r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a9f1d4d98705c281fed3b60343463200
db6f8aa98d2eda4e5473b116a222c3055568bb78
164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6860
Expires: Sat, 26 Nov 2022 17:07:18 GMT
Date: Sat, 26 Nov 2022 15:12:58 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 15b59d5e62caedb4bec3ba6724906c1e
960f801e608a56fdd11449f4face29f62cad2b21
8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3891
Cache-Control: max-age=159781
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 15:12:58 GMT
Etag: "6381eaec-1d7"
Expires: Mon, 28 Nov 2022 11:35:59 GMT
Last-Modified: Sat, 26 Nov 2022 10:31:08 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16857
Expires: Sat, 26 Nov 2022 19:53:55 GMT
Date: Sat, 26 Nov 2022 15:12:58 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 26 Nov 2022 14:19:13 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3225
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: mWYdozSbUyANcji1XuaGo9VCnRyM4g9N0zBPCjy2lDOvbv9N2eo9tS2p7t7ZflHwAkpvHdvrDR8=
x-amz-request-id: SDTD41J7JGDYC32R
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 26 Nov 2022 14:41:15 GMT
age: 1903
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 15:12:58 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 26 Nov 2022 15:11:12 GMT
cache-control: public,max-age=3600
age: 106
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
www.zgbzh.com/a/cn/page_12.html
45.122.136.226200 OK 2.8 kB URL HTTP/1.1 www.zgbzh.com/a/cn/page_12.html
IP 45.122.136.226:0
ASN #132742 Guochao Group limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Hash a2a0fc5971bb531d652ea7b06ed5801b
fb0bf69730ed65b066659c48c4fc2a5f5e975213
750501d809affbc1952d1b704a5e4de185cea57d79bb97acdc296be1b1544a21
Analyzer Verdict Alert fortinet Phishing
GET /a/cn/page_12.html HTTP/1.1
Host: www.zgbzh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:12:58 GMT
Content-Type: text/html
Last-Modified: Sat, 26 Nov 2022 15:12:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63822cee-441d"
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d3df71aab146eefc49acb608796aab63
8401892995193919376dfcd798b09c8261579454
a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5542
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 15:12:59 GMT
Last-Modified: Sat, 26 Nov 2022 13:40:37 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.163.38.240101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.163.38.240:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: igt9QrXbdbAWGCUJReMcyQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: BG0MX/ApH/2axnxdxkpoPWwEZeo=
www.zgbzh.com/jquery.gg.min.js
45.122.136.226200 OK 12 kB URL HTTP/1.1 www.zgbzh.com/jquery.gg.min.js
IP 45.122.136.226:0
ASN #132742 Guochao Group limited
File type Unicode text, UTF-8 text, with very long lines (27951), with no line terminators
Hash 51322614173b5ad84c8f646dc8a6407d
5e14f0bd94c75a113a83079ec33e9436feadc99a
5c7c0122523fa0d857219bd06d043c868078067e1a178719edede4f668ccc88f
Analyzer Verdict Alert fortinet Phishing
GET /jquery.gg.min.js HTTP/1.1
Host: www.zgbzh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.zgbzh.com/a/cn/page_12.html
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:12:59 GMT
Content-Type: application/javascript
Last-Modified: Mon, 14 Nov 2022 05:13:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6371ce64-6d37"
Expires: Sun, 27 Nov 2022 03:12:59 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.zgbzh.com/statics/home/css/tkr.css
45.122.136.226200 OK 24 kB URL HTTP/1.1 www.zgbzh.com/statics/home/css/tkr.css
IP 45.122.136.226:0
ASN #132742 Guochao Group limited
File type ASCII text, with very long lines (64987)
Hash c0bb7f6a52e678fa6ff67daafb7f40e2
ff83ebddfdfbd3c3178997965d2fd5bd4b6d1433
b48d3b2fd2cd8f9cfd25b115d97d57b78521c3bc18fcb2444700d3b3ac9e53b2
GET /statics/home/css/tkr.css HTTP/1.1
Host: www.zgbzh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.zgbzh.com/a/cn/page_12.html
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:12:59 GMT
Content-Type: text/css
Last-Modified: Mon, 14 Nov 2022 09:24:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63720936-1dd75"
Expires: Sun, 27 Nov 2022 03:12:59 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.zgbzh.com/jquery.tj.min.js
45.122.136.226200 OK 516 B URL HTTP/1.1 www.zgbzh.com/jquery.tj.min.js
IP 45.122.136.226:0
ASN #132742 Guochao Group limited
Hash 6143fbcf54656b26a2a1bd5aa350cf65
7fbd7a1647b5318ef020917e38bb1c1925ed1b0a
1f6bd52978f232b919f62f0a827238cf729d7d935f6c6f6c291275f2806cf931
Analyzer Verdict Alert fortinet Phishing
GET /jquery.tj.min.js HTTP/1.1
Host: www.zgbzh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.zgbzh.com/a/cn/page_12.html
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:12:59 GMT
Content-Type: application/javascript
Content-Length: 516
Last-Modified: Mon, 14 Nov 2022 05:13:08 GMT
Connection: keep-alive
ETag: "6371ce64-204"
Expires: Sun, 27 Nov 2022 03:12:59 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
www.zgbzh.com/statics/home/css/jwg.css
45.122.136.226200 OK 1.2 kB URL HTTP/1.1 www.zgbzh.com/statics/home/css/jwg.css
IP 45.122.136.226:0
ASN #132742 Guochao Group limited
File type troff or preprocessor input, Unicode text, UTF-8 text
Hash 7868bd3ffe2377782f2f6a693b2d5654
721c7ad7ef312863d1cd6957e2e7d2d7f66e97b9
fbf739c6b8f5c650b04efc81d11d6098ee1f36c94f43771e920cae623abe434a
GET /statics/home/css/jwg.css HTTP/1.1
Host: www.zgbzh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.zgbzh.com/a/cn/page_12.html
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:12:59 GMT
Content-Type: text/css
Last-Modified: Mon, 14 Nov 2022 09:24:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63720936-d35"
Expires: Sun, 27 Nov 2022 03:12:59 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.zgbzh.com/statics/home/css/elm.css
45.122.136.226200 OK 5.3 kB URL HTTP/1.1 www.zgbzh.com/statics/home/css/elm.css
IP 45.122.136.226:0
ASN #132742 Guochao Group limited
File type ASCII text, with very long lines (57319)
Hash 5b58ce0329dc7859856962e7b20a257a
3505b43e170d1bf7be09a0d1a33328e76f25e361
823ea76640f8198195f04e1a5ed9696f825e6f3cb968fa9d2cc103548bad8cd9
GET /statics/home/css/elm.css HTTP/1.1
Host: www.zgbzh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.zgbzh.com/a/cn/page_12.html
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:12:59 GMT
Content-Type: text/css
Last-Modified: Mon, 14 Nov 2022 09:24:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63720939-e089"
Expires: Sun, 27 Nov 2022 03:12:59 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.zgbzh.com/statics/home/css/hfn.css
45.122.136.226200 OK 1.1 kB URL HTTP/1.1 www.zgbzh.com/statics/home/css/hfn.css
IP 45.122.136.226:0
ASN #132742 Guochao Group limited
File type ASCII text, with very long lines (3184)
Hash 209e6446f0ac61cd77efee3aee008126
1f1b5d580b7b28db861032347c809fd53de2dd00
011951983768636cab58192c860ff5909cea2ee1069177a5761f61dc4a8947c7
GET /statics/home/css/hfn.css HTTP/1.1
Host: www.zgbzh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.zgbzh.com/a/cn/page_12.html
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:12:59 GMT
Content-Type: text/css
Last-Modified: Mon, 14 Nov 2022 09:24:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63720937-d17"
Expires: Sun, 27 Nov 2022 03:12:59 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.zgbzh.com/statics/home/css/qcq.css
45.122.136.226200 OK 1.0 kB URL HTTP/1.1 www.zgbzh.com/statics/home/css/qcq.css
IP 45.122.136.226:0
ASN #132742 Guochao Group limited
File type ASCII text, with very long lines (846)
Hash 594b81805a98b267e47c70a8fad30d9f
684d84ec40b305ca14efc88c91f12972cb6342b4
924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac
GET /statics/home/css/qcq.css HTTP/1.1
Host: www.zgbzh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.zgbzh.com/a/cn/page_12.html
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:12:59 GMT
Content-Type: text/css
Content-Length: 1013
Last-Modified: Mon, 14 Nov 2022 09:24:07 GMT
Connection: keep-alive
ETag: "63720937-3f5"
Expires: Sun, 27 Nov 2022 03:12:59 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes
www.zgbzh.com/statics/home/css/rsm.css
45.122.136.226200 OK 947 B URL HTTP/1.1 www.zgbzh.com/statics/home/css/rsm.css
IP 45.122.136.226:0
ASN #132742 Guochao Group limited
Hash 6d558d5ae0599ad7242d6326d0bcc81a
8353b72a9ee1ff9c5547a67f22077416ede0a189
436ce7e334e040d4625e4773f213a676aec72d280a1b53be0cd12f000e6e599f
GET /statics/home/css/rsm.css HTTP/1.1
Host: www.zgbzh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.zgbzh.com/a/cn/page_12.html
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:13:00 GMT
Content-Type: text/css
