BV.. ...H.....Q
...r.'z..)..k.....\.....b..e0.2..........,.Q.a0.....'..@......#cUm.Up.
5......../:.....?".........3m].........|.8..........W..y].q.d.7......"
:.w........=......].5.~.....02s..z............:..6.. gM.#[email protected].
....'[email protected]...).auU...}.C%yy]..VOOYE.P_Y...O.................d..u/
.%..F.....j....UQ.....nV=#5UU].].}%.....e..)..W...@p1.......<......
..T.2../...dR..........f@..{.../2.oS..51.u..KZ._MPK......i....$.4..0..
PH...FnCv..f.3(h(...q.....SA....Y..].....`1T...sU....t..y...1."f..|fm.
...i............/.....Y./..Y..c.....]...Wl.py.....&~...Q.........5.L.*
[R..ts.v/G.../.S%.,.......q....K.....N.GS.5l..U..o0[6J._..(.=?u..g.,..
'......#..fC..ss..[).*...........20i.[.1p.....D_.k.......z.....I.L....
.$.....!Ni../N.j..4o.g..e)...HN8.l'.....k..R.fWt.. ........]S.F. ..T .
...q...6...i...F.U...)...H..z...n.3...h"'HK-..u.............C....G..'.
".)t....h.&E. .\w.H.Z;t..:...90..EQ....'........$..[....7A....I.......
.>.O..#&.....r#yEB..:......"|.{....c].j...H..O.G..........4(6E$u.D.
..9.......#..HV.....(.x..taV..u.5....V|...C...]...-.........M.7.......
...;^jm1}......;N.....&.I..84..?.'.>..r.....*.u..(8...pK.3*......IX
...c%)....".4.A..T..d..3.n...^H.y..2..g..^..0x..#n...9Yz.Z$........I..
..............3..j#.. ..w...'.E.7.....Q.w..d...U..:J... 5..^.}T\=#
<<< skipped >>>


GET /j.gif?act=webstat&ht=VVV.yy.com&siteid=www@yy&speid=&ui=0.9037752212777944&sc=1276.846&cl=32-bit&pcmb=1&os=win|xp&bs=ie6&mb=&se=&wd=&rfh=&rf=&sns=&fl=-1&ln=&ja=1&ck=1&ot=<=&xy=&ext=&v=v0.8.0&pl=http://VVV.yy.com/136724&hsid=0.4559120123177925&io=1&ut=1465062571677&rnd=0.90377522127779441465062571677 HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /j.gif?act=web&zd=www@yy|&ui=0.20794194939660737&sp=0&fl=11&sl=0&ss=2&bs=6&mb=0&nw=0&fd=0&hiido=0&sn=0&ls=0&ut=1465062548411&wd=0&passport=&sns=null&pcmb=1&pl=http://VVV.yy.com/136724&v=T20160526.01&rnd=0.207941949396607371465062548411 HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410500173; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



5....2.... ...}...Y..%G&.."eR...`y..q....,...........




0....3.... .....9s.&.|.........u..&4..Y.<.'.......




..\..k..Lu..e74ec...~5t...... .:....l.......M8*0..G.~.mG...YBha....s..
..0m...^...(....<.....l..M..)....6]...q.....%




).\..j..Lu...z4eR[...5t......oC...5.T.......NH^0..[.5.-.....{.4....&..
..9;...;........n...x......y.o.....y....V].0-U..0.j..3KcM.e.....:.....
.Ks[L.PF.v.a.0..[.fK$Nu.v.. SE...5f...........o...............}Z;.^zx.
.).\..j..Lu...z4eR[...5t......oC...5.T.......NH^0..[.5.-.....{.4....&.
...9;...;........n...x......y.o.....y....V].0-U..0.j..3KcM.e.....:....
..Ks[L.PF.v.a.0..[.fK$Nu.v.. SE...5f...........o...............}Z;.^zx
....




.-..M.Z.....tfx..b..7..].._h...... l.e.S.9o...L`.h.h ,;#|.Z..ho.-k..Q.
.j.T.......=RTO...1..3..{a........~o....0Ok..C.....S.".j....p.H..UH...
&:c.jV..{l5.{(.%.7........{/.T1.].\.9...u...."..#l.....[......nl .l...
{.. .. 8*.."^.rg.f.......e...I8.qj....".3...c




....1....^&* ..{.....6..X.)..




........[...]....:u..G#J?...s.....k..q.j..-.&V..v.?.T..t.....7k..q.3..
..k{.A.....3..EO.............A.....3e...m.."..A......'..A.3..%....[.m.
[email protected]....^.#.^D.........\.
T.7q..x_Ew.._....:.O:K..........7<..........b.. 0-.|.}..fEP|g....0.
).{j......._h.I......<\....r....A.b..C>.|nZ.....7....P..........
[email protected]`n=\.O....K"h.....*.....B....QZ.....U.....
/....w......t...e............. ........w..>.f....P..*.g...g.,.h.<
;.(qH.....X....#..N...k.$.!....N.U..'.g.....R.a...W.lO"U.




G.^*.B.p.K..Q.#..&4c.j\..{.&....3w"j......|...._....G:X....0......'|0.
.....u.....w...X..(.7.wG.^*.B.p.K..Q.#..&4c.j\..{.&....3w"j......|....
_....G:X....0......'|0......u.....w...X..(.7.w.t.X...?....n.92&..M4..?
..~.Ix:|..O.}.R. .*?.......ot...9M..??. .w..F....:..%.n..p..fw..K].-s.
..e.NW5w..#.b....]I.A..y../;..N...6........w......3s.....`=..L......].
@.....w....[.m..........,q.(...N..M......T............wJ....O.._....Y.
..^D.........m...yv..KQ...s_....:.4&........t..(2.........v"....,.|.z.
.fEP.g....0xB...V......-h.I......<\....r....A.b..C>.|nZ.....7...
.P..........p4g..>.pvB`r.../rps."......r`n...2....O#h.fx.?(.t.X...?
....n.92&..M4..?..~.Ix:|..O.}.R. .*?.......ot...9M..??. .w..F....:..%.
n..p..fw..K].-s...e.NW5w..#.b....]I.A..y../;..N...6........w......3s..
...`=..L......][email protected]....[.m..........,q.(...N..M......T............
wJ....O.._....Y...^D.........m...yv..KQ...s_....:.4&........t..(2.....
....v"....,.|.z..fEP.g....0xB...V......-h.I......<\....r....A.b..C&
gt;.|nZ.....7....P..........p4g..>.pvB`r.../rps."......r`n...2....O
#h.fx.?(........<.QZ....,U[....[...G.......b...q..........r..#.....
...w..m......P.vF.........i.;..qH/....X...\ ..N.....d......x.`....co..
...;X.."l.Tv_,...B2.W...*......H....6.-F..uk#kE...38Y....3pi..........
..<.QZ....,U[....[...G.......b...q..........r..#........w..m......P
.vF.........i.;..qH/....X...\ ..N.....d......x.`....co.....;X.."l.Tv_,
...B2.W...*......H....6.-F..uk#kE...38Y....3pi......




...7....j,......H.%..6.Y..r..^.....Gk]....3y...8......G..t..f..L...5..
Q..l.L...7(CnX.."..O(.q(.W{..F .....[.....Sg(...}Y&..o.C..k.X..$?..`.-
'T......ay:J.WE4...E$<FE..?....48Z.v..!t..>.b.GJb#*.&.Y.~....e."
..6.&......SSF...*.....e'..D0/"h.."V){........DRR.....?....T..-kx.....
.V......T}|..}5..}..<.8.L;...X.o#.\<..7...-,..M:.$j.*.  .;.._.Z.
..`..d...C.5..:b...t.U...M.lZ..o.....S..h..q.d.....c.fF.-J'.z.v...Cq..
9.I.dJZ0.A4Dl....<.8CQ....b..X....




i.........Ng..s.=.f..Q .4.~.C.6*@og.....O(.p?....m......7...y...<z.
..*0...X.B..[.Y...2..d.n&U....!.iM#z#Vi....t.x.w8..".....c.N.{Y...FK8i
.........Ng..s.=.f..Q .4.~.C.6*@og.....O(.p?....m......7...y...<z..
.*0...X.B..[.Y...2..d.n&U....!.iM#z#Vi....t.x.w8..".....c.N.{Y...FK8mN
J.(w.].Y.~..8...=..5.&9.....'.n...*....KBp3Icg "k..!W)k....6bX..).....
.8.t..,.2.imNJ.(w.].Y.~..8...=..5.&9.....'.n...*....KBp3Icg "k..!W)k..
..6bX..)......8.t..,.2.i..




..M...<..........F....c..a[q.].U"z.:.Zt.I\...n.]..>...`.>d.*.
.}.....[>..6O%f./....E.ez.....N.=.y...-......hq..T4G....mN..!;.[..E
j],tjH......j...d0.7.".e./....5.U{....d....Z.4....O..h......."..r..wAT
...S.0)j]....D.Q..z.:&.^.a.E.@...(......').).T.m.VE..:.o.$..0.$T&.M'9K
*.).....4..`..\..p6.C..h%....,...}O.z...........Y9Dj..E6..r..o.xT..nPX
..i.L........!`....A.M...][email protected]"'..t. .I.F!..G.......~.f
..=.h..O.(.,\.....8=.<...y..b........g..NH [email protected]&..<y.4..CM
.(.........$e




.......".....I....R}5./.H..N..i;...:.ofo.5...b..-*.....Yk.*.' MSf.1.6.
..X..d...C.5..:b....WR....R.a....(...b5.'."B.......".....I....R}5./.H.
.N..i;...:.ofo.5...b..-*.....Yk.*.' MSf.1.6...X..d...C.5..:b....WR....
R.a....(...b5.'."B."...h.Qq^t.Yu.G..][email protected]....
.)',..:.....n........be.nC....X..e.p4X.(q_.D.\..I]...t........b.>..
...}.....S8..N7.d."...h.Qq^t.Yu.G..][email protected].....
)',..:.....n........be.nC....X..e.p4X.(q_.D.\..I]...t........b.>...
..}.....S8..N7.d



GET /s/72578111/72578111/yycomscene.swf HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: weblbs.yystatic.com
Connection: Keep-Alive


HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Length: 0
Content-type: text/html
Location: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=72578111&subSid=72578111&newtuna=1&referer=http://VVV.yy.com/136724
HTTP/1.1 302 Found..Access-Control-Allow-Credentials: true..Access-Con
trol-Allow-Methods: GET..Access-Control-Allow-Origin: *..Access-Contro
l-Max-Age: 600..Connection: keep-alive..Content-Length: 0..Content-typ
e: text/html..Location: hXXp://c2.web.yystatic.com/r/rc/yycomscene/mai
n/1/11/main.swf?type=yycomscene&topSid=72578111&subSid=72578111&newtun
a=1&referer=http://VVV.yy.com/136724......


GET /s/72578111/72578111/yycomscene.swf HTTP/1.1


Accept: */*
Accept-Language: en-US
Referer: hXXp://VVV.yy.com/136724
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: weblbs.yystatic.com
Connection: Keep-Alive


HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Length: 0
Content-type: text/html
Location: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=72578111&subSid=72578111&newtuna=1&referer=http://VVV.yy.com/136724
....


GET /crossdomain.xml HTTP/1.1


Accept: */*
Accept-Language: en-US
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: weblbs.yystatic.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 260
Content-type: text/html
Last-Modified: Sat,05-Dec-15 05:49:08 GMT
...<?xml version="1.0"?>.<cross-domain-policy>..<site-c
ontrol permitted-cross-domain-policies="all"/>..<allow-http-requ
est-headers-from domain="*" headers="*" secure="false"/>..<allow
-access-from domain="*" secure="false" to-ports="*" />.</cross-d
omain-policy>....


GET //get-data/72578111?subSid=72578111&type=yycomscene&referer=hXXp://VVV.yy.com/136724&_=32552383 HTTP/1.1


Accept: */*
Accept-Language: en-US
Referer: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=72578111&subSid=72578111&newtuna=1&referer=http:/%2
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: weblbs.yystatic.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 810
Content-type: text/html
Set-Cookie: wyy=192e7f4eb03c434c9cb751dc5e3cbc4f;Path=/;Domain=yystatic.com;Expires=Sun,04-Jun-17 17:49:08 GMT
Set-Cookie: hiido_ui=0.02169874264937767;Path=/;Domain=yystatic.com;Expires=Sun,04-Jun-17 17:49:08 GMT
...........U...F.}.g.f.L......BH..@``^.....#......e.=....l.d6.[TW.:].&
gt;U.R..!.U.......K..U]!"3.i`..T}7Le.....?>o.0..,g..qk....pV0.Df..O
@4.-.......@.].. . ).u..3.....ZSB....(..$H._..,H...q.4.h...7U..D..i...
6 ;...N...6.....v.....1.C...-l.-.k.=Q.............u$..}.a.1..........~
7&r.m.>.-...G....Z:a.6..R*'..:......'rk.M.I......4*.'|....2Z..h....
.z.)[email protected]>...2VE..4Y.....YYh\.....0.G..Fa...."F.....E.F.T
0Z.K.!'.M...1.....)T...u>...?vs. ..|.......c\%......f...dG....."S..
8.OJ..).......8.......ib....0.......K..&...E..a......X.H-....I..n.']..
....>V/..n l....R<9...tQ....h.A.!....K..]...T.C}_......{...[.o).
:.*....... ..._.?#.ku.;..)S%.. ...S...An...o..A.".....b}H.i>.;.=gpW
....n...\..C...|S..../.,.....*...z}..KFU...io...C)..CC.f..4...g?OOo.d.
S...:.>......c........z?....x:-....25\.)dp.1.h.$.. s........U...HTT
P/1.1 200 OK..Access-Control-Allow-Credentials: true..Access-Control-A
llow-Methods: GET..Access-Control-Allow-Origin: *..Access-Control-Max-
Age: 600..Connection: keep-alive..Content-Encoding: gzip..Content-Leng
th: 810..Content-type: text/html..Set-Cookie: wyy=192e7f4eb03c434c9cb7
51dc5e3cbc4f;Path=/;Domain=yystatic.com;Expires=Sun,04-Jun-17 17:49:08
 GMT..Set-Cookie: hiido_ui=0.02169874264937767;Path=/;Domain=yystatic.
com;Expires=Sun,04-Jun-17 17:49:08 GMT.............U...F.}.g.f.L......
BH..@``^.....#......e.=....l.d6.[TW.:].>U.R..!.U.......K..U]!"3.i`.
.T}7Le.....?>o.0..,[email protected].......@.].. . ).u..3.....
ZSB....(..$H._..,H...q.4.h...7U..D..i...6 ;...N...6.....v.....1.C.
<<< skipped >>>

GET /s/72578111/72578111/yycomscene.swf HTTP/1.1


Accept: */*
Accept-Language: en-US
Referer: hXXp://VVV.yy.com/136724
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: weblbs.yystatic.com
Connection: Keep-Alive
Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b; hiido_ui=0.57246662237330648


HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Length: 0
Content-type: text/html
Location: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=72578111&subSid=72578111&newtuna=1&referer=http://VVV.yy.com/136724
HTTP/1.1 302 Found..Access-Control-Allow-Credentials: true..Access-Con
trol-Allow-Methods: GET..Access-Control-Allow-Origin: *..Access-Contro
l-Max-Age: 600..Connection: keep-alive..Content-Length: 0..Content-typ
e: text/html..Location: hXXp://c2.web.yystatic.com/r/rc/yycomscene/mai
n/1/11/main.swf?type=yycomscene&topSid=72578111&subSid=72578111&newtun
a=1&referer=http://VVV.yy.com/136724......


GET /s/72578111/72578111/yycomscene.swf HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: weblbs.yystatic.com
Connection: Keep-Alive
Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b; hiido_ui=0.57246662237330648


HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Length: 0
Content-type: text/html
Location: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=72578111&subSid=72578111&newtuna=1&referer=http://VVV.yy.com/136724
HTTP/1.1 302 Found..Access-Control-Allow-Credentials: true..Access-Con
trol-Allow-Methods: GET..Access-Control-Allow-Origin: *..Access-Contro
l-Max-Age: 600..Connection: keep-alive..Content-Length: 0..Content-typ
e: text/html..Location: hXXp://c2.web.yystatic.com/r/rc/yycomscene/mai
n/1/11/main.swf?type=yycomscene&topSid=72578111&subSid=72578111&newtun
a=1&referer=http://VVV.yy.com/136724......


GET //get-data/72578111?subSid=72578111&type=yycomscene&referer=hXXp://VVV.yy.com/136724&_=20658772 HTTP/1.1


Accept: */*
Accept-Language: en-US
Referer: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=72578111&subSid=72578111&newtuna=1&referer=http:/%2
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: weblbs.yystatic.com
Connection: Keep-Alive
Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b; hiido_ui=0.57246662237330648


HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 798
Content-type: text/html
...........U...G.}.g..>.VW.}`1....@`a_.1}..`I3...0..TK..H..N^F...N.
....^..).U. [email protected]*...,.........e`....:N@._.`.......d
.........#,.H...t.....-.f.K.,@yS.4K.(@q...-..U..!..y..z....9..a...F...
zX.q}8.r.y..%c.kp......Sn...........e&..}.a..!.g?>.)wU....)....<
.T.3ePj.....ki)...'.JdN3.........&f."80Vz-#X..Qq.6.h....a.....D...h|c!
j.<d.=(...:Q.l9W.4@~l..<.$....i...E.J.. ....(r.......Nx..0.A*.D.
.....E....@.\...|jw_~.......e}.......*...p\..,.S....R1].O....?)..<n
WX...d.9-....?.&Vi..L.kRS.tI.%I_.........m...c.j....X...#pzY..|..<.
/..x.....I.*..3.b...PN.$B4.1..c..q.....b.z_?.%2.M.....y...............
......oH.Z]...Cn...........W.....mz0.....q...].O..?..Y.C..'....wx.6..Q
/........l."..n.R..r...IQU.H"..5_DHb.u.../.......<=.U..L..iu.>.B
.......C.r.O..c..B..........{(I...).S.q.l.P...o...ZW...HTTP/1.1 200 OK
..Access-Control-Allow-Credentials: true..Access-Control-Allow-Methods
: GET..Access-Control-Allow-Origin: *..Access-Control-Max-Age: 600..Co
nnection: keep-alive..Content-Encoding: gzip..Content-Length: 798..Con
tent-type: text/html.............U...G.}.g..>.VW.}`1....@`a_.1}..`I
3...0..TK..H..N^F...N.....^..).U. [email protected]*...,........
.e`....:N@._.`.......d.........#,.H...t.....-.f.K.,@yS.4K.(@q...-..U..
!..y..z....9..a...F...zX.q}8.r.y..%c.kp......Sn...........e&..}.a..!.g
?>.)wU....)....<.T.3ePj.....ki)...'.JdN3.........&f."80Vz-#X..Qq
.6.h....a.....D...h|c!j.<d.=(...:Q.l9W.4@~l..<.$....i...E.J.. ..
..(r.......Nx..0.A*.D......E....@.\...|jw_~.......e}.......*...p\.
<<< skipped >>>

GET /s/72578111/72578111/yycomscene.swf HTTP/1.1


Accept: */*
Accept-Language: en-US
Referer: hXXp://VVV.yy.com/136724
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: weblbs.yystatic.com
Connection: Keep-Alive
Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b; hiido_ui=0.57246662237330648


HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Length: 0
Content-type: text/html
Location: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=72578111&subSid=72578111&newtuna=1&referer=http://VVV.yy.com/136724
HTTP/1.1 302 Found..Access-Control-Allow-Credentials: true..Access-Con
trol-Allow-Methods: GET..Access-Control-Allow-Origin: *..Access-Contro
l-Max-Age: 600..Connection: keep-alive..Content-Length: 0..Content-typ
e: text/html..Location: hXXp://c2.web.yystatic.com/r/rc/yycomscene/mai
n/1/11/main.swf?type=yycomscene&topSid=72578111&subSid=72578111&newtun
a=1&referer=http://VVV.yy.com/136724......


GET /s/72578111/72578111/yycomscene.swf HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: weblbs.yystatic.com
Connection: Keep-Alive
Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b; hiido_ui=0.57246662237330648


HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Length: 0
Content-type: text/html
Location: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=72578111&subSid=72578111&newtuna=1&referer=http://VVV.yy.com/136724
HTTP/1.1 302 Found..Access-Control-Allow-Credentials: true..Access-Con
trol-Allow-Methods: GET..Access-Control-Allow-Origin: *..Access-Contro
l-Max-Age: 600..Connection: keep-alive..Content-Length: 0..Content-typ
e: text/html..Location: hXXp://c2.web.yystatic.com/r/rc/yycomscene/mai
n/1/11/main.swf?type=yycomscene&topSid=72578111&subSid=72578111&newtun
a=1&referer=http://VVV.yy.com/136724......


GET //get-data/72578111?subSid=72578111&type=yycomscene&referer=hXXp://VVV.yy.com/136724&_=34825432 HTTP/1.1


Accept: */*
Accept-Language: en-US
Referer: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=72578111&subSid=72578111&newtuna=1&referer=http:/%2
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: weblbs.yystatic.com
Connection: Keep-Alive
Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b; hiido_ui=0.57246662237330648


HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 799
Content-type: text/html
...........U...A.}.3.v.B....E.Q|...}...T..If..1..n.$.N........NUW...Q.
....f ......j......KN.3D.jUum?.}.W.Z.....i.a..m/....#.sN. ..K.-0....pM
.2.9.D...Of.K.(8.Hl....<.\.]I.....vKJ[(..H..B~ZU.........u.d.......
&..n........!...%b..........d?m......pF..DZ..<d.g....].....7...iR.y
j0.%.p...\.!...#..pr..............A...3V.`@...,P...&......Ny.... P.E.Q
.."0..5HbLpR..R.!....O.....,,3..Iu.c...9.........h2uBQ.*..X9.eL.....P.
...f....M.S...w7w.........ov..U"...l=.,.Sq"m.&Q&n......4 ..^....A.Ni..
/..k.IQ.\....X]..%..({.j/......m.N..T..G..C..2.8.F:j......T..}.#..&.Ux
e.....((.u.!..7.PBQdQ..6.].j..o........4m.3}s..1.yn.<d.>^....B..
#.V...}..;...T^...n.!.c..6..pUd...)..w.....a...nJ. ......saCl.......|}
.e..B...!....I......$..\...K,..>:L. ..E:.i..n%3.k.G..}*.......W=`:.
..wC7.!.....Q1..e...J..H.N.G...B.../3.g.W...HTTP/1.1 200 OK..Access-Co
ntrol-Allow-Credentials: true..Access-Control-Allow-Methods: GET..Acce
ss-Control-Allow-Origin: *..Access-Control-Max-Age: 600..Connection: k
eep-alive..Content-Encoding: gzip..Content-Length: 799..Content-type: 
text/html.............U...A.}.3.v.B....E.Q|...}...T..If..1..n.$.N.....
...NUW...Q.....f ......j......KN.3D.jUum?.}.W.Z.....i.a..m/....#.sN. .
.K.-0....pM.2.9.D...Of.K.(8.Hl....<.\.]I.....vKJ[(..H..B~ZU........
.u.d.......&..n........!...%b..........d?m......pF..DZ..<d.g....]..
...7...iR.yj0.%.p...\.!...#..pr..............A...3V.`@...,P...&......N
y.... P.E.Q.."0..5HbLpR..R.!....O.....,,3..Iu.c...9.........h2uBQ.*..X
9.eL.....P....f....M.S...w7w.........ov..U"...l=.,.Sq"m.&Q&n......
<<< skipped >>>

GET /s/72578111/72578111/yycomscene.swf HTTP/1.1


Accept: */*
Accept-Language: en-US
Referer: hXXp://VVV.yy.com/136724
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: weblbs.yystatic.com
Connection: Keep-Alive
Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b; hiido_ui=0.57246662237330648


HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Length: 0
Content-type: text/html
Location: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=72578111&subSid=72578111&newtuna=1&referer=http://VVV.yy.com/136724
HTTP/1.1 302 Found..Access-Control-Allow-Credentials: true..Access-Con
trol-Allow-Methods: GET..Access-Control-Allow-Origin: *..Access-Contro
l-Max-Age: 600..Connection: keep-alive..Content-Length: 0..Content-typ
e: text/html..Location: hXXp://c2.web.yystatic.com/r/rc/yycomscene/mai
n/1/11/main.swf?type=yycomscene&topSid=72578111&subSid=72578111&newtun
a=1&referer=http://VVV.yy.com/136724......


GET /s/72578111/72578111/yycomscene.swf HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: weblbs.yystatic.com
Connection: Keep-Alive
Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b; hiido_ui=0.57246662237330648


HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Length: 0
Content-type: text/html
Location: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=72578111&subSid=72578111&newtuna=1&referer=http://VVV.yy.com/136724
HTTP/1.1 302 Found..Access-Control-Allow-Credentials: true..Access-Con
trol-Allow-Methods: GET..Access-Control-Allow-Origin: *..Access-Contro
l-Max-Age: 600..Connection: keep-alive..Content-Length: 0..Content-typ
e: text/html..Location: hXXp://c2.web.yystatic.com/r/rc/yycomscene/mai
n/1/11/main.swf?type=yycomscene&topSid=72578111&subSid=72578111&newtun
a=1&referer=http://VVV.yy.com/136724......


GET //get-data/72578111?subSid=72578111&type=yycomscene&referer=hXXp://VVV.yy.com/136724&_=9648186 HTTP/1.1


Accept: */*
Accept-Language: en-US
Referer: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=72578111&subSid=72578111&newtuna=1&referer=http:/%2
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: weblbs.yystatic.com
Connection: Keep-Alive
Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b; hiido_ui=0.57246662237330648


HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 790
Content-type: text/html
...........U]..:.}..0.>.E...dX..KK....})e.%.k....MC.....v.Phz.....9
3..Q...{H}Q....(?~/..(.!.3.!0.....~.Q.W.[...... ...-.|...(_....]...@..
b....d....K$d$,*.&,.#.....t..*~e....~Z....A... .. .>U.p.F?6..v...}X
..d.!..:g.a.n.X...:..O..>#.D7..-3................e.7C"G...qj..g....
BH#%Ge).8...P.9d..w.....7uH2...c.D.!:T(."g.A#...<.....F...Q!H.....Z
:x.......Cw.j....Q..........k..p....'...B.kS.0..@....!$...t&..TE=T..&l
t;:.RV.*7........)......|.....W..*..z.Y..&}.R.f.(6...I.J..(eW".,}H.S\.
.e....U....\....9.s.^..e<...o......E)hE.0.5.k..2Nse..>..sq.....E
eb.Z....].*[email protected]=."}[..,.r_...3U.&.o...f..a/sh...y..m. .*...WA
../|'.>.4...J..........v.M.3B.....T..wi?N;......r....F...scCh#.....
.|.7..5...-R.._.O.>vT..-.....<.b~u.....b0 ....tm'3.z.G.T}..^.I.!
...D....wC7.=.............#..drZ:..MP.?^...C.hT...HTTP/1.1 200 OK..Acc
ess-Control-Allow-Credentials: true..Access-Control-Allow-Methods: GET
..Access-Control-Allow-Origin: *..Access-Control-Max-Age: 600..Connect
ion: keep-alive..Content-Encoding: gzip..Content-Length: 790..Content-
type: text/html.............U]..:.}..0.>.E...dX..KK....})e.%.k....M
C.....v.Phz.....93..Q...{H}Q....(?~/..(.!.3.!0.....~.Q.W.[...... ...-.
|...(_....][email protected]$d$,*.&,.#.....t..*~e....~Z....A... .. .&g
t;U.p.F?6..v...}X..d.!..:g.a.n.X...:..O..>#.D7..-3................e
.7C"G...qj..g....BH#%Ge).8...P.9d..w.....7uH2...c.D.!:T(."g.A#...<.
....F...Q!H.....Z:x.......Cw.j....Q..........k..p....'...B.kS.0..@....
!$...t&..TE=T..<:.RV.*7........)......|.....W..*..z.Y..&}.R.f.(
<<< skipped >>>


GET /j.gif?act=webevent&eventid=10008953&value=1&sys=3&uid=0&ui=0.20794194939660737&sid=86415000&act_type=1&source=0_0&bak1=0_0&parm1=0&time=1465062587&username= HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /r/sc/yycomscene/defaultScene/1/76/defaultScene.swf HTTP/1.1
Accept: */*
Accept-Language: en-US
Referer: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=86415000&subSid=86415000&newtuna=1&referer=http:/%2
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: c2.web.yystatic.com
Connection: Keep-Alive
Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b; hiido_ui=0.57246662237330648


HTTP/1.1 200 OK
Content-Length: 28691
Content-Type: application/x-shockwave-flash;charset=UTF-8
Last-Modified: Sat,05-Dec-15 05:49:13 GMT
Via: 1.1 db80:82 (Cdn Cache Server V2.0)
Connection: close
CWS.X...x...y|.E.?.....=.;.b..*........!....s ...$.$.I&.L..~...*.%....
r.... .x_.P.....o..~.{&.............x.........1....$.T.t..O>MQ...~.
...`eUvq...c.j.C..]..&.n...{....F_. ......./....w..=!.3.T....Y.:..U2..
.PE......3..-.4........".iCc.VfYY..W.....C......* ....:o.*oCC...K....3
T...i.w..gU.7TsE..AJ...k}W.4x j|..j}c2sZ.Ka[.d [.y.S.*.....e.d.X9J..X^
.............A.0.X_....AJV..y..?M...$....Fo..*_...DFG.d..a.U}..\......
e.. z...'.={..?.#~....?~.:.G....Xs.EP.E9......:..U..}.J_...6\B.ew.o_U.
...z.|}.$...IAV...`.......T5.0-.;.~...f.m|...>G.o-E...WfT..z55... .
U...z....`.....9C...p.__./..W.?.P.m2J....O...j}.zs@c}.U.#m|.[...F_E...
..%x..#.........&_.e.\...Y..E.....!...P.U..V....U.8[.7.4S...Y'/z.:o=.&
.?bD.o.;..Y#F..x..}......Ua...9..|.0TSkDr...C...4..}&.M..#F.%..(...#..
.u.,...TJ1b......A........*.5..5.............J6. ?.v..(..o}...y..5..fh
.......AE...n.Q......._...6....q4....z..Z..^....}A......L...I2.0.C..?o
W;....c.......zh.?.Z.6.v..........."ul....8.?d.RbD.....)y..a.J_@j.....
.CT]..S.....(......i.:_....\.......Q..jG..%...n.'.."...(_.1L..Kv.,.e'.
...B_.....31W..A0tm..C..g.-.].^...^A_5./)...X.eow9AU....^....!h.4..t..
...m. ....$.....I.....>..D.v'V..]CB.%.uuP)..u..@r>5...6.gk..j...
.aqC....F......J.4.....4X...>.......*..z....a.8{....r..ol..|"......
W...G^..n.y.;..#].v.......cF......i`....*.......7...*...... .m.,faLE.%
...!.P....... ._F........zh.\e...>..........vrJ..A..Al.55E..9...1..
.\RTX...W...}f>....g.|.fGd../..B.e1Z....X.1......tCN...&.Rhz.E.W.).
...df...Jy...fGd........N...]......$........N'..W....rI...b_]`....
<<< skipped >>>


GET /zone/1371549646 HTTP/1.1
Referer: hXXp://m.yy.com/zone/1371549646
Accept: */*
Accept-Language: zh-cn
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1; 125LA; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)
Host: m.yy.com
Cache-Control: no-cache


HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Sat, 04 Jun 2016 17:48:53 GMT
Content-Type: text/html
Content-Length: 154
Connection: keep-alive
Location: hXXp://m.yy.com/zone/1371549646/
<html>..<head><title>302 Found</title></hea
d>..<body bgcolor="white">..<center><h1>302 Found
</h1></center>..<hr><center>nginx</center&g
t;..</body>..</html>......


GET /zone/1371549646/ HTTP/1.1


Referer: hXXp://m.yy.com/zone/1371549646
Accept: */*
Accept-Language: zh-cn
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1; 125LA; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)
Host: m.yy.com
Cache-Control: no-cache
Connection: Keep-Alive


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:48:53 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 04 Jun 2016 17:48:53 GMT
f11..<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
 "hXXp://VVV.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">..<ht
ml xmlns="hXXp://VVV.w3.org/1999/xhtml">..<head>..<meta ht
tp-equiv="Content-Type" content="text/html; charset=utf-8" />..<
title>YY............ [email protected]...</title>..<
;meta name="keywords" content=".......................................
...............YY............"/>..<meta name="description" conte
nt="YY...............YY...........................K...................
.............................YY...YY..................................
......................................................................
................K......m.yy.com" />..<link type="text/css" rel="
stylesheet" href="hXXp://m.yy.com/css/public.css" />..<link type
="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/star.css" />
..<link type="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/
album.css" />..<link type="text/css" rel="stylesheet" href="http
://m.yy.com/css/uiwidget-popup.css" />..<link type="text/css" re
l="stylesheet" href="hXXp://m.yy.com/css/uiwidget-pagebar.css" />..
<link type="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/ui
widget-messagebox.css"/>..<link type="text/css" rel="stylesheet"
 href="hXXp://m.yy.com/css/zone-index-pagebar.css"/>..<link type
="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/jplayer.blue.mo
nday.css"/>..<link type="text/css" rel="stylesheet" href="ht
<<< skipped >>>

GET /zone/1371549646 HTTP/1.1


Referer: hXXp://m.yy.com/zone/1371549646
Accept: */*
Accept-Language: zh-cn
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1; 125LA; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)
Host: m.yy.com
Cache-Control: no-cache


HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Sat, 04 Jun 2016 17:48:54 GMT
Content-Type: text/html
Content-Length: 154
Connection: keep-alive
Location: hXXp://m.yy.com/zone/1371549646/
<html>..<head><title>302 Found</title></hea
d>..<body bgcolor="white">..<center><h1>302 Found
</h1></center>..<hr><center>nginx</center&g
t;..</body>..</html>......


GET /zone/1371549646/ HTTP/1.1


Referer: hXXp://m.yy.com/zone/1371549646
Accept: */*
Accept-Language: zh-cn
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1; 125LA; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)
Host: m.yy.com
Cache-Control: no-cache
Connection: Keep-Alive


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:48:55 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 04 Jun 2016 17:48:55 GMT
4ca..<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
 "hXXp://VVV.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">..<ht
ml xmlns="hXXp://VVV.w3.org/1999/xhtml">..<head>..<meta ht
tp-equiv="Content-Type" content="text/html; charset=utf-8" />..<
title>YY............ [email protected]...</title>..<
;meta name="keywords" content=".......................................
...............YY............"/>..<meta name="description" conte
nt="YY...............YY...........................K...................
.............................YY...YY..................................
......................................................................
................K......m.yy.com" />..<link type="text/css" rel="
stylesheet" href="hXXp://m.yy.com/css/public.css" />..<link type
="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/star.css" />
..<link type="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/
album.css" />..<link type="text/css" rel="stylesheet" href="http
://m.yy.com/css/uiwidget-popup.css" />..<link type="text/css" re
l="stylesheet" href="hXXp://m.yy.com/css/uiwidget-pagebar.css" />..
<link type="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/ui
widget-messagebox.css"/>..<link type="text/css" rel=..1000.."sty
lesheet" href="hXXp://m.yy.com/css/zone-index-pagebar.css"/>..<l
ink type="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/jplayer
.blue.monday.css"/>..<link type="text/css" rel="stylesheet" 
<<< skipped >>>

GET /zone/1371549646 HTTP/1.1


Referer: hXXp://m.yy.com/zone/1371549646
Accept: */*
Accept-Language: zh-cn
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1; 125LA; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)
Host: m.yy.com
Cache-Control: no-cache
Cookie: hiido_ui=0.20794194939660737; Hm_lvt_c493393610cdccbddc1f124d567e36ab=1465062552; Hm_lpvt_c493393610cdccbddc1f124d567e36ab=1465062552


HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Sat, 04 Jun 2016 17:49:03 GMT
Content-Type: text/html
Content-Length: 154
Connection: keep-alive
Location: hXXp://m.yy.com/zone/1371549646/
<html>..<head><title>302 Found</title></hea
d>..<body bgcolor="white">..<center><h1>302 Found
</h1></center>..<hr><center>nginx</center&g
t;..</body>..</html>......


GET /zone/1371549646/ HTTP/1.1


Referer: hXXp://m.yy.com/zone/1371549646
Accept: */*
Accept-Language: zh-cn
Connection: Keep-Alive
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1; 125LA; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)
Host: m.yy.com
Cache-Control: no-cache
Cookie: hiido_ui=0.20794194939660737; Hm_lvt_c493393610cdccbddc1f124d567e36ab=1465062552; Hm_lpvt_c493393610cdccbddc1f124d567e36ab=1465062552


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:49:03 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 04 Jun 2016 17:49:03 GMT
f11..<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
 "hXXp://VVV.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">..<ht
ml xmlns="hXXp://VVV.w3.org/1999/xhtml">..<head>..<meta ht
tp-equiv="Content-Type" content="text/html; charset=utf-8" />..<
title>YY............ [email protected]...</title>..<
;meta name="keywords" content=".......................................
...............YY............"/>..<meta name="description" conte
nt="YY...............YY...........................K...................
.............................YY...YY..................................
......................................................................
................K......m.yy.com" />..<link type="text/css" rel="
stylesheet" href="hXXp://m.yy.com/css/public.css" />..<link type
="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/star.css" />
..<link type="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/
album.css" />..<link type="text/css" rel="stylesheet" href="http
://m.yy.com/css/uiwidget-popup.css" />..<link type="text/css" re
l="stylesheet" href="hXXp://m.yy.com/css/uiwidget-pagebar.css" />..
<link type="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/ui
widget-messagebox.css"/>..<link type="text/css" rel="stylesheet"
 href="hXXp://m.yy.com/css/zone-index-pagebar.css"/>..<link type
="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/jplayer.blue.mo
nday.css"/>..<link type="text/css" rel="stylesheet" href="ht
<<< skipped >>>

GET /zone/1371549646 HTTP/1.1


Referer: hXXp://m.yy.com/zone/1371549646
Accept: */*
Accept-Language: zh-cn
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1; 125LA; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)
Host: m.yy.com
Cache-Control: no-cache
Cookie: Hm_lpvt_c493393610cdccbddc1f124d567e36ab=1465062556; hiido_ui=0.20794194939660737; Hm_lvt_c493393610cdccbddc1f124d567e36ab=1465062552,1465062557


HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Sat, 04 Jun 2016 17:49:10 GMT
Content-Type: text/html
Content-Length: 154
Connection: keep-alive
Location: hXXp://m.yy.com/zone/1371549646/
<html>..<head><title>302 Found</title></hea
d>..<body bgcolor="white">..<center><h1>302 Found
</h1></center>..<hr><center>nginx</center&g
t;..</body>..</html>......


GET /zone/1371549646/ HTTP/1.1


Referer: hXXp://m.yy.com/zone/1371549646
Accept: */*
Accept-Language: zh-cn
Connection: Keep-Alive
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1; 125LA; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)
Host: m.yy.com
Cache-Control: no-cache
Cookie: Hm_lpvt_c493393610cdccbddc1f124d567e36ab=1465062556; hiido_ui=0.20794194939660737; Hm_lvt_c493393610cdccbddc1f124d567e36ab=1465062552,1465062557


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:49:11 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 04 Jun 2016 17:49:11 GMT
f11..<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
 "hXXp://VVV.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">..<ht
ml xmlns="hXXp://VVV.w3.org/1999/xhtml">..<head>..<meta ht
tp-equiv="Content-Type" content="text/html; charset=utf-8" />..<
title>YY............ [email protected]...</title>..<
;meta name="keywords" content=".......................................
...............YY............"/>..<meta name="description" conte
nt="YY...............YY...........................K...................
.............................YY...YY..................................
......................................................................
................K......m.yy.com" />..<link type="text/css" rel="
stylesheet" href="hXXp://m.yy.com/css/public.css" />..<link type
="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/star.css" />
..<link type="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/
album.css" />..<link type="text/css" rel="stylesheet" href="http
://m.yy.com/css/uiwidget-popup.css" />..<link type="text/css" re
l="stylesheet" href="hXXp://m.yy.com/css/uiwidget-pagebar.css" />..
<link type="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/ui
widget-messagebox.css"/>..<link type="text/css" rel="stylesheet"
 href="hXXp://m.yy.com/css/zone-index-pagebar.css"/>..<link type
="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/jplayer.blue.mo
nday.css"/>..<link type="text/css" rel="stylesheet" href="ht
<<< skipped >>>

GET /zone/1371549646 HTTP/1.1


Referer: hXXp://m.yy.com/zone/1371549646
Accept: */*
Accept-Language: zh-cn
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1; 125LA; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)
Host: m.yy.com
Cache-Control: no-cache
Cookie: Hm_lpvt_c493393610cdccbddc1f124d567e36ab=1465062564; hiido_ui=0.20794194939660737; Hm_lvt_c493393610cdccbddc1f124d567e36ab=1465062552,1465062557


HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Sat, 04 Jun 2016 17:49:18 GMT
Content-Type: text/html
Content-Length: 154
Connection: keep-alive
Location: hXXp://m.yy.com/zone/1371549646/
<html>..<head><title>302 Found</title></hea
d>..<body bgcolor="white">..<center><h1>302 Found
</h1></center>..<hr><center>nginx</center&g
t;..</body>..</html>......


GET /zone/1371549646/ HTTP/1.1


Referer: hXXp://m.yy.com/zone/1371549646
Accept: */*
Accept-Language: zh-cn
Connection: Keep-Alive
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1; 125LA; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)
Host: m.yy.com
Cache-Control: no-cache
Cookie: Hm_lpvt_c493393610cdccbddc1f124d567e36ab=1465062564; hiido_ui=0.20794194939660737; Hm_lvt_c493393610cdccbddc1f124d567e36ab=1465062552,1465062557


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:49:19 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 04 Jun 2016 17:49:19 GMT
a79..<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
 "hXXp://VVV.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">..<ht
ml xmlns="hXXp://VVV.w3.org/1999/xhtml">..<head>..<meta ht
tp-equiv="Content-Type" content="text/html; charset=utf-8" />..<
title>YY............ [email protected]...</title>..<
;meta name="keywords" content=".......................................
...............YY............"/>..<meta name="description" conte
nt="YY...............YY...........................K...................
.............................YY...YY..................................
......................................................................
................K......m.yy.com" />..<link type="text/css" rel="
stylesheet" href="hXXp://m.yy.com/css/public.css" />..<link type
="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/star.css" />
..<link type="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/
album.css" />..<link type="text/css" rel="stylesheet" href="http
://m.yy.com/css/uiwidget-popup.css" />..<link type="text/css" re
l="stylesheet" href="hXXp://m.yy.com/css/uiwidget-pagebar.css" />..
<link type="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/ui
widget-messagebox.css"/>..<link type="text/css" rel="stylesheet"
 href="hXXp://m.yy.com/css/zone-index-pagebar.css"/>..<link type
="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/jplayer.blue.mo
nday.css"/>..<link type="text/css" rel="stylesheet" href="ht
<<< skipped >>>

GET /zone/1371549646 HTTP/1.1


Referer: hXXp://m.yy.com/zone/1371549646
Accept: */*
Accept-Language: zh-cn
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1; 125LA; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)
Host: m.yy.com
Cache-Control: no-cache
Cookie: Hm_lpvt_c493393610cdccbddc1f124d567e36ab=1465062571; hiido_ui=0.20794194939660737; Hm_lvt_c493393610cdccbddc1f124d567e36ab=1465062552,1465062557


HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Sat, 04 Jun 2016 17:49:26 GMT
Content-Type: text/html
Content-Length: 154
Connection: keep-alive
Location: hXXp://m.yy.com/zone/1371549646/
<html>..<head><title>302 Found</title></hea
d>..<body bgcolor="white">..<center><h1>302 Found
</h1></center>..<hr><center>nginx</center&g
t;..</body>..</html>......


GET /zone/1371549646/ HTTP/1.1


Referer: hXXp://m.yy.com/zone/1371549646
Accept: */*
Accept-Language: zh-cn
Connection: Keep-Alive
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1; 125LA; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)
Host: m.yy.com
Cache-Control: no-cache
Cookie: Hm_lpvt_c493393610cdccbddc1f124d567e36ab=1465062571; hiido_ui=0.20794194939660737; Hm_lvt_c493393610cdccbddc1f124d567e36ab=1465062552,1465062557


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:49:27 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 04 Jun 2016 17:49:27 GMT
f11..<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
 "hXXp://VVV.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">..<ht
ml xmlns="hXXp://VVV.w3.org/1999/xhtml">..<head>..<meta ht
tp-equiv="Content-Type" content="text/html; charset=utf-8" />..<
title>YY............ [email protected]...</title>..<
;meta name="keywords" content=".......................................
...............YY............"/>..<meta name="description" conte
nt="YY...............YY...........................K...................
.............................YY...YY..................................
......................................................................
................K......m.yy.com" />..<link type="text/css" rel="
stylesheet" href="hXXp://m.yy.com/css/public.css" />..<link type
="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/star.css" />
..<link type="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/
album.css" />..<link type="text/css" rel="stylesheet" href="http
://m.yy.com/css/uiwidget-popup.css" />..<link type="text/css" re
l="stylesheet" href="hXXp://m.yy.com/css/uiwidget-pagebar.css" />..
<link type="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/ui
widget-messagebox.css"/>..<link type="text/css" rel="stylesheet"
 href="hXXp://m.yy.com/css/zone-index-pagebar.css"/>..<link type
="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/jplayer.blue.mo
nday.css"/>..<link type="text/css" rel="stylesheet" href="ht
<<< skipped >>>

GET /zone/1371549646 HTTP/1.1


Referer: hXXp://m.yy.com/zone/1371549646
Accept: */*
Accept-Language: zh-cn
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1; 125LA; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)
Host: m.yy.com
Cache-Control: no-cache
Cookie: Hm_lpvt_c493393610cdccbddc1f124d567e36ab=1465062581; hiido_ui=0.20794194939660737; Hm_lvt_c493393610cdccbddc1f124d567e36ab=1465062552,1465062557


HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Sat, 04 Jun 2016 17:49:34 GMT
Content-Type: text/html
Content-Length: 154
Connection: keep-alive
Location: hXXp://m.yy.com/zone/1371549646/
<html>..<head><title>302 Found</title></hea
d>..<body bgcolor="white">..<center><h1>302 Found
</h1></center>..<hr><center>nginx</center&g
t;..</body>..</html>......


GET /zone/1371549646/ HTTP/1.1


Referer: hXXp://m.yy.com/zone/1371549646
Accept: */*
Accept-Language: zh-cn
Connection: Keep-Alive
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1; 125LA; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)
Host: m.yy.com
Cache-Control: no-cache
Cookie: Hm_lpvt_c493393610cdccbddc1f124d567e36ab=1465062581; hiido_ui=0.20794194939660737; Hm_lvt_c493393610cdccbddc1f124d567e36ab=1465062552,1465062557


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:49:35 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 04 Jun 2016 17:49:35 GMT
4c5..<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
 "hXXp://VVV.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">..<ht
ml xmlns="hXXp://VVV.w3.org/1999/xhtml">..<head>..<meta ht
tp-equiv="Content-Type" content="text/html; charset=utf-8" />..<
title>YY............ [email protected]...</title>..<
;meta name="keywords" content=".......................................
...............YY............"/>..<meta name="description" conte
nt="YY...............YY...........................K...................
.............................YY...YY..................................
......................................................................
................K......m.yy.com" />..<link type="text/css" rel="
stylesheet" href="hXXp://m.yy.com/css/public.css" />..<link type
="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/star.css" />
..<link type="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/
album.css" />..<link type="text/css" rel="stylesheet" href="http
://m.yy.com/css/uiwidget-popup.css" />..<link type="text/css" re
l="stylesheet" href="hXXp://m.yy.com/css/uiwidget-pagebar.css" />..
<link type="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/ui
widget-messagebox.css"/>..<link type="text/css"..1000.. rel="sty
lesheet" href="hXXp://m.yy.com/css/zone-index-pagebar.css"/>..<l
ink type="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/jplayer
.blue.monday.css"/>..<link type="text/css" rel="stylesheet" 
<<< skipped >>>

GET /zone/1371549646 HTTP/1.1


Referer: hXXp://m.yy.com/zone/1371549646
Accept: */*
Accept-Language: zh-cn
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1; 125LA; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)
Host: m.yy.com
Cache-Control: no-cache
Cookie: Hm_lpvt_c493393610cdccbddc1f124d567e36ab=1465062588; hiido_ui=0.20794194939660737; Hm_lvt_c493393610cdccbddc1f124d567e36ab=1465062552,1465062557


HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Sat, 04 Jun 2016 17:49:42 GMT
Content-Type: text/html
Content-Length: 154
Connection: keep-alive
Location: hXXp://m.yy.com/zone/1371549646/
<html>..<head><title>302 Found</title></hea
d>..<body bgcolor="white">..<center><h1>302 Found
</h1></center>..<hr><center>nginx</center&g
t;..</body>..</html>......


GET /zone/1371549646/ HTTP/1.1


Referer: hXXp://m.yy.com/zone/1371549646
Accept: */*
Accept-Language: zh-cn
Connection: Keep-Alive
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1; 125LA; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)
Host: m.yy.com
Cache-Control: no-cache
Cookie: Hm_lpvt_c493393610cdccbddc1f124d567e36ab=1465062588; hiido_ui=0.20794194939660737; Hm_lvt_c493393610cdccbddc1f124d567e36ab=1465062552,1465062557


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:49:43 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 04 Jun 2016 17:49:43 GMT
4c5..<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
 "hXXp://VVV.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">..<ht
ml xmlns="hXXp://VVV.w3.org/1999/xhtml">..<head>..<meta ht
tp-equiv="Content-Type" content="text/html; charset=utf-8" />..<
title>YY............ [email protected]...</title>..<
;meta name="keywords" content=".......................................
...............YY............"/>..<meta name="description" conte
nt="YY...............YY...........................K...................
.............................YY...YY..................................
......................................................................
................K......m.yy.com" />..<link type="text/css" rel="
stylesheet" href="hXXp://m.yy.com/css/public.css" />..<link type
="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/star.css" />
..<link type="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/
album.css" />..<link type="text/css" rel="stylesheet" href="http
://m.yy.com/css/uiwidget-popup.css" />..<link type="text/css" re
l="stylesheet" href="hXXp://m.yy.com/css/uiwidget-pagebar.css" />..
<link type="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/ui
widget-messagebox.css"/>..<link type="text/css"..1000.. rel="sty
lesheet" href="hXXp://m.yy.com/css/zone-index-pagebar.css"/>..<l
ink type="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/jplayer
.blue.monday.css"/>..<link type="text/css" rel="stylesheet" 
<<< skipped >>>

GET /zone/1371549646 HTTP/1.1


Referer: hXXp://m.yy.com/zone/1371549646
Accept: */*
Accept-Language: zh-cn
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1; 125LA; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)
Host: m.yy.com
Cache-Control: no-cache
Cookie: Hm_lpvt_c493393610cdccbddc1f124d567e36ab=1465062596; hiido_ui=0.20794194939660737; Hm_lvt_c493393610cdccbddc1f124d567e36ab=1465062552,1465062557


HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Sat, 04 Jun 2016 17:49:50 GMT
Content-Type: text/html
Content-Length: 154
Connection: keep-alive
Location: hXXp://m.yy.com/zone/1371549646/
<html>..<head><title>302 Found</title></hea
d>..<body bgcolor="white">..<center><h1>302 Found
</h1></center>..<hr><center>nginx</center&g
t;..</body>..</html>......


GET /zone/1371549646/ HTTP/1.1


Referer: hXXp://m.yy.com/zone/1371549646
Accept: */*
Accept-Language: zh-cn
Connection: Keep-Alive
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1; 125LA; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)
Host: m.yy.com
Cache-Control: no-cache
Cookie: Hm_lpvt_c493393610cdccbddc1f124d567e36ab=1465062596; hiido_ui=0.20794194939660737; Hm_lvt_c493393610cdccbddc1f124d567e36ab=1465062552,1465062557


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:49:51 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 04 Jun 2016 17:49:51 GMT
4c5..<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
 "hXXp://VVV.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">..<ht
ml xmlns="hXXp://VVV.w3.org/1999/xhtml">..<head>..<meta ht
tp-equiv="Content-Type" content="text/html; charset=utf-8" />..<
title>YY............ [email protected]...</title>..<
;meta name="keywords" content=".......................................
...............YY............"/>..<meta name="description" conte
nt="YY...............YY...........................K...................
.............................YY...YY..................................
......................................................................
................K......m.yy.com" />..<link type="text/css" rel="
stylesheet" href="hXXp://m.yy.com/css/public.css" />..<link type
="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/star.css" />
..<link type="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/
album.css" />..<link type="text/css" rel="stylesheet" href="http
://m.yy.com/css/uiwidget-popup.css" />..<link type="text/css" re
l="stylesheet" href="hXXp://m.yy.com/css/uiwidget-pagebar.css" />..
<link type="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/ui
widget-messagebox.css"/>..<link type="text/css"..1000.. rel="sty
lesheet" href="hXXp://m.yy.com/css/zone-index-pagebar.css"/>..<l
ink type="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/jplayer
.blue.monday.css"/>..<link type="text/css" rel="stylesheet" 
<<< skipped >>>


GET /c.gif?act=webyysceneload&rel=yycomscene&ver=1.19&ref=http://VVV.yy.com/210075&tlt=0&took=4282&ip=194.242.96.218&time=1465062578927&wyy=cc515ea9f79d46d0a143e95390998e1b&sid=86415000&sidsub=86415000 HTTP/1.1
Accept: */*
Accept-Language: en-US
Referer: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=86415000&subSid=86415000&newtuna=1&referer=http:/%2
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: stat2.web.yy.com
Connection: Keep-Alive
Cookie: Hm_lpvt_c493393610cdccbddc1f124d567e36ab=1465062571; hiido_ui=0.20794194939660737; Hm_lvt_c493393610cdccbddc1f124d567e36ab=1465062552,1465062557


HTTP/1.1 200 OK
Server: nginx/1.0.10
Date: Sat, 04 Jun 2016 17:49:38 GMT
Content-Type: image/gif
Content-Length: 35
Last-Modified: Mon, 16 Nov 2015 11:04:22 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS
Accept-Ranges: bytes
GIF89a.............,...........D..;HTTP/1.1 200 OK..Server: nginx/1.0.
10..Date: Sat, 04 Jun 2016 17:49:38 GMT..Content-Type: image/gif..Cont
ent-Length: 35..Last-Modified: Mon, 16 Nov 2015 11:04:22 GMT..Connecti
on: keep-alive..Access-Control-Allow-Origin: *..Access-Control-Allow-H
eaders: X-Requested-With..Access-Control-Allow-Methods: GET,POST,OPTIO
NS..Accept-Ranges: bytes..GIF89a.............,...........D..;..



GET /duowan.js HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: VVV.duowan.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Expires: Sat, 04 Jun 2016 17:52:08 GMT
Date: Sat, 04 Jun 2016 17:47:08 GMT
Server: nginx
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 11794
Last-Modified: Fri, 27 May 2016 09:51:47 GMT
ETag: "574818b3-2e12"
Cache-Control: max-age=300
X-UA-Compatible: IE=EmulateIE7
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 fuzhou186:8104 (Cdn Cache Server V2.0), 1.1 db78:2 (Cdn Cache Server V2.0)
Connection: keep-alive
/* Hiido v20160527.01*/.eval(function(E,I,A,D,J,K,L,H){function C(A){r
eturn A<62?String.fromCharCode(A =A<26?65:A<52?71:-4):A<63
?'_':A<64?'$':C(A>>6) C(A&63)}while(A>0)K[C(D--)]=I[--A];f
unction N(A){return K[A]==L[A]?A:K[A]}if(''.replace(/^/,String)){var M
=E.match(J),B=M[0],F=E.split(J),G=0;if(E.indexOf(F[0]))F=[''].concat(F
);do{H[A  ]=F[G  ];H[A  ]=N(B)}while(B=M[G]);H[A  ]=F[G]||'';return H.
join('')}return E.replace(J,N)}('j BY="CA",Dg="ylog.u.k";7 Di(){j BH=8
.Dq,BM=CT(BH),d=BM?BM.B1:O,BO=BM?Ck(BM.CI):O;Y(BO=="Cc")BO=O;j BZ=DE(0
.Bd.CR),CV=CT(BZ),BS=CV?CV.B1:".";Y(0.Bd.protocol=="Dz:")BY="Dz";Y(BS=
="."||DQ(BS))y v;j _=C0(BS);Y(!_.BD)y v;j BK=P;Y(!BH)BK=O;p Y(BS==d){B
K=Q;BO=O}j ap=$.appName,av=$.DT,Z=$.Dd.B3();7 Ci(X){Y(X==By.Bg)X=P;p Y
(X==Cu.T)X=Q;p Y(X==BU.By)X=R;p Y(X==1440.V)X=B4;p Y(X==Co.864)X=S;p Y
(X==BU.U)X=T;p Y(X==BU.Bg)X=BI;p Y(X==B_.Bq)X=U;p Y(X==1680.Cm)X=BE;p 
Y(X==B_.By)X=Bp;p Y(X==Cn.Bq)X=Bq;p Y(X==BU.EP)X=Dw;p Y(X==BU.D8)X=14;
p Y(X==1360.Bg)X=15;p Y(X==DJ.T)X=Dv;p Y(X==1400.Cm)X=Dt;p Y(X==B_.V)X
=Du;p Y(X==DW.h)X=19;p Y(X==Co.D8)X=Dy;p Y(X==1088.612)X=Br;p Y(X==Cn.
Cl)X=Bl;p Y(X==Cn.DM)X=Bm;p Y(X==BN.Co)X=f;p Y(X==BN.1536)X=CS;p Y(X==
Cb.Dv)X=Dl;p Y(X==Cb.BN)X=Dn;p Y(X==Cu.h)X=Do;p Y(X==DW.e)X=Dp;p Y(X==
320.f)X=Dr;p Y(X==1366.Bg)X=Bn;p Y(X==480.BP)X=BP;p Y(X==1080.By)X=Bi;
p Y(X==DJ.D_)X=Bj;p Y(X==1136.D_)X=e;p Y(X==Cb.DM)X=Bh;p Y(X==BN.Cl)X=
CL;p Y(X==B$.Q)X=CM;p Y(X==B$.BN)X=CK;p Y(X==B$.f)X=CQ;p Y(X==2880.Du)
X=CP;p Y(X==Dx.C3)X=CO;p Y(X==Dx.f)X=CN;p Y(X==Bs.C3)X=Ce;p Y(X==B
<<< skipped >>>


GET /YjRkNjY5ODUtMWEyYy00MTQxLThlYjAtZjRhMzYzMjAwNTEw.jpg HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: emyfs.bs2cdn.yy.com
Connection: Keep-Alive
Cookie: hiido_ui=0.20794194939660737


HTTP/1.1 200 OK
Expires: Sun, 05 Jun 2016 17:49:07 GMT
Date: Sat, 04 Jun 2016 17:49:07 GMT
Server: openresty
Content-Type: image/jpeg
Content-Length: 71114
Accept-Ranges: bytes
Last-Modified: Tue, 10 May 2016 05:48:32 GMT
ETag: "43fb4a32bf8e5dbb7d27b8c12b54086e66a066e9"
Cache-Control: public,max-age=86400
X-Via: 1.1 db77:10 (Cdn Cache Server V2.0)
Connection: keep-alive
......JFIF.....H.H.....fExif..MM.*.......1.........&.i.........4....ww
w.meitu.com..............................................C............
............................................ "..".......C.............
............................................................&.........
......................................................}........!1A..Qa
."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuv
wxyz..................................................................
............................................................w.......!1
..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefg
hijstuvwxyz...........................................................
.........................?.....(.......\...Qp3.5D...G;s.3.s.....rKs...
..13....(...rm...N..<1,.[3........ .'Z^.P....J.^g...c.0..QvV.g....Q
...c..9'....pr...f..6..G.....W.Q......5.I..r.T..a....<k..F.6.[.F...
..:.1.v9'VSz.R.{.r3l.,.....g)6g&.....T=L.dW.........f..p.&......b...w.
.[.nne.T..1'q.-^...#..IK.g'w..ga....F..k.15.........I...FX..J.1LkS.Q..
.b>.r.... .v..b.....6.|.c[...|.b......>..{...#..um.W.".)..9...=.
...E3..H.b..$Y....9.y....Z..z.../.A#j..&r..8Rz}A.}iYv4...............N
@.W.(Iv4.w...=..<p.v...H..q.H.'d.bu....n.x.Ds.(.v...%S....$......i.
.G.v.3.Ty..W.=.o..s......^.E.......kNt..3.....A...vv.....Q.m.Kw...U...
5^.;....B....RE.>$.....`u..R.s5...._..?.]..XG.n..j9R..x..y.M#.o.)..
,a#..4..GW#U.T......<j.H..7zm.b..WSO.,...Dd..o....eT.A.T.e...K..S..
....'.@.<...L.?*?.)-.6.jn.../.|[/.Y.o...Q,..b....*.......,.<
<<< skipped >>>


GET /cm.gif?url=http://cms.tanx.com/t.gif?tanx_nid=109887427&tanx_cm&domain=yy.com&hiido_ui=0.20794194939660737&time=1465062548&zds=www@yy|&hi_cmui=yzwRC8sZVk+qFEJH3ShePQ==&hi_cmuiv=0.6 HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: log.mmstat.com
Connection: Keep-Alive


HTTP/1.1 302 Found
Server: Tengine
Date: Sat, 04 Jun 2016 17:49:03 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
P3P: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
Set-Cookie: cna=jwLaD3iTjxECAcLyYNpUr7X5; expires=Tue, 02-Jun-26 17:49:03 GMT; path=/; domain=.mmstat.com
Location: hXXp://cms.tanx.com/t.gif?tanx_nid=109887427&tanx_cm&domain=yy.com&hiido_ui=0.20794194939660737&time=1465062548&zds=www@yy|&hi_cmui=yzwRC8sZVk qFEJH3ShePQ==&hi_cmuiv=0.6&cna=jwLaD3iTjxECAcLyYNpUr7X5
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Pragma: no-cache
GIF89a.............!.......,...........L..;HTTP/1.1 302 Found..Server:
 Tengine..Date: Sat, 04 Jun 2016 17:49:03 GMT..Content-Type: image/gif
..Content-Length: 43..Connection: keep-alive..P3P: CP="NOI DSP COR CUR
a ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"..Set-Cookie: cna=jwLaD3iTjx
ECAcLyYNpUr7X5; expires=Tue, 02-Jun-26 17:49:03 GMT; path=/; domain=.m
mstat.com..Location: hXXp://cms.tanx.com/t.gif?tanx_nid=109887427&tanx
_cm&domain=yy.com&hiido_ui=0.20794194939660737&time=1465062548&zds=www
@yy|&hi_cmui=yzwRC8sZVk qFEJH3ShePQ==&hi_cmuiv=0.6&cna=jwLaD3iTjxECAcL
yYNpUr7X5..Expires: Thu, 01 Jan 1970 00:00:01 GMT..Cache-Control: no-c
ache..Pragma: no-cache..GIF89a.............!.......,...........L..;..



