Overview

URL down1.nanawg.com/201311/nanawg.com-liandan1110sp1.zip
IP52.69.166.231
ASNAS16509 Amazon.com, Inc.
Location Japan
Report completed2017-12-07 18:25:28 CET
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2017-12-07 2 down1.nanawg.com/201311/nanawg.com-liandan1110sp1.zip Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 52.69.166.231

Date UQ / IDS / BL URL IP
2017-12-13 22:03:52 +0100
0 - 0 - 2 yqps.net/barki/mc0ty/6a6d8bbd259ef822f04cac55 (...) 52.69.166.231
2017-12-13 17:49:28 +0100
0 - 0 - 1 wyuan.com/showpro.asp?pagecount= 52.69.166.231
2017-12-13 16:42:15 +0100
0 - 0 - 1 wyuan.com/showpro.asp?pagecount= 52.69.166.231
2017-12-13 10:24:07 +0100
0 - 0 - 1 d2.warmh.cn/soft/War_M_H-X_v1.2.rar 52.69.166.231
2017-12-13 07:27:02 +0100
0 - 0 - 1 dat.958167.com/ 52.69.166.231
2017-12-13 04:24:51 +0100
0 - 0 - 1 d2.warmh.cn/soft/War_M_H-X_v1.2.rar 52.69.166.231
2017-12-13 04:07:03 +0100
0 - 0 - 1 d2.warmh.cn/soft/War_M_H-X_v1.2.rar 52.69.166.231
2017-12-13 02:24:24 +0100
0 - 0 - 1 d2.warmh.cn/soft/War_M_H-X_v1.2.rar 52.69.166.231
2017-12-11 04:54:31 +0100
0 - 0 - 1 lu990.com/ 52.69.166.231
2017-12-08 10:23:38 +0100
0 - 0 - 1 d2.warmh.cn/soft/War_M_H-X_v1.2.rar 52.69.166.231

Last 10 reports on ASN: AS16509 Amazon.com, Inc.

Date UQ / IDS / BL URL IP
2017-12-16 07:49:02 +0100
0 - 1 - 0 ec2-52-19-110-102.eu-west-1.compute.amazonaws.com/ 52.19.110.102
2017-12-16 07:46:09 +0100
2 - 0 - 0 microsoft.com.unglaublichepreise.win/c1-v939- (...) 54.93.122.66
2017-12-16 07:44:28 +0100
0 - 0 - 1 zwy65.com/c/8c7d6454-d63b-4039-98a3-7f3649c17 (...) 54.148.187.83
2017-12-16 07:36:59 +0100
2 - 0 - 0 microsoft.com.slamdunkpreise.men/c1-v939-de-L (...) 54.93.122.66
2017-12-16 07:29:18 +0100
0 - 0 - 0 https://addons.mozilla.org/en-US/firefox/addo (...) 54.186.15.125
2017-12-16 07:16:53 +0100
2 - 0 - 0 amazon.de.glucklichergadgetspreis.review/c1-v (...) 54.93.122.66
2017-12-16 07:16:48 +0100
0 - 0 - 0 https://addons.mozilla.org/en-US/firefox/addo (...) 54.186.15.125
2017-12-16 06:58:51 +0100
2 - 0 - 0 amazon.de.geschenkeinpremiumqualitat.bid/c1-v (...) 54.93.122.66
2017-12-16 06:56:42 +0100
0 - 0 - 0 ow.ly/BZjC30hgoCI 54.67.57.56
2017-12-16 06:50:51 +0100
2 - 0 - 0 amazon.de.kostenlos2017gadgets.stream/c1-v954 (...) 54.93.122.66

No other reports on domain: nanawg.com



JavaScript

Executed Scripts (12)


Executed Evals (0)


Executed Writes (16)

#1 JavaScript::Write (size: 7, repeated: 2) - SHA256: e0c7bb7b72eeecfc07340f6bce5874176ae2e9d13551d2d6a6f3409e66c2f8c9

                                        < /form>
                                    

#2 JavaScript::Write (size: 156, repeated: 1) - SHA256: d5096ca005d2fcff353ec611aa5f0c760f08cd36ea9f2f504d93c1e5d5c35095

                                        < a href = 'http://www.cnzz.com/stat/website.php?web_id=1260476477'
target = _blank title = '&#31449;&#38271;&#32479;&#35745;' > & #31449;&# 38271; & #32479;&# 35745; < /a>
                                    

#3 JavaScript::Write (size: 127, repeated: 1) - SHA256: 375cfd3c2bcda1f56321ddf5054730894e7a4c476e7a7048d6aed6cd1bb70ab3

                                        < form style = "margin:0px;padding:0px"
id = "MediaForm"
method = "get"
action = "http://cpv.ty229.com/media-count.php"
target = "_blank" >
                                    

#4 JavaScript::Write (size: 135, repeated: 1) - SHA256: 3935ccd55b7183a2c3eff25abd7dd136378ddcf361387c5dbc6116627decd9d0

                                        < form style = "margin:0px;padding:0px"
id = "j__f"
method = "get"
action = "http://media.jointreport-switch.com/jr_jquery.php"
target = "_blank" >
                                    

#5 JavaScript::Write (size: 207, repeated: 1) - SHA256: 512a95804fb1195f29156ff78ea0fc749e47ac7929c4e707a351401de3332343

                                        < iframe marginheight = "0"
marginwidth = "0"
width = "300"
height = "250"
style = "margin:0"
frameborder = "0"
scrolling = "no"
allowtransparency = "true"
src = "http://static.3.chenggao.cn/fronts/100413/300250.gif" > < /iframe>
                                    

#6 JavaScript::Write (size: 474, repeated: 1) - SHA256: 73f359cd6e3cede7053974acfa22c028cf0ce0f176187e954ef21bd1665dcdf3

                                        < iframe src = "http://cpv.ty229.com/media-display.php?mp=100486,100451,100451,liyue0712@gmail.com,MC45&ap=300,250,100451,100413,100416,1,0&pp=1%7C1512667894%7Chttp%253A%252F%252Fparking.zunmi.cn%252F%253Fsite%253Dnanawg.com%2526acct%253D1108%7C%7C1%2C1%2Cen%2C1%2C1176_885&kp=1&secret=985c5f129c046c713fc9b30b30ad20963b0&st=1512667895987"
marginheight = "0"
marginwidth = "0"
width = "0"
height = "0"
style = "margin:0"
frameborder = "0"
scrolling = "no"
allowtransparency = "true" > < /iframe>
                                    

#7 JavaScript::Write (size: 462, repeated: 1) - SHA256: f11481fa5877986330f16bfb08461ae72acca2e56f7e917f210cd217d9f3aa38

