Overview

URL down1.nanawg.com/201311/nanawg.com-liandan1109sp1.zip
IP52.69.166.231
ASNAS16509 Amazon.com, Inc.
Location Japan
Report completed2017-12-07 18:26:08 CET
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2017-12-07 2 down1.nanawg.com/201311/nanawg.com-liandan1109sp1.zip Malware
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 52.69.166.231

Date UQ / IDS / BL URL IP
2017-12-13 22:03:52 +0100
0 - 0 - 2 yqps.net/barki/mc0ty/6a6d8bbd259ef822f04cac55 (...) 52.69.166.231
2017-12-13 17:49:28 +0100
0 - 0 - 1 wyuan.com/showpro.asp?pagecount= 52.69.166.231
2017-12-13 16:42:15 +0100
0 - 0 - 1 wyuan.com/showpro.asp?pagecount= 52.69.166.231
2017-12-13 10:24:07 +0100
0 - 0 - 1 d2.warmh.cn/soft/War_M_H-X_v1.2.rar 52.69.166.231
2017-12-13 07:27:02 +0100
0 - 0 - 1 dat.958167.com/ 52.69.166.231
2017-12-13 04:24:51 +0100
0 - 0 - 1 d2.warmh.cn/soft/War_M_H-X_v1.2.rar 52.69.166.231
2017-12-13 04:07:03 +0100
0 - 0 - 1 d2.warmh.cn/soft/War_M_H-X_v1.2.rar 52.69.166.231
2017-12-13 02:24:24 +0100
0 - 0 - 1 d2.warmh.cn/soft/War_M_H-X_v1.2.rar 52.69.166.231
2017-12-11 04:54:31 +0100
0 - 0 - 1 lu990.com/ 52.69.166.231
2017-12-08 10:23:38 +0100
0 - 0 - 1 d2.warmh.cn/soft/War_M_H-X_v1.2.rar 52.69.166.231

Last 10 reports on ASN: AS16509 Amazon.com, Inc.

Date UQ / IDS / BL URL IP
2017-12-16 07:49:02 +0100
0 - 1 - 0 ec2-52-19-110-102.eu-west-1.compute.amazonaws.com/ 52.19.110.102
2017-12-16 07:46:09 +0100
2 - 0 - 0 microsoft.com.unglaublichepreise.win/c1-v939- (...) 54.93.122.66
2017-12-16 07:44:28 +0100
0 - 0 - 1 zwy65.com/c/8c7d6454-d63b-4039-98a3-7f3649c17 (...) 54.148.187.83
2017-12-16 07:36:59 +0100
2 - 0 - 0 microsoft.com.slamdunkpreise.men/c1-v939-de-L (...) 54.93.122.66
2017-12-16 07:29:18 +0100
0 - 0 - 0 https://addons.mozilla.org/en-US/firefox/addo (...) 54.186.15.125
2017-12-16 07:16:53 +0100
2 - 0 - 0 amazon.de.glucklichergadgetspreis.review/c1-v (...) 54.93.122.66
2017-12-16 07:16:48 +0100
0 - 0 - 0 https://addons.mozilla.org/en-US/firefox/addo (...) 54.186.15.125
2017-12-16 06:58:51 +0100
2 - 0 - 0 amazon.de.geschenkeinpremiumqualitat.bid/c1-v (...) 54.93.122.66
2017-12-16 06:56:42 +0100
0 - 0 - 0 ow.ly/BZjC30hgoCI 54.67.57.56
2017-12-16 06:50:51 +0100
2 - 0 - 0 amazon.de.kostenlos2017gadgets.stream/c1-v954 (...) 54.93.122.66

No other reports on domain: nanawg.com



JavaScript

Executed Scripts (12)


Executed Evals (0)


Executed Writes (16)

#1 JavaScript::Write (size: 7, repeated: 2) - SHA256: e0c7bb7b72eeecfc07340f6bce5874176ae2e9d13551d2d6a6f3409e66c2f8c9

                                        < /form>
                                    

#2 JavaScript::Write (size: 156, repeated: 1) - SHA256: d5096ca005d2fcff353ec611aa5f0c760f08cd36ea9f2f504d93c1e5d5c35095

                                        < a href = 'http://www.cnzz.com/stat/website.php?web_id=1260476477'
target = _blank title = '&#31449;&#38271;&#32479;&#35745;' > & #31449;&# 38271; & #32479;&# 35745; < /a>
                                    

#3 JavaScript::Write (size: 127, repeated: 1) - SHA256: 375cfd3c2bcda1f56321ddf5054730894e7a4c476e7a7048d6aed6cd1bb70ab3

                                        < form style = "margin:0px;padding:0px"
id = "MediaForm"
method = "get"
action = "http://cpv.ty229.com/media-count.php"
target = "_blank" >
                                    

#4 JavaScript::Write (size: 135, repeated: 1) - SHA256: 3935ccd55b7183a2c3eff25abd7dd136378ddcf361387c5dbc6116627decd9d0

                                        < form style = "margin:0px;padding:0px"
id = "j__f"
method = "get"
action = "http://media.jointreport-switch.com/jr_jquery.php"
target = "_blank" >
                                    

#5 JavaScript::Write (size: 207, repeated: 1) - SHA256: 398b52cad9502bd15473e0cbfc0af4463ef0a1229d05f1d350b748e1d8757a50

                                        < iframe marginheight = "0"
marginwidth = "0"
width = "300"
height = "250"
style = "margin:0"
frameborder = "0"
scrolling = "no"
allowtransparency = "true"
src = "http://static.3.chenggao.cn/fronts/100421/300250.gif" > < /iframe>
                                    

#6 JavaScript::Write (size: 474, repeated: 1) - SHA256: 44333d4c7674508bc9185464a376cde283495807566027aaf4b7a260e41eff52

                                        < iframe src = "http://cpv.ty229.com/media-display.php?mp=100486,100451,100451,liyue0712@gmail.com,MC45&ap=300,250,100451,100421,100423,1,0&pp=1%7C1512667937%7Chttp%253A%252F%252Fparking.zunmi.cn%252F%253Fsite%253Dnanawg.com%2526acct%253D1108%7C%7C1%2C1%2Cen%2C1%2C1176_885&kp=1&secret=1236dbc4c27e319ba4c92c32ce2c186698d&st=1512667942286"
marginheight = "0"
marginwidth = "0"
width = "0"
height = "0"
style = "margin:0"
frameborder = "0"
scrolling = "no"
allowtransparency = "true" > < /iframe>
                                    

#7 JavaScript::Write (size: 462, repeated: 1) - SHA256: 7d1c6482ba922bed5ce14eb1c3f08348d3f4efa5006223addeb31b9340d8b900