GET /group16/M00/DA/69/tz0M9VcuazEAAAAAAAAvAhGaUQY835.jpg HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: res.m.yystatic.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Expires: Sun, 10 May 2026 11:41:04 GMT
Date: Thu, 12 May 2016 11:41:04 GMT
Server: nginx
Content-Type: image/jpeg
Content-Length: 12034
Last-Modified: Sat, 07 May 2016 22:25:43 GMT
ETag: "572e6b67-2f02"
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 db77:9 (Cdn Cache Server V2.0)
Connection: keep-alive
......JFIF...................................................%...#... 
, #&')*)..-0-(0%()(...........(...((((((((((((((((((((((((((((((((((((
((((((((((((((........@...............................................
............}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:
CDEFGHIJSTUVWXYZcdefghijstuvwxyz......................................
......................................................................
..........w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:C
DEFGHIJSTUVWXYZcdefghijstuvwxyz.......................................
.............................................?...&.`?....Jv.R.....J...
.$.$.....)m...v....m...x...Iyw$.I,I.......#g..Nrrj.#.OJb4,.....>.-.
.sA4...)s..0m=.r3MH\..F..5jH.@.;'8.Us".Yb .G.N..i...1X..n)..n.........
.0......#[email protected][email protected][email protected][email protected]..%.%!.j.CI...U.Mn.}P.;c...#..
q.|..<[email protected]...|.I..9..Ee9.F..Vu.Z.j......v%.
....)..-..0..W......5I.....O.T.K......Z..$.".;j.e...2x....%.J......%..
[email protected][email protected][email protected]..%.%$0..4..H.-TA.=.1....
...n..^......*..-N...vv.9$...YE....5B6|5.}..J..h.{.......S.m!...aX..U{
..!.g....({...........&V...q.4....(...kE".H"%....._..j.......h..a4..._
.I.....5 OL....(......(......(.......h.....%H....*.,k.PI8....o..Y..kX.
yq...X.vo...t..B}...@^L([email protected]....,..q.0..t.
....(...Gjb*\B.H".`cO..L0.j.CC.p.g..d4Y........lS$..P.....R..9.....@..
[email protected].@.........!.bP..&.R.....b9..j..c..... ....... .i..S.....w1g
#,...y...Q5fh..Q&...Mv.n......v..-u;.-B.T..~...M.y.E.."..J..).....
<<< skipped >>>

GET /group16/M00/D0/82/tz0M9VcDglUAAAAAAAA0AFVcLuE178.jpg HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: res.m.yystatic.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Expires: Mon, 06 Apr 2026 08:23:10 GMT
Date: Fri, 08 Apr 2016 08:23:10 GMT
Server: nginx
Content-Type: image/jpeg
Content-Length: 13312
Last-Modified: Tue, 05 Apr 2016 09:16:40 GMT
ETag: "57038278-3400"
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 db78:3 (Cdn Cache Server V2.0)
Connection: keep-alive
......JFIF...................................................%...#... 
, #&')*)..-0-(0%()(...........(...((((((((((((((((((((((((((((((((((((
((((((((((((((........@...............................................
............}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:
CDEFGHIJSTUVWXYZcdefghijstuvwxyz......................................
......................................................................
..........w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:C
DEFGHIJSTUVWXYZcdefghijstuvwxyz.......................................
.............................................?...bx.....`..p....8..~..
.....................0..@;4.k..=)...1.8.S..I.v:..J.s2..A.;.]"......'..
.%.`.1.A.S#W..tM>[.J.;{h.Y.....Q.Y..z...=.C...B..j...=.t.O.]...D...
<i..Fb,..T..0(..z..>..R.c..\.1..G.$..g.-bl?..q..*j....[.....om..
}.SG.C....d~.\.9\.. .7A.e...kK.HTI.....d{s..*Z..v...1.jCJ...4....."...
..........R./"[email protected]@[email protected]..(..S..1X.....c.......K..1Hd....
....M.4.R...A.....rh....#'......(......1........`\...U......~...0.....
.iZ5....;x#..}?....s.O.~<.........10...... XF....04...D.1...p*..y.r
.7....P...I`22x.L.u.QsJ.D]...s....g. og\...]0F.fE..j6......Z.6.Q..T...
.>..Y.SH.}........G..Qw....pd^...C..=...q.....8.. .''..-0.G"......7
c..h.E..Z...1..#[email protected];I^..4z...p...q.:...g4....N(...H............
h.... c..U.v.....Va..:S.Rf.....H..e...........{Rl...</.......zl....
[email protected].....|7..a.r2.....} .....z.Sp
..0..U~~........2.bd.``...... F..`OR=~.,.M.k3...7...X.8>....?..
<<< skipped >>>

GET /group16/M00/C4/E8/d7wtWVcggoIAAAAAAABEjk6S4z4003.jpg HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: res.m.yystatic.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Expires: Sun, 26 Apr 2026 10:56:55 GMT
Date: Thu, 28 Apr 2016 10:56:55 GMT
Server: nginx
Content-Type: image/jpeg
Content-Length: 17550
Last-Modified: Wed, 27 Apr 2016 09:12:47 GMT
ETag: "5720828f-448e"
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 db77:3 (Cdn Cache Server V2.0)
Connection: keep-alive
......JFIF...................................................%...#... 
, #&')*)..-0-(0%()(...........(...((((((((((((((((((((((((((((((((((((
((((((((((((((........@...............................................
............}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:
CDEFGHIJSTUVWXYZcdefghijstuvwxyz......................................
......................................................................
..........w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:C
DEFGHIJSTUVWXYZcdefghijstuvwxyz.......................................
.............................................?..m-?.T...y.{.{dp...;...
/..,.S...|AH.....oC........0i.Q.s........i\... ...cR...:..o......i.H..
t.........8UG#.......s.&.M.1....;..o.....,.&].....u.pE)....Xa.Y.W.i.[.
.....Y5f......#.."....m.8.?.b...e..xr..$....V-.....u8<...\|...jk.F.
Y.k.f.r......&.*......$xv.T}7L.t...#A...7H.(,.....$.r...]F........C...
../4]......D...`....c$...........I.K....J.?d..G.es.<............w.-
..q%.....g..1..Q. .A."....-...).Oq...\..WC......:.H....i......J..S.z..
.b.......lV........f....E.Kih.t....b..o....n.0.4..x.....1..d.@.*bj...[
m...H..U......U. ..:.$U."M4..^Cj...;Vv.m.b......jZ.Z....M.......mIj...
p.]..{..It.(.u..<.....U.C.,...>N.1..B.M.....7.....}.|.M.SS.`..?:
9. ...N..........)GS..'..<G......m. .N..g..........o..A...#h.$....J
.>...\..16/....EX.8............\...=i.F>C...{...6...S.....S.]t..
....C.CP ...S..................D....U......P.a..b?...T.....J..#q...H..
..>0.......{...c...9..q.=:W..);...b.m..]B...LMQ.x.\.yS D.....I.
<<< skipped >>>

GET /group16/M00/9E/CC/d7wtWVI1Ol0AAAAAAAA5sxARP9E766.jpg HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: res.m.yystatic.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Expires: Sat, 21 Mar 2026 16:09:41 GMT
Date: Wed, 23 Mar 2016 16:09:41 GMT
Server: nginx
Content-Type: image/jpeg
Content-Length: 14771
Last-Modified: Sun, 15 Sep 2013 04:41:23 GMT
ETag: "52353a73-39b3"
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 db77:8 (Cdn Cache Server V2.0)
Connection: keep-alive
......JFIF...................................................%...#... 
, #&')*)..-0-(0%()(...........(...((((((((((((((((((((((((((((((((((((
((((((((((((((........@...............................................
............}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:
CDEFGHIJSTUVWXYZcdefghijstuvwxyz......................................
......................................................................
..........w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:C
DEFGHIJSTUVWXYZcdefghijstuvwxyz.......................................
.............................................?....E..N..p......"{.. .~
.n.g.g&i.....j..d.F..c..f.i.*@.....".K%.......([email protected][email protected]..
[email protected]`.............KEul.B.=...2IU....z...
..z.....H.q..F....%....I..R1...FHF...#n....0........w..8...@..)..b..E.
5.....J.........hJ.{....B}qR.Z......dR;K..k6]..e.eX...."dZ.....?.;....
..B.Z.v8..sN........XR...H..L.;.W....OQ.........J.,.pw.m...G..L.a..&(.
....;...d.?$..FL...]<w....m..z..)...T.......R`...W....y...n(.".....
Aq1Lb.@.<Q`...#P.h...LP....(.........`..O.Q"....`|..R.;M<...46..
T2..:R...8..*[email protected].
.G.e....."..^.I,.Y{~....T.....[3gY.I.5h..........6s.G...b .H..?LT3....
..9>...@.@.([email protected]...#..m..E.4.....c....=)......}s..:O`;=.P.
....Gk..B.,....8....&...)...T...H..(...p..........A..!.....b..T.......
...2A...r..u.!c..U?..9.Lt.9.. .j\.....f$.d..v...<._.0..s..q]...x.2.
.'.5.1...8.Z.........M6cQ........w..?..' ..r...0............(....h
<<< skipped >>>

GET /group16/M00/E1/52/tz0M9VdPA9EAAAAAAAA61AG8C_o574.jpg HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: res.m.yystatic.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Expires: Mon, 01 Jun 2026 13:18:03 GMT
Date: Fri, 03 Jun 2016 13:18:03 GMT
Server: nginx
Content-Type: image/jpeg
Content-Length: 15060
Last-Modified: Wed, 01 Jun 2016 15:48:33 GMT
ETag: "574f03d1-3ad4"
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 fuzhou191:8104 (Cdn Cache Server V2.0), 1.1 db78:7 (Cdn Cache Server V2.0)
Connection: keep-alive
......JFIF...................................................%...#... 
, #&')*)..-0-(0%()(...........(...((((((((((((((((((((((((((((((((((((
((((((((((((((........@...............................................
............}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:
CDEFGHIJSTUVWXYZcdefghijstuvwxyz......................................
......................................................................
..........w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:C
DEFGHIJSTUVWXYZcdefghijstuvwxyz.......................................
.............................................?...?......t.....d.h.....
.n.t.S.]r.a..4.a.._...L..V..C.eI..~.....v:..Cv...SD.%....a.... .(...].
.o.(.Z..T....e-.v..p.W9...x.&.f......Z$.....Ar..H.l1f}?J..[_>....~.
8....^3....f..hc.&h.<.......N...KC ...3/Q..6r.$..V.D.....`.......?.
?.S%lIa{%...8...&8.....V)[email protected]..=k'....EmK.T..]?....U.V>t,.
..1.2G....?..h....&=..4...).>.J).*..c.yd...=.i...M....n?N...F..<
....:.<.9........<.y>....S}..4Y.p...p0.>tK.Fk.\..)p....}.h
.d.C...(*.O....Jbrh....!%...*.?....I........(..L..t?).z{).j.....:?.F..
.1X...X..H...J... 7..e.g.`.Z.....1.....y..q................le..#.d.../
......rl.}g..>.....1I...x....6|[!..>.n...7(...S...M.A.....a.:..4
..:......w...t...Q"G..Y......j.1F....G.v..r1G0X..5....f..u.......`....
p..C....S.D.m......{[email protected]..... |^.}...{..-......VtB."..
G=.rG...P.W<...n..c....g...Z.6F..).xBy.h..$$...".6m!......jZi.....x
.<.(..i6........g.Z.jY.x8_......*=.4T.lXxq#p..=......$......P..
<<< skipped >>>


GET /group16/M00/CB/2B/tz0M9VbtNkMAAAAAAAA9VFYDCvU355.jpg HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: res.m.yystatic.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Expires: Mon, 23 Mar 2026 11:56:34 GMT
Date: Fri, 25 Mar 2016 11:56:34 GMT
Server: nginx
Content-Type: image/jpeg
Content-Length: 15700
Last-Modified: Sat, 19 Mar 2016 11:22:37 GMT
ETag: "56ed367d-3d54"
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 db77:7 (Cdn Cache Server V2.0)
Connection: keep-alive
......JFIF...................................................%...#... 
, #&')*)..-0-(0%()(...........(...((((((((((((((((((((((((((((((((((((
((((((((((((((........@...............................................
............}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:
CDEFGHIJSTUVWXYZcdefghijstuvwxyz......................................
......................................................................
..........w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:C
DEFGHIJSTUVWXYZcdefghijstuvwxyz.......................................
.............................................?...u...tk......h...o...g
E.!..G;$.[....?.......V.7MH.......B.............Z..I..`.......e=....a.
f.nL.a.n.W"Z.......9..:I.:.......K....@s:..4.4..o"....j...N.8...1$.YZ.
......SB&....Z2.e/....~\.y....M...|W...ST.1.....OZJ...*.~!.l$W..n...D.
..4n#._..J...m.nLwEq,s....<. ......MI%.....Z"lF.....ql..!q..L2s.J..
.b.&..w.b&....8Z,b.d.L.u.a.<.7.......B.N.$e...ftJj;....Pi.q........
...9... .G.......1.|..h..].BW.z..T.%Nh3.h.yCwJ.r.K.B....`q.H.....)qd.~
.1VeV..6#sA{..{......8... R.b..IL.....l.....t.J.M.X.....twv..5.K.. ...
.c4..T^.e.Xg..;....1..;(lRe...7...Y..G2...w...rv2..O...<.y.1..K....
h.F-.r.#...Z...}...Ll....x..........d.....r.*?.j.&.bGwb..'..CVL.[...].
......y.g.6....i...{u5..B...8......ncrx.?x8.......~?.t.T.i....J...bO..
......=..h%..o.~& :u.;t.....}.'.C).C..c$LR.....0......q0..I.kN.....0'5
..vz.....N..O..S.#*..dr.y.Aq.h.4..A..1A.4.......L...V"...F...,t..{.F2i
.......E.Bp...#[email protected]...,p..oog.b.&...l..n...cN.....%.....!
<<< skipped >>>

GET /group16/M00/BC/E9/tz0M9VahqFgAAAAAAAAk6C0I27c747.jpg HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: res.m.yystatic.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Expires: Tue, 03 Mar 2026 03:43:54 GMT
Date: Sat, 05 Mar 2016 03:43:54 GMT
Server: nginx
Content-Type: image/jpeg
Content-Length: 9448
Last-Modified: Fri, 22 Jan 2016 03:56:32 GMT
ETag: "56a1a870-24e8"
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 db77:5 (Cdn Cache Server V2.0)
Connection: keep-alive
......JFIF...................................................%...#... 
, #&')*)..-0-(0%()(...........(...((((((((((((((((((((((((((((((((((((
((((((((((((((........@...............................................
............}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:
CDEFGHIJSTUVWXYZcdefghijstuvwxyz......................................
......................................................................
..........w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:C
DEFGHIJSTUVWXYZcdefghijstuvwxyz.......................................
.............................................?...V..(..P...@[email protected].....
P...(.(.h.......k.v.k..V..X.4....S.P.......<....G...8..*..... . ...
.-&...c..f.0?'4s 6m~*.N.....=d....t......U..Xj..Js.Y.[.;....qL...J.N..
...h.........i....a.....5.Fh......(........O...vT.(...........P.@...(.
"....P.b.1.S.;[email protected]. [. =......b..ef^...N..U.C.....?...~
...I.c"-5.........i]Ld.>...#..B...\......xb\...Pi.._.~)X...iz.71.).
,.C#.p.d...5jB=.X:[email protected].
[email protected]@[email protected].&.>c...]\.....?g.TH.v....5..A.
y.r3c..=.SI...3...t..~4.....nprX.........%.`V.b.......2).m..?..p.f9|..
7....4.....5......&k.h.....S.d...=...H..z......v....i..4..@[email protected]@.=(.6.
......P"6....(j.......O...v`P0..(........(......([email protected].&..p...>..
....i.~ .o:.&..}.(.....8.d.}..R..\W.....=3.~.\,...........K...'.....^*
...S..$.<T:..a.).>[email protected]..#..d...7
.K.....f.TL............,....i........!....i....i..7Z.i...f..j.....
<<< skipped >>>


GET /j.gif?act=webevent&eventid=10008953&value=1&sys=3&uid=0&ui=0.20794194939660737&act_type=201&source=0_0&time=1465062553&username= HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /r/sc/yycomscene/defaultScene/1/76/defaultScene.swf HTTP/1.1
Accept: */*
Accept-Language: en-US
Referer: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=72578111&subSid=72578111&newtuna=1&referer=http:/%2
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: c2.web.yystatic.com
Connection: Keep-Alive
Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b; hiido_ui=0.57246662237330648


HTTP/1.1 200 OK
Content-Length: 28691
Content-Type: application/x-shockwave-flash;charset=UTF-8
Last-Modified: Sat,05-Dec-15 05:49:13 GMT
Age: 1
Via: 1.1 db80:82 (Cdn Cache Server V2.0)
Connection: close
CWS.X...x...y|.E.?.....=.;.b..*........!....s ...$.$.I&.L..~...*.%....
r.... .x_.P.....o..~.{&.............x.........1....$.T.t..O>MQ...~.
...`eUvq...c.j.C..]..&.n...{....F_. ......./....w..=!.3.T....Y.:..U2..
.PE......3..-.4........".iCc.VfYY..W.....C......* ....:o.*oCC...K....3
T...i.w..gU.7TsE..AJ...k}W.4x j|..j}c2sZ.Ka[.d [.y.S.*.....e.d.X9J..X^
.............A.0.X_....AJV..y..?M...$....Fo..*_...DFG.d..a.U}..\......
e.. z...'.={..?.#~....?~.:.G....Xs.EP.E9......:..U..}.J_...6\B.ew.o_U.
...z.|}.$...IAV...`.......T5.0-.;.~...f.m|...>G.o-E...WfT..z55... .
U...z....`.....9C...p.__./..W.?.P.m2J....O...j}.zs@c}.U.#m|.[...F_E...
..%x..#.........&_.e.\...Y..E.....!...P.U..V....U.8[.7.4S...Y'/z.:o=.&
.?bD.o.;..Y#F..x..}......Ua...9..|.0TSkDr...C...4..}&.M..#F.%..(...#..
.u.,...TJ1b......A........*.5..5.............J6. ?.v..(..o}...y..5..fh
.......AE...n.Q......._...6....q4....z..Z..^....}A......L...I2.0.C..?o
W;....c.......zh.?.Z.6.v..........."ul....8.?d.RbD.....)y..a.J_@j.....
.CT]..S.....(......i.:_....\.......Q..jG..%...n.'.."...(_.1L..Kv.,.e'.
...B_.....31W..A0tm..C..g.-.].^...^A_5./)...X.eow9AU....^....!h.4..t..
...m. ....$.....I.....>..D.v'V..]CB.%.uuP)..u..@r>5...6.gk..j...
.aqC....F......J.4.....4X...>.......*..z....a.8{....r..ol..|"......
W...G^..n.y.;..#].v.......cF......i`....*.......7...*...... .m.,faLE.%
...!.P....... ._F........zh.\e...>..........vrJ..A..Al.55E..9...1..
.\RTX...W...}f>....g.|.fGd../..B.e1Z....X.1......tCN...&.Rhz.E.W.).
...df...Jy...fGd........N...]......$........N'..W....rI...b_]`....
<<< skipped >>>


GET /c2.web.yystatic.com/r/rc/yycomscene/core/1/19/core.bmp?wsiphost=local HTTP/1.1
Accept: */*
Accept-Language: en-US
Referer: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=86415000&subSid=86415000&newtuna=1&referer=http:/%2
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Connection: Keep-Alive
Host: 87.245.198.80


HTTP/1.1 200 OK
Content-Length: 312077
Content-Type: text/html;charset=UTF-8
Last-Modified: Sat,05-Dec-15 05:49:09 GMT
Via: 1.1 db80:9005 (Cdn Cache Server V2.0)
Connection: keep-alive
......)}!.C"k..u....rC..R(/.9.....{.K.B......i'...1...b.....Y.,..5...V
........K.......2.YI"Gd.r.Xt..a...r_.l. 9.K4.......4..E..*p.3:E.P.x\%.
>H.(n.E.....6R0..XA{.......-..........W.N.DC.................>,.
&H.D.^.o....bN.f......t)...J..k...nI...u..C(.......%$......_%S.7.si...
^.)...f./.AK....oY.......j...........@./.....A..........1.."..b...G...
.^.. f_.#....CB.iC..C....G.-..$./.A.A....q].lWA.EM?.D.".Q[..0.Y.v.#v..
s....J....O.~mF.`V.....%...mat.W.`J.....o..lp.G....<>.I...W...X.
e#.........]..1....P?..] x(.j.g .L.D......X.yhx..."]...u...|bH..m....Z
$'.XN.$........8u.N.ib.`5.k...7.W..T...V..hA..o_n.5...]<....~..C^(.
.S.(..E.a:vnXUx....j.O;._?^N...Q.....=le[.t*.=K..fd.ab.6Y>.a.Rk.?..
..Y.....rl.7R.Lv}..3..r.v....b.h....}.xT.L...L.x3.TcT\....H....8....2.
..T........;.=.,...M"ek...h....-.E.ys.gRq...{.!MYj...a^y!^..../.\.P~oX
...W........Fmv.w....D...;....qh7..tl.h[1..=.cm.e.Y<.o].......<.
.X...a.......H}.YS.;......NWg.f B.O"QQ....W.Z.!.x..(J.-%.7O.......W.' 
&....9e....l"Ag.....R...X.. f.N=`...........3.?-_..8...J>m.\....?.e
[email protected]..$7.4V..........@[email protected]*...(.Y..i..=. e.._.
.0.W..V...g.Z....o.8*Ku.._.....b.q....T.k...r....LQp..k/....;M.V.....D
Wx...&.!.^f......b....<....FH..o........l...=..y.Q.x.ML..W"(..i....
...%[email protected];............|..P,.6`|.d...)./...T..Ct}.!..R.w....g.....
.,.e...m.@e G....n..?..M....(.K].8i..l..<...b..n.........K....h_;..
?.>._`.T.y..M6.Y..\....X.....\......x...#}ju..t...w.M..[.b7.8..L.J.
..6......X)..sp...T.7? ........g..s...=?.  4v...yO......1t.D.q>
<<< skipped >>>


GET /crossdomain.xml HTTP/1.1
Accept: */*
Accept-Language: en-US
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: yy.com
Connection: Keep-Alive


HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Sat, 04 Jun 2016 17:48:58 GMT
Content-Type: text/html
Content-Length: 154
Connection: keep-alive
Location: hXXp://VVV.yy.com/crossdomain.xml
<html>..<head><title>302 Found</title></hea
d>..<body bgcolor="white">..<center><h1>302 Found
</h1></center>..<hr><center>nginx</center&g
t;..</body>..</html>..HTTP/1.1 302 Moved Temporarily..Serv
er: nginx..Date: Sat, 04 Jun 2016 17:48:58 GMT..Content-Type: text/htm
l..Content-Length: 154..Connection: keep-alive..Location: hXXp://VVV.y
y.com/crossdomain.xml..<html>..<head><title>302 Foun
d</title></head>..<body bgcolor="white">..<center
><h1>302 Found</h1></center>..<hr><cente
r>nginx</center>..</body>..</html>....



GET /r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=86415000&subSid=86415000&newtuna=1&referer=http://VVV.yy.com/210075 HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Connection: Keep-Alive
Host: c2.web.yystatic.com


HTTP/1.1 200 OK
Content-Length: 40045
Content-Type: application/x-shockwave-flash;charset=UTF-8
Last-Modified: Sat,05-Dec-15 05:49:05 GMT
Via: 1.1 db80:82 (Cdn Cache Server V2.0)
Connection: close
CWS.....x..<.<.[...a.2......R...`0v...i.....4..E"-*..=-.]....m..
...E{........wo.~.5gy.9.y....~)8.#.Nk7.g....!.p8..g*N8w._.~M%..."..O..
2V..p.o"...t.....p.......pj.q._.....}<..8%%....j....x....'..5.D"...
..=-..uP#ihkk....... ..5.....>EC[.......$J...f...Ff................
.u........(..).(..(...3...U.....a.T.D5...2.u..) ....x...RGIY.O...uU...
............./Dl.........h.d.90..L..gn..MD....)..........0....#.Rg...f
G..^.v..s!.q.._wp.*.BGE...c.]...?...cCi....).K$..'.....5J...-..]...2..
u........S3...t...,.|....(.k.)-....Q..2...a<.!.....>.t..._....j.
j....N7.t=...L.5q....S...;......(..._2.}\..e...zF...1v.O\..&81.We.]>
;.|_X.l^.;M?..}...g..t..Nu...[O....5nj{...;.pc.;.8 ?.Z..i....l.^a._T.\
.|.Z..}v.;......w.."N3j....I.8.....ls.lqqq..~....@.#....X...>S<.
.k....".C&...9..3=N...3....2J?!.hP;...Xd.ep.S*%m......E8........m.x9.v
.. u..v.F.Z.m....{......0.9mm.%..cF.|.T0r...Q.W............*....x..x..
yv..2....44G..e..f.}\S.u..F..q.;<..@ .G....{.A:.!........|....r-.m]
36..s.7...,l.,..{X\.[..BUB..J..........7....._..A......C..3.o..1......
...m..,.|i.......l.....\..[....OD...7?.Yg...<........*?..)K..qVih..
C...U'.......=..l.......K.....3...hr..I.]h..D."...T..|.....&..pk*.S?*.
.9u............[..F..".....NO.e..?.o.R}9...A..A>-'ge&.d^...j...G.UV
?....Yg.i.....[........[...G.E..v.V.........S'...~qN.._.=..u7....k[p..
..=.6[..d..A..H@N.".Lb.......A...hS..1....6q9../....f....gdoM...^.1W.x
XP................. .UR.]15.vbf..;{wM.G:y.......k.....Um....0g...._8..
...sg....U..H.-....s//,.;.Z.....6T]......W..../.z.6Mm....|.......F
<<< skipped >>>


GET /j.gif?act=webevent&eventid=10008953&value=1&sys=3&uid=0&ui=0.20794194939660737&act_type=201&source=0_0&time=1465062581&username= HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /group16/M00/AB/90/tz0M9VZdRP8AAAAAAABOGkURMpY256.jpg HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: res.m.yystatic.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Expires: Mon, 02 Mar 2026 15:53:42 GMT
Date: Fri, 04 Mar 2016 15:53:42 GMT
Server: nginx
Content-Type: image/jpeg
Content-Length: 19994
Last-Modified: Tue, 01 Dec 2015 06:58:30 GMT
ETag: "565d4516-4e1a"
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 zhenjiang82:8106 (Cdn Cache Server V2.0), 1.1 db78:2 (Cdn Cache Server V2.0)
Connection: keep-alive
......JFIF...................................................%...#... 
, #&')*)..-0-(0%()(...........(...((((((((((((((((((((((((((((((((((((
((((((((((((((........@...............................................
............}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:
CDEFGHIJSTUVWXYZcdefghijstuvwxyz......................................
......................................................................
..........w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:C
DEFGHIJSTUVWXYZcdefghijstuvwxyz.......................................
.............................................?..h...j..\.u9c.x.$..OV..
.(}[email protected]_...X.6....,.F......Z.=.n.Am.........s.3.rk{..`......P.
.f_. ...>.?:.2.."[email protected]_...O.i.c.B.G.r..\V.
'y..t...)g.c.M!... ..6:..)XFv.....j[..'.$.......R.Q|.S..E!{...a.A...A.
...........7zg'..r..uB.m.. `y...*.....)A#...M.I..t...:.....5[.r-......
v.}:....L.a.X]..N..e....F~...F x...<.v6..D.j.d ....[&.l..!.\,.E.$..
i......~u..g.tQ\..k...IH..IO....EZ7.rW..n.)......{..rn...?w ~.........
,.*..'<V.c&.zg.XG........b....\.w.u5.....k..pS....Nk.')..Aj.Y.nh...
1i........W.....WlQ.W?J......../.H\.R .F...wG.. T.[...(.....}:0m..3s..
KAS\..&.;..............?..p/..o&O..(n...ru...Ci..........K.N...u...MM.
....f....$....1r..x...w......<..|["...3........n.4..4...$..U....#.*
..3.H.m.K".. ..#88.....5.......,....>....].`v.A.....Je....bP...K6..
<.....P...RI.g>Q. .T..9..9B.]9_P...|n....5L..%..}"..>......".
h...:X.,J..Q.=...D.i...{......:n....r,.......1..'c.......l4.(...d.
<<< skipped >>>

GET /group16/M00/D5/3D/tz0M9VcXMfcAAAAAAABR2ACo4I4351.jpg HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: res.m.yystatic.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Expires: Sun, 19 Apr 2026 06:03:46 GMT
Date: Thu, 21 Apr 2016 06:03:46 GMT
Server: nginx
Content-Type: image/jpeg
Content-Length: 20952
Last-Modified: Wed, 20 Apr 2016 07:38:41 GMT
ETag: "57173201-51d8"
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 zhenjiang78:8108 (Cdn Cache Server V2.0), 1.1 db77:3 (Cdn Cache Server V2.0)
Connection: keep-alive
......JFIF...................................................%...#... 
, #&')*)..-0-(0%()(...........(...((((((((((((((((((((((((((((((((((((
((((((((((((((........@...............................................
............}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:
CDEFGHIJSTUVWXYZcdefghijstuvwxyz......................................
......................................................................
..........w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:C
DEFGHIJSTUVWXYZcdefghijstuvwxyz.......................................
.............................................?...k.H.....P.s.P1.f.4..v
c..g.]l."B..1l.3...K.P...r^........L....Rx.r....(.,..}@\..A...p.....8.
..9..\.... ....b..3...;FN1w]....j.6...qZ..).%....H..OA.&.....Z..1.K].%
K.)...i...l.e*z....\.GGqS....;$'..5W...p.5i..Gu`G...957....I&.Q..5`.o.
.R..c....=8.]...MK^.]..tIR..)55...fB..e.g.....8..6.....N[.Ee!"l.vH..5.
..4..;.^......4.]...1...j.....- ........NU9T..~........s...Y..-Z.....$
...W .~.....k..N.........0../.&L......".(.PFT..8?_..e...'W..(CN.~k..;o
..U..f.o...U..".Z....][email protected]..:.B......8.I.....~`7.e..
u...Q.....[....CGZ........p.B.U.D7...6.=.....s.d..S.].iN..i..%%.Y.k...
.IDv.......)q..N....:y<..ir.-_.~,.......O..Yt.B..2.s.....U.......J.
....&[...i.....%.I.=.^9......rz.[O.O.........W!mo.YI..C........f..N]..
;...u.....j...7k.....@.&.......V..!E4.!GJ... D.)..Z....sWB~A!..Q.{Q..e
RR.....R.W..#H<..B.....U..#.i=o.~D(.......iAq. ..........UW..b.<
?..}{.XS.....K...s.s4x.V.e.......7.s.V...koO.~.Ar%N/[email protected]..)..
<<< skipped >>>

GET /group16/M00/D5/AE/tz0M9VcY1jwAAAAAAABER38yZBk347.jpg HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: res.m.yystatic.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Expires: Thu, 23 Apr 2026 12:07:08 GMT
Date: Mon, 25 Apr 2016 12:07:08 GMT
Server: nginx
Content-Type: image/jpeg
Content-Length: 17479
Last-Modified: Thu, 21 Apr 2016 13:31:40 GMT
ETag: "5718d63c-4447"
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 fuzhou191:8104 (Cdn Cache Server V2.0), 1.1 db77:10 (Cdn Cache Server V2.0)
Connection: keep-alive
......JFIF...................................................%...#... 
, #&')*)..-0-(0%()(...........(...((((((((((((((((((((((((((((((((((((
((((((((((((((........@...............................................
............}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:
CDEFGHIJSTUVWXYZcdefghijstuvwxyz......................................
......................................................................
..........w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:C
DEFGHIJSTUVWXYZcdefghijstuvwxyz.......................................
.............................................?......^.F...Z].v.Z]..(..
..(....Qiw......aE.....K.]...p..2(.....Il......r........(......i..;.q.
q&...j.'\sK.]..nI...).....~o.<...-**.g.sI.....$_]....9...G......G..
....?a.{I.n<;k2...}p...#..3......\....t-....^.F....2..w..e%..Q.....
R.g,.c....?.j..]......g..}.....].Y.....I5..."...........8v.........2..
9X.9..PFC...A......o..6.".w$.._....,.\.B.,R...<.6...h..u...Oq*.....
n..#..}../".3.V...M[c~l.K.zV*Z.s......}J.C..f.A.` ....8.1.l.d*N.pW..Z*
&oNq.|...MB/.I...c........7c..%.hz/.m...e.....0.y.J)Y..1.N.O.:m..[....
...#_.?.5."..k.)j}...........8.........[.\.I..............(......(....
P.G9..n....Fi.3.C%..Px...4c...2......h..........h..=h..P......2..{.'..
[email protected]<......IWtg$ShQ...M.....p.....z..N.u,.gR...E;.`....
.tA...]J.m>.5..G0..q..uCC.ML...QA$.......P.,#,..W\U.0..7.."....[...
.n.....g.-]J6h......M..2.70...........H..^/..q..*....Z.|,. .....E..#..
.~<..Z.(..G.,.(.a...:f.F.M]..."I.V.ZN..5.......[...G.I...Q...a.
<<< skipped >>>


GET /r/sc/yycomscene/defaultScene/1/76/liveCard.swf HTTP/1.1
Accept: */*
Accept-Language: en-US
Referer: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=86415000&subSid=86415000&newtuna=1&referer=http:/%2
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: c2.web.yystatic.com
Connection: Keep-Alive
Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b; hiido_ui=0.57246662237330648


HTTP/1.1 200 OK
Content-Length: 53965
Content-Type: application/x-shockwave-flash;charset=UTF-8
Last-Modified: Sat,05-Dec-15 05:49:20 GMT
Via: 1.1 db80:9005 (Cdn Cache Server V2.0)
Connection: close
CWS.x...x..=.`SU.yY.et.!.J..][email protected][(..&.m ...C.(CD6(...d.l.(.P...
."{......5I)...5..{....u..<._<^.7<........x....<^g..X.....
.Y.........Nu\\yyyly.X..$..c..q...Z....1L..m...3..vA.....eq.-.....E..;
.iS.T...P..eEE.Mq....v7......2........bt:......W...:L...etL....v..".&l
t;n..Jw.8..RZ.f. T.ov..1 .....l..A.X#....r...|NO...........]nt......[.
..f3.h.....84..j..x.%t..n..#pU....Mwi...........t..6.l.......k........
.H.`...O.T:.. ....G.".A...1.v.`...)F....Z.......x.O.....=M..#...~^....
.B.%..%b.\*..@L*.....e &......Tu..r.L*....".A..p........$.UJ2 R..E..BT
...ep..?......x........B.B...yuaS..A.n...HL............/...$.._ ...!.d
X.....5=...)E..Zmr]..>.<u... g$...*.'......bCx.H.D .`........(L.
s.G.W..`.....\.^.....h. ...w9...(...$.H....DjoyF_....T...h.4F.vj......
...|.... ...'e......by....q.S..0;.7...{..#W.uij..O.}....._l.....k.....
`..N- .....Q.r.R......_0O......T..G.....ZH..w....z^.~......\...`.}....
&.iM.v..c..C:.Xz{R........Xw .......!S..t.ts.(.5..w...}C5e......./<
......U..->{......My...h...a......Mk...S.....]Z.d.W).=.&~.72."...i.
>....1........pL.......~......?.;{r......d............>....{o...
...>j...c.e..i...av......?}...)...4?M.8.F....../.8......&..K..i....
...>..0f.....f?....l......_L.-S....jw.....#....wN.L^L............(.
BO..6S-k.,V..}~..k........#...`B......5| O.?.}WSs03......_P:p...u...Nw
5j..F.]*~^..{....."..:.s.../.=.-..q...'...#x.h..o..L}.3&=....G....;...
...*.............'.c{tp..l}Y.....?.:{...6.~sw.../~pu.....U...8.b`.....
.>]_I<m....;&....x........n.....x(ysD....=........W._-.ou...
<<< skipped >>>


GET /j.gif?act=webstat&ht=VVV.yy.com&siteid=www@yy&speid=&ui=0.9037752212777944&sc=1276.846&cl=32-bit&pcmb=1&os=win|xp&bs=ie6&mb=&se=&wd=&rfh=&rf=&sns=&fl=-1&ln=&ja=1&ck=1&ot=<=&xy=&ext=&v=v0.8.0&pl=http://VVV.yy.com/136724&isnew=1&hsid=0.4559120123177925&io=1&ut=1465062549724&rnd=0.90377522127779441465062549724 HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410500173


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410500173; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /t.gif?tanx_nid=109887427&tanx_cm&domain=yy.com&hiido_ui=0.20794194939660737&time=1465062548&zds=www@yy|&hi_cmui=buCLmnR1GIMVgMVaX93GCw==&hi_cmuiv=0.6& HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: cms.tanx.com
Connection: Keep-Alive


HTTP/1.1 302 Found
Date: Sat, 04 Jun 2016 17:49:02 GMT
Content-Type: image/gif
Content-Length: 49
Connection: close
Server: Tengine
P3P: CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV"
Location: hXXp://log.mmstat.com/cm.gif?url=http://cms.tanx.com/t.gif?tanx_nid=109887427&tanx_cm&domain=yy.com&hiido_ui=0.20794194939660737&time=1465062548&zds=www@yy|&hi_cmui=buCLmnR1GIMVgMVaX93GCw==&hi_cmuiv=0.6
Timing-Allow-Origin: *
GIF89a...................!.......,...........T..;..



GET /pc/js/liveplayerInline.js?20160603212726 HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: yyweb.yystatic.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Expires: Fri, 10 Jun 2016 15:44:21 GMT
Date: Fri, 03 Jun 2016 15:44:21 GMT
Server: nginx
Content-Type: application/x-javascript
Content-Length: 3927
Last-Modified: Fri, 03 Jun 2016 14:07:09 GMT
ETag: "57518f0d-f57"
Cache-Control: max-age=604800
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 fuzhou185:8107 (Cdn Cache Server V2.0), 1.1 db78:10 (Cdn Cache Server V2.0)
Connection: keep-alive
!function(){var e={ctrl:function(e){var a=document.getElementById(e);i
f(a)return("ActiveXObject"in window&&/(msie |Trident\/.*rv\:)(\d*)/i.t
est(navigator.userAgent)?RegExp.$2:!1)?"object"==a.tagName.toLowerCase
()?a:"":"embed"==a.tagName.toLowerCase()?a:a.getElementsByTagName("emb
ed")[0]},trace:{enable:~location.href.indexOf("debug"),log:function(){
if(this.enable&&!(e.UA.ie&&e.UA.ie<8)){var a,i=e.makeArray(argument
s);i[0]="[" (new Date).toString().toLocaleString().replace(/^.* (\d \:
\d \:\d ) .*$/,"$1") "] " i[0],"undefined"!=typeof console&&(e.UA.ie?(
a=[],$(i).each(function(e,i){if("string"==typeof i)a.push(i.replace(/%
c/g,"").replace(/color:\s*[^;] ;/g,""));else if("object"==typeof i)try
{a.push(util.JSON.stringify(i))}catch(o){}else a.push(i)}),console.log
(a.join(" "))):console.log.apply(console,i))}},info:function(){var a=e
.makeArray(arguments);a=["%c[info]","color: #005982;"].concat(a),this.
log.apply(this,a)},warn:function(){var a=e.makeArray(arguments);a=["%c
[warning]","color: #8a8000;"].concat(a),this.log.apply(this,a)},error:
function(){var a=e.makeArray(arguments);a=["%c[error]","color: #ff0000
;"].concat(a),this.log.apply(this,a)},flash:function(){var a=e.makeArr
ay(arguments);a=["%c[flash]","color: #7d0000;"].concat(a),this.log.app
ly(this,a)},web:function(){var a=e.makeArray(arguments);a=["%c[web]","
color: #556fb5;"].concat(a),this.log.apply(this,a)},wf:function(){var 
a=e.makeArray(arguments);a=["%c[web2flash]","color: #7e0043;"].concat(
a),this.log.apply(this,a)},ajax:function(){var a=e.makeArray(argum
<<< skipped >>>

GET /pc/images/components/w-leftMenu/images/icons-menuclose.png HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: yyweb.yystatic.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Expires: Sat, 11 Jun 2016 11:15:37 GMT
Date: Sat, 04 Jun 2016 11:15:37 GMT
Server: nginx
Content-Type: image/png
Content-Length: 1914
Last-Modified: Tue, 31 May 2016 10:36:18 GMT
ETag: "574d6922-77a"
Cache-Control: max-age=604800
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 fuzhou185:8111 (Cdn Cache Server V2.0), 1.1 db78:4 (Cdn Cache Server V2.0)
Connection: keep-alive
.PNG........IHDR..............]Hr....tEXtSoftware.Adobe ImageReadyq.e&
lt;..."iTXtXML:com.adobe.xmp.....<?xpacket begin="..." id="W5M0MpCe
hiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk=
"Adobe XMP Core 5.3-c011 66.145661, 2012/02/06-14:56:27        "> &
lt;rdf:RDF xmlns:rdf="hXXp://VVV.w3.org/1999/02/22-rdf-syntax-ns#">
 <rdf:Description rdf:about="" xmlns:xmp="hXXp://ns.adobe.com/xap/1
.0/" xmlns:xmpMM="hXXp://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http:/
/ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photo
shop CS6 (Windows)" xmpMM:InstanceID="xmp.iid:A304DAA9EA8111E5BB679C93
BB9C9144" xmpMM:DocumentID="xmp.did:A304DAAAEA8111E5BB679C93BB9C9144"&
gt; <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:A304DAA7EA8111E5BB
679C93BB9C9144" stRef:documentID="xmp.did:A304DAA8EA8111E5BB679C93BB9C
9144"/> </rdf:Description> </rdf:RDF> </x:xmpmeta>
; <?xpacket end="r"?>..&.....IDATx...]HSq......9..S...S/..8D...q
}.KH..S.C/.Db.%........C.T.$YT.Z.... .zp.A...t..s..........9p..x......
....FGG..`...{...U..n...<..Qm.a8p|....B....U.4F.....>.0..>.=S
....<....y...`.W".......L.:f..q:.zE...H)f..I..(**rc5..P.f.....S.9..
....A..........Ld.f........0....%.r.2.<c"[0.)..T)-..h.....b.....x..
F].V.F%.UM3...).v...p...H....^..j.1.:.M......rc.)B'.....)b...bl.`... .
.D.A..D.A...7 ===..Dx{:...j.9...`hh.......}U(g......6...zL..2<.....
0.4Bu....iPSS.C.K..mj....:.....o........ ..G...........o..r.@ .......R
.A..D.A..D.....!......U.....)...H.W.H.)..Fi.m..V".x.. ...:..'.a%2;
<<< skipped >>>

GET /pc/images/components/w-liveplayerToolBar/images/w-liveplayerToolBar-sprite.png?201605261526 HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: yyweb.yystatic.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Expires: Fri, 10 Jun 2016 12:20:01 GMT
Date: Fri, 03 Jun 2016 12:20:01 GMT
Server: nginx
Content-Type: image/png
Content-Length: 13160
Last-Modified: Fri, 03 Jun 2016 06:47:12 GMT
ETag: "575127f0-3368"
Cache-Control: max-age=604800
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 db77:1 (Cdn Cache Server V2.0)
Connection: keep-alive
.PNG........IHDR.............5.J...3/IDATx....|T...#.V.V_.......[..A@.
k.VmA.b}..k[.[U...V..[.A(.P....Wdqa..Xe.....I $..$.d&3...<...f2..w.
L.N...:..{.<.w....<..'.&........"..$...mce[[.....&M...Er.j..L..n
jC7..7.~W&2.9..%..{...=..v...k.5..7..?.."o"..:.^d6.3p{..w0r...52`.;..6
./..LO_5.\.\.,.l........&P.G"..F........U...F?U....g...4 .t.....d8.=..
.k....T.ed./.k..9.......X..Wns....d0........"..m..]..H9.g...]....r.M..
.....Q.#[email protected]... ....'H1..$..6./.Z..%..O;.`.l...!......^?.d.....q."}.A.
.ZH.-..q1. nG..'[email protected]....#.k..0....6..X...~C......
w|2.z......#.J......#...LN..W..e^,..)."..m.."dt.,[email protected].%v........{.AR
........>........#..G..@..(.......<Z...M......~..A.y....z.......
..>.].^..............#..../l...W..i_......K[}.R........'.T!...3'.c.
.s..*..M....o..q...y\..G...jl<....K.........O.._.P.s..M..k.$..ar...
t.Z.F.Kc....6...8E...d.~....d0a%1&.&....f.V.#..H.R.=.=A...g.^.7..x7.].
^..N......?.'.G.&....]....'-.(..;......>>'o....V.A..........Ad7.
L...\....m.JvA.m.H1.=........B.l....%...I75Y.W.,.P{...s.R.{.|F.#.....2
...D..........>.F.,....~...Y.........7..............m .dY..."..<
..~.R.o.3H..wd......F..L.)P.l.\.A....4....{..yr..d..Pbn7./\[..........
..m%.........o.r..r....,.e...,n.....V.......7.z0...B..f.....r.?..~....
[email protected]`.......R9..C...C..P......'..\..V.K'......)
. Q...s.............r....I...o=.zT..u..t...........(..9..Q\$d...77.#..
|]...PkCA..| rO....#7J.>).]....g.".,Q. =x;.M..<..v..r...XN!}.xs.
..q.k.W.z..s.or....*........JL..]....XN...6B .;..}..o*..h..2Cdq..!
<<< skipped >>>

GET /pc/images/default_load.png HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: yyweb.yystatic.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Expires: Fri, 10 Jun 2016 15:44:05 GMT
Date: Fri, 03 Jun 2016 15:44:05 GMT
Server: nginx
Content-Type: image/png
Content-Length: 4183
Last-Modified: Tue, 31 May 2016 13:48:30 GMT
ETag: "574d962e-1057"
Cache-Control: max-age=604800
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 fuzhou186:8108 (Cdn Cache Server V2.0), 1.1 db78:4 (Cdn Cache Server V2.0)
Connection: keep-alive
.PNG........IHDR...<...<.....:..r....IDATh...M.....5...kz>...
.q=.{.Q.$&...~J.!O.....P 'v.(.I..<..%^....<.A.0......^.Vk...umk]
......J......|...JU......{..j.......Y_..U^....<.{..?%.hd=3.c=G..t..
O..u.H.........uQJ...{...,. ...,.....~...<:......^......C..C.G.(bWd
. ~..............9.g.....p..R.K...F.[/|<....7...|.....^9.....'.....
..........}...u..W...c.....sD.;"......f".......n.i......0.?..w..;.....
A...s........k......g.w.../...H(.SJ.d...8.......h......./....=[.C[8.@.
.......8p...o.{.zg./.X.q.....d....Rr.#f..*...w;`...E......^.b..S.1.D..
..}..../..=.N...s.4.u...:..r.....o.... %.*_.. ....=....cW, |o`g9e.;M..
.....[....Wn.p.E.....DA....."....s'...8.6..Cb.(*...H..Ei....X..?....Nq
.....78P3..r....u.A...`...TMD..X..... i'U....`....e....8.m........S7.'
..........I........o8Yj...L..........Z..i.k.f.c.{z.!#.#&.VK...A.A...J.
7.7..{..&...zL.8..c..p..........~LX^...M...f.V..I.....w...`j.cJ.....a9
.B.............e%pm.N........]........&0...|.'..q.3I.n..#3...E...y..Fs
.k.].aFh...1....[%..oY....o......_]...Y.L|Z.Jfu...U...]......S.M.6.5.b
.....6.F.\.............3!.2oM..B....'.@gL*.B...3......ma5....U .t6.de.
.#.....`./e".....E..!_....X/....G~30...J.H!xU..%.$l.u>...~/.cZ.....
\...G.e....G.....H..L/.....c.....x...E...U..Ys5,.as.&...^.i.=dfc.59...
.0..'.S5...#!_.{...\.=.....[....-p-..a....p.o ....j...K...*..}u..$w.KD
...f....C.s.;..*\'.:........p..........<W]......z.)?.......m.).n.ju
.v.9...[.t.............o..[...Y...5..;Z6.i.]S.......J-.4e.h.o..m...t..
.L......x..-.....,.E.)&..jYFL...".uU..d"..I]....<."..V.a....f.K
<<< skipped >>>

GET /pc/images/components/w-liveplayer/images/w-liveplayer-sprite-p24.png?201605261526 HTTP/1.1


Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: yyweb.yystatic.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Expires: Fri, 10 Jun 2016 12:20:02 GMT
Date: Fri, 03 Jun 2016 12:20:02 GMT
Server: nginx
Content-Type: image/png
Content-Length: 932
Last-Modified: Fri, 03 Jun 2016 06:49:14 GMT
ETag: "5751286a-3a4"
Cache-Control: max-age=604800
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 zhenjiang80:8107 (Cdn Cache Server V2.0), 1.1 db77:7 (Cdn Cache Server V2.0)
Connection: keep-alive
.PNG........IHDR.......K........!....PLTE.............................
......................................................................
......................................................................
.......................qp.s...*tRNS......!"(?@CGKPVcilww..............
..........H...iIDATh...go.0... P.({...4....._.c......*5.G.H.......WN;g
m...0V......yS..I....?:8.....\".M....D...%.i....b.l.5E...%..4.H.1..{..
..R.c..H.uu.y...)t..{.......;[email protected].............."..8....U.....?g
.7.v.|.i/7g....*$;.XG{V.....#.5.{W.#...s\.....G..& .|Yg{..J...g4k...RS
..m3 .bJ....j.k-..vY..T.[,.".U...h."m.G...ZV.........W. ....,wQ.T.....
.k1..b....yag............:]...?...U.......!C.y:5..V..]|N"Ma...u..M....
uc..i.....\7i...u.l.i....b.r4Vn...... a...F.......V.......a.{.Q,...>
;Z.S.K..C`.X..,....K.6....i..4.........o_I,.f...?......h,.c7".....b>
;.......,...:..r%...**.........3 ..R8(...=8......^.y..X.....?....BV..Y
! d.,|...!..X)@.....IEND.B`.....


GET /pc/images/components/w-chatroom/images/alpha-bg.png HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: yyweb.yystatic.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Expires: Thu, 09 Jun 2016 13:55:41 GMT
Date: Thu, 02 Jun 2016 13:55:41 GMT
Server: nginx
Content-Type: image/png
Content-Length: 1165
Last-Modified: Thu, 02 Jun 2016 09:02:53 GMT
ETag: "574ff63d-48d"
Cache-Control: max-age=604800
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 db77:1 (Cdn Cache Server V2.0)
Connection: keep-alive
.PNG........IHDR.......F.......^'....tEXtSoftware.Adobe ImageReadyq.e&
lt;...qiTXtXML:com.adobe.xmp.....<?xpacket begin="..." id="W5M0MpCe
hiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk=
"Adobe XMP Core 5.3-c011 66.145661, 2012/02/06-14:56:27        "> &
lt;rdf:RDF xmlns:rdf="hXXp://VVV.w3.org/1999/02/22-rdf-syntax-ns#">
 <rdf:Description rdf:about="" xmlns:xmpMM="hXXp://ns.adobe.com/xap
/1.0/mm/" xmlns:stRef="hXXp://ns.adobe.com/xap/1.0/sType/ResourceRef#"
 xmlns:xmp="hXXp://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xm
p.did:8ad64beb-0567-7b4c-a3c5-f03681ebd8e9" xmpMM:DocumentID="xmp.did:
6CFE6418FC9D11E59BDE8CC47D964442" xmpMM:InstanceID="xmp.iid:6CFE6417FC
9D11E59BDE8CC47D964442" xmp:CreatorTool="Adobe Photoshop CC (Windows)"
> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:6c08b5c3-eee2-7f4
3-81b4-21b6d0020688" stRef:documentID="xmp.did:8ad64beb-0567-7b4c-a3c5
-f03681ebd8e9"/> </rdf:Description> </rdf:RDF> </x:x
mpmeta> <?xpacket end="r"?>........IDATx...K..0.D.....;...$2.
\/[vy.;...L.^B......p0h.u..R(zJ.T..(....*..3W..#\s.,....|Q...6.-.,....
...t.c..pG=..A.>..T.w.Y.Q...]..^...6.`...*.9.].....A....*...^ Oe..x
.e..D{}........}.`..(.=....IEND.B`.....
<<< skipped >>>

GET /pc/images/components/w-thirdpartyLogin/images/login_btn.png HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: yyweb.yystatic.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Expires: Thu, 09 Jun 2016 01:15:21 GMT
Date: Thu, 02 Jun 2016 01:15:21 GMT
Server: nginx
Content-Type: image/png
Content-Length: 8363
Last-Modified: Wed, 01 Jun 2016 11:26:51 GMT
ETag: "574ec67b-20ab"
Cache-Control: max-age=604800
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 db77:1 (Cdn Cache Server V2.0)
Connection: keep-alive
.PNG........IHDR.......".............tEXtSoftware.Adobe ImageReadyq.e&
lt;..."iTXtXML:com.adobe.xmp.....<?xpacket begin="..." id="W5M0MpCe
hiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk=
"Adobe XMP Core 5.5-c014 79.151481, 2013/03/13-12:09:15        "> &
lt;rdf:RDF xmlns:rdf="hXXp://VVV.w3.org/1999/02/22-rdf-syntax-ns#">
 <rdf:Description rdf:about="" xmlns:xmpMM="hXXp://ns.adobe.com/xap
/1.0/mm/" xmlns:stRef="hXXp://ns.adobe.com/xap/1.0/sType/ResourceRef#"
 xmlns:xmp="hXXp://ns.adobe.com/xap/1.0/" xmpMM:DocumentID="xmp.did:08
44673FFD5611E59329C7AD930B1631" xmpMM:InstanceID="xmp.iid:0844673EFD56
11E59329C7AD930B1631" xmp:CreatorTool="Adobe Photoshop CS6 (Windows)"&
gt; <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:7F002BF2F26911E5B2
0D9BEF70BA27A9" stRef:documentID="xmp.did:7F002BF3F26911E5B20D9BEF70BA
27A9"/> </rdf:Description> </rdf:RDF> </x:xmpmeta>
; <?xpacket end="r"?>........IDATx.....T.....o.o.F.../....ED....
..&jf...$..|:.._t....q>...2j...E.A..."..BC. ..k.U.9......f.Bo......
........}.........B0W.......!g/A.jE[".Z..o.h.).B.R.....m.^.... $.P....
*BH,EzZ.B..".o.7.^d.e.306..|..6..MN...z.QU...hG...."..B.?.7.M|..l...9.
..m.......;...]....a....&...A.X~E.q.!......|,...V..=FR[ ...x..b.J..3..
x.."..1.T.H....\\|.7....p..\..IM..91..f.i....9....s$..b.fc....>.].f
W..`........i[.03E<BHJ..4...s.....Hj.$.q....^[email protected]...@...`
Xf..W`7..9..=...)M7cL.5....G.W!D..q...?.,...Y.ER@ .f.<......jG .|..
.b6.Ty...HF.X`10P'....crP.aN.y..s~ot6{.hW .j.8&y7..B ..%...,.Ifaa.
<<< skipped >>>

GET /pc/images/components/w-liveplayer/images/w-liveplayer-sprite.png?201605261526 HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: yyweb.yystatic.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Expires: Fri, 10 Jun 2016 15:49:19 GMT
Date: Fri, 03 Jun 2016 15:49:19 GMT
Server: nginx
Content-Type: image/png
Content-Length: 3860
Last-Modified: Fri, 03 Jun 2016 06:49:14 GMT
ETag: "5751286a-f14"
Cache-Control: max-age=604800
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 zhenjiang73:8080 (Cdn Cache Server V2.0), 1.1 db77:9 (Cdn Cache Server V2.0)
Connection: keep-alive
.PNG........IHDR...............e.....PLTE.......JJ9.%....ttj..........
f..3v.i..........D....-...z..""......VVV.QQD.1...X.G...,..............
".......|..L...<..4....Y...........................2............44.
......jj...........u...|..K..d...........)..s.......................N.
=.......bbK.V...........).....>D.2V.............Q...'..........S...
............\....,I.!.xxk.\....--...S..A.2................>>..$-
..............x.....\..2....?.................u..AF.*G.$.....C....c-..
.....**........<..<[email protected].~...B........:...''
E./Z.o......v..A.9A..Q...........i..K.D.XXG.)...&.............8"......
.....J.7...F.3.............  ..@.............**....**..A.....AN.....-.
[email protected]..^..G.....@.....<......
..,m..}.p......p.b..............................$............J......tR
NS....................................................................
......................................................................
......................................................................
................................................S..%....IDATx....TSW..
`$..A..$..a. .. ..)Qi......U.e.."...Z,.Z.;....`..tp)..rARK\..Z.YZZu4XZ
.s........G.....wr}.....^...bp..S^`..E.......~.w4.h..}..d....V....W...
.\......v.......{.vH.........?hF.N..l..#.".3....g.W. ....w...9....MCC.
..[_....f.^}t.U`...o..9..5.ou.>h..zC..4..-<.|..X.($"QX\.........
....[_.0.b.k}...9&..$.g..(.g..;..C....y./...O..H|.d...O.j.....t.g.....
Y).../..gs.p.i.'.;]9...M...M.\.o.2 ...^.....c.m...O...7...(.r].n/{
<<< skipped >>>

GET /pc/images/components/w-liveplayer/images/w-liveplayer-sprite.png?201605261526 HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: yyweb.yystatic.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Expires: Fri, 10 Jun 2016 15:49:19 GMT
Date: Fri, 03 Jun 2016 15:49:19 GMT
Server: nginx
Content-Type: image/png
Content-Length: 3860
Last-Modified: Fri, 03 Jun 2016 06:49:14 GMT
ETag: "5751286a-f14"
Cache-Control: max-age=604800
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 zhenjiang73:8080 (Cdn Cache Server V2.0), 1.1 db77:9 (Cdn Cache Server V2.0)
Connection: keep-alive
.PNG........IHDR...............e.....PLTE.......JJ9.%....ttj..........
f..3v.i..........D....-...z..""......VVV.QQD.1...X.G...,..............
".......|..L...<..4....Y...........................2............44.
......jj...........u...|..K..d...........)..s.......................N.
=.......bbK.V...........).....>D.2V.............Q...'..........S...
............\....,I.!.xxk.\....--...S..A.2................>>..$-
..............x.....\..2....?.................u..AF.*G.$.....C....c-..
.....**........<..<[email protected].~...B........:...''
E./Z.o......v..A.9A..Q...........i..K.D.XXG.)...&.............8"......
.....J.7...F.3.............  ..@.............**....**..A.....AN.....-.
[email protected]..^..G.....@.....<......
..,m..}.p......p.b..............................$............J......tR
NS....................................................................
......................................................................
......................................................................
................................................S..%....IDATx....TSW..
`$..A..$..a. .. ..)Qi......U.e.."...Z,.Z.;....`..tp)..rARK\..Z.YZZu4XZ
.s........G.....wr}.....^...bp..S^`..E.......~.w4.h..}..d....V....W...
.\......v.......{.vH.........?hF.N..l..#.".3....g.W. ....w...9....MCC.
..[_....f.^}t.U`...o..9..5.ou.>h..zC..4..-<.|..X.($"QX\.........
....[_.0.b.k}...9&..$.g..(.g..;..C....y./...O..H|.d...O.j.....t.g.....
Y).../..gs.p.i.'.;]9...M...M.\.o.2 ...^.....c.m...O...7...(.r].n/{
<<< skipped >>>


GET /1501809610_1465004462.jpg?ips_thumbnail/4/0/w/363/h/330/format=jpeg HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: mobilelivephoto.bs2dl.yy.com
Connection: Keep-Alive
Cookie: hiido_ui=0.20794194939660737; Hm_lvt_c493393610cdccbddc1f124d567e36ab=1465062552


HTTP/1.1 200 OK
Date: Sat, 04 Jun 2016 17:49:05 GMT
Expires: Sun, 05 Jun 2016 01:46:17 GMT
Server: openresty
Content-Type: image/jpeg
Content-Length: 17843
Accept-Ranges: bytes
Last-Modified: Sat, 04 Jun 2016 01:41:02 GMT
ETag: "9d838e8bd82157602b44619b4686509fd1cbb8d7"
Cache-Control: public,max-age=86400
X-Via: 1.1 fuzhou183:8106 (Cdn Cache Server V2.0), 1.1 db77:4 (Cdn Cache Server V2.0)
Connection: keep-alive
......................................... $.' ",#..(7),01444.'9=82<
.342...........2!.!22222222222222222222222222222222222222222222222222.
.....J.k.."........................................................}..
......!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXY
Zcdefghijstuvwxyz.....................................................
.................................................................w....
...!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZ
cdefghijstuvwxyz......................................................
..............................?...E.V .Rb.....C@[email protected] ..(.E;.3.p.HCOZ
|}O....pP:Rl........-4...d.QV-...{t..dU.<zrMVb]......X <...L..M.
x..z.......s..qH$..G....h.r.2...;h..{Qp.e.).R...F.}4..m..o..>.d....
....&O.&O. 0.o..m.....4....F.S.)\....h<t....&.6...f.....E8.......\`
[email protected].".z.Z.\3.KI.....iG.!4..ah...Z....%...9.. 9.<...Z~sL..J:.-.
......(..bc....z..C...Io.Q.....o.h.)\D]y=M(.J.=MI.d.......< .9.i..G
Z1N.c.Q..E .v.h...f..X.n.u74Q`.ph'4....`...z1J8.`..w.....S....(8......
.R......)....Q.\P.{Q.P)i....u7.JLf.q....:......[......A.wZ:.h"...=...`
[email protected]).~)...)GJZD.......C......su..t...D.s...&.E..z...9.g2HO....R
..c.:...j..{.PE...~*.RBl([email protected].)h...h...(...(...(...QE...
..(...(...(.....P.=Jy.M9..E.O.t..>..:..)...............".a..h.H..4.
H.8.S....E.....L..O.........;..RlM...*..G.O....w2......./[email protected]..[!
....J....@......Q.....Z-.q.s2....s.....QE..QE..QE..QE..QE..R.4.P.E.P..
)h"...R..(....E..(...(.4.R.(..s.A8..R1...h'.o.... ....4.;.3....R.L
<<< skipped >>>


GET /j.gif?act=webevent&eventid=10008953&value=1&sys=3&uid=0&ui=0.20794194939660737&sid=72578111&act_type=1&source=0_0&bak1=0_0&parm1=0&time=1465062597&username= HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /j.gif?act=web&zd=www@yy|&ui=0.20794194939660737&sp=0&fl=11&sl=0&ss=2&bs=6&mb=0&nw=0&fd=0&hiido=0&sn=0&ls=0&ut=1465062570693&wd=0&passport=&sns=null&pcmb=1&pl=http://VVV.yy.com/210075&v=T20160526.01&rnd=0.207941949396607371465062570693 HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /j.gif?act=web&zd=www@yy|&ui=0.20794194939660737&sp=0&fl=11&sl=0&ss=2&bs=6&mb=0&nw=0&fd=0&hiido=0&sn=0&ls=0&ut=1465062595099&wd=0&passport=&sns=null&pcmb=1&pl=http://VVV.yy.com/210075&v=T20160526.01&rnd=0.207941949396607371465062595099 HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /j.gif?act=webstat&ht=VVV.yy.com&siteid=www@yy&speid=&ui=0.9037752212777944&sc=1276.846&cl=32-bit&pcmb=1&os=win|xp&bs=ie6&mb=&se=&wd=&rfh=&rf=&sns=&fl=-1&ln=&ja=1&ck=1&ot=<=7000&xy=&ext=&v=v0.8.0&pl=http://VVV.yy.com/210075&hsid=0.4215254752462996&io=0&ut=1465062594614&rnd=0.90377522127779441465062594614 HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /j.gif?act=web&zd=www@yy|&ui=0.20794194939660737&sp=0&fl=11&sl=0&ss=2&bs=6&mb=0&nw=0&fd=0&hiido=0&sn=0&ls=0&ut=1465062562786&wd=0&passport=&sns=null&pcmb=1&pl=http://VVV.yy.com/210075&v=T20160526.01&rnd=0.207941949396607371465062562786 HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /j.gif?act=web&zd=www@yy|&ui=0.20794194939660737&sp=0&fl=11&sl=0&ss=2&bs=6&mb=0&nw=0&fd=0&hiido=0&sn=0&ls=0&ut=1465062571630&wd=0&passport=&sns=null&pcmb=1&pl=http://VVV.yy.com/136724&v=T20160526.01&rnd=0.207941949396607371465062571630 HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /r/rc/yycomscene/core/1/19/core.bmp HTTP/1.1
Accept: */*
Accept-Language: en-US
Referer: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=86415000&subSid=86415000&newtuna=1&referer=http:/%2
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: c2.web.yystatic.com
Connection: Keep-Alive
Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b; hiido_ui=0.57246662237330648


HTTP/1.0 302 Found
Cache-Control: no-cache
Connection: close
Location: hXXp://87.245.198.80/c2.web.yystatic.com/r/rc/yycomscene/core/1/19/core.bmp?wsiphost=local



GET /j.gif?act=webstat&ht=VVV.yy.com&siteid=www@yy&speid=&ui=0.9037752212777944&sc=1276.846&cl=32-bit&pcmb=1&os=win|xp&bs=ie6&mb=&se=&wd=&rfh=&rf=&sns=&fl=-1&ln=&ja=1&ck=1&ot=<=6875&xy=&ext=&v=v0.8.0&pl=http://VVV.yy.com/136724&hsid=0.4559120123177925&io=0&ut=1465062587958&rnd=0.90377522127779441465062587958 HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /pc/css/headfoot.mix.css?20160603212726 HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: yyweb.yystatic.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Expires: Fri, 10 Jun 2016 14:29:26 GMT
Date: Fri, 03 Jun 2016 14:29:26 GMT
Server: nginx
Content-Type: text/css
Last-Modified: Fri, 03 Jun 2016 14:07:12 GMT
Transfer-Encoding: chunked
Cache-Control: max-age=604800
Content-Encoding: gzip
Age: 1
X-Via: 1.1 zhj75:8110 (Cdn Cache Server V2.0), 1.1 db77:7 (Cdn Cache Server V2.0)
Connection: keep-alive
1530.............<i..8r.. .;...d.}b..dll..O..6...Zbwk..4..~.....-..
..H....'..b..V....5.z08/....o..x..CS...2.....!x...s........... ..2..eU
...kY..~..SS<:...|..8... @.t.P6..nj.t.n..}..O....}..xY..{?.....?.ro
....E...g...bp.%....{n..{..k.^c......n..n..[.nS...v......u s..{..[.]..
....(......@.....~.0..{"P!..........!..............H.....#........mS..
..........0Bz.e.U^V...p.....t]c.0...S66..*k.....X.}[e.....om..Y=<..
....d..|..6........1....c.I..........u...r..R......G.E..b....}x.....2.
..9...f......^.?e.......g......Y..Gy.3.......<.oe.})..z.o...x..O...
[email protected]..].......b.5./5............`.....bsn.{.... ...
[`k......R......J.- k...4. P.=.B...b%.?5.^^....jz ....p.. ........z}..
.....#.}.... .r?on...]y......j!w.C...d.l.. .....O....?."....n... .8..&
C.Ep..L(....N.A~).Ky.g.s.....K....o.......).I*.a 3..g.....Q...OQ.n.8..
.8ys|.a.t.................;j............j..n.....^.]...?n..\..;.?....)
...C..^.=.6.....38~.2R....L.{C.....z......`QG..y.e.....W...8#-....\.}.
.....R...............|[email protected]...>46.D{..)..aY.......)..
...b...Y...L$...[..4a..G.....Q.....:B/.9....v.=....s.._..=..Q..>...
.)U......V.y...>.f`).j..."..x!3U.8.u:j..-B.}..R.8...D..3.....E.j..|
[email protected])k..Lj.}.=..Q..iz4#.\.....v:...P.N.m.Y..m.V..X!.HN....m.....
....A..t.S.:p...o......g..c....N:.r.J...O...N.....6u.......*.*[email protected]...
.......!.....]......H...7..T."".t...Z......Z...E..bAO...TQ.1'.I..e.k..
~DZ.\...>.......... 0.'......Fv.=Zh..........X:.1..V5.&...y).cb~.e.
.o.C....y....h`..F.:........v...........}.|.y..........G...._.-...
<<< skipped >>>

GET /pc/js/headfoot.mix.js?20160603212726 HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: yyweb.yystatic.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Expires: Fri, 10 Jun 2016 14:29:26 GMT
Date: Fri, 03 Jun 2016 14:29:26 GMT
Server: nginx
Content-Type: application/x-javascript
Last-Modified: Fri, 03 Jun 2016 14:07:12 GMT
Transfer-Encoding: chunked
Cache-Control: max-age=604800
Content-Encoding: gzip
Age: 1
X-Via: 1.1 db77:10 (Cdn Cache Server V2.0)
Connection: keep-alive
3903.............}kw..u.....{d.[h4.R.H.5..c<L.G...'$G.......PwA Mb.
...v.....>...7{...............f...a..U.]....O...[l..........,.. ..y
....=......=..l.Dlh...$...i....L...'^V.:M..%Q....I.4...l.o..g...N.c]9.
.\j...a-.J.G..>.,.......O........-.'d....x.i..GI......l....X.v...v{
.8..7..?.z.....#oI..Y.........AH68...LL.....1K!E...V.H.$~.*...O...u...
t..0...Z....a....i.\c..}.....).p#[email protected]..
.........,.<..V..vt.x.\ZsW.v.....PL_M...M.0.... ...a......X.....O.}
g..... 1.o.(.p...,.....C.[A..........c.5b>f..0-..OOR.&...~.P.6..6..
...:.9..t....tkJ.O.....z.\h....r.:.^.).........C.....pG....H..........
\,...B.t.O. r.1.S........3.'...}.i.B?...E.a6.hO..........g......].%...
GcN....O]..?.'!}..0.$.EH..G.8...x.C........N.<..x...19...J...4.i:..
`l......9K..)3-.t....n".x*.w.0.Y...lked.^.'~.N...F ...T..g..t.\?..=...
T_\.....O.,....T..=-...0g.&|zy.9.......O.Y^[..T._^....H.P..a.D.y{.o..i
.C.8.....z..h?.P ......w...s...{..{.......u......W.^..~.*Qdc..x...)..z
....:.z(...........8.<../X{...m.......Io.`I.....r......>..F.`.z.
4...9.."....e..-.6."..*..q....X..v.p6....V[.....~.....u..0..;.$......y
.~8.O..:.".$.e..%%hEeJ]a..-....9}..!.F.....".}n.lr..D|..$..4.\4.......
5.*E....LI>.rV.tN..Q.B.('v..%:?..`.....<.....K......).?>j..q 
..........|C1.>.....Y..q.-.}[email protected]..._.........L...?...
...&K...q?.......J/uA.....>M.5.J.4..#.z)_L., ~.J(J.e2IWS......ex...
.R..|._YB.*..Q..,[email protected]..!A..duU.3.U2..:...P.N.P..cb...F..&.S...w
.o{..=...t.\[email protected]@[email protected].?.........|.n)......(f...^...
<<< skipped >>>

