Report - www.zgbzh.com/a/cn/page

Report Overview

Submitted URL
www.zgbzh.com/a/cn/page_12.html
IP
45.122.136.226
ASN
#132742 Guochao Group limited
Submitted
2022-11-26 15:13:09
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
24

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.5 kB	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.163.38.240
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	5.7 kB	104.18.20.226
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	53 kB	34.120.237.76
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	3.5 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
hm.baidu.com	8254	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.3 kB	49 kB	103.235.46.191
www.supoil.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	303 B	307 B	103.39.155.108
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
www.zgbzh.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	10 kB	344 kB	45.122.136.226
www.go8ffs.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	17 kB	4.2 MB	85.208.118.17
sdk.51.la	88367	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	361 B	13 kB	47.253.50.2
collect-v6.51.la	91421	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	832 B	741 B	103.143.19.103

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-26	medium	www.zgbzh.com/a/cn/page_12.html	Phishing
2022-11-26	medium	www.zgbzh.com/jquery.gg.min.js	Phishing
2022-11-26	medium	www.zgbzh.com/jquery.tj.min.js	Phishing
2022-11-26	medium	www.zgbzh.com/statics/home/js/zka.js	Phishing
2022-11-26	medium	www.zgbzh.com/statics/home/js/zdc.js	Phishing
2022-11-26	medium	www.zgbzh.com/statics/home/js/hxn.js	Phishing
2022-11-26	medium	www.zgbzh.com/statics/home/js/rpc.js	Phishing
2022-11-26	medium	www.zgbzh.com/statics/home/js/gkv.js	Phishing
2022-11-26	medium	www.zgbzh.com/statics/home/js/ssb.js	Phishing
2022-11-26	medium	www.zgbzh.com/statics/home/js/gjd.js	Phishing
2022-11-26	medium	www.zgbzh.com/statics/home/js/zgk.js	Phishing
2022-11-26	medium	www.zgbzh.com/	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (32)

	URL	Size	First Seen	Last Seen
	www.go8ffs.com/nlp/index.php	250 B	2023-03-07	2023-12-01
Pretty URL www.go8ffs.com/nlp/index.php IP 85.208.118.17 ASN #18978 ENZUINC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:37:40 Last Seen2023-12-01 14:02:38 Times Seen9 Hash 1096c30883d52f349e5cd0bc26a0550c 92ed4310c9f84fee3ce244b27b01d495ea592d2e b9d8fee279b740b8b72d3030db3d388abdb5b8c952b6a054a772e0b67cbfb4ab Loading...

	www.go8ffs.com/nlp/html/js/jquery.la.min.js	632 B	2023-03-07	2023-05-23
Pretty URL www.go8ffs.com/nlp/html/js/jquery.la.min.js IP 85.208.118.17 ASN #18978 ENZUINC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:37:40 Last Seen2023-05-23 07:30:01 Times Seen4 Hash 8a8bfecd8df26e4c6d013512afdaebad 4996b9f9dd54e3925bd520cc16ac27747a2980aa 6beaf3b08041f5f85deea786e2d40c4bce08a6a4d31428f6d326c927078e505e Loading...

	www.zgbzh.com/	120 B	2023-03-09	2023-03-12
Pretty URL www.zgbzh.com/ IP 45.122.136.226 ASN #132742 Guochao Group limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 01:31:17 Last Seen2023-03-12 09:46:47 Times Seen1 Hash 2160b26d2966887ca884b92e954baaab 89435ca63db86cc0329c57689f9e3263417e81d7 d84b4ebbfb97eaefe540861b40ccaff5ca6f319889a5fbf273053e12238151ee Loading...

	www.zgbzh.com/statics/home/js/rpc.js	93 kB	2023-03-07	2024-04-10
Pretty URL www.zgbzh.com/statics/home/js/rpc.js IP 45.122.136.226 ASN #132742 Guochao Group limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:16:02 Last Seen2024-04-10 00:36:08 Times Seen1447 Hash cfa9051cc0b05eb519f1e16b2a6645d7 149b5180cb9de3f646fc26802440a6ac6e758d40 f23d4b309b72743aa8afe1f8c98a25b3ee31246fa572c66d9d8cb1982cae4fbc Loading...

	hm.baidu.com/hm.js?0b522056fa9ded0b7ae7beae7435129e	30 kB	2023-03-11	2023-03-11
Pretty URL hm.baidu.com/hm.js?0b522056fa9ded0b7ae7beae7435129e IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:46:48 Last Seen2023-03-11 20:46:48 Times Seen1 Hash d262ce5f371ffcefef3b8928e98e756a 10a6cdabde7cb010ee87ab0a13fae876fe72ed83 a806f1143f5ad50341a5f71669be96c8911321d72eb78bce853a707ebb8917b3 Loading...