                                        < iframe src = "http://media.jointreport-switch.com/jr_prototype.php?mp=7946,6358,5393,liyue,MC42&ap=320,270,6358,4557,5229,1,0&pp=1%7C1512667937%7Chttp%253A%252F%252Fparking.zunmi.cn%252F%253Fsite%253Dnanawg.com%2526acct%253D1108%7C%7C1%2C1%2Cen%2C1%2C1176_885&kp=1&secret=410078d478ca0b69d9bd9eda4f3d115d900&st=1512667938716"
marginheight = "0"
marginwidth = "0"
width = "0"
height = "0"
style = "margin:0"
frameborder = "0"
scrolling = "no"
allowtransparency = "true" > < /iframe>
                                    

#8 JavaScript::Write (size: 74, repeated: 1) - SHA256: 2646aebb21412e9b06fdf320505a2613abd596cadf61c0104b5ea9bc9ac685e9

                                        < input type = "hidden"
name = "ap"
value = "300,250,100451,100421,100423,1,0" / >
                                    

#9 JavaScript::Write (size: 68, repeated: 1) - SHA256: 89fa5663e87d3d0397dab95d775b9ea961b7d7082e29cff2b8859b41df65171b

                                        < input type = "hidden"
name = "ap"
value = "320,270,6358,4557,5229,1,0" / >
                                    

#10 JavaScript::Write (size: 87, repeated: 1) - SHA256: 4d5a4bc3646b764943d067984bff92b20b64f2d9d04738038f4b5bf661df034e

                                        < input type = "hidden"
name = "mp"
value = "100486,100451,100451,liyue0712@gmail.com,MC45" / >
                                    

#11 JavaScript::Write (size: 67, repeated: 1) - SHA256: 4e4baef2a4bcb03f6ebccd358e5075d73c9dda0949b00707b1bec4dcdff03c9d

                                        < input type = "hidden"
name = "mp"
value = "7946,6358,5393,liyue,MC42" / >
                                    

#12 JavaScript::Write (size: 55, repeated: 2) - SHA256: a9887e5f1cb82498246ed057c59ac8baba87bfe431bcc3a37e3d96ab32ae1383

                                        < input type = "hidden"
name = "mps"
id = "mps"
value = "0_0" / >
                                    

#13 JavaScript::Write (size: 47, repeated: 2) - SHA256: 23ea894b8cefdc185e2042f83ac1dc30348e6c319b56cc21cd560503e1fd285c

                                        < input type = "hidden"
name = "pf"
value = "click" / >
                                    

#14 JavaScript::Write (size: 172, repeated: 2) - SHA256: 748880284ede188ecdb73d7ba5c9bf03faa7331378c1f889e7c759456c51ec51

                                        < input type = "hidden"
name = "pp"
value = "1%7C1512667937%7Chttp%253A%252F%252Fparking.zunmi.cn%252F%253Fsite%253Dnanawg.com%2526acct%253D1108%7C%7C1%2C1%2Cen%2C1%2C1176_885" / >
                                    

#15 JavaScript::Write (size: 657, repeated: 1) - SHA256: aa788a448159f7bf8b813b203eff301e1ff35b15ac38f826506ffeb9a0204dd7

                                        < object classid = 'clsid:d27cdb6e-ae6d-11cf-96b8-444553540000'
codebase = 'http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=8,0,24,0'
width = '320'
height = '270'
align = 'middle' > < param name = 'movie'
value = 'http://lg1.jointreport-switch.com/html/4557/320270.swf' > < param name = 'quality'
value = 'high' > < param name = 'menu'
value = 'false' > < param name = 'wmode'
value = 'transparent' > < embed pluginspage = 'http://www.macromedia.com/go/getflashplayer'
width = '320'
height = '270'
align = 'middle'
type = 'application/x-shockwave-flash'
src = 'http://lg1.jointreport-switch.com/html/4557/320270.swf'
quality = 'high'
menu = 'false'
wmode = 'transparent' > < /embed></object >
                                    

#16 JavaScript::Write (size: 111, repeated: 1) - SHA256: 475c92171004b9bee9d6e52165158da1b614bec45222c39f53e83dff1b497279

                                        < script src = 'http://c.cnzz.com/core.php?web_id=1260476477&t=z'
charset = 'utf-8'
type = 'text/javascript' > < /script>
                                    


HTTP Transactions (40)


Request Response
                                        
                                            GET /201311/nanawg.com-liandan1109sp1.zip HTTP/1.1 
Host: down1.nanawg.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         52.69.166.231
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx/1.6.2
Date: Thu, 07 Dec 2017 17:31:41 GMT
Content-Length: 0
Connection: keep-alive
Location: http://parking.zunmi.cn/?site=nanawg.com&acct=1108
X-Frame-Options: DENY


--- Additional Info ---

Alerts:
  Blacklists:
    - fortinet: Malware
                                        
                                            GET /?site=nanawg.com&acct=1108 HTTP/1.1 
Host: parking.zunmi.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         47.93.103.196
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx/1.6.2
Date: Thu, 07 Dec 2017 17:32:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: DENY
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1772
Md5:    431625068c3e83718cbbe0c4c77b7482
Sha1:   de1239db95173d9fff0348dab0d923ce582375c2
Sha256: 15d7e092f8e4e77a563df41bbf12b02d612b965c6f364fc252f3643cbae69755
                                        
                                            GET /lparking/css/style.css HTTP/1.1 
Host: cdn.dragonstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://parking.zunmi.cn/?site=nanawg.com&acct=1108

                                         
                                         195.27.31.226
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: Tengine
Content-Length: 772
Connection: keep-alive
Date: Thu, 07 Dec 2017 17:30:21 GMT
Last-Modified: Fri, 10 Nov 2017 09:57:56 GMT
Etag: "5a057824-304"
Accept-Ranges: bytes
Via: cache18.l2de1[836,304-0,H], cache11.l2de1[969,0], cache5.de1[0,200-0,H], cache11.de1[0,0]
Age: 105
X-Cache: HIT TCP_MEM_HIT dirn:5:850908175 mlen:-1
X-Swift-SaveTime: Thu, 07 Dec 2017 17:30:21 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: c31b1fd315126679268914474e


--- Additional Info ---
Magic:  UTF-8 Unicode C program text
Size:   772
Md5:    8989e3b4409ca6f7eed032553f8c4f2a
Sha1:   f802df229b0eb513e0dd3bbc09feda1de580dec7
Sha256: d0eee3c407452957b11c4547212798ec5011e3d358632c4ef9745488fa1de475
                                        
                                            GET /lparking/css/style_native_pc.css?v=171128 HTTP/1.1 
Host: cdn.dragonstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://parking.zunmi.cn/?site=nanawg.com&acct=1108

                                         
                                         195.27.31.226
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: Tengine
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Date: Thu, 07 Dec 2017 17:17:29 GMT
Last-Modified: Tue, 28 Nov 2017 05:38:33 GMT
Etag: W/"5a1cf659-98d"
Via: cache25.l2de1[836,304-0,H], cache50.l2de1[997,0], cache7.de1[0,200-0,H], cache10.de1[1,0]
X-Swift-Error: forward connect timeout
Age: 877
X-Cache: HIT TCP_MEM_HIT dirn:2:149367249 mlen:-1
X-Swift-SaveTime: Thu, 07 Dec 2017 17:17:29 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: c31b1fd215126679269348892e
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1029
Md5:    7f7dbcd917d05cb18373f74e120921b1
Sha1:   6b200296cf8fab966743e8d863e4e16ca546828f
Sha256: a20fa13baefb5a8bfedb521a46daa902770cb0fddcc0e51932028543aa7a667b
                                        