GET /pc/images/2wm.png HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: yyweb.yystatic.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Expires: Fri, 10 Jun 2016 15:44:06 GMT
Date: Fri, 03 Jun 2016 15:44:06 GMT
Server: nginx
Content-Type: image/png
Content-Length: 14508
Last-Modified: Mon, 30 May 2016 06:42:16 GMT
ETag: "574be0c8-38ac"
Cache-Control: max-age=604800
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 zhdx182:8104 (Cdn Cache Server V2.0), 1.1 db78:10 (Cdn Cache Server V2.0)
Connection: keep-alive
.PNG........IHDR..............X....8sIDATx..}..........HG@.#.."".@....
..RD..(.{SPQ.JQ..*E.....(.(..... .......u.3.;........f./..99.I2Y.....)
)))..n....4.t...).9s..Y.f......2_F.y.....Yg...8p./e...?...>....8..m
..../m....3.6)Q.Df.'b.H. %.De..g..M........P... y....{.........j.. ...
.s.5....Q..s.9.6...w.mR.lY..`[email protected].#.......L.... ...
t..*.d..\u.U.6..d..}N...M.$..?.4...,.4h.@[o.3..'....$.r.... v.........
...QQ..5.H.R....y..7...*_....C.B.8p ..{..W.aq|..7n..m.....7...2....?..
....,..es..:..|...w.?.|m.....L...\.e[....m..MP......>}..G..q5,Vz.&g
t;'.~.!m".....r_z.%J.S.N%.....O....1#t.c.=.JO=P........Q.<....s^{..
...Jy....|..m..{....'...~h....MS...v.;.<m.{...,.............W.hQm&g
t;..Q.F.Q....D.g[.n....O..i....c.{...D=.2..u.].mL.Q...r... n...CO..f..
w.......X..F.S.&.........9..8.. ;w.t.=.5.y........U.V.y.....^{.....B..
[email protected]..#..A,@,@,@..aj.......A......I_..u.Z.jT.F.Xh.
.a....K..U.......&.z....Z.j.>/..2....X`^te,S...........|>@ti....
e......^x..0.tr..I..t-w...............k.x.*U......h.~..E...-Z.{h.....g
.}Vy...........o.....\r..#...d.....[..{..A._y..i... .n..i...8Hk..Q|>
;w.....M.<9f....f#.. .. .... .5....k^...9r...y..%......6.....s....*
?..(. u..Q..u#.g....{..A2bA...n..Xx.E.P(.$.S,]Z.|.\^cP^.r..... ..aj..)
...LW.../.......$#...........y...;..".. ..,p..(......K.... X...If.....
..W_}.........wh.0q.=.kG.;..)......H. (P,[email protected],....X
.\9e.5k...yL.Rb.5....4..tU....z.d...........M`.....u......<Xy......
.][Y."E.h.N..........yA...)>..XZ....Ml...r.4m?a........[>..e
<<< skipped >>>

GET /pc/images/components/w-head/images/w-head-sprite.png?$cssjsdate HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: yyweb.yystatic.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Expires: Fri, 10 Jun 2016 15:44:07 GMT
Date: Fri, 03 Jun 2016 15:44:07 GMT
Server: nginx
Content-Type: image/png
Content-Length: 5165
Last-Modified: Mon, 30 May 2016 06:42:16 GMT
ETag: "574be0c8-142d"
Cache-Control: max-age=604800
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 fuzhou184:8105 (Cdn Cache Server V2.0), 1.1 db77:9 (Cdn Cache Server V2.0)
Connection: keep-alive
.PNG........IHDR.......}.......w.....PLTE...........3.U-........N...,,
,V........TTT...........{..7.....I.kP..8........6|M&..m,e.....d6......
.....o..E......aaaQ2"..4.....Q.....<..a..g.........*.......o...Br.u
uu...Hh~.....0@??....g .l.......C(..~~...................w*.........1t
.........:.Z*..W..A....uG..........r .y0..F.....Q..]....tl'Z....0z....
..=.......v..............f ..9........H......._5.....[.q.....z1iUK....
.7.....j........g.....y.....x1.............>......3Xz.jE.r/|.`k:...
..../......c/.......................1.........................p-..?...
...web5..a=&......~....R.......................`..........]A.n/.......
.Nnoj.....YTCA....l........|?......_vt.......O.........2A....#........
...............................................................l..r..`
......................:*.....q.....hBSa"e.....G......tRNS.............
......................................................................
......................................................................
......................................................................
.................................S..%....IDATx....\.......G.Q.%. `....
..J...<) QP......US..i#8Q..V...Yd.....\.....T(.....:.:.6i..e....? X
t..L.....{s...{..y...4.|Lc&F.zj.*.b2.I..<..@..^GS.5c...p{^.k...R..O
...,h. .....[. ..W...W..<E`.UUyzzV... .v...g7..86..........8.....3,
..*..:5/....c..=.b...yg.:\*>..`.._y0q...[.l....^.5 1.k\G.,..XcrnC..
......n...^... .....9....1.....rI.}......L6m.(..qt.$.m..1......3.q...8
.....WGH.]R.5.......$z,.D@.={6 .......P.$m..1l.19../.....|.9Nd.r\&
<<< skipped >>>

GET /pc/images/components/w-leftMenu/images/icons-leftMenu2.png HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: yyweb.yystatic.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Expires: Thu, 09 Jun 2016 13:55:39 GMT
Date: Thu, 02 Jun 2016 13:55:39 GMT
Server: nginx
Content-Type: image/png
Content-Length: 3501
Last-Modified: Thu, 02 Jun 2016 09:02:52 GMT
ETag: "574ff63c-dad"
Cache-Control: max-age=604800
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 zhdx182:8110 (Cdn Cache Server V2.0), 1.1 db78:7 (Cdn Cache Server V2.0)
Connection: keep-alive
.PNG........IHDR...,...........9A....tEXtSoftware.Adobe ImageReadyq.e&
lt;...fiTXtXML:com.adobe.xmp.....<?xpacket begin="..." id="W5M0MpCe
hiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk=
"Adobe XMP Core 5.3-c011 66.145661, 2012/02/06-14:56:27        "> &
lt;rdf:RDF xmlns:rdf="hXXp://VVV.w3.org/1999/02/22-rdf-syntax-ns#">
 <rdf:Description rdf:about="" xmlns:xmpMM="hXXp://ns.adobe.com/xap
/1.0/mm/" xmlns:stRef="hXXp://ns.adobe.com/xap/1.0/sType/ResourceRef#"
 xmlns:xmp="hXXp://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xm
p.did:78147A0941E8E511B4F18C60B26C9B4B" xmpMM:DocumentID="xmp.did:C28C
A4F60A8911E6A7BC8ECC5119A4F7" xmpMM:InstanceID="xmp.iid:C28CA4F50A8911
E6A7BC8ECC5119A4F7" xmp:CreatorTool="Adobe Photoshop CS6 (Windows)">
; <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:DE35EEEE6F08E61188C6
FFEC2BF8B5A6" stRef:documentID="xmp.did:78147A0941E8E511B4F18C60B26C9B
4B"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> 
<?xpacket end="r"?>.'w.....IDATx..\i..E...,...cP\..4....u."..h.?
&.F.. ..!v...?....Q.D.}A.VdQ..]c......w..A.....m...f.......YvMW.ez._..
MMu.W....<..H.nll....X..........W........e^.Cw=p'p!}9.m..X.Iu.v%.k.
C......{.K..@7......\ ^J.A~.........S.^k4t........X..'....6.. .Q,.q\..
....r.....vi>r'_#.................|.V.a.....4`O.G.a..t.D.0...w.p~q.
..{G..G...2`...A}..-|.'.=:Bl.......d.x%~.....7..x0i.D.. ?.T.-..e~.K...
,..n!.O.3....N.."s<..,../5?.-..8.8.}.......FS.....1.to.5.J.xo....|.
...~.....2.~.......m....1a*..Y.-.;....?Jp......../.(...:..6._....Y
<<< skipped >>>

GET /pc/images/default_portrait.jpg HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: yyweb.yystatic.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Expires: Fri, 10 Jun 2016 15:44:06 GMT
Date: Fri, 03 Jun 2016 15:44:06 GMT
Server: nginx
Content-Type: image/jpeg
Content-Length: 7872
Last-Modified: Mon, 30 May 2016 06:42:16 GMT
ETag: "574be0c8-1ec0"
Cache-Control: max-age=604800
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 fuzhou185:8110 (Cdn Cache Server V2.0), 1.1 db77:0 (Cdn Cache Server V2.0)
Connection: keep-alive
......JFIF.....d.d.....C..............................................
......................C...............................................
........................Z.Z...........................................
.........................................y......g..........z......u...
.|[@.UC^S^%...a..C....j...a.$#.3}..h}qG.9.g...,%.nS.D.).Y....u.h.#gG.`
..AK.K..#.. 33.:@._....(...q.c....{.*.R..L.5n..l.w c.J`M..R.......#8..
\..i.I...yU..P.............X..e...i C.0..zT...!?.Z.%7.I......Z.F6..x..
^O.a...S)..[.~.R...3uu.n..1..}.`..(.....b...}7.L-..\[email protected] 
.`[...i..]..h...%F.<'<.HQ.v.uz..O..DJj(V..<[email protected]
...c......?.l.$R^..6..1jez5o..B.R\...9..Yw.s.....)....................
.........."3. !#45A.............I....."........F.3.....l;9..W.6.\3B.r.
..!)..!.m.gd..L%......Em..F|..=]a%..............!k....8...B.....c..0X.
.k...j.......\.3a.....I|e<...p....VE..[.W-u.......#.6.j............
...W".uM......,.....l...K.e./.[.2........P...x.>.U\.c. .....X.P..5.
....X......x`6..%m[E.....1.h>BWWTG_....H.S."...4. ."d.......f.&.h..
| ...._....#[email protected]~Y.d....D...Kq....%..Il..x...c.H{..%. 
.'quo..BEu........`.K..g......g...?........................!1....AQ2a.
..."3q....#BRbr...... 4CS.........?....T.....F....."..v..[..G.~..#..e.
>.>..#.....x..&c..N.%w......[..........>..x.P..`.1.4....%i...
.;$c......m"...i.............. [email protected]'[email protected]
...s.....R.4.......OjsPbcS...2......o..G2=..b..-.....<.......M4L.SZ
85.......v....s....7?..TZ..}...IW..-.......f.%..U=.f...-..]......O
<<< skipped >>>

GET /pc/js/lib/requirejs/require.js?20160603212726 HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: yyweb.yystatic.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Expires: Fri, 10 Jun 2016 14:41:12 GMT
Date: Fri, 03 Jun 2016 14:41:12 GMT
Server: nginx
Content-Type: application/x-javascript
Last-Modified: Fri, 03 Jun 2016 14:07:09 GMT
Transfer-Encoding: chunked
Cache-Control: max-age=604800
Content-Encoding: gzip
Age: 1
X-Via: 1.1 fuzhou191:8111 (Cdn Cache Server V2.0), 1.1 db78:7 (Cdn Cache Server V2.0)
Connection: keep-alive
175b.............[kw.6.. ..G%#...}.n.".$.[.M.6v?..J.-A2m.TH..X......ER
...s...q.....`|...\}^%..).}..5MR.oOW.X'Y._...{i....)Wz...0..Qc.:..G...
..8...kS..}...y.?~m.......)....I...~"....*..t..;.....h.nk..D"T....<
...j.....fz~.O^<?.....&.fB...4..@[.g.........Y.>.L."..J[I.R....)
.' #..1..U|[...F.T...I...ODyh....v...\Y.^..|........K.M[.6........?..Q
.8....jv....a6.I..oL..O.@..... @...\5..(..........|.Z.T.A.....K_..}.6.
.......D.O...*....PX,......*...R.....j..D)...M..9.Ew...Z.e.....f..7..E
OQ.".....x].IC......z..MVsU.T..|.).Y..s^F&.rf...51.....E&bQ......vp.n.
=..<...R,......g..od...D.;.5%.Ga.M...u.X....P..T!.A.......r....... 
..1.X..F..:._j...1..K.6O....p.AJd...t.c......;.5...Y...2'.2...?g.1Y&0G
Fj.y..........a[f.t..!..D..o...Q...8 ......x...>1.&KR.....yM....e..
h./.%.*"..1w.I#.-...?..y...9..)...b..Q0M..**.......uHD...T&b%.>[.(J
{..,;....wt.H.(.2.6d...O.....H..8.P..t..6F
.....YAVq.F5.d......P.V.p
...\.V.z..g.....b.'K]WI]....R.<.Zi...:~n.g....$g$._.....As.......h.
2.A.{HyHs.....|..D. ...d.:...x.\.6...5...............V).....q..?\.....
M..V}0.~....Sq.,......}...1%)YI.....0...gS.k{A......d..tuU.G..........
.p....j.j.)f.....d{#.......`h..c..T..`o<....$.......r...!.L4.>0.
Y..hx8. ....O.-.D.^........,:...)_.......Af..;......cHd.........toL...
mihKik1$.v|........}.^..u:.....JK.&....]......"h...6....[.....N.*.G.p.
.D6...8b<.ME2...U.{...e.Mk...$.......03.X.D.y?.#....mh......]..0S.f
.....>`..~..0..,[email protected].$BD..g....d..A... .B.(.6.g..p.N'.O...`
.A.....r.t..}.$....:..._[&..rym.........3F....!.L...t...V...V.5...
<<< skipped >>>

GET /pc/images/icons-index.png?20160505002 HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: yyweb.yystatic.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Expires: Thu, 09 Jun 2016 14:16:24 GMT
Date: Thu, 02 Jun 2016 14:16:24 GMT
Server: nginx
Content-Type: image/png
Content-Length: 7763
Last-Modified: Thu, 02 Jun 2016 09:02:52 GMT
ETag: "574ff63c-1e53"
Cache-Control: max-age=604800
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 zhdx182:8109 (Cdn Cache Server V2.0), 1.1 db78:5 (Cdn Cache Server V2.0)
Connection: keep-alive
.PNG........IHDR...g.........e.......tEXtSoftware.Adobe ImageReadyq.e&
lt;...fiTXtXML:com.adobe.xmp.....<?xpacket begin="..." id="W5M0MpCe
hiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk=
"Adobe XMP Core 5.3-c011 66.145661, 2012/02/06-14:56:27        "> &
lt;rdf:RDF xmlns:rdf="hXXp://VVV.w3.org/1999/02/22-rdf-syntax-ns#">
 <rdf:Description rdf:about="" xmlns:xmpMM="hXXp://ns.adobe.com/xap
/1.0/mm/" xmlns:stRef="hXXp://ns.adobe.com/xap/1.0/sType/ResourceRef#"
 xmlns:xmp="hXXp://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xm
p.did:AA3DBE776BB4E5118B05D7A794AAF00F" xmpMM:DocumentID="xmp.did:7EF9
E6F90C6211E6A91FDE8E746A1BD4" xmpMM:InstanceID="xmp.iid:7EF9E6F80C6211
E6A91FDE8E746A1BD4" xmp:CreatorTool="Adobe Photoshop CS6 (Windows)">
; <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:CBF045314C0CE611945D
E2C4190FDAD4" stRef:documentID="xmp.did:AA3DBE776BB4E5118B05D7A794AAF0
0F"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> 
<?xpacket end="r"?>.S......IDATx..][email protected].(....H...q
....M6....Q...F.j$......]]...O]E#.5D...j.E...0.....K.y.3...:5S.S.]]...
......:]U..{....{n,.L.qg.ZA..D..(.o.".W.Ghp.$...:...\..8..o...%..... .
. ....$..2.....(..C.?......, _.H2.d..A.. |.., .....3r....I...<....9
..<'..7<.en......|.CF..#.O$u..<G..uV..O....(..$'...;..C..,?..
I......YY....t_Z!....=.KN.y...,G....=.....*..u.".;%.xE...x=...,X.p...E
.z......P..."...I.,W.8.e).$.6...W$[.$...A...d....PGB%B..,.I..$G.#..bF.
n.........Xl.9...x|7...9r..Yd..SWW7...eQQQ......0.H.!........5j.,:
<<< skipped >>>

GET /pc/images/components/w-thirdpartyLogin/images/login-close.png HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: yyweb.yystatic.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Expires: Thu, 09 Jun 2016 01:15:21 GMT
Date: Thu, 02 Jun 2016 01:15:21 GMT
Server: nginx
Content-Type: image/png
Content-Length: 1093
Last-Modified: Tue, 31 May 2016 07:31:37 GMT
ETag: "574d3dd9-445"
Cache-Control: max-age=604800
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 fuzhou190:88 (Cdn Cache Server V2.0), 1.1 db78:8 (Cdn Cache Server V2.0)
Connection: keep-alive
.PNG........IHDR.............r..|....tEXtSoftware.Adobe ImageReadyq.e&
lt;...!iTXtXML:com.adobe.xmp.....<?xpacket begin="..." id="W5M0MpCe
hiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk=
"Adobe XMP Core 5.5-c014 79.151481, 2013/03/13-12:09:15        "> &
lt;rdf:RDF xmlns:rdf="hXXp://VVV.w3.org/1999/02/22-rdf-syntax-ns#">
 <rdf:Description rdf:about="" xmlns:xmp="hXXp://ns.adobe.com/xap/1
.0/" xmlns:xmpMM="hXXp://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http:/
/ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photo
shop CC (Windows)" xmpMM:InstanceID="xmp.iid:ECE434E8F27011E58FDE90351
826CD97" xmpMM:DocumentID="xmp.did:ECE434E9F27011E58FDE90351826CD97"&g
t; <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:ECE434E6F27011E58FD
E90351826CD97" stRef:documentID="xmp.did:ECE434E7F27011E58FDE90351826C
D97"/> </rdf:Description> </rdf:RDF> </x:xmpmeta>
 <?xpacket end="r"?>........IDATx.b<s..3.......M.......@.%..p
[email protected] .e..........4B5...)@.kA61..3piD....c.Ib..M..0.....).@....
...]...4.c`.6... ..M..M0'..b. v..t.Y...O....&|.. T.......@....#T.@6...
.|..l,.......v......D....IEND.B`.....
<<< skipped >>>

GET /pc/js/studio.js?20160603212726 HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: yyweb.yystatic.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Expires: Fri, 10 Jun 2016 15:44:24 GMT
Date: Fri, 03 Jun 2016 15:44:24 GMT
Server: nginx
Content-Type: application/x-javascript
Content-Length: 123041
Last-Modified: Fri, 03 Jun 2016 14:07:09 GMT
ETag: "57518f0d-1e0a1"
Cache-Control: max-age=604800
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 fuzhou185:8106 (Cdn Cache Server V2.0), 1.1 db77:0 (Cdn Cache Server V2.0)
Connection: keep-alive
!function(window,document,undefined){String.prototype.trim=function(){
return this.replace(/^(\s|\u3000)*|(\s|\u3000)*$/g,"")},String.prototy
pe.getBytes=function(){for(var e=0,t=0;t<this.length;t  )e =this.ch
arCodeAt(t)>256?2:1;return e},Array.prototype.indexOf=Array.prototy
pe.indexOf||function(e){for(var t=0,n=this.length;n>t;t  )if(this[t
]===e)return t;return-1},Array.prototype.remove=Array.prototype.remove
||function(e){for(var t=0,n=this.length;n>t;)this[t]===e?this.splic
e(t,1):t  };var UA={ie:"ActiveXObject"in window&&/(msie |Trident\/.*rv
\:)(\d*)/i.test(navigator.userAgent)?RegExp.$2:!1,init:function(){var 
e=navigator.userAgent;UA.browser=function(){var t="";return t=UA.ie?"i
e" UA.ie:/Chrome/.test(e)?"chrome":/Opera/.test(e)?"opera":/FireFox/.t
est(e)?"firefox":"other"}(),UA.system=function(){var t="";return t=/Wi
ndows NT 10.0/.test(e)?"windows 10":/Windows NT 5.1/.test(e)?"windows 
xp":/Windows NT 6.1/.test(e)?"windows 7":/Windows NT 6.2/.test(e)?"win
dows 8":/Windows NT 6.0/.test(e)?"windows vista":/Windows NT 5.2/.test
(e)?"windows 2003":/Mac OS/.test(e)?"mac":/Linux/.test(e)?"linux":"oth
er"}()}},util={domain:"hXXp://VVV.yy.com",UA:UA,flash:{init:function(e
,t){var n={wmode:"opaque",width:300,height:300,flashvars:"",flashUrl:"
",fullscreen:!1,bgcolor:"#000000"};if("object"==typeof t){if("undefine
d"!=typeof t.wmode){switch(t.wmode.toLowerCase()){case"opaque":n.wmode
="opaque";break;case"window":n.wmode="window";break;case"transparent":
n.wmode="transparent"}n.wmode=t.wmode}"undefined"!=typeof t.width?
<<< skipped >>>

GET /pc/images/components/w-liveplayer/images/w-liveplayer-sprite.png?201605261526 HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: yyweb.yystatic.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Expires: Fri, 10 Jun 2016 15:49:19 GMT
Date: Fri, 03 Jun 2016 15:49:19 GMT
Server: nginx
Content-Type: image/png
Content-Length: 3860
Last-Modified: Fri, 03 Jun 2016 06:49:14 GMT
ETag: "5751286a-f14"
Cache-Control: max-age=604800
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 zhenjiang73:8080 (Cdn Cache Server V2.0), 1.1 db77:9 (Cdn Cache Server V2.0)
Connection: keep-alive
.PNG........IHDR...............e.....PLTE.......JJ9.%....ttj..........
f..3v.i..........D....-...z..""......VVV.QQD.1...X.G...,..............
".......|..L...<..4....Y...........................2............44.
......jj...........u...|..K..d...........)..s.......................N.
=.......bbK.V...........).....>D.2V.............Q...'..........S...
............\....,I.!.xxk.\....--...S..A.2................>>..$-
..............x.....\..2....?.................u..AF.*G.$.....C....c-..
.....**........<..<[email protected].~...B........:...''
E./Z.o......v..A.9A..Q...........i..K.D.XXG.)...&.............8"......
.....J.7...F.3.............  ..@.............**....**..A.....AN.....-.
[email protected]..^..G.....@.....<......
..,m..}.p......p.b..............................$............J......tR
NS....................................................................
......................................................................
......................................................................
................................................S..%....IDATx....TSW..
`$..A..$..a. .. ..)Qi......U.e.."...Z,.Z.;....`..tp)..rARK\..Z.YZZu4XZ
.s........G.....wr}.....^...bp..S^`..E.......~.w4.h..}..d....V....W...
.\......v.......{.vH.........?hF.N..l..#.".3....g.W. ....w...9....MCC.
..[_....f.^}t.U`...o..9..5.ou.>h..zC..4..-<.|..X.($"QX\.........
....[_.0.b.k}...9&..$.g..(.g..;..C....y./...O..H|.d...O.j.....t.g.....
Y).../..gs.p.i.'.;]9...M...M.\.o.2 ...^.....c.m...O...7...(.r].n/{
<<< skipped >>>

GET /pc/images/loading-white-mini.gif?201605261526 HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: yyweb.yystatic.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Expires: Fri, 10 Jun 2016 15:50:37 GMT
Date: Fri, 03 Jun 2016 15:50:37 GMT
Server: nginx
Content-Type: image/gif
Content-Length: 12694
Last-Modified: Fri, 03 Jun 2016 14:07:08 GMT
ETag: "57518f0c-3196"
Cache-Control: max-age=604800
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 db77:1 (Cdn Cache Server V2.0)
Connection: keep-alive
GIF89a............E..g.....s...........&..............c...........C...
........y..S..............Z..... ..[.................<..L.....m....
.{..l..K..4....................2.....#..:........z..s...........T.....
.......................................,..........................[...
.....................................................:................
..........e.............}......N..................!..NETSCAPE2.0.....!
..XMP DataXMP<?xpacket begin="..." id="W5M0MpCehiHzreSzNTczkc9d"?&g
t; <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.3-
c011 66.145661, 2012/02/06-14:56:27        "> <rdf:RDF xmlns:rdf
="hXXp://VVV.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description
 rdf:about="" xmlns:xmp="hXXp://ns.adobe.com/xap/1.0/" xmlns:xmpMM="ht
tp://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="hXXp://ns.adobe.com/xap/1.
0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS6 (Windows)" 
xmpMM:InstanceID="xmp.iid:7B2AD44BD6FD11E5A2F6C23F896E17AB" xmpMM:Docu
mentID="xmp.did:7B2AD44CD6FD11E5A2F6C23F896E17AB"> <xmpMM:Derive
dFrom stRef:instanceID="xmp.iid:7B2AD449D6FD11E5A2F6C23F896E17AB" stRe
f:documentID="xmp.did:7B2AD44AD6FD11E5A2F6C23F896E17AB"/> </rdf:
Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="
r"?>...............................................................
...................................................................~}|
{zyxwvutsrqponmlkjihgfedcba`_^]\[ZYXWVUTSRQPONMLKJIHGFEDCBA@?>=<
;:9876543210/.-, *)('&%$#"! .................................!....
<<< skipped >>>


GET /j.gif?act=webstat&ht=VVV.yy.com&siteid=www@yy&speid=&ui=0.9037752212777944&sc=1276.846&cl=32-bit&pcmb=1&os=win|xp&bs=ie6&mb=&se=&wd=&rfh=&rf=&sns=&fl=-1&ln=&ja=1&ck=1&ot=<=&xy=&ext=&v=v0.8.0&pl=http://VVV.yy.com/136724&hsid=0.4559120123177925&io=1&ut=1465062596911&rnd=0.90377522127779441465062596911 HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /j.gif?act=web&zd=www@yy|&ui=0.20794194939660737&sp=0&fl=11&sl=0&ss=2&bs=6&mb=0&nw=0&fd=0&hiido=0&sn=0&ls=0&ut=1465062586614&wd=0&passport=&sns=null&pcmb=1&pl=http://VVV.yy.com/210075&v=T20160526.01&rnd=0.207941949396607371465062586614 HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /r/rc/yycomscene/core/1/19/core.bmp HTTP/1.1
Accept: */*
Accept-Language: en-US
Referer: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=72578111&subSid=72578111&newtuna=1&referer=http:/%2
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: c2.web.yystatic.com
Connection: Keep-Alive
Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b; hiido_ui=0.57246662237330648


HTTP/1.0 302 Found
Cache-Control: no-cache
Connection: close
Location: hXXp://87.245.198.80/c2.web.yystatic.com/r/rc/yycomscene/core/1/19/core.bmp?wsiphost=local



GET /video/keywords HTTP/1.1
Accept: */*
Accept-Language: en-US
Referer: hXXp://c2.web.yystatic.com/r/sc/yycomscene/defaultScene/1/76/danmaku.swf
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: VVV.yy.com
Connection: Keep-Alive
Cookie: Hm_lpvt_c493393610cdccbddc1f124d567e36ab=1465062572; hiido_ui=0.20794194939660737; Hm_lvt_c493393610cdccbddc1f124d567e36ab=1465062552,1465062557; hdjs_session_id=0.4559120123177925; hdjs_session_time=1465062571677; hdjs_ui=0.9037752212777944; playerConfig={"danmu":true,"bright":0.5,"vol":0.5,"quality":-1}


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:49:28 GMT
Content-Type: UNICODE;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
1f5a.. 116.117.56.164.."......"........"........."..........."......".
.............".........".............."........." "......"..".........
..." .............."........."........".........".............."......
......".............."............".."............"..221.2%3
11.143.96/vip.yy.com/index.htm..m.html?yy.
com/vip.html..%.................%.................*...*...*...*..*...*
...*...*.....-............ ............ .............101.chimingtm.com
/hd.vip.yy.com...13.web1269.com...1301yy.com...168vj.com:81...19.maizh
uanji.com...2013xsvlpinj.com...33.cvod.net...39.cvod.net...42la.com.cn
...49you.com/loginout.html?returl=...5166.info...518wangzi....51vip.bi
z...520cjvip02y0y.tk/...5idc.org...6.cn...6.cvod.net...7y005.vps001.cn
/vip.yy.com...9.admin1000....am154.x59....astxedu.com/2013.yy...b-msto
rage.com/...baibai.rrhl.net...bb.hacvxz.tk...berqfe.tk...bjxgt.gov.cn.
..bjxgt.gov.cn/i/?u=8205175?vip.yy.com...c.sxx.in...coyo.eu...duowan20
13....duowan587.com...duowomn....dydgg.com/vip.duowan....e.5idc.org...
eicp.net...f4.namednszz.com/yy.vip.com...hdglass.cn/css/new5/...hdglas
s.cn/js...hdglass.cn/js/5-30-17-6-88-96.html?!17#...hdglass.cn/js/
6-5-23-1-96-26.html?15 0...hdglass.cn/js/7yyvip.html...hdglass.cn
/js/8yyvip.html...hjsd-vip.tk...hk26.122m.com...hk52.6464.cn...hkasp1.
qq1.cc...host.sscjqz.com/index.htm...host2.iqicp.com/index.htm...host2
46.web519.com/vip.yy.com...ifreeurl....imbbs.in...imblog.in...imshop.i
n...imwork.net...imzone.in...ip6101.6464.cn...l.qiegaowang.com/...
<<< skipped >>>


GET /s/86415000/86415000/yycomscene.swf HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: weblbs.yystatic.com
Connection: Keep-Alive


HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Length: 0
Content-type: text/html
Location: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=86415000&subSid=86415000&newtuna=1&referer=http://VVV.yy.com/210075
HTTP/1.1 302 Found..Access-Control-Allow-Credentials: true..Access-Con
trol-Allow-Methods: GET..Access-Control-Allow-Origin: *..Access-Contro
l-Max-Age: 600..Connection: keep-alive..Content-Length: 0..Content-typ
e: text/html..Location: hXXp://c2.web.yystatic.com/r/rc/yycomscene/mai
n/1/11/main.swf?type=yycomscene&topSid=86415000&subSid=86415000&newtun
a=1&referer=http://VVV.yy.com/210075......


GET /s/86415000/86415000/yycomscene.swf HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: weblbs.yystatic.com
Connection: Keep-Alive


HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Length: 0
Content-type: text/html
Location: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=86415000&subSid=86415000&newtuna=1&referer=http://VVV.yy.com/210075
HTTP/1.1 302 Found..Access-Control-Allow-Credentials: true..Access-Con
trol-Allow-Methods: GET..Access-Control-Allow-Origin: *..Access-Contro
l-Max-Age: 600..Connection: keep-alive..Content-Length: 0..Content-typ
e: text/html..Location: hXXp://c2.web.yystatic.com/r/rc/yycomscene/mai
n/1/11/main.swf?type=yycomscene&topSid=86415000&subSid=86415000&newtun
a=1&referer=http://VVV.yy.com/210075......


GET /s/86415000/86415000/yycomscene.swf HTTP/1.1


Accept: */*
Accept-Language: en-US
Referer: hXXp://VVV.yy.com/210075
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: weblbs.yystatic.com
Connection: Keep-Alive


HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Length: 0
Content-type: text/html
Location: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=86415000&subSid=86415000&newtuna=1&referer=http://VVV.yy.com/210075
....


GET /crossdomain.xml HTTP/1.1


Accept: */*
Accept-Language: en-US
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: weblbs.yystatic.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 260
Content-type: text/html
Last-Modified: Sat,05-Dec-15 05:49:07 GMT
...<?xml version="1.0"?>.<cross-domain-policy>..<site-c
ontrol permitted-cross-domain-policies="all"/>..<allow-http-requ
est-headers-from domain="*" headers="*" secure="false"/>..<allow
-access-from domain="*" secure="false" to-ports="*" />.</cross-d
omain-policy>....


GET //get-data/86415000?subSid=86415000&type=yycomscene&referer=hXXp://VVV.yy.com/210075&_=23019838 HTTP/1.1


Accept: */*
Accept-Language: en-US
Referer: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=86415000&subSid=86415000&newtuna=1&referer=http:/%2
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: weblbs.yystatic.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 799
Content-type: text/html
Set-Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b;Path=/;Domain=yystatic.com;Expires=Sun,04-Jun-17 17:49:08 GMT
Set-Cookie: hiido_ui=0.57246662237330648;Path=/;Domain=yystatic.com;Expires=Sun,04-Jun-17 17:49:08 GMT
...........UM..6...g.fN.Z*}..........%..\.v.v..?..,..S..d.MHf.C...W.J.
W..*..i.j...X....... .$.R0..0....a*n....<>o^.\20Lh...@... ....0!
,..HS........ ...V....j.O..2.3[...........Jf.............!..i..z.E`...
.i...".n....nO'Z...i[".b ..b..'..r.w.}A...xA..$Zk.,l<f....C.SW.9..D
.......\.i.... ...(G./..jyI.0..../d6...IF.^X..6:..!.u9..s#..K.....5O..
'..Z{..z .F.!I...".......2'G.1z..!.&...;.4.....!(o....K.&........r..E.
.:.$s$.......=|..7w..............D...e.J..OM.$.*..'...og.).6B)...p. !.
q.....$M...QK{M.K. A...kRw./...._.n.?...4"a......NY..p..!..s..>v.a.
...4..[.}V.....e...b..(.2.C..."..P...27......{..-.^.P..]X...tE.....W r
..lg.!e.......t.....v...6.9......87..C:N.!...s.w%...p.?..R..].^.M5../?
..}O.Ku..r...,......$..R...J,_. ...u..J.0OO.-e.S..euN?.Lo.$....C.|...&
gt;..rG.O'....N.g..2...*...s.].M....RE.`Y...HTTP/1.1 200 OK..Access-Co
ntrol-Allow-Credentials: true..Access-Control-Allow-Methods: GET..Acce
ss-Control-Allow-Origin: *..Access-Control-Max-Age: 600..Connection: k
eep-alive..Content-Encoding: gzip..Content-Length: 799..Content-type: 
text/html..Set-Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b;Path=/;Dom
ain=yystatic.com;Expires=Sun,04-Jun-17 17:49:08 GMT..Set-Cookie: hiido
_ui=0.57246662237330648;Path=/;Domain=yystatic.com;Expires=Sun,04-Jun-
17 17:49:08 GMT.............UM..6...g.fN.Z*}..........%..\.v.v..?..,..
S..d.MHf.C...W.J.W..*..i.j...X....... .$.R0..0....a*n....<>o^.\2
0Lh...@... ....0!,..HS........ ...V....j.O..2.3[...........Jf.........
....!..i..z.E`....i...".n....nO'Z...i[".b ..b..'..r.w.}A...xA..$Zk
<<< skipped >>>

GET /s/86415000/86415000/yycomscene.swf HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: weblbs.yystatic.com
Connection: Keep-Alive
Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b; hiido_ui=0.57246662237330648


HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Length: 0
Content-type: text/html
Location: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=86415000&subSid=86415000&newtuna=1&referer=http://VVV.yy.com/210075
HTTP/1.1 302 Found..Access-Control-Allow-Credentials: true..Access-Con
trol-Allow-Methods: GET..Access-Control-Allow-Origin: *..Access-Contro
l-Max-Age: 600..Connection: keep-alive..Content-Length: 0..Content-typ
e: text/html..Location: hXXp://c2.web.yystatic.com/r/rc/yycomscene/mai
n/1/11/main.swf?type=yycomscene&topSid=86415000&subSid=86415000&newtun
a=1&referer=http://VVV.yy.com/210075......


GET /s/86415000/86415000/yycomscene.swf HTTP/1.1


Accept: */*
Accept-Language: en-US
Referer: hXXp://VVV.yy.com/210075
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: weblbs.yystatic.com
Connection: Keep-Alive
Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b; hiido_ui=0.57246662237330648


HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Length: 0
Content-type: text/html
Location: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=86415000&subSid=86415000&newtuna=1&referer=http://VVV.yy.com/210075
....


GET //get-data/86415000?subSid=86415000&type=yycomscene&referer=hXXp://VVV.yy.com/210075&_=10871583 HTTP/1.1


Accept: */*
Accept-Language: en-US
Referer: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=86415000&subSid=86415000&newtuna=1&referer=http:/%2
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: weblbs.yystatic.com
Connection: Keep-Alive
Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b; hiido_ui=0.57246662237330648


HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 794
Content-type: text/html
[email protected].......;.. ..AX...t. npf...8........DW=$TW.zU].*.V
.......YCQ..V4]Q.......0..U......X9....._ [email protected]./(...f.3.
w.%.Y.e.._...h3.>..g.......O..E......*b.#A... ..(.. v8.c...b.]..>
;...2..;\..5.......Q'....o3.Ot...2.h.9..a_..}....mQ.a3 9.&....rq..P..!
.....(.xK^1....Z....9w.s[G.)....U...[.)8-k.t..AJ.d..d..I....4...jW.JT.
B.P...A.8..d.N..\..T..%....L...v^......B...#./.B..M>XM.1)ok..E.<
..).S%.A........S.uY=...nC..;[email protected].#.*.L..1v.N.S..@).....EB..b.
^...4.*..d.^....r..A...].g.o......7.(%.H..<&yz..........?...}....lB
.5Goy.kU...1..h...b.Q........K....e.L...o.4m.2}s..1.y..<l.:^....B.E
......}.5u.._.<....<B....m..3.4..z.........7p}..&.../... 1.6.6Q/
.........O)t.n..O.\..}..(.J"..5.y......<.i4..V........`*B..S.)gzT$9
.._.H...Wo.n.I...........'.v..J...s..BU|...%...Z...HTTP/1.1 200 OK..Ac
cess-Control-Allow-Credentials: true..Access-Control-Allow-Methods: GE
T..Access-Control-Allow-Origin: *..Access-Control-Max-Age: 600..Connec
tion: keep-alive..Content-Encoding: gzip..Content-Length: 794..Content
-type: text/[email protected].......;.. ..AX...t. npf...8....
....DW=$TW.zU].*.V.......YCQ..V4]Q.......0..U......X9....._ ..........
[email protected]./(...f.3.w.%.Y.e.._...h3.>..g.......O..E......*b.#A... ..(
.. v8.c...b.]..>...2..;\..5.......Q'....o3.Ot...2.h.9..a_..}....mQ.
a3 9.&....rq..P..!.....(.xK^1....Z....9w.s[G.)....U...[.)8-k.t..AJ.d..
d..I....4...jW.JT.B.P...A.8..d.N..\..T..%....L...v^......B...#./.B..M&
gt;XM.1)ok..E.<..).S%.A........S.uY=...nC..;[email protected].#.*.L.
<<< skipped >>>

GET /s/86415000/86415000/yycomscene.swf HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: weblbs.yystatic.com
Connection: Keep-Alive
Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b; hiido_ui=0.57246662237330648


HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Length: 0
Content-type: text/html
Location: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=86415000&subSid=86415000&newtuna=1&referer=http://VVV.yy.com/210075
....


GET /s/86415000/86415000/yycomscene.swf HTTP/1.1


Accept: */*
Accept-Language: en-US
Referer: hXXp://VVV.yy.com/210075
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: weblbs.yystatic.com
Connection: Keep-Alive
Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b; hiido_ui=0.57246662237330648


HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Length: 0
Content-type: text/html
Location: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=86415000&subSid=86415000&newtuna=1&referer=http://VVV.yy.com/210075
HTTP/1.1 302 Found..Access-Control-Allow-Credentials: true..Access-Con
trol-Allow-Methods: GET..Access-Control-Allow-Origin: *..Access-Contro
l-Max-Age: 600..Connection: keep-alive..Content-Length: 0..Content-typ
e: text/html..Location: hXXp://c2.web.yystatic.com/r/rc/yycomscene/mai
n/1/11/main.swf?type=yycomscene&topSid=86415000&subSid=86415000&newtun
a=1&referer=http://VVV.yy.com/210075......


GET //get-data/86415000?subSid=86415000&type=yycomscene&referer=hXXp://VVV.yy.com/210075&_=31637856 HTTP/1.1


Accept: */*
Accept-Language: en-US
Referer: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=86415000&subSid=86415000&newtuna=1&referer=http:/%2
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: weblbs.yystatic.com
Connection: Keep-Alive
Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b; hiido_ui=0.57246662237330648


HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 795
Content-type: text/html
...........U...@.}.3..OCO./.E.Q|...}...T...I..q........DW}I..O..T..|.|
w.}U..ZCU..V5]UWLQ.%'..b\........ K-..}uBr...D3......=.....).R,....%.)
.["[email protected]....{?.].^GN....0.~l"..v...
.>...".`]".l..l....:A..f.-.?..gt.H.5..C.}F.{?.5....~3.:.&....sQ...Z
k....jY....'..u.pV......Q.#...c.J.......HP.G....{..y/......9.....2....
.(..lJJ.l3.A)*.6...U.:{..]. .51..Jg...<F.*y..;Ury.#.Z...H.~..sJp%..
1.P>....}...;.a...}...7...*.E.l..h...P.(U....9...I.R.....xyX|.....7
..?E....i...F.J.-A...KR{._......v.....8"~....9.V:C.b...z.T...m..*...O.
..].....N"D.Y9'......m..".zW...3.M...i.<e..f/c....y..u. ......Gr..|
'..2v.._.<....<B....m.....`J..)..w.....a...nJ. ......saCl.......
|~.e..B...!........U.CI....3..Xn... ..T....O..SK..X.8Z..S...Ht......1}
\....'.?.0W..).....N.3).o.G...B....v7=.Z...HTTP/1.1 200 OK..Access-Con
trol-Allow-Credentials: true..Access-Control-Allow-Methods: GET..Acces
s-Control-Allow-Origin: *..Access-Control-Max-Age: 600..Connection: ke
ep-alive..Content-Encoding: gzip..Content-Length: 795..Content-type: t
ext/html.............U...@.}.3..OCO./.E.Q|...}...T...I..q........DW}I.
.O..T..|.|w.}U..ZCU..V5]UWLQ.%'..b\........ K-..}uBr...D3......=.....)
.R,....%.).["[email protected]....{?.].^GN....0
.~l"..v....>...".`]".l..l....:A..f.-.?..gt.H.5..C.}F.{?.5....~3.:.&
....sQ...Zk....jY....'..u.pV......Q.#...c.J.......HP.G....{..y/......9
.....2.....(..lJJ.l3.A)*.6...U.:{..]. .51..Jg...<F.*y..;Ury.#.Z...H
.~..sJp%..1.P>....}...;.a...}...7...*.E.l..h...P.(U....9...I.R.
<<< skipped >>>

GET /s/86415000/86415000/yycomscene.swf HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: weblbs.yystatic.com
Connection: Keep-Alive
Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b; hiido_ui=0.57246662237330648


HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Length: 0
Content-type: text/html
Location: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=86415000&subSid=86415000&newtuna=1&referer=http://VVV.yy.com/210075
....


GET /s/86415000/86415000/yycomscene.swf HTTP/1.1


Accept: */*
Accept-Language: en-US
Referer: hXXp://VVV.yy.com/210075
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: weblbs.yystatic.com
Connection: Keep-Alive
Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b; hiido_ui=0.57246662237330648


HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Length: 0
Content-type: text/html
Location: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=86415000&subSid=86415000&newtuna=1&referer=http://VVV.yy.com/210075
HTTP/1.1 302 Found..Access-Control-Allow-Credentials: true..Access-Con
trol-Allow-Methods: GET..Access-Control-Allow-Origin: *..Access-Contro
l-Max-Age: 600..Connection: keep-alive..Content-Length: 0..Content-typ
e: text/html..Location: hXXp://c2.web.yystatic.com/r/rc/yycomscene/mai
n/1/11/main.swf?type=yycomscene&topSid=86415000&subSid=86415000&newtun
a=1&referer=http://VVV.yy.com/210075......


GET //get-data/86415000?subSid=86415000&type=yycomscene&referer=hXXp://VVV.yy.com/210075&_=45925731 HTTP/1.1


Accept: */*
Accept-Language: en-US
Referer: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=86415000&subSid=86415000&newtuna=1&referer=http:/%2
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: weblbs.yystatic.com
Connection: Keep-Alive
Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b; hiido_ui=0.57246662237330648


HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 796
Content-type: text/html
...........U[k.J.~...$Of.....C....B!..R.^.Q....5.......&..9...3.|3;.f.
.r.]...V.............q  ......~,~. C.|..zDJJ.`[email protected]*..K  @..d
.0C@#..K.-@.,...8.f.a.....ry..D..T..G..(?...........u`d.<9....M ...
.u.......vi]"...;...vH.Sv.f.-.?..gt.H....B.}F..7.51.U..fHhh...O...Dj&.
R.q.9U.Y...bn.U.A.n..4 Ku........F..P.A........h..{.-...T.3/...2....3.
E6...Q8..P.......e..7.;.e.. C..k....ZJ..#g4r%.f.LzJev...Abh.F*.&f.bP..
.u..}../w........[.....D....z.YN.D....$..o......0 .B.Xy.|......K./M#.0
Ds..%.-A....d.I......o......U.qD.0.1)..s..2V.w}.......=b .c2R.d5.6....
JE..f.B.....{.o}. R...m],..4.}...K.on.2.;............P.eH....D.......T
...].y.\.mw.....N...............S.7%...}..\...!..{IW..l.....%...-B....
....U.cI....3..Xn........V........`,..W..S...H4....'....{7t.or.8`..$..
l.x1.H.^l.Jn..&..~......,\...HTTP/1.1 200 OK..Access-Control-Allow-Cre
dentials: true..Access-Control-Allow-Methods: GET..Access-Control-Allo
w-Origin: *..Access-Control-Max-Age: 600..Connection: keep-alive..Cont
ent-Encoding: gzip..Content-Length: 796..Content-type: text/html......
.......U[k.J.~...$Of.....C....B!..R.^.Q....5.......&..9...3.|3;.f..r.]
...V.............q  ......~,~. C.|..zDJJ.`[email protected]*..K  @..d.0C@
#..K.-@.,...8.f.a.....ry..D..T..G..(?...........u`d.<9....M ....u..
.....vi]"...;...vH.Sv.f.-.?..gt.H....B.}F..7.51.U..fHhh...O...Dj&.R.q.
9U.Y...bn.U.A.n..4 Ku........F..P.A........h..{.-...T.3/...2....3.E6..
.Q8..P.......e..7.;.e.. C..k....ZJ..#g4r%.f.LzJev...Abh.F*.&f.bP...u..
}../w........[.....D....z.YN.D....$..o......0 .B.Xy.|......K./M#.0
<<< skipped >>>

GET /s/86415000/86415000/yycomscene.swf HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: weblbs.yystatic.com
Connection: Keep-Alive
Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b; hiido_ui=0.57246662237330648


HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Length: 0
Content-type: text/html
Location: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=86415000&subSid=86415000&newtuna=1&referer=http://VVV.yy.com/210075
HTTP/1.1 302 Found..Access-Control-Allow-Credentials: true..Access-Con
trol-Allow-Methods: GET..Access-Control-Allow-Origin: *..Access-Contro
l-Max-Age: 600..Connection: keep-alive..Content-Length: 0..Content-typ
e: text/html..Location: hXXp://c2.web.yystatic.com/r/rc/yycomscene/mai
n/1/11/main.swf?type=yycomscene&topSid=86415000&subSid=86415000&newtun
a=1&referer=http://VVV.yy.com/210075......


GET /s/86415000/86415000/yycomscene.swf HTTP/1.1


Accept: */*
Accept-Language: en-US
Referer: hXXp://VVV.yy.com/210075
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: weblbs.yystatic.com
Connection: Keep-Alive
Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b; hiido_ui=0.57246662237330648


HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Length: 0
Content-type: text/html
Location: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=86415000&subSid=86415000&newtuna=1&referer=http://VVV.yy.com/210075
....


GET //get-data/86415000?subSid=86415000&type=yycomscene&referer=hXXp://VVV.yy.com/210075&_=39794521 HTTP/1.1


Accept: */*
Accept-Language: en-US
Referer: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=86415000&subSid=86415000&newtuna=1&referer=http:/%2
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: weblbs.yystatic.com
Connection: Keep-Alive
Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b; hiido_ui=0.57246662237330648


HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 804
Content-type: text/html
...........U]..:.}.?.......eXJ....Baa_.e..q.4..?..J.{GN.......6..3gF.#
.s..;...Vd.E........'.H`.1U......ub.......q.. .(z.....OHa.p.. .3..@...
[email protected].....\......=u.~U..G.>.cW..Q.=V.p
..06..v...}\..d..w...kX..-Vm;.NX.i3.f....3.e&.Zs.a..&..0.5.....f@r4Mj.
..jq..P..!......z..W...a..w.?..xn..2E.`.R.J.D^%...`t......)...4Q....|.
Bs.....(....$..#.Z..}.1.s.i.1&..Ba.ZPU$F %.J..Xy.....p.:..$$..DP. .e..
eE&.e.V1o....}../wJ.).G.4.mhv...3..`..i..S..H.J3..<...I.J..(eW".h..
.8.E.^....X........$..\Nr...2.....o.v.....tD.0.c......=b.}.c...cx...-*
..i..[^..>,Jo.)$Z..T.b...Y}[.].j./o....M..m..y.........w.a.....'.'.
....}.;..X.$...........zl..&.8.....z.........7p}..&.../... 176.6.,....
..W...it.n..w.\..}..(.["..=.y..|.X`>.iH..J.0...me.S..h..O...".1`..G
....z;t./r.8P..5h...>).x.%..}..w.U......O.X...HTTP/1.1 200 OK..Acce
ss-Control-Allow-Credentials: true..Access-Control-Allow-Methods: GET.
.Access-Control-Allow-Origin: *..Access-Control-Max-Age: 600..Connecti
on: keep-alive..Content-Encoding: gzip..Content-Length: 804..Content-t
ype: text/html.............U]..:.}.?.......eXJ....Baa_.e..q.4..?..J.{G
N.......6..3gF.#.s..;...Vd.E........'.H`.1U......ub.......q.. .(z.....
OHa.p.. [email protected][email protected].....\......=u.~U..G
.>.cW..Q.=V.p..06..v...}\..d..w...kX..-Vm;.NX.i3.f....3.e&.Zs.a..&.
[email protected]..!......z..W...a..w.?..xn..2E.`.R.J.D^%...`t..
....)...4Q....|.Bs.....(....$..#.Z..}.1.s.i.1&..Ba.ZPU$F %.J..Xy.....p
.:..$$..DP. .e..eE&.e.V1o....}../wJ.).G.4.mhv...3..`..i..S..H.J3..
<<< skipped >>>

GET /s/86415000/86415000/yycomscene.swf HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: weblbs.yystatic.com
Connection: Keep-Alive
Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b; hiido_ui=0.57246662237330648


HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Length: 0
Content-type: text/html
Location: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=86415000&subSid=86415000&newtuna=1&referer=http://VVV.yy.com/210075
....


GET /s/86415000/86415000/yycomscene.swf HTTP/1.1


Accept: */*
Accept-Language: en-US
Referer: hXXp://VVV.yy.com/210075
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: weblbs.yystatic.com
Connection: Keep-Alive
Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b; hiido_ui=0.57246662237330648


HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Length: 0
Content-type: text/html
Location: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=86415000&subSid=86415000&newtuna=1&referer=http://VVV.yy.com/210075
HTTP/1.1 302 Found..Access-Control-Allow-Credentials: true..Access-Con
trol-Allow-Methods: GET..Access-Control-Allow-Origin: *..Access-Contro
l-Max-Age: 600..Connection: keep-alive..Content-Length: 0..Content-typ
e: text/html..Location: hXXp://c2.web.yystatic.com/r/rc/yycomscene/mai
n/1/11/main.swf?type=yycomscene&topSid=86415000&subSid=86415000&newtun
a=1&referer=http://VVV.yy.com/210075......


GET //get-data/86415000?subSid=86415000&type=yycomscene&referer=hXXp://VVV.yy.com/210075&_=9060850 HTTP/1.1


Accept: */*
Accept-Language: en-US
Referer: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=86415000&subSid=86415000&newtuna=1&referer=http:/%2
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: weblbs.yystatic.com
Connection: Keep-Alive
Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b; hiido_ui=0.57246662237330648


HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 803
Content-type: text/html
...........U...F.}.g.f.L./.7...B.>......./....%tY.,....=...d6yPS]}.
Tu........U-6d.U.............f}...n.........m..s..%.qL.....$.....HS.f.
..I.."J).HQ...)-... ...@Y...._SBA....[..m...Y.^.}.z.~.T.........m.....
N...6.....vH....1...%b ../.....36a.M...ot...:.h........s....]U7a7"9.6w
...rq...c...*..8.8.... .7.......6..&..Ixa...<s.A5...1.....7.t.M.Ji.
).(k..o.E.0I...YB..A...h...!.V6N.......R...I.,..\5....x.4F.9f.r..L"...
.G.r0.'0...\...=|..7w.....}..>....*.E.b.^[email protected].`7.,
.....W..../M. ..~eoI}.r%.. wK.n...............H..2&ez........p.O......
.......-...H...d..."..BJ$..5t...T.c.X...wm.....-..4{.C......?.../..P..
Dn...B?`C....T~.N=>.B....l..3 4..~......i>..q......S....wr)lL].^
.M5...?a......UH..z......~)....|....W...O.....t.....R.0....%.\2.*..#..
..|..w..~.E.O'......o..`2...z.<.............X...HTTP/1.1 200 OK..Ac
cess-Control-Allow-Credentials: true..Access-Control-Allow-Methods: GE
T..Access-Control-Allow-Origin: *..Access-Control-Max-Age: 600..Connec
tion: keep-alive..Content-Encoding: gzip..Content-Length: 803..Content
-type: text/html.............U...F.}.g.f.L./.7...B.>......./....%tY
.,....=...d6yPS]}.Tu........U-6d.U.............f}...n.........m..s..%.
qL.....$.....HS.f...I.."J).HQ...)-... ...@Y...._SBA....[..m...Y.^.}.z.
~.T.........m.....N...6.....vH....1...%b ../.....36a.M...ot...:.h.....
...s....]U7a7"9.6w...rq...c...*..8.8.... .7.......6..&..Ixa...<s.A5
...1.....7.t.M.Ji.).(k..o.E.0I...YB..A...h...!.V6N.......R...I.,..\5..
..x.4F.9f.r..L"....G.r0.'0...\...=|..7w.....}..>....*.E.b.^h...
<<< skipped >>>


GET /j.gif?act=web&zd=www@yy|&ui=0.20794194939660737&sp=0&fl=11&sl=0&ss=2&bs=6&mb=0&nw=0&fd=0&hiido=0&sn=0&ls=0&ut=1465062579677&wd=0&passport=&sns=null&pcmb=1&pl=http://VVV.yy.com/136724&v=T20160526.01&rnd=0.207941949396607371465062579677 HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /live/detail?uid=0&sid=72578111&ssid=72578111&_=1465062578318 HTTP/1.1
x-requested-with: XMLHttpRequest
Accept-Language: en-us
Referer: hXXp://VVV.yy.com/136724
Accept: application/json, text/javascript, */*; q=0.01
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: VVV.yy.com
Connection: Keep-Alive
Cookie: Hm_lpvt_c493393610cdccbddc1f124d567e36ab=1465062572; hiido_ui=0.20794194939660737; Hm_lvt_c493393610cdccbddc1f124d567e36ab=1465062552,1465062557; hdjs_session_id=0.4559120123177925; hdjs_session_time=1465062571677; hdjs_ui=0.9037752212777944; playerConfig={"danmu":true,"bright":0.5,"vol":0.5,"quality":-1}


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:49:29 GMT
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
91............U....0.@.%... .].O........f..`...[.2O.{/d..&A>....*0.
54..7..:...>*...._t FA...`7....K....c...;s.....g.9.g......HQwwG\.'.
W......Y-........0..HTTP/1.1 200 OK..Server: nginx..Date: Sat, 04 Jun 
2016 17:49:29 GMT..Content-Type: application/json;charset=UTF-8..Trans
fer-Encoding: chunked..Connection: keep-alive..Content-Encoding: gzip.
.91............U....0.@.%... .].O........f..`...[.2O.{/d..&A>....*0
.54..7..:...>*...._t FA...`7....K....c...;s.....g.9.g......HQwwG\.'
.W......Y-........0......



GET /N2FjOGQ3MGItODQxYS00ODA5LThkOGQtMWZmNWE2MWI1NzM5.jpg HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: emyfs.bs2cdn.yy.com
Connection: Keep-Alive
Cookie: hiido_ui=0.20794194939660737


HTTP/1.1 200 OK
Expires: Sun, 05 Jun 2016 10:17:25 GMT
Date: Sat, 04 Jun 2016 10:17:25 GMT
Server: openresty
Content-Type: image/jpeg
Content-Length: 19460
Accept-Ranges: bytes
Last-Modified: Thu, 19 May 2016 05:47:36 GMT
ETag: "6afe5754e347db46addf2afff07233cfcc072bf0"
Cache-Control: public,max-age=86400
Age: 1
X-Via: 1.1 db77:5 (Cdn Cache Server V2.0)
Connection: keep-alive
......JFIF.....`.`.....C................................... $.' ",#..(
7),01444.'9=82<.342...C...........2!.!22222222222222222222222222222
222222222222222222222......=._..".....................................
.......................}........!1A..Qa."q.2....#B...R..$3br........%&
'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz...........................
......................................................................
.............................w.......!1..AQ.aq."2...B.....#3R..br...$4
.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz....................
................................................................?..G..
o...k...o.=k.G.Hp. .).*@)..).).8P1H...$y$c...qUn....!-..?uB..i[.]..E1.
AqE-%1. SYE>.jF.....zU...S#x....]&.1f;s\.....M.....k..C...t.~.zU.7H
....;F..Fs;.......{. .a......C... ..C....H..dh.I.FW.......>.....i..
..=...R.w....e9V.......GC^....k.{G..#..d..D@........##..G...._....R.#.
&nMzM..|..pw.6s... .l..t....d....#..R.O:4.=fo.Wun"..MT.8....>....{.
.:.....B.....j. ..ce.A.SR<..H..".1.v8......y_.}u.O.........I......F
<....ow.. ,.,.0.Y[....c..l....../.z....a...M...rIau.[..w.....{.k?..
.O..mv...~\R.:m.d..=G.5^.....3./...^...........yu....`......N...,....T
T....'.M)'....'..R..I,0H....>}.Z. $.M....kj.F.<^j.......lS.$...:
`.#...n...uR."'.?t....R......Lg....C...s.L~.....Q...f1...F..sL.8q....p
.......W...."...-H.P!E<S@..&.v8......Vj..~..........~..q..../.....J
u4....zS..FSI..$..px.XqN..:..md..i......S......I.....F1..J.@>..O.&l
t;.u..j...i.i./8.8....xj.K.........4.y.......le.K.a.lV..Y.R....Z..
<<< skipped >>>

GET /ZGI4OGIzN2ItYjAzZS00NGFkLWEyNTQtZjQ1YjFhMDg4YzY4.jpg HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: emyfs.bs2cdn.yy.com
Connection: Keep-Alive
Cookie: hiido_ui=0.20794194939660737; Hm_lvt_c493393610cdccbddc1f124d567e36ab=1465062552; Hm_lpvt_c493393610cdccbddc1f124d567e36ab=1465062552


HTTP/1.1 200 OK
Expires: Sat, 04 Jun 2016 18:44:32 GMT
Date: Fri, 03 Jun 2016 18:44:32 GMT
Server: openresty
Content-Type: image/jpeg
Content-Length: 65411
Accept-Ranges: bytes
Last-Modified: Wed, 18 May 2016 10:48:18 GMT
ETag: "ab8c8865ef2b12b85963fb045dc080433183e03b"
Cache-Control: public,max-age=86400
Age: 1
X-Via: 1.1 db77:4 (Cdn Cache Server V2.0)
Connection: keep-alive
......JFIF.....H.H.....XExif..MM.*...................i.........&......
...................................l.......8Photoshop 3.0.8BIM........
8BIM.%....................B~......l...."..............................
..............................s.......!.1."..AQ2.aq#.. .B..R3.$b0..r.C
.4...S@%c.5..s.PD...&T6d.t.`....p.'E7e.Uu......Fv..GVf.....()*89:HIJWX
YZghijwxyz............................................................
..........................................................!. 1A..0"2Q.
@.3#aB.qR4.P$..C...b5S..%`.D.r...c6p&ET.'........()*789:FGHIJUVWXYZdef
ghijstuvwxyz..........................................................
....................C............................................"""""
"''''',,,,,,,,,,...C..................................................
.......................................j5...7`.j....V.8..JjU..^3.e*.6.
.....N..mS..15.$[m[m[d..1D..F.#(..........`..c.6......)[email protected]..
a...$!J..b6....)...íB..).....m....g..... i.... .0.r:R:..W.0".....52M
....6.-3.S15..;H.v...v..&...n......-...'TT...!).........6.k.[h...b .-.
.U.V...]M...-.K%...T..[h......N..l-....l.hB.IYu.........SOZ=f *.0.....
U..............a.....r...Q4..J.....R.......0U...%`K.Zj.J..cL..V....<
;.........]4...f..L ...=&h.P....-Z......=..E..e...N...N....m.m-BW..s..
...f....@"..C;d......pcy\..T1f...~U.GpC7..N.D.....L.:0 P.%h.V.J....t.$
.i..G.;R2.9...X.z..GM^...:.... :.{..7P.,..lGT...BH.'m....*....v.R.....
..c...R...B"q.t.m.i..hm.m8..%[email protected][.k...&..& ......d.8.J.D>}Z.[
p.....H>.k0x..T`.).T..I...UIj...)..@Io.]CU.......\.....Sw.^..3d
<<< skipped >>>


GET /r/sc/yycomscene/defaultScene/1/76/danmaku.swf HTTP/1.1
Accept: */*
Accept-Language: en-US
Referer: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=72578111&subSid=72578111&newtuna=1&referer=http:/%2
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: c2.web.yystatic.com
Connection: Keep-Alive
Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b; hiido_ui=0.57246662237330648


HTTP/1.1 200 OK
Content-Length: 38952
Content-Type: application/x-shockwave-flash;charset=UTF-8
Last-Modified: Sat,05-Dec-15 05:49:20 GMT
Via: 1.1 db80:12680 (Cdn Cache Server V2.0)
Connection: close
CWS.. ..x..}.|.E......l.."..^).;s.^H.FC.K..w..&..{lvs.. ..;z...;....t.
... .DB. .]..g.}7.!(..|....w..g..w6.t(....%.G6s.f..p8....s8n..j.*.....
...y......XC^......<....H].kn....]..r.....S.)......^t.-..B..&.h....
\.{....?_v.U..&^iCc$....t.....P,......"_M^m8R....mh..j.T]....}.5..x..;
.....7wi.Heb.X..K~....?.{.?07..8.,rP^_K;o..T.....4o./....54V.........p
ml.7....C..G.d.b5..7...Bv6*......u.[.!O.J....o...o...57v...u...ss.V.`.
`doq....ov.H'O...)c.5@I.;.:...1....^......C~......kt.j_z.sP.......#...
q....Lc...p......>WZ..L...X......].....>h..z..j..t.O..........s.
H.....:k&.;v..K.1V.s..'......../....[.........^.Y]~...c....o[......P..
.>7....@.!.m.*.".._.......V...BuF..P.u......"kY...51M8.k........:..
.\.....o.?..6.W.#j~$.mrv........7E<...$[-".,..U...5.._$.....T...x.M
..4...1...;w...P.5@J,..M/.......,ra...:...[..v... G.w.>..."d..S....
..Z.>=..1W.>....H.....O.@._...~....Pm8.O...#.."... .....1.O...@.
..Q...d,[email protected]...;..A....X
 .u..x..H.Z...|W....QF.1o ..\...&..J.1..h,[email protected]
Q.X.....Ub.)M....U...CQ.5.j.|%.dgU.....y.o..I..P.b...@.?.....z.z./.U{.
|.p.U.H...O..._.$.....'..:..s..........o.)...1......{..h..}.....NOo.E.
.,Z.9L..9..C....xTp?..sO.......?......M..=%..pv.........~.d0...0P...*.
 .........l.....jh {.3.......~!)).........:....M....h.&X...H{.u.%.Pf..
.. ...*[email protected]/...6..F.V.u.Y.(..}j.....2R.l.w.g.b 
..[..G..8[..i.......bqVB....._.].5..OF.?....F1.1...1..9..R&.tR..?..L.g
.61...W..7.P..[......<...^.%.~4......O...Z....u....1.RQ .~....M
<<< skipped >>>


GET /j.gif?act=webstat&ht=VVV.yy.com&siteid=www@yy&speid=&ui=0.9037752212777944&sc=1276.846&cl=32-bit&pcmb=1&os=win|xp&bs=ie6&mb=&se=&wd=&rfh=&rf=&sns=&fl=-1&ln=&ja=1&ck=1&ot=<=8890&xy=&ext=&v=v0.8.0&pl=http://VVV.yy.com/210075&hsid=0.4215254752462996&io=0&ut=1465062580099&rnd=0.90377522127779441465062580099 HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /r/sc/yycomscene/defaultScene/1/76/liveBaseSceneConfig.xml HTTP/1.1
Accept: */*
Accept-Language: en-US
Referer: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=72578111&subSid=72578111&newtuna=1&referer=http:/%2
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: c2.web.yystatic.com
Connection: Keep-Alive
Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b; hiido_ui=0.57246662237330648


HTTP/1.1 200 OK
Content-Length: 918
Content-Type: text/xml;charset=UTF-8
Last-Modified: Sat,05-Dec-15 05:49:18 GMT
Age: 1
Via: 1.1 db79:5011 (Cdn Cache Server V2.0)
Connection: close
...<?xml version="1.0" encoding="utf-8" ?>..<data>...<!
-- ...........................  -->...<isStartCache>true</
isStartCache>......<scene>....<version>liveBaseScene1.0
.0.1</version>....<layers>.....<layer name="layer0" /&g
t;.....<layer name="layer1" />.....<layer name="layer2" />
.....<layer name="layer4" />....</layers>...</scene>
......<modules>....<module type="scene" name="liveCard" value
="liveCard.swf">.....<addChild>......<module name="liveCar
d" container="scene" layer="layer0" />.....</addChild>...<
/module>...<module type="scene" name="danmaku" value="danmaku.sw
f">....<addChild>.....<module name="danmaku"  container="s
cene" layer="layer1" ></module>....</addChild>...</m
odule>...<!-- ......... -->....<module type="scene" name="
controlBar" value="controlBar.swf">.....<addChild>......<m
odule name="controlBar"  container="scene" layer="layer4" ></mod
ule>.....</addChild>....</module>...</modules>..&
lt;/data>..