Last-Modified: Mon, 14 Nov 2022 09:24:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63720937-beb"
Expires: Sun, 27 Nov 2022 03:13:00 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.zgbzh.com/statics/home/js/zka.js
45.122.136.226200 OK 12 kB URL HTTP/1.1 www.zgbzh.com/statics/home/js/zka.js
IP 45.122.136.226:0
ASN #132742 Guochao Group limited
File type ASCII text, with very long lines (32004)
Hash 028209095d55bc5e19727c49bfe4d921
725d42ad2e764dd161004d652252d23620dd84b8
55a59309a92cbc788ce871da48ae9bfb03158b7d1fd286983db457d9eab0b014
Analyzer Verdict Alert fortinet Phishing
GET /statics/home/js/zka.js HTTP/1.1
Host: www.zgbzh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.zgbzh.com/a/cn/page_12.html
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:13:00 GMT
Content-Type: application/javascript
Last-Modified: Mon, 14 Nov 2022 09:24:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63720939-91d0"
Expires: Sun, 27 Nov 2022 03:13:00 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.zgbzh.com/statics/home/js/zdc.js
45.122.136.226200 OK 13 kB URL HTTP/1.1 www.zgbzh.com/statics/home/js/zdc.js
IP 45.122.136.226:0
ASN #132742 Guochao Group limited
File type ASCII text, with very long lines (31997)
Hash 4ec413917ff107b66a3a9e1eb5605e80
4ec23152043ede60f0ea0a3eb93fa68de52de02a
dcf9c2fb90a091260980dc6908aac49474abe63de142c96eef7c57394daa10f0
Analyzer Verdict Alert fortinet Phishing
GET /statics/home/js/zdc.js HTTP/1.1
Host: www.zgbzh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.zgbzh.com/a/cn/page_12.html
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:13:00 GMT
Content-Type: application/javascript
Last-Modified: Mon, 14 Nov 2022 09:24:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63720939-ad36"
Expires: Sun, 27 Nov 2022 03:13:00 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 04c3a43b6c4d52e99dad07e6fce44697
e37ea1ca0745e29a51b3bce2d4dbd66727f2ab03
a7d6523eec8617d19acea316df8e58db7071823108bf7cc553da72396d7d2042
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:13:00 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 30 Nov 2022 12:15:18 GMT
ETag: "e37ea1ca0745e29a51b3bce2d4dbd66727f2ab03"
Last-Modified: Sat, 26 Nov 2022 12:15:19 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2589
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770390c95e9eb4f1-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 04c3a43b6c4d52e99dad07e6fce44697
e37ea1ca0745e29a51b3bce2d4dbd66727f2ab03
a7d6523eec8617d19acea316df8e58db7071823108bf7cc553da72396d7d2042
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:13:00 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 30 Nov 2022 12:15:18 GMT
ETag: "e37ea1ca0745e29a51b3bce2d4dbd66727f2ab03"
Last-Modified: Sat, 26 Nov 2022 12:15:19 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2589
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770390c96eb3b4f1-OSL
www.go8ffs.com/nlp/index.php
85.208.118.17200 OK 2.0 kB URL HTTP/1.1 www.go8ffs.com/nlp/index.php
IP 85.208.118.17:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text
Hash 4f6234cab31018ff9234029a143870d1
1d5c1b8b5e1b8c7d105750072908854845912cfb
f86e79722c847f9b234bc471203ed1731061b4a8c3a407287c28c0d87abb00e7
GET /nlp/index.php HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.zgbzh.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:00 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.40
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Content-Encoding: gzip
www.zgbzh.com/statics/home/js/hxn.js
45.122.136.226200 OK 3.9 kB URL HTTP/1.1 www.zgbzh.com/statics/home/js/hxn.js
IP 45.122.136.226:0
ASN #132742 Guochao Group limited
File type Unicode text, UTF-8 text, with very long lines (11042), with CRLF line terminators
Hash 7e93d164eff538d73cbd7d422d822a35
01a108b19ef9119d2e389b9804088ef1178e7c7d
2a0a23ec0895fa48e0c5b8f1eb2bc44c2e9b029805adeffb4d5b1973ecec1c4c
Analyzer Verdict Alert fortinet Phishing
GET /statics/home/js/hxn.js HTTP/1.1
Host: www.zgbzh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.zgbzh.com/a/cn/page_12.html
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:13:00 GMT
Content-Type: application/javascript
Last-Modified: Mon, 14 Nov 2022 09:24:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63720939-2c46"
Expires: Sun, 27 Nov 2022 03:13:00 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.zgbzh.com/statics/home/js/rpc.js
45.122.136.226200 OK 37 kB URL HTTP/1.1 www.zgbzh.com/statics/home/js/rpc.js
IP 45.122.136.226:0
ASN #132742 Guochao Group limited
File type Unicode text, UTF-8 text, with very long lines (65479), with CRLF line terminators
Hash dad6b552d85a5ddb2ffb6428b4e648f0
2bc3faf980de5ed7aa5fe3bc86dc9b9441b361f1
ff8ae3aa8a5f947733ef432b0ec06fbd38fe4c85d92b76976164d317b998c0a5
Analyzer Verdict Alert fortinet Phishing
GET /statics/home/js/rpc.js HTTP/1.1
Host: www.zgbzh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.zgbzh.com/a/cn/page_12.html
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:13:00 GMT
Content-Type: application/javascript
Last-Modified: Mon, 14 Nov 2022 09:24:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63720939-16cfc"
Expires: Sun, 27 Nov 2022 03:13:00 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.go8ffs.com/nlp/html/css/reset.css
85.208.118.17200 OK 5.2 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/css/reset.css
IP 85.208.118.17:0
File type ASCII text, with very long lines (2097), with CRLF line terminators
Hash 7df0df24bd7a3fe1f6c10d9379dc461a
6e7fe0999ee4ce69a764f17aeebb5153185e7d5a
ff55ccb5d3823664606dfbea42aa42b5f8a18743ab68fd9ff4cca0dfc13ed03d
GET /nlp/html/css/reset.css HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:00 GMT
Content-Type: text/css
Last-Modified: Mon, 09 Dec 2019 10:22:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5dee2050-4a87"
Expires: Sun, 27 Nov 2022 03:13:00 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
www.zgbzh.com/statics/home/js/gkv.js
45.122.136.226200 OK 692 B URL HTTP/1.1 www.zgbzh.com/statics/home/js/gkv.js
IP 45.122.136.226:0
ASN #132742 Guochao Group limited
Hash 84d8a875766dc5047ff9d02bef958e3e
04a85060b1939537f0e475832c61288cf1909f55
c556adbd17ae3480ad0081913529b7884c253931af46afa8be6d605d38664eaa
Analyzer Verdict Alert fortinet Phishing
GET /statics/home/js/gkv.js HTTP/1.1
Host: www.zgbzh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.zgbzh.com/a/cn/page_12.html
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:13:00 GMT
Content-Type: application/javascript
Last-Modified: Mon, 14 Nov 2022 09:24:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6372093a-4d7"
Expires: Sun, 27 Nov 2022 03:13:00 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.go8ffs.com/nlp/html/css/global.css
85.208.118.17200 OK 1.6 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/css/global.css
IP 85.208.118.17:0
File type ASCII text, with CRLF line terminators
Hash 8311a8491b15d5e792b7258b4e9bc02f
020035a406341c16f27a1072cefeaf71fe2aec9f
1b42d73b3170f0601b0b50565e978007accecfeb197b7a1b750744d34fc0c51a
GET /nlp/html/css/global.css HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:00 GMT
Content-Type: text/css
Last-Modified: Sat, 15 Feb 2020 09:21:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5e47b816-1b88"
Expires: Sun, 27 Nov 2022 03:13:00 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9674
Expires: Sat, 26 Nov 2022 17:54:14 GMT
Date: Sat, 26 Nov 2022 15:13:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9674
Expires: Sat, 26 Nov 2022 17:54:14 GMT
Date: Sat, 26 Nov 2022 15:13:00 GMT
Connection: keep-alive
www.zgbzh.com/statics/home/js/ssb.js
45.122.136.226200 OK 2.6 kB URL HTTP/1.1 www.zgbzh.com/statics/home/js/ssb.js
IP 45.122.136.226:0
ASN #132742 Guochao Group limited
File type ASCII text, with very long lines (7027)
Hash ba3c66419257721c5fb8fda0ef5b9dcf
f644fc7d37c0199ad567695de834f92a3c6f67ff
9e2d25218bd622462db6e064b92498c197e358bab9aadecf0f617ff9a62720ea
Analyzer Verdict Alert fortinet Phishing
GET /statics/home/js/ssb.js HTTP/1.1
Host: www.zgbzh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.zgbzh.com/a/cn/page_12.html
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:13:00 GMT
Content-Type: application/javascript
Last-Modified: Mon, 14 Nov 2022 09:24:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6372093a-1b91"
Expires: Sun, 27 Nov 2022 03:13:00 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ezHvyK3va4SioabOjSittTiLQRs_Q8k4TPxkiGp_svtZ8omDPTUN-A==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 05:04:28 GMT
age: 36512
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc537c2d0-d011-4ed0-a5d4-5f5d2190c49b.webp