                                        < iframe src = "http://media.jointreport-switch.com/jr_prototype.php?mp=7946,6358,5393,liyue,MC42&ap=320,270,6358,4557,5229,1,0&pp=1%7C1512667894%7Chttp%253A%252F%252Fparking.zunmi.cn%252F%253Fsite%253Dnanawg.com%2526acct%253D1108%7C%7C1%2C1%2Cen%2C1%2C1176_885&kp=2&secret=458b0f3421a9ae41108f7ccfc50e91812b0&st=1512667895019"
marginheight = "0"
marginwidth = "0"
width = "0"
height = "0"
style = "margin:0"
frameborder = "0"
scrolling = "no"
allowtransparency = "true" > < /iframe>
                                    

#8 JavaScript::Write (size: 74, repeated: 1) - SHA256: e8c1c8747113ddbe37eddd8553b1021cd3e902e43244a129f930da4858b729aa

                                        < input type = "hidden"
name = "ap"
value = "300,250,100451,100413,100416,1,0" / >
                                    

#9 JavaScript::Write (size: 68, repeated: 1) - SHA256: 89fa5663e87d3d0397dab95d775b9ea961b7d7082e29cff2b8859b41df65171b

                                        < input type = "hidden"
name = "ap"
value = "320,270,6358,4557,5229,1,0" / >
                                    

#10 JavaScript::Write (size: 87, repeated: 1) - SHA256: 4d5a4bc3646b764943d067984bff92b20b64f2d9d04738038f4b5bf661df034e

                                        < input type = "hidden"
name = "mp"
value = "100486,100451,100451,liyue0712@gmail.com,MC45" / >
                                    

#11 JavaScript::Write (size: 67, repeated: 1) - SHA256: 4e4baef2a4bcb03f6ebccd358e5075d73c9dda0949b00707b1bec4dcdff03c9d

                                        < input type = "hidden"
name = "mp"
value = "7946,6358,5393,liyue,MC42" / >
                                    

#12 JavaScript::Write (size: 55, repeated: 2) - SHA256: a9887e5f1cb82498246ed057c59ac8baba87bfe431bcc3a37e3d96ab32ae1383

                                        < input type = "hidden"
name = "mps"
id = "mps"
value = "0_0" / >
                                    

#13 JavaScript::Write (size: 47, repeated: 2) - SHA256: 23ea894b8cefdc185e2042f83ac1dc30348e6c319b56cc21cd560503e1fd285c

                                        < input type = "hidden"
name = "pf"
value = "click" / >
                                    

#14 JavaScript::Write (size: 172, repeated: 2) - SHA256: 1106afbdae421b0337a5bf2dbe27157b365c6ac45360205625f98a81ebcbe742

                                        < input type = "hidden"
name = "pp"
value = "1%7C1512667894%7Chttp%253A%252F%252Fparking.zunmi.cn%252F%253Fsite%253Dnanawg.com%2526acct%253D1108%7C%7C1%2C1%2Cen%2C1%2C1176_885" / >
                                    

#15 JavaScript::Write (size: 657, repeated: 1) - SHA256: aa788a448159f7bf8b813b203eff301e1ff35b15ac38f826506ffeb9a0204dd7

                                        < object classid = 'clsid:d27cdb6e-ae6d-11cf-96b8-444553540000'
codebase = 'http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=8,0,24,0'
width = '320'
height = '270'
align = 'middle' > < param name = 'movie'
value = 'http://lg1.jointreport-switch.com/html/4557/320270.swf' > < param name = 'quality'
value = 'high' > < param name = 'menu'
value = 'false' > < param name = 'wmode'
value = 'transparent' > < embed pluginspage = 'http://www.macromedia.com/go/getflashplayer'
width = '320'
height = '270'
align = 'middle'
type = 'application/x-shockwave-flash'
src = 'http://lg1.jointreport-switch.com/html/4557/320270.swf'
quality = 'high'
menu = 'false'
wmode = 'transparent' > < /embed></object >
                                    

#16 JavaScript::Write (size: 111, repeated: 1) - SHA256: 475c92171004b9bee9d6e52165158da1b614bec45222c39f53e83dff1b497279

                                        < script src = 'http://c.cnzz.com/core.php?web_id=1260476477&t=z'
charset = 'utf-8'
type = 'text/javascript' > < /script>
                                    


HTTP Transactions (40)


Request Response
                                        
                                            GET /201311/nanawg.com-liandan1110sp1.zip HTTP/1.1 
Host: down1.nanawg.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         52.69.166.231
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx/1.6.2
Date: Thu, 07 Dec 2017 17:31:06 GMT
Content-Length: 0
Connection: keep-alive
Location: http://parking.zunmi.cn/?site=nanawg.com&acct=1108
X-Frame-Options: DENY


--- Additional Info ---

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /?site=nanawg.com&acct=1108 HTTP/1.1 
Host: parking.zunmi.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         47.93.103.196
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx/1.6.2
Date: Thu, 07 Dec 2017 17:31:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: DENY
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1772
Md5:    431625068c3e83718cbbe0c4c77b7482
Sha1:   de1239db95173d9fff0348dab0d923ce582375c2
Sha256: 15d7e092f8e4e77a563df41bbf12b02d612b965c6f364fc252f3643cbae69755
                                        
                                            GET /lparking/css/style_native_pc.css?v=171128 HTTP/1.1 
Host: cdn.dragonstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://parking.zunmi.cn/?site=nanawg.com&acct=1108

                                         
                                         195.27.31.253
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: Tengine
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Date: Thu, 07 Dec 2017 17:17:29 GMT
Last-Modified: Tue, 28 Nov 2017 05:38:33 GMT
Etag: W/"5a1cf659-98d"
Via: cache25.l2de1[836,304-0,H], cache50.l2de1[997,0], cache7.de1[0,200-0,H], cache8.de1[0,0]
X-Swift-Error: forward connect timeout
Age: 843
X-Cache: HIT TCP_MEM_HIT dirn:2:149367249 mlen:-1
X-Swift-SaveTime: Thu, 07 Dec 2017 17:17:29 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: c31b1fd015126678922338461e
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1029
Md5:    7f7dbcd917d05cb18373f74e120921b1
Sha1:   6b200296cf8fab966743e8d863e4e16ca546828f
Sha256: a20fa13baefb5a8bfedb521a46daa902770cb0fddcc0e51932028543aa7a667b
                                        
                                            GET /lparking/css/style.css HTTP/1.1 
Host: cdn.dragonstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://parking.zunmi.cn/?site=nanawg.com&acct=1108

                                         
                                         195.27.31.253
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: Tengine
Content-Length: 772
Connection: keep-alive
Date: Thu, 07 Dec 2017 17:30:21 GMT
Last-Modified: Fri, 10 Nov 2017 09:57:56 GMT
Etag: "5a057824-304"
Accept-Ranges: bytes
Via: cache18.l2de1[836,304-0,H], cache11.l2de1[969,0], cache5.de1[0,200-0,H], cache9.de1[1,0]
Age: 71
X-Cache: HIT TCP_MEM_HIT dirn:5:850908175 mlen:-1
X-Swift-SaveTime: Thu, 07 Dec 2017 17:30:21 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: c31b1fd115126678921967589e