	www.zgbzh.com/jquery.tj.min.js	516 B	2023-03-08	2023-03-12
Pretty URL www.zgbzh.com/jquery.tj.min.js IP 45.122.136.226 ASN #132742 Guochao Group limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:38:26 Last Seen2023-03-12 09:46:47 Times Seen1 Hash 6143fbcf54656b26a2a1bd5aa350cf65 7fbd7a1647b5318ef020917e38bb1c1925ed1b0a 1f6bd52978f232b919f62f0a827238cf729d7d935f6c6f6c291275f2806cf931 Loading...

	www.zgbzh.com/statics/home/js/zgk.js	12 kB	2023-03-07	2024-04-13
Pretty URL www.zgbzh.com/statics/home/js/zgk.js IP 45.122.136.226 ASN #132742 Guochao Group limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:22 Last Seen2024-04-13 15:55:45 Times Seen560 Hash 1d343d827310c1b001db8b2bb7eb9cb4 fc7fed1a7836fc73c735d41023f92c310c39bf24 893fa7fe8b6e69e2828319c04a7cbb6f129ea820db695d4ced5757d59450b6a8 Loading...

	www.go8ffs.com/nlp/index.php	491 B	2023-03-07	2023-03-17
Pretty URL www.go8ffs.com/nlp/index.php IP 85.208.118.17 ASN #18978 ENZUINC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:37:40 Last Seen2023-03-17 10:38:48 Times Seen1 Hash b384cbf2927fe38a0c6df4eab24ff8cf e6549921622e6f8e7290dda27788dab35f03459f 1643ff539bd36b5f53743e9757c516030a1544c446544a61d3d83561f3d09362 Loading...

	www.zgbzh.com/statics/home/js/gkv.js	1.2 kB	2023-03-07	2024-03-21
Pretty URL www.zgbzh.com/statics/home/js/gkv.js IP 45.122.136.226 ASN #132742 Guochao Group limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:55:54 Last Seen2024-03-21 11:14:07 Times Seen90 Hash d0e10b48b13ed346c97d093068c41cc2 d2430037f1b626f39b2309b8d0649dc381afca6d 1b134d750801cede012084b0fe5384264f95aec96b9be9dbf5cf7a42dff81117 Loading...

	www.zgbzh.com/statics/home/js/gjd.js	3.0 kB	2023-03-08	2023-03-12
Pretty URL www.zgbzh.com/statics/home/js/gjd.js IP 45.122.136.226 ASN #132742 Guochao Group limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:38:26 Last Seen2023-03-12 09:46:47 Times Seen1 Hash ad62c18d5192ebac8de2cdb9d128ea05 2b5c7309e5c7b9ef8cad0f87a51f40efc6fc47aa 0d77318e08f2a066e4bf3cf7affd7e85cb370fe9cbc2a3207821055baaa181b2 Loading...

	www.zgbzh.com/statics/home/js/ssb.js	7.1 kB	2023-03-07	2024-04-18
Pretty URL www.zgbzh.com/statics/home/js/ssb.js IP 45.122.136.226 ASN #132742 Guochao Group limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:24 Last Seen2024-04-18 22:50:48 Times Seen527 Hash 4b253cabaafa86647183695c4c4365e7 d653b2ed6a5d94f718b4ddcbef28d57bd8668cef 027931e5177abc3f452dd92ffea8867a18381bcce1779bfe3843d4d7a582f97a Loading...

	www.go8ffs.com/nlp/index.php	677 B	2023-03-08	2023-03-14
Pretty URL www.go8ffs.com/nlp/index.php IP 85.208.118.17 ASN #18978 ENZUINC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:38:26 Last Seen2023-03-14 19:27:09 Times Seen1 Hash 6e8af6b05a61dd85051a9ec0880c4d23 40540360f3f747e1c87c076f6933acb8eeb14619 4a4f8c8adfb9376fe87feda5a771038dee8918c8615748a50145579ad1ae61b8 Loading...

	hm.baidu.com/hm.js?0b522056fa9ded0b7ae7beae7435129e	30 kB	2023-03-11	2023-03-11
Pretty URL hm.baidu.com/hm.js?0b522056fa9ded0b7ae7beae7435129e IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:46:48 Last Seen2023-03-11 20:46:48 Times Seen1 Hash 728e78154928358eb632606d00ddbff5 5878ac2e23c4eb455028b9aed74a3f40a166a5f9 48f2b2d8a80cd384cfdeceba67dfe9b07e5c101d3dfa45b7b171fa66768ead93 Loading...