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc537c2d0-d011-4ed0-a5d4-5f5d2190c49b.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash abd79421a3c44a8df11ad2cc50083309
8665e5f3026f2c2b9505eb139c478f4d359851c3
3a66b00498fa1322730705b1c4502614b5a520ac3f884f494d65e27a5bb62c3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc537c2d0-d011-4ed0-a5d4-5f5d2190c49b.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4366
x-amzn-requestid: ce25f5ab-0c92-431e-ae4e-618829594a74
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVNZFjHoAMFXLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813588-6a3a8dff70e717011e3a0606;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:37:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 75AMMfa7oq0Y51YPEC_FEDOoNVc9cgfjg9bOSOXwikONPdhW7OG3uQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:48:10 GMT
age: 62690
etag: "8665e5f3026f2c2b9505eb139c478f4d359851c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 17ebe470d040a6ea8c57e9b9d4f4e828
1ac7a410cd4f3709f476c776dd5646dd982dcfa8
d65114b68fcc12344c6df7bf294718b79822fa9782d3bd54ca044b66f82052b1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15818
x-amzn-requestid: a6570859-3b03-492e-9f84-e25b01223da2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLXrUF3bIAMF8CA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381397b-379b1bcf2ac0715835e10e48;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:54:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: HgiyaodE2vJx5JL8QfOiTersSAgAwq74gtsPkpHUhnQ3In2vZ-3rbQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:33:09 GMT
etag: "1ac7a410cd4f3709f476c776dd5646dd982dcfa8"
content-type: image/jpeg
age: 59991
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f5318cc-4728-4160-afd1-9d20b79b7de9.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f5318cc-4728-4160-afd1-9d20b79b7de9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3b1c6878914466cfece680fa7cb73502
47fac81a2dd809df5c42ca1362f71d553572d2b1
6458883dfa2bdfd483e92e5f847a229508ef00ce1dbd11f49eec369d0bd3160a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f5318cc-4728-4160-afd1-9d20b79b7de9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9914
x-amzn-requestid: 4db4ed29-20b4-4ca7-8835-2463d0989d5b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVVFHQYIAMFc4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638135b9-613da006118724124e345b29;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:38:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7cJmhEGkKqLUQUMqGuYtWBeu_1nlEUAxgTMy4ABekPJYrJP95wE6Jg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:59:05 GMT
age: 62035
etag: "47fac81a2dd809df5c42ca1362f71d553572d2b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg
34.120.237.76200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a783df85f30f9c555f9df6b99f61744d
61f9bed607e81606be78285596acdc5e0e4f4994
19db42201d0fa059f680d890ede6683c04e893e6308a2256d0203f826a7f34de
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3502
x-amzn-requestid: ca3f2610-e03c-48a7-abb3-fbbab76f63d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvYUHO5IAMFqDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5ce-7e36137711dc4668278c1c94;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QS3ZKYetcm87GNwSr34eRPF2d4r8ppwf3fT19aV-u84f7ObX4bU8wQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 07:13:26 GMT
age: 28774
etag: "61f9bed607e81606be78285596acdc5e0e4f4994"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c8dc4b8a7e9f7f4f84f0da568b43392b
3d32bff85cb7ec118c4496d0c3802829fdc9af3b
4b0ffde427085c796a7a5823604b29a4af43dbb93e99ec41f34feb37f52ac7d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9049
x-amzn-requestid: 6cbd9639-c29d-4ff4-8091-3168f64f4c78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVVGHzKoAMFSuA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638135ba-100ea4235fdf1df8491041c8;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:38:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OJZkZ18TlSgdBWsmSroQPIcYIvBFvz5-7hu9_GravTcz6zqxKXHZrg==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:43:36 GMT
age: 62964
etag: "3d32bff85cb7ec118c4496d0c3802829fdc9af3b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.zgbzh.com/statics/home/js/gjd.js
45.122.136.226200 OK 1.1 kB URL HTTP/1.1 www.zgbzh.com/statics/home/js/gjd.js
IP 45.122.136.226:0
ASN #132742 Guochao Group limited
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash f0966bccbb73df7d4642085eb4fce9ea
7c0b144eafb2f055089db632487b7c9ecb0b9d62
1f9252d8149b9444bea115f9b6f750993f0108fe49d51ba4c22a8c63c5fca826
Analyzer Verdict Alert fortinet Phishing
GET /statics/home/js/gjd.js HTTP/1.1
Host: www.zgbzh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.zgbzh.com/a/cn/page_12.html
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:13:00 GMT
Content-Type: application/javascript
Last-Modified: Mon, 14 Nov 2022 09:24:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6372093a-baa"
Expires: Sun, 27 Nov 2022 03:13:00 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.go8ffs.com/nlp/html/css/style1.css
85.208.118.17200 OK 1.9 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/css/style1.css
IP 85.208.118.17:0
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 1c281d8a45982360f40b4243ceb5dad4
712ff608c770150f7063bc21577adebe1535db6a
d64b3d6dece221fd8610e461b560360d78d4e8d9458c7f3c0f03088d6e4fd5cd
GET /nlp/html/css/style1.css HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:00 GMT
Content-Type: text/css
Last-Modified: Sat, 15 Feb 2020 09:14:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5e47b688-188a"
Expires: Sun, 27 Nov 2022 03:13:00 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
www.go8ffs.com/nlp/html/css/app.css
85.208.118.17200 OK 531 B URL HTTP/1.1 www.go8ffs.com/nlp/html/css/app.css
IP 85.208.118.17:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash d19984884d458a401c17381534c74df7
4f18f14c373ec54c9e719b4df6ee20f835eb4736
9104572473f82d01a50d3633621532e3d9567d0f45d81bb6a29b61540055ccb0
GET /nlp/html/css/app.css HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:00 GMT
Content-Type: text/css
Last-Modified: Mon, 09 Dec 2019 10:22:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5dee2050-61c"
Expires: Sun, 27 Nov 2022 03:13:00 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
www.go8ffs.com/nlp/html/js/xSlider.js
85.208.118.17200 OK 4.8 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/js/xSlider.js
IP 85.208.118.17:0
File type HTML document, Unicode text, UTF-8 (with BOM) text
Hash ac986046071f223f32ef0b57c5e83372
9ad8b6b8851448c876396b74fb2414beb217ed6c
ba5a0c25b65512451e4a8132d8f85e6cf40128d7f744b7aab3deddc46295b02b
GET /nlp/html/js/xSlider.js HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:00 GMT
Content-Type: application/javascript
Content-Length: 4760
Last-Modified: Mon, 09 Dec 2019 10:22:08 GMT
Connection: keep-alive
ETag: "5dee2050-1298"
Expires: Sun, 27 Nov 2022 03:13:00 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/js/jquery.la.min.js
85.208.118.17200 OK 632 B URL HTTP/1.1 www.go8ffs.com/nlp/html/js/jquery.la.min.js
IP 85.208.118.17:0
File type HTML document, ASCII text, with very long lines (555), with CRLF line terminators
Hash 8a8bfecd8df26e4c6d013512afdaebad
4996b9f9dd54e3925bd520cc16ac27747a2980aa
6beaf3b08041f5f85deea786e2d40c4bce08a6a4d31428f6d326c927078e505e
GET /nlp/html/js/jquery.la.min.js HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:00 GMT
Content-Type: application/javascript
Content-Length: 632
Last-Modified: Fri, 04 Feb 2022 06:48:20 GMT
Connection: keep-alive
ETag: "61fccc34-278"
Expires: Sun, 27 Nov 2022 03:13:00 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/js/shoucang.js
85.208.118.17200 OK 5.4 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/js/shoucang.js
IP 85.208.118.17:0
File type HTML document, ISO-8859 text, with CRLF line terminators
Hash f6c62d3a18f942ddf065e609d6ebfd20
d37794a201186252a39b04375a80311e11b1028c
9ad0ed616194a69f6604c0dea9c80f7e3097bec72d110189bb3627a6837569dd
GET /nlp/html/js/shoucang.js HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:00 GMT
Content-Type: application/javascript
Content-Length: 5365
Last-Modified: Mon, 09 Dec 2019 10:22:08 GMT
Connection: keep-alive
ETag: "5dee2050-14f5"
Expires: Sun, 27 Nov 2022 03:13:00 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.zgbzh.com/statics/home/css/lig.css
45.122.136.226200 OK 3.4 kB URL HTTP/1.1 www.zgbzh.com/statics/home/css/lig.css
IP 45.122.136.226:0
ASN #132742 Guochao Group limited
Hash e864ae531266407956fae0470917341a
e2547f43a3e915e8e8eaa389dca7c3513f8ce6fe
60714d5519521b5d674c02d4ef6b54adfcb128b79dfc1539ae927ff172f43a8e
GET /statics/home/css/lig.css HTTP/1.1