--- Additional Info ---
Magic:  UTF-8 Unicode C program text
Size:   772
Md5:    8989e3b4409ca6f7eed032553f8c4f2a
Sha1:   f802df229b0eb513e0dd3bbc09feda1de580dec7
Sha256: d0eee3c407452957b11c4547212798ec5011e3d358632c4ef9745488fa1de475
                                        
                                            GET /parking/js/track.js HTTP/1.1 
Host: cdn.dragonstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://parking.zunmi.cn/?site=nanawg.com&acct=1108

                                         
                                         195.27.31.253
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: Tengine
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Date: Thu, 07 Dec 2017 16:35:28 GMT
Last-Modified: Sun, 29 May 2016 09:46:19 GMT
Etag: W/"574aba6b-13ea"
Via: cache17.l2de1[628,304-0,H], cache61.l2de1[750,0], cache9.de1[0,200-0,H], cache7.de1[1,0]
X-Swift-Error: forward connect timeout
Age: 3364
X-Cache: HIT TCP_MEM_HIT dirn:0:242107240 mlen:-1
X-Swift-SaveTime: Thu, 07 Dec 2017 16:35:29 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: c31b1fcf15126678921996490e
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1744
Md5:    f1847b403815a28665805397db038e09
Sha1:   29da389dbdc601e7286d3282e07823a8b8fd3192
Sha256: 25acb750b87d9f7cb61c1cb097451dda9c33dfc09486d7cfb3fb8cb04321fcf4
                                        
                                            GET /?uid=5393 HTTP/1.1 
Host: media.jointreport-switch.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://parking.zunmi.cn/?site=nanawg.com&acct=1108

                                         
                                         60.12.69.149
HTTP/1.1 200 OK
Content-Type: text/html; charset=gb2312
                                        
Server: tengine
Date: Thu, 07 Dec 2017 17:31:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.3.28
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Cache-Control: no-cache, must-revalidate
Set-Cookie: staticImageHost=static; expires=Sun, 28-Oct-2334 11:18:11 GMT; path=/; domain=.jointreport-switch.com


--- Additional Info ---
Magic:  ASCII text, with very long lines, with CRLF line terminators
Size:   7745
Md5:    532b912e2a27f1fb2d00480635dabea7
Sha1:   044639adced533d6d8d2046753dd3344aa80cf2e
Sha256: 4340f07838a2fb466075f69beb185a0503abd6f11f47fdd50c2d23cf3c2b87aa
                                        
                                            GET /media.php?id=100451 HTTP/1.1 
Host: cz01016102.ms758.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://parking.zunmi.cn/?site=nanawg.com&acct=1108

                                         
                                         122.224.223.183
HTTP/1.1 200 OK
Content-Type: text/html; charset=gb2312
                                        
Server: nginx/1.4.3
Date: Thu, 07 Dec 2017 17:31:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.3.28
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Cache-Control: no-cache, must-revalidate
Set-Cookie: cgImageHost=static.3; expires=Sun, 28-Oct-2334 11:18:11 GMT; path=/; domain=.chenggao.cn


--- Additional Info ---
Magic:  ASCII text, with very long lines, with CRLF line terminators
Size:   12010
Md5:    00fa44c448447a43df435332b31a7406
Sha1:   b057caec359dacc5e2ca3999895713c0a34e85ea
Sha256: 1a0b07c904dfff80097a85b110bb2d082cc3185dc3bb6659c981ff3022a5a8e5
                                        
                                            GET /parking/cnzz.html HTTP/1.1 
Host: cdn.dragonstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://parking.zunmi.cn/?site=nanawg.com&acct=1108

                                         
                                         195.27.31.253
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: Tengine
Content-Length: 170
Connection: keep-alive
Date: Thu, 07 Dec 2017 17:22:57 GMT
Last-Modified: Tue, 27 Sep 2016 07:12:26 GMT
Etag: "57ea1bda-aa"
Accept-Ranges: bytes
Via: cache36.l2de1[3832,304-0,H], cache18.l2de1[3833,0], cache3.de1[0,200-0,H], cache8.de1[0,0]
Age: 516
X-Cache: HIT TCP_MEM_HIT dirn:3:832126988 mlen:-1
X-Swift-SaveTime: Thu, 07 Dec 2017 17:22:57 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: c31b1fd015126678932268879e


--- Additional Info ---
Magic:  HTML document text
Size:   170
Md5:    235f00088273db110003d5a31be48260
Sha1:   9971f11927a2e4ea5aeca14a84c119aaf174df76
Sha256: b4aab4111b352794eb354f3cb6ad8c009f975fa17f17ee13b836dd1d87a5e0ca
                                        
                                            GET /dp/bali.png HTTP/1.1 
Host: dp.cdn.qingchu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://parking.zunmi.cn/?site=nanawg.com&acct=1108

                                         
                                         122.72.35.138
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: Tengine
Content-Length: 22417
Connection: keep-alive
Date: Thu, 07 Dec 2017 16:56:37 GMT
Last-Modified: Tue, 28 Nov 2017 02:07:08 GMT
Etag: "5a1cc4cc-5791"
Accept-Ranges: bytes
Via: cache48.l2et15-2[0,304-0,H], cache35.l2et15-2[1,0], kunlun5.cn70[0,200-0,H], kunlun10.cn70[1,0]
Age: 2095
X-Cache: HIT TCP_MEM_HIT dirn:8:44996392 mlen:-1
X-Swift-SaveTime: Thu, 07 Dec 2017 17:11:29 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 7a4823ca15126678927355654e


--- Additional Info ---
Magic:  PNG image, 246 x 123, 8-bit colormap, interlaced
Size:   22417
Md5:    bc59226c425d84cfb65a19e35714b968
Sha1:   0218f416a07b0cf16a7f0bc9f36b852dd3dacad5
Sha256: 3cdb2ab7474a4d37494f3d17121cef27cea55823589e35f90eaeb0a74409eccd
                                        
                                            GET /dp/niuyue.png HTTP/1.1 
Host: dp.cdn.qingchu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://parking.zunmi.cn/?site=nanawg.com&acct=1108

                                         
                                         122.72.35.138
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: Tengine
Content-Length: 19567
Connection: keep-alive
Date: Thu, 07 Dec 2017 16:56:30 GMT
Last-Modified: Tue, 28 Nov 2017 02:07:08 GMT
Etag: "5a1cc4cc-4c6f"
Accept-Ranges: bytes
Via: cache20.l2et15-2[0,304-0,H], cache4.l2et15-2[0,0], kunlun6.cn70[0,200-0,H], kunlun7.cn70[1,0]
Age: 2102
X-Cache: HIT TCP_MEM_HIT dirn:8:109991978 mlen:-1
X-Swift-SaveTime: Thu, 07 Dec 2017 17:11:29 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 7a4823d715126678927394470e