                                            GET /parking/js/track.js HTTP/1.1 
Host: cdn.dragonstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://parking.zunmi.cn/?site=nanawg.com&acct=1108

                                         
                                         195.27.31.226
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: Tengine
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Date: Thu, 07 Dec 2017 16:35:28 GMT
Last-Modified: Sun, 29 May 2016 09:46:19 GMT
Etag: W/"574aba6b-13ea"
Via: cache17.l2de1[628,304-0,H], cache61.l2de1[750,0], cache9.de1[0,200-0,H], cache9.de1[0,0]
X-Swift-Error: forward connect timeout
Age: 3398
X-Cache: HIT TCP_MEM_HIT dirn:0:242107240 mlen:-1
X-Swift-SaveTime: Thu, 07 Dec 2017 16:35:29 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: c31b1fd115126679268982658e
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1707
Md5:    4f5f2de8bf646e2c8d1e28d27c197cb3
Sha1:   8fb70820f3928c845f53fe7ed41bd7d301235303
Sha256: f7ed541861aaa3eb5f3a0ab49a2168d1c6731d8fd7ca585d8fa160faf3f77581
                                        
                                            GET /?uid=5393 HTTP/1.1 
Host: media.jointreport-switch.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://parking.zunmi.cn/?site=nanawg.com&acct=1108

                                         
                                         60.12.69.149
HTTP/1.1 200 OK
Content-Type: text/html; charset=gb2312
                                        
Server: tengine
Date: Thu, 07 Dec 2017 17:32:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.3.28
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Cache-Control: no-cache, must-revalidate
Set-Cookie: staticImageHost=static; expires=Sun, 28-Oct-2334 11:18:46 GMT; path=/; domain=.jointreport-switch.com


--- Additional Info ---
Magic:  ASCII text, with very long lines, with CRLF line terminators
Size:   7745
Md5:    532b912e2a27f1fb2d00480635dabea7
Sha1:   044639adced533d6d8d2046753dd3344aa80cf2e
Sha256: 4340f07838a2fb466075f69beb185a0503abd6f11f47fdd50c2d23cf3c2b87aa
                                        
                                            GET /dp/dongjing.png HTTP/1.1 
Host: dp.cdn.qingchu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://parking.zunmi.cn/?site=nanawg.com&acct=1108

                                         
                                         122.72.35.138
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: Tengine
Content-Length: 26176
Connection: keep-alive
Date: Thu, 07 Dec 2017 16:48:22 GMT
Last-Modified: Tue, 28 Nov 2017 02:07:08 GMT
Etag: "5a1cc4cc-6640"
Accept-Ranges: bytes
Via: cache27.l2nu17-1[0,304-0,H], cache2.l2nu17-1[1,0], kunlun6.cn70[0,200-0,H], kunlun8.cn70[0,0]
Age: 2625
X-Cache: HIT TCP_MEM_HIT dirn:7:154270794 mlen:-1
X-Swift-SaveTime: Thu, 07 Dec 2017 17:10:49 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 7a4823da15126679274482516e


--- Additional Info ---
Magic:  PNG image, 246 x 123, 8-bit colormap, interlaced
Size:   26176
Md5:    7e5d8e17cc561022b6bf271ad63c5f8e
Sha1:   304be6b300cb2691d10eecec5d584ad82f8a82c6
Sha256: 3f04fff71927b7581431871f68c74126a3fad221884ba0aa1f950b36dfbb4c68
                                        
                                            GET /dp/niuyue.png HTTP/1.1 
Host: dp.cdn.qingchu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://parking.zunmi.cn/?site=nanawg.com&acct=1108

                                         
                                         122.72.35.138
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: Tengine
Content-Length: 19567
Connection: keep-alive
Date: Thu, 07 Dec 2017 16:56:30 GMT
Last-Modified: Tue, 28 Nov 2017 02:07:08 GMT
Etag: "5a1cc4cc-4c6f"
Accept-Ranges: bytes
Via: cache20.l2et15-2[0,304-0,H], cache4.l2et15-2[0,0], kunlun6.cn70[0,200-0,H], kunlun2.cn70[1,0]
Age: 2137
X-Cache: HIT TCP_MEM_HIT dirn:8:109991978 mlen:-1
X-Swift-SaveTime: Thu, 07 Dec 2017 17:11:29 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 7a4823c215126679274454689e


--- Additional Info ---
Magic:  PNG image, 246 x 123, 8-bit colormap, interlaced
Size:   19567
Md5:    d8d0823331e72cbd8c4ea9b0eb6ab953
Sha1:   1dca9b81469a616fab2c016e15e8c7dd2c554b5d
Sha256: e36830b46dbd273a9f5c0759bd60a0518969136e5c994aa0b2419e7658574ee7
                                        
                                            GET /dp/shanghai.png HTTP/1.1 
Host: dp.cdn.qingchu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://parking.zunmi.cn/?site=nanawg.com&acct=1108

                                         
                                         122.72.35.138
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: Tengine
Content-Length: 20706
Connection: keep-alive
Date: Thu, 07 Dec 2017 16:46:51 GMT
Last-Modified: Tue, 28 Nov 2017 02:07:08 GMT
Etag: "5a1cc4cc-50e2"
Accept-Ranges: bytes
Via: cache3.l2nu17-1[0,304-0,H], cache17.l2nu17-1[0,0], kunlun3.cn70[0,200-0,H], kunlun1.cn70[0,0]
Age: 2716
X-Cache: HIT TCP_MEM_HIT dirn:0:239461477 mlen:-1
X-Swift-SaveTime: Thu, 07 Dec 2017 17:10:46 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 7a4823c115126679274484171e


--- Additional Info ---
Magic:  PNG image, 246 x 123, 8-bit colormap, interlaced
Size:   20706
Md5:    0c054c0d4b71a585d5b6a47934a39133
Sha1:   861ab3a6cdfc207cbd1d4f1036a3d3accf5b4a1a
Sha256: 3411df75de6abbfdd5a309cce40f758c9d3eeab5f26fd6ab6938e81cbbf94489
                                        
                                            GET /dp/lundun.png HTTP/1.1 
Host: dp.cdn.qingchu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://parking.zunmi.cn/?site=nanawg.com&acct=1108

                                         
                                         122.72.35.138
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: Tengine
Content-Length: 26293
Connection: keep-alive
Date: Thu, 07 Dec 2017 16:57:22 GMT
Last-Modified: Tue, 28 Nov 2017 02:07:08 GMT
Etag: "5a1cc4cc-66b5"
Accept-Ranges: bytes
Via: cache23.l2et15-2[0,304-0,H], cache29.l2et15-2[0,0], kunlun5.cn70[0,200-0,H], kunlun4.cn70[1,0]
Age: 2085
X-Cache: HIT TCP_MEM_HIT dirn:0:294869855 mlen:-1
X-Swift-SaveTime: Thu, 07 Dec 2017 17:10:50 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 7a4823c415126679274457294e