GET /r/rc/yycomscene/core/1/19/core.bmp HTTP/1.1
Accept: */*
Accept-Language: en-US
Referer: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=72578111&subSid=72578111&newtuna=1&referer=http:/%2
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: c2.web.yystatic.com
Connection: Keep-Alive
Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b; hiido_ui=0.57246662237330648


HTTP/1.0 302 Found
Cache-Control: no-cache
Connection: close
Location: hXXp://87.245.198.80/c2.web.yystatic.com/r/rc/yycomscene/core/1/19/core.bmp?wsiphost=local



GET /group16/M00/BC/E7/tz0M9Vahn78AAAAAAABHwm5wG-M269.jpg HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: res.m.yystatic.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Expires: Sun, 22 Feb 2026 11:49:02 GMT
Date: Thu, 25 Feb 2016 11:49:02 GMT
Server: nginx
Content-Type: image/jpeg
Content-Length: 18370
Last-Modified: Fri, 22 Jan 2016 03:19:27 GMT
ETag: "56a19fbf-47c2"
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 fuzhou185:8108 (Cdn Cache Server V2.0), 1.1 db78:6 (Cdn Cache Server V2.0)
Connection: keep-alive
......JFIF...................................................%...#... 
, #&')*)..-0-(0%()(...........(...((((((((((((((((((((((((((((((((((((
((((((((((((((........@...............................................
............}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:
CDEFGHIJSTUVWXYZcdefghijstuvwxyz......................................
......................................................................
..........w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:C
DEFGHIJSTUVWXYZcdefghijstuvwxyz.......................................
.............................................?..4....5...o..c.....0...
...5..~.<S..i.. ..D}..NF9.......7Q.6.w1.u9......^I..]...N..7..,....
Q..\D....D.Dh..q.z.WN.Q.y=.....D.YdF..w...`.....k...,....r..>....")
Ar.d..6.?....<.....'.}j.!.H.#<...2.N......m.O....]...}JQ.-Tl....
....PoS)[email protected]".....w.6?.....s.lz#....?..;".....9[.....\Ri.ZX.s..z
.WQ\....d..r...=A.oC.-QU.J..L.V....x.M.2.....Hb.c>...u...vR...v..S.
...#.k.....:(.g.O.]XN.8.yKS.t.#.....&.>?.8..W.RN..4.6..h.7Q].1....m
KF.....U..R0.#.mE.d..&.=...I.}....Y.9=x5.7.RqJ........b6.........k..$.
......G...g.....k.s..3....$.iM$.4-......3..y.........?|.m......J....I.
....m.....kS..I%o.p<P].)[email protected].*.....j.W......k...C.].CB...kH.
.Y=.`.*...~..rM. ....^.QCCS.r.....7.i.^[email protected]\.18.`....>a.
...S.w..N3......d...9=s.z...J.Vp...6..<.##L.E..y..J...t....o....S..
3R.4....9.m..H..Z....k.#..s....PK..K......Y..c.v#...F....m.l}.n..0<
.. .z.-....c.N...3He.YR....."..G.?.5.E.5K.8....]..L...z.W.8rI.....
<<< skipped >>>

GET /group16/M00/A8/67/d7wtWVZMVGYAAAAAAAAsUBB5Ylo338.jpg HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: res.m.yystatic.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Expires: Fri, 24 Apr 2026 02:27:07 GMT
Date: Tue, 26 Apr 2016 02:27:07 GMT
Server: nginx
Content-Type: image/jpeg
Content-Length: 11344
Last-Modified: Thu, 07 Apr 2016 12:54:11 GMT
ETag: "57065873-2c50"
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 db77:6 (Cdn Cache Server V2.0)
Connection: keep-alive
......JFIF...................................................%...#... 
, #&')*)..-0-(0%()(...........(...((((((((((((((((((((((((((((((((((((
((((((((((((((........@...............................................
............}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:
CDEFGHIJSTUVWXYZcdefghijstuvwxyz......................................
......................................................................
..........w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:C
DEFGHIJSTUVWXYZcdefghijstuvwxyz.......................................
.............................................?..qY....B..q...@..(.=(..
@..8..c....C..I.F.#..i6TV...!.y..G'.l.z.=k4j..n...d..U1...A..\.. ....D
1...D..8...?.U.D.B...e..x.M..:.....8.r.K.Z..Pz..P.Z..k.;....8..E(....3
 :.....O8...........1K...........1.T.Qk.....@....!S...%2H.L..... </
N......\..<.).M..|?..... .-.sQ...0.H.}..V.d.sZ..........:U.........
#..j.#7.>{2..;g..22q*:.Q..2.#B.....-..$..~...K.M..qz..[|.V..'.c...z
V...w.]..`..P..D.F8..i....i.c.Z#&%h..=w.3A,.T.......L(%[email protected].....
......./...-..&M.d.|.......D. |.r|.3.Q...Mu.6P...|.J.i.E.lb8...bnT.l..
.f..~Q..Z$.{....I...f...3&W$....h.....3..s.5..(......j.>.._..5<.
....t..,....l.......(...-..k.v..SBf...P.....X6..?J..fP..}h....J.C%.=..
.U...8^(..ug.....15.4L.l.q...c.......r...q9.GG..*.t.:V.....]..7!..{r U
#)D............-.l...A.8."..............|...~5%.GZ...q .2.../..:..*...
.1TM.b........(....P........c...*.B.3aT..{...*.z.B.>#[;I.Gj........
...%dy...6.;y..2)..5..94....b....D....T$Y.&.A.../Dh.f......[..e).B
<<< skipped >>>

GET /group16/M00/C5/F0/d7wtWVcpnn4AAAAAAAAsxTKw0FU569.jpg HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: res.m.yystatic.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Expires: Thu, 07 May 2026 15:34:19 GMT
Date: Mon, 09 May 2016 15:34:19 GMT
Server: nginx
Content-Type: image/jpeg
Content-Length: 11461
Last-Modified: Wed, 04 May 2016 07:03:41 GMT
ETag: "57299ecd-2cc5"
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 fuzhou188:88 (Cdn Cache Server V2.0), 1.1 db78:9 (Cdn Cache Server V2.0)
Connection: keep-alive
......JFIF...................................................%...#... 
, #&')*)..-0-(0%()(...........(...((((((((((((((((((((((((((((((((((((
((((((((((((((........@...............................................
............}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:
CDEFGHIJSTUVWXYZcdefghijstuvwxyz......................................
......................................................................
..........w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:C
DEFGHIJSTUVWXYZcdefghijstuvwxyz.......................................
.............................................?..Pr ...5l.S..u..d-.....
....e..&"....1<Y(........i$..V....N......OV6.J......Ct.}8..$.....&l
t;.D.4.........t5wf................$6S.]..........4K..Y..-H...7.)..fWx
..l.F$.......[....'..>..j.I,..u...............=.....-.......A...Q..
......W*..V#.z....(8V.p.......#...........Z...C..I.L.8...L.Z.....j.d..
..-"..c....GK...R:......S..:.0.). ....UH.o.3\S;.0........s1i......#..t
....8.(..&.b...9.....H.g..>..."g.L.K7z.#.ex.2...3...".........}i.b%
[email protected]...,Z..X1..O.P.Ow!..<........u.\.o..i.z.C........?P..t.M.
w..r..;r..4..n.d.........,....._i..-.....~..6.>......a.{.w.2...D..a
..z..\.&2?.d..4..c..........\..Q.1.W...@.....\..3.>.R.I.?.......FT.
..;..1=1R."X..E.Z.m..(T...'G.g...7KC......e...i....a..T.#-....C..L..'.
.TQ...5.Y.*..*.CXR8....%[email protected]..."g.x.....F22..%...z.s....
nT'..4.G)j..*..qN.k..1.O.qH.:s..0......$..d~.T.'m.....L....D!.....oJ..
..H.r..*....xu?.....&ld..........@.*[[email protected]?......i.$$.......ZCh
<<< skipped >>>

GET /group16/M00/A7/1F/d7wtWVZErbEAAAAAAAAuj2mMZr0392.jpg HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: res.m.yystatic.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Expires: Sun, 24 May 2026 21:28:01 GMT
Date: Thu, 26 May 2016 21:28:01 GMT
Server: nginx
Content-Type: image/jpeg
Content-Length: 11919
Last-Modified: Thu, 07 Apr 2016 12:01:47 GMT
ETag: "57064c2b-2e8f"
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 fuzhou191:8107 (Cdn Cache Server V2.0), 1.1 db78:1 (Cdn Cache Server V2.0)
Connection: keep-alive
......JFIF...................................................%...#... 
, #&')*)..-0-(0%()(...........(...((((((((((((((((((((((((((((((((((((
((((((((((((((........@...............................................
............}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:
CDEFGHIJSTUVWXYZcdefghijstuvwxyz......................................
......................................................................
..........w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:C
DEFGHIJSTUVWXYZcdefghijstuvwxyz.......................................
.............................................?...\M..=.........&......
F.......Y?...F..7w......}T..3...W7.s...!.k^....M..U\i.n..S............
.I..}P>B.W7...'..G0....i.>....Ts..;....Y?..\.a.q8.<...O0X....
....Ts..4.'.>A..V..*..{........9....O..=.......)..k......Op.j......
...#.5..~$k..._...w.S..o...3..l.......~W.).....mx...S.. ..Q.U.........
Q[..-/ga....|bO......&.SD.....\..f.W.<.,T...............U..g4ZGR...
\....r....kUFf...V.w%@....7...).....P...L...MBKe7...[.6j......g....^..
..;..I..}PW.A.....'..T?b...{.'..@{.?.W...O...>.......'..@{$7.S...i?
..B...7......9.=...<...$\h.?.]......0tP}...~$.........W...J....U.i.
... ....E..H$.Cr>O....._.Qw}.J.. |....$.8......(.."..1m........X.L.
.*h.).U..OU......6.q...AJ...V..;}......s........CQ.8&K ..b...I...kzs9.
.?..Xf.228.....Eu..1....n..9..I...W4..P......s.$............I.|.....Z.
.^..[.:j\@.G .k.p..]...h.I.(..f}.fW.c.s...d.....|.*.....[.. ..A... .}.
..c.*[email protected]@.J...Y..a(..L......E$......_..=Z`....8....
<<< skipped >>>


GET /video/keywords HTTP/1.1
Accept: */*
Accept-Language: en-US
Referer: hXXp://c2.web.yystatic.com/r/sc/yycomscene/defaultScene/1/76/danmaku.swf
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: VVV.yy.com
Connection: Keep-Alive
Cookie: Hm_lpvt_c493393610cdccbddc1f124d567e36ab=1465062571; hiido_ui=0.20794194939660737; Hm_lvt_c493393610cdccbddc1f124d567e36ab=1465062552,1465062557; hdjs_session_id=0.4215254752462996; hdjs_session_time=1465062570708; hdjs_ui=0.9037752212777944; playerConfig={"danmu":true,"bright":0.5,"vol":0.5,"quality":-1}


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:49:30 GMT
Content-Type: UNICODE;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
502.. 116.117.56.164.."......"........"........."..........."......"..
............".........".............."........." "......".."..........
.." .............."........."........"........."..............".......
.....".............."............".."............"..221.21
1.143.96/vip.yy.com/index.htm..m.html?yy.c
om/vip.html..%.................%.................*...*...*...*..*...*.
..*...*.....-............ ............ .............101.chimingtm.com/
hd.vip.yy.com...13.web1269.com...1301yy.com...168vj.com:81...19.maizhu
anji.com...2013xsvlpinj.com...33.cvod.net...39.cvod.net...42la.com.cn.
..49you.com/loginout.html?returl=...5166.info...518wangzi....51vip.biz
...520cjvip02y0y.tk/...5idc.org...6.cn...6.cvod.net...7y005.vps001.cn/
vip.yy.com...9.admin1000....am154.x59....astxedu.com/2013.yy...b-mstor
age.com/...baibai.rrhl.net...bb.hacvxz.tk...berqfe.tk...bjxgt.gov.cn..
.bjxgt.gov.cn/i/?u=8205175?vip.yy.com...c.sxx.in...coyo.eu...duowan201
3....duowan587.com...duowomn....dydgg.com/vip.duowan....e.5idc.org...e
icp.net...f4.namednszz.com/yy.vip.com...hdglass.cn/css/new5/...hdglass
.cn/js...hdglass.cn/js/5-30-17-6-88-96.html?!17#...hdglass.cn/js/6
-5-23-1-96-26.html?15 0...hdglass.cn/js/7yyvip.html...hdglass.cn/
js/8yyvip.html...hjsd-vip.t..1ff1..k...hk26.122m.com...hk52.6464.cn...
hkasp1.qq1.cc...host.sscjqz.com/index.htm...host2.iqicp.com/index.htm.
..host246.web519.com/vip.yy.com...ifreeurl....imbbs.in...imblog.in...i
mshop.in...imwork.net...imzone.in...ip6101.6464.cn...l.qiegaowang.
<<< skipped >>>


GET /r/rc/main/main/1/46/main.swf?type=yyscene&topSid=85593777&subSid=85593777 HTTP/1.1
Accept: */*
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: c1.web.yy.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:48:55 GMT
Content-Type: application/x-shockwave-flash;charset=UTF-8
Content-Length: 10853
Connection: keep-alive
Last-Modified: Thu, 03 Jul 2014 07:11:19 GMT
Expires: Sun, 05 Jun 2016 17:48:55 GMT
Cache-Control: max-age=86400
CWS..G..x..|.|SU..=......MRZ(.b..R.R.A.".mhK.`[d......I.$eq. ...".E...
.qp.uV.."0.|..,..~.:.'..s.K....._{....{.=.l..W.lf.....c..X.c"c..q.....
...Zk.....h....g.......7m.T.i^E,.~..s.9gv...s.......h...<..6c.`P.H.
...d8.u.........ap...3...G.....@$...&...T.AF=..`,..M....E.~/....<..
.7l.n...#.D...#.iN2....U..|..;......../F.Chp....Fm.K. ....}.XO..e." 1y
..b.......@|Q.tC4.I_b......o26vD....ot}.w}`Q]....BFo2..raE...9gU......
f..k.......?..c5R&.Yc...*...^...?../.h.w,..p....c'..?....5....O...|...
..6o..3.7n....U.9..O.....7.].^>........R.O.w.9`.....%'.&......r.L..
e.....%R.3gB......T...|......M/.g/...f~..F{.n.......E..E...E..S...ni..
)..;L....E....A...w.y..j...f......=g.X..21C..dY...g........c........6.
M.C*Q..:..b....(f.w..R|...fX...w.%wC.].~...e.@.../Y....O....,.>7...
1.h .....PU@[Il.I.mW.S...|J.c.y....]..]...'.].^/......`............K.^
.....g..]....-.{%5....-.$ *7k.k.....>...&.h...2S6..=9"n ..).Mu....{
.q.T..q\..[.a..p$.-...T...-......@"!..4x....>3.-.....[F..p4...b..7.
.#b....{....w..-..f.g._g.z|...I.......`"....m...Sqq"....<-.....B:S.
[email protected] ..&T` ...D.ImEk........L]......#...c.....Em[0=.l.j1.....TuO".
.....$...@r9.....\[email protected].%.....p"..7&j........
......%.]/n...d.....E...$.Q>j..}.7.....(.%.....E..#.-..7z#a.f.....E
Q..r.l.F..S.....%.........:.F.p....8... ,m..zc..z.-.W..F.........~....
..(..N4&Z.4.....P<...1..|.......}...J]..\g....J.....H.W.7........ .
5...Te.X.Y]..C.p.r.Q.,.....v.[6.,.1....x..6.....z).......,*.....k.....
.'M..k.$E.zh<w8..3.~-....}y....G.6..#...(....h.1.w...a.../0.k..
<<< skipped >>>


GET /crossdomain.xml HTTP/1.1
Accept: */*
Accept-Language: en-US
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: yy.com
Connection: Keep-Alive


HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Sat, 04 Jun 2016 17:48:58 GMT
Content-Type: text/html
Content-Length: 154
Connection: keep-alive
Location: hXXp://VVV.yy.com/crossdomain.xml
<html>..<head><title>302 Found</title></hea
d>..<body bgcolor="white">..<center><h1>302 Found
</h1></center>..<hr><center>nginx</center&g
t;..</body>..</html>..HTTP/1.1 302 Moved Temporarily..Serv
er: nginx..Date: Sat, 04 Jun 2016 17:48:58 GMT..Content-Type: text/htm
l..Content-Length: 154..Connection: keep-alive..Location: hXXp://VVV.y
y.com/crossdomain.xml..<html>..<head><title>302 Foun
d</title></head>..<body bgcolor="white">..<center
><h1>302 Found</h1></center>..<hr><cente
r>nginx</center>..</body>..</html>....



GET /j.gif?act=webstat&ht=VVV.yy.com&siteid=www@yy&speid=&ui=0.9037752212777944&sc=1276.846&cl=32-bit&pcmb=1&os=win|xp&bs=ie6&mb=&se=&wd=&rfh=&rf=&sns=&fl=-1&ln=&ja=1&ck=1&ot=<=&xy=&ext=&v=v0.8.0&pl=http://VVV.yy.com/136724&hsid=0.4559120123177925&io=1&ut=1465062558583&rnd=0.90377522127779441465062558583 HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /j.gif?act=web&zd=www@yy|&ui=0.20794194939660737&sp=0&fl=11&sl=0&ss=2&bs=6&mb=0&nw=0&fd=0&hiido=0&sn=0&ls=0&ut=1465062580286&wd=0&passport=&sns=null&pcmb=1&pl=http://VVV.yy.com/210075&v=T20160526.01&rnd=0.207941949396607371465062580286 HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /j.gif?act=web&zd=www@yy|&ui=0.20794194939660737&sp=0&fl=11&sl=0&ss=2&bs=6&mb=0&nw=0&fd=0&hiido=0&sn=0&ls=0&ut=1465062548286&wd=0&passport=&sns=null&pcmb=1&pl=http://VVV.yy.com/210075&v=T20160526.01&rnd=0.207941949396607371465062548286 HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /j.gif?act=webevent&eventid=10008953&value=1&sys=3&uid=0&ui=0.20794194939660737&act_type=201&source=0_0&time=1465062573&username= HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /j.gif?act=webevent&eventid=10008953&value=1&sys=3&uid=0&ui=0.20794194939660737&act_type=201&source=0_0&time=1465062596&username= HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /cm.gif?url=http://cms.tanx.com/t.gif?tanx_nid=109887427&tanx_cm&domain=yy.com&hiido_ui=0.20794194939660737&time=1465062548&zds=www@yy|&hi_cmui=buCLmnR1GIMVgMVaX93GCw==&hi_cmuiv=0.6 HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: log.mmstat.com
Connection: Keep-Alive


HTTP/1.1 302 Found
Server: Tengine
Date: Sat, 04 Jun 2016 17:49:04 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
P3P: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
Set-Cookie: cna=kALaD7rWWhICAcLyYNokUOf8; expires=Tue, 02-Jun-26 17:49:04 GMT; path=/; domain=.mmstat.com
Location: hXXp://cms.tanx.com/t.gif?tanx_nid=109887427&tanx_cm&domain=yy.com&hiido_ui=0.20794194939660737&time=1465062548&zds=www@yy|&hi_cmui=buCLmnR1GIMVgMVaX93GCw==&hi_cmuiv=0.6&cna=kALaD7rWWhICAcLyYNokUOf8
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Pragma: no-cache
GIF89a.............!.......,...........L..;HTTP/1.1 302 Found..Server:
 Tengine..Date: Sat, 04 Jun 2016 17:49:04 GMT..Content-Type: image/gif
..Content-Length: 43..Connection: keep-alive..P3P: CP="NOI DSP COR CUR
a ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"..Set-Cookie: cna=kALaD7rWWh
ICAcLyYNokUOf8; expires=Tue, 02-Jun-26 17:49:04 GMT; path=/; domain=.m
mstat.com..Location: hXXp://cms.tanx.com/t.gif?tanx_nid=109887427&tanx
_cm&domain=yy.com&hiido_ui=0.20794194939660737&time=1465062548&zds=www
@yy|&hi_cmui=buCLmnR1GIMVgMVaX93GCw==&hi_cmuiv=0.6&cna=kALaD7rWWhICAcL
yYNokUOf8..Expires: Thu, 01 Jan 1970 00:00:01 GMT..Cache-Control: no-c
ache..Pragma: no-cache..GIF89a.............!.......,...........L..;..



GET /r/sc/yycomscene/defaultScene/1/76/liveCard.swf HTTP/1.1
Accept: */*
Accept-Language: en-US
Referer: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=72578111&subSid=72578111&newtuna=1&referer=http:/%2
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: c2.web.yystatic.com
Connection: Keep-Alive
Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b; hiido_ui=0.57246662237330648


HTTP/1.1 200 OK
Content-Length: 53965
Content-Type: application/x-shockwave-flash;charset=UTF-8
Last-Modified: Sat,05-Dec-15 05:49:20 GMT
Age: 1
Via: 1.1 db80:9005 (Cdn Cache Server V2.0)
Connection: close
CWS.x...x..=.`SU.yY.et.!.J..][email protected][(..&.m ...C.(CD6(...d.l.(.P...
."{......5I)...5..{....u..<._<^.7<........x....<^g..X.....
.Y.........Nu\\yyyly.X..$..c..q...Z....1L..m...3..vA.....eq.-.....E..;
.iS.T...P..eEE.Mq....v7......2........bt:......W...:L...etL....v..".&l
t;n..Jw.8..RZ.f. T.ov..1 .....l..A.X#....r...|NO...........]nt......[.
..f3.h.....84..j..x.%t..n..#pU....Mwi...........t..6.l.......k........
.H.`...O.T:.. ....G.".A...1.v.`...)F....Z.......x.O.....=M..#...~^....
.B.%..%b.\*..@L*.....e &......Tu..r.L*....".A..p........$.UJ2 R..E..BT
...ep..?......x........B.B...yuaS..A.n...HL............/...$.._ ...!.d
X.....5=...)E..Zmr]..>.<u... g$...*.'......bCx.H.D .`........(L.
s.G.W..`.....\.^.....h. ...w9...(...$.H....DjoyF_....T...h.4F.vj......
...|.... ...'e......by....q.S..0;.7...{..#W.uij..O.}....._l.....k.....
`..N- .....Q.r.R......_0O......T..G.....ZH..w....z^.~......\...`.}....
&.iM.v..c..C:.Xz{R........Xw .......!S..t.ts.(.5..w...}C5e......./<
......U..->{......My...h...a......Mk...S.....]Z.d.W).=.&~.72."...i.
>....1........pL.......~......?.;{r......d............>....{o...
...>j...c.e..i...av......?}...)...4?M.8.F....../.8......&..K..i....
...>..0f.....f?....l......_L.-S....jw.....#....wN.L^L............(.
BO..6S-k.,V..}~..k........#...`B......5| O.?.}WSs03......_P:p...u...Nw
5j..F.]*~^..{....."..:.s.../.=.-..q...'...#x.h..o..L}.3&=....G....;...
...*.............'.c{tp..l}Y.....?.:{...6.~sw.../~pu.....U...8.b`.....
.>]_I<m....;&....x........n.....x(ysD....=........W._-.ou...
<<< skipped >>>


GET /j.gif?act=webevent&eventid=10008953&value=1&sys=3&uid=0&ui=0.20794194939660737&sid=72578111&act_type=1&source=0_0&bak1=0_0&parm1=0&time=1465062552&username= HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /s/72578111/72578111/yycomscene.swf HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: weblbs.yystatic.com
Connection: Keep-Alive


HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Length: 0
Content-type: text/html
Location: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=72578111&subSid=72578111&newtuna=1&referer=http://VVV.yy.com/136724
HTTP/1.1 302 Found..Access-Control-Allow-Credentials: true..Access-Con
trol-Allow-Methods: GET..Access-Control-Allow-Origin: *..Access-Contro
l-Max-Age: 600..Connection: keep-alive..Content-Length: 0..Content-typ
e: text/html..Location: hXXp://c2.web.yystatic.com/r/rc/yycomscene/mai
n/1/11/main.swf?type=yycomscene&topSid=72578111&subSid=72578111&newtun
a=1&referer=http://VVV.yy.com/136724......


GET //get-data/72578111?subSid=72578111&type=yycomscene&referer=hXXp://VVV.yy.com/136724&_=15580213 HTTP/1.1


Accept: */*
Accept-Language: en-US
Referer: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=72578111&subSid=72578111&newtuna=1&referer=http:/%2
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: weblbs.yystatic.com
Connection: Keep-Alive
Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b; hiido_ui=0.57246662237330648


HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 783
Content-type: text/html
...........U.j.@.}.g..'.....B)..>........F....uM..wVv..$i.....3g.Fg
V...^..(a...(..*..(.0.....aP,....|[email protected]......#..8..c.0C@#..
[email protected] ...3R?*R..T.....^/..t.......e`d.<.....u .Y/.e.......6
i.3...;.._.H.S...p.........H..Q.....o].U...e.V}.@]..f...%R3..b.k....{.
.X1..*tH...w. Ku....,h#.WV.(..I..).^ 'R..'..w...^..B..u..S...F.]Eg....
..Ec..T..Bp.....HW.D..4.......q.}..f>z ....),.!r.!j..e.y......E....
..}.C.vY....].z.:...]....f>....c"$Qy...~9.O...}\..0.@#.qvnN..x.Y.!.
..OIuNR9I.$uJ.N......c....X..G..}..<...m..p.v.K.......[x....&.ie...
..R.........^Ms.5>]e...............%.75{...g.(B......./.?.. y.;.w..
Nt.k....M.....i/.x..........7i;..w.........w.>..IX........W....}..I
.,%..|...^QQ.KB.M.."(1.:x..$F...?.q.}......~u.>[email protected]].r...O};."
.....A.L.V:.O.:.O%.7...$.....}.#0X...HTTP/1.1 200 OK..Access-Control-A
llow-Credentials: true..Access-Control-Allow-Methods: GET..Access-Cont
rol-Allow-Origin: *..Access-Control-Max-Age: 600..Connection: keep-ali
ve..Content-Encoding: gzip..Content-Length: 783..Content-type: text/ht
ml.............U.j.@.}.g..'.....B)..>........F....uM..wVv..$i.....3
g.FgV...^..(a...(..*..(.0.....aP,....|[email protected]......#..8..c.0C
@#[email protected] ...3R?*R..T.....^/..t.......e`d.<.....u .Y/.e....
...6i.3...;.._.H.S...p.........H..Q.....o].U...e.V}.@]..f...%R3..b.k..
..{..X1..*tH...w. Ku....,h#.WV.(..I..).^ 'R..'..w...^..B..u..S...F.]Eg
......Ec..T..Bp.....HW.D..4.......q.}..f>z ....),.!r.!j..e.y......E
......}.C.vY....].z.:...]....f>....c"$Qy...~9.O...}\..0.@#.qvnN
<<< skipped >>>

GET /s/72578111/72578111/yycomscene.swf HTTP/1.1


Accept: */*
Accept-Language: en-US
Referer: hXXp://VVV.yy.com/136724
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: weblbs.yystatic.com
Connection: Keep-Alive
Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b; hiido_ui=0.57246662237330648


HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Length: 0
Content-type: text/html
Location: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=72578111&subSid=72578111&newtuna=1&referer=http://VVV.yy.com/136724
HTTP/1.1 302 Found..Access-Control-Allow-Credentials: true..Access-Con
trol-Allow-Methods: GET..Access-Control-Allow-Origin: *..Access-Contro
l-Max-Age: 600..Connection: keep-alive..Content-Length: 0..Content-typ
e: text/html..Location: hXXp://c2.web.yystatic.com/r/rc/yycomscene/mai
n/1/11/main.swf?type=yycomscene&topSid=72578111&subSid=72578111&newtun
a=1&referer=http://VVV.yy.com/136724......


GET /s/72578111/72578111/yycomscene.swf HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: weblbs.yystatic.com
Connection: Keep-Alive
Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b; hiido_ui=0.57246662237330648


HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Length: 0
Content-type: text/html
Location: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=72578111&subSid=72578111&newtuna=1&referer=http://VVV.yy.com/136724
HTTP/1.1 302 Found..Access-Control-Allow-Credentials: true..Access-Con
trol-Allow-Methods: GET..Access-Control-Allow-Origin: *..Access-Contro
l-Max-Age: 600..Connection: keep-alive..Content-Length: 0..Content-typ
e: text/html..Location: hXXp://c2.web.yystatic.com/r/rc/yycomscene/mai
n/1/11/main.swf?type=yycomscene&topSid=72578111&subSid=72578111&newtun
a=1&referer=http://VVV.yy.com/136724......


GET //get-data/72578111?subSid=72578111&type=yycomscene&referer=hXXp://VVV.yy.com/136724&_=19990055 HTTP/1.1


Accept: */*
Accept-Language: en-US
Referer: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=72578111&subSid=72578111&newtuna=1&referer=http:/%2
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: weblbs.yystatic.com
Connection: Keep-Alive
Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b; hiido_ui=0.57246662237330648


HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 787
Content-type: text/html
...........U...H.}....<.vW.[0,.%!.........RF.........j.....Lv. ..N.
*.N.?W.....aE.X....... p...f...ZU}7L%...q'.}Y}...............3PX&.. .~
.h...1j..".Xf..k.f.j....Q...}..k.=.w.*u...q..z.N..1..a...&...zX.i}8.9&
...d.a.~.X..D....f./.....t..Dk...........f..........{?.T.3m.2..!...(G.
..x....&.x7.#....I(s...)..D..c.U......l@ (.....s..I.&..U....b...&...BZ
B.9;.......BC.c..s..S.6...T&F!..`.B._....w.0...}.!hj....A.....Bnw.~...
.h...>.w....q....X.'.....)..d..tJ._'.)eW4V.....A:..Y.\..J.Hi.....kV
_.\.r%.]...x..v........Z...q,kR..;e.V`......:...@.*..NkN_.7.Q.....2&.N
J9..d#K..E|(R...}]<s........l.2.....p..6.3]....... r..|'..........t
....r;u.}.......n.9^.w...]...S.w...|u#^....1u.f.W..n>.....F...R....
O.>vT.O-..../<.b.u...;.)..H.0O./.d.S..h...... .1..j@*..xz;.....p
.Z)i..|c}V&.....-=..!...o......Y...HTTP/1.1 200 OK..Access-Control-All
ow-Credentials: true..Access-Control-Allow-Methods: GET..Access-Contro
l-Allow-Origin: *..Access-Control-Max-Age: 600..Connection: keep-alive
..Content-Encoding: gzip..Content-Length: 787..Content-type: text/html
.............U...H.}....<.vW.[0,.%!.........RF.........j.....Lv. ..
N.*.N.?W.....aE.X....... p...f...ZU}7L%...q'.}Y}...............3PX&.. 
.~.h...1j..".Xf..k.f.j....Q...}..k.=.w.*u...q..z.N..1..a...&...zX.i}8.
9&...d.a.~.X..D....f./.....t..Dk...........f..........{?.T.3m.2..!...(
G...x....&.x7.#....I(s...)..D..c.U......l@ (.....s..I.&..U....b...&...
BZB.9;.......BC.c..s..S.6...T&F!..`.B._....w.0...}.!hj....A.....Bnw.~.
...h...>.w....q....X.'.....)..d..tJ._'.)eW4V.....A:..Y.\..J.Hi.
<<< skipped >>>

GET /s/72578111/72578111/yycomscene.swf HTTP/1.1


Accept: */*
Accept-Language: en-US
Referer: hXXp://VVV.yy.com/136724
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: weblbs.yystatic.com
Connection: Keep-Alive
Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b; hiido_ui=0.57246662237330648


HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Length: 0
Content-type: text/html
Location: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=72578111&subSid=72578111&newtuna=1&referer=http://VVV.yy.com/136724
HTTP/1.1 302 Found..Access-Control-Allow-Credentials: true..Access-Con
trol-Allow-Methods: GET..Access-Control-Allow-Origin: *..Access-Contro
l-Max-Age: 600..Connection: keep-alive..Content-Length: 0..Content-typ
e: text/html..Location: hXXp://c2.web.yystatic.com/r/rc/yycomscene/mai
n/1/11/main.swf?type=yycomscene&topSid=72578111&subSid=72578111&newtun
a=1&referer=http://VVV.yy.com/136724......


GET /s/72578111/72578111/yycomscene.swf HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: weblbs.yystatic.com
Connection: Keep-Alive
Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b; hiido_ui=0.57246662237330648


HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Length: 0
Content-type: text/html
Location: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=72578111&subSid=72578111&newtuna=1&referer=http://VVV.yy.com/136724
HTTP/1.1 302 Found..Access-Control-Allow-Credentials: true..Access-Con
trol-Allow-Methods: GET..Access-Control-Allow-Origin: *..Access-Contro
l-Max-Age: 600..Connection: keep-alive..Content-Length: 0..Content-typ
e: text/html..Location: hXXp://c2.web.yystatic.com/r/rc/yycomscene/mai
n/1/11/main.swf?type=yycomscene&topSid=72578111&subSid=72578111&newtun
a=1&referer=http://VVV.yy.com/136724......


GET //get-data/72578111?subSid=72578111&type=yycomscene&referer=hXXp://VVV.yy.com/136724&_=44812174 HTTP/1.1


Accept: */*
Accept-Language: en-US
Referer: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=72578111&subSid=72578111&newtuna=1&referer=http:/%2
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: weblbs.yystatic.com
Connection: Keep-Alive
Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b; hiido_ui=0.57246662237330648


HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 811
Content-type: text/html
...........U...G.}.g..>.VW.}`.....@`a_.1}..`I3...0..T.j.#a... Q]u.T
..T.s...<T5l......U.Wu. ....3..T}7L%jqc..w_6.8..j..0..HU.j...P..I..
F..4/H4.-....k.(@.mJ..E..3.D.....,H.B"2D..e.r........T]S.....T..2A....
......;...Omd..o.......c...-.[..[,..=Q...y7.......t.L.5....cC..~|hS...
..1..mS.~n..g...Z#.#.....i.N.Cu.FU......q..,[email protected]". .. ...A.l....
cr...`..i...Z.I..<.k.w.:..F..{......ZKoDt9F..0*....&d.^ic$Je..9.5)g
#|..U..N&4Q...1... ..u>....ws.$..|.......}\%......f.......&.....u..
.f.R.../..&..i......&RZ........,[.l.....:^.........MU.."~....%...E...~
.C.P=...@.*.EY.xv.7......N"D..c.....%k.B~(R...}]<s........l.2.u.M..
..M.LW...G.?!.ku.;....I.? ._.S..^ .S.......X....pq>..4.....;. .o...
.......%.%.Tc...[...4.t.J).~}>K....~n....|.....C....V2XD:.yz|m'..z.
O...\.....c......~:....O.x:Q.....]c\.:q.Rd.....4..._.....cZ...HTTP/1.1
 200 OK..Access-Control-Allow-Credentials: true..Access-Control-Allow-
Methods: GET..Access-Control-Allow-Origin: *..Access-Control-Max-Age: 
600..Connection: keep-alive..Content-Encoding: gzip..Content-Length: 8
11..Content-type: text/html.............U...G.}.g..>.VW.}`.....@`a_
.1}..`I3...0..T.j.#a... Q]u.T..T.s...<T5l......U.Wu. ....3..T}7L%jq
c..w_6.8..j..0..HU.j...P..I..F..4/H4.-....k.(@.mJ..E..3.D.....,H.B"2D.
.e.r........T]S.....T..2A..........;...Omd..o.......c...-.[..[,..=Q...
y7.......t.L.5....cC..~|hS.....1..mS.~n..g...Z#.#.....i.N.Cu.FU......q
..,[email protected]". .. ...A.l....cr...`..i...Z.I..<.k.w.:..F..{......ZK
oDt9F..0*....&d.^ic$Je..9.5)g#|..U..N&4Q...1... ..u>....ws.$..|
<<< skipped >>>

GET /s/72578111/72578111/yycomscene.swf HTTP/1.1


Accept: */*
Accept-Language: en-US
Referer: hXXp://VVV.yy.com/136724
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: weblbs.yystatic.com
Connection: Keep-Alive
Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b; hiido_ui=0.57246662237330648


HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 600
Connection: keep-alive
Content-Length: 0
Content-type: text/html
Location: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=72578111&subSid=72578111&newtuna=1&referer=http://VVV.yy.com/136724
HTTP/1.1 302 Found..Access-Control-Allow-Credentials: true..Access-Con
trol-Allow-Methods: GET..Access-Control-Allow-Origin: *..Access-Contro
l-Max-Age: 600..Connection: keep-alive..Content-Length: 0..Content-typ
e: text/html..Location: hXXp://c2.web.yystatic.com/r/rc/yycomscene/mai
n/1/11/main.swf?type=yycomscene&topSid=72578111&subSid=72578111&newtun
a=1&referer=http://VVV.yy.com/136724..



GET /r/rc/yycomscene/core/1/19/core.bmp HTTP/1.1
Accept: */*
Accept-Language: en-US
Referer: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=86415000&subSid=86415000&newtuna=1&referer=http:/%2
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: c2.web.yystatic.com
Connection: Keep-Alive
Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b; hiido_ui=0.57246662237330648


HTTP/1.0 302 Found
Cache-Control: no-cache
Connection: close
Location: hXXp://87.245.198.80/c2.web.yystatic.com/r/rc/yycomscene/core/1/19/core.bmp?wsiphost=local



GET /hiido_internal.js?siteid=www@yy HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: hdjs.hiido.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Date: Sat, 04 Jun 2016 17:49:00 GMT
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Fri, 03 Jun 2016 09:39:08 GMT
ETag: W/"5bb3-15515a16a60"
Content-Type: application/javascript
Content-Length: 23475
X-Via: 1.1 db77:1 (Cdn Cache Server V2.0)
Connection: keep-alive
/*! hiido.js: v0.8.0 2016-06-03 17:39:06 */.!function(e){function n(t)
{if(i[t])return i[t].exports;var r=i[t]={exports:{},id:t,loaded:!1};re
turn e[t].call(r.exports,r,r.exports,n),r.loaded=!0,r.exports}var i={}
;return n.m=e,n.c=i,n.p="",n(0)}([function(e,n,i){"use strict";!functi
on(){var e=i(1),n=navigator.userAgent;try{new e(n,!0)}catch(t){console
.dir(t);var r=new Image(1,1),o="";for(var a in t)o =a ":" t[a] ";";var
 s=encodeURIComponent,u=t.stack?s(t.stack):"";r.src=window.location.pr
otocol "//wbugs.hiido.com/c.gif?e=" s(o) "|" u "|" s(window.location.h
ref) "|" s(n),r.onload=function(){}}}()},function(e,n,i){"use strict";
function t(e,n,i,t){e.addEventListener?e.addEventListener(n,i,!!t):e.a
ttachEvent&&(e["e" n i]=i,e[n i]=function(){e["e" n i](window.event)},
e.attachEvent("on" n,e[n i]))}function r(e){var n="; " document.cookie
,i=n.split("; " e "=");return 1===i.length?"":decodeURIComponent(i[1].
split(";")[0])}function o(e,n,i){i=i||{};var t=e "=" encodeURIComponen
t(n);if(i.expires&&"number"==typeof i.expires){var r=new Date;i.expire
s=1e3*i.expires*60*60*24,r=new Date(r.getTime() i.expires),t=t "; expi
res=" r.toUTCString()}i.path?t=t "; path=" i.path:"; path=/",i.domain?
t=t "; domain=" i.domain:"",document.cookie=t}function a(){return wind
ow.location.hostname}function s(){var e,n=window._hiido_wid,i=Object.p
rototype.toString;if(n)if("[object Array]"===i.call(n))e=n.join("|");e
lse if("function"==typeof n)try{e=n.call(window),"[object Array]"===i.
call(e)&&(e=e.join("|"))}catch(t){window.console.log("_hiido_wid .
<<< skipped >>>

GET /hiido_internal.js?siteid=www@yy HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
If-Modified-Since: Fri, 03 Jun 2016 09:39:08 GMT
If-None-Match: W/"5bb3-15515a16a60"
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: hdjs.hiido.com
Connection: Keep-Alive


HTTP/1.1 304 Not Modified
Date: Sat, 04 Jun 2016 17:49:06 GMT
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Fri, 03 Jun 2016 09:39:08 GMT
ETag: W/"5bb3-15515a16a60"
X-Via: 1.1 FM-31430C:8104 (Cdn Cache Server V2.0), 1.1 fuzhou189:8107 (Cdn Cache Server V2.0), 1.1 db77:1 (Cdn Cache Server V2.0)
Connection: keep-alive
HTTP/1.1 304 Not Modified..Date: Sat, 04 Jun 2016 17:49:06 GMT..X-Powe
red-By: Express..Accept-Ranges: bytes..Cache-Control: public, max-age=
0..Last-Modified: Fri, 03 Jun 2016 09:39:08 GMT..ETag: W/"5bb3-15515a1
6a60"..X-Via: 1.1 FM-31430C:8104 (Cdn Cache Server V2.0), 1.1 fuzhou18
9:8107 (Cdn Cache Server V2.0), 1.1 db77:1 (Cdn Cache Server V2.0)..Co
nnection: keep-alive......


GET /hiido_internal.js?siteid=www@yy HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
If-Modified-Since: Fri, 03 Jun 2016 09:39:08 GMT
If-None-Match: W/"5bb3-15515a16a60"
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: hdjs.hiido.com
Connection: Keep-Alive


HTTP/1.1 304 Not Modified
Date: Sat, 04 Jun 2016 17:49:21 GMT
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Fri, 03 Jun 2016 09:39:08 GMT
ETag: W/"5bb3-15515a16a60"
X-Via: 1.1 FM-31430C:8104 (Cdn Cache Server V2.0), 1.1 fuzhou189:8107 (Cdn Cache Server V2.0), 1.1 db77:1 (Cdn Cache Server V2.0)
Connection: keep-alive
HTTP/1.1 304 Not Modified..Date: Sat, 04 Jun 2016 17:49:21 GMT..X-Powe
red-By: Express..Accept-Ranges: bytes..Cache-Control: public, max-age=
0..Last-Modified: Fri, 03 Jun 2016 09:39:08 GMT..ETag: W/"5bb3-15515a1
6a60"..X-Via: 1.1 FM-31430C:8104 (Cdn Cache Server V2.0), 1.1 fuzhou18
9:8107 (Cdn Cache Server V2.0), 1.1 db77:1 (Cdn Cache Server V2.0)..Co
nnection: keep-alive......


GET /hiido_internal.js?siteid=www@yy HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
If-Modified-Since: Fri, 03 Jun 2016 09:39:08 GMT
If-None-Match: W/"5bb3-15515a16a60"
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: hdjs.hiido.com
Connection: Keep-Alive


HTTP/1.1 304 Not Modified
Date: Sat, 04 Jun 2016 17:49:31 GMT
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Fri, 03 Jun 2016 09:39:08 GMT
ETag: W/"5bb3-15515a16a60"
X-Via: 1.1 FM-31430C:8104 (Cdn Cache Server V2.0), 1.1 fuzhou189:8107 (Cdn Cache Server V2.0), 1.1 db77:1 (Cdn Cache Server V2.0)
Connection: keep-alive
HTTP/1.1 304 Not Modified..Date: Sat, 04 Jun 2016 17:49:31 GMT..X-Powe
red-By: Express..Accept-Ranges: bytes..Cache-Control: public, max-age=
0..Last-Modified: Fri, 03 Jun 2016 09:39:08 GMT..ETag: W/"5bb3-15515a1
6a60"..X-Via: 1.1 FM-31430C:8104 (Cdn Cache Server V2.0), 1.1 fuzhou18
9:8107 (Cdn Cache Server V2.0), 1.1 db77:1 (Cdn Cache Server V2.0)..Co
nnection: keep-alive......


GET /hiido_internal.js?siteid=www@yy HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
If-Modified-Since: Fri, 03 Jun 2016 09:39:08 GMT
If-None-Match: W/"5bb3-15515a16a60"
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: hdjs.hiido.com
Connection: Keep-Alive


HTTP/1.1 304 Not Modified
Date: Sat, 04 Jun 2016 17:49:37 GMT
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Fri, 03 Jun 2016 09:39:08 GMT
ETag: W/"5bb3-15515a16a60"
X-Via: 1.1 FM-31430C:8104 (Cdn Cache Server V2.0), 1.1 fuzhou189:8107 (Cdn Cache Server V2.0), 1.1 db77:1 (Cdn Cache Server V2.0)
Connection: keep-alive
HTTP/1.1 304 Not Modified..Date: Sat, 04 Jun 2016 17:49:37 GMT..X-Powe
red-By: Express..Accept-Ranges: bytes..Cache-Control: public, max-age=
0..Last-Modified: Fri, 03 Jun 2016 09:39:08 GMT..ETag: W/"5bb3-15515a1
6a60"..X-Via: 1.1 FM-31430C:8104 (Cdn Cache Server V2.0), 1.1 fuzhou18
9:8107 (Cdn Cache Server V2.0), 1.1 db77:1 (Cdn Cache Server V2.0)..Co
nnection: keep-alive......


GET /hiido_internal.js?siteid=www@yy HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
If-Modified-Since: Fri, 03 Jun 2016 09:39:08 GMT
If-None-Match: W/"5bb3-15515a16a60"
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: hdjs.hiido.com
Connection: Keep-Alive


HTTP/1.1 304 Not Modified
Date: Sat, 04 Jun 2016 17:49:46 GMT
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Fri, 03 Jun 2016 09:39:08 GMT
ETag: W/"5bb3-15515a16a60"
X-Via: 1.1 FM-31430C:8104 (Cdn Cache Server V2.0), 1.1 fuzhou189:8107 (Cdn Cache Server V2.0), 1.1 db77:1 (Cdn Cache Server V2.0)
Connection: keep-alive
HTTP/1.1 304 Not Modified..Date: Sat, 04 Jun 2016 17:49:46 GMT..X-Powe
red-By: Express..Accept-Ranges: bytes..Cache-Control: public, max-age=
0..Last-Modified: Fri, 03 Jun 2016 09:39:08 GMT..ETag: W/"5bb3-15515a1
6a60"..X-Via: 1.1 FM-31430C:8104 (Cdn Cache Server V2.0), 1.1 fuzhou18
9:8107 (Cdn Cache Server V2.0), 1.1 db77:1 (Cdn Cache Server V2.0)..Co
nnection: keep-alive......



GET / HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: VVV.yy.com
Connection: Keep-Alive
Cookie: hiido_ui=0.20794194939660737; hdjs_ui=0.9037752212777944; hdjs_session_id=0.4559120123177925; hdjs_session_time=1465062549724


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:49:04 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 04 Jun 2016 17:49:03 GMT
Content-Encoding: gzip
f20..............{w.G.7.w.Z.;.x..$..V./.0.A...Z....4k..,.],Y...m..Y...
.$..0..&....c0..~...$......._.V..!D..ruw......w...>..d1..M.........
...o*..........)>.Hd..r...k....t.;...x!.IW)[email protected]..&.}3...,/...
NN.J..']..r.T).?.'2]..(}.........9.D..\....DO.X...8U.._../c.<h.....
x:..c.T.g:9......'...n..t..9.=.I...K.#..u...f. .......6..m.o.#.....).?
.y}K.}........R....oB...x69.]......Rv.6.Z)N...=......p....D);....x).G%
.I.3.%.o%[email protected].\J4...D0W.......t.4....
..............v....|>.#.._~Z..A.;P]{ \..-..n.._:Z..RX:!.<.>_.
...?...}....3..W.......7....0.R{t..$.T{.".;S?.R;....<.T._.'...K...7
...6.=.........k..8q....(l.?./..........J..'...V..|.0..L6../<....[.
.f'k........m.. .}......Djn.XJ.u."..A......._.....O.k/./.....E........
.......h.....]J.i.R....r&....m0..r9...1..J....B(..P......&YF.eQ..24..x
19.....^..._,...\S!s.. .8.#........#J.me..t9..g`D>..._.m.......y.h}
..G[........b...........K.|..........i>......0h`../=......Ta<.Tp
.W.^g*.t.#...#g.._..M...J.$.."......J)m:[email protected]~.......g.OS....^D
.f.s...Gw.....y>0....!..Qb..v?.@..|V....|q..@&.L.&?.dR.l..."......E
...p2{ .....O......$..Rw!^..]..:.4^.. ..).*?......a.K..Y0U.~\l.=!|.R?y
..|...xuc..|@X|.8.!<..p^X=............Xo...g............).}:z..T.P.
..cY..t....z.....|......J.Dp.T.).JA01N... ..x)..nl<.....x....L`.x..
....P...,...h@%\|[email protected]...`P.........3".v..IP..X........:..&
gt;x.. ."8.NaR.....%.M.........P.[.....6.V.?...O......x........T..O...
sa....../.oL.&...r....39.n........u.....K...G..UF..!<|.8..BHVep
<<< skipped >>>


GET /r/rc/yycomscene/core/1/19/core.bmp HTTP/1.1
Accept: */*
Accept-Language: en-US
Referer: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=72578111&subSid=72578111&newtuna=1&referer=http:/%2
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: c2.web.yystatic.com
Connection: Keep-Alive
Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b; hiido_ui=0.57246662237330648


HTTP/1.0 302 Found
Cache-Control: no-cache
Connection: close
Location: hXXp://87.245.198.80/c2.web.yystatic.com/r/rc/yycomscene/core/1/19/core.bmp?wsiphost=local



GET /d.gif?sed=ac2d7764b9edb680&te=2&rl=yycomscene&td=0&ip=null&sd=72578111&sbd=72578111&ud=null&ot=1465062568&dr=0&wy=cc515ea9f79d46d0a143e95390998e1b&rf=http://VVV.yy.com/136724&sr=0&cd=0&ui=0.20794194939660737&in=null HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: dataaq.yy.com
Connection: Keep-Alive
Cookie: Hm_lpvt_c493393610cdccbddc1f124d567e36ab=1465062565; hiido_ui=0.20794194939660737; Hm_lvt_c493393610cdccbddc1f124d567e36ab=1465062552,1465062557


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:49:19 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Last-Modified: Tue, 22 Sep 2015 03:14:13 GMT
ETag: "5600c785-0"
Accept-Ranges: bytes
HTTP/1.1 200 OK..Server: nginx..Date: Sat, 04 Jun 2016 17:49:19 GMT..C
ontent-Type: image/gif..Content-Length: 0..Connection: keep-alive..Las
t-Modified: Tue, 22 Sep 2015 03:14:13 GMT..ETag: "5600c785-0"..Accept-
Ranges: bytes......



GET /j.gif?act=webstat&ht=VVV.yy.com&siteid=www@yy&speid=&ui=0.9037752212777944&sc=1276.846&cl=32-bit&pcmb=1&os=win|xp&bs=ie6&mb=&se=&wd=&rfh=&rf=&sns=&fl=-1&ln=&ja=1&ck=1&ot=<=&xy=&ext=&v=v0.8.0&pl=http://VVV.yy.com/210075&hsid=0.4215254752462996&io=1&ut=1465062550068&rnd=0.90377522127779441465062550068 HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /r/rc/yycomscene/core/1/19/core.bmp HTTP/1.1
Accept: */*
Accept-Language: en-US
Referer: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=86415000&subSid=86415000&newtuna=1&referer=http:/%2
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: c2.web.yystatic.com
Connection: Keep-Alive
Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b; hiido_ui=0.57246662237330648


HTTP/1.0 302 Found
Cache-Control: no-cache
Connection: close
Location: hXXp://87.245.198.80/c2.web.yystatic.com/r/rc/yycomscene/core/1/19/core.bmp?wsiphost=local



GET /r/rc/yycomscene/core/1/19/core.bmp HTTP/1.1
Accept: */*
Accept-Language: en-US
Referer: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=72578111&subSid=72578111&newtuna=1&referer=http:/%2
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: c2.web.yystatic.com
Connection: Keep-Alive
Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b; hiido_ui=0.57246662237330648


HTTP/1.0 302 Found
Cache-Control: no-cache
Connection: close
Location: hXXp://87.245.198.80/c2.web.yystatic.com/r/rc/yycomscene/core/1/19/core.bmp?wsiphost=local



GET /MGFhN2YyZTEtZWM1YS00MWJiLWFkZjAtNWYyYTExZDQzNTg0.jpg HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: emyfs.bs2dl.yy.com
Connection: Keep-Alive
Cookie: hiido_ui=0.20794194939660737; Hm_lvt_c493393610cdccbddc1f124d567e36ab=1465062552


HTTP/1.1 200 OK
Expires: Sun, 05 Jun 2016 10:02:38 GMT
Date: Sat, 04 Jun 2016 10:02:38 GMT
Server: openresty
Content-Type: image/jpeg
Content-Length: 57637
Accept-Ranges: bytes
Last-Modified: Fri, 08 Apr 2016 11:45:17 GMT
ETag: "05103121f4d2ad1e1d0d5fd6247c26df393229fa"
Cache-Control: public,max-age=86400
Age: 1
X-Via: 1.1 zhdx182:8108 (Cdn Cache Server V2.0), 1.1 db78:10 (Cdn Cache Server V2.0)
Connection: keep-alive
......Exif..II*.................Ducky.......b.....*hXXp://ns.adobe.com
/xap/1.0/.<?xpacket begin="..." id="W5M0MpCehiHzreSzNTczkc9d"?> 
<x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.5-c01
4 79.151481, 2013/03/13-12:09:15        "> <rdf:RDF xmlns:rdf="h
ttp://VVV.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rd
f:about="" xmlns:xmpMM="hXXp://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="
hXXp://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="hXXp://ns.a
dobe.com/xap/1.0/" xmpMM:DocumentID="xmp.did:8C674D38FD7411E597FADFC94
CEB5A8E" xmpMM:InstanceID="xmp.iid:8C674D37FD7411E597FADFC94CEB5A8E" x
mp:CreatorTool="Adobe Photoshop CC (Windows)"> <xmpMM:DerivedFro
m stRef:instanceID="xmp.iid:F49862DFFCA211E58BAEE6768DC01998" stRef:do
cumentID="xmp.did:F49862E0FCA211E58BAEE6768DC01998"/> </rdf:Desc
ription> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?&
gt;....Adobe.d........................................................
......................................................................
...................B.b................................................
.............................................!1.AQ..aq...".....2....B#
3...Rbr..C$456.c7...SsDd%Ue.89.....................!.1A..Qa.q."......2
...B#..Rb3.r..$..Cs..S5.c...4.............?......@..>.C..r...S..QO.
..j.,4..B.c?....2..P..>..S=x.A...W..\...........=.%......-Q=.E4.5..
...~.&1u.1.E3.A..........0'...F......I.L.M.....4..)(...OJ;P...O.A.0<
;..0.$t...Hj8..Z:y.|...d....&XT.mU{....-..:=P!..2...$.cX..@.!CNx.r
<<< skipped >>>

GET /OWJjZjY1NjYtY2U4OS00NzkwLTg4M2MtM2QxNjY2ODkyMWQx.jpg HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: emyfs.bs2dl.yy.com
Connection: Keep-Alive
Cookie: hiido_ui=0.20794194939660737; Hm_lvt_c493393610cdccbddc1f124d567e36ab=1465062552


HTTP/1.1 200 OK
Expires: Sun, 05 Jun 2016 02:49:15 GMT
Date: Sat, 04 Jun 2016 02:49:15 GMT
Server: openresty
Content-Type: image/jpeg
Content-Length: 97226
Accept-Ranges: bytes
Last-Modified: Fri, 08 Apr 2016 12:06:00 GMT
ETag: "e46105ef2f4713cd19511290f7cef29813274dee"
Cache-Control: public,max-age=86400
Age: 1
X-Via: 1.1 db78:7 (Cdn Cache Server V2.0)
Connection: keep-alive
......Exif..II*.................Ducky......._.....*hXXp://ns.adobe.com
/xap/1.0/.<?xpacket begin="..." id="W5M0MpCehiHzreSzNTczkc9d"?> 
<x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.5-c01
4 79.151481, 2013/03/13-12:09:15        "> <rdf:RDF xmlns:rdf="h
ttp://VVV.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rd
f:about="" xmlns:xmpMM="hXXp://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="
hXXp://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="hXXp://ns.a
dobe.com/xap/1.0/" xmpMM:DocumentID="xmp.did:650E5FB4FD7511E5A674A1EF3
C10C135" xmpMM:InstanceID="xmp.iid:650E5FB3FD7511E5A674A1EF3C10C135" x
mp:CreatorTool="Adobe Photoshop CC (Windows)"> <xmpMM:DerivedFro
m stRef:instanceID="xmp.iid:954C321EFD7411E586DFBD0F280D43F0" stRef:do
cumentID="xmp.did:954C321FFD7411E586DFBD0F280D43F0"/> </rdf:Desc
ription> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?&
gt;....Adobe.d........................................................
......................................................................
...................B.b................................................
................................................!.1.AQ..a".q.2..B#3...
..R4...bC$56..r.SD%'cEe.&F......t.U.7........................!..1A..Qa
.q."......2...BR..b#3$.r..4..%..C...5Ss.................?.....j.......
.^/.......R.:...4.Rzu#\..!...I...........b.,...Gy{.0,....l.7..I2bZ..&|
.~...S!...a......ETHH'E.D....1.-k@kZ\[email protected].....
@.5\...K..N..\...\,..z..u....q..NI...\,.../.'Bs...1........U.!.~..
<<< skipped >>>


GET /j.gif?act=webevent&eventid=10008953&value=1&sys=3&uid=0&ui=0.20794194939660737&act_type=201&source=0_0&time=1465062581&username= HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /j.gif?act=webstat&ht=VVV.yy.com&siteid=www@yy&speid=&ui=0.9037752212777944&sc=1276.846&cl=32-bit&pcmb=1&os=win|xp&bs=ie6&mb=&se=&wd=&rfh=&rf=&sns=&fl=-1&ln=&ja=1&ck=1&ot=<=5406&xy=&ext=&v=v0.8.0&pl=http://VVV.yy.com/136724&hsid=0.4559120123177925&io=0&ut=1465062564005&rnd=0.90377522127779441465062564005 HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /pc/css/headfoot.mix.css?20160603212726 HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: yyweb.yystatic.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Expires: Fri, 10 Jun 2016 14:29:26 GMT
Date: Fri, 03 Jun 2016 14:29:26 GMT
Server: nginx
Content-Type: text/css
Last-Modified: Fri, 03 Jun 2016 14:07:12 GMT
Transfer-Encoding: chunked
Cache-Control: max-age=604800
Content-Encoding: gzip
Age: 1
X-Via: 1.1 zhj75:8110 (Cdn Cache Server V2.0), 1.1 db77:7 (Cdn Cache Server V2.0)
Connection: keep-alive
1530.............<i..8r.. .;...d.}b..dll..O..6...Zbwk..4..~.....-..
..H....'..b..V....5.z08/....o..x..CS...2.....!x...s........... ..2..eU
...kY..~..SS<:...|..8... @.t.P6..nj.t.n..}..O....}..xY..{?.....?.ro
....E...g...bp.%....{n..{..k.^c......n..n..[.nS...v......u s..{..[.]..
....(......@.....~.0..{"P!..........!..............H.....#........mS..
..........0Bz.e.U^V...p.....t]c.0...S66..*k.....X.}[e.....om..Y=<..
....d..|..6........1....c.I..........u...r..R......G.E..b....}x.....2.
..9...f......^.?e.......g......Y..Gy.3.......<.oe.})..z.o...x..O...
[email protected]..].......b.5./5............`.....bsn.{.... ...
[`k......R......J.- k...4. P.=.B...b%.?5.^^....jz ....p.. ........z}..
.....#.}.... .r?on...]y......j!w.C...d.l.. .....O....?."....n... .8..&
C.Ep..L(....N.A~).Ky.g.s.....K....o.......).I*.a 3..g.....Q...OQ.n.8..
.8ys|.a.t.................;j............j..n.....^.]...?n..\..;.?....)
...C..^.=.6.....38~.2R....L.{C.....z......`QG..y.e.....W...8#-....\.}.
.....R...............|[email protected]...>46.D{..)..aY.......)..
...b...Y...L$...[..4a..G.....Q.....:B/.9....v.=....s.._..=..Q..>...
.)U......V.y...>.f`).j..."..x!3U.8.u:j..-B.}..R.8...D..3.....E.j..|
[email protected])k..Lj.}.=..Q..iz4#.\.....v:...P.N.m.Y..m.V..X!.HN....m.....
....A..t.S.:p...o......g..c....N:.r.J...O...N.....6u.......*.*[email protected]...
.......!.....]......H...7..T."".t...Z......Z...E..bAO...TQ.1'.I..e.k..
~DZ.\...>.......... 0.'......Fv.=Zh..........X:.1..V5.&...y).cb~.e.
.o.C....y....h`..F.:........v...........}.|.y..........G...._.-...
<<< skipped >>>

GET /pc/images/components/w-leftMenu/images/icons-leftMenu2.png HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: yyweb.yystatic.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Expires: Thu, 09 Jun 2016 13:55:39 GMT
Date: Thu, 02 Jun 2016 13:55:39 GMT
Server: nginx
Content-Type: image/png
Content-Length: 3501
Last-Modified: Thu, 02 Jun 2016 09:02:52 GMT
ETag: "574ff63c-dad"
Cache-Control: max-age=604800
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 zhdx182:8110 (Cdn Cache Server V2.0), 1.1 db78:7 (Cdn Cache Server V2.0)
Connection: keep-alive
.PNG........IHDR...,...........9A....tEXtSoftware.Adobe ImageReadyq.e&
lt;...fiTXtXML:com.adobe.xmp.....<?xpacket begin="..." id="W5M0MpCe
hiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk=
"Adobe XMP Core 5.3-c011 66.145661, 2012/02/06-14:56:27        "> &
lt;rdf:RDF xmlns:rdf="hXXp://VVV.w3.org/1999/02/22-rdf-syntax-ns#">
 <rdf:Description rdf:about="" xmlns:xmpMM="hXXp://ns.adobe.com/xap
/1.0/mm/" xmlns:stRef="hXXp://ns.adobe.com/xap/1.0/sType/ResourceRef#"
 xmlns:xmp="hXXp://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xm
p.did:78147A0941E8E511B4F18C60B26C9B4B" xmpMM:DocumentID="xmp.did:C28C
A4F60A8911E6A7BC8ECC5119A4F7" xmpMM:InstanceID="xmp.iid:C28CA4F50A8911
E6A7BC8ECC5119A4F7" xmp:CreatorTool="Adobe Photoshop CS6 (Windows)">
; <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:DE35EEEE6F08E61188C6
FFEC2BF8B5A6" stRef:documentID="xmp.did:78147A0941E8E511B4F18C60B26C9B
4B"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> 
<?xpacket end="r"?>.'w.....IDATx..\i..E...,...cP\..4....u."..h.?
&.F.. ..!v...?....Q.D.}A.VdQ..]c......w..A.....m...f.......YvMW.ez._..
MMu.W....<..H.nll....X..........W........e^.Cw=p'p!}9.m..X.Iu.v%.k.
C......{.K..@7......\ ^J.A~.........S.^k4t........X..'....6.. .Q,.q\..
....r.....vi>r'_#.................|.V.a.....4`O.G.a..t.D.0...w.p~q.
..{G..G...2`...A}..-|.'.=:Bl.......d.x%~.....7..x0i.D.. ?.T.-..e~.K...
,..n!.O.3....N.."s<..,../5?.-..8.8.}.......FS.....1.to.5.J.xo....|.
...~.....2.~.......m....1a*..Y.-.;....?Jp......../.(...:..6._....Y
<<< skipped >>>

GET /pc/images/default_portrait.jpg HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: yyweb.yystatic.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Expires: Fri, 10 Jun 2016 15:44:06 GMT
Date: Fri, 03 Jun 2016 15:44:06 GMT
Server: nginx
Content-Type: image/jpeg
Content-Length: 7872
Last-Modified: Mon, 30 May 2016 06:42:16 GMT
ETag: "574be0c8-1ec0"
Cache-Control: max-age=604800
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 fuzhou185:8110 (Cdn Cache Server V2.0), 1.1 db77:0 (Cdn Cache Server V2.0)
Connection: keep-alive
......JFIF.....d.d.....C..............................................
......................C...............................................
........................Z.Z...........................................
.........................................y......g..........z......u...
.|[@.UC^S^%...a..C....j...a.$#.3}..h}qG.9.g...,%.nS.D.).Y....u.h.#gG.`
..AK.K..#.. 33.:@._....(...q.c....{.*.R..L.5n..l.w c.J`M..R.......#8..
\..i.I...yU..P.............X..e...i C.0..zT...!?.Z.%7.I......Z.F6..x..
^O.a...S)..[.~.R...3uu.n..1..}.`..(.....b...}7.L-..\[email protected] 
.`[...i..]..h...%F.<'<.HQ.v.uz..O..DJj(V..<[email protected]
...c......?.l.$R^..6..1jez5o..B.R\...9..Yw.s.....)....................
.........."3. !#45A.............I....."........F.3.....l;9..W.6.\3B.r.
..!)..!.m.gd..L%......Em..F|..=]a%..............!k....8...B.....c..0X.
.k...j.......\.3a.....I|e<...p....VE..[.W-u.......#.6.j............
...W".uM......,.....l...K.e./.[.2........P...x.>.U\.c. .....X.P..5.
....X......x`6..%m[E.....1.h>BWWTG_....H.S."...4. ."d.......f.&.h..
| ...._....#[email protected]~Y.d....D...Kq....%..Il..x...c.H{..%. 
.'quo..BEu........`.K..g......g...?........................!1....AQ2a.
..."3q....#BRbr...... 4CS.........?....T.....F....."..v..[..G.~..#..e.
>.>..#.....x..&c..N.%w......[..........>..x.P..`.1.4....%i...
.;$c......m"...i.............. [email protected]'[email protected]
...s.....R.4.......OjsPbcS...2......o..G2=..b..-.....<.......M4L.SZ
85.......v....s....7?..TZ..}...IW..-.......f.%..U=.f...-..]......O
<<< skipped >>>

GET /pc/images/components/w-liveplayer/images/w-liveplayer-sprite-p24.png?201605261526 HTTP/1.1


Accept: */*
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: yyweb.yystatic.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Expires: Fri, 10 Jun 2016 12:20:02 GMT
Date: Fri, 03 Jun 2016 12:20:02 GMT
Server: nginx
Content-Type: image/png
Content-Length: 932
Last-Modified: Fri, 03 Jun 2016 06:49:14 GMT
ETag: "5751286a-3a4"
Cache-Control: max-age=604800
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 zhenjiang80:8107 (Cdn Cache Server V2.0), 1.1 db77:7 (Cdn Cache Server V2.0)
Connection: keep-alive
.PNG........IHDR.......K........!....PLTE.............................
......................................................................
......................................................................
.......................qp.s...*tRNS......!"(?@CGKPVcilww..............
..........H...iIDATh...go.0... P.({...4....._.c......*5.G.H.......WN;g
m...0V......yS..I....?:8.....\".M....D...%.i....b.l.5E...%..4.H.1..{..
..R.c..H.uu.y...)t..{.......;[email protected].............."..8....U.....?g
.7.v.|.i/7g....*$;.XG{V.....#.5.{W.#...s\.....G..& .|Yg{..J...g4k...RS
..m3 .bJ....j.k-..vY..T.[,.".U...h."m.G...ZV.........W. ....,wQ.T.....
.k1..b....yag............:]...?...U.......!C.y:5..V..]|N"Ma...u..M....
uc..i.....\7i...u.l.i....b.r4Vn...... a...F.......V.......a.{.Q,...>
;Z.S.K..C`.X..,....K.6....i..4.........o_I,.f...?......h,.c7".....b>
;.......,...:..r%...**.........3 ..R8(...=8......^.y..X.....?....BV..Y
! d.,|...!..X)@.....IEND.B`.....