Host: www.zgbzh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.zgbzh.com/a/cn/page_12.html
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:13:00 GMT
Content-Type: text/css
Last-Modified: Mon, 14 Nov 2022 09:24:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63720937-3a67"
Expires: Sun, 27 Nov 2022 03:13:00 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.zgbzh.com/statics/home/css/cssreset.css
45.122.136.226200 OK 1.3 kB URL HTTP/1.1 www.zgbzh.com/statics/home/css/cssreset.css
IP 45.122.136.226:0
ASN #132742 Guochao Group limited
Hash cab427459d50612f2e2bc079bd779483
349d695fad644b537e51565c82140526b66b38ec
f02f2f8a989050890b9e1d1dbf80e03abca00104ea52a482d2415b58a6ae370e
GET /statics/home/css/cssreset.css HTTP/1.1
Host: www.zgbzh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.zgbzh.com/statics/home/css/jwg.css
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:13:00 GMT
Content-Type: text/css
Last-Modified: Mon, 14 Nov 2022 09:24:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63720938-c66"
Expires: Sun, 27 Nov 2022 03:13:00 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 99ee12a9647cb620357454b8822518f6
e883686f093a5ac9847ffaebf87b708e9561613d
72128be1d1872f5264843ad67f74720f16378d67b9092994e3d94a850aea6ebd
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:13:01 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Wed, 30 Nov 2022 10:59:36 GMT
ETag: "e883686f093a5ac9847ffaebf87b708e9561613d"
Last-Modified: Sat, 26 Nov 2022 10:59:37 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2581
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770390cf9eb9b4f1-OSL
www.zgbzh.com/statics/home/js/zgk.js
45.122.136.226200 OK 5.5 kB URL HTTP/1.1 www.zgbzh.com/statics/home/js/zgk.js
IP 45.122.136.226:0
ASN #132742 Guochao Group limited
File type ASCII text, with very long lines (11620)
Hash f15215f46f72f2800eec1f653540e75a
f9da45a1ee0a2376cf13d2d202b64d90047b96a3
fcc12ba167e213ad47404c57220de0020adf0d84615e99f7d1789fff10ab6a88
Analyzer Verdict Alert fortinet Phishing
GET /statics/home/js/zgk.js HTTP/1.1
Host: www.zgbzh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.zgbzh.com/a/cn/page_12.html
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:13:01 GMT
Content-Type: application/javascript
Last-Modified: Mon, 14 Nov 2022 09:24:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63720939-2e1f"
Expires: Sun, 27 Nov 2022 03:13:01 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.go8ffs.com/nlp/html/images/mx4.jpg
85.208.118.17200 OK 63 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/mx4.jpg
IP 85.208.118.17:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1020x95, components 3\012- data
Hash bd1ccf53feb63803f829f1196a0278e7
994b943cc52a5421defb8e2638e6dd2ca7fd83aa
c8a099ad4e7c20b9da973ae94f3e1f89126378cefe8e69d4f3a9303a653052e6
GET /nlp/html/images/mx4.jpg HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:01 GMT
Content-Type: image/jpeg
Content-Length: 62760
Last-Modified: Mon, 09 Dec 2019 10:22:08 GMT
Connection: keep-alive
ETag: "5dee2050-f528"
Expires: Mon, 26 Dec 2022 15:13:01 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
hm.baidu.com/hm.js?f83ac9c714d97f9c5568c1ef26ca9c6b
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?f83ac9c714d97f9c5568c1ef26ca9c6b
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (621)
Hash 1c746ab90d527198243d3a6ffa12d119
a3a925b02bf2b0b0da6b301a0336d3b963c60e67
fa5ba1b1ba36d5aa6bf5a04c94f0d92c14d9a3e1bd480643d491108c50db1078
GET /hm.js?f83ac9c714d97f9c5568c1ef26ca9c6b HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.zgbzh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11259
Content-Type: application/javascript
Date: Sat, 26 Nov 2022 15:13:00 GMT
Etag: e9f330724a9f8cad5797489b29de00ac
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=E3D147C4444E4887; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?0b522056fa9ded0b7ae7beae7435129e
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?0b522056fa9ded0b7ae7beae7435129e
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash fe006741614156d4d10deba983d83fd0
1b61ed75669725a5402699c420d02d05bf051fce
ce45f5c1ca20d1953c6b28d934cf2d1787f887e05aca1a4ed34aa28b1defd4ee
GET /hm.js?0b522056fa9ded0b7ae7beae7435129e HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.zgbzh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Sat, 26 Nov 2022 15:13:00 GMT
Etag: 09ad5b0a099a02f973cef81586c92dd3
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=A5C35A70278D946E; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
sdk.51.la/js-sdk-pro.min.js
47.253.50.2200 OK 13 kB URL HTTP/1.1 sdk.51.la/js-sdk-pro.min.js
IP 47.253.50.2:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type Unicode text, UTF-8 text, with very long lines (34110)
Hash 29243483fe441404931c046d27be80a6
92a0c68b0169eff0addb8cc05a53f6e009d41d47
4865f22b0a68c6a0a6c2d3cbedb9a190ffbea105c4f1e2a5806172919456f3b1
GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 26 Nov 2022 15:13:01 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Fri, 15 Jul 2022 04:05:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"62d0e7a4-861a"
Cache-Control: max-age=1296000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
www.go8ffs.com/nlp/html/images/ay1.gif
85.208.118.17200 OK 168 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/ay1.gif
IP 85.208.118.17:0
File type GIF image data, version 89a, 1020 x 70\012- data
Size 168 kB (168357 bytes)
Hash 317efd40aea16414912ef7b3a796e8fb
001d7645d8f094607be78bb6cbae30b9554610ed
8be50c4d8951f8e27d1a914203b90dabfd4fc5f808c5731d8faf14d22fb6235d
GET /nlp/html/images/ay1.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:01 GMT
Content-Type: image/gif
Content-Length: 168357
Last-Modified: Mon, 12 Apr 2021 06:02:12 GMT
Connection: keep-alive
ETag: "6073e264-291a5"
Expires: Mon, 26 Dec 2022 15:13:01 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/logo.png
85.208.118.17200 OK 39 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/logo.png
IP 85.208.118.17:0
File type PNG image data, 320 x 88, 8-bit/color RGBA, non-interlaced\012- data
Hash 844a297f3e5a9f7c9637f3027fc353fe
8bf23977d6dedbd995e844af1b9e6323496987d8
b0b4f3f1bc192b70008213d53ee6603a4199e9cfc2f1637c6d3cb12c89970703
GET /nlp/html/images/logo.png HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:01 GMT
Content-Type: image/png
Content-Length: 38610
Last-Modified: Mon, 09 Dec 2019 10:22:08 GMT
Connection: keep-alive
ETag: "5dee2050-96d2"
Expires: Mon, 26 Dec 2022 15:13:01 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/tycjt1.gif
85.208.118.17200 OK 204 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/tycjt1.gif
IP 85.208.118.17:0
File type GIF image data, version 89a, 1020 x 70\012- data
Size 204 kB (203635 bytes)
Hash de83368a21ce4654207a1441cbb451f7
463fb19a4acdbc6488a53ddf4d5462537474c0cf
0ab902da706f52e2a68fe955edef879f196cd045c95be9155c54867ed013c777
GET /nlp/html/images/tycjt1.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:01 GMT
Content-Type: image/gif
Content-Length: 203635
Last-Modified: Mon, 07 Mar 2022 11:42:46 GMT
Connection: keep-alive
ETag: "6225efb6-31b73"
Expires: Mon, 26 Dec 2022 15:13:01 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.zgbzh.com/statics/home/images/logo.png
45.122.136.226200 OK 15 kB URL HTTP/1.1 www.zgbzh.com/statics/home/images/logo.png
IP 45.122.136.226:0
ASN #132742 Guochao Group limited
File type PNG image data, 450 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 7af9ba8d239571d3caebdc4094a8a06b
3c151a4bc5565c53d50982e02ecb83e8cf65b765
80beb2df8c9c07ca1316dddd0fdf6ba56bb6a692d3188c6322c3eced3f6b098a
GET /statics/home/images/logo.png HTTP/1.1
Host: www.zgbzh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.zgbzh.com/a/cn/page_12.html
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:13:01 GMT
Content-Type: image/png
Content-Length: 14709
Last-Modified: Mon, 14 Nov 2022 09:24:10 GMT
Connection: keep-alive
ETag: "6372093a-3975"
Expires: Mon, 26 Dec 2022 15:13:01 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/bob1.gif
85.208.118.17200 OK 356 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/bob1.gif
IP 85.208.118.17:0
File type GIF image data, version 89a, 1020 x 85\012- data
Size 356 kB (355798 bytes)
Hash 7efc6c4cf3550462ea743cf108b64750
8f327ebea4bcc4868966878f3c903a05cd904c96
5d273c3267385f2d96283e7ba2c696af3ff61622ebe701aba1d4ba8bf64fb027
GET /nlp/html/images/bob1.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:01 GMT
Content-Type: image/gif
Content-Length: 355798
Last-Modified: Wed, 29 Apr 2020 06:08:26 GMT
Connection: keep-alive
ETag: "5ea919da-56dd6"
Expires: Mon, 26 Dec 2022 15:13:01 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.zgbzh.com/statics/home/images/img-02.png