--- Additional Info ---
Magic:  PNG image, 246 x 123, 8-bit colormap, interlaced
Size:   26293
Md5:    514cb3338457d7a4f6ce9dc2e435d0be
Sha1:   aebe063884a3b80fb9270f8e894707e471eae9bd
Sha256: 8fa7091c94b85f3da25454b8792c53e960fcace391541ac9837a27a54b7fb90b
                                        
                                            GET /dp/luoshanji.png HTTP/1.1 
Host: dp.cdn.qingchu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://parking.zunmi.cn/?site=nanawg.com&acct=1108

                                         
                                         122.72.35.138
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: Tengine
Content-Length: 23626
Connection: keep-alive
Date: Thu, 07 Dec 2017 16:57:15 GMT
Last-Modified: Tue, 28 Nov 2017 02:07:08 GMT
Etag: "5a1cc4cc-5c4a"
Accept-Ranges: bytes
Via: cache10.l2et15-2[0,304-0,H], cache11.l2et15-2[0,0], kunlun2.cn70[0,200-0,H], kunlun10.cn70[1,0]
Age: 2092
X-Cache: HIT TCP_MEM_HIT dirn:4:362465309 mlen:-1
X-Swift-SaveTime: Thu, 07 Dec 2017 17:08:23 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 7a4823ca15126679274582756e


--- Additional Info ---
Magic:  PNG image, 246 x 123, 8-bit colormap, interlaced
Size:   23626
Md5:    632de90cf18ea525515c271567261ed5
Sha1:   3ecfa78909788e45e4dcda036886524e4953298e
Sha256: f2e33c397a3a4da72c88a7222ef0c7fc5c8b6662ad6510a52a4fb61874d3f55b
                                        
                                            GET /dp/bali.png HTTP/1.1 
Host: dp.cdn.qingchu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://parking.zunmi.cn/?site=nanawg.com&acct=1108

                                         
                                         122.72.35.138
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: Tengine
Content-Length: 22417
Connection: keep-alive
Date: Thu, 07 Dec 2017 16:56:37 GMT
Last-Modified: Tue, 28 Nov 2017 02:07:08 GMT
Etag: "5a1cc4cc-5791"
Accept-Ranges: bytes
Via: cache48.l2et15-2[0,304-0,H], cache35.l2et15-2[1,0], kunlun5.cn70[0,200-0,H], kunlun3.cn70[1,0]
Age: 2130
X-Cache: HIT TCP_MEM_HIT dirn:8:44996392 mlen:-1
X-Swift-SaveTime: Thu, 07 Dec 2017 17:11:29 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 7a4823d615126679274575578e


--- Additional Info ---
Magic:  PNG image, 246 x 123, 8-bit colormap, interlaced
Size:   22417
Md5:    bc59226c425d84cfb65a19e35714b968
Sha1:   0218f416a07b0cf16a7f0bc9f36b852dd3dacad5
Sha256: 3cdb2ab7474a4d37494f3d17121cef27cea55823589e35f90eaeb0a74409eccd
                                        
                                            GET /dp/beijing.png HTTP/1.1 
Host: dp.cdn.qingchu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://parking.zunmi.cn/?site=nanawg.com&acct=1108

                                         
                                         122.72.35.138
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: Tengine
Content-Length: 17270
Connection: keep-alive
Date: Thu, 07 Dec 2017 16:12:26 GMT
Last-Modified: Tue, 28 Nov 2017 02:07:08 GMT
Etag: "5a1cc4cc-4376"
Accept-Ranges: bytes
Via: cache2.l2nu17-1[0,304-0,H], cache46.l2nu17-1[0,0], kunlun1.cn70[0,200-0,H], kunlun8.cn70[0,0]
Age: 4782
X-Cache: HIT TCP_MEM_HIT dirn:8:426132602 mlen:-1
X-Swift-SaveTime: Thu, 07 Dec 2017 17:06:32 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 7a4823da15126679282072813e


--- Additional Info ---
Magic:  PNG image, 246 x 123, 8-bit colormap, interlaced
Size:   17270
Md5:    3ed919f2674fa60cc51c789562840cfe
Sha1:   13e6e9d1854be7bff9a39b5dbe24b42c3cf2d93d
Sha256: 147b1c8390f3aafa513a7aaf4143a09af1bcb3fd448ad7247a61cb902eae707d
                                        
                                            GET /css/logos/top_logo@2x.png HTTP/1.1 
Host: kl.cdn.qingchu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://parking.zunmi.cn/?site=nanawg.com&acct=1108

                                         
                                         122.72.35.138
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: Tengine
Content-Length: 30388
Connection: keep-alive
Date: Thu, 07 Dec 2017 16:30:20 GMT
Last-Modified: Thu, 07 Dec 2017 08:55:15 GMT
Etag: "5a2901f3-76b4"
Accept-Ranges: bytes
Via: cache11.l2et15-2[0,304-0,H], cache42.l2et15-2[0,0], kunlun5.cn70[0,200-0,H], kunlun7.cn70[1,0]
Age: 3707
X-Cache: HIT TCP_MEM_HIT dirn:2:44979475 mlen:-1
X-Swift-SaveTime: Thu, 07 Dec 2017 17:04:30 GMT
X-Swift-CacheTime: 2935
Timing-Allow-Origin: *
EagleId: 7a4823d715126679274548652e


--- Additional Info ---
Magic:  PNG image, 750 x 110, 8-bit/color RGBA, non-interlaced
Size:   30388
Md5:    159f0e0c4fecab8d65dbc7f32c4fc48e
Sha1:   d26a66da7b6ed1ac4ccf2604042ee01999df2be6
Sha256: 0ae6552f70eb14ee3caa5d9561104077896381e91c5eec53d3a217e00eabb0c9
                                        
                                            GET /dp/hangzhou.png HTTP/1.1 
Host: dp.cdn.qingchu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://parking.zunmi.cn/?site=nanawg.com&acct=1108

                                         
                                         122.72.35.138
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: Tengine
Content-Length: 21865
Connection: keep-alive
Date: Thu, 07 Dec 2017 16:52:03 GMT
Last-Modified: Tue, 28 Nov 2017 02:07:08 GMT
Etag: "5a1cc4cc-5569"
Accept-Ranges: bytes
Via: cache48.l2et15-2[0,304-0,H], cache23.l2et15-2[2,0], kunlun9.cn70[0,200-0,H], kunlun4.cn70[0,0]
Age: 2405
X-Cache: HIT TCP_MEM_HIT dirn:1:216219257 mlen:-1
X-Swift-SaveTime: Thu, 07 Dec 2017 17:10:49 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 7a4823c415126679282097537e


--- Additional Info ---
Magic:  PNG image, 246 x 123, 8-bit colormap, interlaced
Size:   21865
Md5:    c182ebb2990f5e0ea54bcbadd01621bc
Sha1:   a72f063dce63f3bec5694bf087216ee9ca073b9f
Sha256: 81666b2afaae37f49a4999688c4a1fb07936aacf3957e5b9aab3b1d73ad2c621
                                        
                                            GET /dp/taibei.png HTTP/1.1 
Host: dp.cdn.qingchu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://parking.zunmi.cn/?site=nanawg.com&acct=1108

                                         
                                         122.72.35.138
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: Tengine
Content-Length: 28217
Connection: keep-alive
Date: Thu, 07 Dec 2017 16:51:53 GMT
Last-Modified: Tue, 28 Nov 2017 02:07:08 GMT
Etag: "5a1cc4cc-6e39"
Accept-Ranges: bytes
Via: cache30.l2et15-2[0,304-0,H], cache30.l2et15-2[0,0], kunlun2.cn70[0,200-0,H], kunlun1.cn70[0,0]
Age: 2415
X-Cache: HIT TCP_MEM_HIT dirn:6:407666522 mlen:-1
X-Swift-SaveTime: Thu, 07 Dec 2017 17:11:43 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 7a4823c115126679282124428e


--- Additional Info ---
Magic:  PNG image, 246 x 123, 8-bit colormap, interlaced
Size:   28217
Md5:    759fa853f9e95087f9756e61c0777356
Sha1:   ea611de25fef7930ab67d32810fde937a4106e36
Sha256: 719f034f9d7519bad1e82c88205439a486fc8f9ce0b5ab2d970e37bddfd211b1
                                        
                                            GET /dp/mangu.png HTTP/1.1 
Host: dp.cdn.qingchu.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://parking.zunmi.cn/?site=nanawg.com&acct=1108

                                         
                                         122.72.35.138
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: Tengine
Content-Length: 22149
Connection: keep-alive
Date: Thu, 07 Dec 2017 16:48:22 GMT
Last-Modified: Tue, 28 Nov 2017 02:07:08 GMT
Etag: "5a1cc4cc-5685"
Accept-Ranges: bytes
Via: cache17.l2nu17-1[0,304-0,H], cache24.l2nu17-1[1,0], kunlun4.cn70[0,200-0,H], kunlun2.cn70[1,0]
Age: 2626
X-Cache: HIT TCP_MEM_HIT dirn:6:168442179 mlen:-1
X-Swift-SaveTime: Thu, 07 Dec 2017 17:10:06 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: 7a4823c215126679282084965e


--- Additional Info ---
Magic:  PNG image, 246 x 123, 8-bit colormap, interlaced
Size:   22149
Md5:    bdfb3228ceb80d61f3b261c528b4af28
Sha1:   5c8fda200c8834afe32d3af4075243d624b6cd94
Sha256: 0c2e4063e5acc43e462fd28d5c982a07da68bf661a9ec81b1c61f01a9c43ef12
                                        
                                            GET /media.php?id=100451 HTTP/1.1 
Host: cz01016102.ms758.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://parking.zunmi.cn/?site=nanawg.com&acct=1108

                                         
                                         122.224.223.182
HTTP/1.1 200 OK
Content-Type: text/html; charset=gb2312
                                        
Server: nginx/1.4.3
Date: Thu, 07 Dec 2017 17:32:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.3.28
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Cache-Control: no-cache, must-revalidate
Set-Cookie: cgImageHost=static.2; expires=Sun, 28-Oct-2334 11:18:46 GMT; path=/; domain=.chenggao.cn


--- Additional Info ---
Magic:  ASCII text, with very long lines, with CRLF line terminators
Size:   12010
Md5:    0117c7358cb8bc396e6d4bde290c6754
Sha1:   716a75883dd9b22c1c4aef6346d810fb698e5961
Sha256: 5a2c43276c41ddc8e51a4a137cb8ecdd99bb1108d04c4890eb5f4b4e07fa023a
                                        
                                            GET /parking/cnzz.html HTTP/1.1 
Host: cdn.dragonstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://parking.zunmi.cn/?site=nanawg.com&acct=1108

                                         
                                         195.27.31.226
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: Tengine
Content-Length: 170
Connection: keep-alive
Date: Thu, 07 Dec 2017 17:22:57 GMT
Last-Modified: Tue, 27 Sep 2016 07:12:26 GMT
Etag: "57ea1bda-aa"
Accept-Ranges: bytes
Via: cache36.l2de1[3832,304-0,H], cache18.l2de1[3833,0], cache3.de1[0,200-0,H], cache11.de1[0,0]
Age: 559
X-Cache: HIT TCP_MEM_HIT dirn:3:832126988 mlen:-1
X-Swift-SaveTime: Thu, 07 Dec 2017 17:22:57 GMT
X-Swift-CacheTime: 3600
Timing-Allow-Origin: *
EagleId: c31b1fd315126679369541117e


--- Additional Info ---
Magic:  HTML document text
Size:   170
Md5:    235f00088273db110003d5a31be48260
Sha1:   9971f11927a2e4ea5aeca14a84c119aaf174df76
Sha256: b4aab4111b352794eb354f3cb6ad8c009f975fa17f17ee13b836dd1d87a5e0ca
                                        
                                            GET /images/close.png HTTP/1.1 
Host: static.jointreport-switch.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://parking.zunmi.cn/?site=nanawg.com&acct=1108
Cookie: staticImageHost=static

                                         
                                         122.225.106.109
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.2.5
Date: Thu, 07 Dec 2017 17:32:17 GMT
Content-Length: 536
Connection: keep-alive
Last-Modified: Fri, 19 May 2017 05:03:50 GMT
Etag: "591e7cb6-218"
Expires: Sat, 06 Jan 2018 17:32:17 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 20 x 20, 8-bit/color RGBA, non-interlaced
Size:   536
Md5:    f1f36c8e38b94efcd7fd067fcf8fd057
Sha1:   9408c36f33a8258c4f0414d55909b5fd8985baa6
Sha256: 97485f32862f19bc73f41214c517af8e03dee1d2c0ff8d8d9da6d04c511ebff5
                                        
                                            GET /images/ad_bg.png HTTP/1.1 
Host: static.jointreport-switch.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://parking.zunmi.cn/?site=nanawg.com&acct=1108
Cookie: staticImageHost=static

                                         
                                         122.225.106.109
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx/1.2.5
Date: Thu, 07 Dec 2017 17:32:17 GMT
Content-Length: 1025
Connection: keep-alive
Last-Modified: Fri, 19 May 2017 05:03:50 GMT
Etag: "591e7cb6-401"
Expires: Sat, 06 Jan 2018 17:32:17 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 25 x 14, 8-bit/color RGBA, non-interlaced
Size:   1025
Md5:    d281ae4eccb1c2b6e57f4867c5054219
Sha1:   db425f3a6862d9d59bd220671a97c4550760ede1
Sha256: f81b87d66b18ac8e123c1c0bc0a81d72bd7a796e2e3bcadd34fb1203b9cda88c
                                        
                                            GET /jr_memched.php?pp=1%7C1512667937%7Chttp%253A%252F%252Fparking.zunmi.cn%252F%253Fsite%253Dnanawg.com%2526acct%253D1108%7C%7C1%2C1%2Cen%2C1%2C1176_885&ap=320,270,6358,4557,5229,1,0&mp=7946,6358,5393,liyue,MC42 HTTP/1.1 
Host: media.jointreport-switch.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://parking.zunmi.cn/?site=nanawg.com&acct=1108
Cookie: staticImageHost=static

                                         
                                         60.12.69.149
HTTP/1.1 200 OK
Content-Type: text/html; charset=gb2312
                                        
Server: tengine
Date: Thu, 07 Dec 2017 17:32:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.3.28
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Set-Cookie: lgVTN63581294500219=_5229; expires=Fri, 08-Dec-2017 16:00:00 GMT; path=/; domain=.jointreport-switch.com union_lg_images_cookie=lg1; expires=Sun, 28-Oct-2334 11:18:57 GMT; path=/; domain=.jointreport-switch.com


--- Additional Info ---
Magic:  ASCII HTML document text, with very long lines
Size:   2696
Md5:    927d24ff99f99b05001dcdf5563d092c
Sha1:   e07ebb6ed2946843e0d6364d575cc02c6517541d
Sha256: 0eeb881e407b4783df0746f7084e62f253d576e31f7c924978635ac91badc444
                                        
                                            GET /z_stat.php?id=1260476477&web_id=1260476477 HTTP/1.1 
Host: s11.cnzz.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://cdn.dragonstatic.com/parking/cnzz.html

                                         
                                         222.186.49.224
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: Tengine
Content-Length: 10988
Connection: keep-alive
Date: Thu, 07 Dec 2017 17:08:22 GMT
Last-Modified: Thu, 07 Dec 2017 17:08:22 GMT
Cache-Control: max-age=5400,s-maxage=5400
Via: cache10.l2et15[0,200-0,H], cache19.l2et15[0,0], kunlun8.cn74[0,200-0,H], kunlun5.cn74[0,0]
Age: 1436
X-Cache: HIT TCP_MEM_HIT dirn:11:558538001 mlen:-1
X-Swift-SaveTime: Thu, 07 Dec 2017 17:08:24 GMT
X-Swift-CacheTime: 5398
Timing-Allow-Origin: *
EagleId: deba319e15126679383538382e


--- Additional Info ---
Magic:  ASCII text, with very long lines
Size:   10988
Md5:    d2e72bb0b3b9a986ef2d4c0189ccb8d7
Sha1:   b60549e72b12019b1010144e20d5ab7730c8597c
Sha256: 2ff055ba94375561f9be209da8636237b7be4f9c908e3006ea6ffa9bd636499d
                                        
                                            GET /static/close.png HTTP/1.1 
Host: static.2.chenggao.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://parking.zunmi.cn/?site=nanawg.com&acct=1108

                                         
                                         122.224.223.181
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: tengine
Date: Thu, 07 Dec 2017 17:32:18 GMT
Content-Length: 3392
Connection: keep-alive
Last-Modified: Tue, 05 Apr 2016 02:33:39 GMT
Etag: "57032403-d40"
Expires: Sat, 06 Jan 2018 17:32:18 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 20 x 20, 8-bit/color RGBA, non-interlaced
Size:   3392
Md5:    c524d541ed359bbb95ab2aa732e9a476
Sha1:   cf72cd5f06ee0a30b9060034206bb933fdc51d6c
Sha256: a1e2fa26e96ee147452b933555e84bf7dea66652ad728dfe379037c4a6e71f2f
                                        
                                            GET /static/ad.png HTTP/1.1 
Host: static.2.chenggao.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://parking.zunmi.cn/?site=nanawg.com&acct=1108

                                         
                                         122.224.223.181
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: tengine
Date: Thu, 07 Dec 2017 17:32:18 GMT
Content-Length: 2899
Connection: keep-alive
Last-Modified: Thu, 08 Sep 2016 02:06:18 GMT
Etag: "57d0c79a-b53"
Expires: Sat, 06 Jan 2018 17:32:18 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 27 x 18, 8-bit/color RGBA, non-interlaced
Size:   2899
Md5:    b426108219fa5d389f40d76a1d478896
Sha1:   b359b9131116a8dd580fe2deefa744773945522b
Sha256: 72605a5f48694bf6ed6ecbe980b58d56bd8a3f463076485893af62ae836d6eb0
                                        
                                            GET /media-export.php?pp=1%7C1512667937%7Chttp%253A%252F%252Fparking.zunmi.cn%252F%253Fsite%253Dnanawg.com%2526acct%253D1108%7C%7C1%2C1%2Cen%2C1%2C1176_885&ap=300,250,100451,100421,100423,1,0&mp=100486,100451,100451,liyue0712@gmail.com,MC45 HTTP/1.1 
Host: cpv.ty229.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://parking.zunmi.cn/?site=nanawg.com&acct=1108

                                         
                                         122.224.223.183
HTTP/1.1 200 OK
Content-Type: text/html; charset=gb2312
                                        
Server: nginx/1.4.3
Date: Thu, 07 Dec 2017 17:32:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.3.28
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Set-Cookie: lgVTN1004511294500219=_100423; expires=Fri, 08-Dec-2017 16:00:00 GMT; path=/; domain=.ty229.com cgImageHost=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; domain=.chenggao.cn


--- Additional Info ---
Magic:  ASCII HTML document text, with very long lines
Size:   3020
Md5:    c8815d079bcf5ecf59ced7d756a8d5e9
Sha1:   e6c7f90659c828ffc466e011b6657ce02e85f166
Sha256: 36cdfb29d0a02a8b8e28373f56991a3b2e485ea479bd370e6679b443934a00e2
                                        
                                            GET /scripts/map.js HTTP/1.1 
Host: static.jointreport-switch.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://media.jointreport-switch.com/jr_memched.php?pp=1%7C1512667937%7Chttp%253A%252F%252Fparking.zunmi.cn%252F%253Fsite%253Dnanawg.com%2526acct%253D1108%7C%7C1%2C1%2Cen%2C1%2C1176_885&ap=320,270,6358,4557,5229,1,0&mp=7946,6358,5393,liyue,MC42
Cookie: staticImageHost=static; lgVTN63581294500219=_5229; union_lg_images_cookie=lg1

                                         
                                         122.225.106.109
HTTP/1.1 200 OK
Content-Type: application/x-javascript; charset=gb2312
                                        
Server: nginx/1.2.5
Date: Thu, 07 Dec 2017 17:32:17 GMT
Content-Length: 4517
Connection: keep-alive
Last-Modified: Fri, 19 May 2017 05:03:50 GMT
Etag: "591e7cb6-11a5"
Expires: Thu, 14 Dec 2017 17:32:17 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   4517
Md5:    bfe2ae192abaf71295caa4767c76ba30
Sha1:   bd664d81097d732e3a4974da72849f86f5fa495e
Sha256: 017ee2c18d7edab06ef24aa2f83967f8e2b064166e2ad543eca7f8eb67e0ea31
                                        