GET /pc/images/components/w-chatroom/images/alpha-bg.png HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: yyweb.yystatic.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Expires: Thu, 09 Jun 2016 13:55:41 GMT
Date: Thu, 02 Jun 2016 13:55:41 GMT
Server: nginx
Content-Type: image/png
Content-Length: 1165
Last-Modified: Thu, 02 Jun 2016 09:02:53 GMT
ETag: "574ff63d-48d"
Cache-Control: max-age=604800
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 db77:1 (Cdn Cache Server V2.0)
Connection: keep-alive
.PNG........IHDR.......F.......^'....tEXtSoftware.Adobe ImageReadyq.e&
lt;...qiTXtXML:com.adobe.xmp.....<?xpacket begin="..." id="W5M0MpCe
hiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk=
"Adobe XMP Core 5.3-c011 66.145661, 2012/02/06-14:56:27        "> &
lt;rdf:RDF xmlns:rdf="hXXp://VVV.w3.org/1999/02/22-rdf-syntax-ns#">
 <rdf:Description rdf:about="" xmlns:xmpMM="hXXp://ns.adobe.com/xap
/1.0/mm/" xmlns:stRef="hXXp://ns.adobe.com/xap/1.0/sType/ResourceRef#"
 xmlns:xmp="hXXp://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xm
p.did:8ad64beb-0567-7b4c-a3c5-f03681ebd8e9" xmpMM:DocumentID="xmp.did:
6CFE6418FC9D11E59BDE8CC47D964442" xmpMM:InstanceID="xmp.iid:6CFE6417FC
9D11E59BDE8CC47D964442" xmp:CreatorTool="Adobe Photoshop CC (Windows)"
> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:6c08b5c3-eee2-7f4
3-81b4-21b6d0020688" stRef:documentID="xmp.did:8ad64beb-0567-7b4c-a3c5
-f03681ebd8e9"/> </rdf:Description> </rdf:RDF> </x:x
mpmeta> <?xpacket end="r"?>........IDATx...K..0.D.....;...$2.
\/[vy.;...L.^B......p0h.u..R(zJ.T..(....*..3W..#\s.,....|Q...6.-.,....
...t.c..pG=..A.>..T.w.Y.Q...]..^...6.`...*.9.].....A....*...^ Oe..x
.e..D{}........}.`..(.=....IEND.B`.....
<<< skipped >>>

GET /pc/images/icons-index.png?20160505002 HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: yyweb.yystatic.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Expires: Thu, 09 Jun 2016 14:16:24 GMT
Date: Thu, 02 Jun 2016 14:16:24 GMT
Server: nginx
Content-Type: image/png
Content-Length: 7763
Last-Modified: Thu, 02 Jun 2016 09:02:52 GMT
ETag: "574ff63c-1e53"
Cache-Control: max-age=604800
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 zhdx182:8109 (Cdn Cache Server V2.0), 1.1 db78:5 (Cdn Cache Server V2.0)
Connection: keep-alive
.PNG........IHDR...g.........e.......tEXtSoftware.Adobe ImageReadyq.e&
lt;...fiTXtXML:com.adobe.xmp.....<?xpacket begin="..." id="W5M0MpCe
hiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk=
"Adobe XMP Core 5.3-c011 66.145661, 2012/02/06-14:56:27        "> &
lt;rdf:RDF xmlns:rdf="hXXp://VVV.w3.org/1999/02/22-rdf-syntax-ns#">
 <rdf:Description rdf:about="" xmlns:xmpMM="hXXp://ns.adobe.com/xap
/1.0/mm/" xmlns:stRef="hXXp://ns.adobe.com/xap/1.0/sType/ResourceRef#"
 xmlns:xmp="hXXp://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xm
p.did:AA3DBE776BB4E5118B05D7A794AAF00F" xmpMM:DocumentID="xmp.did:7EF9
E6F90C6211E6A91FDE8E746A1BD4" xmpMM:InstanceID="xmp.iid:7EF9E6F80C6211
E6A91FDE8E746A1BD4" xmp:CreatorTool="Adobe Photoshop CS6 (Windows)">
; <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:CBF045314C0CE611945D
E2C4190FDAD4" stRef:documentID="xmp.did:AA3DBE776BB4E5118B05D7A794AAF0
0F"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> 
<?xpacket end="r"?>.S......IDATx..][email protected].(....H...q
....M6....Q...F.j$......]]...O]E#.5D...j.E...0.....K.y.3...:5S.S.]]...
......:]U..{....{n,.L.qg.ZA..D..(.o.".W.Ghp.$...:...\..8..o...%..... .
. ....$..2.....(..C.?......, _.H2.d..A.. |.., .....3r....I...<....9
..<'..7<.en......|.CF..#.O$u..<G..uV..O....(..$'...;..C..,?..
I......YY....t_Z!....=.KN.y...,G....=.....*..u.".;%.xE...x=...,X.p...E
.z......P..."...I.,W.8.e).$.6...W$[.$...A...d....PGB%B..,.I..$G.#..bF.
n.........Xl.9...x|7...9r..Yd..SWW7...eQQQ......0.H.!........5j.,:
<<< skipped >>>

GET /pc/images/components/w-thirdpartyLogin/images/login-close.png HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: yyweb.yystatic.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Expires: Thu, 09 Jun 2016 01:15:21 GMT
Date: Thu, 02 Jun 2016 01:15:21 GMT
Server: nginx
Content-Type: image/png
Content-Length: 1093
Last-Modified: Tue, 31 May 2016 07:31:37 GMT
ETag: "574d3dd9-445"
Cache-Control: max-age=604800
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 fuzhou190:88 (Cdn Cache Server V2.0), 1.1 db78:8 (Cdn Cache Server V2.0)
Connection: keep-alive
.PNG........IHDR.............r..|....tEXtSoftware.Adobe ImageReadyq.e&
lt;...!iTXtXML:com.adobe.xmp.....<?xpacket begin="..." id="W5M0MpCe
hiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk=
"Adobe XMP Core 5.5-c014 79.151481, 2013/03/13-12:09:15        "> &
lt;rdf:RDF xmlns:rdf="hXXp://VVV.w3.org/1999/02/22-rdf-syntax-ns#">
 <rdf:Description rdf:about="" xmlns:xmp="hXXp://ns.adobe.com/xap/1
.0/" xmlns:xmpMM="hXXp://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http:/
/ns.adobe.com/xap/1.0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photo
shop CC (Windows)" xmpMM:InstanceID="xmp.iid:ECE434E8F27011E58FDE90351
826CD97" xmpMM:DocumentID="xmp.did:ECE434E9F27011E58FDE90351826CD97"&g
t; <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:ECE434E6F27011E58FD
E90351826CD97" stRef:documentID="xmp.did:ECE434E7F27011E58FDE90351826C
D97"/> </rdf:Description> </rdf:RDF> </x:xmpmeta>
 <?xpacket end="r"?>........IDATx.b<s..3.......M.......@.%..p
[email protected] .e..........4B5...)@.kA61..3piD....c.Ib..M..0.....).@....
...]...4.c`.6... ..M..M0'..b. v..t.Y...O....&|.. T.......@....#T.@6...
.|..l,.......v......D....IEND.B`.....
<<< skipped >>>

GET /pc/images/loading-white-mini.gif?201605261526 HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: yyweb.yystatic.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Expires: Fri, 10 Jun 2016 15:50:37 GMT
Date: Fri, 03 Jun 2016 15:50:37 GMT
Server: nginx
Content-Type: image/gif
Content-Length: 12694
Last-Modified: Fri, 03 Jun 2016 14:07:08 GMT
ETag: "57518f0c-3196"
Cache-Control: max-age=604800
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 db77:1 (Cdn Cache Server V2.0)
Connection: keep-alive
GIF89a............E..g.....s...........&..............c...........C...
........y..S..............Z..... ..[.................<..L.....m....
.{..l..K..4....................2.....#..:........z..s...........T.....
.......................................,..........................[...
.....................................................:................
..........e.............}......N..................!..NETSCAPE2.0.....!
..XMP DataXMP<?xpacket begin="..." id="W5M0MpCehiHzreSzNTczkc9d"?&g
t; <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.3-
c011 66.145661, 2012/02/06-14:56:27        "> <rdf:RDF xmlns:rdf
="hXXp://VVV.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description
 rdf:about="" xmlns:xmp="hXXp://ns.adobe.com/xap/1.0/" xmlns:xmpMM="ht
tp://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="hXXp://ns.adobe.com/xap/1.
0/sType/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS6 (Windows)" 
xmpMM:InstanceID="xmp.iid:7B2AD44BD6FD11E5A2F6C23F896E17AB" xmpMM:Docu
mentID="xmp.did:7B2AD44CD6FD11E5A2F6C23F896E17AB"> <xmpMM:Derive
dFrom stRef:instanceID="xmp.iid:7B2AD449D6FD11E5A2F6C23F896E17AB" stRe
f:documentID="xmp.did:7B2AD44AD6FD11E5A2F6C23F896E17AB"/> </rdf:
Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="
r"?>...............................................................
...................................................................~}|
{zyxwvutsrqponmlkjihgfedcba`_^]\[ZYXWVUTSRQPONMLKJIHGFEDCBA@?>=<
;:9876543210/.-, *)('&%$#"! .................................!....
<<< skipped >>>

GET /pc/images/components/w-liveplayer/images/w-liveplayer-sprite.png?201605261526 HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: yyweb.yystatic.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Expires: Fri, 10 Jun 2016 15:49:19 GMT
Date: Fri, 03 Jun 2016 15:49:19 GMT
Server: nginx
Content-Type: image/png
Content-Length: 3860
Last-Modified: Fri, 03 Jun 2016 06:49:14 GMT
ETag: "5751286a-f14"
Cache-Control: max-age=604800
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 zhenjiang73:8080 (Cdn Cache Server V2.0), 1.1 db77:9 (Cdn Cache Server V2.0)
Connection: keep-alive
.PNG........IHDR...............e.....PLTE.......JJ9.%....ttj..........
f..3v.i..........D....-...z..""......VVV.QQD.1...X.G...,..............
".......|..L...<..4....Y...........................2............44.
......jj...........u...|..K..d...........)..s.......................N.
=.......bbK.V...........).....>D.2V.............Q...'..........S...
............\....,I.!.xxk.\....--...S..A.2................>>..$-
..............x.....\..2....?.................u..AF.*G.$.....C....c-..
.....**........<..<[email protected].~...B........:...''
E./Z.o......v..A.9A..Q...........i..K.D.XXG.)...&.............8"......
.....J.7...F.3.............  ..@.............**....**..A.....AN.....-.
[email protected]..^..G.....@.....<......
..,m..}.p......p.b..............................$............J......tR
NS....................................................................
......................................................................
......................................................................
................................................S..%....IDATx....TSW..
`$..A..$..a. .. ..)Qi......U.e.."...Z,.Z.;....`..tp)..rARK\..Z.YZZu4XZ
.s........G.....wr}.....^...bp..S^`..E.......~.w4.h..}..d....V....W...
.\......v.......{.vH.........?hF.N..l..#.".3....g.W. ....w...9....MCC.
..[_....f.^}t.U`...o..9..5.ou.>h..zC..4..-<.|..X.($"QX\.........
....[_.0.b.k}...9&..$.g..(.g..;..C....y./...O..H|.d...O.j.....t.g.....
Y).../..gs.p.i.'.;]9...M...M.\.o.2 ...^.....c.m...O...7...(.r].n/{
<<< skipped >>>

GET /pc/images/components/w-liveplayer/images/w-liveplayer-errbg.jpg?201605261526 HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: yyweb.yystatic.com
Connection: Keep-Alive
Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b; hiido_ui=0.57246662237330648


HTTP/1.1 200 OK
Expires: Fri, 10 Jun 2016 16:49:03 GMT
Date: Fri, 03 Jun 2016 16:49:03 GMT
Server: nginx
Content-Type: image/jpeg
Content-Length: 39903
Last-Modified: Fri, 03 Jun 2016 04:12:11 GMT
ETag: "5751039b-9bdf"
Cache-Control: max-age=604800
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 fuzhou188:88 (Cdn Cache Server V2.0), 1.1 db78:7 (Cdn Cache Server V2.0)
Connection: keep-alive
......Exif..II*.................Ducky.......F..... hXXp://ns.adobe.com
/xap/1.0/.<?xpacket begin="..." id="W5M0MpCehiHzreSzNTczkc9d"?> 
<x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.3-c01
1 66.145661, 2012/02/06-14:56:27        "> <rdf:RDF xmlns:rdf="h
ttp://VVV.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rd
f:about="" xmlns:xmp="hXXp://ns.adobe.com/xap/1.0/" xmlns:xmpMM="http:
//ns.adobe.com/xap/1.0/mm/" xmlns:stRef="hXXp://ns.adobe.com/xap/1.0/s
Type/ResourceRef#" xmp:CreatorTool="Adobe Photoshop CS6 (Windows)" xmp
MM:InstanceID="xmp.iid:5F1D8D5305DC11E68820C0420A9EE112" xmpMM:Documen
tID="xmp.did:5F1D8D5405DC11E68820C0420A9EE112"> <xmpMM:DerivedFr
om stRef:instanceID="xmp.iid:5F1D8D5105DC11E68820C0420A9EE112" stRef:d
ocumentID="xmp.did:5F1D8D5205DC11E68820C0420A9EE112"/> </rdf:Des
cription> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?
>....Adobe.d.......................................................
......................................................................
......................x...............................................
.......................................!1A.Qa....q....."...2B...R#....
r..3......................!..1.AQ.aq".....2....b#...BR.r..3Ss.........
.....?..k}.eM.`.TQ...PYAe.l....@e../[email protected](...(b....,.
.D.#A@b"..TI...\ . 9.`. ...^E.,.......B.&........51v..2.FPYA..........
.............. .2.... @.....$.$..#.`...0F...X I.09Q...AN:.v .....K2..f
..4....l...H....j^Ph.3.Vl......e.......E...L...3x.(-..AL.U .@.....
<<< skipped >>>


GET /j.gif?act=webstat&ht=VVV.yy.com&siteid=www@yy&speid=&ui=0.9037752212777944&sc=1276.846&cl=32-bit&pcmb=1&os=win|xp&bs=ie6&mb=&se=&wd=&rfh=&rf=&sns=&fl=-1&ln=&ja=1&ck=1&ot=<=110&xy=&ext=&v=v0.8.0&pl=http://VVV.yy.com/210075&hsid=0.4215254752462996&io=0&ut=1465062570614&rnd=0.90377522127779441465062570614 HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /r/rc/yycomscene/core/1/19/core.bmp HTTP/1.1
Accept: */*
Accept-Language: en-US
Referer: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=72578111&subSid=72578111&newtuna=1&referer=http:/%2
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: c2.web.yystatic.com
Connection: Keep-Alive
Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b; hiido_ui=0.57246662237330648


HTTP/1.0 302 Found
Cache-Control: no-cache
Connection: close
Location: hXXp://87.245.198.80/c2.web.yystatic.com/r/rc/yycomscene/core/1/19/core.bmp?wsiphost=local



GET /210075 HTTP/1.1
Accept: */*
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: VVV.yy.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:48:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Language: en-US
X-Cache: EXPIRED
Content-Encoding: gzip
1efc.............}{s.........fk....Yo....yn.b...l.JQ#i,.=..3#...[.b.y.
.Hx.........cl......... .~.....Y.....T......W.^k......pi.T....g:......
.....).$.9..(q..(...}.{..S.|<.f(..}D.cE.......-......<...eX._..&
gt;JL.|D.<...D..=.([email protected]...|.}f*_...RB8.."<f..d.......b&..)
rC$[........Ezp.o.&... ..@"5,. .w....%.............}R....}..L.....9..!
m...R$.)..Z....O..iP..j...P..o....a9........I...B."F..'..._...`.!b/)R[
.n..E:O.../.....v.".j.ri....z.......N....)...?.....B...<......m."-2
T.......W../..?Io_U.....Yi.... ..Wk?...x.<5N.'.Vn}S.....U.J.....c..
4.K....K?......3......'if.r.U..g...g........$,...,]..rsg.c.S|.*.q|F..x
.@[email protected]...=........0....*h.A..`.......:d2Zi..4.......P..a}z>...y...
k..............}...X:=..i_1\.3.b..C}...)...l.GC.`P...[....J.R...-b.cR.
%._.8q..-.q...... ..y..m(...\1.2...G...Nl.n.....$....T...1...o4....)..
.......HV...&...L.v....V.ca../c.T......[..#..x.H2.X.N...H8.....E....D.
.p8..&...C.D,......#.d0..... n....O..._n..'6[4.....b_..o'D.H..j`.G.P..
3.Xb(!GQb.i.... ......6..I8...A...p".....'....J.e6Oq...w..*...q..D..[.
r..h6...........64.X.l ....Q TA/...F......h'...;..@CCC..[~..2.....jU;.
J.i....dY8.rdQ...7!3.:..#...~.._mT>Ee..u..k.......:..7...5...e 5..f
... O.'>Y.v.Y.zm...(..HZ....3...5.I/..........F$.......(%:.....B...
.*..pC.....P.."G.........v...Q..9C..i...]>......r..'..Hz..>Q...!
j.,(_.a`X.O.JK.IS...P~=]}<)...LM.g.V?.[^..t.B.~^=.$=..49inJ....t.v.
...n.:7']:WYx..........O...). %5.Q..H......f.4 2....OO.k..............
.@..|.....C.....o.:E.A.w.H}..:..&........U(...../..J.}...w.-.T.?..
<<< skipped >>>

GET /crossdomain.xml HTTP/1.1


Accept: */*
Accept-Language: en-US
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Connection: Keep-Alive
Host: VVV.yy.com


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:48:58 GMT
Content-Type: text/xml; charset=utf-8
Content-Length: 263
Connection: keep-alive
Last-Modified: Thu, 17 Jan 2013 07:21:11 GMT
ETag: "50f7a667-107"
Expires: Sat, 04 Jun 2016 18:03:58 GMT
Cache-Control: max-age=900
Accept-Ranges: bytes
...<?xml version="1.0"?>..<!DOCTYPE cross-domain-policy SYSTE
M "hXXp://VVV.macromedia.com/xml/dtds/cross-domain-policy.dtd">..&l
t;cross-domain-policy>..<allow-access-from domain="*"/>..<
allow-http-request-headers-from domain="*" headers="*"/>..</cros
s-domain-policy>HTTP/1.1 200 OK..Server: nginx..Date: Sat, 04 Jun 2
016 17:48:58 GMT..Content-Type: text/xml; charset=utf-8..Content-Lengt
h: 263..Connection: keep-alive..Last-Modified: Thu, 17 Jan 2013 07:21:
11 GMT..ETag: "50f7a667-107"..Expires: Sat, 04 Jun 2016 18:03:58 GMT..
Cache-Control: max-age=900..Accept-Ranges: bytes.....<?xml version=
"1.0"?>..<!DOCTYPE cross-domain-policy SYSTEM "hXXp://VVV.macrom
edia.com/xml/dtds/cross-domain-policy.dtd">..<cross-domain-polic
y>..<allow-access-from domain="*"/>..<allow-http-request-h
eaders-from domain="*" headers="*"/>..</cross-domain-policy><
/font>....


GET / HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: VVV.yy.com
Connection: Keep-Alive
Cookie: hiido_ui=0.20794194939660737; hdjs_ui=0.9037752212777944; hdjs_session_id=0.4215254752462996; hdjs_session_time=1465062550068


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:49:02 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 04 Jun 2016 17:49:01 GMT
Content-Encoding: gzip
5f77..............{s...7.wN...t|......._ra?....x...xK.v.dIX.u....VN..f
[email protected].~...$......._..h.M.......5.k.z...W....b...N..|>...
......x.......?...x ....)....~_7.......|[email protected]*..7.2..
@)... Y(wO.R.R|"..H..']i...0....O.....8.I.$.....S..}...2...&Z|8..O.Z..
.*..$'z.3..xA{X..xOw..3...t....;..[.A|j...^.H.\.o.A.f..=........3...4.
.I*9....S*[email protected]..$g...>..?U...$@ ........}s..nN~..(e.yP../....&g
t;.|........(.f..8.z....z>.O.?..........4.T..[..K.f#>..f..\f"...
I..............3..l.k..a>..R;....../..................#../........g
.{..O..G...'.L..U2%.n......<-,.....6......GO.....?k..."............
...G....r.`..b..5Ph...x~..6......g.......J..'.].V..r....tf2]_|$,...,..
.j........m.. .}......Tj~.XJ.u."..A......._.....O.k/./.....%..........
.....h.....]J.i.R..s.r:....m0..r9...1..J....B(..P......&YF.eQ..24..D19
.....^...W,...\S!s., .8.#........#J.me..L9...`D>..._.m.......9.h}..
G[........b...........K.|....&......>.....)0h`../=......T~".Tp.7.^g
*.t.#...#k.....M...J.$.."......J)m:Q...r..I0..k..w?0.7.......%...v.4..
>.....g..r|`./@.C.....8.~..(....&.}.....t&.L.>..S.l..."......E..
.p2.?.....O.2....$..Rw>^..]..:.4Q.. ..i.*?......a. ...0U.~Zj.=.|.R?
q..|...Xuc..|@Xz.8.!<..p^X=............Xo...g............i.}:z..T.P
...cY...bq2..I..&..`%.. .....D.8[N..`b....A....$d...\..>...Y.......
..q.;...)X.....J............r.....n......3 2e...gE6..d...W..z?....;...
}...V.EpV......M.Kb.b..]0....P.[...^..x......'r.....x........T...vl...
y.'.....7.V.9.[.Ta..L......m.t.9.3d.....|...z.Q.v.._6.....Q...!d..
<<< skipped >>>


GET /j.gif?act=webstat&ht=VVV.yy.com&siteid=www@yy&speid=&ui=0.9037752212777944&sc=1276.846&cl=32-bit&pcmb=1&os=win|xp&bs=ie6&mb=&se=&wd=&rfh=&rf=&sns=&fl=-1&ln=&ja=1&ck=1&ot=<=7406&xy=&ext=&v=v0.8.0&pl=http://VVV.yy.com/136724&hsid=0.4559120123177925&io=0&ut=1465062596114&rnd=0.90377522127779441465062596114 HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /live/detail?uid=0&sid=86415000&ssid=86415000&_=1465062569880 HTTP/1.1
x-requested-with: XMLHttpRequest
Accept-Language: en-us
Referer: hXXp://VVV.yy.com/210075
Accept: application/json, text/javascript, */*; q=0.01
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: VVV.yy.com
Connection: Keep-Alive
Cookie: Hm_lpvt_c493393610cdccbddc1f124d567e36ab=1465062564; hiido_ui=0.20794194939660737; Hm_lvt_c493393610cdccbddc1f124d567e36ab=1465062552,1465062557; hdjs_session_id=0.4215254752462996; hdjs_session_time=1465062555755; hdjs_ui=0.9037752212777944; playerConfig={"danmu":true,"bright":0.5,"vol":0.5,"quality":-1}


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:49:20 GMT
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
90............U....0.@.%..*....'.._..j.i3.d0..][..S....a.I..d,....YC;.
xS8.y.o7;.2J./..Q..@?..F....=....%....W.c......3.Z.I.*....#.<......
ey.c..!......0..HTTP/1.1 200 OK..Server: nginx..Date: Sat, 04 Jun 2016
 17:49:20 GMT..Content-Type: application/json;charset=UTF-8..Transfer-
Encoding: chunked..Connection: keep-alive..Content-Encoding: gzip..90.
...........U....0.@.%..*....'.._..j.i3.d0..][..S....a.I..d,....YC;.xS8
.y.o7;.2J./..Q..@?..F....=....%....W.c......3.Z.I.*....#.<......ey.
c..!......0......



GET /MTMyYjhhMzYtODhjNS00MmJhLTk1M2ItNzBkY2YzYzVhMGMy.jpg HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: emyfs.bs2dl.yy.com
Connection: Keep-Alive
Cookie: hiido_ui=0.20794194939660737; Hm_lvt_c493393610cdccbddc1f124d567e36ab=1465062552; Hm_lpvt_c493393610cdccbddc1f124d567e36ab=1465062552


HTTP/1.1 200 OK
Expires: Sun, 05 Jun 2016 15:41:46 GMT
Date: Sat, 04 Jun 2016 15:41:46 GMT
Server: openresty
Content-Type: image/jpeg
Content-Length: 89379
Accept-Ranges: bytes
Last-Modified: Mon, 11 Apr 2016 13:02:36 GMT
ETag: "a86d9c65b9ba49b3c8dc404f47732b8cba6c147b"
Cache-Control: public,max-age=86400
Age: 1
X-Via: 1.1 db77:10 (Cdn Cache Server V2.0)
Connection: keep-alive
......Exif..II*.................Ducky.......Z.....rhXXp://ns.adobe.com
/xap/1.0/.<?xpacket begin="..." id="W5M0MpCehiHzreSzNTczkc9d"?> 
<x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.5-c01
4 79.151481, 2013/03/13-12:09:15        "> <rdf:RDF xmlns:rdf="h
ttp://VVV.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rd
f:about="" xmlns:xmpMM="hXXp://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="
hXXp://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="hXXp://ns.a
dobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:6485cec2-0243-2b4
8-897b-0b3dba5053ab" xmpMM:DocumentID="xmp.did:9760FCEEFFD911E5807FC6C
95B321D1B" xmpMM:InstanceID="xmp.iid:9760FCEDFFD911E5807FC6C95B321D1B"
 xmp:CreatorTool="Adobe Photoshop CC (Windows)"> <xmpMM:DerivedF
rom stRef:instanceID="xmp.iid:69BCA10DFBE911E59B49D42FCEB84E2E" stRef:
documentID="xmp.did:69BCA10EFBE911E59B49D42FCEB84E2E"/> </rdf:De
scription> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"
?>....Adobe.d......................................................
......................................................................
.....................B.b..............................................
..................................................!1..A..Qa"2.q.....B#
345.Rb.6....S$7...r.CcTd....D%EUW8.9e.s....t.&VfwX....................
.!..1A..Qa.q."....2B....R#3...br...C$4.S....5.sc.D%6.............?....
^N.l....W.....n._...j.Q...\R?.... n..,......A$P.- ...'n....Qr..M.x.r..
..V.....2.......-PIh.-..H.!....B.........*........n.....`vwj....C.
<<< skipped >>>


GET /j.gif?act=webevent&eventid=10008953&value=1&sys=3&uid=0&ui=0.20794194939660737&act_type=201&source=0_0&time=1465062565&username= HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /j.gif?act=webevent&eventid=10008953&value=1&sys=3&uid=0&ui=0.20794194939660737&act_type=201&source=0_0&time=1465062589&username= HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /hm.js?c493393610cdccbddc1f124d567e36ab HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: hm.baidu.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 8796
Content-Type: application/javascript
Date: Sat, 04 Jun 2016 17:49:02 GMT
Etag: a6182c7abd554fdec141e481c8a3b5e5
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=2471AC07D3DEDADC; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
...............(function(){var h={},mt={},c={id:"c493393610cdccbddc1f1
24d567e36ab",dm:["yy.com"],js:"tongji.baidu.com/hm-web/js/",etrk:[],ic
on:'',ctrk:false,align:-1,nv:-1,vdur:1800000,age:31536000000,rec:0,rp:
[],trust:0,vcard:0,qiao:0,lxb:0,conv:0,med:0,cvcc:'',cvcf:[],apps:''};
.;.{......p..`5........l.]....X..I..l...c..IZ...wF.CN...{.....3....d.&
lt;5R.LB.....wi..E...;.9.....[.....,..a.....~H'.s..V.....Ij/2.>..8'
j........[..e..../6..k1~z;.......%.4.Oc.F.g5.F..../..D..*..x<^...f.
].M.....(...Pv..bvhd.Xa......U......T..^.~>.l..m..........GK&DI.D..
.kN..`2.UlAQ.Uov&r.,b/.......Y/A.|'..m.,`.X.Ox......3a...h.6L#..dV .m.
.m.m. ..........eg.4.N..|...)....}....0....v......<...EJ...8-..".&v
n..#....:.."..S.e....A.6.l..;..b9.{.$......7B.|x6...GZ......X.j1P.4...
....3.eox..d.$..2.6..|..k.... ..[RX.....j.....~{7......9...g.1....S4..
#Kb..F.......`.s.g....9H.....T0..D<.'.{%...&...Yd..@.."O..{...8....
$.,3.A.R.x.M,....J.....)...Q[. ` .....Z...?]B....[,....UMK.,Y..L.|...u
....p_.&.tE.D....9.&r%...t.Kf.H..d.i....&.....b...Xf..I.N.&`...&...-.Y
C...P.......%0.e..%_.....!..!ShaU..D0.........&...K.pJt.....H..V......
)(}.d...Z.d...*.Z~......T;... [email protected]}3...50.T
G....#..`K.|....~......,..c......E.4.|gp..a!^..w<Z.......Fh....(l*.
.ge.....i..,Y....I..`."5.3i.....F.........n......:*t.`..QL.<...v...
.ge..!.9...yt..@....`I......E.k._.'..(A...].0.........n... .......n!k.
..>...(x..Fnm....n...7.l...e3.f ..6S.LM.8..on...y#;....f.....F..#..
......".E..p......GM..3W....f..8.!. .b.>.c....J.......7I"..j...
<<< skipped >>>

GET /hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&et=0&fl=11.6&ja=1&ln=en-us&lo=0&nv=1&rnd=646224961&si=c493393610cdccbddc1f124d567e36ab&st=1&v=1.1.26&lv=1&tt=[K歌]花樣年華〆娱乐休闲会所 我的电脑会唱歌,叫醒你的耳朵~-正在直播-中国领先的直播网站 HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: hm.baidu.com
Connection: Keep-Alive
Cookie: HMACCOUNT=45C9319AF5C9C37A


HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Jun 2016 17:49:03 GMT
Pragma: no-cache
Server: apache
X-Content-Type-Options: nosniff
GIF89a.............!.......,...........L..;HTTP/1.1 200 OK..Cache-Cont
rol: private, max-age=0, no-cache..Content-Length: 43..Content-Type: i
mage/gif..Date: Sat, 04 Jun 2016 17:49:03 GMT..Pragma: no-cache..Serve
r: apache..X-Content-Type-Options: nosniff..GIF89a.............!......
.,...........L..;....


GET /hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&ep=2719,2719&et=3&fl=11.6&ja=1&ln=en-us&lo=0&nv=0&rnd=510011058&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=1 HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: hm.baidu.com
Connection: Keep-Alive
Cookie: HMACCOUNT=45C9319AF5C9C37A


HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Jun 2016 17:49:05 GMT
Pragma: no-cache
Server: apache
X-Content-Type-Options: nosniff
GIF89a.............!.......,...........L..;HTTP/1.1 200 OK..Cache-Cont
rol: private, max-age=0, no-cache..Content-Length: 43..Content-Type: i
mage/gif..Date: Sat, 04 Jun 2016 17:49:05 GMT..Pragma: no-cache..Serve
r: apache..X-Content-Type-Options: nosniff..GIF89a.............!......
.,...........L..;....


GET /hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&et=0&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062552&nv=0&rnd=389553210&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2&tt=[K歌]花樣年華〆娱乐休闲会所 我的电脑会唱歌,叫醒你的耳朵~-正在直播-中国领先的直播网站 HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: hm.baidu.com
Connection: Keep-Alive
Cookie: HMACCOUNT=45C9319AF5C9C37A


HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Jun 2016 17:49:06 GMT
Pragma: no-cache
Server: apache
X-Content-Type-Options: nosniff
GIF89a.............!.......,...........L..;HTTP/1.1 200 OK..Cache-Cont
rol: private, max-age=0, no-cache..Content-Length: 43..Content-Type: i
mage/gif..Date: Sat, 04 Jun 2016 17:49:06 GMT..Pragma: no-cache..Serve
r: apache..X-Content-Type-Options: nosniff..GIF89a.............!......
.,...........L..;....


GET /hm.js?c493393610cdccbddc1f124d567e36ab HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: hm.baidu.com
Connection: Keep-Alive
Cookie: HMACCOUNT=45C9319AF5C9C37A


HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 8796
Content-Type: application/javascript
Date: Sat, 04 Jun 2016 17:49:13 GMT
Etag: a6182c7abd554fdec141e481c8a3b5e5
Server: apache
...............(function(){var h={},mt={},c={id:"c493393610cdccbddc1f1
24d567e36ab",dm:["yy.com"],js:"tongji.baidu.com/hm-web/js/",etrk:[],ic
on:'',ctrk:false,align:-1,nv:-1,vdur:1800000,age:31536000000,rec:0,rp:
[],trust:0,vcard:0,qiao:0,lxb:0,conv:0,med:0,cvcc:'',cvcf:[],apps:''};
.;.{......p..`5........l.]....X..I..l...c..IZ...wF.CN...{.....3....d.&
lt;5R.LB.....wi..E...;.9.....[.....,..a.....~H'.s..V.....Ij/2.>..8'
j........[..e..../6..k1~z;.......%.4.Oc.F.g5.F..../..D..*..x<^...f.
].M.....(...Pv..bvhd.Xa......U......T..^.~>.l..m..........GK&DI.D..
.kN..`2.UlAQ.Uov&r.,b/.......Y/A.|'..m.,`.X.Ox......3a...h.6L#..dV .m.
.m.m. ..........eg.4.N..|...)....}....0....v......<...EJ...8-..".&v
n..#....:.."..S.e....A.6.l..;..b9.{.$......7B.|x6...GZ......X.j1P.4...
....3.eox..d.$..2.6..|..k.... ..[RX.....j.....~{7......9...g.1....S4..
#Kb..F.......`.s.g....9H.....T0..D<.'.{%...&...Yd..@.."O..{...8....
$.,3.A.R.x.M,....J.....)...Q[. ` .....Z...?]B....[,....UMK.,Y..L.|...u
....p_.&.tE.D....9.&r%...t.Kf.H..d.i....&.....b...Xf..I.N.&`...&...-.Y
C...P.......%0.e..%_.....!..!ShaU..D0.........&...K.pJt.....H..V......
)(}.d...Z.d...*.Z~......T;... [email protected]}3...50.T
G....#..`K.|....~......,..c......E.4.|gp..a!^..w<Z.......Fh....(l*.
.ge.....i..,Y....I..`."5.3i.....F.........n......:*t.`..QL.<...v...
.ge..!.9...yt..@....`I......E.k._.'..(A...].0.........n... .......n!k.
..>...(x..Fnm....n...7.l...e3.f ..6S.LM.8..on...y#;....f.....F..#..
......".E..p......GM..3W....f..8.!. .b.>.c....J.......7I"..j...
<<< skipped >>>

GET /hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&ep=7015,7015&et=3&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=175963089&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2 HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: hm.baidu.com
Connection: Keep-Alive
Cookie: HMACCOUNT=45C9319AF5C9C37A


HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Jun 2016 17:49:21 GMT
Pragma: no-cache
Server: apache
X-Content-Type-Options: nosniff
GIF89a.............!.......,...........L..;HTTP/1.1 200 OK..Cache-Cont
rol: private, max-age=0, no-cache..Content-Length: 43..Content-Type: i
mage/gif..Date: Sat, 04 Jun 2016 17:49:21 GMT..Pragma: no-cache..Serve
r: apache..X-Content-Type-Options: nosniff..GIF89a.............!......
.,...........L..;....


GET /hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&et=0&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=385932941&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2&tt=[K歌]花樣年華〆娱乐休闲会所 我的电脑会唱歌,叫醒你的耳朵~-正在直播-中国领先的直播网站 HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: hm.baidu.com
Connection: Keep-Alive
Cookie: HMACCOUNT=45C9319AF5C9C37A


HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Jun 2016 17:49:21 GMT
Pragma: no-cache
Server: apache
X-Content-Type-Options: nosniff
GIF89a.............!.......,...........L..;HTTP/1.1 200 OK..Cache-Cont
rol: private, max-age=0, no-cache..Content-Length: 43..Content-Type: i
mage/gif..Date: Sat, 04 Jun 2016 17:49:21 GMT..Pragma: no-cache..Serve
r: apache..X-Content-Type-Options: nosniff..GIF89a.............!......
.,...........L..;....


GET /hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&et=0&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=1100045455&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2&tt=[K歌]花樣年華〆娱乐休闲会所 我的电脑会唱歌,叫醒你的耳朵~-正在直播-中国领先的直播网站 HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: hm.baidu.com
Connection: Keep-Alive
Cookie: HMACCOUNT=45C9319AF5C9C37A


HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Jun 2016 17:49:31 GMT
Pragma: no-cache
Server: apache
X-Content-Type-Options: nosniff
GIF89a.............!.......,...........L..;HTTP/1.1 200 OK..Cache-Cont
rol: private, max-age=0, no-cache..Content-Length: 43..Content-Type: i
mage/gif..Date: Sat, 04 Jun 2016 17:49:31 GMT..Pragma: no-cache..Serve
r: apache..X-Content-Type-Options: nosniff..GIF89a.............!......
.,...........L..;....


GET /hm.js?c493393610cdccbddc1f124d567e36ab HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: hm.baidu.com
Connection: Keep-Alive
Cookie: HMACCOUNT=45C9319AF5C9C37A


HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 8796
Content-Type: application/javascript
Date: Sat, 04 Jun 2016 17:49:37 GMT
Etag: a6182c7abd554fdec141e481c8a3b5e5
Server: apache
...............(function(){var h={},mt={},c={id:"c493393610cdccbddc1f1
24d567e36ab",dm:["yy.com"],js:"tongji.baidu.com/hm-web/js/",etrk:[],ic
on:'',ctrk:false,align:-1,nv:-1,vdur:1800000,age:31536000000,rec:0,rp:
[],trust:0,vcard:0,qiao:0,lxb:0,conv:0,med:0,cvcc:'',cvcf:[],apps:''};
.;.{......p..`5........l.]....X..I..l...c..IZ...wF.CN...{.....3....d.&
lt;5R.LB.....wi..E...;.9.....[.....,..a.....~H'.s..V.....Ij/2.>..8'
j........[..e..../6..k1~z;.......%.4.Oc.F.g5.F..../..D..*..x<^...f.
].M.....(...Pv..bvhd.Xa......U......T..^.~>.l..m..........GK&DI.D..
.kN..`2.UlAQ.Uov&r.,b/.......Y/A.|'..m.,`.X.Ox......3a...h.6L#..dV .m.
.m.m. ..........eg.4.N..|...)....}....0....v......<...EJ...8-..".&v
n..#....:.."..S.e....A.6.l..;..b9.{.$......7B.|x6...GZ......X.j1P.4...
....3.eox..d.$..2.6..|..k.... ..[RX.....j.....~{7......9...g.1....S4..
#Kb..F.......`.s.g....9H.....T0..D<.'.{%...&...Yd..@.."O..{...8....
$.,3.A.R.x.M,....J.....)...Q[. ` .....Z...?]B....[,....UMK.,Y..L.|...u
....p_.&.tE.D....9.&r%...t.Kf.H..d.i....&.....b...Xf..I.N.&`...&...-.Y
C...P.......%0.e..%_.....!..!ShaU..D0.........&...K.pJt.....H..V......
)(}.d...Z.d...*.Z~......T;... [email protected]}3...50.T
G....#..`K.|....~......,..c......E.4.|gp..a!^..w<Z.......Fh....(l*.
.ge.....i..,Y....I..`."5.3i.....F.........n......:*t.`..QL.<...v...
.ge..!.9...yt..@....`I......E.k._.'..(A...].0.........n... .......n!k.
..>...(x..Fnm....n...7.l...e3.f ..6S.LM.8..on...y#;....f.....F..#..
......".E..p......GM..3W....f..8.!. .b.>.c....J.......7I"..j...
<<< skipped >>>

GET /hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&ep=7062,31&et=3&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=1023115031&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2 HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: hm.baidu.com
Connection: Keep-Alive
Cookie: HMACCOUNT=45C9319AF5C9C37A


HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Jun 2016 17:49:45 GMT
Pragma: no-cache
Server: apache
X-Content-Type-Options: nosniff
GIF89a.............!.......,...........L..;HTTP/1.1 200 OK..Cache-Cont
rol: private, max-age=0, no-cache..Content-Length: 43..Content-Type: i
mage/gif..Date: Sat, 04 Jun 2016 17:49:45 GMT..Pragma: no-cache..Serve
r: apache..X-Content-Type-Options: nosniff..GIF89a.............!......
.,...........L..;....


GET /hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&et=0&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=336900312&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2&tt=[K歌]花樣年華〆娱乐休闲会所 我的电脑会唱歌,叫醒你的耳朵~-正在直播-中国领先的直播网站 HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: hm.baidu.com
Connection: Keep-Alive
Cookie: HMACCOUNT=45C9319AF5C9C37A


HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Jun 2016 17:49:46 GMT
Pragma: no-cache
Server: apache
X-Content-Type-Options: nosniff
GIF89a.............!.......,...........L..;HTTP/1.1 200 OK..Cache-Cont
rol: private, max-age=0, no-cache..Content-Length: 43..Content-Type: i
mage/gif..Date: Sat, 04 Jun 2016 17:49:46 GMT..Pragma: no-cache..Serve
r: apache..X-Content-Type-Options: nosniff..GIF89a.............!......
.,...........L..;....



GET /j.gif?act=web&zd=www@yy|&ui=0.20794194939660737&sp=0&fl=11&sl=0&ss=2&bs=6&mb=0&nw=0&fd=0&hiido=0&sn=0&ls=0&ut=1465062548583&wd=0&passport=&sns=null&pcmb=1&pl=http://VVV.yy.com/136724&v=T20160526.01&rnd=0.207941949396607371465062548583 HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410000058; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /cm.gif?url=http://cms.tanx.com/t.gif?tanx_nid=109887427&tanx_cm&domain=yy.com&hiido_ui=0.20794194939660737&time=1465062548&zds=www@yy|&hi_cmui=buCLmnR1GIMVgMVaX93GCw==&hi_cmuiv=0.6 HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: log.mmstat.com
Connection: Keep-Alive


HTTP/1.1 302 Found
Server: Tengine
Date: Sat, 04 Jun 2016 17:49:04 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
P3P: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
Set-Cookie: cna=kALaD6m0UlUCAcLyYNpLlIs0; expires=Tue, 02-Jun-26 17:49:04 GMT; path=/; domain=.mmstat.com
Location: hXXp://cms.tanx.com/t.gif?tanx_nid=109887427&tanx_cm&domain=yy.com&hiido_ui=0.20794194939660737&time=1465062548&zds=www@yy|&hi_cmui=buCLmnR1GIMVgMVaX93GCw==&hi_cmuiv=0.6&cna=kALaD6m0UlUCAcLyYNpLlIs0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Pragma: no-cache
GIF89a.............!.......,...........L..;HTTP/1.1 302 Found..Server:
 Tengine..Date: Sat, 04 Jun 2016 17:49:04 GMT..Content-Type: image/gif
..Content-Length: 43..Connection: keep-alive..P3P: CP="NOI DSP COR CUR
a ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"..Set-Cookie: cna=kALaD6m0Ul
UCAcLyYNpLlIs0; expires=Tue, 02-Jun-26 17:49:04 GMT; path=/; domain=.m
mstat.com..Location: hXXp://cms.tanx.com/t.gif?tanx_nid=109887427&tanx
_cm&domain=yy.com&hiido_ui=0.20794194939660737&time=1465062548&zds=www
@yy|&hi_cmui=buCLmnR1GIMVgMVaX93GCw==&hi_cmuiv=0.6&cna=kALaD6m0UlUCAcL
yYNpLlIs0..Expires: Thu, 01 Jan 1970 00:00:01 GMT..Cache-Control: no-c
ache..Pragma: no-cache..GIF89a.............!.......,...........L..;..



GET /r/sc/yycomscene/defaultScene/1/76/controlBar.swf HTTP/1.1
Accept: */*
Accept-Language: en-US
Referer: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=72578111&subSid=72578111&newtuna=1&referer=http:/%2
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: c2.web.yystatic.com
Connection: Keep-Alive
Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b; hiido_ui=0.57246662237330648


HTTP/1.1 200 OK
Content-Length: 29646
Content-Type: application/x-shockwave-flash;charset=UTF-8
Last-Modified: Sat,05-Dec-15 05:49:22 GMT
Via: 1.1 db79:7002 (Cdn Cache Server V2.0)
Connection: close
CWS._...x..].x.....z{[email protected].`C".!..L3.A..]..p...... ......H...(.HG..
T...;.{.%..y.y|...S.....=....9.L?..H....8......q..Y.Q..M#:...]Q..W....
.U.n...#;...p.....a...^....u......6w.cwU...U.kuY..|..a..as....^..z.Y..
J......,K]k.5.jw........,Q..g.......k..iuu;.q.uX.u4w....5..6.[...q....
..Y.LkD.\k..7#.....Z..9......i..#-....NGV..m.FU..w.ZE~Af.....l\`ogwt..
Q.K.X.V..Q2.'.....9...k..$.V.fm4...........x.^...f..FuK.....l.....4.b.
..?..(`.e@.'....5u...c.w.c.v........W..".T...u:...].........s..v..o.m.
.B......[^Y.i.g....."..U..Q?....^....c,.{O...............W........F...
...7./...vq.....:g.\...5?-......G..\.~r.Pk].U..'..j...o.n>.z4..|...
...{\.....k-..c.[.}.....l......z,.q..c..w".8.n.|...k....'...y.n\xq.k}[
|....n.W...._x.........!......#....X.s.R.7.....u......C.U.i<,s..Z..
x...7n...y..{...A.S^{.0..iON..=B...l.....G.5o~...ZG....i.......V....w.
....u...9....!.....Zqv...H...~.It....y.W4..3.........;b..).. i...={5.Z
..[....?o....j.u]o.|_.....>!.&..*..u.O..w.g.mQ..`..M..y...-.v7..S..
..R...].w..keM!c..4^Y..F.u/N..p...F.....o`.g.ux .X....z..g....../..%t.
cr.[[..5.......6...<6t6....(.....'.]y.................z]..W........
..-X..u.....m.......]..o_...V=.L8>..o.~.|o....]k.8.d.O.vt...t......
U'..d{.F..[k].b...~8....'.o.<1....7..........$?...}>..._..5.x.Z.
F..Fv..3.B..a[n6..ey.....^8.Oh.[...1.-.so.._.......57y.....z.M%..j?l..
.............Sax......P..3T..5...;z.oc?...~.......h.~:..So}.....>_.
<z....o..^.....d...Z,.. /lG..E..S.......[..{.W..o..k....j.~..g{.Y.I
..[.~4b...k.}.m.1uMA..&ml....krN.[{..... \\p...7b.m]~..o/}7.pR...]
<<< skipped >>>


GET /j.gif?act=webevent&eventid=10008953&value=1&sys=3&uid=0&ui=0.20794194939660737&act_type=201&source=0_0&time=1465062563&username= HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /j.gif?act=webstat&ht=VVV.yy.com&siteid=www@yy&speid=&ui=0.9037752212777944&sc=1276.846&cl=32-bit&pcmb=1&os=win|xp&bs=ie6&mb=&se=&wd=&rfh=&rf=&sns=&fl=-1&ln=&ja=1&ck=1&ot=<=&xy=&ext=&v=v0.8.0&pl=http://VVV.yy.com/136724&hsid=0.4559120123177925&io=1&ut=1465062588630&rnd=0.90377522127779441465062588630 HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /j.gif?act=webevent&eventid=10008953&value=1&sys=3&uid=0&ui=0.20794194939660737&sid=72578111&act_type=1&source=0_0&bak1=0_0&parm1=0&time=1465062581&username= HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /crossdomain.xml HTTP/1.1
Accept: */*
Accept-Language: en-US
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: 87.245.198.80
Connection: Keep-Alive


HTTP/1.0 200 OK
Content-Type: text/xml
Connection: close
<?xml version="1.0"?>.<!DOCTYPE cross-domain-policy SYSTEM "h
ttp://VVV.macromedia.com/xml/dtds/cross-domain-policy.dtd">.<cro
ss-domain-policy>.<allow-access-from domain="*" />.</cross
-domain-policy>...



GET /j.gif?act=webevent&eventid=10008953&value=1&sys=3&uid=0&ui=0.20794194939660737&act_type=201&source=0_0&time=1465062597&username= HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /j.gif?act=webstat&ht=VVV.yy.com&siteid=www@yy&speid=&ui=0.9037752212777944&sc=1276.846&cl=32-bit&pcmb=1&os=win|xp&bs=ie6&mb=&se=&wd=&rfh=&rf=&sns=&fl=-1&ln=&ja=1&ck=1&ot=<=&xy=&ext=&v=v0.8.0&pl=http://VVV.yy.com/210075&hsid=0.4215254752462996&io=1&ut=1465062587536&rnd=0.90377522127779441465062587536 HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /r/rc/yycomscene/core/1/19/core.bmp HTTP/1.1
Accept: */*
Accept-Language: en-US
Referer: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=86415000&subSid=86415000&newtuna=1&referer=http:/%2
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: c2.web.yystatic.com
Connection: Keep-Alive
Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b; hiido_ui=0.57246662237330648


HTTP/1.0 302 Found
Cache-Control: no-cache
Connection: close
Location: hXXp://87.245.198.80/c2.web.yystatic.com/r/rc/yycomscene/core/1/19/core.bmp?wsiphost=local



GET /j.gif?act=webstat&ht=VVV.yy.com&siteid=www@yy&speid=&ui=0.9037752212777944&sc=1276.846&cl=32-bit&pcmb=1&os=win|xp&bs=ie6&mb=&se=&wd=&rfh=&rf=&sns=&fl=-1&ln=&ja=1&ck=1&ot=<=&xy=&ext=&v=v0.8.0&pl=http://VVV.yy.com/210075&hsid=0.4215254752462996&io=1&ut=1465062595646&rnd=0.90377522127779441465062595646 HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /t.gif?tanx_nid=109887427&tanx_cm&domain=yy.com&hiido_ui=0.20794194939660737&time=1465062548&zds=www@yy|&hi_cmui=buCLmnR1GIMVgMVaX93GCw==&hi_cmuiv=0.6&cna=kALaD7rWWhICAcLyYNokUOf8 HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: cms.tanx.com
Connection: Keep-Alive


HTTP/1.1 302 Found
Date: Sat, 04 Jun 2016 17:49:04 GMT
Content-Type: image/gif
Content-Length: 49
Connection: close
Server: Tengine
P3P: CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV"
Set-Cookie: cna=kALaD7rWWhICAcLyYNokUOf8; expires=Tue, 02-Jun-26 17:49:04 GMT; path=/; domain=tanx.com
Location: hXXp://cm.hiido.cn/cm/adx/tanx?tanx_ver=1&domain=yy.com&hiido_ui=0.20794194939660737&time=1465062548&zds=www@yy|&hi_cmui=buCLmnR1GIMVgMVaX93GCw==&hi_cmuiv=0.6&tanx_tid=mh7AnrnlrII=
Timing-Allow-Origin: *
GIF89a...................!.......,...........T..;..



GET /c2.web.yystatic.com/r/rc/yycomscene/core/1/19/core.bmp?wsiphost=local HTTP/1.1
Accept: */*
Accept-Language: en-US
Referer: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=72578111&subSid=72578111&newtuna=1&referer=http:/%2
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Connection: Keep-Alive
Host: 87.245.198.80


HTTP/1.1 200 OK
Content-Length: 312077
Content-Type: text/html;charset=UTF-8
Last-Modified: Sat,05-Dec-15 05:49:09 GMT
Age: 1
Via: 1.1 db80:9005 (Cdn Cache Server V2.0)
Connection: keep-alive
......)}!.C"k..u....rC..R(/.9.....{.K.B......i'...1...b.....Y.,..5...V
........K.......2.YI"Gd.r.Xt..a...r_.l. 9.K4.......4..E..*p.3:E.P.x\%.
>H.(n.E.....6R0..XA{.......-..........W.N.DC.................>,.
&H.D.^.o....bN.f......t)...J..k...nI...u..C(.......%$......_%S.7.si...
^.)...f./.AK....oY.......j...........@./.....A..........1.."..b...G...
.^.. f_.#....CB.iC..C....G.-..$./.A.A....q].lWA.EM?.D.".Q[..0.Y.v.#v..
s....J....O.~mF.`V.....%...mat.W.`J.....o..lp.G....<>.I...W...X.
e#.........]..1....P?..] x(.j.g .L.D......X.yhx..."]...u...|bH..m....Z
$'.XN.$........8u.N.ib.`5.k...7.W..T...V..hA..o_n.5...]<....~..C^(.
.S.(..E.a:vnXUx....j.O;._?^N...Q.....=le[.t*.=K..fd.ab.6Y>.a.Rk.?..
..Y.....rl.7R.Lv}..3..r.v....b.h....}.xT.L...L.x3.TcT\....H....8....2.
..T........;.=.,...M"ek...h....-.E.ys.gRq...{.!MYj...a^y!^..../.\.P~oX
...W........Fmv.w....D...;....qh7..tl.h[1..=.cm.e.Y<.o].......<.
.X...a.......H}.YS.;......NWg.f B.O"QQ....W.Z.!.x..(J.-%.7O.......W.' 
&....9e....l"Ag.....R...X.. f.N=`...........3.?-_..8...J>m.\....?.e
[email protected]..$7.4V..........@[email protected]*...(.Y..i..=. e.._.
.0.W..V...g.Z....o.8*Ku.._.....b.q....T.k...r....LQp..k/....;M.V.....D
Wx...&.!.^f......b....<....FH..o........l...=..y.Q.x.ML..W"(..i....
...%[email protected];............|..P,.6`|.d...)./...T..Ct}.!..R.w....g.....
.,.e...m.@e G....n..?..M....(.K].8i..l..<...b..n.........K....h_;..
?.>._`.T.y..M6.Y..\....X.....\......x...#}ju..t...w.M..[.b7.8..L.J.
..6......X)..sp...T.7? ........g..s...=?.  4v...yO......1t.D.q>
<<< skipped >>>


GET /pc/images/components/w-liveplayerToolBar/images/w-liveplayerToolBar-sprite.png?201605261526 HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: yyweb.yystatic.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Expires: Fri, 10 Jun 2016 12:20:01 GMT
Date: Fri, 03 Jun 2016 12:20:01 GMT
Server: nginx
Content-Type: image/png
Content-Length: 13160
Last-Modified: Fri, 03 Jun 2016 06:47:12 GMT
ETag: "575127f0-3368"
Cache-Control: max-age=604800
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 db77:1 (Cdn Cache Server V2.0)
Connection: keep-alive
.PNG........IHDR.............5.J...3/IDATx....|T...#.V.V_.......[..A@.
k.VmA.b}..k[.[U...V..[.A(.P....Wdqa..Xe.....I $..$.d&3...<...f2..w.
L.N...:..{.<.w....<..'.&........"..$...mce[[.....&M...Er.j..L..n
jC7..7.~W&2.9..%..{...=..v...k.5..7..?.."o"..:.^d6.3p{..w0r...52`.;..6
./..LO_5.\.\.,.l........&P.G"..F........U...F?U....g...4 .t.....d8.=..
.k....T.ed./.k..9.......X..Wns....d0........"..m..]..H9.g...]....r.M..
.....Q.#[email protected]... ....'H1..$..6./.Z..%..O;.`.l...!......^?.d.....q."}.A.
.ZH.-..q1. nG..'[email protected]....#.k..0....6..X...~C......
w|2.z......#.J......#...LN..W..e^,..)."..m.."dt.,[email protected].%v........{.AR
........>........#..G..@..(.......<Z...M......~..A.y....z.......
..>.].^..............#..../l...W..i_......K[}.R........'.T!...3'.c.
.s..*..M....o..q...y\..G...jl<....K.........O.._.P.s..M..k.$..ar...
t.Z.F.Kc....6...8E...d.~....d0a%1&.&....f.V.#..H.R.=.=A...g.^.7..x7.].
^..N......?.'.G.&....]....'-.(..;......>>'o....V.A..........Ad7.
L...\....m.JvA.m.H1.=........B.l....%...I75Y.W.,.P{...s.R.{.|F.#.....2
...D..........>.F.,....~...Y.........7..............m .dY..."..<
..~.R.o.3H..wd......F..L.)P.l.\.A....4....{..yr..d..Pbn7./\[..........
..m%.........o.r..r....,.e...,n.....V.......7.z0...B..f.....r.?..~....
[email protected]`.......R9..C...C..P......'..\..V.K'......)
. Q...s.............r....I...o=.zT..u..t...........(..9..Q\$d...77.#..
|]...PkCA..| rO....#7J.>).]....g.".,Q. =x;.M..<..v..r...XN!}.xs.
..q.k.W.z..s.or....*........JL..]....XN...6B .;..}..o*..h..2Cdq..!
<<< skipped >>>

GET /pc/images/default_load.png HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: yyweb.yystatic.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Expires: Fri, 10 Jun 2016 15:44:05 GMT
Date: Fri, 03 Jun 2016 15:44:05 GMT
Server: nginx
Content-Type: image/png
Content-Length: 4183
Last-Modified: Tue, 31 May 2016 13:48:30 GMT
ETag: "574d962e-1057"
Cache-Control: max-age=604800
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 fuzhou186:8108 (Cdn Cache Server V2.0), 1.1 db78:4 (Cdn Cache Server V2.0)
Connection: keep-alive
.PNG........IHDR...<...<.....:..r....IDATh...M.....5...kz>...
.q=.{.Q.$&...~J.!O.....P 'v.(.I..<..%^....<.A.0......^.Vk...umk]
......J......|...JU......{..j.......Y_..U^....<.{..?%.hd=3.c=G..t..
O..u.H.........uQJ...{...,. ...,.....~...<:......^......C..C.G.(bWd
. ~..............9.g.....p..R.K...F.[/|<....7...|.....^9.....'.....
..........}...u..W...c.....sD.;"......f".......n.i......0.?..w..;.....
A...s........k......g.w.../...H(.SJ.d...8.......h......./....=[.C[8.@.
.......8p...o.{.zg./.X.q.....d....Rr.#f..*...w;`...E......^.b..S.1.D..
..}..../..=.N...s.4.u...:..r.....o.... %.*_.. ....=....cW, |o`g9e.;M..
.....[....Wn.p.E.....DA....."....s'...8.6..Cb.(*...H..Ei....X..?....Nq
.....78P3..r....u.A...`...TMD..X..... i'U....`....e....8.m........S7.'
..........I........o8Yj...L..........Z..i.k.f.c.{z.!#.#&.VK...A.A...J.
7.7..{..&...zL.8..c..p..........~LX^...M...f.V..I.....w...`j.cJ.....a9
.B.............e%pm.N........]........&0...|.'..q.3I.n..#3...E...y..Fs
.k.].aFh...1....[%..oY....o......_]...Y.L|Z.Jfu...U...]......S.M.6.5.b
.....6.F.\.............3!.2oM..B....'.@gL*.B...3......ma5....U .t6.de.
.#.....`./e".....E..!_....X/....G~30...J.H!xU..%.$l.u>...~/.cZ.....
\...G.e....G.....H..L/.....c.....x...E...U..Ys5,.as.&...^.i.=dfc.59...
.0..'.S5...#!_.{...\.=.....[....-p-..a....p.o ....j...K...*..}u..$w.KD
...f....C.s.;..*\'.:........p..........<W]......z.)?.......m.).n.ju
.v.9...[.t.............o..[...Y...5..;Z6.i.]S.......J-.4e.h.o..m...t..
.L......x..-.....,.E.)&..jYFL...".uU..d"..I]....<."..V.a....f.K
<<< skipped >>>

GET /pc/js/lib/requirejs/require.js?20160603212726 HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: yyweb.yystatic.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Expires: Fri, 10 Jun 2016 14:41:12 GMT
Date: Fri, 03 Jun 2016 14:41:12 GMT
Server: nginx
Content-Type: application/x-javascript
Last-Modified: Fri, 03 Jun 2016 14:07:09 GMT
Transfer-Encoding: chunked
Cache-Control: max-age=604800
Content-Encoding: gzip
Age: 1
X-Via: 1.1 fuzhou191:8111 (Cdn Cache Server V2.0), 1.1 db78:7 (Cdn Cache Server V2.0)
Connection: keep-alive
175b.............[kw.6.. ..G%#...}.n.".$.[.M.6v?..J.-A2m.TH..X......ER
...s...q.....`|...\}^%..).}..5MR.oOW.X'Y._...{i....)Wz...0..Qc.:..G...
..8...kS..}...y.?~m.......)....I...~"....*..t..;.....h.nk..D"T....<
...j.....fz~.O^<?.....&.fB...4..@[.g.........Y.>.L."..J[I.R....)
.' #..1..U|[...F.T...I...ODyh....v...\Y.^..|........K.M[.6........?..Q
.8....jv....a6.I..oL..O.@..... @...\5..(..........|.Z.T.A.....K_..}.6.
.......D.O...*....PX,......*...R.....j..D)...M..9.Ew...Z.e.....f..7..E
OQ.".....x].IC......z..MVsU.T..|.).Y..s^F&.rf...51.....E&bQ......vp.n.
=..<...R,......g..od...D.;.5%.Ga.M...u.X....P..T!.A.......r....... 
..1.X..F..:._j...1..K.6O....p.AJd...t.c......;.5...Y...2'.2...?g.1Y&0G
Fj.y..........a[f.t..!..D..o...Q...8 ......x...>1.&KR.....yM....e..
h./.%.*"..1w.I#.-...?..y...9..)...b..Q0M..**.......uHD...T&b%.>[.(J
{..,;....wt.H.(.2.6d...O.....H..8.P..t..6F
.....YAVq.F5.d......P.V.p
...\.V.z..g.....b.'K]WI]....R.<.Zi...:~n.g....$g$._.....As.......h.
2.A.{HyHs.....|..D. ...d.:...x.\.6...5...............V).....q..?\.....
M..V}0.~....Sq.,......}...1%)YI.....0...gS.k{A......d..tuU.G..........
.p....j.j.)f.....d{#.......`h..c..T..`o<....$.......r...!.L4.>0.
Y..hx8. ....O.-.D.^........,:...)_.......Af..;......cHd.........toL...
mihKik1$.v|........}.^..u:.....JK.&....]......"h...6....[.....N.*.G.p.
.D6...8b<.ME2...U.{...e.Mk...$.......03.X.D.y?.#....mh......]..0S.f
.....>`..~..0..,[email protected].$BD..g....d..A... .B.(.6.g..p.N'.O...`
.A.....r.t..}.$....:..._[&..rym.........3F....!.L...t...V...V.5...
<<< skipped >>>

GET /pc/images/components/w-liveplayer/images/w-liveplayer-sprite.png?201605261526 HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: yyweb.yystatic.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Expires: Fri, 10 Jun 2016 15:49:19 GMT
Date: Fri, 03 Jun 2016 15:49:19 GMT
Server: nginx
Content-Type: image/png
Content-Length: 3860
Last-Modified: Fri, 03 Jun 2016 06:49:14 GMT
ETag: "5751286a-f14"
Cache-Control: max-age=604800
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 zhenjiang73:8080 (Cdn Cache Server V2.0), 1.1 db77:9 (Cdn Cache Server V2.0)
Connection: keep-alive
.PNG........IHDR...............e.....PLTE.......JJ9.%....ttj..........
f..3v.i..........D....-...z..""......VVV.QQD.1...X.G...,..............
".......|..L...<..4....Y...........................2............44.
......jj...........u...|..K..d...........)..s.......................N.
=.......bbK.V...........).....>D.2V.............Q...'..........S...
............\....,I.!.xxk.\....--...S..A.2................>>..$-
..............x.....\..2....?.................u..AF.*G.$.....C....c-..
.....**........<..<[email protected].~...B........:...''
E./Z.o......v..A.9A..Q...........i..K.D.XXG.)...&.............8"......
.....J.7...F.3.............  ..@.............**....**..A.....AN.....-.
[email protected]..^..G.....@.....<......
..,m..}.p......p.b..............................$............J......tR
NS....................................................................
......................................................................
......................................................................
................................................S..%....IDATx....TSW..
`$..A..$..a. .. ..)Qi......U.e.."...Z,.Z.;....`..tp)..rARK\..Z.YZZu4XZ
.s........G.....wr}.....^...bp..S^`..E.......~.w4.h..}..d....V....W...
.\......v.......{.vH.........?hF.N..l..#.".3....g.W. ....w...9....MCC.
..[_....f.^}t.U`...o..9..5.ou.>h..zC..4..-<.|..X.($"QX\.........
....[_.0.b.k}...9&..$.g..(.g..;..C....y./...O..H|.d...O.j.....t.g.....
Y).../..gs.p.i.'.;]9...M...M.\.o.2 ...^.....c.m...O...7...(.r].n/{
<<< skipped >>>

GET /pc/images/components/w-liveplayer/images/w-liveplayer-sprite.png?201605261526 HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: yyweb.yystatic.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Expires: Fri, 10 Jun 2016 15:49:19 GMT
Date: Fri, 03 Jun 2016 15:49:19 GMT
Server: nginx
Content-Type: image/png
Content-Length: 3860
Last-Modified: Fri, 03 Jun 2016 06:49:14 GMT
ETag: "5751286a-f14"
Cache-Control: max-age=604800
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 zhenjiang73:8080 (Cdn Cache Server V2.0), 1.1 db77:9 (Cdn Cache Server V2.0)
Connection: keep-alive
.PNG........IHDR...............e.....PLTE.......JJ9.%....ttj..........
f..3v.i..........D....-...z..""......VVV.QQD.1...X.G...,..............
".......|..L...<..4....Y...........................2............44.
......jj...........u...|..K..d...........)..s.......................N.
=.......bbK.V...........).....>D.2V.............Q...'..........S...
............\....,I.!.xxk.\....--...S..A.2................>>..$-
..............x.....\..2....?.................u..AF.*G.$.....C....c-..
.....**........<..<[email protected].~...B........:...''
E./Z.o......v..A.9A..Q...........i..K.D.XXG.)...&.............8"......
.....J.7...F.3.............  ..@.............**....**..A.....AN.....-.
[email protected]..^..G.....@.....<......
..,m..}.p......p.b..............................$............J......tR
NS....................................................................
......................................................................
......................................................................
................................................S..%....IDATx....TSW..
`$..A..$..a. .. ..)Qi......U.e.."...Z,.Z.;....`..tp)..rARK\..Z.YZZu4XZ
.s........G.....wr}.....^...bp..S^`..E.......~.w4.h..}..d....V....W...
.\......v.......{.vH.........?hF.N..l..#.".3....g.W. ....w...9....MCC.
..[_....f.^}t.U`...o..9..5.ou.>h..zC..4..-<.|..X.($"QX\.........
....[_.0.b.k}...9&..$.g..(.g..;..C....y./...O..H|.d...O.j.....t.g.....
Y).../..gs.p.i.'.;]9...M...M.\.o.2 ...^.....c.m...O...7...(.r].n/{
<<< skipped >>>


GET /cm/user?time=1465062548&domain=yy.com&zds=www@yy|&hiido_ui=0.20794194939660737 HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: cm.hiido.cn
Connection: Keep-Alive


HTTP/1.1 302 Found
Server: nginx
Date: Sat, 04 Jun 2016 17:49:00 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: hXXp://cm.hiido.cn/cm/user?hi_tc=1&domain=yy.com&hiido_ui=0.20794194939660737&time=1465062548&zds=www@yy|&
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Set-Cookie: cm_ui="yzwRC8sZVk qFEJH3ShePQ==|0.6"; Expires=Thu, 01 Dec 2016 17:49:00 GMT; Path=/
....