--- Additional Info ---
Magic:  PNG image, 246 x 123, 8-bit colormap, interlaced
Size:   19567
Md5:    d8d0823331e72cbd8c4ea9b0eb6ab953
Sha1:   1dca9b81469a616fab2c016e15e8c7dd2c554b5d
Sha256: e36830b46dbd273a9f5c0759bd60a0518969136e5c994aa0b2419e7658574ee7
                                        
                                            GET /dp/luoshanji.png HTTP/1.1 
Host: dp.cdn.qingchu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://parking.zunmi.cn/?site=nanawg.com&acct=1108

                                         
                                         122.72.35.138
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: Tengine
Content-Length: 23626
Connection: keep-alive
Date: Thu, 07 Dec 2017 16:57:15 GMT
Last-Modified: Tue, 28 Nov 2017 02:07:08 GMT
Etag: "5a1cc4cc-5c4a"
Accept-Ranges: bytes
Via: cache10.l2et15-2[0,304-0,H], cache11.l2et15-2[0,0], kunlun2.cn70[0,200-0,H], kunlun9.cn70[0,0]
Age: 2057
X-Cache: HIT TCP_MEM_HIT dirn:4:362465309 mlen:-1
X-Swift-SaveTime: Thu, 07 Dec 2017 17:08:23 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 7a4823c915126678927415001e


--- Additional Info ---
Magic:  PNG image, 246 x 123, 8-bit colormap, interlaced
Size:   23626
Md5:    632de90cf18ea525515c271567261ed5
Sha1:   3ecfa78909788e45e4dcda036886524e4953298e
Sha256: f2e33c397a3a4da72c88a7222ef0c7fc5c8b6662ad6510a52a4fb61874d3f55b
                                        
                                            GET /dp/lundun.png HTTP/1.1 
Host: dp.cdn.qingchu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://parking.zunmi.cn/?site=nanawg.com&acct=1108

                                         
                                         122.72.35.138
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: Tengine
Content-Length: 26293
Connection: keep-alive
Date: Thu, 07 Dec 2017 16:57:22 GMT
Last-Modified: Tue, 28 Nov 2017 02:07:08 GMT
Etag: "5a1cc4cc-66b5"
Accept-Ranges: bytes
Via: cache23.l2et15-2[0,304-0,H], cache29.l2et15-2[0,0], kunlun5.cn70[0,200-0,H], kunlun6.cn70[0,0]
Age: 2050
X-Cache: HIT TCP_MEM_HIT dirn:0:294869855 mlen:-1
X-Swift-SaveTime: Thu, 07 Dec 2017 17:10:50 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 7a4823c615126678927431855e


--- Additional Info ---
Magic:  PNG image, 246 x 123, 8-bit colormap, interlaced
Size:   26293
Md5:    514cb3338457d7a4f6ce9dc2e435d0be
Sha1:   aebe063884a3b80fb9270f8e894707e471eae9bd
Sha256: 8fa7091c94b85f3da25454b8792c53e960fcace391541ac9837a27a54b7fb90b
                                        
                                            GET /dp/dongjing.png HTTP/1.1 
Host: dp.cdn.qingchu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://parking.zunmi.cn/?site=nanawg.com&acct=1108

                                         
                                         122.72.35.138
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: Tengine
Content-Length: 26176
Connection: keep-alive
Date: Thu, 07 Dec 2017 16:48:22 GMT
Last-Modified: Tue, 28 Nov 2017 02:07:08 GMT
Etag: "5a1cc4cc-6640"
Accept-Ranges: bytes
Via: cache27.l2nu17-1[0,304-0,H], cache2.l2nu17-1[1,0], kunlun6.cn70[0,200-0,H], kunlun5.cn70[0,0]
Age: 2590
X-Cache: HIT TCP_MEM_HIT dirn:7:154270794 mlen:-1
X-Swift-SaveTime: Thu, 07 Dec 2017 17:10:49 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 7a4823c515126678927466785e


--- Additional Info ---
Magic:  PNG image, 246 x 123, 8-bit colormap, interlaced
Size:   26176
Md5:    7e5d8e17cc561022b6bf271ad63c5f8e
Sha1:   304be6b300cb2691d10eecec5d584ad82f8a82c6
Sha256: 3f04fff71927b7581431871f68c74126a3fad221884ba0aa1f950b36dfbb4c68
                                        
                                            GET /dp/shanghai.png HTTP/1.1 
Host: dp.cdn.qingchu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://parking.zunmi.cn/?site=nanawg.com&acct=1108

                                         
                                         122.72.35.138
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: Tengine
Content-Length: 20706
Connection: keep-alive
Date: Thu, 07 Dec 2017 16:46:51 GMT
Last-Modified: Tue, 28 Nov 2017 02:07:08 GMT
Etag: "5a1cc4cc-50e2"
Accept-Ranges: bytes
Via: cache3.l2nu17-1[0,304-0,H], cache17.l2nu17-1[0,0], kunlun3.cn70[0,200-0,H], kunlun3.cn70[0,0]
Age: 2681
X-Cache: HIT TCP_MEM_HIT dirn:0:239461477 mlen:-1
X-Swift-SaveTime: Thu, 07 Dec 2017 17:10:46 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 7a4823d615126678927428589e


--- Additional Info ---
Magic:  PNG image, 246 x 123, 8-bit colormap, interlaced
Size:   20706
Md5:    0c054c0d4b71a585d5b6a47934a39133
Sha1:   861ab3a6cdfc207cbd1d4f1036a3d3accf5b4a1a
Sha256: 3411df75de6abbfdd5a309cce40f758c9d3eeab5f26fd6ab6938e81cbbf94489
                                        
                                            GET /css/logos/top_logo@2x.png HTTP/1.1 
Host: kl.cdn.qingchu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://parking.zunmi.cn/?site=nanawg.com&acct=1108

                                         
                                         122.72.35.138
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: Tengine
Content-Length: 30388
Connection: keep-alive
Date: Thu, 07 Dec 2017 16:30:20 GMT
Last-Modified: Thu, 07 Dec 2017 08:55:15 GMT
Etag: "5a2901f3-76b4"
Accept-Ranges: bytes
Via: cache11.l2et15-2[0,304-0,H], cache42.l2et15-2[0,0], kunlun5.cn70[0,200-0,H], kunlun8.cn70[0,0]
Age: 3672
X-Cache: HIT TCP_MEM_HIT dirn:2:44979475 mlen:-1
X-Swift-SaveTime: Thu, 07 Dec 2017 17:04:30 GMT
X-Swift-CacheTime: 2935
Timing-Allow-Origin: *
EagleId: 7a4823da15126678927335824e


--- Additional Info ---
Magic:  PNG image, 750 x 110, 8-bit/color RGBA, non-interlaced
Size:   30388
Md5:    159f0e0c4fecab8d65dbc7f32c4fc48e
Sha1:   d26a66da7b6ed1ac4ccf2604042ee01999df2be6
Sha256: 0ae6552f70eb14ee3caa5d9561104077896381e91c5eec53d3a217e00eabb0c9
                                        