                                            GET /jr_prototype.php?mp=7946,6358,5393,liyue,MC42&ap=320,270,6358,4557,5229,1,0&pp=1%7C1512667937%7Chttp%253A%252F%252Fparking.zunmi.cn%252F%253Fsite%253Dnanawg.com%2526acct%253D1108%7C%7C1%2C1%2Cen%2C1%2C1176_885&kp=1&secret=410078d478ca0b69d9bd9eda4f3d115d900&st=1512667938716 HTTP/1.1 
Host: media.jointreport-switch.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://media.jointreport-switch.com/jr_memched.php?pp=1%7C1512667937%7Chttp%253A%252F%252Fparking.zunmi.cn%252F%253Fsite%253Dnanawg.com%2526acct%253D1108%7C%7C1%2C1%2Cen%2C1%2C1176_885&ap=320,270,6358,4557,5229,1,0&mp=7946,6358,5393,liyue,MC42
Cookie: staticImageHost=static; lgVTN63581294500219=_5229; union_lg_images_cookie=lg1

                                         
                                         60.12.69.149
HTTP/1.1 200 OK
Content-Type: text/html; charset=gb2312
                                        
Server: tengine
Date: Thu, 07 Dec 2017 17:32:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.3.28
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Cache-Control: no-cache, must-revalidate
Set-Cookie: lgunion_1_5229=yes; expires=Thu, 07-Dec-2017 18:32:18 GMT; path=/; domain=.jointreport-switch.com lgunion_1=yes; expires=Mon, 02-Apr-2018 11:18:57 GMT; path=/; domain=.jointreport-switch.com


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   4
Md5:    6985d52679a1d08a6f620b08d8cc6adc
Sha1:   1278f02648361281042214e7007e61abfad7b125
Sha256: 8a693efa4edf0012e1f32b00e4be332537d41f3e244d374779d6bfd0f1241cb6
                                        
                                            GET /core.php?web_id=1260476477&t=z HTTP/1.1 
Host: c.cnzz.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://cdn.dragonstatic.com/parking/cnzz.html

                                         
                                         222.186.49.224
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: Tengine
Content-Length: 764
Connection: keep-alive
Date: Thu, 07 Dec 2017 17:30:34 GMT
Last-Modified: Thu, 07 Dec 2017 17:30:34 GMT
Expires: Thu, 07 Dec 2017 17:45:34 GMT
Via: cache11.l2et15[0,200-0,H], cache6.l2et15[0,0], kunlun10.cn74[0,200-0,H], kunlun6.cn74[0,0]
Age: 104
X-Cache: HIT TCP_MEM_HIT dirn:-2:-2 mlen:-1
X-Swift-SaveTime: Thu, 07 Dec 2017 17:30:35 GMT
X-Swift-CacheTime: 899
Timing-Allow-Origin: *
EagleId: deba319f15126679389204192e


--- Additional Info ---
Magic:  ASCII text, with very long lines, with no line terminators
Size:   764
Md5:    44f8db0069b0d2e936a64cc9c3c01db1
Sha1:   7c4fe7373d0482037a6678777f67732de0946c16
Sha256: 36f50450733fb73d31284007538375b4221e867e9bfc66a3636d5561e984c8cb
                                        
                                            GET /stat.htm?id=1260476477&r=http%3A%2F%2Fparking.zunmi.cn%2F%3Fsite%3Dnanawg.com%26acct%3D1108&lg=en-us&ntime=none&cnzz_eid=1150469819-1512666502-http%3A%2F%2Fparking.zunmi.cn%2F&showp=1176x885&t=&umuuid=1603208feca1-09efd5c0f86f3b-6c242d76-fe178-1603208fecb3&h=1&rnd=1699227326 HTTP/1.1 
Host: z13.cnzz.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://cdn.dragonstatic.com/parking/cnzz.html

                                         
                                         140.205.218.67
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Server: Tengine
Date: Thu, 07 Dec 2017 17:32:18 GMT
Transfer-Encoding: chunked
Connection: close
Vary: Accept-Encoding
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   22
Md5:    8bd3e739a9ba80a435f0214811da0c2a
Sha1:   bfc17d1e04e56542eb8037f08ed142efd252ea82
Sha256: a2dd5774b01bbfc29140279e02fea087df42a4c257dce8858226737a2e521986
                                        
                                            GET /9.gif?abc=1&rnd=1030165555 HTTP/1.1 
Host: cnzz.mmstat.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://cdn.dragonstatic.com/parking/cnzz.html

                                         
                                         106.11.249.207
HTTP/1.1 302 Found
Content-Type: image/gif
                                        
Date: Thu, 07 Dec 2017 17:32:20 GMT
Content-Length: 43
Connection: close
P3P: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
Set-Cookie: cna=JGmwEryTCkkCAU0ogXs3nYP4; expires=Sun, 05-Dec-27 17:32:20 GMT; path=/; domain=.mmstat.com sca=7c0b88f4; path=/; domain=.cnzz.mmstat.com atpsida=c8f62a6ec1ac4c129f0ea622_1512667940_1; path=/; domain=.cnzz.mmstat.com
Location: http://pcookie.cnzz.com/app.gif?&cna=JGmwEryTCkkCAU0ogXs3nYP4
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Pragma: no-cache


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /app.gif?&cna=JGmwEryTCkkCAU0ogXs3nYP4 HTTP/1.1 
Host: pcookie.cnzz.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://cdn.dragonstatic.com/parking/cnzz.html

                                         
                                         106.11.94.21
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Thu, 07 Dec 2017 17:32:20 GMT
Content-Length: 43
Connection: close
P3P: CP="NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR IND UNI PUR NAV"
Set-Cookie: cna=JGmwEryTCkkCAU0ogXs3nYP4; expires=Sun, 05-Dec-27 17:32:20 GMT; path=/; domain=.cnzz.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Pragma: no-cache


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /get/flashplayer/update/current/xml/version_en_win_pl.xml HTTP/1.1 
Host: fpdownload2.macromedia.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         195.159.219.11
HTTP/1.1 200 OK
Content-Type: text/xml
                                        
Server: Apache
Last-Modified: Tue, 14 Nov 2017 08:44:30 GMT
Etag: "60c-55ded653e1e84"
Accept-Ranges: bytes
Content-Length: 1548
Date: Thu, 07 Dec 2017 17:32:21 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  XML document text\012 XML document text
Size:   1548
Md5:    daa117c244b4288dd26762f5453b48da
Sha1:   ca1c278fb39c4bf57caac9b5715e22da5117d5f0
Sha256: da898c058b631f7fedd990eb9826150a5a78b402544c17cb856172a89b83a9dd
                                        
                                            GET /html/4557/320270.swf HTTP/1.1 
Host: lg1.jointreport-switch.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://media.jointreport-switch.com/jr_memched.php?pp=1%7C1512667937%7Chttp%253A%252F%252Fparking.zunmi.cn%252F%253Fsite%253Dnanawg.com%2526acct%253D1108%7C%7C1%2C1%2Cen%2C1%2C1176_885&ap=320,270,6358,4557,5229,1,0&mp=7946,6358,5393,liyue,MC42
Cookie: staticImageHost=static; lgVTN63581294500219=_5229; union_lg_images_cookie=lg1

                                         
                                         122.225.106.109
HTTP/1.1 200 OK
Content-Type: application/x-shockwave-flash
                                        
Server: nginx/1.2.5
Date: Thu, 07 Dec 2017 17:32:19 GMT
Content-Length: 44486
Connection: keep-alive
Last-Modified: Tue, 07 Nov 2017 02:36:01 GMT
Etag: "5a011c11-adc6"
Expires: Sat, 06 Jan 2018 17:32:19 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  Macromedia Flash data (compressed), version 8
Size:   44486
Md5:    d8c060ecee20248787c018c04ea9fbe9
Sha1:   db677125ccdbc6d851310c27cf86e7448cb5e232
Sha256: 7d593048bab05153478507e2457f9f450d5278007abdf16846cfef6503a4f07a
                                        
                                            GET /static/export.js HTTP/1.1 
Host: static.3.chenggao.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://cpv.ty229.com/media-export.php?pp=1%7C1512667937%7Chttp%253A%252F%252Fparking.zunmi.cn%252F%253Fsite%253Dnanawg.com%2526acct%253D1108%7C%7C1%2C1%2Cen%2C1%2C1176_885&ap=300,250,100451,100421,100423,1,0&mp=100486,100451,100451,liyue0712@gmail.com,MC45

                                         
                                         122.224.223.181
HTTP/1.1 200 OK
Content-Type: application/x-javascript; charset=gb2312
                                        
Server: tengine
Date: Thu, 07 Dec 2017 17:32:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 30 Mar 2016 05:15:57 GMT
Expires: Thu, 14 Dec 2017 17:32:22 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   1094
Md5:    3f1a738c488813b27adce480fb0db347
Sha1:   a76eef8c641bc1123910d22e3d169086c4a8acb3
Sha256: 1b565aa1328341f013fb8e2a8488790742fb6287ee7972442054552e478e9986
                                        
                                            GET /media-display.php?mp=100486,100451,100451,liyue0712@gmail.com,MC45&ap=300,250,100451,100421,100423,1,0&pp=1%7C1512667937%7Chttp%253A%252F%252Fparking.zunmi.cn%252F%253Fsite%253Dnanawg.com%2526acct%253D1108%7C%7C1%2C1%2Cen%2C1%2C1176_885&kp=1&secret=1236dbc4c27e319ba4c92c32ce2c186698d&st=1512667942286 HTTP/1.1 
Host: cpv.ty229.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://cpv.ty229.com/media-export.php?pp=1%7C1512667937%7Chttp%253A%252F%252Fparking.zunmi.cn%252F%253Fsite%253Dnanawg.com%2526acct%253D1108%7C%7C1%2C1%2Cen%2C1%2C1176_885&ap=300,250,100451,100421,100423,1,0&mp=100486,100451,100451,liyue0712@gmail.com,MC45
Cookie: lgVTN1004511294500219=_100423

                                         
                                         122.224.223.183
HTTP/1.1 200 OK
Content-Type: text/html; charset=gb2312
                                        
Server: nginx/1.4.3
Date: Thu, 07 Dec 2017 17:32:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.3.28
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Cache-Control: no-cache, must-revalidate
Set-Cookie: orangereport_1_100423=yes; expires=Thu, 07-Dec-2017 18:32:22 GMT; path=/; domain=.ty229.com orangereport_1=yes; expires=Mon, 02-Apr-2018 11:19:01 GMT; path=/; domain=.ty229.com


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   4
Md5:    6985d52679a1d08a6f620b08d8cc6adc
Sha1:   1278f02648361281042214e7007e61abfad7b125
Sha256: 8a693efa4edf0012e1f32b00e4be332537d41f3e244d374779d6bfd0f1241cb6
                                        
                                            GET /fronts/100421/300250.gif HTTP/1.1 
Host: static.3.chenggao.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://cpv.ty229.com/media-export.php?pp=1%7C1512667937%7Chttp%253A%252F%252Fparking.zunmi.cn%252F%253Fsite%253Dnanawg.com%2526acct%253D1108%7C%7C1%2C1%2Cen%2C1%2C1176_885&ap=300,250,100451,100421,100423,1,0&mp=100486,100451,100451,liyue0712@gmail.com,MC45

                                         
                                         122.224.223.181
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: tengine
Date: Thu, 07 Dec 2017 17:32:22 GMT
Content-Length: 51408
Connection: keep-alive
Last-Modified: Wed, 23 Aug 2017 07:49:45 GMT
Etag: "599d3399-c8d0"
Expires: Sat, 06 Jan 2018 17:32:22 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 300 x 250
Size:   51408
Md5:    f063443d3f9e0e899f89f7efa0af6307
Sha1:   7c7ea067a9b62748b7b7aa6c4e1f9f62e4876a16
Sha256: 6465014266cdc21550322523b62b530f83219163e9dd4e8a1cf3d10306469a17
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: parking.zunmi.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         47.93.103.196
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx/1.6.2
Date: Thu, 07 Dec 2017 17:32:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   131
Md5:    a4165dcb351799bd7d512d64542b82e0
Sha1:   19e43a087f6a4c6e40bc2fc1f6e690ff18fbe534
Sha256: 100732a8b064ae5139e987b185e32f0dbdafbd31ad2e0646b95369a129e8c911
                                        
                                            GET /1.gif?domain=parking.zunmi.cn&url=http%3A%2F%2Fparking.zunmi.cn%2F%3Fsite%3Dnanawg.com%26acct%3D1108&referrer=&width=1176&height=885&color=24&ad=1&_uid=1512667926897-0 HTTP/1.1 
Host: track.dragonparking.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://parking.zunmi.cn/?site=nanawg.com&acct=1108

                                         
                                         123.57.32.97
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx/1.6.2
Date: Thu, 07 Dec 2017 17:32:23 GMT
Content-Length: 43
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Connection: keep-alive
Set-Cookie: dragonid=6a2bb87d0fe2ce50656374f51bfaf9ad; expires=Thu, 31-Dec-37 23:55:55 GMT; max-age=2147483647; path=/; domain=.dragonparking.com


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: parking.zunmi.cn
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         47.93.103.196
HTTP/1.1 404 Not Found
Content-Type: text/html
                                        
Server: nginx/1.6.2
Date: Thu, 07 Dec 2017 17:32:25 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   131
Md5:    a4165dcb351799bd7d512d64542b82e0
Sha1:   19e43a087f6a4c6e40bc2fc1f6e690ff18fbe534
Sha256: 100732a8b064ae5139e987b185e32f0dbdafbd31ad2e0646b95369a129e8c911