45.122.136.226200 OK 1.3 kB URL HTTP/1.1 www.zgbzh.com/statics/home/images/img-02.png
IP 45.122.136.226:0
ASN #132742 Guochao Group limited
File type PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced\012- data
Hash 4990b1ed9102a99dd6f4de9282d4d06c
1c7216efbaa4475921dede8aa3812a7bf84a2e67
6eb55f1e0074cfe56fb6ef031a4376f1e30ee7a2227070a24e49760d19979cc7
GET /statics/home/images/img-02.png HTTP/1.1
Host: www.zgbzh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.zgbzh.com/statics/home/css/lig.css
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:13:01 GMT
Content-Type: image/png
Content-Length: 1269
Last-Modified: Wed, 16 Nov 2022 03:01:06 GMT
Connection: keep-alive
ETag: "63745272-4f5"
Expires: Mon, 26 Dec 2022 15:13:01 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/jinsha1.gif
85.208.118.17200 OK 275 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/jinsha1.gif
IP 85.208.118.17:0
File type GIF image data, version 89a, 1020 x 70\012- data
Size 275 kB (275240 bytes)
Hash 8d78b68fbe5b6212d7975c89ac1bfe0e
d3124003c22985891964e6881f59cc8f4a97d8e4
ebcc12f6f8b6ad20d0712823d8750bd877598ed948da5cb4eaaba5a30bfb49e0
GET /nlp/html/images/jinsha1.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:01 GMT
Content-Type: image/gif
Content-Length: 275240
Last-Modified: Wed, 29 Apr 2020 06:08:28 GMT
Connection: keep-alive
ETag: "5ea919dc-43328"
Expires: Mon, 26 Dec 2022 15:13:01 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/yabo1.gif
85.208.118.17200 OK 301 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/yabo1.gif
IP 85.208.118.17:0
File type GIF image data, version 89a, 1000 x 100\012- data
Size 301 kB (301227 bytes)
Hash 7c1f1fba6fdcd0d5fbd43be8c89f940b
8d22c2d441aa5cf8bd6366205b56a83eb6677e5e
81bc5064ee4a6f424b83a9b7255f7270aaecde4d7392d1dee828be768aa62346
GET /nlp/html/images/yabo1.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:01 GMT
Content-Type: image/gif
Content-Length: 301227
Last-Modified: Mon, 03 Jan 2022 07:20:30 GMT
Connection: keep-alive
ETag: "61d2a3be-498ab"
Expires: Mon, 26 Dec 2022 15:13:01 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/bob66.png
85.208.118.17200 OK 12 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/bob66.png
IP 85.208.118.17:0
File type PNG image data, 422 x 144, 8-bit/color RGBA, non-interlaced\012- data
Hash 703f8c6c46b4d39096ccadde4cc98d02
c8a612d808834494b29f2b55be058d8cab43264e
80582d7d90fba4c39e14b49e0159c722fe937d807aad524a946ac336e7631598
GET /nlp/html/images/bob66.png HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:01 GMT
Content-Type: image/png
Content-Length: 11733
Last-Modified: Fri, 27 Dec 2019 09:14:24 GMT
Connection: keep-alive
ETag: "5e05cb70-2dd5"
Expires: Mon, 26 Dec 2022 15:13:01 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=711861040&si=f83ac9c714d97f9c5568c1ef26ca9c6b&v=1.3.0&lv=1&sn=36992&r=0&ww=1280&u=http%3A%2F%2Fwww.zgbzh.com%2Fa%2Fcn%2Fpage_12.html&tt=%E7%88%B1%E6%B8%B8%E6%88%8F%E7%94%B5%E7%AB%9E%E6%B3%A8%E5%86%8C-%E7%88%B1%E6%B8%B8%E6%88%8F%E7%94%B5%E7%AB%9E%E6%B3%A8%E5%86%8C
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=711861040&si=f83ac9c714d97f9c5568c1ef26ca9c6b&v=1.3.0&lv=1&sn=36992&r=0&ww=1280&u=http%3A%2F%2Fwww.zgbzh.com%2Fa%2Fcn%2Fpage_12.html&tt=%E7%88%B1%E6%B8%B8%E6%88%8F%E7%94%B5%E7%AB%9E%E6%B3%A8%E5%86%8C-%E7%88%B1%E6%B8%B8%E6%88%8F%E7%94%B5%E7%AB%9E%E6%B3%A8%E5%86%8C
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=711861040&si=f83ac9c714d97f9c5568c1ef26ca9c6b&v=1.3.0&lv=1&sn=36992&r=0&ww=1280&u=http%3A%2F%2Fwww.zgbzh.com%2Fa%2Fcn%2Fpage_12.html&tt=%E7%88%B1%E6%B8%B8%E6%88%8F%E7%94%B5%E7%AB%9E%E6%B3%A8%E5%86%8C-%E7%88%B1%E6%B8%B8%E6%88%8F%E7%94%B5%E7%AB%9E%E6%B3%A8%E5%86%8C HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.zgbzh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 26 Nov 2022 15:13:01 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=4107A2EABCD2F696; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=500735913&si=0b522056fa9ded0b7ae7beae7435129e&v=1.3.0&lv=1&sn=36992&r=0&ww=1280&u=http%3A%2F%2Fwww.zgbzh.com%2Fa%2Fcn%2Fpage_12.html&tt=%E7%88%B1%E6%B8%B8%E6%88%8F%E7%94%B5%E7%AB%9E%E6%B3%A8%E5%86%8C-%E7%88%B1%E6%B8%B8%E6%88%8F%E7%94%B5%E7%AB%9E%E6%B3%A8%E5%86%8C
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=500735913&si=0b522056fa9ded0b7ae7beae7435129e&v=1.3.0&lv=1&sn=36992&r=0&ww=1280&u=http%3A%2F%2Fwww.zgbzh.com%2Fa%2Fcn%2Fpage_12.html&tt=%E7%88%B1%E6%B8%B8%E6%88%8F%E7%94%B5%E7%AB%9E%E6%B3%A8%E5%86%8C-%E7%88%B1%E6%B8%B8%E6%88%8F%E7%94%B5%E7%AB%9E%E6%B3%A8%E5%86%8C
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=500735913&si=0b522056fa9ded0b7ae7beae7435129e&v=1.3.0&lv=1&sn=36992&r=0&ww=1280&u=http%3A%2F%2Fwww.zgbzh.com%2Fa%2Fcn%2Fpage_12.html&tt=%E7%88%B1%E6%B8%B8%E6%88%8F%E7%94%B5%E7%AB%9E%E6%B3%A8%E5%86%8C-%E7%88%B1%E6%B8%B8%E6%88%8F%E7%94%B5%E7%AB%9E%E6%B3%A8%E5%86%8C HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.zgbzh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 26 Nov 2022 15:13:01 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=39936822F68AA74A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
www.go8ffs.com/nlp/html/images/315tyc0.gif
85.208.118.17200 OK 204 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/315tyc0.gif
IP 85.208.118.17:0
File type GIF image data, version 89a, 1020 x 255\012- data
Size 204 kB (203489 bytes)
Hash b7094080de97390fd0e9f07806e7bf93
42f37766367a3b86a7aa0239506c0434aa15b06e
e47ea417f49f65c9a2fde6f4701f06fae16985e28231cb63ceebbaea1ac27753
GET /nlp/html/images/315tyc0.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:01 GMT
Content-Type: image/gif
Content-Length: 203489
Last-Modified: Wed, 29 Apr 2020 13:15:20 GMT
Connection: keep-alive
ETag: "5ea97de8-31ae1"
Expires: Mon, 26 Dec 2022 15:13:01 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/obm.gif
85.208.118.17200 OK 38 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/obm.gif
IP 85.208.118.17:0
File type GIF image data, version 89a, 335 x 185\012- data
Hash 22542b9bd33c17660ce0985855e29e10
3f11eb910f1d94448cee830f92f6fa7dbca91cae
31abc2e6290e1c372052b085dc670c4a9cac8d02bcdeb72629181f5d20bd5ea8
GET /nlp/html/images/obm.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:01 GMT
Content-Type: image/gif
Content-Length: 37915
Last-Modified: Wed, 07 Apr 2021 07:58:54 GMT
Connection: keep-alive
ETag: "606d663e-941b"
Expires: Mon, 26 Dec 2022 15:13:01 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/hhm.gif
85.208.118.17200 OK 37 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/hhm.gif
IP 85.208.118.17:0
File type GIF image data, version 89a, 335 x 185\012- data
Hash 52011f0bb09cc250d2aa15226567bb99
aa620b7dfbd788949df290034711908a61e1a8fa
a72e274028f4e4c98aa582cfb8add8e461870ead3096c7c2473243f5fcbc33ef
GET /nlp/html/images/hhm.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:01 GMT
Content-Type: image/gif
Content-Length: 36844
Last-Modified: Wed, 14 Apr 2021 08:11:28 GMT
Connection: keep-alive
ETag: "6076a3b0-8fec"
Expires: Mon, 26 Dec 2022 15:13:01 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/ob66.png
85.208.118.17200 OK 9.9 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/ob66.png
IP 85.208.118.17:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, progressive, precision 8, 420x145, components 3\012- data
Hash 689ffa11f2db4397d03dc5e9057e3d6b
0ca16ec3b71d00035300ea8ae67245cbd3ac543c
23ac9f1510913bb7e73765bb9114b7578eed8a5160431bfc14f13e7217859a7c
GET /nlp/html/images/ob66.png HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:01 GMT
Content-Type: image/png
Content-Length: 9907
Last-Modified: Thu, 01 Jul 2021 00:04:06 GMT
Connection: keep-alive
ETag: "60dd0676-26b3"
Expires: Mon, 26 Dec 2022 15:13:01 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/hh66.png
85.208.118.17200 OK 43 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/hh66.png
IP 85.208.118.17:0
File type PNG image data, 420 x 145, 8-bit/color RGB, non-interlaced\012- data
Hash 8bc94f16a216b9e02115c527636a02ec
77bfe082f63c01466de75a6e0161935012dfa116
df03cc76624df9d7da60edc249938f16142f190a94f3364d316731f541ec70f4
GET /nlp/html/images/hh66.png HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:01 GMT
Content-Type: image/png
Content-Length: 43080
Last-Modified: Sun, 18 Apr 2021 19:33:52 GMT
Connection: keep-alive
ETag: "607c89a0-a848"
Expires: Mon, 26 Dec 2022 15:13:01 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/ay66.png
85.208.118.17200 OK 41 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/ay66.png
IP 85.208.118.17:0
File type PNG image data, 420 x 145, 8-bit/color RGB, non-interlaced\012- data
Hash 99b44476f8fb3d824b7a1fa0db227f90
d38fdc047da93bfc9209a1efbe136ff297aec628