                                            GET /dp/beijing.png HTTP/1.1 
Host: dp.cdn.qingchu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://parking.zunmi.cn/?site=nanawg.com&acct=1108

                                         
                                         122.72.35.138
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: Tengine
Content-Length: 17270
Connection: keep-alive
Date: Thu, 07 Dec 2017 16:12:26 GMT
Last-Modified: Tue, 28 Nov 2017 02:07:08 GMT
Etag: "5a1cc4cc-4376"
Accept-Ranges: bytes
Via: cache2.l2nu17-1[0,304-0,H], cache46.l2nu17-1[0,0], kunlun1.cn70[0,200-0,H], kunlun10.cn70[0,0]
Age: 4747
X-Cache: HIT TCP_MEM_HIT dirn:8:426132602 mlen:-1
X-Swift-SaveTime: Thu, 07 Dec 2017 17:06:32 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 7a4823ca15126678934825894e


--- Additional Info ---
Magic:  PNG image, 246 x 123, 8-bit colormap, interlaced
Size:   17270
Md5:    3ed919f2674fa60cc51c789562840cfe
Sha1:   13e6e9d1854be7bff9a39b5dbe24b42c3cf2d93d
Sha256: 147b1c8390f3aafa513a7aaf4143a09af1bcb3fd448ad7247a61cb902eae707d
                                        
                                            GET /dp/mangu.png HTTP/1.1 
Host: dp.cdn.qingchu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://parking.zunmi.cn/?site=nanawg.com&acct=1108

                                         
                                         122.72.35.138
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: Tengine
Content-Length: 22149
Connection: keep-alive
Date: Thu, 07 Dec 2017 16:48:22 GMT
Last-Modified: Tue, 28 Nov 2017 02:07:08 GMT
Etag: "5a1cc4cc-5685"
Accept-Ranges: bytes
Via: cache17.l2nu17-1[0,304-0,H], cache24.l2nu17-1[1,0], kunlun4.cn70[0,200-0,H], kunlun7.cn70[1,0]
Age: 2591
X-Cache: HIT TCP_MEM_HIT dirn:6:168442179 mlen:-1
X-Swift-SaveTime: Thu, 07 Dec 2017 17:10:06 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 7a4823d715126678934934699e


--- Additional Info ---
Magic:  PNG image, 246 x 123, 8-bit colormap, interlaced
Size:   22149
Md5:    bdfb3228ceb80d61f3b261c528b4af28
Sha1:   5c8fda200c8834afe32d3af4075243d624b6cd94
Sha256: 0c2e4063e5acc43e462fd28d5c982a07da68bf661a9ec81b1c61f01a9c43ef12
                                        
                                            GET /dp/taibei.png HTTP/1.1 
Host: dp.cdn.qingchu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://parking.zunmi.cn/?site=nanawg.com&acct=1108

                                         
                                         122.72.35.138
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: Tengine
Content-Length: 28217
Connection: keep-alive
Date: Thu, 07 Dec 2017 16:51:53 GMT
Last-Modified: Tue, 28 Nov 2017 02:07:08 GMT
Etag: "5a1cc4cc-6e39"
Accept-Ranges: bytes
Via: cache30.l2et15-2[0,304-0,H], cache30.l2et15-2[0,0], kunlun2.cn70[0,200-0,H], kunlun9.cn70[1,0]
Age: 2380
X-Cache: HIT TCP_MEM_HIT dirn:6:407666522 mlen:-1
X-Swift-SaveTime: Thu, 07 Dec 2017 17:11:43 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 7a4823c915126678935035281e


--- Additional Info ---
Magic:  PNG image, 246 x 123, 8-bit colormap, interlaced
Size:   28217
Md5:    759fa853f9e95087f9756e61c0777356
Sha1:   ea611de25fef7930ab67d32810fde937a4106e36
Sha256: 719f034f9d7519bad1e82c88205439a486fc8f9ce0b5ab2d970e37bddfd211b1
                                        
                                            GET /jr_memched.php?pp=1%7C1512667894%7Chttp%253A%252F%252Fparking.zunmi.cn%252F%253Fsite%253Dnanawg.com%2526acct%253D1108%7C%7C1%2C1%2Cen%2C1%2C1176_885&ap=320,270,6358,4557,5229,1,0&mp=7946,6358,5393,liyue,MC42 HTTP/1.1 
Host: media.jointreport-switch.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://parking.zunmi.cn/?site=nanawg.com&acct=1108
Cookie: staticImageHost=static

                                         
                                         60.12.69.149
HTTP/1.1 200 OK
Content-Type: text/html; charset=gb2312
                                        
Server: tengine
Date: Thu, 07 Dec 2017 17:31:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.3.28
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Set-Cookie: lgVTN63581294500219=_5229; expires=Fri, 08-Dec-2017 16:00:00 GMT; path=/; domain=.jointreport-switch.com union_lg_images_cookie=lg1; expires=Sun, 28-Oct-2334 11:18:13 GMT; path=/; domain=.jointreport-switch.com


--- Additional Info ---
Magic:  ASCII HTML document text, with very long lines
Size:   2696
Md5:    930b2ad16bf78f3b837a082e93987760
Sha1:   336a3c79f4cd419bee05a4fc44779440fc9b14d1
Sha256: 2ac2f98115e0309878a74f3cdf53d7a18f707ed0df1ef7298ca1f803fea867a8
                                        
                                            GET /images/close.png HTTP/1.1 
Host: static.jointreport-switch.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://parking.zunmi.cn/?site=nanawg.com&acct=1108
Cookie: staticImageHost=static

                                         
                                         115.238.238.178
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.2.5
Date: Thu, 07 Dec 2017 17:39:58 GMT
Content-Length: 536
Connection: keep-alive
Last-Modified: Fri, 19 May 2017 05:03:50 GMT
Etag: "591e7cb6-218"
Expires: Sat, 06 Jan 2018 17:39:58 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 20 x 20, 8-bit/color RGBA, non-interlaced
Size:   536
Md5:    f1f36c8e38b94efcd7fd067fcf8fd057
Sha1:   9408c36f33a8258c4f0414d55909b5fd8985baa6
Sha256: 97485f32862f19bc73f41214c517af8e03dee1d2c0ff8d8d9da6d04c511ebff5
                                        
                                            GET /images/ad_bg.png HTTP/1.1 
Host: static.jointreport-switch.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://parking.zunmi.cn/?site=nanawg.com&acct=1108
Cookie: staticImageHost=static

                                         
                                         115.238.238.178
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.2.5
Date: Thu, 07 Dec 2017 17:39:58 GMT
Content-Length: 1025
Connection: keep-alive
Last-Modified: Fri, 19 May 2017 05:03:50 GMT
Etag: "591e7cb6-401"
Expires: Sat, 06 Jan 2018 17:39:58 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 25 x 14, 8-bit/color RGBA, non-interlaced
Size:   1025
Md5:    d281ae4eccb1c2b6e57f4867c5054219
Sha1:   db425f3a6862d9d59bd220671a97c4550760ede1
Sha256: f81b87d66b18ac8e123c1c0bc0a81d72bd7a796e2e3bcadd34fb1203b9cda88c
                                        