GET /cm/user?hi_tc=1&domain=yy.com&hiido_ui=0.20794194939660737&time=1465062548&zds=www@yy|& HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: cm.hiido.cn
Connection: Keep-Alive
Cookie: cm_ui="yzwRC8sZVk qFEJH3ShePQ==|0.6"


HTTP/1.1 302 Found
Server: nginx
Date: Sat, 04 Jun 2016 17:49:01 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: hXXp://cms.tanx.com/t.gif?tanx_nid=109887427&tanx_cm&domain=yy.com&hiido_ui=0.20794194939660737&time=1465062548&zds=www@yy|&hi_cmui=yzwRC8sZVk qFEJH3ShePQ==&hi_cmuiv=0.6&
HTTP/1.1 302 Found..Server: nginx..Date: Sat, 04 Jun 2016 17:49:01 GMT
..Content-Type: text/plain; charset=UTF-8..Content-Length: 0..Connecti
on: keep-alive..Location: hXXp://cms.tanx.com/t.gif?tanx_nid=109887427
&tanx_cm&domain=yy.com&hiido_ui=0.20794194939660737&time=1465062548&zd
s=www@yy|&hi_cmui=yzwRC8sZVk qFEJH3ShePQ==&hi_cmuiv=0.6&......


GET /cm/adx/tanx?tanx_ver=1&domain=yy.com&hiido_ui=0.20794194939660737&time=1465062548&zds=www@yy|&hi_cmui=yzwRC8sZVk qFEJH3ShePQ==&hi_cmuiv=0.6&tanx_tid=WVXU1KqJTQU= HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: cm.hiido.cn
Connection: Keep-Alive
Cookie: cm_ui="yzwRC8sZVk qFEJH3ShePQ==|0.6"


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:49:05 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Set-Cookie: cm_mapping=tanx|0|1465066145; Expires=Thu, 01 Dec 2016 17:49:05 GMT; Path=/
GIF89a.............!.......,...........L..;HTTP/1.1 200 OK..Server: ng
inx..Date: Sat, 04 Jun 2016 17:49:05 GMT..Content-Type: image/gif..Con
tent-Length: 43..Connection: keep-alive..P3P: CP="CURa ADMa DEVa PSAo 
PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"..Set-Coo
kie: cm_mapping=tanx|0|1465066145; Expires=Thu, 01 Dec 2016 17:49:05 G
MT; Path=/..GIF89a.............!.......,...........L..;....


GET /cm/user?time=1465062555&domain=yy.com&zds=www@yy|&hiido_ui=0.20794194939660737 HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: cm.hiido.cn
Connection: Keep-Alive
Cookie: cm_ui="yzwRC8sZVk qFEJH3ShePQ==|0.6"; cm_mapping=tanx|0|1465066145


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:49:05 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
GIF89a.............!.......,...........L..;HTTP/1.1 200 OK..Server: ng
inx..Date: Sat, 04 Jun 2016 17:49:05 GMT..Content-Type: image/gif..Con
tent-Length: 43..Connection: keep-alive..GIF89a.............!.......,.
..........L..;....


GET /cm/user?time=1465062562&domain=yy.com&zds=www@yy|&hiido_ui=0.20794194939660737 HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: cm.hiido.cn
Connection: Keep-Alive
Cookie: cm_ui="yzwRC8sZVk qFEJH3ShePQ==|0.6"; cm_mapping=tanx|0|1465066145


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:49:13 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
GIF89a.............!.......,...........L..;HTTP/1.1 200 OK..Server: ng
inx..Date: Sat, 04 Jun 2016 17:49:13 GMT..Content-Type: image/gif..Con
tent-Length: 43..Connection: keep-alive..GIF89a.............!.......,.
..........L..;....


GET /cm/user?time=1465062570&domain=yy.com&zds=www@yy|&hiido_ui=0.20794194939660737 HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: cm.hiido.cn
Connection: Keep-Alive
Cookie: cm_ui="yzwRC8sZVk qFEJH3ShePQ==|0.6"; cm_mapping=tanx|0|1465066145


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:49:21 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
GIF89a.............!.......,...........L..;HTTP/1.1 200 OK..Server: ng
inx..Date: Sat, 04 Jun 2016 17:49:21 GMT..Content-Type: image/gif..Con
tent-Length: 43..Connection: keep-alive..GIF89a.............!.......,.
..........L..;....


GET /cm/user?time=1465062580&domain=yy.com&zds=www@yy|&hiido_ui=0.20794194939660737 HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: cm.hiido.cn
Connection: Keep-Alive
Cookie: cm_ui="yzwRC8sZVk qFEJH3ShePQ==|0.6"; cm_mapping=tanx|0|1465066145


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:49:31 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
GIF89a.............!.......,...........L..;HTTP/1.1 200 OK..Server: ng
inx..Date: Sat, 04 Jun 2016 17:49:31 GMT..Content-Type: image/gif..Con
tent-Length: 43..Connection: keep-alive..GIF89a.............!.......,.
..........L..;....


GET /cm/user?time=1465062586&domain=yy.com&zds=www@yy|&hiido_ui=0.20794194939660737 HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: cm.hiido.cn
Connection: Keep-Alive
Cookie: cm_ui="yzwRC8sZVk qFEJH3ShePQ==|0.6"; cm_mapping=tanx|0|1465066145


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:49:37 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
GIF89a.............!.......,...........L..;HTTP/1.1 200 OK..Server: ng
inx..Date: Sat, 04 Jun 2016 17:49:37 GMT..Content-Type: image/gif..Con
tent-Length: 43..Connection: keep-alive..GIF89a.............!.......,.
..........L..;....


GET /cm/user?time=1465062595&domain=yy.com&zds=www@yy|&hiido_ui=0.20794194939660737 HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: cm.hiido.cn
Connection: Keep-Alive
Cookie: cm_ui="yzwRC8sZVk qFEJH3ShePQ==|0.6"; cm_mapping=tanx|0|1465066145


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:49:46 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
GIF89a.............!.......,...........L..;HTTP/1.1 200 OK..Server: ng
inx..Date: Sat, 04 Jun 2016 17:49:46 GMT..Content-Type: image/gif..Con
tent-Length: 43..Connection: keep-alive..GIF89a.............!.......,.
..........L..;....



GET /live/detail?uid=0&sid=72578111&ssid=72578111&_=1465062570755 HTTP/1.1
x-requested-with: XMLHttpRequest
Accept-Language: en-us
Referer: hXXp://VVV.yy.com/136724
Accept: application/json, text/javascript, */*; q=0.01
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: VVV.yy.com
Connection: Keep-Alive
Cookie: Hm_lpvt_c493393610cdccbddc1f124d567e36ab=1465062565; hiido_ui=0.20794194939660737; Hm_lvt_c493393610cdccbddc1f124d567e36ab=1465062552,1465062557; hdjs_session_id=0.4559120123177925; hdjs_session_time=1465062558583; hdjs_ui=0.9037752212777944; playerConfig={"danmu":true,"bright":0.5,"vol":0.5,"quality":-1}


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:49:21 GMT
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
91............U....0.@.%... .].O........f..`...[.2O.{/d..&A>....*0.
54..7..:...>*...._t FA...`7....K....c...;s.....g.9.g......HQwwG\.'.
W......Y-........0..HTTP/1.1 200 OK..Server: nginx..Date: Sat, 04 Jun 
2016 17:49:21 GMT..Content-Type: application/json;charset=UTF-8..Trans
fer-Encoding: chunked..Connection: keep-alive..Content-Encoding: gzip.
.91............U....0.@.%... .].O........f..`...[.2O.{/d..&A>....*0
.54..7..:...>*...._t FA...`7....K....c...;s.....g.9.g......HQwwG\.'
.W......Y-........0......



GET /hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&et=0&fl=11.6&ja=1&ln=en-us&lo=0<=1465062557&nv=0&rnd=134596779&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2&tt=传奇人生-正在直播-中国领先的直播网站 HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: hm.baidu.com
Connection: Keep-Alive
Cookie: HMACCOUNT=45C9319AF5C9C37A


HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Jun 2016 17:49:09 GMT
Pragma: no-cache
Server: apache
X-Content-Type-Options: nosniff
GIF89a.............!.......,...........L..;HTTP/1.1 200 OK..Cache-Cont
rol: private, max-age=0, no-cache..Content-Length: 43..Content-Type: i
mage/gif..Date: Sat, 04 Jun 2016 17:49:09 GMT..Pragma: no-cache..Serve
r: apache..X-Content-Type-Options: nosniff..GIF89a.............!......
.,...........L..;....


GET /hm.js?c493393610cdccbddc1f124d567e36ab HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: hm.baidu.com
Connection: Keep-Alive
Cookie: HMACCOUNT=45C9319AF5C9C37A


HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 8796
Content-Type: application/javascript
Date: Sat, 04 Jun 2016 17:49:14 GMT
Etag: a6182c7abd554fdec141e481c8a3b5e5
Server: apache
...............(function(){var h={},mt={},c={id:"c493393610cdccbddc1f1
24d567e36ab",dm:["yy.com"],js:"tongji.baidu.com/hm-web/js/",etrk:[],ic
on:'',ctrk:false,align:-1,nv:-1,vdur:1800000,age:31536000000,rec:0,rp:
[],trust:0,vcard:0,qiao:0,lxb:0,conv:0,med:0,cvcc:'',cvcf:[],apps:''};
.;.{......p..`5........l.]....X..I..l...c..IZ...wF.CN...{.....3....d.&
lt;5R.LB.....wi..E...;.9.....[.....,..a.....~H'.s..V.....Ij/2.>..8'
j........[..e..../6..k1~z;.......%.4.Oc.F.g5.F..../..D..*..x<^...f.
].M.....(...Pv..bvhd.Xa......U......T..^.~>.l..m..........GK&DI.D..
.kN..`2.UlAQ.Uov&r.,b/.......Y/A.|'..m.,`.X.Ox......3a...h.6L#..dV .m.
.m.m. ..........eg.4.N..|...)....}....0....v......<...EJ...8-..".&v
n..#....:.."..S.e....A.6.l..;..b9.{.$......7B.|x6...GZ......X.j1P.4...
....3.eox..d.$..2.6..|..k.... ..[RX.....j.....~{7......9...g.1....S4..
#Kb..F.......`.s.g....9H.....T0..D<.'.{%...&...Yd..@.."O..{...8....
$.,3.A.R.x.M,....J.....)...Q[. ` .....Z...?]B....[,....UMK.,Y..L.|...u
....p_.&.tE.D....9.&r%...t.Kf.H..d.i....&.....b...Xf..I.N.&`...&...-.Y
C...P.......%0.e..%_.....!..!ShaU..D0.........&...K.pJt.....H..V......
)(}.d...Z.d...*.Z~......T;... [email protected]}3...50.T
G....#..`K.|....~......,..c......E.4.|gp..a!^..w<Z.......Fh....(l*.
.ge.....i..,Y....I..`."5.3i.....F.........n......:*t.`..QL.<...v...
.ge..!.9...yt..@....`I......E.k._.'..(A...].0.........n... .......n!k.
..>...(x..Fnm....n...7.l...e3.f ..6S.LM.8..on...y#;....f.....F..#..
......".E..p......GM..3W....f..8.!. .b.>.c....J.......7I"..j...
<<< skipped >>>

GET /hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&ep=6797,6797&et=3&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=1429594728&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2 HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: hm.baidu.com
Connection: Keep-Alive
Cookie: HMACCOUNT=45C9319AF5C9C37A


HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Jun 2016 17:49:22 GMT
Pragma: no-cache
Server: apache
X-Content-Type-Options: nosniff
GIF89a.............!.......,...........L..;HTTP/1.1 200 OK..Cache-Cont
rol: private, max-age=0, no-cache..Content-Length: 43..Content-Type: i
mage/gif..Date: Sat, 04 Jun 2016 17:49:22 GMT..Pragma: no-cache..Serve
r: apache..X-Content-Type-Options: nosniff..GIF89a.............!......
.,...........L..;....


GET /hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&ep=7687,453&et=3&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=1791280354&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2 HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: hm.baidu.com
Connection: Keep-Alive
Cookie: HMACCOUNT=45C9319AF5C9C37A


HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Jun 2016 17:49:30 GMT
Pragma: no-cache
Server: apache
X-Content-Type-Options: nosniff
GIF89a.............!.......,...........L..;HTTP/1.1 200 OK..Cache-Cont
rol: private, max-age=0, no-cache..Content-Length: 43..Content-Type: i
mage/gif..Date: Sat, 04 Jun 2016 17:49:30 GMT..Pragma: no-cache..Serve
r: apache..X-Content-Type-Options: nosniff..GIF89a.............!......
.,...........L..;....


GET /hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&et=0&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=1978565649&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2&tt=传奇人生-正在直播-中国领先的直播网站 HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: hm.baidu.com
Connection: Keep-Alive
Cookie: HMACCOUNT=45C9319AF5C9C37A


HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Jun 2016 17:49:31 GMT
Pragma: no-cache
Server: apache
X-Content-Type-Options: nosniff
GIF89a.............!.......,...........L..;HTTP/1.1 200 OK..Cache-Cont
rol: private, max-age=0, no-cache..Content-Length: 43..Content-Type: i
mage/gif..Date: Sat, 04 Jun 2016 17:49:31 GMT..Pragma: no-cache..Serve
r: apache..X-Content-Type-Options: nosniff..GIF89a.............!......
.,...........L..;....


GET /hm.js?c493393610cdccbddc1f124d567e36ab HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: hm.baidu.com
Connection: Keep-Alive
Cookie: HMACCOUNT=45C9319AF5C9C37A


HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 8796
Content-Type: application/javascript
Date: Sat, 04 Jun 2016 17:49:38 GMT
Etag: a6182c7abd554fdec141e481c8a3b5e5
Server: apache
...............(function(){var h={},mt={},c={id:"c493393610cdccbddc1f1
24d567e36ab",dm:["yy.com"],js:"tongji.baidu.com/hm-web/js/",etrk:[],ic
on:'',ctrk:false,align:-1,nv:-1,vdur:1800000,age:31536000000,rec:0,rp:
[],trust:0,vcard:0,qiao:0,lxb:0,conv:0,med:0,cvcc:'',cvcf:[],apps:''};
.;.{......p..`5........l.]....X..I..l...c..IZ...wF.CN...{.....3....d.&
lt;5R.LB.....wi..E...;.9.....[.....,..a.....~H'.s..V.....Ij/2.>..8'
j........[..e..../6..k1~z;.......%.4.Oc.F.g5.F..../..D..*..x<^...f.
].M.....(...Pv..bvhd.Xa......U......T..^.~>.l..m..........GK&DI.D..
.kN..`2.UlAQ.Uov&r.,b/.......Y/A.|'..m.,`.X.Ox......3a...h.6L#..dV .m.
.m.m. ..........eg.4.N..|...)....}....0....v......<...EJ...8-..".&v
n..#....:.."..S.e....A.6.l..;..b9.{.$......7B.|x6...GZ......X.j1P.4...
....3.eox..d.$..2.6..|..k.... ..[RX.....j.....~{7......9...g.1....S4..
#Kb..F.......`.s.g....9H.....T0..D<.'.{%...&...Yd..@.."O..{...8....
$.,3.A.R.x.M,....J.....)...Q[. ` .....Z...?]B....[,....UMK.,Y..L.|...u
....p_.&.tE.D....9.&r%...t.Kf.H..d.i....&.....b...Xf..I.N.&`...&...-.Y
C...P.......%0.e..%_.....!..!ShaU..D0.........&...K.pJt.....H..V......
)(}.d...Z.d...*.Z~......T;... [email protected]}3...50.T
G....#..`K.|....~......,..c......E.4.|gp..a!^..w<Z.......Fh....(l*.
.ge.....i..,Y....I..`."5.3i.....F.........n......:*t.`..QL.<...v...
.ge..!.9...yt..@....`I......E.k._.'..(A...].0.........n... .......n!k.
..>...(x..Fnm....n...7.l...e3.f ..6S.LM.8..on...y#;....f.....F..#..
......".E..p......GM..3W....f..8.!. .b.>.c....J.......7I"..j...
<<< skipped >>>

GET /hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&ep=7594,7594&et=3&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=686386291&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2 HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: hm.baidu.com
Connection: Keep-Alive
Cookie: HMACCOUNT=45C9319AF5C9C37A


HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Jun 2016 17:49:46 GMT
Pragma: no-cache
Server: apache
X-Content-Type-Options: nosniff
GIF89a.............!.......,...........L..;HTTP/1.1 200 OK..Cache-Cont
rol: private, max-age=0, no-cache..Content-Length: 43..Content-Type: i
mage/gif..Date: Sat, 04 Jun 2016 17:49:46 GMT..Pragma: no-cache..Serve
r: apache..X-Content-Type-Options: nosniff..GIF89a.............!......
.,...........L..;....


GET /hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&et=0&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=657929662&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2&tt=传奇人生-正在直播-中国领先的直播网站 HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: hm.baidu.com
Connection: Keep-Alive
Cookie: HMACCOUNT=45C9319AF5C9C37A


HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Jun 2016 17:49:47 GMT
Pragma: no-cache
Server: apache
X-Content-Type-Options: nosniff
GIF89a.............!.......,...........L..;HTTP/1.1 200 OK..Cache-Cont
rol: private, max-age=0, no-cache..Content-Length: 43..Content-Type: i
mage/gif..Date: Sat, 04 Jun 2016 17:49:47 GMT..Pragma: no-cache..Serve
r: apache..X-Content-Type-Options: nosniff..GIF89a.............!......
.,...........L..;..



GET /j.gif?act=web&zd=www@yy|&ui=0.20794194939660737&sp=0&fl=11&sl=0&ss=2&bs=6&mb=0&nw=0&fd=0&hiido=0&sn=0&ls=0&ut=1465062555036&wd=0&passport=&sns=null&pcmb=1&pl=http://VVV.yy.com/210075&v=T20160526.01&rnd=0.207941949396607371465062555036 HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /j.gif?act=web&zd=www@yy|&ui=0.20794194939660737&sp=0&fl=11&sl=0&ss=2&bs=6&mb=0&nw=0&fd=0&hiido=0&sn=0&ls=0&ut=1465062557880&wd=0&passport=&sns=null&pcmb=1&pl=http://VVV.yy.com/136724&v=T20160526.01&rnd=0.207941949396607371465062557880 HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /j.gif?act=webevent&eventid=10008953&value=1&sys=3&uid=0&ui=0.20794194939660737&sid=86415000&act_type=1&source=0_0&bak1=0_0&parm1=0&time=1465062572&username= HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /ZTE4NDIzY2MtZDA5OS00YjQzLWI2NGUtMzBmODc3M2ZmMzQz.jpg HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: emyfs.bs2dl.yy.com
Connection: Keep-Alive
Cookie: hiido_ui=0.20794194939660737


HTTP/1.1 200 OK
Expires: Sun, 05 Jun 2016 12:23:02 GMT
Date: Sat, 04 Jun 2016 12:23:02 GMT
Server: openresty
Content-Type: image/jpeg
Content-Length: 90086
Accept-Ranges: bytes
Last-Modified: Fri, 08 Apr 2016 12:06:06 GMT
ETag: "a11ef96c09b67d8f71967939120bef49b82d626b"
Cache-Control: public,max-age=86400
Age: 1
X-Via: 1.1 fuzhou188:8080 (Cdn Cache Server V2.0), 1.1 db77:1 (Cdn Cache Server V2.0)
Connection: keep-alive
......Exif..II*.................Ducky.......b.....*hXXp://ns.adobe.com
/xap/1.0/.<?xpacket begin="..." id="W5M0MpCehiHzreSzNTczkc9d"?> 
<x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.5-c01
4 79.151481, 2013/03/13-12:09:15        "> <rdf:RDF xmlns:rdf="h
ttp://VVV.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rd
f:about="" xmlns:xmpMM="hXXp://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="
hXXp://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="hXXp://ns.a
dobe.com/xap/1.0/" xmpMM:DocumentID="xmp.did:9F06E0B7FD7411E5BE36C7906
B3F28A8" xmpMM:InstanceID="xmp.iid:9F06E0B6FD7411E5BE36C7906B3F28A8" x
mp:CreatorTool="Adobe Photoshop CC (Windows)"> <xmpMM:DerivedFro
m stRef:instanceID="xmp.iid:33200C90FC9E11E5BDB9F8B305C1B02C" stRef:do
cumentID="xmp.did:33200C91FC9E11E5BDB9F8B305C1B02C"/> </rdf:Desc
ription> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?&
gt;....Adobe.d........................................................
......................................................................
...................B.b................................................
..............................................!1..A.Q".aq2...B#...R3..
.b$45.6..rS7...Ccde8...T%....UV..t.u&Fx......................!1..AQa..
q.."......2..#..BRb3.4.r..Cc$56Sd.7...s%.t.DTUu.8............?...N.%)&
.........y.Zc....F.*......k:M S...s....T%B..I.KZ_.D...C:.jM|s.o.?8%...
/y.Z$.......4:....T\.VN9....z..1.............$...N2.B.@!@@[email protected].
...*h...*.=...%q[w~..c.Xla.k...6....QZ.....=1... ...../1. r.&..Lb.
<<< skipped >>>


GET /j.gif?act=webevent&eventid=10008953&value=1&sys=3&uid=0&ui=0.20794194939660737&sid=72578111&act_type=1&source=0_0&bak1=0_0&parm1=0&time=1465062558&username= HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /pc/css/studio.css?20160603212726 HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: yyweb.yystatic.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Expires: Fri, 10 Jun 2016 15:44:21 GMT
Date: Fri, 03 Jun 2016 15:44:21 GMT
Server: nginx
Content-Type: text/css
Content-Length: 64706
Last-Modified: Fri, 03 Jun 2016 14:07:09 GMT
ETag: "57518f0d-fcc2"
Cache-Control: max-age=604800
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 fuzhou188:8104 (Cdn Cache Server V2.0), 1.1 db77:0 (Cdn Cache Server V2.0)
Connection: keep-alive
button,img{border:0}a,body a:hover{text-decoration:none}.column-hd,.co
lumn-hd .column-title a,.column-hd .column-title a:active,.column-hd .
column-title a:hover{color:#373737}.column-hd .hd-tags a,img,input,sel
ect{vertical-align:middle}html{-webkit-text-size-adjust:none}blockquot
e,body,dd,div,dl,dt,fieldset,form,h1,h2,h3,h4,h5,h6,input,li,ol,p,pre,
td,textarea,th,ul{margin:0;padding:0}a,h1,h2,h3,h4,h5,h6,p{font-size:1
00%}li,ol,ul{list-style:none}table{border-collapse:collapse;border-sty
le:none}button{padding:0;cursor:pointer}textarea{resize:vertical}a{out
line:0}.left-menu .has-layer .layer-wrap a,.left-menu .nav-column li a
{text-overflow:ellipsis;white-space:nowrap;overflow:hidden}.chat-room 
.chatroom-list .icon-noble,.column-hd .hd-tags a,.column-hd .more .mor
e-btn,.icon-people,.icon-view,.left-menu .has-layer .layer-wrap a,.lef
t-menu .icon-all,.left-menu .icon-down,.left-menu .icon-home,.left-men
u .icon-kan,.left-menu .icon-love,.left-menu .icon-special,.video-tag 
.tag-txt{display:inline-block;*display:inline;*zoom:1}.hidden{display:
none!important}.invisible{visibility:hidden}.cf,.clearfix,.column-hd,.
left-menu .nav-column ul,.video-list,.w-liveplayer-drag-endpage .w-liv
eplayer-drag-ft,.w-liveplayer-drag-endpage .w-liveplayer-drag-hd{zoom:
1}.cf:after,.clearfix:after,.column-hd:after,.left-menu .nav-column ul
:after,.video-list:after,.w-liveplayer-drag-endpage .w-liveplayer-drag
-ft:after,.w-liveplayer-drag-endpage .w-liveplayer-drag-hd:after{conte
nt:"";display:block;height:0;clear:both;visibility:hidden}body{fon
<<< skipped >>>


GET /YzY1ODZlNDQtN2M1Ni00MmFlLWI0NGMtNmQ2ZjhhNjIwYjM5.jpg HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: emyfs.bs2cdn.yy.com
Connection: Keep-Alive
Cookie: hiido_ui=0.20794194939660737


HTTP/1.1 200 OK
Expires: Sun, 05 Jun 2016 09:50:34 GMT
Date: Sat, 04 Jun 2016 09:50:34 GMT
Server: openresty
Content-Type: image/jpeg
Content-Length: 46539
Accept-Ranges: bytes
Last-Modified: Fri, 03 Jun 2016 09:45:09 GMT
ETag: "5cf8b4abdd95f8d518f179f62c067af6d19f2737"
Cache-Control: public,max-age=86400
Age: 1
X-Via: 1.1 db77:7 (Cdn Cache Server V2.0)
Connection: keep-alive
......JFIF.....H.H.....4Exif..MM.*.................V...........^.(....
.......1.........f.............i.........t.......H.......H....VVV.meit
u.com...........0221....................0100..........................
...............................................................$.(....
............................ G.......H.......H.......C................
....................................................C.................
......................................................B.b.............
..................................................}........!1A..Qa."q.
2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwxyz
......................................................................
........................................................w.......!1..AQ
.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghijs
tuvwxyz...............................................................
.....................?......|kk......z.&=b.B.Na....z.j)EY......?.8....
*.k'..M&.....]..._.x........Ro.*.M..NL.|o.L...........U...FNO.n..x....
[.c<...o.*.z.-..z..V......Z..-...>.&..8..?.5|Fo.,-.M...gy.p8iM..
...[.wE......Y...K.c...B.s.V ..jJ.....>#..1r.. _...._.~)j...wv....s
<eP....:.8_...c".RM/7.g...L.2....._...~Sk...gw..p|Y....:....U......
QM....2.AE7...M....H.~.....7..._SIY|.~.Kr..........?..........GZo..x..
.....c.....Upovk..x......k......UR...6E.....F......i7...N)........8...
...Y.........m...u>0.....f....u.ha...rO.&.........;....~6..1.....Vo
.*..RZ....w.|....{....o.*.....x....o......T..!......#..._......U..
<<< skipped >>>

GET /NjM0YWQxNGQtOWIzNy00Yjg1LWI4MjMtZGNmOWJlZTM4ZDU1.jpg HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: emyfs.bs2cdn.yy.com
Connection: Keep-Alive
Cookie: hiido_ui=0.20794194939660737


HTTP/1.1 200 OK
Expires: Sun, 05 Jun 2016 17:49:04 GMT
Date: Sat, 04 Jun 2016 17:49:04 GMT
Server: openresty
Content-Type: image/jpeg
Content-Length: 88759
Accept-Ranges: bytes
Last-Modified: Thu, 12 May 2016 09:03:10 GMT
ETag: "0cb2ebe14e3572e75fd3d4378cc1215140cd2ed3"
Cache-Control: public,max-age=86400
X-Via: 1.1 jfzh181:8108 (Cdn Cache Server V2.0), 1.1 db78:6 (Cdn Cache Server V2.0)
Connection: keep-alive
.....0Exif..MM.*.......1..............VVV.meitu.com....C..............
......................................................C...............
..........................................................&...........
....................................................}........!1A..Qa."
q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwx
yz....................................................................
..........................................................w.......!1..
AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghi
jstuvwxyz.............................................................
.......................?....`q@...(.....`[email protected].._.ZM
:{MG.Z.R2).h.E.NGS....V.8.z$.?.'.....3$r8f.Q.......M9lgNNI3.hn..R..2..
._O.yrI...v.Ew$......F<...S....|...T...4..t.....Pu.{V.>..2..g..B
Fu....... ...%Q..4...........'gs.....e[...k%.....;..P1......$.....=3..
V........P...(.....`[email protected]...(.....`z..0=.........$..
[email protected]~...R/._.=...<=,z..LG....H.........j/../.@....>=...Y....Z9..
,.}.G..(.[....4..7~7....k....6.x.q..ClH|U.D.a...>P.9..{Y...Ci.}Z..n
...'._0...&Zw...k..A...x..w..y.&..'x..............Wa.lT...N........H..
....>.z..^..zo5..j8.H.........<.T.{...Q.....K{.........mcU$.....
l.E....<.b...Q.!.......7......_qI.........-..Gw!..U.a..e{..[C-..e${
s{>P..xx.x.t>of..=...-E..S.l.. ..kB$......P.u....iR....e6.R#..z.
..$:...F..z...9.U........._.~...._.]N.p.w.n.3.g.sb..{nl...O...w......6
......v..*.[K....'....*.......}..kZG.,`.4...-.PU.....tFrj.1.qf.dU.
<<< skipped >>>

GET /NTk0MmFiOTYtMDEzOS00M2RmLTk2NzQtYWQ5NjhhZGU3MzQw.jpg HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: emyfs.bs2cdn.yy.com
Connection: Keep-Alive
Cookie: hiido_ui=0.20794194939660737; Hm_lvt_c493393610cdccbddc1f124d567e36ab=1465062552


HTTP/1.1 200 OK
Expires: Sun, 05 Jun 2016 01:46:07 GMT
Date: Sat, 04 Jun 2016 01:46:07 GMT
Server: openresty
Content-Type: image/jpeg
Content-Length: 54181
Accept-Ranges: bytes
Last-Modified: Thu, 05 May 2016 10:18:46 GMT
ETag: "5fa4b0642d2701da7f93c535b596dbcc2ab7fdad"
Cache-Control: public,max-age=86400
Age: 1
X-Via: 1.1 db77:3 (Cdn Cache Server V2.0)
Connection: keep-alive
......Exif..II*.................Ducky.......P..... hXXp://ns.adobe.com
/xap/1.0/.<?xpacket begin="..." id="W5M0MpCehiHzreSzNTczkc9d"?> 
<x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.3-c01
1 66.145661, 2012/02/06-14:56:27        "> <rdf:RDF xmlns:rdf="h
ttp://VVV.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rd
f:about="" xmlns:xmpMM="hXXp://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="
hXXp://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="hXXp://ns.a
dobe.com/xap/1.0/" xmpMM:DocumentID="xmp.did:BB4EFB9D12AA11E684AA9A979
A661531" xmpMM:InstanceID="xmp.iid:BB4EFB9C12AA11E684AA9A979A661531" x
mp:CreatorTool="Adobe Photoshop CS6 (Windows)"> <xmpMM:DerivedFr
om stRef:instanceID="xmp.did:4D7B5B88AA12E611B5E5A87810B57366" stRef:d
ocumentID="xmp.did:4D7B5B88AA12E611B5E5A87810B57366"/> </rdf:Des
cription> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?
>....Adobe.d.......................................................
......................................................................
....................B.b...............................................
.............................................!.1.A".Qaq2...3.BR#4...b.
...r.$56....ScU....CTV7Wsd..Dt%&........................!1.A.Qa.q..."2
....BR#....3b.$.r...S4.C.............?..)N..@...^...r...H.B...4....V..
!.B...8..TPi....j....S.zi.8.....!.. )Ii1...B[`.I%U..$.N..%.....?..s...
..z;."S..).%..R.... ."..<*4\.%n......>m..#.p...N.%.<.X.......
..Q....b..*...Z....P...j........E.....7 !....X..0U..EA%J<.Mj...
<<< skipped >>>

GET /MGU2NTExZWItYTI1Mi00N2VmLTg5NDgtOWUwY2UxNGUzMjQ2.jpg HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: emyfs.bs2cdn.yy.com
Connection: Keep-Alive
Cookie: hiido_ui=0.20794194939660737; Hm_lvt_c493393610cdccbddc1f124d567e36ab=1465062552


HTTP/1.1 200 OK
Expires: Sun, 05 Jun 2016 17:49:05 GMT
Date: Sat, 04 Jun 2016 17:49:05 GMT
Server: openresty
Content-Type: image/jpeg
Content-Length: 92713
Accept-Ranges: bytes
Last-Modified: Thu, 12 May 2016 09:19:58 GMT
ETag: "13f9b12ff16fcb15033ceb676efaa12ec59a710f"
Cache-Control: public,max-age=86400
X-Via: 1.1 fuzhou191:8110 (Cdn Cache Server V2.0), 1.1 db78:4 (Cdn Cache Server V2.0)
Connection: keep-alive
.....0Exif..MM.*.......1..............VVV.meitu.com....C..............
......................................................C...............
..........................................................&...........
....................................................}........!1A..Qa."
q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXYZcdefghijstuvwx
yz....................................................................
..........................................................w.......!1..
AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZcdefghi
jstuvwxyz.............................................................
.......................?..B5MWT.Q...J..w.....I..FY..'....s...W{.?.5O..
^..K....rD?.5A..1.......9"nX..T.............Ute..p.Q.d..]sRe..B..Y....
.....U\.t...z...n......`..;6r.oRH..O9]F..:y..5....dT.Q..MKT(d.}.?.....
.........S..{jz.....`...!.8.k.UjI\..M.s..........'.~.....p.....I.c....
........^]...b....q.j..........k...Cz2or......A.......9`ns.Z....j..O..
?...7.h. .2n......../.O..I.5....4Iß......^.7R..8.u.p..C._U....z..O..
........McT..&.......^V2..v2.{.f.. ]F..........kBJT...*I......:...Z..}
{..cV..-..MyX....z.|2...xgM...C...............|.'....s...i.s4}....:..q
m,...?.f....c1.KY&..v....T..t-..I.|.B.}.8....G._ ........g]8 .......I}
.E,6.k.I.._nG.J.!) I.......l|...n.....U............(.MI..........-.[G.
K=J..<-...k.iW.d...x.......:..cw.._.O..D.8..z...R..<Z.pN-.E...I.
....~.....!...<...).u*..bR....=..d ~..:J1...OF.IB6...x[.>(.g. ..
vq.n$8.k.............\.S........:....(v.q #...qM......p..4......j.
<<< skipped >>>

GET /NDQ1NzI4OTctZjBkMi00NzRkLTk4OGItYWRkN2NjZWU4ZjY4.jpg HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: emyfs.bs2cdn.yy.com
Connection: Keep-Alive
Cookie: hiido_ui=0.20794194939660737; Hm_lvt_c493393610cdccbddc1f124d567e36ab=1465062552


HTTP/1.1 200 OK
Expires: Sun, 05 Jun 2016 11:24:12 GMT
Date: Sat, 04 Jun 2016 11:24:12 GMT
Server: openresty
Content-Type: image/jpeg
Content-Length: 49495
Accept-Ranges: bytes
Last-Modified: Wed, 18 May 2016 11:43:51 GMT
ETag: "12a3c1718d7d10cca17468109f57cf1aa949f71a"
Cache-Control: public,max-age=86400
Age: 1
X-Via: 1.1 jfzh181:8111 (Cdn Cache Server V2.0), 1.1 db77:8 (Cdn Cache Server V2.0)
Connection: keep-alive
....$.Exif..MM.*...............T......................................
.................................................(...........1........
...2...........i............. ............'.......'.Adobe Photoshop CS
6 (Windows).2016:04:14 15:30:10.............0221......................
.............................................n...........v.(..........
...........~..........#........H.......H.........XICC_PROFILE......HLi
no....mntrRGB XYZ .........1..acspMSFT....IEC sRGB....................
...-HP  ................................................cprt...P...3de
sc.......lwtpt........bkpt........rXYZ........gXYZ...,....bXYZ...@....
dmnd...T...pdmdd........vued...L....view.......$lumi........meas......
.$tech...0....rTRC...<....gTRC...<....bTRC...<....text....Cop
yright (c) 1998 Hewlett-Packard Company..desc........sRGB IEC61966-2.1
............sRGB IEC61966-2.1.........................................
.........XYZ .......Q........XYZ ................XYZ ......o...8.....X
YZ ......b.........XYZ ......$.........desc........IEC hXXp://VVV.iec.
ch............IEC hXXp://VVV.iec.ch...................................
...........desc........IEC 61966-2.1 Default RGB colour space - sRGB..
..........IEC 61966-2.1 Default RGB colour space - sRGB...............
.......desc.......,Reference Viewing Condition in IEC61966-2.1........
...,Reference Viewing Condition in IEC61966-2.1.......................
...view.........._...............\.....XYZ .....L.V.P...W..meas.......
.........................sig ....CRT curv.......................#.
<<< skipped >>>


GET /j.gif?act=webevent&eventid=10008953&value=1&sys=3&uid=0&ui=0.20794194939660737&sid=86415000&act_type=1&source=0_0&bak1=0_0&parm1=0&time=1465062596&username= HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /statistics/StatisticsAction.json?uri=studio_ie6_windows xp&value=1 HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: statistics.yy.com
Connection: Keep-Alive
Cookie: Hm_lpvt_c493393610cdccbddc1f124d567e36ab=1465062556; hiido_ui=0.20794194939660737; Hm_lvt_c493393610cdccbddc1f124d567e36ab=1465062552,1465062557


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:49:13 GMT
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
3a.............VJI-NV.RR.Q*.I,)-V.2.QJI,[email protected]*.....0..HTT
P/1.1 200 OK..Server: nginx..Date: Sat, 04 Jun 2016 17:49:13 GMT..Cont
ent-Type: application/json;charset=UTF-8..Transfer-Encoding: chunked..
Connection: keep-alive..Access-Control-Allow-Credentials: true..Conten
t-Encoding: gzip..3a.............VJI-NV.RR.Q*.I,)-V.2.QJI,IT.....2..@.
...7.F*.....0......



GET /j.gif?act=webevent&eventid=10008953&value=1&sys=3&uid=0&ui=0.20794194939660737&act_type=201&source=0_0&time=1465062572&username= HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /r/rc/yycomscene/core/1/19/playui.swf HTTP/1.1
Accept: */*
Accept-Language: en-US
Referer: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=86415000&subSid=86415000&newtuna=1&referer=http:/%2
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: c2.web.yystatic.com
Connection: Keep-Alive
Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b; hiido_ui=0.57246662237330648


HTTP/1.1 200 OK
Content-Length: 1039
Content-Type: application/x-shockwave-flash;charset=UTF-8
Last-Modified: Sat,05-Dec-15 05:49:19 GMT
Via: 1.1 db80:9005 (Cdn Cache Server V2.0)
Connection: close
CWS.n...x..U.o.T...I..?h...B.d2m......&V.5?.j.6.Jt'../..c[...p`...?.$.
...n..!.......0*q. .@[email protected]..[.c<.~....|.......N1.5.A..8.......
.,."[email protected]..,.G."b........p......-.tTCg.XZ2..t
8.'.........c.Ge..6%....uu.H.[Xr.k.0.L.E1%M...E..`.&.........a....01&g
t;1.>..R..rgx.."(..&.8N.SB.?.R.B].6.M-cGR$G."'#(...../....C.=......
". .)../..]E.7..[.W1Ef..kXwlb0....B..j...LSSe..d...j.o4.....fO...g]...
\~r.k5....9\y2.^X51;.m.n...O.m.rY..mG.e<[.....*B)[.&..\...E...IT(.x
....<_.<..S;j.C.....).A...Q.`..*..G...\...rY>WtUS..T:.J(W*Nf.
......k......e..*..ec...p.*.&._A=....%.....<KB.Q;j.....%.....t..f..
.....9.7F.............p.w......?N^...j...}........w............. ..f(.
^.~=.....K........;.#[email protected]../...a.;.......|i..|~{....@p.{...sW........
]Z..2........f7Gno..]}..5j(E=w...OnffF...{x...&.....gF....q.._.W..?..`
.$A.E....H.fHL.!........I..........N.o9......A.b....,. *.k....t...@{..
...P....*9r.[..6..=6.;..d...G.......Qul..MKup.....Sc...!ES~...~..zi*HS
}[email protected]?.$..>..:.N........$.. 8..0.}H.#....$.H.E"E.Ep......
..{;..........H...



GET /j.gif?act=webevent&eventid=10008953&value=1&sys=3&uid=0&ui=0.20794194939660737&act_type=201&source=0_0&time=1465062552&username= HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /zone/1391682584 HTTP/1.1
Referer: hXXp://m.yy.com/zone/1391682584
Accept: */*
Accept-Language: zh-cn
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1; 125LA; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)
Host: m.yy.com
Cache-Control: no-cache


HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Sat, 04 Jun 2016 17:48:53 GMT
Content-Type: text/html
Content-Length: 154
Connection: keep-alive
Location: hXXp://m.yy.com/zone/1391682584/
<html>..<head><title>302 Found</title></hea
d>..<body bgcolor="white">..<center><h1>302 Found
</h1></center>..<hr><center>nginx</center&g
t;..</body>..</html>......


GET /zone/1391682584/ HTTP/1.1


Referer: hXXp://m.yy.com/zone/1391682584
Accept: */*
Accept-Language: zh-cn
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1; 125LA; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)
Host: m.yy.com
Cache-Control: no-cache
Connection: Keep-Alive


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:48:53 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 04 Jun 2016 17:48:53 GMT
4c5..<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
 "hXXp://VVV.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">..<ht
ml xmlns="hXXp://VVV.w3.org/1999/xhtml">..<head>..<meta ht
tp-equiv="Content-Type" content="text/html; charset=utf-8" />..<
title>YY............ [email protected]...</title>..<
;meta name="keywords" content=".......................................
...............YY............"/>..<meta name="description" conte
nt="YY...............YY...........................K...................
.............................YY...YY..................................
......................................................................
................K......m.yy.com" />..<link type="text/css" rel="
stylesheet" href="hXXp://m.yy.com/css/public.css" />..<link type
="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/star.css" />
..<link type="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/
album.css" />..<link type="text/css" rel="stylesheet" href="http
://m.yy.com/css/uiwidget-popup.css" />..<link type="text/css" re
l="stylesheet" href="hXXp://m.yy.com/css/uiwidget-pagebar.css" />..
<link type="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/ui
widget-messagebox.css"/>..<link type="text/css"..1000.. rel="sty
lesheet" href="hXXp://m.yy.com/css/zone-index-pagebar.css"/>..<l
ink type="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/jplayer
.blue.monday.css"/>..<link type="text/css" rel="stylesheet" 
<<< skipped >>>

GET /zone/1391682584 HTTP/1.1


Referer: hXXp://m.yy.com/zone/1391682584
Accept: */*
Accept-Language: zh-cn
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1; 125LA; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)
Host: m.yy.com
Cache-Control: no-cache


HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Sat, 04 Jun 2016 17:48:55 GMT
Content-Type: text/html
Content-Length: 154
Connection: keep-alive
Location: hXXp://m.yy.com/zone/1391682584/
<html>..<head><title>302 Found</title></hea
d>..<body bgcolor="white">..<center><h1>302 Found
</h1></center>..<hr><center>nginx</center&g
t;..</body>..</html>......


GET /zone/1391682584/ HTTP/1.1


Referer: hXXp://m.yy.com/zone/1391682584
Accept: */*
Accept-Language: zh-cn
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1; 125LA; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)
Host: m.yy.com
Cache-Control: no-cache
Connection: Keep-Alive


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:48:56 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 04 Jun 2016 17:48:56 GMT
4c5..<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
 "hXXp://VVV.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">..<ht
ml xmlns="hXXp://VVV.w3.org/1999/xhtml">..<head>..<meta ht
tp-equiv="Content-Type" content="text/html; charset=utf-8" />..<
title>YY............ [email protected]...</title>..<
;meta name="keywords" content=".......................................
...............YY............"/>..<meta name="description" conte
nt="YY...............YY...........................K...................
.............................YY...YY..................................
......................................................................
................K......m.yy.com" />..<link type="text/css" rel="
stylesheet" href="hXXp://m.yy.com/css/public.css" />..<link type
="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/star.css" />
..<link type="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/
album.css" />..<link type="text/css" rel="stylesheet" href="http
://m.yy.com/css/uiwidget-popup.css" />..<link type="text/css" re
l="stylesheet" href="hXXp://m.yy.com/css/uiwidget-pagebar.css" />..
<link type="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/ui
widget-messagebox.css"/>..<link type="text/css"..1000.. rel="sty
lesheet" href="hXXp://m.yy.com/css/zone-index-pagebar.css"/>..<l
ink type="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/jplayer
.blue.monday.css"/>..<link type="text/css" rel="stylesheet" 
<<< skipped >>>

GET /zone/1391682584 HTTP/1.1


Referer: hXXp://m.yy.com/zone/1391682584
Accept: */*
Accept-Language: zh-cn
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1; 125LA; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)
Host: m.yy.com
Cache-Control: no-cache
Cookie: hiido_ui=0.20794194939660737; Hm_lvt_c493393610cdccbddc1f124d567e36ab=1465062552


HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Sat, 04 Jun 2016 17:49:03 GMT
Content-Type: text/html
Content-Length: 154
Connection: keep-alive
Location: hXXp://m.yy.com/zone/1391682584/
<html>..<head><title>302 Found</title></hea
d>..<body bgcolor="white">..<center><h1>302 Found
</h1></center>..<hr><center>nginx</center&g
t;..</body>..</html>......


GET /zone/1391682584/ HTTP/1.1


Referer: hXXp://m.yy.com/zone/1391682584
Accept: */*
Accept-Language: zh-cn
Connection: Keep-Alive
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1; 125LA; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)
Host: m.yy.com
Cache-Control: no-cache
Cookie: hiido_ui=0.20794194939660737; Hm_lvt_c493393610cdccbddc1f124d567e36ab=1465062552


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:49:05 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 04 Jun 2016 17:49:05 GMT
4c5..<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
 "hXXp://VVV.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">..<ht
ml xmlns="hXXp://VVV.w3.org/1999/xhtml">..<head>..<meta ht
tp-equiv="Content-Type" content="text/html; charset=utf-8" />..<
title>YY............ [email protected]...</title>..<
;meta name="keywords" content=".......................................
...............YY............"/>..<meta name="description" conte
nt="YY...............YY...........................K...................
.............................YY...YY..................................
......................................................................
................K......m.yy.com" />..<link type="text/css" rel="
stylesheet" href="hXXp://m.yy.com/css/public.css" />..<link type
="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/star.css" />
..<link type="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/
album.css" />..<link type="text/css" rel="stylesheet" href="http
://m.yy.com/css/uiwidget-popup.css" />..<link type="text/css" re
l="stylesheet" href="hXXp://m.yy.com/css/uiwidget-pagebar.css" />..
<link type="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/ui
widget-messagebox.css"/>..<link type="text/css"..HTTP/1.1 200 OK
..Server: nginx..Date: Sat, 04 Jun 2016 17:49:05 GMT..Content-Type: te
xt/html; charset=utf-8..Transfer-Encoding: chunked..Connection: keep-a
live..Last-Modified: Sat, 04 Jun 2016 17:49:05 GMT..4c5..<!DOCT
<<< skipped >>>

GET /zone/1391682584 HTTP/1.1


Referer: hXXp://m.yy.com/zone/1391682584
Accept: */*
Accept-Language: zh-cn
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1; 125LA; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)
Host: m.yy.com
Cache-Control: no-cache
Cookie: hiido_ui=0.20794194939660737; Hm_lvt_c493393610cdccbddc1f124d567e36ab=1465062552,1465062557; Hm_lpvt_c493393610cdccbddc1f124d567e36ab=1465062558


HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Sat, 04 Jun 2016 17:49:11 GMT
Content-Type: text/html
Content-Length: 154
Connection: keep-alive
Location: hXXp://m.yy.com/zone/1391682584/
<html>..<head><title>302 Found</title></hea
d>..<body bgcolor="white">..<center><h1>302 Found
</h1></center>..<hr><center>nginx</center&g
t;..</body>..</html>......


GET /zone/1391682584/ HTTP/1.1


Referer: hXXp://m.yy.com/zone/1391682584
Accept: */*
Accept-Language: zh-cn
Connection: Keep-Alive
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1; 125LA; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)
Host: m.yy.com
Cache-Control: no-cache
Cookie: hiido_ui=0.20794194939660737; Hm_lvt_c493393610cdccbddc1f124d567e36ab=1465062552,1465062557; Hm_lpvt_c493393610cdccbddc1f124d567e36ab=1465062558


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:49:12 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 04 Jun 2016 17:49:12 GMT
4ca..<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
 "hXXp://VVV.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">..<ht
ml xmlns="hXXp://VVV.w3.org/1999/xhtml">..<head>..<meta ht
tp-equiv="Content-Type" content="text/html; charset=utf-8" />..<
title>YY............ [email protected]...</title>..<
;meta name="keywords" content=".......................................
...............YY............"/>..<meta name="description" conte
nt="YY...............YY...........................K...................
.............................YY...YY..................................
......................................................................
................K......m.yy.com" />..<link type="text/css" rel="
stylesheet" href="hXXp://m.yy.com/css/public.css" />..<link type
="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/star.css" />
..<link type="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/
album.css" />..<link type="text/css" rel="stylesheet" href="http
://m.yy.com/css/uiwidget-popup.css" />..<link type="text/css" re
l="stylesheet" href="hXXp://m.yy.com/css/uiwidget-pagebar.css" />..
<link type="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/ui
widget-messagebox.css"/>..<link type="text/css" rel=..1000.."sty
lesheet" href="hXXp://m.yy.com/css/zone-index-pagebar.css"/>..<l
ink type="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/jplayer
.blue.monday.css"/>..<link type="text/css" rel="stylesheet" 
<<< skipped >>>

GET /zone/1391682584 HTTP/1.1


Referer: hXXp://m.yy.com/zone/1391682584
Accept: */*
Accept-Language: zh-cn
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1; 125LA; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)
Host: m.yy.com
Cache-Control: no-cache
Cookie: Hm_lpvt_c493393610cdccbddc1f124d567e36ab=1465062565; hiido_ui=0.20794194939660737; Hm_lvt_c493393610cdccbddc1f124d567e36ab=1465062552,1465062557


HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Sat, 04 Jun 2016 17:49:19 GMT
Content-Type: text/html
Content-Length: 154
Connection: keep-alive
Location: hXXp://m.yy.com/zone/1391682584/
<html>..<head><title>302 Found</title></hea
d>..<body bgcolor="white">..<center><h1>302 Found
</h1></center>..<hr><center>nginx</center&g
t;..</body>..</html>......


GET /zone/1391682584/ HTTP/1.1


Referer: hXXp://m.yy.com/zone/1391682584
Accept: */*
Accept-Language: zh-cn
Connection: Keep-Alive
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1; 125LA; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)
Host: m.yy.com
Cache-Control: no-cache
Cookie: Hm_lpvt_c493393610cdccbddc1f124d567e36ab=1465062565; hiido_ui=0.20794194939660737; Hm_lvt_c493393610cdccbddc1f124d567e36ab=1465062552,1465062557


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:49:20 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 04 Jun 2016 17:49:20 GMT
4c5..<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
 "hXXp://VVV.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">..<ht
ml xmlns="hXXp://VVV.w3.org/1999/xhtml">..<head>..<meta ht
tp-equiv="Content-Type" content="text/html; charset=utf-8" />..<
title>YY............ [email protected]...</title>..<
;meta name="keywords" content=".......................................
...............YY............"/>..<meta name="description" conte
nt="YY...............YY...........................K...................
.............................YY...YY..................................
......................................................................
................K......m.yy.com" />..<link type="text/css" rel="
stylesheet" href="hXXp://m.yy.com/css/public.css" />..<link type
="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/star.css" />
..<link type="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/
album.css" />..<link type="text/css" rel="stylesheet" href="http
://m.yy.com/css/uiwidget-popup.css" />..<link type="text/css" re
l="stylesheet" href="hXXp://m.yy.com/css/uiwidget-pagebar.css" />..
<link type="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/ui
widget-messagebox.css"/>..<link type="text/css"..1000.. rel="sty
lesheet" href="hXXp://m.yy.com/css/zone-index-pagebar.css"/>..<l
ink type="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/jplayer
.blue.monday.css"/>..<link type="text/css" rel="stylesheet" 
<<< skipped >>>

GET /zone/1391682584 HTTP/1.1


Referer: hXXp://m.yy.com/zone/1391682584
Accept: */*
Accept-Language: zh-cn
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1; 125LA; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)
Host: m.yy.com
Cache-Control: no-cache
Cookie: Hm_lpvt_c493393610cdccbddc1f124d567e36ab=1465062572; hiido_ui=0.20794194939660737; Hm_lvt_c493393610cdccbddc1f124d567e36ab=1465062552,1465062557


HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Sat, 04 Jun 2016 17:49:27 GMT
Content-Type: text/html
Content-Length: 154
Connection: keep-alive
Location: hXXp://m.yy.com/zone/1391682584/
<html>..<head><title>302 Found</title></hea
d>..<body bgcolor="white">..<center><h1>302 Found
</h1></center>..<hr><center>nginx</center&g
t;..</body>..</html>......


GET /zone/1391682584/ HTTP/1.1


Referer: hXXp://m.yy.com/zone/1391682584
Accept: */*
Accept-Language: zh-cn
Connection: Keep-Alive
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1; 125LA; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)
Host: m.yy.com
Cache-Control: no-cache
Cookie: Hm_lpvt_c493393610cdccbddc1f124d567e36ab=1465062572; hiido_ui=0.20794194939660737; Hm_lvt_c493393610cdccbddc1f124d567e36ab=1465062552,1465062557


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:49:28 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 04 Jun 2016 17:49:28 GMT
4c5..<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
 "hXXp://VVV.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">..<ht
ml xmlns="hXXp://VVV.w3.org/1999/xhtml">..<head>..<meta ht
tp-equiv="Content-Type" content="text/html; charset=utf-8" />..<
title>YY............ [email protected]...</title>..<
;meta name="keywords" content=".......................................
...............YY............"/>..<meta name="description" conte
nt="YY...............YY...........................K...................
.............................YY...YY..................................
......................................................................
................K......m.yy.com" />..<link type="text/css" rel="
stylesheet" href="hXXp://m.yy.com/css/public.css" />..<link type
="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/star.css" />
..<link type="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/
album.css" />..<link type="text/css" rel="stylesheet" href="http
://m.yy.com/css/uiwidget-popup.css" />..<link type="text/css" re
l="stylesheet" href="hXXp://m.yy.com/css/uiwidget-pagebar.css" />..
<link type="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/ui
widget-messagebox.css"/>..<link type="text/css"..1000.. rel="sty
lesheet" href="hXXp://m.yy.com/css/zone-index-pagebar.css"/>..<l
ink type="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/jplayer
.blue.monday.css"/>..<link type="text/css" rel="stylesheet" 
<<< skipped >>>

GET /zone/1391682584 HTTP/1.1


Referer: hXXp://m.yy.com/zone/1391682584
Accept: */*
Accept-Language: zh-cn
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1; 125LA; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)
Host: m.yy.com
Cache-Control: no-cache
Cookie: Hm_lpvt_c493393610cdccbddc1f124d567e36ab=1465062580; hiido_ui=0.20794194939660737; Hm_lvt_c493393610cdccbddc1f124d567e36ab=1465062552,1465062557


HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Sat, 04 Jun 2016 17:49:35 GMT
Content-Type: text/html
Content-Length: 154
Connection: keep-alive
Location: hXXp://m.yy.com/zone/1391682584/
<html>..<head><title>302 Found</title></hea
d>..<body bgcolor="white">..<center><h1>302 Found
</h1></center>..<hr><center>nginx</center&g
t;..</body>..</html>......


GET /zone/1391682584/ HTTP/1.1


Referer: hXXp://m.yy.com/zone/1391682584
Accept: */*
Accept-Language: zh-cn
Connection: Keep-Alive
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1; 125LA; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)
Host: m.yy.com
Cache-Control: no-cache
Cookie: Hm_lpvt_c493393610cdccbddc1f124d567e36ab=1465062580; hiido_ui=0.20794194939660737; Hm_lvt_c493393610cdccbddc1f124d567e36ab=1465062552,1465062557


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:49:36 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 04 Jun 2016 17:49:36 GMT
4c5..<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
 "hXXp://VVV.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">..<ht
ml xmlns="hXXp://VVV.w3.org/1999/xhtml">..<head>..<meta ht
tp-equiv="Content-Type" content="text/html; charset=utf-8" />..<
title>YY............ [email protected]...</title>..<
;meta name="keywords" content=".......................................
...............YY............"/>..<meta name="description" conte
nt="YY...............YY...........................K...................
.............................YY...YY..................................
......................................................................
................K......m.yy.com" />..<link type="text/css" rel="
stylesheet" href="hXXp://m.yy.com/css/public.css" />..<link type
="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/star.css" />
..<link type="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/
album.css" />..<link type="text/css" rel="stylesheet" href="http
://m.yy.com/css/uiwidget-popup.css" />..<link type="text/css" re
l="stylesheet" href="hXXp://m.yy.com/css/uiwidget-pagebar.css" />..
<link type="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/ui
widget-messagebox.css"/>..<link type="text/css"..1000.. rel="sty
lesheet" href="hXXp://m.yy.com/css/zone-index-pagebar.css"/>..<l
ink type="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/jplayer
.blue.monday.css"/>..<link type="text/css" rel="stylesheet" 
<<< skipped >>>

GET /zone/1391682584 HTTP/1.1


Referer: hXXp://m.yy.com/zone/1391682584
Accept: */*
Accept-Language: zh-cn
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1; 125LA; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)
Host: m.yy.com
Cache-Control: no-cache
Cookie: Hm_lpvt_c493393610cdccbddc1f124d567e36ab=1465062589; hiido_ui=0.20794194939660737; Hm_lvt_c493393610cdccbddc1f124d567e36ab=1465062552,1465062557


HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Sat, 04 Jun 2016 17:49:43 GMT
Content-Type: text/html
Content-Length: 154
Connection: keep-alive
Location: hXXp://m.yy.com/zone/1391682584/
<html>..<head><title>302 Found</title></hea
d>..<body bgcolor="white">..<center><h1>302 Found
</h1></center>..<hr><center>nginx</center&g
t;..</body>..</html>......


GET /zone/1391682584/ HTTP/1.1


Referer: hXXp://m.yy.com/zone/1391682584
Accept: */*
Accept-Language: zh-cn
Connection: Keep-Alive
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1; 125LA; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)
Host: m.yy.com
Cache-Control: no-cache
Cookie: Hm_lpvt_c493393610cdccbddc1f124d567e36ab=1465062589; hiido_ui=0.20794194939660737; Hm_lvt_c493393610cdccbddc1f124d567e36ab=1465062552,1465062557


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:49:44 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 04 Jun 2016 17:49:44 GMT
4c5..<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
 "hXXp://VVV.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">..<ht
ml xmlns="hXXp://VVV.w3.org/1999/xhtml">..<head>..<meta ht
tp-equiv="Content-Type" content="text/html; charset=utf-8" />..<
title>YY............ [email protected]...</title>..<
;meta name="keywords" content=".......................................
...............YY............"/>..<meta name="description" conte
nt="YY...............YY...........................K...................
.............................YY...YY..................................
......................................................................
................K......m.yy.com" />..<link type="text/css" rel="
stylesheet" href="hXXp://m.yy.com/css/public.css" />..<link type
="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/star.css" />
..<link type="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/
album.css" />..<link type="text/css" rel="stylesheet" href="http
://m.yy.com/css/uiwidget-popup.css" />..<link type="text/css" re
l="stylesheet" href="hXXp://m.yy.com/css/uiwidget-pagebar.css" />..
<link type="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/ui
widget-messagebox.css"/>..<link type="text/css"..1000.. rel="sty
lesheet" href="hXXp://m.yy.com/css/zone-index-pagebar.css"/>..<l
ink type="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/jplayer
.blue.monday.css"/>..<link type="text/css" rel="stylesheet" 
<<< skipped >>>

GET /zone/1391682584 HTTP/1.1


Referer: hXXp://m.yy.com/zone/1391682584
Accept: */*
Accept-Language: zh-cn
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1; 125LA; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)
Host: m.yy.com
Cache-Control: no-cache
Cookie: Hm_lpvt_c493393610cdccbddc1f124d567e36ab=1465062597; hiido_ui=0.20794194939660737; Hm_lvt_c493393610cdccbddc1f124d567e36ab=1465062552,1465062557


HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Sat, 04 Jun 2016 17:49:51 GMT
Content-Type: text/html
Content-Length: 154
Connection: keep-alive
Location: hXXp://m.yy.com/zone/1391682584/
<html>..<head><title>302 Found</title></hea
d>..<body bgcolor="white">..<center><h1>302 Found
</h1></center>..<hr><center>nginx</center&g
t;..</body>..</html>......


GET /zone/1391682584/ HTTP/1.1


Referer: hXXp://m.yy.com/zone/1391682584
Accept: */*
Accept-Language: zh-cn
Connection: Keep-Alive
User-Agent: Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1; 125LA; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)
Host: m.yy.com
Cache-Control: no-cache
Cookie: Hm_lpvt_c493393610cdccbddc1f124d567e36ab=1465062597; hiido_ui=0.20794194939660737; Hm_lvt_c493393610cdccbddc1f124d567e36ab=1465062552,1465062557


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:49:52 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 04 Jun 2016 17:49:52 GMT
4c5..<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
 "hXXp://VVV.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">..<ht
ml xmlns="hXXp://VVV.w3.org/1999/xhtml">..<head>..<meta ht
tp-equiv="Content-Type" content="text/html; charset=utf-8" />..<
title>YY............ [email protected]...</title>..<
;meta name="keywords" content=".......................................
...............YY............"/>..<meta name="description" conte
nt="YY...............YY...........................K...................
.............................YY...YY..................................
......................................................................
................K......m.yy.com" />..<link type="text/css" rel="
stylesheet" href="hXXp://m.yy.com/css/public.css" />..<link type
="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/star.css" />
..<link type="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/
album.css" />..<link type="text/css" rel="stylesheet" href="http
://m.yy.com/css/uiwidget-popup.css" />..<link type="text/css" re
l="stylesheet" href="hXXp://m.yy.com/css/uiwidget-pagebar.css" />..
<link type="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/ui
widget-messagebox.css"/>..<link type="text/css"..1000.. rel="sty
lesheet" href="hXXp://m.yy.com/css/zone-index-pagebar.css"/>..<l
ink type="text/css" rel="stylesheet" href="hXXp://m.yy.com/css/jplayer
.blue.monday.css"/>..<link type="text/css" rel="stylesheet" 
<<< skipped >>>


GET /crossdomain.xml HTTP/1.1
Accept: */*
Accept-Language: en-US
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: stat2.web.yy.com
Connection: Keep-Alive
Cookie: Hm_lpvt_c493393610cdccbddc1f124d567e36ab=1465062565; hiido_ui=0.20794194939660737; Hm_lvt_c493393610cdccbddc1f124d567e36ab=1465062552,1465062557


HTTP/1.1 200 OK
Server: nginx/1.0.10
Date: Sat, 04 Jun 2016 17:49:22 GMT
Content-Type: text/xml
Content-Length: 260
Last-Modified: Wed, 30 Oct 2013 13:23:21 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS
Accept-Ranges: bytes
...<?xml version="1.0"?>.<cross-domain-policy>..<site-c
ontrol permitted-cross-domain-policies="all"/>..<allow-http-requ
est-headers-from domain="*" headers="*" secure="false"/>..<allow
-access-from domain="*" secure="false" to-ports="*" />.</cross-d
omain-policy>HTTP/1.1 200 OK..Server: nginx/1.0.10..Date: Sat, 04 J
un 2016 17:49:22 GMT..Content-Type: text/xml..Content-Length: 260..Las
t-Modified: Wed, 30 Oct 2013 13:23:21 GMT..Connection: keep-alive..Acc
ess-Control-Allow-Origin: *..Access-Control-Allow-Headers: X-Requested
-With..Access-Control-Allow-Methods: GET,POST,OPTIONS..Accept-Ranges: 
bytes.....<?xml version="1.0"?>.<cross-domain-policy>..<
;site-control permitted-cross-domain-policies="all"/>..<allow-ht
tp-request-headers-from domain="*" headers="*" secure="false"/>..&l
t;allow-access-from domain="*" secure="false" to-ports="*" />.</
cross-domain-policy>....