8f444c7f43d06f36f3590e70fdc8d86814d3b65bc99399aeef4d190a257bba2d
GET /nlp/html/images/ay66.png HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:02 GMT
Content-Type: image/png
Content-Length: 41212
Last-Modified: Sun, 18 Apr 2021 19:34:40 GMT
Connection: keep-alive
ETag: "607c89d0-a0fc"
Expires: Mon, 26 Dec 2022 15:13:02 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/aym.gif
85.208.118.17200 OK 172 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/aym.gif
IP 85.208.118.17:0
File type GIF image data, version 89a, 335 x 185\012- data
Size 172 kB (172480 bytes)
Hash 5136f9dcd7f4b24a29c2b113af42d96a
46a61b970169a7e8fd5fb32dffd74c2ff0a10c46
d5a00a63e2c3c344fd3e8aca43e5f3107cd627863fa47f2e2485afb2b217193b
GET /nlp/html/images/aym.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:02 GMT
Content-Type: image/gif
Content-Length: 172480
Last-Modified: Mon, 12 Apr 2021 04:58:08 GMT
Connection: keep-alive
ETag: "6073d360-2a1c0"
Expires: Mon, 26 Dec 2022 15:13:02 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/bobm.gif
85.208.118.17200 OK 336 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/bobm.gif
IP 85.208.118.17:0
File type GIF image data, version 89a, 335 x 185\012- data
Size 336 kB (335675 bytes)
Hash 35c68e7c242d17d7ada7e8109ad24f0a
27df36ff7dd2b17fee70cee1fd988c69a12cf27e
6082c920c9a036667c67b32eb2414bbb31b4a0fb70b10ebacb9cfb4001065e27
GET /nlp/html/images/bobm.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:01 GMT
Content-Type: image/gif
Content-Length: 335675
Last-Modified: Wed, 29 Apr 2020 06:08:26 GMT
Connection: keep-alive
ETag: "5ea919da-51f3b"
Expires: Mon, 26 Dec 2022 15:13:01 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/yabo66.png
85.208.118.17200 OK 16 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/yabo66.png
IP 85.208.118.17:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 420x145, components 3\012- data
Hash d9f881dc84bfd7b67edcc941cd79faaf
87ac18b68e41fded80f28fdca2810784af167432
85e0a7b088a01d5f537e34dc76236c968a81b1b627f866b56e3cd3b5731d60e3
GET /nlp/html/images/yabo66.png HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:02 GMT
Content-Type: image/png
Content-Length: 16271
Last-Modified: Fri, 30 Oct 2020 06:23:22 GMT
Connection: keep-alive
ETag: "5f9bb15a-3f8f"
Expires: Mon, 26 Dec 2022 15:13:02 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/tbm.gif
85.208.118.17200 OK 48 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/tbm.gif
IP 85.208.118.17:0
File type GIF image data, version 89a, 335 x 185\012- data
Hash 92b0b93b348a401f5f9c48b569b0023c
cd4c74bc891825920c2d3a1c3b83dee403bb331b
96582f2b81a10bd6a52bab63b8cd5350b499a94e5de7e0e7789a6b73ce4aab54
GET /nlp/html/images/tbm.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:02 GMT
Content-Type: image/gif
Content-Length: 48121
Last-Modified: Sun, 09 Aug 2020 17:27:08 GMT
Connection: keep-alive
ETag: "5f3031ec-bbf9"
Expires: Mon, 26 Dec 2022 15:13:02 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/tb66.png
85.208.118.17200 OK 13 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/tb66.png
IP 85.208.118.17:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 420x145, components 3\012- data
Hash 389de8b12a7dc9d1bb8182a7b82f40ef
cbf940a9e524facb25b9295bfa42a9ab1d7f722d
458df63c82dba79d21a0b371a8a922973bef1e498309142451ae018da3b314b1
GET /nlp/html/images/tb66.png HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:02 GMT
Content-Type: image/png
Content-Length: 13335
Last-Modified: Fri, 30 Oct 2020 06:23:32 GMT
Connection: keep-alive
ETag: "5f9bb164-3417"
Expires: Mon, 26 Dec 2022 15:13:02 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/yl1.gif
85.208.118.17200 OK 93 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/yl1.gif
IP 85.208.118.17:0
File type GIF image data, version 89a, 1020 x 85\012- data
Hash ec8ac7a8dd9610b594e21a63b42efec6
cf0aa061e01a5f1276e66ef291a44ae5c3e7aa06
601d48923ede2ba20e3d03c9ec7e4cf7195b735924c5b653d1b735bf3f62332a
GET /nlp/html/images/yl1.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:02 GMT
Content-Type: image/gif
Content-Length: 92802
Last-Modified: Sat, 06 Mar 2021 10:55:06 GMT
Connection: keep-alive
ETag: "60435f8a-16a82"
Expires: Mon, 26 Dec 2022 15:13:02 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/hh1.gif
85.208.118.17200 OK 40 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/hh1.gif
IP 85.208.118.17:0
File type GIF image data, version 89a, 1020 x 70\012- data
Hash af1846692b1b7bebd5d62e845ce0c720
071c6d464fa016880952bac08853aabdab1ae6e2
e9f87192d6170241bed520bb3313426b696640933264e8289b217fdd0140b239
GET /nlp/html/images/hh1.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:02 GMT
Content-Type: image/gif
Content-Length: 39682
Last-Modified: Wed, 14 Apr 2021 08:16:54 GMT
Connection: keep-alive
ETag: "6076a4f6-9b02"
Expires: Mon, 26 Dec 2022 15:13:02 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/yabodjm.gif
85.208.118.17200 OK 483 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/yabodjm.gif
IP 85.208.118.17:0
File type GIF image data, version 89a, 335 x 185\012- data
Size 483 kB (482963 bytes)
Hash 19a770d267abbae92fd758fdb6e26023
d46954faf3bc3a56f09786a0d4f48dec35b87754
5e869ce1bc6348282f0af4ce5c3cb4664064941eec483a4f61b5a162f8fb7bc9
GET /nlp/html/images/yabodjm.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:02 GMT
Content-Type: image/gif
Content-Length: 482963
Last-Modified: Wed, 29 Apr 2020 06:08:34 GMT
Connection: keep-alive
ETag: "5ea919e2-75e93"
Expires: Mon, 26 Dec 2022 15:13:02 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/ob1.gif
85.208.118.17200 OK 45 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/ob1.gif
IP 85.208.118.17:0
File type GIF image data, version 89a, 1020 x 70\012- data
Hash dad1fdc00b084a1e29440eb5f56b7fd2
6b1cb925aea096b480b4368ab49424f6c6832290
84324dbd4cf418b502c9a494fd28bfe0af8802b62d12144ee2a9123717bec103
GET /nlp/html/images/ob1.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:02 GMT
Content-Type: image/gif
Content-Length: 45445
Last-Modified: Wed, 07 Apr 2021 07:59:08 GMT
Connection: keep-alive
ETag: "606d664c-b185"
Expires: Mon, 26 Dec 2022 15:13:02 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/kok1.gif
85.208.118.17200 OK 293 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/kok1.gif
IP 85.208.118.17:0
File type GIF image data, version 89a, 1020 x 85\012- data
Size 293 kB (293334 bytes)
Hash 008af843b07e36d190fd9c13208b1198
571e18d2093dd1ff506e3499b28ad393f5357368
74cb82dbd82af41d5896646b3f848a6667b2883696b29481443dda9ac4192dea
GET /nlp/html/images/kok1.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:02 GMT
Content-Type: image/gif
Content-Length: 293334
Last-Modified: Mon, 04 Jan 2021 08:36:36 GMT
Connection: keep-alive
ETag: "5ff2d394-479d6"
Expires: Mon, 26 Dec 2022 15:13:02 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/tb1.gif
85.208.118.17200 OK 32 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/tb1.gif
IP 85.208.118.17:0
File type GIF image data, version 89a, 1020 x 85\012- data
Hash fb7303495a9f7cae06d46cd737e3f515
c7d432541253742026a855e2a8e22586e36e08c5
4b2465709e6dfd8f34129c78819c14e9aa4a35a2d152d7d28d3055ea41195cac
GET /nlp/html/images/tb1.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:02 GMT
Content-Type: image/gif
Content-Length: 31794
Last-Modified: Sun, 09 Aug 2020 17:27:08 GMT
Connection: keep-alive
ETag: "5f3031ec-7c32"
Expires: Mon, 26 Dec 2022 15:13:02 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/315tyc1.gif
85.208.118.17200 OK 272 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/315tyc1.gif
IP 85.208.118.17:0
File type GIF image data, version 89a, 1020 x 85\012- data
Size 272 kB (272091 bytes)
Hash aca01c6c4d59c00a25aa9133e80b398a
819d373db065f988f66d1d7ed1805668efc94838
5a09a0bd37d494fb3c825f0e253c3ade27859e5cadb6f2eaca5278bcd929c68d
GET /nlp/html/images/315tyc1.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:02 GMT
Content-Type: image/gif
Content-Length: 272091
Last-Modified: Sat, 06 Mar 2021 10:44:44 GMT
Connection: keep-alive
ETag: "60435d1c-426db"
Expires: Mon, 26 Dec 2022 15:13:02 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/fimg.jpg
85.208.118.17200 OK 57 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/fimg.jpg
IP 85.208.118.17:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1020x80, components 3\012- data
Hash d7482bc54b977407ba2a5599a0e5adb3
ed8da2d34e50c8bf733f5d13968f7164f32744b9
b677661b107682a2c4c381a13550bcdcf86f2a8d04f14febd7188deba8c0b252
GET /nlp/html/images/fimg.jpg HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/html/css/global.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:02 GMT
Content-Type: image/jpeg
Content-Length: 57429