                                            GET /dp/hangzhou.png HTTP/1.1 
Host: dp.cdn.qingchu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://parking.zunmi.cn/?site=nanawg.com&acct=1108

                                         
                                         122.72.35.138
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: Tengine
Content-Length: 21865
Connection: keep-alive
Date: Thu, 07 Dec 2017 16:52:03 GMT
Last-Modified: Tue, 28 Nov 2017 02:07:08 GMT
Etag: "5a1cc4cc-5569"
Accept-Ranges: bytes
Via: cache48.l2et15-2[0,304-0,H], cache23.l2et15-2[2,0], kunlun9.cn70[0,200-0,H], kunlun6.cn70[1,0]
Age: 2370
X-Cache: HIT TCP_MEM_HIT dirn:1:216219257 mlen:-1
X-Swift-SaveTime: Thu, 07 Dec 2017 17:10:49 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 7a4823c615126678935122117e


--- Additional Info ---
Magic:  PNG image, 246 x 123, 8-bit colormap, interlaced
Size:   21865
Md5:    c182ebb2990f5e0ea54bcbadd01621bc
Sha1:   a72f063dce63f3bec5694bf087216ee9ca073b9f
Sha256: 81666b2afaae37f49a4999688c4a1fb07936aacf3957e5b9aab3b1d73ad2c621
                                        
                                            GET /z_stat.php?id=1260476477&web_id=1260476477 HTTP/1.1 
Host: s11.cnzz.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://cdn.dragonstatic.com/parking/cnzz.html

                                         
                                         222.186.49.224
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: Tengine
Content-Length: 10988
Connection: keep-alive
Date: Thu, 07 Dec 2017 17:08:22 GMT
Last-Modified: Thu, 07 Dec 2017 17:08:22 GMT
Cache-Control: max-age=5400,s-maxage=5400
Via: cache10.l2et15[0,200-0,H], cache19.l2et15[0,0], kunlun8.cn74[0,200-0,H], kunlun4.cn74[0,0]
Age: 1392
X-Cache: HIT TCP_MEM_HIT dirn:11:558538001 mlen:-1
X-Swift-SaveTime: Thu, 07 Dec 2017 17:08:24 GMT
X-Swift-CacheTime: 5398
Timing-Allow-Origin: *
EagleId: deba319d15126678945233420e


--- Additional Info ---
Magic:  ASCII text, with very long lines
Size:   10988
Md5:    d2e72bb0b3b9a986ef2d4c0189ccb8d7
Sha1:   b60549e72b12019b1010144e20d5ab7730c8597c
Sha256: 2ff055ba94375561f9be209da8636237b7be4f9c908e3006ea6ffa9bd636499d
                                        
                                            GET /media-export.php?pp=1%7C1512667894%7Chttp%253A%252F%252Fparking.zunmi.cn%252F%253Fsite%253Dnanawg.com%2526acct%253D1108%7C%7C1%2C1%2Cen%2C1%2C1176_885&ap=300,250,100451,100413,100416,1,0&mp=100486,100451,100451,liyue0712@gmail.com,MC45 HTTP/1.1 
Host: cpv.ty229.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://parking.zunmi.cn/?site=nanawg.com&acct=1108

                                         
                                         122.224.223.182
HTTP/1.1 200 OK
Content-Type: text/html; charset=gb2312
                                        
Server: nginx/1.4.3
Date: Thu, 07 Dec 2017 17:31:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.3.28
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Set-Cookie: lgVTN1004511294500219=_100416; expires=Fri, 08-Dec-2017 16:00:00 GMT; path=/; domain=.ty229.com cgImageHost=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.chenggao.cn


--- Additional Info ---
Magic:  ASCII HTML document text, with very long lines
Size:   3020
Md5:    837a8c7b522e5015517ce72892b09642
Sha1:   f31ceba916b335fb3bef5023a1184977707b1947
Sha256: 9b910eb749c8d9ecad2a40e038e8300469daf17fc21bd2ef961a99aedbfb68f3
                                        
                                            GET /static/close.png HTTP/1.1 
Host: static.3.chenggao.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://parking.zunmi.cn/?site=nanawg.com&acct=1108

                                         
                                         122.224.223.181
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: tengine
Date: Thu, 07 Dec 2017 17:31:34 GMT
Content-Length: 3392
Connection: keep-alive
Last-Modified: Tue, 05 Apr 2016 02:33:39 GMT
Etag: "57032403-d40"
Expires: Sat, 06 Jan 2018 17:31:34 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 20 x 20, 8-bit/color RGBA, non-interlaced
Size:   3392
Md5:    c524d541ed359bbb95ab2aa732e9a476
Sha1:   cf72cd5f06ee0a30b9060034206bb933fdc51d6c
Sha256: a1e2fa26e96ee147452b933555e84bf7dea66652ad728dfe379037c4a6e71f2f
                                        
                                            GET /static/ad.png HTTP/1.1 
Host: static.3.chenggao.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://parking.zunmi.cn/?site=nanawg.com&acct=1108

                                         
                                         122.224.223.181
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: tengine
Date: Thu, 07 Dec 2017 17:31:34 GMT
Content-Length: 2899
Connection: keep-alive
Last-Modified: Thu, 08 Sep 2016 02:06:18 GMT
Etag: "57d0c79a-b53"
Expires: Sat, 06 Jan 2018 17:31:34 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 27 x 18, 8-bit/color RGBA, non-interlaced
Size:   2899
Md5:    b426108219fa5d389f40d76a1d478896
Sha1:   b359b9131116a8dd580fe2deefa744773945522b
Sha256: 72605a5f48694bf6ed6ecbe980b58d56bd8a3f463076485893af62ae836d6eb0
                                        
                                            GET /scripts/map.js HTTP/1.1 
Host: static.jointreport-switch.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://media.jointreport-switch.com/jr_memched.php?pp=1%7C1512667894%7Chttp%253A%252F%252Fparking.zunmi.cn%252F%253Fsite%253Dnanawg.com%2526acct%253D1108%7C%7C1%2C1%2Cen%2C1%2C1176_885&ap=320,270,6358,4557,5229,1,0&mp=7946,6358,5393,liyue,MC42
Cookie: staticImageHost=static; lgVTN63581294500219=_5229; union_lg_images_cookie=lg1

                                         
                                         115.238.238.178
HTTP/1.1 200 OK
Content-Type: application/x-javascript; charset=gb2312
                                        
Server: nginx/1.2.5
Date: Thu, 07 Dec 2017 17:39:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 19 May 2017 05:03:50 GMT
Etag: "591e7cb6-11a5"
Expires: Thu, 14 Dec 2017 17:39:59 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1093
Md5:    6d4a271e9c9faeeca178778b6432eb41
Sha1:   45f6c858885848722f030d188c1e370828176d76
Sha256: e676be17875598800f190385efa302439a74252e0baf3c56444a39dcc4dd0243
                                        
                                            GET /static/export.js HTTP/1.1 
Host: static.3.chenggao.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://cpv.ty229.com/media-export.php?pp=1%7C1512667894%7Chttp%253A%252F%252Fparking.zunmi.cn%252F%253Fsite%253Dnanawg.com%2526acct%253D1108%7C%7C1%2C1%2Cen%2C1%2C1176_885&ap=300,250,100451,100413,100416,1,0&mp=100486,100451,100451,liyue0712@gmail.com,MC45

                                         
                                         122.224.223.181
HTTP/1.1 200 OK
Content-Type: application/x-javascript; charset=gb2312
                                        
Server: tengine
Date: Thu, 07 Dec 2017 17:31:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 30 Mar 2016 05:15:57 GMT
Expires: Thu, 14 Dec 2017 17:31:34 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1094
Md5:    3f1a738c488813b27adce480fb0db347
Sha1:   a76eef8c641bc1123910d22e3d169086c4a8acb3
Sha256: 1b565aa1328341f013fb8e2a8488790742fb6287ee7972442054552e478e9986
                                        
                                            GET /core.php?web_id=1260476477&t=z HTTP/1.1 
Host: c.cnzz.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://cdn.dragonstatic.com/parking/cnzz.html

                                         
                                         222.186.49.224
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: Tengine
Content-Length: 764
Connection: keep-alive
Date: Thu, 07 Dec 2017 17:30:34 GMT
Last-Modified: Thu, 07 Dec 2017 17:30:34 GMT
Expires: Thu, 07 Dec 2017 17:45:34 GMT
Via: cache11.l2et15[0,200-0,H], cache6.l2et15[0,0], kunlun10.cn74[0,200-0,H], kunlun7.cn74[1,0]
Age: 61
X-Cache: HIT TCP_MEM_HIT dirn:-2:-2 mlen:-1
X-Swift-SaveTime: Thu, 07 Dec 2017 17:30:35 GMT
X-Swift-CacheTime: 899
Timing-Allow-Origin: *
EagleId: deba31a015126678950748570e


--- Additional Info ---
Magic:  ASCII text, with very long lines, with no line terminators
Size:   764
Md5:    44f8db0069b0d2e936a64cc9c3c01db1
Sha1:   7c4fe7373d0482037a6678777f67732de0946c16
Sha256: 36f50450733fb73d31284007538375b4221e867e9bfc66a3636d5561e984c8cb
                                        
                                            GET /stat.htm?id=1260476477&r=http%3A%2F%2Fparking.zunmi.cn%2F%3Fsite%3Dnanawg.com%26acct%3D1108&lg=en-us&ntime=none&cnzz_eid=1369127325-1512666502-http%3A%2F%2Fparking.zunmi.cn%2F&showp=1176x885&t=&umuuid=160320853972-00018cecb20c738-6c242d76-fe178-1603208539843&h=1&rnd=1001747154 HTTP/1.1 
Host: z13.cnzz.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://cdn.dragonstatic.com/parking/cnzz.html

                                         
                                         140.205.60.79
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: Tengine
Date: Thu, 07 Dec 2017 17:31:35 GMT
Transfer-Encoding: chunked
Connection: close
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   22
Md5:    8bd3e739a9ba80a435f0214811da0c2a
Sha1:   bfc17d1e04e56542eb8037f08ed142efd252ea82
Sha256: a2dd5774b01bbfc29140279e02fea087df42a4c257dce8858226737a2e521986
                                        
                                            GET /jr_prototype.php?mp=7946,6358,5393,liyue,MC42&ap=320,270,6358,4557,5229,1,0&pp=1%7C1512667894%7Chttp%253A%252F%252Fparking.zunmi.cn%252F%253Fsite%253Dnanawg.com%2526acct%253D1108%7C%7C1%2C1%2Cen%2C1%2C1176_885&kp=2&secret=458b0f3421a9ae41108f7ccfc50e91812b0&st=1512667895019 HTTP/1.1 
Host: media.jointreport-switch.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://media.jointreport-switch.com/jr_memched.php?pp=1%7C1512667894%7Chttp%253A%252F%252Fparking.zunmi.cn%252F%253Fsite%253Dnanawg.com%2526acct%253D1108%7C%7C1%2C1%2Cen%2C1%2C1176_885&ap=320,270,6358,4557,5229,1,0&mp=7946,6358,5393,liyue,MC42
Cookie: staticImageHost=static; lgVTN63581294500219=_5229; union_lg_images_cookie=lg1

                                         
                                         60.12.69.149
HTTP/1.1 200 OK
Content-Type: text/html; charset=gb2312
                                        
Server: tengine
Date: Thu, 07 Dec 2017 17:31:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.3.28
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Cache-Control: no-cache, must-revalidate
Set-Cookie: lgunion_1_5229=yes; expires=Thu, 07-Dec-2017 18:31:35 GMT; path=/; domain=.jointreport-switch.com lgunion_1=yes; expires=Mon, 02-Apr-2018 11:18:14 GMT; path=/; domain=.jointreport-switch.com


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   4
Md5:    6985d52679a1d08a6f620b08d8cc6adc
Sha1:   1278f02648361281042214e7007e61abfad7b125
Sha256: 8a693efa4edf0012e1f32b00e4be332537d41f3e244d374779d6bfd0f1241cb6
                                        
                                            GET /media-display.php?mp=100486,100451,100451,liyue0712@gmail.com,MC45&ap=300,250,100451,100413,100416,1,0&pp=1%7C1512667894%7Chttp%253A%252F%252Fparking.zunmi.cn%252F%253Fsite%253Dnanawg.com%2526acct%253D1108%7C%7C1%2C1%2Cen%2C1%2C1176_885&kp=1&secret=985c5f129c046c713fc9b30b30ad20963b0&st=1512667895987 HTTP/1.1 
Host: cpv.ty229.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://cpv.ty229.com/media-export.php?pp=1%7C1512667894%7Chttp%253A%252F%252Fparking.zunmi.cn%252F%253Fsite%253Dnanawg.com%2526acct%253D1108%7C%7C1%2C1%2Cen%2C1%2C1176_885&ap=300,250,100451,100413,100416,1,0&mp=100486,100451,100451,liyue0712@gmail.com,MC45
Cookie: lgVTN1004511294500219=_100416

                                         
                                         122.224.223.182
HTTP/1.1 200 OK
Content-Type: text/html; charset=gb2312
                                        
Server: nginx/1.4.3
Date: Thu, 07 Dec 2017 17:31:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.3.28
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Cache-Control: no-cache, must-revalidate
Set-Cookie: orangereport_1_100416=yes; expires=Thu, 07-Dec-2017 18:31:36 GMT; path=/; domain=.ty229.com orangereport_1=yes; expires=Mon, 02-Apr-2018 11:18:15 GMT; path=/; domain=.ty229.com