GET /c.gif?act=webyysceneload&rel=yycomscene&ver=1.19&ref=http://VVV.yy.com/136724&tlt=0&took=1844&ip=194.242.96.218&time=1465062576505&wyy=cc515ea9f79d46d0a143e95390998e1b&sid=72578111&sidsub=72578111 HTTP/1.1


Accept: */*
Accept-Language: en-US
Referer: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=72578111&subSid=72578111&newtuna=1&referer=http:/%2
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: stat2.web.yy.com
Connection: Keep-Alive
Cookie: Hm_lpvt_c493393610cdccbddc1f124d567e36ab=1465062572; hiido_ui=0.20794194939660737; Hm_lvt_c493393610cdccbddc1f124d567e36ab=1465062552,1465062557


HTTP/1.1 200 OK
Server: nginx/1.0.10
Date: Sat, 04 Jun 2016 17:49:27 GMT
Content-Type: image/gif
Content-Length: 35
Last-Modified: Mon, 16 Nov 2015 11:04:22 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS
Accept-Ranges: bytes
GIF89a.............,...........D..;HTTP/1.1 200 OK..Server: nginx/1.0.
10..Date: Sat, 04 Jun 2016 17:49:27 GMT..Content-Type: image/gif..Cont
ent-Length: 35..Last-Modified: Mon, 16 Nov 2015 11:04:22 GMT..Connecti
on: keep-alive..Access-Control-Allow-Origin: *..Access-Control-Allow-H
eaders: X-Requested-With..Access-Control-Allow-Methods: GET,POST,OPTIO
NS..Accept-Ranges: bytes..GIF89a.............,...........D..;..
..


GET /c.gif?act=webyylogin&uid=2105266317&rel=yycomscene&ver=1.19&ref=http://VVV.yy.com/136724&took=4047&pp=null:0&ip=194.242.96.218&time=1465062578599&wyy=cc515ea9f79d46d0a143e95390998e1b&sid=72578111&sidsub=72578111&hiido_ui=0.20794194939660737 HTTP/1.1


Accept: */*
Accept-Language: en-US
Referer: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=72578111&subSid=72578111&newtuna=1&referer=http:/%2
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: stat2.web.yy.com
Connection: Keep-Alive
Cookie: Hm_lpvt_c493393610cdccbddc1f124d567e36ab=1465062572; hiido_ui=0.20794194939660737; Hm_lvt_c493393610cdccbddc1f124d567e36ab=1465062552,1465062557


HTTP/1.1 200 OK
Server: nginx/1.0.10
Date: Sat, 04 Jun 2016 17:49:29 GMT
Content-Type: image/gif
Content-Length: 35
Last-Modified: Mon, 16 Nov 2015 11:04:22 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS
Accept-Ranges: bytes
GIF89a.............,...........D..;..



GET /j.gif?act=webevent&eventid=10008953&value=1&sys=3&uid=0&ui=0.20794194939660737&act_type=201&source=0_0&time=1465062558&username= HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=72578111&subSid=72578111&newtuna=1&referer=http://VVV.yy.com/136724 HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Connection: Keep-Alive
Host: c2.web.yystatic.com


HTTP/1.1 200 OK
Content-Length: 40045
Content-Type: application/x-shockwave-flash;charset=UTF-8
Last-Modified: Sat,05-Dec-15 05:49:05 GMT
Via: 1.1 db80:82 (Cdn Cache Server V2.0)
Connection: close
CWS.....x..<.<.[...a.2......R...`0v...i.....4..E"-*..=-.]....m..
...E{........wo.~.5gy.9.y....~)8.#.Nk7.g....!.p8..g*N8w._.~M%..."..O..
2V..p.o"...t.....p.......pj.q._.....}<..8%%....j....x....'..5.D"...
..=-..uP#ihkk....... ..5.....>EC[.......$J...f...Ff................
.u........(..).(..(...3...U.....a.T.D5...2.u..) ....x...RGIY.O...uU...
............./Dl.........h.d.90..L..gn..MD....)..........0....#.Rg...f
G..^.v..s!.q.._wp.*.BGE...c.]...?...cCi....).K$..'.....5J...-..]...2..
u........S3...t...,.|....(.k.)-....Q..2...a<.!.....>.t..._....j.
j....N7.t=...L.5q....S...;......(..._2.}\..e...zF...1v.O\..&81.We.]>
;.|_X.l^.;M?..}...g..t..Nu...[O....5nj{...;.pc.;.8 ?.Z..i....l.^a._T.\
.|.Z..}v.;......w.."N3j....I.8.....ls.lqqq..~....@.#....X...>S<.
.k....".C&...9..3=N...3....2J?!.hP;...Xd.ep.S*%m......E8........m.x9.v
.. u..v.F.Z.m....{......0.9mm.%..cF.|.T0r...Q.W............*....x..x..
yv..2....44G..e..f.}\S.u..F..q.;<..@ .G....{.A:.!........|....r-.m]
36..s.7...,l.,..{X\.[..BUB..J..........7....._..A......C..3.o..1......
...m..,.|i.......l.....\..[....OD...7?.Yg...<........*?..)K..qVih..
C...U'.......=..l.......K.....3...hr..I.]h..D."...T..|.....&..pk*.S?*.
.9u............[..F..".....NO.e..?.o.R}9...A..A>-'ge&.d^...j...G.UV
?....Yg.i.....[........[...G.E..v.V.........S'...~qN.._.=..u7....k[p..
..=.6[..d..A..H@N.".Lb.......A...hS..1....6q9../....f....gdoM...^.1W.x
XP................. .UR.]15.vbf..;{wM.G:y.......k.....Um....0g...._8..
...sg....U..H.-....s//,.;.Z.....6T]......W..../.z.6Mm....|.......F
<<< skipped >>>


GET /r/sc/yycomscene/defaultScene/1/76/liveBaseSceneConfig.xml HTTP/1.1
Accept: */*
Accept-Language: en-US
Referer: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=86415000&subSid=86415000&newtuna=1&referer=http:/%2
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: c2.web.yystatic.com
Connection: Keep-Alive
Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b; hiido_ui=0.57246662237330648


HTTP/1.1 200 OK
Content-Length: 918
Content-Type: text/xml;charset=UTF-8
Last-Modified: Sat,05-Dec-15 05:49:18 GMT
Via: 1.1 db79:5011 (Cdn Cache Server V2.0)
Connection: close
...<?xml version="1.0" encoding="utf-8" ?>..<data>...<!
-- ...........................  -->...<isStartCache>true</
isStartCache>......<scene>....<version>liveBaseScene1.0
.0.1</version>....<layers>.....<layer name="layer0" /&g
t;.....<layer name="layer1" />.....<layer name="layer2" />
.....<layer name="layer4" />....</layers>...</scene>
......<modules>....<module type="scene" name="liveCard" value
="liveCard.swf">.....<addChild>......<module name="liveCar
d" container="scene" layer="layer0" />.....</addChild>...<
/module>...<module type="scene" name="danmaku" value="danmaku.sw
f">....<addChild>.....<module name="danmaku"  container="s
cene" layer="layer1" ></module>....</addChild>...</m
odule>...<!-- ......... -->....<module type="scene" name="
controlBar" value="controlBar.swf">.....<addChild>......<m
odule name="controlBar"  container="scene" layer="layer4" ></mod
ule>.....</addChild>....</module>...</modules>..&
lt;/data>..



GET /j.gif?act=webevent&eventid=10008953&value=1&sys=3&uid=0&ui=0.20794194939660737&act_type=201&source=0_0&time=1465062587&username= HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /lgn/js/oauth/udbsdk/pcweb/udb.sdk.pcweb.embed.min.js HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: res.udb.duowan.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:49:00 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 25 May 2016 06:20:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 04 Jun 2016 17:59:00 GMT
Cache-Control: max-age=600
Content-Encoding: gzip
10a5.............:]o.Jv.E............#8.S...S..........E.*I......X`...
b........b......9.AR_I....E"..9s....n.../.,.....[....,..C\7.|.0{.ge.g.
.......&..}.E.(.....I.....0.]!...8.e...B...HK..N.[...BX.&../....... ..
.])..'.......d.....H4`..,b#...q...v..(gy.....o.....s1M./.....X.K..s]..
....M...%G..P...{....E...`..."Ng..8-.b..P..J>....oo[. ..e.p.=.....4
......U........v(.......`a.%,rc..)u...9......^....'O.X\..n_..s.<...
pRo.Y.X..l.^.:.H.....>..c.D... .X.6..."7.A(8...{.-...F.....,. .Z.l.
..T....,ly.........8S....H}.h......%.9l.T..Z.5P...E.e3B.F_..y...j..}8{
............N..?^..;. t.z.....T.eg......".......J|.c..N...D<*.....O
......h5l?m.?.....?............=..9....^wa.g.{.........V....D4T..r..m.
<.y\.?8:?;.yn......q:WV<.Am.0|t.....r.&..........o..8...'x|..'.9
s.....L....g.....\...........?<H...8t.U."C6q.....9a)x..eb'"..Q?m.i.
Z...2..........>.kg8..$.....?..N....S.^.1_..kv/.`[email protected]....
d...j.... ..e.p....1.Q N[...>z.........[G............7..tV.,.&.i{.!
.-.F...5.....p.......DT.5.b.B5.5...tu..m...`...H....._{..x. ..... ...Q
..8. j....{..id...2.6.p.g.8.nh_gqj.>...-..}.n#....W.W..'C...\]=...W
...=....T.Q..A.. &..K..aA......5.7....1.;..Y.&.....:........Z..N..8J..
...|n.qT........v.}.~.`h.c..$N...V.|.........?>.._>..o?.......@.
.PQ:.9.Z.......I3`....pK.9../v.d...&vzb.....4..!..|.T....x..p.....V...
\PT......<.s.......M.*(..p~|...\P.... 1...o...b.R..b..16/..../$....
.a.#..q/.D,..&$.!...&<.G\u..0...f.y.)..........H*...~.UV:[email protected]...
.W.X.|D........E.!.?2.....X...`b......6.q#s.o..Y..fh..2I.5.....`."
<<< skipped >>>

GET /lgn/js/oauth/udbsdk/udb.sdk.getmm.min.js HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: res.udb.duowan.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:49:01 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 25 May 2016 06:20:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 04 Jun 2016 17:59:01 GMT
Cache-Control: max-age=600
Content-Encoding: gzip
571.............V...6..*..%R,|6`0...#.6.I.6...0$#.2...b...A?{..>`z.
....K.Z.}.}.}.m.Q.i.9yl.-..2Yl...`.}.)W#.,......S...:......X...5m...8.
.............D...s,/...g-.n.......3}...f_..h.:.!.=s8.!.<-...5 &.`E.
F.9...4f....G V.>.........t.B...h."....6..\Q..>..S1....c%_...%..
.[|,....~=..T'V._0.{x.}j.....4.P&Z.#ZB.*qN.."H...!............(>MJ.
.K)....tM.....g....3r..S.......1n..*.....6.S.-..8mw.?Z..Gw<h.....vt
...... .....u....,h....*..n...64Ls.1G..hh....W..R...F.hs..3.j.0.L...v.
Q.G.....>.W....... n...p&.n.9..G...pj...Lt.^....5..O..\...3w .c...g
...7.v.W.-.mC.U...7$.r..9.)..n.o.....v...5....#\.!..P....I...V(.9....$
.]L&.K...p..m. ..D...O..u......6i3F..E..#..T.2....".i4...p...NtD....H.
E.2H..N.i..,?.[.Y..M.5.:.%..|h...$.R..A,1........M.!.^GAE..KG.R.d.....
.Sm......o.%/.L...~..y..n..V.....(P.....M.H.... ....Kr.....y<.(.-@.
.m.n4i....B.q[!..........yp.37..X&.*2....dia........7x.2.q..n.m..=....
-|h.W}.,..8=.~.0O......$.w...{[email protected],.h...M..m.ny...6...3....
......Y5ML...R.....G...y.8X(.(/.E......:........P.0.R8..]1Aj..4p[...^.
,1..y%Q...<.....Y.. ..R.../.W..5R..8 ...h.MA.....!.....Z.a......V.0
U8.2^_p...Y.4..8$V)BWF.....j..g..D.....4;?d..L[...=_........W......8..
J...u...z.!..`l....F..q.........D........|{....2..#../h.X.....6;w..2.(
A.}a......3..C......<..(...:.[..,X....w.`W.}.t...p...m.=..i<a...
\..X.r/y&.'..Q..tP.......M.m..6.....=z.1..]mlh.`-A...p...w.=>7..]..
....[.C..[../.......^....O....G.....0..
<<< skipped >>>


GET /pc/js/lib/jQuery/jquery-1.11.1.min.js HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: yyweb.yystatic.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Expires: Sat, 11 Jun 2016 15:53:54 GMT
Date: Sat, 04 Jun 2016 15:53:54 GMT
Server: nginx
Content-Type: application/x-javascript
Content-Length: 96477
Last-Modified: Mon, 30 May 2016 06:42:16 GMT
ETag: "574be0c8-178dd"
Cache-Control: max-age=604800
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 zhdx182:8108 (Cdn Cache Server V2.0), 1.1 db77:4 (Cdn Cache Server V2.0)
Connection: keep-alive
!function(e,t){"object"==typeof module&&"object"==typeof module.export
s?module.exports=e.document?t(e,!0):function(e){if(!e.document)throw n
ew Error("jQuery requires a window with a document");return t(e)}:t(e)
}("undefined"!=typeof window?window:this,function(e,t){function n(e){v
ar t=e.length,n=ie.type(e);return"function"===n||ie.isWindow(e)?!1:1==
=e.nodeType&&t?!0:"array"===n||0===t||"number"==typeof t&&t>0&&t-1 
in e}function r(e,t,n){if(ie.isFunction(t))return ie.grep(e,function(e
,r){return!!t.call(e,r,e)!==n});if(t.nodeType)return ie.grep(e,functio
n(e){return e===t!==n});if("string"==typeof t){if(fe.test(t))return ie
.filter(t,e,n);t=ie.filter(t,e)}return ie.grep(e,function(e){return ie
.inArray(e,t)>=0!==n})}function i(e,t){do e=e[t];while(e&&1!==e.nod
eType);return e}function o(e){var t=xe[e]={};return ie.each(e.match(be
)||[],function(e,n){t[n]=!0}),t}function a(){he.addEventListener?(he.r
emoveEventListener("DOMContentLoaded",s,!1),e.removeEventListener("loa
d",s,!1)):(he.detachEvent("onreadystatechange",s),e.detachEvent("onloa
d",s))}function s(){(he.addEventListener||"load"===event.type||"comple
te"===he.readyState)&&(a(),ie.ready())}function l(e,t,n){if(void 0===n
&&1===e.nodeType){var r="data-" t.replace(Ee,"-$1").toLowerCase();if(n
=e.getAttribute(r),"string"==typeof n){try{n="true"===n?!0:"false"===n
?!1:"null"===n?null: n ""===n? n:Ne.test(n)?ie.parseJSON(n):n}catch(i)
{}ie.data(e,t,n)}else n=void 0}return n}function u(e){var t;for(t in e
)if(("data"!==t||!ie.isEmptyObject(e[t]))&&"toJSON"!==t)return!1;r
<<< skipped >>>

GET /pc/css/studio.css?20160603212726 HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: yyweb.yystatic.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Expires: Fri, 10 Jun 2016 15:44:21 GMT
Date: Fri, 03 Jun 2016 15:44:21 GMT
Server: nginx
Content-Type: text/css
Content-Length: 64706
Last-Modified: Fri, 03 Jun 2016 14:07:09 GMT
ETag: "57518f0d-fcc2"
Cache-Control: max-age=604800
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 fuzhou188:8104 (Cdn Cache Server V2.0), 1.1 db77:0 (Cdn Cache Server V2.0)
Connection: keep-alive
button,img{border:0}a,body a:hover{text-decoration:none}.column-hd,.co
lumn-hd .column-title a,.column-hd .column-title a:active,.column-hd .
column-title a:hover{color:#373737}.column-hd .hd-tags a,img,input,sel
ect{vertical-align:middle}html{-webkit-text-size-adjust:none}blockquot
e,body,dd,div,dl,dt,fieldset,form,h1,h2,h3,h4,h5,h6,input,li,ol,p,pre,
td,textarea,th,ul{margin:0;padding:0}a,h1,h2,h3,h4,h5,h6,p{font-size:1
00%}li,ol,ul{list-style:none}table{border-collapse:collapse;border-sty
le:none}button{padding:0;cursor:pointer}textarea{resize:vertical}a{out
line:0}.left-menu .has-layer .layer-wrap a,.left-menu .nav-column li a
{text-overflow:ellipsis;white-space:nowrap;overflow:hidden}.chat-room 
.chatroom-list .icon-noble,.column-hd .hd-tags a,.column-hd .more .mor
e-btn,.icon-people,.icon-view,.left-menu .has-layer .layer-wrap a,.lef
t-menu .icon-all,.left-menu .icon-down,.left-menu .icon-home,.left-men
u .icon-kan,.left-menu .icon-love,.left-menu .icon-special,.video-tag 
.tag-txt{display:inline-block;*display:inline;*zoom:1}.hidden{display:
none!important}.invisible{visibility:hidden}.cf,.clearfix,.column-hd,.
left-menu .nav-column ul,.video-list,.w-liveplayer-drag-endpage .w-liv
eplayer-drag-ft,.w-liveplayer-drag-endpage .w-liveplayer-drag-hd{zoom:
1}.cf:after,.clearfix:after,.column-hd:after,.left-menu .nav-column ul
:after,.video-list:after,.w-liveplayer-drag-endpage .w-liveplayer-drag
-ft:after,.w-liveplayer-drag-endpage .w-liveplayer-drag-hd:after{conte
nt:"";display:block;height:0;clear:both;visibility:hidden}body{fon
<<< skipped >>>


GET /t.gif?tanx_nid=109887427&tanx_cm&domain=yy.com&hiido_ui=0.20794194939660737&time=1465062548&zds=www@yy|&hi_cmui=yzwRC8sZVk qFEJH3ShePQ==&hi_cmuiv=0.6& HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: cms.tanx.com
Connection: Keep-Alive


HTTP/1.1 302 Found
Date: Sat, 04 Jun 2016 17:49:02 GMT
Content-Type: image/gif
Content-Length: 49
Connection: close
Server: Tengine
P3P: CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV"
Location: hXXp://log.mmstat.com/cm.gif?url=http://cms.tanx.com/t.gif?tanx_nid=109887427&tanx_cm&domain=yy.com&hiido_ui=0.20794194939660737&time=1465062548&zds=www@yy|&hi_cmui=yzwRC8sZVk+qFEJH3ShePQ==&hi_cmuiv=0.6
Timing-Allow-Origin: *
GIF89a...................!.......,...........T..;..



GET /t.gif?tanx_nid=109887427&tanx_cm&domain=yy.com&hiido_ui=0.20794194939660737&time=1465062548&zds=www@yy|&hi_cmui=buCLmnR1GIMVgMVaX93GCw==&hi_cmuiv=0.6& HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: cms.tanx.com
Connection: Keep-Alive


HTTP/1.1 302 Found
Date: Sat, 04 Jun 2016 17:49:02 GMT
Content-Type: image/gif
Content-Length: 49
Connection: close
Server: Tengine
P3P: CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV"
Location: hXXp://log.mmstat.com/cm.gif?url=http://cms.tanx.com/t.gif?tanx_nid=109887427&tanx_cm&domain=yy.com&hiido_ui=0.20794194939660737&time=1465062548&zds=www@yy|&hi_cmui=buCLmnR1GIMVgMVaX93GCw==&hi_cmuiv=0.6
Timing-Allow-Origin: *
GIF89a...................!.......,...........T..;..



GET /j.gif?act=webevent&eventid=10008953&value=1&sys=3&uid=0&ui=0.20794194939660737&sid=86415000&act_type=1&source=0_0&bak1=0_0&parm1=0&time=1465062563&username= HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /j.gif?act=webstat&ht=VVV.yy.com&siteid=www@yy&speid=&ui=0.9037752212777944&sc=1276.846&cl=32-bit&pcmb=1&os=win|xp&bs=ie6&mb=&se=&wd=&rfh=&rf=&sns=&fl=-1&ln=&ja=1&ck=1&ot=<=5625&xy=&ext=&v=v0.8.0&pl=http://VVV.yy.com/210075&hsid=0.4215254752462996&io=0&ut=1465062586536&rnd=0.90377522127779441465062586536 HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /d.gif?sed=e17f0f1299ae37ae&te=2&rl=yycomscene&td=0&ip=null&sd=86415000&sbd=86415000&ud=null&ot=1465062575&dr=0&wy=cc515ea9f79d46d0a143e95390998e1b&rf=http://VVV.yy.com/210075&sr=0&cd=0&ui=0.20794194939660737&in=null HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: dataaq.yy.com
Connection: Keep-Alive
Cookie: Hm_lpvt_c493393610cdccbddc1f124d567e36ab=1465062571; hiido_ui=0.20794194939660737; Hm_lvt_c493393610cdccbddc1f124d567e36ab=1465062552,1465062557


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:49:29 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Last-Modified: Fri, 18 Sep 2015 08:32:55 GMT
ETag: "55fbcc37-0"
Accept-Ranges: bytes
HTTP/1.1 200 OK..Server: nginx..Date: Sat, 04 Jun 2016 17:49:29 GMT..C
ontent-Type: image/gif..Content-Length: 0..Connection: keep-alive..Las
t-Modified: Fri, 18 Sep 2015 08:32:55 GMT..ETag: "55fbcc37-0"..Accept-
Ranges: bytes......



GET /cm/user?time=1465062548&domain=yy.com&zds=www@yy|&hiido_ui=0.20794194939660737 HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: cm.hiido.cn
Connection: Keep-Alive


HTTP/1.1 302 Found
Server: nginx
Date: Sat, 04 Jun 2016 17:49:00 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: hXXp://cm.hiido.cn/cm/user?hi_tc=1&domain=yy.com&hiido_ui=0.20794194939660737&time=1465062548&zds=www@yy|&
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Set-Cookie: cm_ui="65DBs 3JB2kpD2Nym7LNBQ==|0.6"; Expires=Thu, 01 Dec 2016 17:49:00 GMT; Path=/
....


GET /cm/user?hi_tc=1&domain=yy.com&hiido_ui=0.20794194939660737&time=1465062548&zds=www@yy|& HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: cm.hiido.cn
Connection: Keep-Alive
Cookie: cm_ui="buCLmnR1GIMVgMVaX93GCw==|0.6"


HTTP/1.1 302 Found
Server: nginx
Date: Sat, 04 Jun 2016 17:49:00 GMT
Content-Type: text/plain; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Location: hXXp://cms.tanx.com/t.gif?tanx_nid=109887427&tanx_cm&domain=yy.com&hiido_ui=0.20794194939660737&time=1465062548&zds=www@yy|&hi_cmui=buCLmnR1GIMVgMVaX93GCw==&hi_cmuiv=0.6&
HTTP/1.1 302 Found..Server: nginx..Date: Sat, 04 Jun 2016 17:49:00 GMT
..Content-Type: text/plain; charset=UTF-8..Content-Length: 0..Connecti
on: keep-alive..Location: hXXp://cms.tanx.com/t.gif?tanx_nid=109887427
&tanx_cm&domain=yy.com&hiido_ui=0.20794194939660737&time=1465062548&zd
s=www@yy|&hi_cmui=buCLmnR1GIMVgMVaX93GCw==&hi_cmuiv=0.6&......


GET /cm/adx/tanx?tanx_ver=1&domain=yy.com&hiido_ui=0.20794194939660737&time=1465062548&zds=www@yy|&hi_cmui=buCLmnR1GIMVgMVaX93GCw==&hi_cmuiv=0.6&tanx_tid=zSgTVhBnj3I= HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: cm.hiido.cn
Connection: Keep-Alive
Cookie: cm_ui="yzwRC8sZVk qFEJH3ShePQ==|0.6"


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:49:05 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Set-Cookie: cm_mapping=tanx|0|1465066145; Expires=Thu, 01 Dec 2016 17:49:05 GMT; Path=/
GIF89a.............!.......,...........L..;HTTP/1.1 200 OK..Server: ng
inx..Date: Sat, 04 Jun 2016 17:49:05 GMT..Content-Type: image/gif..Con
tent-Length: 43..Connection: keep-alive..P3P: CP="CURa ADMa DEVa PSAo 
PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"..Set-Coo
kie: cm_mapping=tanx|0|1465066145; Expires=Thu, 01 Dec 2016 17:49:05 G
MT; Path=/..GIF89a.............!.......,...........L..;....


GET /cm/user?time=1465062557&domain=yy.com&zds=www@yy|&hiido_ui=0.20794194939660737 HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: cm.hiido.cn
Connection: Keep-Alive
Cookie: cm_ui="yzwRC8sZVk qFEJH3ShePQ==|0.6"; cm_mapping=tanx|0|1465066145


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:49:08 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
GIF89a.............!.......,...........L..;HTTP/1.1 200 OK..Server: ng
inx..Date: Sat, 04 Jun 2016 17:49:08 GMT..Content-Type: image/gif..Con
tent-Length: 43..Connection: keep-alive..GIF89a.............!.......,.
..........L..;....


GET /cm/user?time=1465062571&domain=yy.com&zds=www@yy|&hiido_ui=0.20794194939660737 HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: cm.hiido.cn
Connection: Keep-Alive
Cookie: cm_ui="yzwRC8sZVk qFEJH3ShePQ==|0.6"; cm_mapping=tanx|0|1465066145


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:49:22 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
GIF89a.............!.......,...........L..;HTTP/1.1 200 OK..Server: ng
inx..Date: Sat, 04 Jun 2016 17:49:22 GMT..Content-Type: image/gif..Con
tent-Length: 43..Connection: keep-alive..GIF89a.............!.......,.
..........L..;....


GET /cm/user?time=1465062588&domain=yy.com&zds=www@yy|&hiido_ui=0.20794194939660737 HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: cm.hiido.cn
Connection: Keep-Alive
Cookie: cm_ui="yzwRC8sZVk qFEJH3ShePQ==|0.6"; cm_mapping=tanx|0|1465066145


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:49:38 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
GIF89a.............!.......,...........L..;HTTP/1.1 200 OK..Server: ng
inx..Date: Sat, 04 Jun 2016 17:49:38 GMT..Content-Type: image/gif..Con
tent-Length: 43..Connection: keep-alive..GIF89a.............!.......,.
..........L..;..



GET /d.gif?sed=88cb609a6797cf75&te=2&rl=yycomscene&td=0&ip=null&sd=72578111&sbd=72578111&ud=null&ot=1465062595&dr=0&wy=cc515ea9f79d46d0a143e95390998e1b&rf=http://VVV.yy.com/136724&sr=0&cd=0&ui=0.20794194939660737&in=null HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: dataaq.yy.com
Connection: Keep-Alive
Cookie: Hm_lpvt_c493393610cdccbddc1f124d567e36ab=1465062589; hiido_ui=0.20794194939660737; Hm_lvt_c493393610cdccbddc1f124d567e36ab=1465062552,1465062557


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:49:46 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Last-Modified: Fri, 18 Sep 2015 08:32:55 GMT
ETag: "55fbcc37-0"
Accept-Ranges: bytes
HTTP/1.1 200 OK..Server: nginx..Date: Sat, 04 Jun 2016 17:49:46 GMT..C
ontent-Type: image/gif..Content-Length: 0..Connection: keep-alive..Las
t-Modified: Fri, 18 Sep 2015 08:32:55 GMT..ETag: "55fbcc37-0"..Accept-
Ranges: bytes......



GET /t.gif?tanx_nid=109887427&tanx_cm&domain=yy.com&hiido_ui=0.20794194939660737&time=1465062548&zds=www@yy|&hi_cmui=buCLmnR1GIMVgMVaX93GCw==&hi_cmuiv=0.6&cna=kALaD6m0UlUCAcLyYNpLlIs0 HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: cms.tanx.com
Connection: Keep-Alive


HTTP/1.1 302 Found
Date: Sat, 04 Jun 2016 17:49:04 GMT
Content-Type: image/gif
Content-Length: 49
Connection: close
Server: Tengine
P3P: CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV"
Set-Cookie: cna=kALaD6m0UlUCAcLyYNpLlIs0; expires=Tue, 02-Jun-26 17:49:04 GMT; path=/; domain=tanx.com
Location: hXXp://cm.hiido.cn/cm/adx/tanx?tanx_ver=1&domain=yy.com&hiido_ui=0.20794194939660737&time=1465062548&zds=www@yy|&hi_cmui=buCLmnR1GIMVgMVaX93GCw==&hi_cmuiv=0.6&tanx_tid=zSgTVhBnj3I=
Timing-Allow-Origin: *
GIF89a...................!.......,...........T..;..



GET /YzczODkwMjMtNmJmZi00ZjBiLTk0NDYtNTcyNGVlOWYxODQ4.jpg HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: emyfs.bs2cdn.yy.com
Connection: Keep-Alive
Cookie: hiido_ui=0.20794194939660737; Hm_lvt_c493393610cdccbddc1f124d567e36ab=1465062552; Hm_lpvt_c493393610cdccbddc1f124d567e36ab=1465062552


HTTP/1.1 200 OK
Expires: Sun, 05 Jun 2016 16:15:51 GMT
Date: Sat, 04 Jun 2016 16:15:51 GMT
Server: openresty
Content-Type: image/jpeg
Content-Length: 62767
Accept-Ranges: bytes
Last-Modified: Tue, 19 Apr 2016 09:19:31 GMT
ETag: "79448577941aa8a068da80716d30e17d61051a96"
Cache-Control: public,max-age=86400
Age: 1
X-Via: 1.1 db77:8 (Cdn Cache Server V2.0)
Connection: keep-alive
......Exif..II*.................Ducky.......Z......hXXp://ns.adobe.com
/xap/1.0/.<?xpacket begin="..." id="W5M0MpCehiHzreSzNTczkc9d"?> 
<x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.5-c01
4 79.151481, 2013/03/13-12:09:15        "> <rdf:RDF xmlns:rdf="h
ttp://VVV.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rd
f:about="" xmlns:xmpRights="hXXp://ns.adobe.com/xap/1.0/rights/" xmlns
:xmpMM="hXXp://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="hXXp://ns.adobe.
com/xap/1.0/sType/ResourceRef#" xmlns:xmp="hXXp://ns.adobe.com/xap/1.0
/" xmpRights:Marked="False" xmpMM:OriginalDocumentID="xmp.did:73a0ec4f
-b6a0-ec47-b5f6-3aa2d612ddc5" xmpMM:DocumentID="xmp.did:2B5BA61702EA11
E68830CB1C36B9A401" xmpMM:InstanceID="xmp.iid:2B5BA61602EA11E68830CB1C
36B9A401" xmp:CreatorTool="Adobe Photoshop CC (Windows)"> <xmpMM
:DerivedFrom stRef:instanceID="xmp.iid:da97c501-e0a6-7b4b-89dd-c94816d
b36be" stRef:documentID="xmp.did:73a0ec4f-b6a0-ec47-b5f6-3aa2d612ddc5"
/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <
;?xpacket end="r"?>...HPhotoshop 3.0.8BIM..........Z...%G........8B
IM.%.............x/4b4.Xw.....Adobe.d.................................
......................................................................
..........................................B.b.........................
...................................................................!..
.1.AQ".a2..q...B#.....R34...b5.rCS$6.7...sd..c%..DEe'.89..............
.......!.1A..Qa..q."......2..B.Rr..b#.34....C.5...6.$.............
<<< skipped >>>

GET /NmRhYmZjOTAtYWFiOC00ZDAyLWFhOTUtMmIwNDI3OTk0YTgz.jpg HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: emyfs.bs2cdn.yy.com
Connection: Keep-Alive
Cookie: hiido_ui=0.20794194939660737; Hm_lvt_c493393610cdccbddc1f124d567e36ab=1465062552; Hm_lpvt_c493393610cdccbddc1f124d567e36ab=1465062552


HTTP/1.1 200 OK
Expires: Sun, 05 Jun 2016 14:49:19 GMT
Date: Sat, 04 Jun 2016 14:49:19 GMT
Server: openresty
Content-Type: image/jpeg
Content-Length: 85678
Accept-Ranges: bytes
Last-Modified: Tue, 19 Apr 2016 09:20:04 GMT
ETag: "5c28b2e3e3ca7beafe45545b51a255f798139ca9"
Cache-Control: public,max-age=86400
Age: 1
X-Via: 1.1 fshx152:8103 (Cdn Cache Server V2.0), 1.1 jfzh181:8105 (Cdn Cache Server V2.0), 1.1 db78:9 (Cdn Cache Server V2.0)
Connection: keep-alive
......Exif..II*.................Ducky.......d.....bhXXp://ns.adobe.com
/xap/1.0/.<?xpacket begin="..." id="W5M0MpCehiHzreSzNTczkc9d"?> 
<x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 5.3-c01
1 66.145661, 2012/02/06-14:56:27        "> <rdf:RDF xmlns:rdf="h
ttp://VVV.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rd
f:about="" xmlns:xmpMM="hXXp://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="
hXXp://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="hXXp://ns.a
dobe.com/xap/1.0/" xmpMM:OriginalDocumentID="824160A8BF99185141ACE4BC7
12D5689" xmpMM:DocumentID="xmp.did:AE4DC50D02EB11E69490DD65A7DCDCB9" x
mpMM:InstanceID="xmp.iid:AE4DC50C02EB11E69490DD65A7DCDCB9" xmp:Creator
Tool="Adobe Photoshop CC (Windows)"> <xmpMM:DerivedFrom stRef:in
stanceID="xmp.iid:13a60135-3b93-a541-abc1-b6b4757e1226" stRef:document
ID="824160A8BF99185141ACE4BC712D5689"/> </rdf:Description> &l
t;/rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>...HPhotosh
op 3.0.8BIM..........Z...%G........8BIM.%.............x/4b4.Xw.....Ado
be.d..................................................................
......................................................................
.........B.b..........................................................
.................................!...1A"..Q2..aq..BR#3...b45..C$.6...r
.cd7.STUV...s.D%f....EFW8......................!1A..Qa..q."2........B.
R#3.4br...CS...cs$.DT5............?.._..|....c.!....V..c..wm....=.3Fb.
.....i...,3.KB... .V....Bc...O)C.......J^G.......o..m....o....}#%.
<<< skipped >>>

GET /NjBhMWM0YjktYTY0ZC00MDI4LThkZGUtM2RjNzI1NGU1MGQ3.jpg HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: emyfs.bs2cdn.yy.com
Connection: Keep-Alive
Cookie: hiido_ui=0.20794194939660737; Hm_lvt_c493393610cdccbddc1f124d567e36ab=1465062552; Hm_lpvt_c493393610cdccbddc1f124d567e36ab=1465062552


HTTP/1.1 200 OK
Expires: Sun, 05 Jun 2016 16:31:22 GMT
Date: Sat, 04 Jun 2016 16:31:22 GMT
Server: openresty
Content-Type: image/jpeg
Content-Length: 28374
Accept-Ranges: bytes
Last-Modified: Fri, 29 Apr 2016 10:14:09 GMT
ETag: "131f2518506cb4c50b8fe41f0cb87a5d3e24bb05"
Cache-Control: public,max-age=86400
Age: 1
X-Via: 1.1 db78:5 (Cdn Cache Server V2.0)
Connection: keep-alive
......JFIF.....`.`.....0Exif..MM.*.......1..............VVV.meitu.com.
...C..................................................................
..C...................................................................
....B.b...............................................................
}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUV
WXYZcdefghijstuvwxyz..................................................
......................................................................
......w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFG
HIJSTUVWXYZcdefghijstuvwxyz...........................................
.........................................?..g ;.H...v?1..*.g.7.M.bP...
...d..<;~t.Y....y.:d.........7.~.~t0Hw.........|...:....!?y.:......
..V......:.d?s..o...83.w..M...l}[email protected] .......&.
...../...[2..Ilp8.&.....A.Xl..._..|Y<.x.......^.X..../......b.\...\
.Y.J7.5<=`...M...\.n..J..W.>...yc*.Mu...]..|_..k..-#.D.S.. .p.u.
.F.....~&......)..{vg.K...7L~.L#.4`....J4..1..".J.......o...2Np...N UJ
.QR..{r~%..o..l..C(........{.58s. .]~&....F.nc..y,.b.2.S>.?.g*.;../
.kQ...N.5.d..b7....=Eec.......2..!....2........3...M.}.:h,..r~.~t..R.c
....N..>.....d<;..y.:......~u"...Ld;~uC..].....R.I.;[email protected]~.
~uh.V!g..7.L..r. ....\R.]..7.@Y\...Z........Q.....Z..OQG.j........'Qh.
w.........;[email protected]"......J...........aF:S@;..0..=(c$......4!.5.......
 .9.. .b`....a8_...........xz/..6........IK.?Y.MSJ..)#...S...#b@..'9..
....~U..._3.......]..(.SG...!.y0...]...y.c.5UjYh,. ....-!....B.nt.
<<< skipped >>>

GET /MTQxYmJhMjMtODRkMi00MDU2LWI4ODktYzk3MDFkNGJhNWIx.jpg HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: emyfs.bs2cdn.yy.com
Connection: Keep-Alive
Cookie: hiido_ui=0.20794194939660737; Hm_lvt_c493393610cdccbddc1f124d567e36ab=1465062552; Hm_lpvt_c493393610cdccbddc1f124d567e36ab=1465062552


HTTP/1.1 200 OK
Expires: Sun, 05 Jun 2016 07:29:33 GMT
Date: Sat, 04 Jun 2016 07:29:33 GMT
Server: openresty
Content-Type: image/jpeg
Content-Length: 13153
Accept-Ranges: bytes
Last-Modified: Fri, 29 Apr 2016 09:29:38 GMT
ETag: "f4289eb3cd933c2d6d25d8bbef5dc349a8db58e9"
Cache-Control: public,max-age=86400
Age: 1
X-Via: 1.1 db77:3 (Cdn Cache Server V2.0)
Connection: keep-alive
......JFIF...................................................%...#... 
, #&')*)..-0-(0%()(...........(...((((((((((((((((((((((((((((((((((((
((((((((((((((........@...............................................
............}........!1A..Qa."q.2....#B...R..$3br........%&'()*456789:
CDEFGHIJSTUVWXYZcdefghijstuvwxyz......................................
......................................................................
..........w.......!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:C
DEFGHIJSTUVWXYZcdefghijstuvwxyz.......................................
.............................................?......(......(......(...
.*j7>D.i...... ..VF....0..6....c.g..5....p\.......[4...:....A....sE
..1..uc.f.......lVbC/.2{c...R.cfG ..._....O.e.f.0...b.m..EX.\.....L.q.
..Qp.N......Q.....g"..tD.........U..:.2....R.h.J...(M..;<..>Q..!
.m...'.P...._"3.`.k.s&I........}...j.2.>_18..#[x.4..7gd.0.v2.......
......m..>M...R(.[.-.h./..*..7n.........h..3F`...-.}r.?.U.Ys..j...Y
i........K`..PT.G..{[email protected][email protected][email protected][email protected].
@[email protected].&.v..;..I^C.A.A.^...nM.....9.R.... ...g.?.....}N.G.../..&.n
..U.YP...'..?..z.jQT.dT.R......7.e~........b(..h....g..^.(....>..J.
......Q$...Z...\......Nch....<..l..\..9.g....,[email protected]..]].F
S.k. ...MO1g.=.s.Z.4.2mc.kp....vR{.8...s...o.......>X..H.8..P...E'.
I39.jV..<[....v q.m.b..l..d....n...v ...3&.~..;r..../.4V.^....O....
2.....b.....#...1.<.....t#.}O...O...U#..=qNT...........(......(....
..(......(......(......(.......x..\...X........B..........<MrQ.
<<< skipped >>>


GET /j.gif?act=webevent&eventid=10008953&value=1&sys=3&uid=0&ui=0.20794194939660737&act_type=201&source=0_0&time=1465062556&username= HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /d.gif?sed=2721b1f0627548b7&te=2&rl=yycomscene&td=0&ip=null&sd=72578111&sbd=72578111&ud=null&ot=1465062575&dr=0&wy=cc515ea9f79d46d0a143e95390998e1b&rf=http://VVV.yy.com/136724&sr=0&cd=0&ui=0.20794194939660737&in=null HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: dataaq.yy.com
Connection: Keep-Alive
Cookie: Hm_lpvt_c493393610cdccbddc1f124d567e36ab=1465062572; hiido_ui=0.20794194939660737; Hm_lvt_c493393610cdccbddc1f124d567e36ab=1465062552,1465062557


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:49:26 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Last-Modified: Fri, 18 Sep 2015 08:32:55 GMT
ETag: "55fbcc37-0"
Accept-Ranges: bytes
HTTP/1.1 200 OK..Server: nginx..Date: Sat, 04 Jun 2016 17:49:26 GMT..C
ontent-Type: image/gif..Content-Length: 0..Connection: keep-alive..Las
t-Modified: Fri, 18 Sep 2015 08:32:55 GMT..ETag: "55fbcc37-0"..Accept-
Ranges: bytes......


GET /g.gif?sed=302d848f8da56965&te=2&rl=yycomscene&td=0&ip=null&sd=72578111&sbd=72578111&ud=null&ot=1465062579&dr=0&wy=cc515ea9f79d46d0a143e95390998e1b&rf=http://VVV.yy.com/136724&sr=0&cd=0&ui=0.20794194939660737&in=null&lk=0&res=0_0&ra=null&hz=48&fs=0&mid=null&hid=null HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: dataaq.yy.com
Connection: Keep-Alive
Cookie: Hm_lpvt_c493393610cdccbddc1f124d567e36ab=1465062572; hiido_ui=0.20794194939660737; Hm_lvt_c493393610cdccbddc1f124d567e36ab=1465062552,1465062557


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:49:29 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Last-Modified: Tue, 02 Feb 2016 08:15:50 GMT
ETag: "56b065b6-0"
Accept-Ranges: bytes
HTTP/1.1 200 OK..Server: nginx..Date: Sat, 04 Jun 2016 17:49:29 GMT..C
ontent-Type: image/gif..Content-Length: 0..Connection: keep-alive..Las
t-Modified: Tue, 02 Feb 2016 08:15:50 GMT..ETag: "56b065b6-0"..Accept-
Ranges: bytes......



GET /1264046092_1465050091.600552.jpg?ips_thumbnail/4/0/w/363/h/330/format=jpeg HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: mobilelivephoto.bs2dl.yy.com
Connection: Keep-Alive
Cookie: hiido_ui=0.20794194939660737


HTTP/1.1 200 OK
Expires: Sun, 05 Jun 2016 16:19:33 GMT
Date: Sat, 04 Jun 2016 16:19:33 GMT
Server: openresty
Content-Type: image/jpeg
Content-Length: 13091
Accept-Ranges: bytes
Last-Modified: Sat, 04 Jun 2016 14:21:32 GMT
ETag: "27a807a39e87ab50c6ab70c603d374ed39e5c126"
Cache-Control: public,max-age=86400
Age: 1
X-Via: 1.1 fuzhou190:88 (Cdn Cache Server V2.0), 1.1 db78:10 (Cdn Cache Server V2.0)
Connection: keep-alive
......................................... $.' ",#..(7),01444.'9=82<
.342...........2!.!22222222222222222222222222222222222222222222222222.
.....@.`.."........................................................}..
......!1A..Qa."q.2....#B...R..$3br........%&'()*456789:CDEFGHIJSTUVWXY
Zcdefghijstuvwxyz.....................................................
.................................................................w....
...!1..AQ.aq."2...B.....#3R..br...$4.%.....&'()*56789:CDEFGHIJSTUVWXYZ
cdefghijstuvwxyz......................................................
..............................?..*ZAKY..E...QKH)h.h....QE...(....a4...
.Mt........~}q..N .....F..,I.g..{/......G.............W.........=.....
[email protected] ..<....Q.A..\(.L...'.:R........N..8.=....~..jh........O
N..YF....{.sCc,...*.(.s...p......#.G..i.o...y.g..)....,..g..(@>.~Q$
...T.~&.5.."...U..c.\d~..zH..b..p...S@\....#d.F.......\.....c.K..c..7,
G\.{v..f.H..E.%..W..}i6.64.h. ."...... G&I......._....u.4.3....y...5..
=....L...$=3.*FV.D._....|.t..RkX.#[x.<.y=K..j...@./Q..>....?....
.Y..v...sE...!j$.|...rz~&.H..5.n.<...By..S...c..y..5.GW=...d.A.....
4J..}....8..T.4..y.X..wy.[..gFrpI...M.I..q{....... ...^..6=k./.]......
]Y...p. .3...&.M..;.=je..l..\.3.i.. Z(.. ...ZE.(.Q@...(..QE.-%(..B..J(
.=*..z,,.\.....=...O.W.y...z=?....2J..X.n?x...:hh...k)....[s.d>\^.w
.z.5...ZV'.4..{..Ea7p$t...ri...}(....~.{[email protected]?:j...E.?........g
$...y=.4......ooN.z.|q....)...J.......H.x8....^}M..!..H....jB.u..0..O.
.Cin%p.....V..m...[....pA........q...e.\...1.j..7..Ua.n....s..ZQ..
<<< skipped >>>


GET /r/rc/yycomscene/core/1/19/core.bmp HTTP/1.1
Accept: */*
Accept-Language: en-US
Referer: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=86415000&subSid=86415000&newtuna=1&referer=http:/%2
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: c2.web.yystatic.com
Connection: Keep-Alive
Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b; hiido_ui=0.57246662237330648


HTTP/1.0 302 Found
Cache-Control: no-cache
Connection: close
Location: hXXp://87.245.198.80/c2.web.yystatic.com/r/rc/yycomscene/core/1/19/core.bmp?wsiphost=local



GET /hiido_internal.js?siteid=www@yy HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
If-Modified-Since: Fri, 03 Jun 2016 09:39:08 GMT
If-None-Match: W/"5bb3-15515a16a60"
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: hdjs.hiido.com
Connection: Keep-Alive


HTTP/1.1 304 Not Modified
Date: Sat, 04 Jun 2016 17:49:30 GMT
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Fri, 03 Jun 2016 09:39:08 GMT
ETag: W/"5bb3-15515a16a60"
X-Via: 1.1 FM-31430C:8104 (Cdn Cache Server V2.0), 1.1 fuzhou189:8107 (Cdn Cache Server V2.0), 1.1 db77:1 (Cdn Cache Server V2.0)
Connection: keep-alive
HTTP/1.1 304 Not Modified..Date: Sat, 04 Jun 2016 17:49:30 GMT..X-Powe
red-By: Express..Accept-Ranges: bytes..Cache-Control: public, max-age=
0..Last-Modified: Fri, 03 Jun 2016 09:39:08 GMT..ETag: W/"5bb3-15515a1
6a60"..X-Via: 1.1 FM-31430C:8104 (Cdn Cache Server V2.0), 1.1 fuzhou18
9:8107 (Cdn Cache Server V2.0), 1.1 db77:1 (Cdn Cache Server V2.0)..Co
nnection: keep-alive......


GET /hiido_internal.js?siteid=www@yy HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
If-Modified-Since: Fri, 03 Jun 2016 09:39:08 GMT
If-None-Match: W/"5bb3-15515a16a60"
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: hdjs.hiido.com
Connection: Keep-Alive


HTTP/1.1 304 Not Modified
Date: Sat, 04 Jun 2016 17:49:39 GMT
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Fri, 03 Jun 2016 09:39:08 GMT
ETag: W/"5bb3-15515a16a60"
X-Via: 1.1 FM-31430C:8104 (Cdn Cache Server V2.0), 1.1 fuzhou189:8107 (Cdn Cache Server V2.0), 1.1 db77:1 (Cdn Cache Server V2.0)
Connection: keep-alive
HTTP/1.1 304 Not Modified..Date: Sat, 04 Jun 2016 17:49:39 GMT..X-Powe
red-By: Express..Accept-Ranges: bytes..Cache-Control: public, max-age=
0..Last-Modified: Fri, 03 Jun 2016 09:39:08 GMT..ETag: W/"5bb3-15515a1
6a60"..X-Via: 1.1 FM-31430C:8104 (Cdn Cache Server V2.0), 1.1 fuzhou18
9:8107 (Cdn Cache Server V2.0), 1.1 db77:1 (Cdn Cache Server V2.0)..Co
nnection: keep-alive......


GET /hiido_internal.js?siteid=www@yy HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
If-Modified-Since: Fri, 03 Jun 2016 09:39:08 GMT
If-None-Match: W/"5bb3-15515a16a60"
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: hdjs.hiido.com
Connection: Keep-Alive


HTTP/1.1 304 Not Modified
Date: Sat, 04 Jun 2016 17:49:47 GMT
X-Powered-By: Express
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Fri, 03 Jun 2016 09:39:08 GMT
ETag: W/"5bb3-15515a16a60"
X-Via: 1.1 FM-31430C:8104 (Cdn Cache Server V2.0), 1.1 fuzhou189:8107 (Cdn Cache Server V2.0), 1.1 db77:1 (Cdn Cache Server V2.0)
Connection: keep-alive
HTTP/1.1 304 Not Modified..Date: Sat, 04 Jun 2016 17:49:47 GMT..X-Powe
red-By: Express..Accept-Ranges: bytes..Cache-Control: public, max-age=
0..Last-Modified: Fri, 03 Jun 2016 09:39:08 GMT..ETag: W/"5bb3-15515a1
6a60"..X-Via: 1.1 FM-31430C:8104 (Cdn Cache Server V2.0), 1.1 fuzhou18
9:8107 (Cdn Cache Server V2.0), 1.1 db77:1 (Cdn Cache Server V2.0)..Co
nnection: keep-alive..



GET / HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: VVV.yy.com
Connection: Keep-Alive
Cookie: hiido_ui=0.20794194939660737; hdjs_ui=0.9037752212777944; hdjs_session_id=0.4215254752462996; hdjs_session_time=1465062550068


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:49:04 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 04 Jun 2016 17:49:03 GMT
Content-Encoding: gzip
4c8..............{w.G.7.w.Z.;.x..$..V./.0.A...Z....4k..,.],Y...m..Y...
.$..0..&....c0..~...$......._.V..!D..ruw......w...>..d1..M.........
...o*..........)>.Hd..r...k....t.;...x!.IW)[email protected]..&.}3...,/...
NN.J..']..r.T).?.'2]..(}.........9.D..\....DO.X...8U.._../c.<h.....
x:..c.T.g:9......'...n..t..9.=.I...K.#..u...f. .......6..m.o.#.....).?
.y}K.}........R....oB...x69.]......Rv.6.Z)N...=......p....D);....x).G%
.I.3.%.o%[email protected].\J4...D0W.......t.4....
..............v....|>.#.._~Z..A.;P]{ \..-..n.._:Z..RX:!.<.>_.
...?...}....3..W.......7....0.R{t..$.T{.".;S?.R;....<.T._.'...K...7
...6.=.........k..8q....(l.?./..........J..'...V..|.0..L6../<....[.
.f'k........m.. .}......Djn.XJ.u."..A......._.....O.k/./.....E........
.......h.....]J.i.R....r&....m0..r9...1..J....B(..P......&YF.eQ..24..x
19.....^..._,...\S!s.. .8.#........#J.me..t9..g`D>..._.m.......y.h}
..G[........b...........K.|..........i>......0h`../=......Ta<.Tp
.W.^g*.t.#...#g.._..M...J.$.."......J)m:[email protected]~.......g.OS....^D
.f.s...Gw.....y>0....!..Qb..v?.@..|V....|q..@&.L.&?.dR.l..."......E
...p2{ .....O......$..Rw!^..]..:.4^.. ..).*?......a.K..Y0U.~\l.=!|.R?y
..|...xuc..|@X|.8.!<..p^X=............Xo...g............).}:z..T.P.
..cY..t...1000.....z.....|......J.Dp.T.).JA01N... ..x)..nl<.....x..
..L`.x......P...,...h@%\|[email protected]...`P.........3".v..IP..X....
....:..>x.. ."8.NaR.....%.M.........P.[.....6.V.?...O......x.......
.T..O...sa....../.oL.&...r....39.n........u.....K...G..UF..!<|.
<<< skipped >>>


GET /r/rc/main/main/1/46/main.swf?type=yyscene&topSid=45937111&subid=45937111 HTTP/1.1
Accept: */*
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: c1.web.yy.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:48:56 GMT
Content-Type: application/x-shockwave-flash;charset=UTF-8
Content-Length: 10853
Connection: keep-alive
Last-Modified: Thu, 03 Jul 2014 07:11:19 GMT
Expires: Sun, 05 Jun 2016 17:48:56 GMT
Cache-Control: max-age=86400
CWS..G..x..|.|SU..=......MRZ(.b..R.R.A.".mhK.`[d......I.$eq. ...".E...
.qp.uV.."0.|..,..~.:.'..s.K....._{....{.=.l..W.lf.....c..X.c"c..q.....
...Zk.....h....g.......7m.T.i^E,.~..s.9gv...s.......h...<..6c.`P.H.
...d8.u.........ap...3...G.....@$...&...T.AF=..`,..M....E.~/....<..
.7l.n...#.D...#.iN2....U..|..;......../F.Chp....Fm.K. ....}.XO..e." 1y
..b.......@|Q.tC4.I_b......o26vD....ot}.w}`Q]....BFo2..raE...9gU......
f..k.......?..c5R&.Yc...*...^...?../.h.w,..p....c'..?....5....O...|...
..6o..3.7n....U.9..O.....7.].^>........R.O.w.9`.....%'.&......r.L..
e.....%R.3gB......T...|......M/.g/...f~..F{.n.......E..E...E..S...ni..
)..;L....E....A...w.y..j...f......=g.X..21C..dY...g........c........6.
M.C*Q..:..b....(f.w..R|...fX...w.%wC.].~...e.@.../Y....O....,.>7...
1.h .....PU@[Il.I.mW.S...|J.c.y....]..]...'.].^/......`............K.^
.....g..]....-.{%5....-.$ *7k.k.....>...&.h...2S6..=9"n ..).Mu....{
.q.T..q\..[.a..p$.-...T...-......@"!..4x....>3.-.....[F..p4...b..7.
.#b....{....w..-..f.g._g.z|...I.......`"....m...Sqq"....<-.....B:S.
[email protected] ..&T` ...D.ImEk........L]......#...c.....Em[0=.l.j1.....TuO".
.....$...@r9.....\[email protected].%.....p"..7&j........
......%.]/n...d.....E...$.Q>j..}.7.....(.%.....E..#.-..7z#a.f.....E
Q..r.l.F..S.....%.........:.F.p....8... ,m..zc..z.-.W..F.........~....
..(..N4&Z.4.....P<...1..|.......}...J]..\g....J.....H.W.7........ .
5...Te.X.Y]..C.p.r.Q.,.....v.[6.,.1....x..6.....z).......,*.....k.....
.'M..k.$E.zh<w8..3.~-....}y....G.6..#...(....h.1.w...a.../0.k..
<<< skipped >>>


GET /j.gif?act=webevent&eventid=10008953&value=1&sys=3&uid=0&ui=0.20794194939660737&sid=86415000&act_type=1&source=0_0&bak1=0_0&parm1=0&time=1465062552&username= HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /t.gif?tanx_nid=109887427&tanx_cm&domain=yy.com&hiido_ui=0.20794194939660737&time=1465062548&zds=www@yy|&hi_cmui=yzwRC8sZVk qFEJH3ShePQ==&hi_cmuiv=0.6&cna=jwLaD3iTjxECAcLyYNpUr7X5 HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: cms.tanx.com
Connection: Keep-Alive


HTTP/1.1 302 Found
Date: Sat, 04 Jun 2016 17:49:04 GMT
Content-Type: image/gif
Content-Length: 49
Connection: close
Server: Tengine
P3P: CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE GOV"
Set-Cookie: cna=jwLaD3iTjxECAcLyYNpUr7X5; expires=Tue, 02-Jun-26 17:49:04 GMT; path=/; domain=tanx.com
Location: hXXp://cm.hiido.cn/cm/adx/tanx?tanx_ver=1&domain=yy.com&hiido_ui=0.20794194939660737&time=1465062548&zds=www@yy|&hi_cmui=yzwRC8sZVk qFEJH3ShePQ==&hi_cmuiv=0.6&tanx_tid=WVXU1KqJTQU=
Timing-Allow-Origin: *
GIF89a...................!.......,...........T..;..



GET /lgn/js/oauth/udbsdk/pcweb/udb.sdk.pcweb.embed.min.js HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: res.udb.duowan.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:49:00 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 25 May 2016 06:20:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 04 Jun 2016 17:59:00 GMT
Cache-Control: max-age=600
Content-Encoding: gzip
10a5.............:]o.Jv.E............#8.S...S..........E.*I......X`...
b........b......9.AR_I....E"..9s....n.../.,.....[....,..C\7.|.0{.ge.g.
.......&..}.E.(.....I.....0.]!...8.e...B...HK..N.[...BX.&../....... ..
.])..'.......d.....H4`..,b#...q...v..(gy.....o.....s1M./.....X.K..s]..
....M...%G..P...{....E...`..."Ng..8-.b..P..J>....oo[. ..e.p.=.....4
......U........v(.......`a.%,rc..)u...9......^....'O.X\..n_..s.<...
pRo.Y.X..l.^.:.H.....>..c.D... .X.6..."7.A(8...{.-...F.....,. .Z.l.
..T....,ly.........8S....H}.h......%.9l.T..Z.5P...E.e3B.F_..y...j..}8{
............N..?^..;. t.z.....T.eg......".......J|.c..N...D<*.....O
......h5l?m.?.....?............=..9....^wa.g.{.........V....D4T..r..m.
<.y\.?8:?;.yn......q:WV<.Am.0|t.....r.&..........o..8...'x|..'.9
s.....L....g.....\...........?<H...8t.U."C6q.....9a)x..eb'"..Q?m.i.
Z...2..........>.kg8..$.....?..N....S.^.1_..kv/.`[email protected]....
d...j.... ..e.p....1.Q N[...>z.........[G............7..tV.,.&.i{.!
.-.F...5.....p.......DT.5.b.B5.5...tu..m...`...H....._{..x. ..... ...Q
..8. j....{..id...2.6.p.g.8.nh_gqj.>...-..}.n#....W.W..'C...\]=...W
...=....T.Q..A.. &..K..aA......5.7....1.;..Y.&.....:........Z..N..8J..
...|n.qT........v.}.~.`h.c..$N...V.|.........?>.._>..o?.......@.
.PQ:.9.Z.......I3`....pK.9../v.d...&vzb.....4..!..|.T....x..p.....V...
\PT......<.s.......M.*(..p~|...\P.... 1...o...b.R..b..16/..../$....
.a.#..q/.D,..&$.!...&<.G\u..0...f.y.)..........H*...~.UV:[email protected]...
.W.X.|D........E.!.?2.....X...`b......6.q#s.o..Y..fh..2I.5.....`."
<<< skipped >>>

GET /lgn/js/oauth/udbsdk/udb.sdk.getmm.min.js HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: res.udb.duowan.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:49:01 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 25 May 2016 06:20:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 04 Jun 2016 17:59:01 GMT
Cache-Control: max-age=600
Content-Encoding: gzip
571.............V...6..*..%R,|6`0...#.6.I.6...0$#.2...b...A?{..>`z.
....K.Z.}.}.}.m.Q.i.9yl.-..2Yl...`.}.)W#.,......S...:......X...5m...8.
.............D...s,/...g-.n.......3}...f_..h.:.!.=s8.!.<-...5 &.`E.
F.9...4f....G V.>.........t.B...h."....6..\Q..>..S1....c%_...%..
.[|,....~=..T'V._0.{x.}j.....4.P&Z.#ZB.*qN.."H...!............(>MJ.
.K)....tM.....g....3r..S.......1n..*.....6.S.-..8mw.?Z..Gw<h.....vt
...... .....u....,h....*..n...64Ls.1G..hh....W..R...F.hs..3.j.0.L...v.
Q.G.....>.W....... n...p&.n.9..G...pj...Lt.^....5..O..\...3w .c...g
...7.v.W.-.mC.U...7$.r..9.)..n.o.....v...5....#\.!..P....I...V(.9....$
.]L&.K...p..m. ..D...O..u......6i3F..E..#..T.2....".i4...p...NtD....H.
E.2H..N.i..,?.[.Y..M.5.:.%..|h...$.R..A,1........M.!.^GAE..KG.R.d.....
.Sm......o.%/.L...~..y..n..V.....(P.....M.H.... ....Kr.....y<.(.-@.
.m.n4i....B.q[!..........yp.37..X&.*2....dia........7x.2.q..n.m..=....
-|h.W}.,..8=.~.0O......$.w...{[email protected],.h...M..m.ny...6...3....
......Y5ML...R.....G...y.8X(.(/.E......:........P.0.R8..]1Aj..4p[...^.
,1..y%Q...<.....Y.. ..R.../.W..5R..8 ...h.MA.....!.....Z.a......V.0
U8.2^_p...Y.4..8$V)BWF.....j..g..D.....4;?d..L[...=_........W......8..
J...u...z.!..`l....F..q.........D........|{....2..#../h.X.....6;w..2.(
A.}a......3..C......<..(...:.[..,X....w.`W.}.t...p...m.=..i<a...
\..X.r/y&.'..Q..tP.......M.m..6.....=z.1..]mlh.`-A...p...w.=>7..]..
....[.C..[../.......^....O....G.....0......
<<< skipped >>>

GET /lgn/css/oauth/udbsdk/xelogin.sdk.css HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: res.udb.duowan.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Jun 2016 17:49:01 GMT
Content-Type: text/css
Content-Length: 667
Last-Modified: Wed, 25 May 2016 06:20:30 GMT
Connection: keep-alive
ETag: "5745442e-29b"
Expires: Sat, 04 Jun 2016 17:59:01 GMT
Cache-Control: max-age=600
Accept-Ranges: bytes
/*mark*/@CHARSET "UTF-8";.popup-mask{z-index:30001;position:absolute;t
op:0;left:0;-moz-opacity:0.5;opacity:0.5;filter:alpha(opacity=50);back
ground-color:#000;width:100%;height:100%;zoom:1;}.popup-mask iframe{po
sition:absolute; z-index: -1;}.udbsdk_login{display:none;}.udbsdk_clos
e{font:13px/1.5 Tahoma,Arial,Verdana;text-align:right;position:relativ
e;top:23px;right:-4px;}.udbsdk_href{TEXT-DECORATION:none;color:#A7CFEC
;font-size:14px; font-weight:bold;}.udbsdk_href:hover{text-decoration:
none !important;}.udbsdk_frm1{width:524px;*width:526px;_width:526px; h
eight:298px;*height:300px;_height:312px;} .udbsdk_frm{width:320px ; he
ight:273px; vertical-align: middle;}.HTTP/1.1 200 OK..Server: nginx..D
ate: Sat, 04 Jun 2016 17:49:01 GMT..Content-Type: text/css..Content-Le
ngth: 667..Last-Modified: Wed, 25 May 2016 06:20:30 GMT..Connection: k
eep-alive..ETag: "5745442e-29b"..Expires: Sat, 04 Jun 2016 17:59:01 GM
T..Cache-Control: max-age=600..Accept-Ranges: bytes../*mark*/@CHARSET 
"UTF-8";.popup-mask{z-index:30001;position:absolute;top:0;left:0;-moz-
opacity:0.5;opacity:0.5;filter:alpha(opacity=50);background-color:#000
;width:100%;height:100%;zoom:1;}.popup-mask iframe{position:absolute; 
z-index: -1;}.udbsdk_login{display:none;}.udbsdk_close{font:13px/1.5 T
ahoma,Arial,Verdana;text-align:right;position:relative;top:23px;right:
-4px;}.udbsdk_href{TEXT-DECORATION:none;color:#A7CFEC;font-size:14px; 
font-weight:bold;}.udbsdk_href:hover{text-decoration:none !important;}
.udbsdk_frm1{width:524px;*width:526px;_width:526px; height:298px;*
<<< skipped >>>


GET /r/sc/yycomscene/defaultScene/1/76/danmaku.swf HTTP/1.1
Accept: */*
Accept-Language: en-US
Referer: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=86415000&subSid=86415000&newtuna=1&referer=http:/%2
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: c2.web.yystatic.com
Connection: Keep-Alive
Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b; hiido_ui=0.57246662237330648


HTTP/1.1 200 OK
Content-Length: 38952
Content-Type: application/x-shockwave-flash;charset=UTF-8
Last-Modified: Sat,05-Dec-15 05:49:20 GMT
Via: 1.1 db80:12680 (Cdn Cache Server V2.0)
Connection: close
CWS.. ..x..}.|.E......l.."..^).;s.^H.FC.K..w..&..{lvs.. ..;z...;....t.
... .DB. .]..g.}7.!(..|....w..g..w6.t(....%.G6s.f..p8....s8n..j.*.....
...y......XC^......<....H].kn....]..r.....S.)......^t.-..B..&.h....
\.{....?_v.U..&^iCc$....t.....P,......"_M^m8R....mh..j.T]....}.5..x..;
.....7wi.Heb.X..K~....?.{.?07..8.,rP^_K;o..T.....4o./....54V.........p
ml.7....C..G.d.b5..7...Bv6*......u.[.!O.J....o...o...57v...u...ss.V.`.
`doq....ov.H'O...)c.5@I.;.:...1....^......C~......kt.j_z.sP.......#...
q....Lc...p......>WZ..L...X......].....>h..z..j..t.O..........s.
H.....:k&.;v..K.1V.s..'......../....[.........^.Y]~...c....o[......P..
.>7....@.!.m.*.".._.......V...BuF..P.u......"kY...51M8.k........:..
.\.....o.?..6.W.#j~$.mrv........7E<...$[-".,..U...5.._$.....T...x.M
..4...1...;w...P.5@J,..M/.......,ra...:...[..v... G.w.>..."d..S....
..Z.>=..1W.>....H.....O.@._...~....Pm8.O...#.."... .....1.O...@.
..Q...d,[email protected]...;..A....X
 .u..x..H.Z...|W....QF.1o ..\...&..J.1..h,[email protected]
Q.X.....Ub.)M....U...CQ.5.j.|%.dgU.....y.o..I..P.b...@.?.....z.z./.U{.
|.p.U.H...O..._.$.....'..:..s..........o.)...1......{..h..}.....NOo.E.
.,Z.9L..9..C....xTp?..sO.......?......M..=%..pv.........~.d0...0P...*.
 .........l.....jh {.3.......~!)).........:....M....h.&X...H{.u.%.Pf..
.. ...*[email protected]/...6..F.V.u.Y.(..}j.....2R.l.w.g.b 
..[..G..8[..i.......bqVB....._.].5..OF.?....F1.1...1..9..R&.tR..?..L.g
.61...W..7.P..[......<...^.%.~4......O...Z....u....1.RQ .~....M
<<< skipped >>>


GET /r/rc/yycomscene/core/1/19/core.bmp HTTP/1.1
Accept: */*
Accept-Language: en-US
Referer: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=86415000&subSid=86415000&newtuna=1&referer=http:/%2
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: c2.web.yystatic.com
Connection: Keep-Alive
Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b; hiido_ui=0.57246662237330648


HTTP/1.0 302 Found
Cache-Control: no-cache
Connection: close
Location: hXXp://87.245.198.80/c2.web.yystatic.com/r/rc/yycomscene/core/1/19/core.bmp?wsiphost=local



GET /j.gif?act=webevent&eventid=10008953&value=1&sys=3&uid=0&ui=0.20794194939660737&sid=72578111&act_type=1&source=0_0&bak1=0_0&parm1=0&time=1465062564&username= HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /j.gif?act=webevent&eventid=10008953&value=1&sys=3&uid=0&ui=0.20794194939660737&sid=86415000&act_type=1&source=0_0&bak1=0_0&parm1=0&time=1465062555&username= HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /hm.js?c493393610cdccbddc1f124d567e36ab HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: hm.baidu.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 8796
Content-Type: application/javascript
Date: Sat, 04 Jun 2016 17:49:02 GMT
Etag: a6182c7abd554fdec141e481c8a3b5e5
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=45C9319AF5C9C37A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
...............(function(){var h={},mt={},c={id:"c493393610cdccbddc1f1
24d567e36ab",dm:["yy.com"],js:"tongji.baidu.com/hm-web/js/",etrk:[],ic
on:'',ctrk:false,align:-1,nv:-1,vdur:1800000,age:31536000000,rec:0,rp:
[],trust:0,vcard:0,qiao:0,lxb:0,conv:0,med:0,cvcc:'',cvcf:[],apps:''};
.;.{......p..`5........l.]....X..I..l...c..IZ...wF.CN...{.....3....d.&
lt;5R.LB.....wi..E...;.9.....[.....,..a.....~H'.s..V.....Ij/2.>..8'
j........[..e..../6..k1~z;.......%.4.Oc.F.g5.F..../..D..*..x<^...f.
].M.....(...Pv..bvhd.Xa......U......T..^.~>.l..m..........GK&DI.D..
.kN..`2.UlAQ.Uov&r.,b/.......Y/A.|'..m.,`.X.Ox......3a...h.6L#..dV .m.
.m.m. ..........eg.4.N..|...)....}....0....v......<...EJ...8-..".&v
n..#....:.."..S.e....A.6.l..;..b9.{.$......7B.|x6...GZ......X.j1P.4...
....3.eox..d.$..2.6..|..k.... ..[RX.....j.....~{7......9...g.1....S4..
#Kb..F.......`.s.g....9H.....T0..D<.'.{%...&...Yd..@.."O..{...8....
$.,3.A.R.x.M,....J.....)...Q[. ` .....Z...?]B....[,....UMK.,Y..L.|...u
....p_.&.tE.D....9.&r%...t.Kf.H..d.i...HTTP/1.1 200 OK..Cache-Control:
 max-age=0, must-revalidate..Content-Encoding: gzip..Content-Length: 8
796..Content-Type: application/javascript..Date: Sat, 04 Jun 2016 17:4
9:02 GMT..Etag: a6182c7abd554fdec141e481c8a3b5e5..P3p: CP="CURa ADMa D
EVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
..Server: apache..Set-Cookie: HMACCOUNT=45C9319AF5C9C37A; Path=/; Doma
in=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT................
.(function(){var h={},mt={},c={id:"c493393610cdccbddc1f124d567e36a
<<< skipped >>>

GET /hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&et=0&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=1&rnd=461872113&si=c493393610cdccbddc1f124d567e36ab&st=1&v=1.1.26&lv=2&tt=传奇人生-正在直播-中国领先的直播网站 HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: hm.baidu.com
Connection: Keep-Alive
Cookie: HMACCOUNT=45C9319AF5C9C37A


HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Jun 2016 17:49:07 GMT
Pragma: no-cache
Server: apache
X-Content-Type-Options: nosniff
GIF89a.............!.......,...........L..;HTTP/1.1 200 OK..Cache-Cont
rol: private, max-age=0, no-cache..Content-Length: 43..Content-Type: i
mage/gif..Date: Sat, 04 Jun 2016 17:49:07 GMT..Pragma: no-cache..Serve
r: apache..X-Content-Type-Options: nosniff..GIF89a.............!......
.,...........L..;....