Last-Modified: Mon, 09 Dec 2019 10:22:08 GMT
Connection: keep-alive
ETag: "5dee2050-e055"
Expires: Mon, 26 Dec 2022 15:13:02 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/footer.jpg
85.208.118.17200 OK 22 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/footer.jpg
IP 85.208.118.17:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4], baseline, precision 8, 501x114, components 3\012- data
Hash 1b226fdfac594e7b8473f48ddfa969f2
e7b4c743bfbf85c34624352d16ef06d9e60cd539
f48c85bed24a188afdefef08c681618b663778195972782cf6e72dda06b0ba6c
GET /nlp/html/images/footer.jpg HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:02 GMT
Content-Type: image/jpeg
Content-Length: 22342
Last-Modified: Mon, 30 Dec 2019 06:33:46 GMT
Connection: keep-alive
ETag: "5e099a4a-5746"
Expires: Mon, 26 Dec 2022 15:13:02 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/bet3651.gif
85.208.118.17200 OK 219 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/bet3651.gif
IP 85.208.118.17:0
File type GIF image data, version 89a, 1020 x 70\012- data
Size 219 kB (218843 bytes)
Hash c7780b56e5417ac5ae107ceeed79ec0b
7753cf45bb4a204dc40ba71e5aa04263e0ee1275
e4063ed845265a33c28cf4d756ba16bb03bfb86508a6993eff3d1c481e2f45ca
GET /nlp/html/images/bet3651.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:02 GMT
Content-Type: image/gif
Content-Length: 218843
Last-Modified: Wed, 29 Apr 2020 06:08:24 GMT
Connection: keep-alive
ETag: "5ea919d8-356db"
Expires: Mon, 26 Dec 2022 15:13:02 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/img99.jpg
85.208.118.17200 OK 4.7 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/img99.jpg
IP 85.208.118.17:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 160x73, components 3\012- data
Hash 6c48d1b9433e82ae9454632a06f5cbf5
21914adfc8da2aa3c21fa9a787d761df06639b46
57e21b4e617ed4b771fd7d0dd011af8ed8c6331c8f91ec826e070ad0cf839752
GET /nlp/html/images/img99.jpg HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:02 GMT
Content-Type: image/jpeg
Content-Length: 4709
Last-Modified: Mon, 09 Dec 2019 10:22:08 GMT
Connection: keep-alive
ETag: "5dee2050-1265"
Expires: Mon, 26 Dec 2022 15:13:02 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/img88.jpg
85.208.118.17200 OK 7.6 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/img88.jpg
IP 85.208.118.17:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 357x35, components 3\012- data
Hash ca6f9c9ef342dbbed0778a0bee1c906f
a90e8cee96fd6293e68e6fd06f8e832d04f04fbe
f69070142d07a750add0c593bc699646b3f4dec6d85d4f88ac6d969ee916158c
GET /nlp/html/images/img88.jpg HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:02 GMT
Content-Type: image/jpeg
Content-Length: 7602
Last-Modified: Mon, 09 Dec 2019 10:22:08 GMT
Connection: keep-alive
ETag: "5dee2050-1db2"
Expires: Mon, 26 Dec 2022 15:13:02 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/yabo88.gif
85.208.118.17200 OK 117 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/yabo88.gif
IP 85.208.118.17:0
File type GIF image data, version 89a, 128 x 526\012- data
Size 117 kB (117075 bytes)
Hash 7ead899c7a9e0cab9f4878b7e7ccecda
c04e01ea153c040ec0fa2b53b59391195f6c5866
36889b58d9d6f13e51ccc0f396035860a5cd04d1a179ccf91db7fbb9f3801962
GET /nlp/html/images/yabo88.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:02 GMT
Content-Type: image/gif
Content-Length: 117075
Last-Modified: Tue, 04 May 2021 05:02:06 GMT
Connection: keep-alive
ETag: "6090d54e-1c953"
Expires: Mon, 26 Dec 2022 15:13:02 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/yabo99.gif
85.208.118.17200 OK 120 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/yabo99.gif
IP 85.208.118.17:0
File type GIF image data, version 89a, 128 x 526\012- data
Size 120 kB (119975 bytes)
Hash 6939088f0c4dc000a363afa06a6e2ae9
ccb5ae50ee46b53903b1d876966cca067060566b
e18171a811e9db037dffcda1b45a081e0a603f24f08cc2abdf11add55d6bbe12
GET /nlp/html/images/yabo99.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:02 GMT
Content-Type: image/gif
Content-Length: 119975
Last-Modified: Tue, 04 May 2021 05:14:56 GMT
Connection: keep-alive
ETag: "6090d850-1d4a7"
Expires: Mon, 26 Dec 2022 15:13:02 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
collect-v6.51.la/v6/collect?dt=4
103.143.19.103200 0 B URL HTTP/1.1 collect-v6.51.la/v6/collect?dt=4
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 268
Origin: https://www.go8ffs.com
Connection: keep-alive
Referer: https://www.go8ffs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: CloudWAF
Date: Sat, 26 Nov 2022 15:13:02 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=82e231511a76bb74d89; path=/
HWWAFSESTIME=1669475582460; path=/
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: https://www.go8ffs.com
Access-Control-Allow-Credentials: true
www.zgbzh.com/favicon.ico
45.122.136.226200 OK 4.3 kB URL HTTP/1.1 www.zgbzh.com/favicon.ico
IP 45.122.136.226:0
ASN #132742 Guochao Group limited
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Hash 844b4fa1c92156fc476e8d112d9efa2e
93f914912819452bc7ba9052e416bfc4a0d169eb
d6c190500a6523876ecadbb09dc045899f1e8e95639c50f842ebe9124d7cf4e4
GET /favicon.ico HTTP/1.1
Host: www.zgbzh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.zgbzh.com/a/cn/page_12.html
Cookie: Hm_lvt_f83ac9c714d97f9c5568c1ef26ca9c6b=1669475582; Hm_lpvt_f83ac9c714d97f9c5568c1ef26ca9c6b=1669475582; Hm_lvt_0b522056fa9ded0b7ae7beae7435129e=1669475582; Hm_lpvt_0b522056fa9ded0b7ae7beae7435129e=1669475582
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:13:03 GMT
Content-Type: image/x-icon
Content-Length: 4286
Last-Modified: Mon, 14 Nov 2022 05:13:08 GMT
Connection: keep-alive
ETag: "6371ce64-10be"
Accept-Ranges: bytes
www.zgbzh.com/
45.122.136.226200 OK 7.9 kB IP 45.122.136.226:0
ASN #132742 Guochao Group limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (325), with CRLF, LF line terminators
Hash 3ff85991b72dc1202d111b85418020aa
819b87be8f4f8b4df819a907138e12f584b5379f
de6eb3a1248c7d6c395c234157c46c6f6469392dacce26c904e61b1c8b968315
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.zgbzh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: Hm_lvt_f83ac9c714d97f9c5568c1ef26ca9c6b=1669475582; Hm_lpvt_f83ac9c714d97f9c5568c1ef26ca9c6b=1669475582; Hm_lvt_0b522056fa9ded0b7ae7beae7435129e=1669475582; Hm_lpvt_0b522056fa9ded0b7ae7beae7435129e=1669475582
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:13:05 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 18 Nov 2022 11:29:55 GMT
ETag: W/"636eaae9-2a0c"
Content-Encoding: gzip
www.go8ffs.com/nlp/index.php
85.208.118.17200 OK 2.0 kB URL HTTP/1.1 www.go8ffs.com/nlp/index.php
IP 85.208.118.17:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text
Hash 4f6234cab31018ff9234029a143870d1
1d5c1b8b5e1b8c7d105750072908854845912cfb
f86e79722c847f9b234bc471203ed1731061b4a8c3a407287c28c0d87abb00e7
GET /nlp/index.php HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.zgbzh.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.40
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Content-Encoding: gzip
hm.baidu.com/hm.gif?hca=A5C35A70278D946E&cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&ep=4599%2C4598&et=3&ja=0&ln=en-us&lo=0&rnd=167513381&si=0b522056fa9ded0b7ae7beae7435129e&v=1.3.0&lv=1&sn=36992&r=0&ww=1280&u=http%3A%2F%2Fwww.zgbzh.com%2Fa%2Fcn%2Fpage_12.html
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?hca=A5C35A70278D946E&cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&ep=4599%2C4598&et=3&ja=0&ln=en-us&lo=0&rnd=167513381&si=0b522056fa9ded0b7ae7beae7435129e&v=1.3.0&lv=1&sn=36992&r=0&ww=1280&u=http%3A%2F%2Fwww.zgbzh.com%2Fa%2Fcn%2Fpage_12.html
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?hca=A5C35A70278D946E&cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&ep=4599%2C4598&et=3&ja=0&ln=en-us&lo=0&rnd=167513381&si=0b522056fa9ded0b7ae7beae7435129e&v=1.3.0&lv=1&sn=36992&r=0&ww=1280&u=http%3A%2F%2Fwww.zgbzh.com%2Fa%2Fcn%2Fpage_12.html HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.zgbzh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 26 Nov 2022 15:13:06 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=522BDE587A43C433; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?hca=E3D147C4444E4887&cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&ep=4621%2C4621&et=3&ja=0&ln=en-us&lo=0&rnd=330605331&si=f83ac9c714d97f9c5568c1ef26ca9c6b&v=1.3.0&lv=1&sn=36992&r=0&ww=1280&u=http%3A%2F%2Fwww.zgbzh.com%2Fa%2Fcn%2Fpage_12.html
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?hca=E3D147C4444E4887&cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&ep=4621%2C4621&et=3&ja=0&ln=en-us&lo=0&rnd=330605331&si=f83ac9c714d97f9c5568c1ef26ca9c6b&v=1.3.0&lv=1&sn=36992&r=0&ww=1280&u=http%3A%2F%2Fwww.zgbzh.com%2Fa%2Fcn%2Fpage_12.html