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   4
Md5:    6985d52679a1d08a6f620b08d8cc6adc
Sha1:   1278f02648361281042214e7007e61abfad7b125
Sha256: 8a693efa4edf0012e1f32b00e4be332537d41f3e244d374779d6bfd0f1241cb6
                                        
                                            GET /9.gif?abc=1&rnd=629723230 HTTP/1.1 
Host: cnzz.mmstat.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://cdn.dragonstatic.com/parking/cnzz.html

                                         
                                         106.11.249.207
HTTP/1.1 302 Found
Content-Type: image/gif
                                        
Date: Thu, 07 Dec 2017 17:31:36 GMT
Content-Length: 43
Connection: close
P3P: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
Set-Cookie: cna=+GiwEkfld1UCAU0ogXt3mleo; expires=Sun, 05-Dec-27 17:31:36 GMT; path=/; domain=.mmstat.com sca=f2ccb260; path=/; domain=.cnzz.mmstat.com atpsida=0334d9d0fabf6e54c13b4e52_1512667896_1; path=/; domain=.cnzz.mmstat.com
Location: http://pcookie.cnzz.com/app.gif?&cna=+GiwEkfld1UCAU0ogXt3mleo
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Pragma: no-cache


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /fronts/100413/300250.gif HTTP/1.1 
Host: static.3.chenggao.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://cpv.ty229.com/media-export.php?pp=1%7C1512667894%7Chttp%253A%252F%252Fparking.zunmi.cn%252F%253Fsite%253Dnanawg.com%2526acct%253D1108%7C%7C1%2C1%2Cen%2C1%2C1176_885&ap=300,250,100451,100413,100416,1,0&mp=100486,100451,100451,liyue0712@gmail.com,MC45

                                         
                                         122.224.223.181
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: tengine
Date: Thu, 07 Dec 2017 17:31:36 GMT
Content-Length: 80866
Connection: keep-alive
Last-Modified: Mon, 21 Aug 2017 08:29:41 GMT
Etag: "599a99f5-13be2"
Expires: Sat, 06 Jan 2018 17:31:36 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 300 x 250
Size:   80866
Md5:    1a0dc2227887921abafee39f50fc9bea
Sha1:   49d2a0fac413d541f066a595a0dfa7e2eb7af1bc
Sha256: 17fcb8114587bbaaa4fa5ba753b52411de6ff9e003545baec3074773bdae78e0
                                        
                                            GET /app.gif?&cna=+GiwEkfld1UCAU0ogXt3mleo HTTP/1.1 
Host: pcookie.cnzz.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://cdn.dragonstatic.com/parking/cnzz.html

                                         
                                         106.11.94.21
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Thu, 07 Dec 2017 17:31:37 GMT
Content-Length: 43
Connection: close
P3P: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
Set-Cookie: cna=+GiwEkfld1UCAU0ogXt3mleo; expires=Sun, 05-Dec-27 17:31:37 GMT; path=/; domain=.cnzz.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Pragma: no-cache


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /get/flashplayer/update/current/xml/version_en_win_pl.xml HTTP/1.1 
Host: fpdownload2.macromedia.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         195.159.219.11
HTTP/1.1 200 OK
Content-Type: text/xml
                                        
Server: Apache
Last-Modified: Tue, 14 Nov 2017 08:44:30 GMT
Etag: "60c-55ded653e1e84"
Accept-Ranges: bytes
Content-Length: 1548
Date: Thu, 07 Dec 2017 17:31:37 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  XML document text\012 XML document text
Size:   1548
Md5:    daa117c244b4288dd26762f5453b48da
Sha1:   ca1c278fb39c4bf57caac9b5715e22da5117d5f0
Sha256: da898c058b631f7fedd990eb9826150a5a78b402544c17cb856172a89b83a9dd
                                        
                                            GET /html/4557/320270.swf HTTP/1.1 
Host: lg1.jointreport-switch.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://media.jointreport-switch.com/jr_memched.php?pp=1%7C1512667894%7Chttp%253A%252F%252Fparking.zunmi.cn%252F%253Fsite%253Dnanawg.com%2526acct%253D1108%7C%7C1%2C1%2Cen%2C1%2C1176_885&ap=320,270,6358,4557,5229,1,0&mp=7946,6358,5393,liyue,MC42
Cookie: staticImageHost=static; lgVTN63581294500219=_5229; union_lg_images_cookie=lg1

                                         
                                         122.225.98.168
HTTP/1.1 200 OK
Content-Type: application/x-shockwave-flash
                                        
Server: nginx/1.2.5
Date: Thu, 07 Dec 2017 17:21:22 GMT
Content-Length: 44486
Connection: keep-alive
Last-Modified: Tue, 07 Nov 2017 02:36:01 GMT
Etag: "5a011c11-adc6"
Expires: Sat, 06 Jan 2018 17:21:22 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  Macromedia Flash data (compressed), version 8
Size:   44486
Md5:    d8c060ecee20248787c018c04ea9fbe9
Sha1:   db677125ccdbc6d851310c27cf86e7448cb5e232
Sha256: 7d593048bab05153478507e2457f9f450d5278007abdf16846cfef6503a4f07a
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: parking.zunmi.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         47.93.103.196
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx/1.6.2
Date: Thu, 07 Dec 2017 17:31:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   131
Md5:    a4165dcb351799bd7d512d64542b82e0
Sha1:   19e43a087f6a4c6e40bc2fc1f6e690ff18fbe534
Sha256: 100732a8b064ae5139e987b185e32f0dbdafbd31ad2e0646b95369a129e8c911
                                        
                                            GET /1.gif?domain=parking.zunmi.cn&url=http%3A%2F%2Fparking.zunmi.cn%2F%3Fsite%3Dnanawg.com%26acct%3D1108&referrer=&width=1176&height=885&color=24&ad=1&_uid=1512667892208-0 HTTP/1.1 
Host: track.dragonparking.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://parking.zunmi.cn/?site=nanawg.com&acct=1108

                                         
                                         123.57.32.97
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.6.2
Date: Thu, 07 Dec 2017 17:31:38 GMT
Content-Length: 43
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Connection: keep-alive
Set-Cookie: dragonid=1a2b55f46dc1f5ce77f4133162fcf80a; expires=Thu, 31-Dec-37 23:55:55 GMT; max-age=2147483647; path=/; domain=.dragonparking.com


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: parking.zunmi.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         47.93.103.196
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx/1.6.2
Date: Thu, 07 Dec 2017 17:31:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   131
Md5:    a4165dcb351799bd7d512d64542b82e0
Sha1:   19e43a087f6a4c6e40bc2fc1f6e690ff18fbe534
Sha256: 100732a8b064ae5139e987b185e32f0dbdafbd31ad2e0646b95369a129e8c911