GET /hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&ep=1188,1188&et=3&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=1791133847&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2 HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: hm.baidu.com
Connection: Keep-Alive
Cookie: HMACCOUNT=45C9319AF5C9C37A


HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Jun 2016 17:49:08 GMT
Pragma: no-cache
Server: apache
X-Content-Type-Options: nosniff
GIF89a.............!.......,...........L..;HTTP/1.1 200 OK..Cache-Cont
rol: private, max-age=0, no-cache..Content-Length: 43..Content-Type: i
mage/gif..Date: Sat, 04 Jun 2016 17:49:08 GMT..Pragma: no-cache..Serve
r: apache..X-Content-Type-Options: nosniff..GIF89a.............!......
.,...........L..;....


GET /hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&ep=6063,6063&et=3&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=1064664793&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2 HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: hm.baidu.com
Connection: Keep-Alive
Cookie: HMACCOUNT=45C9319AF5C9C37A


HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Jun 2016 17:49:14 GMT
Pragma: no-cache
Server: apache
X-Content-Type-Options: nosniff
GIF89a.............!.......,...........L..;HTTP/1.1 200 OK..Cache-Cont
rol: private, max-age=0, no-cache..Content-Length: 43..Content-Type: i
mage/gif..Date: Sat, 04 Jun 2016 17:49:14 GMT..Pragma: no-cache..Serve
r: apache..X-Content-Type-Options: nosniff..GIF89a.............!......
.,...........L..;....


GET /hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&et=0&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=594117554&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2&tt=传奇人生-正在直播-中国领先的直播网站 HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: hm.baidu.com
Connection: Keep-Alive
Cookie: HMACCOUNT=45C9319AF5C9C37A


HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Jun 2016 17:49:15 GMT
Pragma: no-cache
Server: apache
X-Content-Type-Options: nosniff
GIF89a.............!.......,...........L..;HTTP/1.1 200 OK..Cache-Cont
rol: private, max-age=0, no-cache..Content-Length: 43..Content-Type: i
mage/gif..Date: Sat, 04 Jun 2016 17:49:15 GMT..Pragma: no-cache..Serve
r: apache..X-Content-Type-Options: nosniff..GIF89a.............!......
.,...........L..;....


GET /hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&et=0&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=2114723665&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2&tt=传奇人生-正在直播-中国领先的直播网站 HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: hm.baidu.com
Connection: Keep-Alive
Cookie: HMACCOUNT=45C9319AF5C9C37A


HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Jun 2016 17:49:22 GMT
Pragma: no-cache
Server: apache
X-Content-Type-Options: nosniff
GIF89a.............!.......,...........L..;HTTP/1.1 200 OK..Cache-Cont
rol: private, max-age=0, no-cache..Content-Length: 43..Content-Type: i
mage/gif..Date: Sat, 04 Jun 2016 17:49:22 GMT..Pragma: no-cache..Serve
r: apache..X-Content-Type-Options: nosniff..GIF89a.............!......
.,...........L..;....


GET /hm.js?c493393610cdccbddc1f124d567e36ab HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: hm.baidu.com
Connection: Keep-Alive
Cookie: HMACCOUNT=45C9319AF5C9C37A


HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 8796
Content-Type: application/javascript
Date: Sat, 04 Jun 2016 17:49:30 GMT
Etag: a6182c7abd554fdec141e481c8a3b5e5
Server: apache
...............(function(){var h={},mt={},c={id:"c493393610cdccbddc1f1
24d567e36ab",dm:["yy.com"],js:"tongji.baidu.com/hm-web/js/",etrk:[],ic
on:'',ctrk:false,align:-1,nv:-1,vdur:1800000,age:31536000000,rec:0,rp:
[],trust:0,vcard:0,qiao:0,lxb:0,conv:0,med:0,cvcc:'',cvcf:[],apps:''};
.;.{......p..`5........l.]....X..I..l...c..IZ...wF.CN...{.....3....d.&
lt;5R.LB.....wi..E...;.9.....[.....,..a.....~H'.s..V.....Ij/2.>..8'
j........[..e..../6..k1~z;.......%.4.Oc.F.g5.F..../..D..*..x<^...f.
].M.....(...Pv..bvhd.Xa......U......T..^.~>.l..m..........GK&DI.D..
.kN..`2.UlAQ.Uov&r.,b/.......Y/A.|'..m.,`.X.Ox......3a...h.6L#..dV .m.
.m.m. ..........eg.4.N..|...)....}....0....v......<...EJ...8-..".&v
n..#....:.."..S.e....A.6.l..;..b9.{.$......7B.|x6...GZ......X.j1P.4...
....3.eox..d.$..2.6..|..k.... ..[RX.....j.....~{7......9...g.1....S4..
#Kb..F.......`.s.g....9H.....T0..D<.'.{%...&...Yd..@.."O..{...8....
$.,3.A.R.x.M,....J.....)...Q[. ` .....Z...?]B....[,....UMK.,Y..L.|...u
....p_.&.tE.D....9.&r%...t.Kf.H..d.i....&.....b...Xf..I.N.&`...&...-.Y
C...P.......%0.e..%_.....!..!ShaU..D0.........&...K.pJt.....H..V......
)(}.d...Z.d...*.Z~......T;... [email protected]}3...50.T
G....#..`K.|....~......,..c......E.4.|gp..a!^..w<Z.......Fh....(l*.
.ge.....i..,Y....I..`."5.3i.....F.........n......:*t.`..QL.<...v...
.ge..!.9...yt..@....`I......E.k._.'..(A...].0.........n... .......n!k.
..>...(x..Fnm....n...7.l...e3.f ..6S.LM.8..on...y#;....f.....F..#..
......".E..p......GM..3W....f..8.!. .b.>.c....J.......7I"..j...
<<< skipped >>>

GET /hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&ep=7734,7734&et=3&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=122391367&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2 HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: hm.baidu.com
Connection: Keep-Alive
Cookie: HMACCOUNT=45C9319AF5C9C37A


HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Jun 2016 17:49:38 GMT
Pragma: no-cache
Server: apache
X-Content-Type-Options: nosniff
GIF89a.............!.......,...........L..;HTTP/1.1 200 OK..Cache-Cont
rol: private, max-age=0, no-cache..Content-Length: 43..Content-Type: i
mage/gif..Date: Sat, 04 Jun 2016 17:49:38 GMT..Pragma: no-cache..Serve
r: apache..X-Content-Type-Options: nosniff..GIF89a.............!......
.,...........L..;....


GET /hm.gif?cc=0&ck=1&cl=32-bit&ds=1276x846&et=0&fl=11.6&ja=1&ln=en-us&lo=0&lt=1465062557&nv=0&rnd=394224880&si=c493393610cdccbddc1f124d567e36ab&st=4&v=1.1.26&lv=2&tt=传奇人生-正在直播-中国领先的直播网站 HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: hm.baidu.com
Connection: Keep-Alive
Cookie: HMACCOUNT=45C9319AF5C9C37A


HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 04 Jun 2016 17:49:39 GMT
Pragma: no-cache
Server: apache
X-Content-Type-Options: nosniff
GIF89a.............!.......,...........L..;HTTP/1.1 200 OK..Cache-Cont
rol: private, max-age=0, no-cache..Content-Length: 43..Content-Type: i
mage/gif..Date: Sat, 04 Jun 2016 17:49:39 GMT..Pragma: no-cache..Serve
r: apache..X-Content-Type-Options: nosniff..GIF89a.............!......
.,...........L..;....


GET /hm.js?c493393610cdccbddc1f124d567e36ab HTTP/1.1


Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: hm.baidu.com
Connection: Keep-Alive
Cookie: HMACCOUNT=45C9319AF5C9C37A


HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 8796
Content-Type: application/javascript
Date: Sat, 04 Jun 2016 17:49:47 GMT
Etag: a6182c7abd554fdec141e481c8a3b5e5
Server: apache
...............(function(){var h={},mt={},c={id:"c493393610cdccbddc1f1
24d567e36ab",dm:["yy.com"],js:"tongji.baidu.com/hm-web/js/",etrk:[],ic
on:'',ctrk:false,align:-1,nv:-1,vdur:1800000,age:31536000000,rec:0,rp:
[],trust:0,vcard:0,qiao:0,lxb:0,conv:0,med:0,cvcc:'',cvcf:[],apps:''};
.;.{......p..`5........l.]....X..I..l...c..IZ...wF.CN...{.....3....d.&
lt;5R.LB.....wi..E...;.9.....[.....,..a.....~H'.s..V.....Ij/2.>..8'
j........[..e..../6..k1~z;.......%.4.Oc.F.g5.F..../..D..*..x<^...f.
].M.....(...Pv..bvhd.Xa......U......T..^.~>.l..m..........GK&DI.D..
.kN..`2.UlAQ.Uov&r.,b/.......Y/A.|'..m.,`.X.Ox......3a...h.6L#..dV .m.
.m.m. ..........eg.4.N..|...)....}....0....v......<...EJ...8-..".&v
n..#....:.."..S.e....A.6.l..;..b9.{.$......7B.|x6...GZ......X.j1P.4...
....3.eox..d.$..2.6..|..k.... ..[RX.....j.....~{7......9...g.1....S4..
#Kb..F.......`.s.g....9H.....T0..D<.'.{%...&...Yd..@.."O..{...8....
$.,3.A.R.x.M,....J.....)...Q[. ` .....Z...?]B....[,....UMK.,Y..L.|...u
....p_.&.tE.D....9.&r%...t.Kf.H..d.i....&.....b...Xf..I.N.&`...&...-.Y
C...P.......%0.e..%_.....!..!ShaU..D0.........&...K.pJt.....H..V......
)(}.d...Z.d...*.Z~......T;... [email protected]}3...50.T
G....#..`K.|....~......,..c......E.4.|gp..a!^..w<Z.......Fh....(l*.
.ge.....i..,Y....I..`."5.3i.....F.........n......:*t.`..QL.<...v...
.ge..!.9...yt..@....`I......E.k._.'..(A...].0.........n... .......n!k.
..>...(x..Fnm....n...7.l...e3.f ..6S.LM.8..on...y#;....f.....F..#..
......".E..p......GM..3W....f..8.!. .b.>.c....J.......7I"..j...
<<< skipped >>>


GET /j.gif?act=webevent&eventid=10008953&value=1&sys=3&uid=0&ui=0.20794194939660737&sid=72578111&act_type=1&source=0_0&bak1=0_0&parm1=0&time=1465062589&username= HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /r/rc/yycomscene/core/1/19/core.bmp HTTP/1.1
Accept: */*
Accept-Language: en-US
Referer: hXXp://c2.web.yystatic.com/r/rc/yycomscene/main/1/11/main.swf?type=yycomscene&topSid=72578111&subSid=72578111&newtuna=1&referer=http:/%2
x-flash-version: 11,6,602,168
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: c2.web.yystatic.com
Connection: Keep-Alive
Cookie: wyy=cc515ea9f79d46d0a143e95390998e1b; hiido_ui=0.57246662237330648


HTTP/1.0 302 Found
Cache-Control: no-cache
Connection: close
Location: hXXp://87.245.198.80/c2.web.yystatic.com/r/rc/yycomscene/core/1/19/core.bmp?wsiphost=local



GET /duowan.js HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: VVV.duowan.com
Connection: Keep-Alive


HTTP/1.1 200 OK
Expires: Sat, 04 Jun 2016 17:52:08 GMT
Date: Sat, 04 Jun 2016 17:47:08 GMT
Server: nginx
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 11794
Last-Modified: Fri, 27 May 2016 09:51:47 GMT
ETag: "574818b3-2e12"
Cache-Control: max-age=300
X-UA-Compatible: IE=EmulateIE7
Accept-Ranges: bytes
Age: 1
X-Via: 1.1 fuzhou186:8104 (Cdn Cache Server V2.0), 1.1 db78:2 (Cdn Cache Server V2.0)
Connection: keep-alive
/* Hiido v20160527.01*/.eval(function(E,I,A,D,J,K,L,H){function C(A){r
eturn A<62?String.fromCharCode(A =A<26?65:A<52?71:-4):A<63
?'_':A<64?'$':C(A>>6) C(A&63)}while(A>0)K[C(D--)]=I[--A];f
unction N(A){return K[A]==L[A]?A:K[A]}if(''.replace(/^/,String)){var M
=E.match(J),B=M[0],F=E.split(J),G=0;if(E.indexOf(F[0]))F=[''].concat(F
);do{H[A  ]=F[G  ];H[A  ]=N(B)}while(B=M[G]);H[A  ]=F[G]||'';return H.
join('')}return E.replace(J,N)}('j BY="CA",Dg="ylog.u.k";7 Di(){j BH=8
.Dq,BM=CT(BH),d=BM?BM.B1:O,BO=BM?Ck(BM.CI):O;Y(BO=="Cc")BO=O;j BZ=DE(0
.Bd.CR),CV=CT(BZ),BS=CV?CV.B1:".";Y(0.Bd.protocol=="Dz:")BY="Dz";Y(BS=
="."||DQ(BS))y v;j _=C0(BS);Y(!_.BD)y v;j BK=P;Y(!BH)BK=O;p Y(BS==d){B
K=Q;BO=O}j ap=$.appName,av=$.DT,Z=$.Dd.B3();7 Ci(X){Y(X==By.Bg)X=P;p Y
(X==Cu.T)X=Q;p Y(X==BU.By)X=R;p Y(X==1440.V)X=B4;p Y(X==Co.864)X=S;p Y
(X==BU.U)X=T;p Y(X==BU.Bg)X=BI;p Y(X==B_.Bq)X=U;p Y(X==1680.Cm)X=BE;p 
Y(X==B_.By)X=Bp;p Y(X==Cn.Bq)X=Bq;p Y(X==BU.EP)X=Dw;p Y(X==BU.D8)X=14;
p Y(X==1360.Bg)X=15;p Y(X==DJ.T)X=Dv;p Y(X==1400.Cm)X=Dt;p Y(X==B_.V)X
=Du;p Y(X==DW.h)X=19;p Y(X==Co.D8)X=Dy;p Y(X==1088.612)X=Br;p Y(X==Cn.
Cl)X=Bl;p Y(X==Cn.DM)X=Bm;p Y(X==BN.Co)X=f;p Y(X==BN.1536)X=CS;p Y(X==
Cb.Dv)X=Dl;p Y(X==Cb.BN)X=Dn;p Y(X==Cu.h)X=Do;p Y(X==DW.e)X=Dp;p Y(X==
320.f)X=Dr;p Y(X==1366.Bg)X=Bn;p Y(X==480.BP)X=BP;p Y(X==1080.By)X=Bi;
p Y(X==DJ.D_)X=Bj;p Y(X==1136.D_)X=e;p Y(X==Cb.DM)X=Bh;p Y(X==BN.Cl)X=
CL;p Y(X==B$.Q)X=CM;p Y(X==B$.BN)X=CK;p Y(X==B$.f)X=CQ;p Y(X==2880.Du)
X=CP;p Y(X==Dx.C3)X=CO;p Y(X==Dx.f)X=CN;p Y(X==Bs.C3)X=Ce;p Y(X==B
<<< skipped >>>


GET /j.gif?act=web&zd=www@yy|&ui=0.20794194939660737&sp=0&fl=11&sl=0&ss=2&bs=6&mb=0&nw=0&fd=0&hiido=0&sn=0&ls=0&ut=1465062596318&wd=0&passport=&sns=null&pcmb=1&pl=http://VVV.yy.com/136724&v=T20160526.01&rnd=0.207941949396607371465062596318 HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/136724
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..



GET /j.gif?act=webstat&ht=VVV.yy.com&siteid=www@yy&speid=&ui=0.9037752212777944&sc=1276.846&cl=32-bit&pcmb=1&os=win|xp&bs=ie6&mb=&se=&wd=&rfh=&rf=&sns=&fl=-1&ln=&ja=1&ck=1&ot=<=4890&xy=&ext=&v=v0.8.0&pl=http://VVV.yy.com/210075&hsid=0.4215254752462996&io=0&ut=1465062554974&rnd=0.90377522127779441465062554974 HTTP/1.1
Accept: */*
Referer: hXXp://VVV.yy.com/210075
Accept-Language: en-us
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET4.0C)
Host: ylog.hiido.com
Connection: Keep-Alive
Cookie: hiido_mid=14650625393270664410100017


HTTP/1.1 200 OK 
Content-type: image/gif
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA div COM NAV OTC NOI DSP COR
Set-Cookie: hiido_mid=14650625393270664410100017; Path=/; expires=Mon, 25-Aug-25 10:20:28 GMT 
GIF89a.............,...........D..;..







The Trojan connects to the servers at the folowing location(s):







%original file name%.exe_632:




.text
`.rdata
@.data
.rsrc
t$(SSh
~%UVW
u$SShe
hXXp://movie.douban.com/subject/6799191/
t%SVh
|$D.tm
wininet.dll
kernel32.dll
ole32.dll
winmm.dll
ws2_32.dll
WinINet.dll
shlwapi.dll
User32.dll
user32.dll
gdiplus.dll
advapi32.dll
rasapi32.dll
Wininet.dll
urlmon.dll
OLEACC.DLL
gdi32.dll
shell32.dll
HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA
MsgWaitForMultipleObjects
GetWindowsDirectoryA
HttpAddRequestHeadersA
GdiplusShutdown
keybd_event
RegCloseKey
RegCreateKeyA
RegOpenKeyA
UrlMkSetSessionOption
RegEnumKeyA
RegFlushKey
RegOpenKeyExA
RegCreateKeyExA
RegDeleteKeyA
GetProcessHeap
ShellExecuteA
WinExec
hXXp://m.yy.com/zone/1371549646
Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1; 125LA; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)
http=
https
HTTP/1.1
Content-Type: application/x-www-form-urlencoded
HTTP/1.1
hXXps://
hXXp://
hXXp://VVV.yy.com/
%System%\ntdll.dll
%System%\kernel32.dll
%System%\USER32.dll
%System%\GDI32.dll
%System%\ADVAPI32.dll
%System%\RPCRT4.dll
%System%\Secur32.dll
%System%\IMM32.DLL
%System%\LPK.DLL
%System%\USP10.dll
%System%\WINMM.dll
%System%\comdlg32.dll
%System%\msvcrt.dll
%System%\SHLWAPI.dll
%System%\SHELL32.dll
%System%\WINSPOOL.DRV
%System%\ole32.dll
%System%\OLEPRO32.DLL
%System%\OLEAUT32.dll
%System%\WS2_32.dll
%System%\WS2HELP.dll
%System%\uxtheme.dll
%System%\MSIMG32.dll
%System%\MSVCP60.dll
%System%\WININET.dll
%System%\CRYPT32.dll
%System%\MSASN1.dll
%System%\PSAPI.DLL
%System%\VERSION.dll
%System%\urlmon.dll
Web.dll
software\microsoft\windows\CurrentVersion\Run\
VVV.yy.com
hXXp://c1.web.yy.com/r/rc/main/main/1/46/main.swf?type=yyscene&topSid=85593777&subSid=85593777
HKEY_CURRENT_USER\AppEvents\Schemes\Apps\Explorer\Navigating\.Current
hXXps://aq.yy.com/loginOut.do
hXXps://aq.yy.com/p/wklogin.do
&denyCallbackURL=hXXps://aq.yy.com/p/logincbk.do?cancel=1®CallbackURL=hXXps://aq.yy.com/welcome.do&UIStyle=xelogin&rdm=0.26365254551226436
hXXps://lgn.yy.com/lgn/oauth/authorize.do?oauth_token=
hXXps://lgn.yy.com/lgn/oauth/x/s/login_asyn.do
&denyCallbackURL=https://aq.yy.com/p/logincbk.do?cancel=1&UIStyle=xelogin&appid=1
&password=
callbackURL
Winmm.dll
dsound.dll
@ping 127.0.0.1 -n
\*.*"
@ping 127.0.0.1 -n 1 >nul
del 123.bat
\123.bat
\TEMP.TMP
{Reg}((?:src=)['"]?).*?\.js['"]
{Reg}((?:hXXp://)['"]?).*?\.swf
{Reg}((?:url\()|(?:src=)['"]?).*?\.[jpg|gif|png]{3}
scripting.FileSystemObject
bbs.125.la_Cookie
Adodb.Stream
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)
Accept: image/gif, image/bmp, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*
del C:\123.bat
\Restart.bat
(*.*)|*.*
(*.txt)|*.txt|
HKEY_CLASSES_ROOT
HKEY_CURRENT_USER
HKEY_LOCAL_MACHINE
HKEY_USERS
Software\Microsoft\Windows\CurrentVersion\Internet Settings\proxyserver
Software\Microsoft\Windows\CurrentVersion\Internet Settings\proxyenable
Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\
\data\Config.ini
;http=
<ie9>Mozilla/4.0 (compatible; MSIE 9.0; Windows NT6.1)</ie9>
<ie8>Mozilla/4.0 (compatible; MSIE 8.0; Windows NT6.0)</ie8>
<ie7>Mozilla/4.0 (compatible; MSIE 7.0; Windows NT5.2)</ie7>
<ie6>Mozilla/4.0 (compatible; MSIE 6.0; Windows NT5.1)</ie6>
>Mozilla/5.0 (compatible) AppleWebKit/534.21 (KHTML, like Gecko) Chrome/11.0.682.0 Safari/534.21</
>Mozilla/5.0 (Windows NT 6.1; WOW64; rv:6.0.2) Gecko/20100101 Firefox/6.0.2</
<ipad>Mozilla/5.0(iPad; U; CPU iPhone OS 3_2 like Mac OS X; en-us) AppleWebKit/531.21.10 (KHTML, like Gecko) Version/4.0.4 Mobile/7B314 Safari/531.21.10</ipad>
<iphone>Mozilla/5.0 (iPhone; U; CPU OS 4_2_1 like Mac OS X) AppleWebKit/532.9 (KHTML, like Gecko) Version/5.0.3 Mobile/8B5097d Safari/6531.22.7 </iphone>
<android>Mozilla/5.0 (Linux; U; Android 2.3.3; zh-tw; HTC_Pyramid Build/GRI40) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1</android>
<opera>Opera/9.80 (compatible; U) Presto/2.7.39 Version/11.00</opera>
<navigator>Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.12)Gecko/20080219 Firefox/2.0.0.12 Navigator/9.0.0.6</navigator>
<safari>Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_7) AppleWebKit/534.16  (KHTML, like Gecko) Version/5.0.3 Safari/533.19.4</safari>
{25336920-03F9-11CF-8FD0-00AA00686F13}
document.all.retjs.innerText=
javascript:document.onsdragstart=document.onselectstart=document.oncontextmenu=function(){return true}
javascript:document.onselectstart = document.oncontextmenu = document.onmousedown = document.onkeydown = function(){return true;};
var jie = document.createStyleSheet();jie.addRule('html','overflow:hidden;');
text|password|file
comdlg32.dll
{557CF400-1A04-11D3-9A73-0000F81EF32E}
{557CF401-1A04-11D3-9A73-0000F81EF32E}
{557CF402-1A04-11D3-9A73-0000F81EF32E}
{557CF405-1A04-11D3-9A73-0000F81EF32E}
{557CF406-1A04-11D3-9A73-0000F81EF32E}
WarnOnHTTPSToHTTPRedirect
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings
adodb.stream
Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)
Microsoft.XMLDOM
VBScript.RegExp
application/x-www-form-urlencoded
WinHttp.WinHttpRequest.5.1
SetClientCertificate
Set fso = CreateObject("Scripting.FileSystemObject")
fso.DeleteFile("
sc.vbs")
\sc.vbs
sc.vbs
sc.bat"
sc.bat
del Restart.bat
(0(^#32?#31*$11
,3(~-4)8
%d&&'
123456789
00003333
deflate 1.1.3 Copyright 1995-1998 Jean-loup Gailly
inflate 1.1.3 Copyright 1995-1998 Mark Adler
%*.*f
CNotSupportedException
commctrl_DragListMsg
Afx:%x:%x:%x:%x:%x
Afx:%x:%x
COMCTL32.DLL
CCmdTarget
__MSVCRT_HEAP_SELECT
Broken pipe
Inappropriate I/O control operation
Operation not permitted
KERNEL32.dll
GetKeyState
USER32.dll
GetViewportOrgEx
GDI32.dll
WINMM.dll
WINSPOOL.DRV
ADVAPI32.dll
SHELL32.dll
OLEAUT32.dll
COMCTL32.dll
oledlg.dll
WS2_32.dll
GetCPInfo
CreateDialogIndirectParamA
UnhookWindowsHookEx
SetWindowsHookExA
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
GetViewportExtEx
.PAVCException@@
Shell32.dll
Mpr.dll
Advapi32.dll
Gdi32.dll
Kernel32.dll
(&07-034/)7 '
?? / %d]
%d / %d]
.PAVCFileException@@
: %d]
(*.*)|*.*||
(*.WAV;*.MID)|*.WAV;*.MID|WAV
(*.WAV)|*.WAV|MIDI
(*.MID)|*.MID|
(*.txt)|*.txt|
(*.JPG;*.PNG;*.BMP;*.GIF;*.ICO;*.CUR)|*.JPG;*.PNG;*.BMP;*.GIF;*.ICO;*.CUR|JPG
(*.JPG)|*.JPG|PNG
(*.PNG)|*.PNG|BMP
(*.BMP)|*.BMP|GIF
(*.GIF)|*.GIF|
(*.ICO)|*.ICO|
(*.CUR)|*.CUR|
%s:%d
windows
.PAVCNotSupportedException@@
out.prn
(*.prn)|*.prn|
%d.%d
%d/%d
1.6.9
unsupported zlib version
png_read_image: unsupported transformation
%d / %d
Bogus message code %d
libpng error: %s
libpng warning: %s
1.1.3
bad keyword
libpng does not support gamma background rgb_to_gray
Palette is NULL in indexed image
(%d-%d):
%ld%c
(*.htm;*.html)|*.htm;*.html
its:%s::%s
.PAVCOleException@@
.PAVCObject@@
.PAVCSimpleException@@
.PAVCMemoryException@@
.?AVCNotSupportedException@@
.PAVCResourceException@@
.PAVCUserException@@
.?AVCCmdTarget@@
.?AVCCmdUI@@
.?AVCTestCmdUI@@
.PAVCOleDispatchException@@
.PAVCArchiveException@@
zcÁ
#include "l.chs\afxres.rc" // Standard components
PADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGC:\Windows\System32\adlll.exe
hXXp://m.yy.com/zone/1391682584
hXXp://c1.web.yy.com/r/rc/main/main/1/46/main.swf?type=yyscene&topSid=45937111&subid=45937111
PADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGPADDINGXXPADDINGC:\Windows\System32\lore.exe
F%*.*f
iphlpapi.dll
SHLWAPI.dll
MPR.dll
VERSION.dll
WININET.dll
VVV.dywt.com.cn
c:\%original file name%.exe
24683579
(*.*)
1.559.5.14
Windows Audio Service
1.0.0.0
(hXXp://VVV.eyuyan.com)

adlll.exe_224:




.text
`.rdata
@.data
.rsrc
t%SVh
t$(SSh
|$D.tm
~%UVW
u$SShe
wininet.dll
kernel32.dll
ole32.dll
winmm.dll
ws2_32.dll
WinINet.dll
shlwapi.dll
User32.dll
user32.dll
gdiplus.dll
advapi32.dll
rasapi32.dll
Wininet.dll
urlmon.dll
OLEACC.DLL
gdi32.dll
shell32.dll
HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA
MsgWaitForMultipleObjects
GetWindowsDirectoryA
HttpAddRequestHeadersA
GdiplusShutdown
keybd_event
RegCloseKey
RegCreateKeyA
RegOpenKeyA
UrlMkSetSessionOption
RegEnumKeyA
RegFlushKey
RegOpenKeyExA
RegCreateKeyExA
RegDeleteKeyA
GetProcessHeap
ShellExecuteA
WinExec
hXXp://m.yy.com/zone/1371549646
Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1; 125LA; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)
http=
https
HTTP/1.1
Content-Type: application/x-www-form-urlencoded
HTTP/1.1
hXXps://
hXXp://
hXXp://VVV.yy.com/
%System%\ntdll.dll
%System%\kernel32.dll
%System%\USER32.dll
%System%\GDI32.dll
%System%\ADVAPI32.dll
%System%\RPCRT4.dll
%System%\Secur32.dll
%System%\IMM32.DLL
%System%\LPK.DLL
%System%\USP10.dll
%System%\WINMM.dll
%System%\comdlg32.dll
%System%\msvcrt.dll
%System%\SHLWAPI.dll
%System%\SHELL32.dll
%System%\WINSPOOL.DRV
%System%\ole32.dll
%System%\OLEPRO32.DLL
%System%\OLEAUT32.dll
%System%\WS2_32.dll
%System%\WS2HELP.dll
%System%\uxtheme.dll
%System%\MSIMG32.dll
%System%\MSVCP60.dll
%System%\WININET.dll
%System%\CRYPT32.dll
%System%\MSASN1.dll
%System%\PSAPI.DLL
%System%\VERSION.dll
%System%\urlmon.dll
Web.dll
software\microsoft\windows\CurrentVersion\Run\
VVV.yy.com
hXXp://c1.web.yy.com/r/rc/main/main/1/46/main.swf?type=yyscene&topSid=85593777&subSid=85593777
HKEY_CURRENT_USER\AppEvents\Schemes\Apps\Explorer\Navigating\.Current
hXXps://aq.yy.com/loginOut.do
hXXps://aq.yy.com/p/wklogin.do
&denyCallbackURL=hXXps://aq.yy.com/p/logincbk.do?cancel=1®CallbackURL=hXXps://aq.yy.com/welcome.do&UIStyle=xelogin&rdm=0.26365254551226436
hXXps://lgn.yy.com/lgn/oauth/authorize.do?oauth_token=
hXXps://lgn.yy.com/lgn/oauth/x/s/login_asyn.do
&denyCallbackURL=https://aq.yy.com/p/logincbk.do?cancel=1&UIStyle=xelogin&appid=1
&password=
callbackURL
Winmm.dll
dsound.dll
@ping 127.0.0.1 -n
\*.*"
@ping 127.0.0.1 -n 1 >nul
del 123.bat
\123.bat
\TEMP.TMP
{Reg}((?:src=)['"]?).*?\.js['"]
{Reg}((?:hXXp://)['"]?).*?\.swf
{Reg}((?:url\()|(?:src=)['"]?).*?\.[jpg|gif|png]{3}
scripting.FileSystemObject
bbs.125.la_Cookie
Adodb.Stream
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)
Accept: image/gif, image/bmp, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*
del C:\123.bat
\Restart.bat
(*.*)|*.*
(*.txt)|*.txt|
HKEY_CLASSES_ROOT
HKEY_CURRENT_USER
HKEY_LOCAL_MACHINE
HKEY_USERS
Software\Microsoft\Windows\CurrentVersion\Internet Settings\proxyserver
Software\Microsoft\Windows\CurrentVersion\Internet Settings\proxyenable
Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\
\data\Config.ini
;http=
<ie9>Mozilla/4.0 (compatible; MSIE 9.0; Windows NT6.1)</ie9>
<ie8>Mozilla/4.0 (compatible; MSIE 8.0; Windows NT6.0)</ie8>
<ie7>Mozilla/4.0 (compatible; MSIE 7.0; Windows NT5.2)</ie7>
<ie6>Mozilla/4.0 (compatible; MSIE 6.0; Windows NT5.1)</ie6>
>Mozilla/5.0 (compatible) AppleWebKit/534.21 (KHTML, like Gecko) Chrome/11.0.682.0 Safari/534.21</
>Mozilla/5.0 (Windows NT 6.1; WOW64; rv:6.0.2) Gecko/20100101 Firefox/6.0.2</
<ipad>Mozilla/5.0(iPad; U; CPU iPhone OS 3_2 like Mac OS X; en-us) AppleWebKit/531.21.10 (KHTML, like Gecko) Version/4.0.4 Mobile/7B314 Safari/531.21.10</ipad>
<iphone>Mozilla/5.0 (iPhone; U; CPU OS 4_2_1 like Mac OS X) AppleWebKit/532.9 (KHTML, like Gecko) Version/5.0.3 Mobile/8B5097d Safari/6531.22.7 </iphone>
<android>Mozilla/5.0 (Linux; U; Android 2.3.3; zh-tw; HTC_Pyramid Build/GRI40) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1</android>
<opera>Opera/9.80 (compatible; U) Presto/2.7.39 Version/11.00</opera>
<navigator>Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.12)Gecko/20080219 Firefox/2.0.0.12 Navigator/9.0.0.6</navigator>
<safari>Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_7) AppleWebKit/534.16  (KHTML, like Gecko) Version/5.0.3 Safari/533.19.4</safari>
{25336920-03F9-11CF-8FD0-00AA00686F13}
document.all.retjs.innerText=
javascript:document.onsdragstart=document.onselectstart=document.oncontextmenu=function(){return true}
javascript:document.onselectstart = document.oncontextmenu = document.onmousedown = document.onkeydown = function(){return true;};
var jie = document.createStyleSheet();jie.addRule('html','overflow:hidden;');
text|password|file
comdlg32.dll
{557CF400-1A04-11D3-9A73-0000F81EF32E}
{557CF401-1A04-11D3-9A73-0000F81EF32E}
{557CF402-1A04-11D3-9A73-0000F81EF32E}
{557CF405-1A04-11D3-9A73-0000F81EF32E}
{557CF406-1A04-11D3-9A73-0000F81EF32E}
WarnOnHTTPSToHTTPRedirect
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings
adodb.stream
Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)
Microsoft.XMLDOM
VBScript.RegExp
application/x-www-form-urlencoded
WinHttp.WinHttpRequest.5.1
SetClientCertificate
Set fso = CreateObject("Scripting.FileSystemObject")
fso.DeleteFile("
sc.vbs")
\sc.vbs
sc.vbs
sc.bat"
sc.bat
del Restart.bat
(0(^#32?#31*$11
,3(~-4)8
%d&&'
123456789
00003333
deflate 1.1.3 Copyright 1995-1998 Jean-loup Gailly
inflate 1.1.3 Copyright 1995-1998 Mark Adler
%*.*f
CNotSupportedException
commctrl_DragListMsg
Afx:%x:%x:%x:%x:%x
Afx:%x:%x
COMCTL32.DLL
CCmdTarget
__MSVCRT_HEAP_SELECT
Broken pipe
Inappropriate I/O control operation
Operation not permitted
KERNEL32.dll
GetKeyState
USER32.dll
GetViewportOrgEx
GDI32.dll
WINMM.dll
WINSPOOL.DRV
ADVAPI32.dll
SHELL32.dll
OLEAUT32.dll
COMCTL32.dll
oledlg.dll
WS2_32.dll
GetCPInfo
CreateDialogIndirectParamA
UnhookWindowsHookEx
SetWindowsHookExA
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
GetViewportExtEx
.PAVCException@@
Shell32.dll
Mpr.dll
Advapi32.dll
Gdi32.dll
Kernel32.dll
(&07-034/)7 '
?? / %d]
%d / %d]
.PAVCFileException@@
: %d]
(*.*)|*.*||
(*.WAV;*.MID)|*.WAV;*.MID|WAV
(*.WAV)|*.WAV|MIDI
(*.MID)|*.MID|
(*.txt)|*.txt|
(*.JPG;*.PNG;*.BMP;*.GIF;*.ICO;*.CUR)|*.JPG;*.PNG;*.BMP;*.GIF;*.ICO;*.CUR|JPG
(*.JPG)|*.JPG|PNG
(*.PNG)|*.PNG|BMP
(*.BMP)|*.BMP|GIF
(*.GIF)|*.GIF|
(*.ICO)|*.ICO|
(*.CUR)|*.CUR|
%s:%d
windows
.PAVCNotSupportedException@@
out.prn
(*.prn)|*.prn|
%d.%d
%d/%d
1.6.9
unsupported zlib version
png_read_image: unsupported transformation
%d / %d
Bogus message code %d
libpng error: %s
libpng warning: %s
1.1.3
bad keyword
libpng does not support gamma background rgb_to_gray
Palette is NULL in indexed image
(%d-%d):
%ld%c
(*.htm;*.html)|*.htm;*.html
its:%s::%s
.PAVCOleException@@
.PAVCObject@@
.PAVCSimpleException@@
.PAVCMemoryException@@
.?AVCNotSupportedException@@
.PAVCResourceException@@
.PAVCUserException@@
.?AVCCmdTarget@@
.?AVCCmdUI@@
.?AVCTestCmdUI@@
.PAVCOleDispatchException@@
.PAVCArchiveException@@
zcÁ
C:\Windows\System32\adlll.exe
#include "l.chs\afxres.rc" // Standard components
24683579
(*.*)
1.559.5.14
Windows Audio Service

lore.exe_484:




.text
`.rdata
@.data
.rsrc
t%SVh
t$(SSh
|$D.tm
~%UVW
u$SShe
wininet.dll
kernel32.dll
ole32.dll
winmm.dll
ws2_32.dll
WinINet.dll
shlwapi.dll
User32.dll
user32.dll
gdiplus.dll
advapi32.dll
rasapi32.dll
Wininet.dll
urlmon.dll
OLEACC.DLL
gdi32.dll
shell32.dll
HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA
MsgWaitForMultipleObjects
GetWindowsDirectoryA
HttpAddRequestHeadersA
GdiplusShutdown
keybd_event
RegCloseKey
RegCreateKeyA
RegOpenKeyA
UrlMkSetSessionOption
RegEnumKeyA
RegFlushKey
RegOpenKeyExA
RegCreateKeyExA
RegDeleteKeyA
GetProcessHeap
ShellExecuteA
WinExec
hXXp://m.yy.com/zone/1391682584
Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1; 125LA; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)
http=
https
HTTP/1.1
Content-Type: application/x-www-form-urlencoded
HTTP/1.1
hXXps://
hXXp://
hXXp://VVV.yy.com/
%System%\ntdll.dll
%System%\kernel32.dll
%System%\USER32.dll
%System%\GDI32.dll
%System%\ADVAPI32.dll
%System%\RPCRT4.dll
%System%\Secur32.dll
%System%\IMM32.DLL
%System%\LPK.DLL
%System%\USP10.dll
%System%\WINMM.dll
%System%\comdlg32.dll
%System%\msvcrt.dll
%System%\SHLWAPI.dll
%System%\SHELL32.dll
%System%\WINSPOOL.DRV
%System%\ole32.dll
%System%\OLEPRO32.DLL
%System%\OLEAUT32.dll
%System%\WS2_32.dll
%System%\WS2HELP.dll
%System%\uxtheme.dll
%System%\MSIMG32.dll
%System%\MSVCP60.dll
%System%\WININET.dll
%System%\CRYPT32.dll
%System%\MSASN1.dll
%System%\PSAPI.DLL
%System%\VERSION.dll
%System%\urlmon.dll
Web.dll
software\microsoft\windows\CurrentVersion\Run\
VVV.yy.com
hXXp://c1.web.yy.com/r/rc/main/main/1/46/main.swf?type=yyscene&topSid=45937111&subid=45937111
HKEY_CURRENT_USER\AppEvents\Schemes\Apps\Explorer\Navigating\.Current
hXXps://aq.yy.com/loginOut.do
hXXps://aq.yy.com/p/wklogin.do
&denyCallbackURL=hXXps://aq.yy.com/p/logincbk.do?cancel=1®CallbackURL=hXXps://aq.yy.com/welcome.do&UIStyle=xelogin&rdm=0.26365254551226436
hXXps://lgn.yy.com/lgn/oauth/authorize.do?oauth_token=
hXXps://lgn.yy.com/lgn/oauth/x/s/login_asyn.do
&denyCallbackURL=https://aq.yy.com/p/logincbk.do?cancel=1&UIStyle=xelogin&appid=1
&password=
callbackURL
Winmm.dll
dsound.dll
@ping 127.0.0.1 -n
\*.*"
@ping 127.0.0.1 -n 1 >nul
del 123.bat
\123.bat
\TEMP.TMP
{Reg}((?:src=)['"]?).*?\.js['"]
{Reg}((?:hXXp://)['"]?).*?\.swf
{Reg}((?:url\()|(?:src=)['"]?).*?\.[jpg|gif|png]{3}
scripting.FileSystemObject
bbs.125.la_Cookie
Adodb.Stream
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)
Accept: image/gif, image/bmp, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*
del C:\123.bat
\Restart.bat
(*.*)|*.*
(*.txt)|*.txt|
HKEY_CLASSES_ROOT
HKEY_CURRENT_USER
HKEY_LOCAL_MACHINE
HKEY_USERS
Software\Microsoft\Windows\CurrentVersion\Internet Settings\proxyserver
Software\Microsoft\Windows\CurrentVersion\Internet Settings\proxyenable
Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\
\data\Config.ini
;http=
<ie9>Mozilla/4.0 (compatible; MSIE 9.0; Windows NT6.1)</ie9>
<ie8>Mozilla/4.0 (compatible; MSIE 8.0; Windows NT6.0)</ie8>
<ie7>Mozilla/4.0 (compatible; MSIE 7.0; Windows NT5.2)</ie7>
<ie6>Mozilla/4.0 (compatible; MSIE 6.0; Windows NT5.1)</ie6>
>Mozilla/5.0 (compatible) AppleWebKit/534.21 (KHTML, like Gecko) Chrome/11.0.682.0 Safari/534.21</
>Mozilla/5.0 (Windows NT 6.1; WOW64; rv:6.0.2) Gecko/20100101 Firefox/6.0.2</
<ipad>Mozilla/5.0(iPad; U; CPU iPhone OS 3_2 like Mac OS X; en-us) AppleWebKit/531.21.10 (KHTML, like Gecko) Version/4.0.4 Mobile/7B314 Safari/531.21.10</ipad>
<iphone>Mozilla/5.0 (iPhone; U; CPU OS 4_2_1 like Mac OS X) AppleWebKit/532.9 (KHTML, like Gecko) Version/5.0.3 Mobile/8B5097d Safari/6531.22.7 </iphone>
<android>Mozilla/5.0 (Linux; U; Android 2.3.3; zh-tw; HTC_Pyramid Build/GRI40) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1</android>
<opera>Opera/9.80 (compatible; U) Presto/2.7.39 Version/11.00</opera>
<navigator>Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.12)Gecko/20080219 Firefox/2.0.0.12 Navigator/9.0.0.6</navigator>
<safari>Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_7) AppleWebKit/534.16  (KHTML, like Gecko) Version/5.0.3 Safari/533.19.4</safari>
{25336920-03F9-11CF-8FD0-00AA00686F13}
document.all.retjs.innerText=
javascript:document.onsdragstart=document.onselectstart=document.oncontextmenu=function(){return true}
javascript:document.onselectstart = document.oncontextmenu = document.onmousedown = document.onkeydown = function(){return true;};
var jie = document.createStyleSheet();jie.addRule('html','overflow:hidden;');
text|password|file
comdlg32.dll
{557CF400-1A04-11D3-9A73-0000F81EF32E}
{557CF401-1A04-11D3-9A73-0000F81EF32E}
{557CF402-1A04-11D3-9A73-0000F81EF32E}
{557CF405-1A04-11D3-9A73-0000F81EF32E}
{557CF406-1A04-11D3-9A73-0000F81EF32E}
WarnOnHTTPSToHTTPRedirect
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings
adodb.stream
Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1)
Microsoft.XMLDOM
VBScript.RegExp
application/x-www-form-urlencoded
WinHttp.WinHttpRequest.5.1
SetClientCertificate
Set fso = CreateObject("Scripting.FileSystemObject")
fso.DeleteFile("
sc.vbs")
\sc.vbs
sc.vbs
sc.bat"
sc.bat
del Restart.bat
(0(^#32?#31*$11
,3(~-4)8
%d&&'
123456789
00003333
deflate 1.1.3 Copyright 1995-1998 Jean-loup Gailly
inflate 1.1.3 Copyright 1995-1998 Mark Adler
%*.*f
CNotSupportedException
commctrl_DragListMsg
Afx:%x:%x:%x:%x:%x
Afx:%x:%x
COMCTL32.DLL
CCmdTarget
__MSVCRT_HEAP_SELECT
Broken pipe
Inappropriate I/O control operation
Operation not permitted
KERNEL32.dll
GetKeyState
USER32.dll
GetViewportOrgEx
GDI32.dll
WINMM.dll
WINSPOOL.DRV
ADVAPI32.dll
SHELL32.dll
OLEAUT32.dll
COMCTL32.dll
oledlg.dll
WS2_32.dll
GetCPInfo
CreateDialogIndirectParamA
UnhookWindowsHookEx
SetWindowsHookExA
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
GetViewportExtEx
.PAVCException@@
Shell32.dll
Mpr.dll
Advapi32.dll
Gdi32.dll
Kernel32.dll
(&07-034/)7 '
?? / %d]
%d / %d]
.PAVCFileException@@
: %d]
(*.*)|*.*||
(*.WAV;*.MID)|*.WAV;*.MID|WAV
(*.WAV)|*.WAV|MIDI
(*.MID)|*.MID|
(*.txt)|*.txt|
(*.JPG;*.PNG;*.BMP;*.GIF;*.ICO;*.CUR)|*.JPG;*.PNG;*.BMP;*.GIF;*.ICO;*.CUR|JPG
(*.JPG)|*.JPG|PNG
(*.PNG)|*.PNG|BMP
(*.BMP)|*.BMP|GIF
(*.GIF)|*.GIF|
(*.ICO)|*.ICO|
(*.CUR)|*.CUR|
%s:%d
windows
.PAVCNotSupportedException@@
out.prn
(*.prn)|*.prn|
%d.%d
%d/%d
1.6.9
unsupported zlib version
png_read_image: unsupported transformation
%d / %d
Bogus message code %d
libpng error: %s
libpng warning: %s
1.1.3
bad keyword
libpng does not support gamma background rgb_to_gray
Palette is NULL in indexed image
(%d-%d):
%ld%c
(*.htm;*.html)|*.htm;*.html
its:%s::%s
.PAVCOleException@@
.PAVCObject@@
.PAVCSimpleException@@
.PAVCMemoryException@@
.?AVCNotSupportedException@@
.PAVCResourceException@@
.PAVCUserException@@
.?AVCCmdTarget@@
.?AVCCmdUI@@
.?AVCTestCmdUI@@
.PAVCOleDispatchException@@
.PAVCArchiveException@@
zcÁ
C:\Windows\System32\lore.exe
#include "l.chs\afxres.rc" // Standard components
24683579
(*.*)
1.559.5.14
Windows Audio Service






Remove it with Ad-Aware




    

  1. Click (here) to download and install Ad-Aware Free Antivirus.
    2. 

  2. Update the definition files.
    3. 

  3. Run a full scan of your computer.
    4. 





Manual removal*




    

  1. Terminate malicious process(es) (How to End a Process With the Task Manager):
    

    %original file name%.exe:632
    

    2. 

  2. Delete the original Trojan file.
    3. 

  3. Delete or disinfect the following files created/modified by the Trojan:
    

    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\d7wtWVZErbEAAAAAAAAuj2mMZr0392[1].jpg (392 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\tanx[1].gif (43 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\NjM0YWQxNGQtOWIzNy00Yjg1LWI4MjMtZGNmOWJlZTM4ZDU1[1].jpg (7254 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\CA09UJ49.gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\1501809610_1465004462[1].jpg (4548 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\headfoot.mix[1].css (5 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\j[1].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\j[14].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\72578111[1].htm (1 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\CAMJWHAJ.gif (35 bytes)
    %Documents and Settings%\%current user%\UserData\YJM90VAL\www.yy[1].xml (2170 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\1391682584[1].htm (39336 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\1391682584[1].htm (21156 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\defaultScene[1].swf (7730 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\CANF59GE.gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\j[13].gif (35 bytes)
    %Documents and Settings%\%current user%\Cookies\[email protected][1].txt (187 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\MGFhN2YyZTEtZWM1YS00MWJiLWFkZjAtNWYyYTExZDQzNTg0[1].jpg (6172 bytes)
    %Documents and Settings%\%current user%\Cookies\[email protected][2].txt (942 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\CAIYBNDS.gif (35 bytes)
    %Documents and Settings%\%current user%\Cookies\Current_User@tanx[2].txt (163 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\tz0M9Vahn78AAAAAAABHwm5wG-M269[1].jpg (776 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\studio[1].css (34225 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\yy[1].htm (2241 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\hm[3].js (363 bytes)
    %Documents and Settings%\%current user%\Cookies\Current_User@mmstat[2].txt (168 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\j[12].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\user[3].gif (43 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\j[20].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\CAYV81I1.gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\j[3].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\j[9].gif (35 bytes)
    %Documents and Settings%\%current user%\Cookies\[email protected][2].txt (184 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\core[1].htm (52522 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\w-head-sprite[1].png (5 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\yy[1] (720 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\duowan[1].js (1681 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\hm[2].js (1370 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\login-close[1].png (1 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\udb.sdk.getmm.min[1].js (1 bytes)
    %Documents and Settings%\%current user%\Cookies\[email protected][1].txt (184 bytes)
    %Documents and Settings%\%current user%\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sxx (547 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\user[6].gif (43 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\CASXWV8F.gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\icons-index[1].png (7 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\CAMNW3JS.gif (35 bytes)
    %Documents and Settings%\%current user%\Cookies\index.dat (29204 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\72578111[2].htm (1 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\ZTE4NDIzY2MtZDA5OS00YjQzLWI2NGUtMzBmODc3M2ZmMzQz[1].jpg (20881 bytes)
    %Documents and Settings%\%current user%\Cookies\Current_User@yy[1].txt (3048 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\CAAZ05I3.gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\1391682584[2].htm (7791 bytes)
    %Documents and Settings%\%current user%\Application Data\Macromedia\Flash Player\#SharedObjects\QEA5Z3QJ\c2.web.yystatic.com\r\rc\yycomscene\main\1\11\main.swf\main_guest_sobj.sxx (484 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\liveCard[2].swf (5559 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\main[2].swf (608 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\hm[3].js (1243 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\hm[2].js (3 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\udb.sdk.pcweb.embed.min[1].js (1228 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\StatisticsAction[2].json (84 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\detail[1] (145 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\j[7].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\require[1].js (5 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\w-liveplayer-sprite[1].png (6 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\72578111[4].htm (1 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\72578111[3].htm (1 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\icons-leftMenu2[1].png (3 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\72578111[2].htm (1 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\CATRZ9O8.gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\d7wtWVZMVGYAAAAAAAAsUBB5Ylo338[1].jpg (392 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\j[2].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\w-liveplayerToolBar-sprite[1].png (392 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\72578111[1] (1846 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\CAQPZDGK.gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\2wm[1].png (392 bytes)
    %Documents and Settings%\%current user%\Cookies\Current_User@mmstat[1].txt (168 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\alpha-bg[1].png (1 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\loading-white-mini[1].gif (392 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\72578111[1] (791 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\OWJjZjY1NjYtY2U4OS00NzkwLTg4M2MtM2QxNjY2ODkyMWQx[1].jpg (7658 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\j[9].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\j[12].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\j[2].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\j[21].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\headfoot.mix[1].js (392 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\72578111[1].htm (1 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\StatisticsAction[3].json (84 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\yy[1].htm (1573 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\72578111[5].htm (1 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\j[11].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\CAZA9C1X.gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\j[15].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\user[7].gif (43 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\default_load[1].png (4 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\tz0M9VahqFgAAAAAAAAk6C0I27c747[1].jpg (1870 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\j[11].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\j[5].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\c[1].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\YzY1ODZlNDQtN2M1Ni00MmFlLWI0NGMtNmQ2ZjhhNjIwYjM5[1].jpg (4491 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\studio[1].js (66337 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\j[1].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\CA096DCX.gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\j[10].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\CAN6QHRF.gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\j[6].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\j[3].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\headfoot.mix[2].js (1216 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\StatisticsAction[1].json (84 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\j[3].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\user[8].gif (43 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\user[3].gif (43 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\liveBaseSceneConfig[2].xml (918 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\udb.sdk.pcweb.embed.min[2].js (136 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\136724[1] (1968 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\j[7].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\user[1].gif (43 bytes)
    %Documents and Settings%\%current user%\Cookies\[email protected][2].txt (374 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\controlBar[1].swf (5162 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\CANLHVD7.gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\crossdomain[1].htm (260 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\72578111[1].htm (1 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\default_portrait[1].jpg (7 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\j[15].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\CAMZIFY1.gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\user[5].gif (43 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\hiido_internal[1].js (6553 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\j[7].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\j[12].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\72578111[3].htm (1 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\1391682584[1].htm (32000 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\MGU2NTExZWItYTI1Mi00N2VmLTg5NDgtOWUwY2UxNGUzMjQ2[1].jpg (8964 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\detail[2] (210 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\CAA7WBV4.gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\yy[1] (720 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\xelogin.sdk[1].css (667 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\w-liveplayer-sprite-p24[1].png (932 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\YjRkNjY5ODUtMWEyYy00MTQxLThlYjAtZjRhMzYzMjAwNTEw[1].jpg (7224 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\hm[1].js (392 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\CAG3BNEC.gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\d7wtWVcpnn4AAAAAAAAsxTKw0FU569[1].jpg (392 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\CAXXR7JF.gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\headfoot.mix[2].css (26 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\hm[2].js (363 bytes)
    %Documents and Settings%\%current user%\UserData\2Z89WTQV\www.yy[1].xml (1240 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\CAUV45EB.gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\j[10].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\liveplayerInline[1].js (145 bytes)
    %Documents and Settings%\%current user%\Cookies\Current_User@yystatic[2].txt (365 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\NDQ1NzI4OTctZjBkMi00NzRkLTk4OGItYWRkN2NjZWU4ZjY4[1].jpg (4364 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\j[15].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\j[9].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\icons-menuclose[1].png (1 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\hm[2].js (726 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\main[3].swf (16377 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\w-liveplayer-sprite[1].png (3 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\gradeIco[1].swf (290 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\j[8].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\user[1].gif (43 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\1391682584[1].htm (17911 bytes)
    %Documents and Settings%\%current user%\Cookies\Current_User@yy[2].txt (758 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\c[1].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\tz0M9VbtNkMAAAAAAAA9VFYDCvU355[1].jpg (392 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\j[14].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\tanx[1].gif (43 bytes)
    %Documents and Settings%\%current user%\Cookies\[email protected][1].txt (2045 bytes)
    %Documents and Settings%\%current user%\Cookies\Current_User@tanx[1].txt (163 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\j[2].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\user[1].gif (43 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\72578111[1].htm (1 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\require[1].js (14 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\keywords[1] (34039 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\detail[1] (210 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\udb.sdk.getmm.min[1].js (2 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\hm[1].js (784 bytes)
    %Documents and Settings%\%current user%\Cookies\[email protected][2].txt (164 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\j[16].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\CAJECRZD.gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\user[2].gif (43 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\ShowBackground[1].swf (1634 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\72578111[4].htm (1 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\detail[1] (145 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\j[6].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\crossdomain[2].xml (260 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\StatisticsAction[1].json (84 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\user[6].gif (43 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\danmaku[2].swf (4845 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\136724[1].htm (1002 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\j[19].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\hm[1].js (2852 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\NTk0MmFiOTYtMDEzOS00M2RmLTk2NzQtYWQ5NjhhZGU3MzQw[1].jpg (5753 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\hm[1].js (363 bytes)
    %Documents and Settings%\%current user%\Cookies\Current_User@yystatic[1].txt (189 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\login_btn[1].png (392 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\j[1].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\CAZ9H3MQ.gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\j[4].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\liveCard[1].swf (6435 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\j[10].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\j[18].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\MTMyYjhhMzYtODhjNS00MmJhLTk1M2ItNzBkY2YzYzVhMGMy[1].jpg (10986 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\CAG5EPK1.gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\j[11].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\CAS1ALZW.gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\default_portrait[2].jpg (7 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\86415000[1] (2639 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\j[6].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\N2FjOGQ3MGItODQxYS00ODA5LThkOGQtMWZmNWE2MWI1NzM5[1].jpg (2600 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\crossdomain[1].xml (199 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\86415000[1].htm (1 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\j[4].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\86415000[4].htm (1 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\d7wtWVI1Ol0AAAAAAAA5sxARP9E766[1].jpg (392 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\j[5].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\w-liveplayer-sprite[2].png (3 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\j[14].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\CAYJKPYF.gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\1371549646[2].htm (10365 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\desktop.ini (67 bytes)
    %Documents and Settings%\%current user%\Cookies\[email protected][1].txt (164 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\CATFNP7P.gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\danmaku[1].swf (4770 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\tz0M9VcuazEAAAAAAAAvAhGaUQY835[1].jpg (392 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\yy[1].htm (1681 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\j[2].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\CADR717H.gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\main[1].swf (4121 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\CAILCVYX.gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\user[4].gif (43 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\user[2].gif (43 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\tz0M9VZdRP8AAAAAAABOGkURMpY256[1].jpg (3384 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\udb.sdk.pcweb.embed.min[2].js (136 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\desktop.ini (67 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\d7wtWVcggoIAAAAAAABEjk6S4z4003[1].jpg (776 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\86415000[2].htm (1 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\j[9].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\j[5].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\CAWDQ7S5.gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\1371549646[2].htm (7095 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\1371549646[1].htm (40733 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\w-liveplayer-sprite-p24[1].png (932 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\liveBaseSceneConfig[1].xml (918 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\86415000[2].htm (1 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\desktop.ini (67 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\user[3].gif (43 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\j[14].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\86415000[2].htm (1 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\j[17].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\desktop.ini (67 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\crossdomain[1].htm (260 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\user[2].gif (43 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\user[4].gif (43 bytes)
    %Documents and Settings%\%current user%\Application Data\Macromedia\Flash Player\#SharedObjects\QEA5Z3QJ\c2.web.yystatic.com\pcInfo.sxx (70 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\tz0M9VcXMfcAAAAAAABR2ACo4I4351[1].jpg (776 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\j[3].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\main[1].swf (14457 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\defaultScene[1].swf (6016 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\210075[1].htm (816 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\CAN6QHRF.gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\w-liveplayer-sprite[2].png (3 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\NmRhYmZjOTAtYWFiOC00ZDAyLWFhOTUtMmIwNDI3OTk0YTgz[1].jpg (10690 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\CAY38DQF.gif (35 bytes)
    %Documents and Settings%\%current user%\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#c2.web.yystatic.com\settings.sxx (220 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\1264046092_1465050091.600552[1].jpg (392 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\login-close[1].png (1 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\playui[1].swf (1 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\j[8].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\duowan[1].js (1681 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\j[16].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\j[4].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\j[10].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\j[7].gif (70 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\udb.sdk.getmm.min[2].js (1 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\86415000[1].htm (1 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\core[1].htm (43686 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\tz0M9VdPA9EAAAAAAAA61AG8C_o574[1].jpg (392 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\keywords[1] (6303 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\CASDU7O9.gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\crossdomain[1].xml (263 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\j[13].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\tz0M9VcY1jwAAAAAAABER38yZBk347[1].jpg (776 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\hm[3].js (363 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\user[4].gif (43 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\headfoot.mix[1].css (5 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\86415000[3].htm (1 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\j[13].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\icons-index[2].png (7 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\w-liveplayer-errbg[1].jpg (3629 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\hm[3].js (363 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\StatisticsAction[1].json (58 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\user[5].gif (43 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\w-liveplayerToolBar-sprite[1].png (392 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\86415000[1].htm (1 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\user[1].gif (43 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\CAW16FG9.gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\j[4].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\ZGI4OGIzN2ItYjAzZS00NGFkLWEyNTQtZjQ1YjFhMDg4YzY4[1].jpg (6127 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\loading-white-mini[1].gif (392 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\CAGH2L1A.gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\YzczODkwMjMtNmJmZi00ZjBiLTk0NDYtNTcyNGVlOWYxODQ4[1].jpg (4902 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\j[11].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\tanx[1].gif (43 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\c[2].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\j[1].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\CABF5L8E.gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\user[2].gif (43 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\studio[1].css (29631 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\user[9].gif (43 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\MTQxYmJhMjMtODRkMi00MDU2LWI4ODktYzk3MDFkNGJhNWIx[1].jpg (392 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\CAVQ0FB1.gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\j[8].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\CAM7W161.gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\j[5].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\CA3RHP4Q.gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\1371549646[1].htm (20099 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\NjBhMWM0YjktYTY0ZC00MDI4LThkZGUtM2RjNzI1NGU1MGQ3[1].jpg (1928 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\desktop.ini (67 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\tz0M9VcDglUAAAAAAAA0AFVcLuE178[1].jpg (392 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\icons-leftMenu2[1].png (3 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\udb.sdk.pcweb.embed.min[1].js (1228 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\detail[2] (210 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\user[3].gif (43 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\default_load[2].png (4 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\1371549646[1].htm (19609 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\udb.sdk.getmm.min[1].js (2 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\1371549646[1].htm (23407 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\jquery-1.11.1.min[1].js (46001 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\j[8].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\yy[2] (360 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\CALR91OA.gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\86415000[5].htm (1 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\StatisticsAction[1].json (84 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\210075[1] (2522 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\j[6].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\j[12].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\headfoot.mix[2].css (26 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\CAO1YN8B.gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\j[13].gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQNSD2J\hiido_internal[1].js (6553 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\86415000[1].htm (1 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\CAC1AV45.gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\alpha-bg[1].png (1 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\hm[4].js (363 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\CA0TQROP.gif (35 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\4DQJW9YN\require[2].js (123 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\WLMVCPYN\j[15].gif (70 bytes)
    %Documents and Settings%\%current user%\Local Settings\Temporary Internet Files\Content.IE5\OPQISTQM\CAHYJJ56.gif (35 bytes)
    %System%\adlll.exe (12289 bytes)
    %System%\lore.exe (12289 bytes)
    

    4. 

  4. Delete the following value(s) in the autorun key (How to Work with System Registry):
    

    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "lore.exe" = "C:\Windows\System32\lore.exe"

    [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "adlll.exe" = "C:\Windows\System32\adlll.exe"
    

    5. 

  5. Clean the Temporary Internet Files folder, which may contain infected files (How to clean Temporary Internet Files folder).
    6. 

  6. Reboot the computer.
    7. 



*Manual removal may cause unexpected system behaviour and should be performed at your own risk.












 
 




 
No votes yet












				


							


			

				
					  
							

		

		


					
							

	

	
	        


	

        
      
 

      
      

      
    
 

    
  
 

		


		

		
			

			

				

					Lavasoft is the maker of Ad-Aware,
					the world's most popular anti-malware 
					software with over 450 million 
					downloads.
				

				

					© 2026 Lavasoft. All rights reserved.

					Terms Of Use |   Privacy Policy
					


								

			


		

		


	

	
	

	

		x
		
Our best antivirus yet!

		
Fresh new look. Faster scanning. Better protection.

		

			
Enjoy unique new features, lightning fast scans and a simple yet beautiful new look in our best antivirus yet!

			
For a quicker, lighter and more secure experience, download the all new adaware antivirus 12 now!

			
			Download adaware antivirus 12
		

		No thanks, continue to lavasoft.com
	

	

		

			close x
			
Discover the new adaware antivirus 12

			
Our best antivirus yet

			Download Now