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?hca=E3D147C4444E4887&cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&ep=4621%2C4621&et=3&ja=0&ln=en-us&lo=0&rnd=330605331&si=f83ac9c714d97f9c5568c1ef26ca9c6b&v=1.3.0&lv=1&sn=36992&r=0&ww=1280&u=http%3A%2F%2Fwww.zgbzh.com%2Fa%2Fcn%2Fpage_12.html HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.zgbzh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 26 Nov 2022 15:13:06 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=6C6419D437DF94CC; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
www.zgbzh.com/Uploads/image/20180606/5.jpg
45.122.136.226200 OK 39 kB URL HTTP/1.1 www.zgbzh.com/Uploads/image/20180606/5.jpg
IP 45.122.136.226:0
ASN #132742 Guochao Group limited
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2018:06:06 23:07:25], progressive, precision 8, 185x122, components 3\012- data
Hash d6b030fdc8d64b2d278cfe48b04c9624
294407ca303a9bd8c53d91147677f25a59745374
8acac652037c755f2ad806a2f6955182c59532202bdd0ce1ec76ac9969748e64
GET /Uploads/image/20180606/5.jpg HTTP/1.1
Host: www.zgbzh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.zgbzh.com/
Cookie: Hm_lvt_f83ac9c714d97f9c5568c1ef26ca9c6b=1669475582; Hm_lpvt_f83ac9c714d97f9c5568c1ef26ca9c6b=1669475582; Hm_lvt_0b522056fa9ded0b7ae7beae7435129e=1669475582; Hm_lpvt_0b522056fa9ded0b7ae7beae7435129e=1669475582
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:13:06 GMT
Content-Type: image/jpeg
Content-Length: 39255
Last-Modified: Mon, 14 Nov 2022 09:24:10 GMT
Connection: keep-alive
ETag: "6372093a-9957"
Expires: Mon, 26 Dec 2022 15:13:06 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.zgbzh.com/Uploads/image/20180606/20.jpg
45.122.136.226200 OK 31 kB URL HTTP/1.1 www.zgbzh.com/Uploads/image/20180606/20.jpg
IP 45.122.136.226:0
ASN #132742 Guochao Group limited
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2018:06:06 23:04:40], progressive, precision 8, 185x122, components 3\012- data
Hash 9de39aba2a3a4dfc4b77c0136f67c714
0264f6f6553a19ce3e85a7d5a36b17ca10032f23
0cc3f3f87430fe6e150e0e93f7f8a46a8a85cabc56f0c05a6bc06bb31fbba2c0
GET /Uploads/image/20180606/20.jpg HTTP/1.1
Host: www.zgbzh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.zgbzh.com/
Cookie: Hm_lvt_f83ac9c714d97f9c5568c1ef26ca9c6b=1669475582; Hm_lpvt_f83ac9c714d97f9c5568c1ef26ca9c6b=1669475582; Hm_lvt_0b522056fa9ded0b7ae7beae7435129e=1669475582; Hm_lpvt_0b522056fa9ded0b7ae7beae7435129e=1669475582
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:13:06 GMT
Content-Type: image/jpeg
Content-Length: 30904
Last-Modified: Mon, 14 Nov 2022 09:24:16 GMT
Connection: keep-alive
ETag: "63720940-78b8"
Expires: Mon, 26 Dec 2022 15:13:06 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
collect-v6.51.la/v6/collect?dt=4
103.143.19.103200 0 B URL HTTP/1.1 collect-v6.51.la/v6/collect?dt=4
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 267
Origin: https://www.go8ffs.com
Connection: keep-alive
Referer: https://www.go8ffs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: CloudWAF
Date: Sat, 26 Nov 2022 15:13:06 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=82e2312c41a76bb74d89; path=/
HWWAFSESTIME=1669475582460; path=/
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: https://www.go8ffs.com
Access-Control-Allow-Credentials: true
hm.baidu.com/hm.js?0b522056fa9ded0b7ae7beae7435129e
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?0b522056fa9ded0b7ae7beae7435129e
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (619)
Hash 9b4dfcdbbe6ffece99c08c2eaa581b86
5c4e44943a71332eee04df3e2d0a95ace96b33f0
0824399ea10b3fad99c6722db0974f69c373dd6aa35f5572ebd3af92e0a4ac5a
GET /hm.js?0b522056fa9ded0b7ae7beae7435129e HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.zgbzh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-None-Match: 09ad5b0a099a02f973cef81586c92dd3
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Sat, 26 Nov 2022 15:13:06 GMT
Etag: babcfee15b6c9d21835ddda344f126c4
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=0200F7F33A456161; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?f83ac9c714d97f9c5568c1ef26ca9c6b
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?f83ac9c714d97f9c5568c1ef26ca9c6b
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (621)
Hash 4e6c41a995d47434870c61f9570f9d0a
ae48e4d28a50dbb4237a5e75aef887442d350c35
2c55c53354e9a4a1f86e0683de4a6fbeb072b3d0c6ff39737a01253f9c018536
GET /hm.js?f83ac9c714d97f9c5568c1ef26ca9c6b HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.zgbzh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-None-Match: e9f330724a9f8cad5797489b29de00ac
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11259
Content-Type: application/javascript
Date: Sat, 26 Nov 2022 15:13:06 GMT
Etag: 8d16672d23e5a10774196923d591ddaf
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=1E8777AD2E903F41; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
www.zgbzh.com/Uploads/image/20180606/18.jpg
45.122.136.226200 OK 36 kB URL HTTP/1.1 www.zgbzh.com/Uploads/image/20180606/18.jpg
IP 45.122.136.226:0
ASN #132742 Guochao Group limited
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2018:06:06 23:03:50], progressive, precision 8, 185x122, components 3\012- data
Hash 4dab1a2618a86edd45931229ff62166a
539d9cc31353df218ab2dd70a6f9a849970f9768
c7d659f518f5c54da4c058679e2bc1134d6ee0b64b195fa4d5de69a78894d62d
GET /Uploads/image/20180606/18.jpg HTTP/1.1
Host: www.zgbzh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.zgbzh.com/
Cookie: Hm_lvt_f83ac9c714d97f9c5568c1ef26ca9c6b=1669475582; Hm_lpvt_f83ac9c714d97f9c5568c1ef26ca9c6b=1669475582; Hm_lvt_0b522056fa9ded0b7ae7beae7435129e=1669475582; Hm_lpvt_0b522056fa9ded0b7ae7beae7435129e=1669475582
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:13:06 GMT
Content-Type: image/jpeg
Content-Length: 36389
Last-Modified: Mon, 14 Nov 2022 09:24:16 GMT
Connection: keep-alive
ETag: "63720940-8e25"
Expires: Mon, 26 Dec 2022 15:13:06 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.zgbzh.com/Uploads/image/20180606/11.jpg
45.122.136.226200 OK 28 kB URL HTTP/1.1 www.zgbzh.com/Uploads/image/20180606/11.jpg
IP 45.122.136.226:0
ASN #132742 Guochao Group limited
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2018:06:06 23:02:41], progressive, precision 8, 185x122, components 3\012- data
Hash 49d638ca05bee09d0e289cd02595fcd7
e166942b06fba021b5683d75c36e7b4ff0f20068
48be552665c9299832978ad81b500359f497dd71fde471ecd9df7e22666de4a9
GET /Uploads/image/20180606/11.jpg HTTP/1.1
Host: www.zgbzh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.zgbzh.com/
Cookie: Hm_lvt_f83ac9c714d97f9c5568c1ef26ca9c6b=1669475582; Hm_lpvt_f83ac9c714d97f9c5568c1ef26ca9c6b=1669475582; Hm_lvt_0b522056fa9ded0b7ae7beae7435129e=1669475582; Hm_lpvt_0b522056fa9ded0b7ae7beae7435129e=1669475582
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:13:06 GMT
Content-Type: image/jpeg
Content-Length: 28120
Last-Modified: Mon, 14 Nov 2022 09:24:16 GMT
Connection: keep-alive
ETag: "63720940-6dd8"
Expires: Mon, 26 Dec 2022 15:13:06 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.zgbzh.com/Uploads/image/20180529/56.png
45.122.136.226200 OK 43 kB URL HTTP/1.1 www.zgbzh.com/Uploads/image/20180529/56.png
IP 45.122.136.226:0
ASN #132742 Guochao Group limited
File type PNG image data, 325 x 70, 8-bit/color RGB, non-interlaced\012- data
Hash 1932772ed4a8c99bacc2f342ad46ebe8
ac8057cc5039d849df809dc962b9763011ee5b18
20083d6dec71a25cf7a845b464242d1b34c97831b461ad70ec455d9a4c50040f
GET /Uploads/image/20180529/56.png HTTP/1.1
Host: www.zgbzh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.zgbzh.com/
Cookie: Hm_lvt_f83ac9c714d97f9c5568c1ef26ca9c6b=1669475582; Hm_lpvt_f83ac9c714d97f9c5568c1ef26ca9c6b=1669475582; Hm_lvt_0b522056fa9ded0b7ae7beae7435129e=1669475582; Hm_lpvt_0b522056fa9ded0b7ae7beae7435129e=1669475582
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:13:07 GMT
Content-Type: image/png
Content-Length: 43158
Last-Modified: Mon, 14 Nov 2022 12:16:53 GMT
Connection: keep-alive
ETag: "637231b5-a896"
Expires: Mon, 26 Dec 2022 15:13:07 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
www.supoil.com/image/logo1.jpg
103.39.155.108200 OK 0 B URL HTTP/1.1 www.supoil.com/image/logo1.jpg
IP 103.39.155.108:0
ASN #132742 Guochao Group limited
GET /image/logo1.jpg HTTP/1.1
Host: www.supoil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.zgbzh.com/
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:13:06 GMT
Content-Type: image/jpeg
Content-Length: 152728
Last-Modified: Fri, 18 Nov 2022 14:06:35 GMT
Connection: keep-alive
ETag: "6377916b-25498"
Expires: Mon, 26 Dec 2022 15:13:06 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes