Overview

URLhttp://tj.boxcpm.cn/tj.aspx?id=35)
IP67.221.176.194
ASNAS11403 The New York Internet Company
Location United States
Report completed2012-11-07 17:23:21 CET
StatusLoading report..
urlQuery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Adobe Reader8.0
Java1.6.0_26


Intrusion Detection Systems

Suricata /w Emerging Threats Pro No alerts detected
Snort /w Sourcefire VRT
Timestamp Source IP Destination IP Severity Alert
2012-11-07 17:22:42 123.125.115.126 urlQuery Client1BROWSER-IE Microsoft Internet Explorer userdata behavior memory corruption attempt


Recent reports on same IP/ASN/Domain

Last 6 reports on IP: 67.221.176.194

Date Alerts / IDS URL IP
2013-02-14 01:18:360 / 1http://static.xuxule.com/js/client.js67.221.176.194
2013-02-14 01:18:300 / 1http://static.xuxule.com/css/20130207.css67.221.176.194
2013-02-09 01:38:460 / 1http://static.xuxule.com/js/index_wenzi.js67.221.176.194
2013-02-09 01:38:450 / 1http://static.xuxule.com/js/index_tuwen.js67.221.176.194
2013-02-08 11:32:170 / 1http://static.xuxule.com/css/20130207.css67.221.176.194
2013-02-04 17:37:560 / 0http://static.xuxule.com67.221.176.194

Last 6 reports on ASN: AS11403 The New York Internet Company

Date Alerts / IDS URL IP
2013-02-18 09:28:500 / 0http://aspen.eccouncil.org96.47.78.67
2013-02-17 11:00:180 / 0http://5ffa2be4t02o9r7jz1jrlnqza0.hop.clickbank.net/96.47.69.60
2013-02-15 18:12:100 / 6http://features.rr.com/topic/American_Idol64.147.115.89
2013-02-14 22:15:290 / 0http://96.47.69.6096.47.69.60
2013-02-14 01:18:360 / 1http://static.xuxule.com/js/client.js67.221.176.194
2013-02-14 01:18:300 / 1http://static.xuxule.com/css/20130207.css67.221.176.194

Last 1 reports on domain: tj.boxcpm.cn

Date Alerts / IDS URL IP
2012-11-06 19:52:450 / 1http://tj.boxcpm.cn/tj.aspx?id=3567.221.176.194



JavaScript

Executed Scripts (6)


Executed Evals (0)


Executed Writes (2)

#1 JavaScript::Write (size: 347, repeated: 1) 

<iframe id="cprodp" src="http://cpro.baidu.com/cpro/ui/uijs.php?rs=1&u=http%3A%2F%2Fdnbiz.cn%3Fsite%3Dhttp%3A%2F%2Ftj.boxcpm.cn%2Ftj.aspx%3Fid%3D35)&n=10&t=domainparking&q=09066047_1_cpr&ch=0&cf=6" width="100%" height="1000" align="center,center" marginwidth="0"  marginheight="0" scrolling="no" frameborder="0" allowtransparency="true" ></iframe>

#2 JavaScript::Write (size: 105, repeated: 1) 

<script src=' http://hm.baidu.com/h.js?3e8be49727cbc1534d0a3b319e41a9ec' type='text/javascript'></script>


HTTP Transactions (18)


Request Response 
GET /tj.aspx?id=35) HTTP/1.1

Host: tj.boxcpm.cn

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
 
HTTP/1.1 200 OK

Content-Type: text/html; charset=utf-8

Server: nginx
Date: Wed, 07 Nov 2012 16:22:25 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.2.17
Set-Cookie: ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222cc804b83c8c1c4b5bdb1aa317d6b0db%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A14%3A%2280.203.168.254%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A90%3A%22Mozilla%2F5.0+%28Windows%3B+U%3B+Windows+NT+6.1%3B+en-US%3B+rv%3A1.9.2.13%29+Gecko%2F20101203+Firefox%2F3.6.13%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1352305345%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7Dd429489985a3cc4ea6363b7adbeb1063; expires=Wed, 07-Nov-2012 18:22:25 GMT; path=/
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, per-check=0
Content-Encoding: gzip
GET /cpro/ui/dp.js HTTP/1.1

Host: cpro.baidustatic.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tj.boxcpm.cn/tj.aspx?id=35)
 
HTTP/1.1 200 OK

Content-Type: application/x-javascript

Date: Wed, 07 Nov 2012 16:22:40 GMT
Content-Length: 515
Last-Modified: Fri, 26 Oct 2012 03:00:00 GMT
Connection: keep-alive
Content-Encoding: gzip
Server: Apache
Set-Cookie: BAIDUID=F8631CB1D77BCAC3A27DC8E30F428FAA:FG=1; expires=Thu, 07-Nov-13 16:22:40 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
P3P: CP=&quot; OTI DSP COR IVA OUR IND COM &quot;
Expires: Wed, 07 Nov 2012 17:22:40 GMT
Cache-Control: max-age=3600
GET /css/css.css HTTP/1.1

Host: static.xuxule.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tj.boxcpm.cn/tj.aspx?id=35)
 
HTTP/1.1 200 OK

Content-Type: text/css

Content-Length: 749
Content-Encoding: gzip
Last-Modified: Wed, 07 Nov 2012 10:22:54 GMT
Accept-Ranges: bytes
Etag: &quot;09317d9d1bccd1:2268&quot;
Vary: Accept-Encoding
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Wed, 07 Nov 2012 16:22:38 GMT
GET /cpro/ui/uijs.php?rs=1&u=http%3A%2F%2Fdnbiz.cn%3Fsite%3Dhttp%3A%2F%2Ftj.boxcpm.cn%2Ftj.aspx%3Fid%3D35)&n=10&t=domainparking&q=09066047_1_cpr&ch=0&cf=6 HTTP/1.1

Host: cpro.baidu.com
GET /cpro/ui/uijs.php?rs=1&amp;u=http%3A%2F%2Fdnbiz.cn%3Fsite%3Dhttp%3A%2F%2Ftj.boxcpm.cn%2Ftj.aspx%3Fid%3D35)&amp;n=10&amp;t=domainparking&amp;q=09066047_1_cpr&amp;ch=0&amp;cf=6 HTTP/1.1

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tj.boxcpm.cn/tj.aspx?id=35)
 
HTTP/1.1 200 OK

Content-Type: text/html

Date: Wed, 07 Nov 2012 16:22:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Thu Nov  8 00:22:42 2012
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
Server: Apache
Set-Cookie: BAIDUID=39FADD154A862423771E7600538D4BF4:FG=1; expires=Thu, 07-Nov-13 16:22:42 GMT; max-age=31536000; path=/; domain=.baidu.com; version=1
P3P: CP=&quot; OTI DSP COR IVA OUR IND COM &quot;
Content-Encoding: gzip
GET /sync.htm?cproid=39FADD154A862423771E7600538D4BF4%3AFG%3D1 HTTP/1.1

Host: cpro.baidustatic.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://cpro.baidu.com/cpro/ui/uijs.php?rs=1&amp;u=http%3A%2F%2Fdnbiz.cn%3Fsite%3Dhttp%3A%2F%2Ftj.boxcpm.cn%2Ftj.aspx%3Fid%3D35)&amp;n=10&amp;t=domainparking&amp;q=09066047_1_cpr&amp;ch=0&amp;cf=6
 
HTTP/1.1 200 OK

Content-Type: text/html

Date: Wed, 07 Nov 2012 16:22:42 GMT
Last-Modified: Fri, 19 Oct 2012 03:00:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Server: Apache
P3P: CP=&quot; OTI DSP COR IVA OUR IND COM &quot;
Content-Encoding: gzip
GET /h.js?3e8be49727cbc1534d0a3b319e41a9ec HTTP/1.1

Host: hm.baidu.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tj.boxcpm.cn/tj.aspx?id=35)
 
HTTP/1.1 200 OK

Content-Type: application/javascript

Etag: 46ff06dc1b54303ef9b2ce0946f823f8
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Set-Cookie: HMACCOUNT=0898E1878DF4CA86; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
P3P: CP=&quot;CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR&quot;
Connection: close
Content-Length: 5074
Date: Wed, 07 Nov 2012 16:22:42 GMT
Server: apache
GET /sync.htm?cproid=39FADD154A862423771E7600538D4BF4%3AFG%3D1 HTTP/1.1

Host: cpro.baidu.com

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://cpro.baidustatic.com/sync.htm?cproid=39FADD154A862423771E7600538D4BF4%3AFG%3D1
Cookie: BAIDUID=39FADD154A862423771E7600538D4BF4:FG=1
 
HTTP/1.1 200 OK

Content-Type: text/html

Date: Wed, 07 Nov 2012 16:22:43 GMT
Last-Modified: Fri, 19 Oct 2012 03:00:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Server: Apache
P3P: CP=&quot; OTI DSP COR IVA OUR IND COM &quot;
Content-Encoding: gzip
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1176x885&et=0&fl=10.0&ja=1&ln=en-US&lo=0&nv=1&rnd=775892573&si=3e8be49727cbc1534d0a3b319e41a9ec&st=1&v=1.0.34&lv=1 HTTP/1.1

Host: hm.baidu.com
GET /hm.gif?cc=1&amp;ck=1&amp;cl=24-bit&amp;ds=1176x885&amp;et=0&amp;fl=10.0&amp;ja=1&amp;ln=en-US&amp;lo=0&amp;nv=1&amp;rnd=775892573&amp;si=3e8be49727cbc1534d0a3b319e41a9ec&amp;st=1&amp;v=1.0.34&amp;lv=1 HTTP/1.1

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://tj.boxcpm.cn/tj.aspx?id=35)
Cookie: BAIDUID=39FADD154A862423771E7600538D4BF4:FG=1; HMACCOUNT=0898E1878DF4CA86
 
HTTP/1.1 200 OK

Content-Type: image/gif

Cache-Control: private, max-age=0, no-cache
Pragma: no-cache
X-Content-Type-Options: nosniff
Connection: close
Content-Length: 43
Date: Wed, 07 Nov 2012 16:22:43 GMT
Server: apache
GET /media/id=P1D3nHbLPHc&gp=403&time=nHnYnWDvnWcLns.jpg HTTP/1.1

Host: drmcmm.baidu.com
GET /media/id=P1D3nHbLPHc&amp;gp=403&amp;time=nHnYnWDvnWcLns.jpg HTTP/1.1

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://cpro.baidu.com/cpro/ui/uijs.php?rs=1&amp;u=http%3A%2F%2Fdnbiz.cn%3Fsite%3Dhttp%3A%2F%2Ftj.boxcpm.cn%2Ftj.aspx%3Fid%3D35)&amp;n=10&amp;t=domainparking&amp;q=09066047_1_cpr&amp;ch=0&amp;cf=6
Cookie: BAIDUID=39FADD154A862423771E7600538D4BF4:FG=1
 
HTTP/1.1 200 OK

Content-Type: image/jpeg

media: media
Cache-Control: max-age=31536000
Expires: Fri, 26 Oct 2012 12:24:13 GMT
Last-Modified: Sat, 25 Apr 2009 07:04:00 GMT
Date: Wed, 07 Nov 2012 16:22:43 GMT
Server: apache
Content-Length: 13204
GET /media/id=rHDdnjmdnWf&gp=403&time=nHndnHmLPHDsn6.jpg HTTP/1.1

Host: drmcmm.baidu.com
GET /media/id=rHDdnjmdnWf&amp;gp=403&amp;time=nHndnHmLPHDsn6.jpg HTTP/1.1

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://cpro.baidu.com/cpro/ui/uijs.php?rs=1&amp;u=http%3A%2F%2Fdnbiz.cn%3Fsite%3Dhttp%3A%2F%2Ftj.boxcpm.cn%2Ftj.aspx%3Fid%3D35)&amp;n=10&amp;t=domainparking&amp;q=09066047_1_cpr&amp;ch=0&amp;cf=6
Cookie: BAIDUID=39FADD154A862423771E7600538D4BF4:FG=1
 
HTTP/1.1 200 OK

Content-Type: image/jpeg

media: media
Cache-Control: max-age=31536000
Expires: Fri, 26 Oct 2012 12:24:13 GMT
Last-Modified: Sat, 25 Apr 2009 07:04:00 GMT
Date: Wed, 07 Nov 2012 16:22:43 GMT
Server: apache
Content-Length: 25527
GET /media/id=nHb3PjRvrH6&gp=403&time=nHnsPjmvnH61Ps.gif HTTP/1.1

Host: drmcmm.baidu.com
GET /media/id=nHb3PjRvrH6&amp;gp=403&amp;time=nHnsPjmvnH61Ps.gif HTTP/1.1

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://cpro.baidu.com/cpro/ui/uijs.php?rs=1&amp;u=http%3A%2F%2Fdnbiz.cn%3Fsite%3Dhttp%3A%2F%2Ftj.boxcpm.cn%2Ftj.aspx%3Fid%3D35)&amp;n=10&amp;t=domainparking&amp;q=09066047_1_cpr&amp;ch=0&amp;cf=6
Cookie: BAIDUID=39FADD154A862423771E7600538D4BF4:FG=1
 
HTTP/1.1 200 OK

Content-Type: image/gif

media: media
Cache-Control: max-age=31536000
Expires: Fri, 26 Oct 2012 12:24:13 GMT
Last-Modified: Sat, 25 Apr 2009 07:04:00 GMT
Date: Wed, 07 Nov 2012 16:22:43 GMT
Server: apache
Content-Length: 51342
GET /media/id=rj63nW01nWf&gp=403&time=nHndnjm1n1TsP6.jpg HTTP/1.1

Host: drmcmm.baidu.com
GET /media/id=rj63nW01nWf&amp;gp=403&amp;time=nHndnjm1n1TsP6.jpg HTTP/1.1

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://cpro.baidu.com/cpro/ui/uijs.php?rs=1&amp;u=http%3A%2F%2Fdnbiz.cn%3Fsite%3Dhttp%3A%2F%2Ftj.boxcpm.cn%2Ftj.aspx%3Fid%3D35)&amp;n=10&amp;t=domainparking&amp;q=09066047_1_cpr&amp;ch=0&amp;cf=6
Cookie: BAIDUID=39FADD154A862423771E7600538D4BF4:FG=1
 
HTTP/1.1 200 OK

Content-Type: image/jpeg

media: media
Cache-Control: max-age=31536000
Expires: Fri, 26 Oct 2012 12:24:13 GMT
Last-Modified: Sat, 25 Apr 2009 07:04:00 GMT
Date: Wed, 07 Nov 2012 16:22:43 GMT
Server: apache
Content-Length: 16721
GET /media/id=nH0LPHbzPjb&gp=403&time=nHc4nW01nWnvP6.jpg HTTP/1.1

Host: drmcmm.baidu.com
GET /media/id=nH0LPHbzPjb&amp;gp=403&amp;time=nHc4nW01nWnvP6.jpg HTTP/1.1

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://cpro.baidu.com/cpro/ui/uijs.php?rs=1&amp;u=http%3A%2F%2Fdnbiz.cn%3Fsite%3Dhttp%3A%2F%2Ftj.boxcpm.cn%2Ftj.aspx%3Fid%3D35)&amp;n=10&amp;t=domainparking&amp;q=09066047_1_cpr&amp;ch=0&amp;cf=6
Cookie: BAIDUID=39FADD154A862423771E7600538D4BF4:FG=1
 
HTTP/1.1 200 OK

Content-Type: image/jpeg

media: media
Cache-Control: max-age=31536000
Expires: Fri, 26 Oct 2012 12:24:13 GMT
Last-Modified: Sat, 25 Apr 2009 07:04:00 GMT
Date: Wed, 07 Nov 2012 16:22:45 GMT
Server: apache
Content-Length: 15938
GET /media/id=n1cdPWc4PHm&gp=403&time=nHnkPH64nHm4P6.jpg HTTP/1.1

Host: drmcmm.baidu.com
GET /media/id=n1cdPWc4PHm&amp;gp=403&amp;time=nHnkPH64nHm4P6.jpg HTTP/1.1

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://cpro.baidu.com/cpro/ui/uijs.php?rs=1&amp;u=http%3A%2F%2Fdnbiz.cn%3Fsite%3Dhttp%3A%2F%2Ftj.boxcpm.cn%2Ftj.aspx%3Fid%3D35)&amp;n=10&amp;t=domainparking&amp;q=09066047_1_cpr&amp;ch=0&amp;cf=6
Cookie: BAIDUID=39FADD154A862423771E7600538D4BF4:FG=1
 
HTTP/1.1 200 OK

Content-Type: image/jpeg

media: media
Cache-Control: max-age=31536000
Expires: Fri, 26 Oct 2012 12:24:13 GMT
Last-Modified: Sat, 25 Apr 2009 07:04:00 GMT
Date: Wed, 07 Nov 2012 16:22:43 GMT
Server: apache
Content-Length: 39210
GET /media/id=rHcLPHTkrjc&gp=403&time=nHndnWD3P1Dvn6.jpg HTTP/1.1

Host: drmcmm.baidu.com
GET /media/id=rHcLPHTkrjc&amp;gp=403&amp;time=nHndnWD3P1Dvn6.jpg HTTP/1.1

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://cpro.baidu.com/cpro/ui/uijs.php?rs=1&amp;u=http%3A%2F%2Fdnbiz.cn%3Fsite%3Dhttp%3A%2F%2Ftj.boxcpm.cn%2Ftj.aspx%3Fid%3D35)&amp;n=10&amp;t=domainparking&amp;q=09066047_1_cpr&amp;ch=0&amp;cf=6
Cookie: BAIDUID=39FADD154A862423771E7600538D4BF4:FG=1
 
HTTP/1.1 200 OK

Content-Type: image/jpeg

media: media
Cache-Control: max-age=31536000
Expires: Fri, 26 Oct 2012 12:24:13 GMT
Last-Modified: Sat, 25 Apr 2009 07:04:00 GMT
Date: Wed, 07 Nov 2012 16:22:46 GMT
Server: apache
Content-Length: 30996
GET /media/id=PWT3Pj0YPWD&gp=403&time=nHn1rHfsP1nzns.jpg HTTP/1.1

Host: drmcmm.baidu.com
GET /media/id=PWT3Pj0YPWD&amp;gp=403&amp;time=nHn1rHfsP1nzns.jpg HTTP/1.1

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://cpro.baidu.com/cpro/ui/uijs.php?rs=1&amp;u=http%3A%2F%2Fdnbiz.cn%3Fsite%3Dhttp%3A%2F%2Ftj.boxcpm.cn%2Ftj.aspx%3Fid%3D35)&amp;n=10&amp;t=domainparking&amp;q=09066047_1_cpr&amp;ch=0&amp;cf=6
Cookie: BAIDUID=39FADD154A862423771E7600538D4BF4:FG=1
 
HTTP/1.1 200 OK

Content-Type: image/jpeg

media: media
Cache-Control: max-age=31536000
Expires: Fri, 26 Oct 2012 12:24:13 GMT
Last-Modified: Sat, 25 Apr 2009 07:04:00 GMT
Date: Wed, 07 Nov 2012 16:22:47 GMT
Server: apache
Content-Length: 19775
GET /favicon.ico HTTP/1.1

Host: tj.boxcpm.cn

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222cc804b83c8c1c4b5bdb1aa317d6b0db%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A14%3A%2280.203.168.254%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A90%3A%22Mozilla%2F5.0+%28Windows%3B+U%3B+Windows+NT+6.1%3B+en-US%3B+rv%3A1.9.2.13%29+Gecko%2F20101203+Firefox%2F3.6.13%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1352305345%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7Dd429489985a3cc4ea6363b7adbeb1063; Hm_lvt_3e8be49727cbc1534d0a3b319e41a9ec=1352305362981; Hm_lpvt_3e8be49727cbc1534d0a3b319e41a9ec=1352305362981
 
HTTP/1.1 200 OK

Content-Type: text/html; charset=utf-8

Server: nginx
Date: Wed, 07 Nov 2012 16:22:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.2.17
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, per-check=0
Content-Encoding: gzip
GET /favicon.ico HTTP/1.1

Host: tj.boxcpm.cn

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: ci_session=a%3A5%3A%7Bs%3A10%3A%22session_id%22%3Bs%3A32%3A%222cc804b83c8c1c4b5bdb1aa317d6b0db%22%3Bs%3A10%3A%22ip_address%22%3Bs%3A14%3A%2280.203.168.254%22%3Bs%3A10%3A%22user_agent%22%3Bs%3A90%3A%22Mozilla%2F5.0+%28Windows%3B+U%3B+Windows+NT+6.1%3B+en-US%3B+rv%3A1.9.2.13%29+Gecko%2F20101203+Firefox%2F3.6.13%22%3Bs%3A13%3A%22last_activity%22%3Bi%3A1352305345%3Bs%3A9%3A%22user_data%22%3Bs%3A0%3A%22%22%3B%7Dd429489985a3cc4ea6363b7adbeb1063; Hm_lvt_3e8be49727cbc1534d0a3b319e41a9ec=1352305362981; Hm_lpvt_3e8be49727cbc1534d0a3b319e41a9ec=1352305362981
 
HTTP/1.1 200 OK

Content-Type: text/html; charset=utf-8

Server: nginx
Date: Wed, 07 Nov 2012 16:22:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.2.17
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, per-check=0
Content-Encoding: gzip