	www.zgbzh.com/	325 B	2023-03-09	2023-03-12
Pretty URL www.zgbzh.com/ IP 45.122.136.226 ASN #132742 Guochao Group limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 01:31:17 Last Seen2023-03-12 09:46:47 Times Seen1 Hash 85347442b9bde642e96d603d2e0742d5 b71e7ece24fbdc87d7e01ede81bea526f89de113 c056c7198d4d600869a84e22fce656f9fc2cc908aadc0c1ef4be523de20c8d30 Loading...

	www.zgbzh.com/statics/home/js/hxn.js	11 kB	2023-03-07	2024-02-24
Pretty URL www.zgbzh.com/statics/home/js/hxn.js IP 45.122.136.226 ASN #132742 Guochao Group limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:10 Last Seen2024-02-24 06:08:59 Times Seen109 Hash 22c8fcc801d335a456828ae404b6cc77 7c9d86035d623bf9a1197e71aed224e5531164c6 f2fb399fa3d9e73c2796bd3ff06027111041fcef4b3635744024edd014cc3dbb Loading...

	www.zgbzh.com/a/cn/page_12.html	108 B	2023-03-08	2023-03-12
Pretty URL www.zgbzh.com/a/cn/page_12.html IP 45.122.136.226 ASN #132742 Guochao Group limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:38:26 Last Seen2023-03-12 09:46:47 Times Seen1 Hash 5382805bb4d88a4a0c5330d89eeef98d 2d72e840251216976702443f78208abbb8266438 8790a435f50c504c99a594e53f00538ebf15c18dbdd4edb25399d2282138e026 Loading...

	www.go8ffs.com/nlp/index.php	1.0 kB	2023-03-07	2023-12-01
Pretty URL www.go8ffs.com/nlp/index.php IP 85.208.118.17 ASN #18978 ENZUINC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:37:40 Last Seen2023-12-01 14:02:38 Times Seen8 Hash 6202bf465334dd5e2dbeae4eb3a0932a c49259575cec0b59f0c94e4cc4524184db78d542 c53b3c76e9316d7c31f00e8abdcda421baf58ed7fc4c5db2c96538265350a9c4 Loading...

	www.go8ffs.com/nlp/html/js/xSlider.js	4.8 kB	2023-03-07	2023-05-23
Pretty URL www.go8ffs.com/nlp/html/js/xSlider.js IP 85.208.118.17 ASN #18978 ENZUINC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:37:40 Last Seen2023-05-23 07:30:01 Times Seen2 Hash c319337d6cad49045779635fcfbd21aa 6c872682df48ad6ee8140a2ed9efa98a7c752d2f c968862d0733626d7191dec6e49bc4190f847c4a8d4eba089ec2764467e5ea85 Loading...

	hm.baidu.com/hm.js?f83ac9c714d97f9c5568c1ef26ca9c6b	30 kB	2023-03-11	2023-03-11
Pretty URL hm.baidu.com/hm.js?f83ac9c714d97f9c5568c1ef26ca9c6b IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:46:48 Last Seen2023-03-11 20:46:48 Times Seen1 Hash 69592ec7870ce1f1f25c62022d501f63 26343f16e2516bc858337af3e527265394606cc1 188b16b35682d149518e82805715b0f059f3667940bb6539212b243b5e634c0b Loading...

	www.go8ffs.com/nlp/html/js/shoucang.js	5.8 kB	2023-03-07	2023-12-01
Pretty URL www.go8ffs.com/nlp/html/js/shoucang.js IP 85.208.118.17 ASN #18978 ENZUINC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:37:40 Last Seen2023-12-01 14:02:38 Times Seen5 Hash df8369abf69cac62276824daccd5deef 078b4551143405786a62a526698ffd98e29915da 20a376cecf4d88b741fada5818c0f4435a5825a487967d477883c6a600d2e35c Loading...

	www.zgbzh.com/	325 B	2023-03-09	2023-03-12
Pretty URL www.zgbzh.com/ IP 45.122.136.226 ASN #132742 Guochao Group limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 01:31:17 Last Seen2023-03-12 09:46:47 Times Seen1 Hash ee050ea860737fbb50ddc2e863f12b7a 8e23d34f43f43a75f146830d526bf27075792ed2 fcbd6d992cf4f1e83ede45de70b138122a8b05752dbda0d2b41e7ddf5f427025 Loading...

	sdk.51.la/js-sdk-pro.min.js	34 kB	2023-03-07	2024-04-19
Pretty URL sdk.51.la/js-sdk-pro.min.js IP 47.253.50.2 ASN #45102 Alibaba US Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-19 07:14:27 Times Seen23139 Hash 24bb520e9517f2ed3ed987b46aeaf723 846723563d7dd2bff3954f93633b11af0103adc8 d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27 Loading...

	www.zgbzh.com/	129 B	2023-03-09	2023-03-12
Pretty URL www.zgbzh.com/ IP 45.122.136.226 ASN #132742 Guochao Group limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 01:31:17 Last Seen2023-03-12 09:46:47 Times Seen1 Hash 12702379fd9151f568239d84628faef1 4b68c1684fb5b74c47b5681a410119d852de2747 a60cf5e3f605526744ae49c3cba17417f58770b1a7c6c134ae4e9f84f8ac4132 Loading...

	www.zgbzh.com/statics/home/js/zdc.js	44 kB	2023-03-07	2024-04-18
Pretty URL www.zgbzh.com/statics/home/js/zdc.js IP 45.122.136.226 ASN #132742 Guochao Group limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:37 Last Seen2024-04-18 23:00:16 Times Seen19831 Hash f416f9031fef25ae25ba9756e3eb6978 e2a600e433df72b4cfde93d7880e3114917a3cbe a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d Loading...

	hm.baidu.com/hm.js?f83ac9c714d97f9c5568c1ef26ca9c6b	30 kB	2023-03-11	2023-03-11
Pretty URL hm.baidu.com/hm.js?f83ac9c714d97f9c5568c1ef26ca9c6b IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:46:48 Last Seen2023-03-11 20:46:48 Times Seen1 Hash 6b0839ebb6c74628c12b4554b0c02c09 4d820cda3d642997a019db28a581fd57b7cf7da0 3412678ff1ec193523dfb5fa868d69dfa541b7338e11aa0a7cc91754d61436c5 Loading...

	www.zgbzh.com/jquery.gg.min.js	28 kB	2023-03-08	2023-03-14
Pretty URL www.zgbzh.com/jquery.gg.min.js IP 45.122.136.226 ASN #132742 Guochao Group limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:38:26 Last Seen2023-03-14 15:16:40 Times Seen1 Hash c419d5189e51b66d6d4f4df44cc0b274 e0263cf741ddf95def08700c2d70c5e9ef9206a5 9ae65ca758f1872f459944dcbd0aa08b23ada1adeed149f57ebc81759e9ee73f Loading...

	www.zgbzh.com/statics/home/js/zka.js	37 kB	2023-03-08	2023-10-15
Pretty URL www.zgbzh.com/statics/home/js/zka.js IP 45.122.136.226 ASN #132742 Guochao Group limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:38:26 Last Seen2023-10-15 08:42:05 Times Seen3 Hash 9fb6d1ea0bd3f63e63f0381bad383603 e248b09bf33c625cdbfafa5151781cb5104ffde3 00acd60253b9338f6e90ca07a8cef4a0e4ce4b8a14a46c6f4f7adc5a9528a2a2 Loading...

		Size	First Seen	Last Seen
	#1 Eval - b923006d5e79076c29ac6d7cff1c749b	455 B	2023-03-08	2023-03-14
Pretty Observations First Seen2023-03-08 19:38:26 Last Seen2023-03-14 15:16:40 Times Seen1 Hash b923006d5e79076c29ac6d7cff1c749b d7949d855b14f1e58bbb34c1098390f8ed51d389 c0340bf80d8cc40aaae25801d2ee42ffecdedca6f815a92520b80e13e75d6b33 Loading...

		Size	First Seen	Last Seen
	#1 Write - 69dae1d47e092d8aa11112d06bb04bf6	436 B	2023-03-08	2023-03-14
Pretty Observations First Seen2023-03-08 19:38:26 Last Seen2023-03-14 15:16:40 Times Seen1 Hash 69dae1d47e092d8aa11112d06bb04bf6 155e099dc67f7a1f01c8364c34f9df0a5c4f76e5 061b3d8031c2097037c323069727581c49db2265b6c3236a1edd0fef9488222c Loading...

	#2 Write - 944732c770c82959fe764a3549deb506	27 B	2023-03-07	2024-04-16
Pretty Observations First Seen2023-03-07 01:37:40 Last Seen2024-04-16 19:07:48 Times Seen492 Hash 944732c770c82959fe764a3549deb506 bf88654ef5429f1f37731828462cdd31778436d9 a7303b6c9ddaddbf8920f29c94a8a7b20bc4e72f9ab44f6640e3149350a98394 Loading...

	#3 Write - ad3098fd3c631eed0e8dcfafb5d051b1	508 B	2023-03-07	2023-05-23
Pretty Observations First Seen2023-03-07 01:37:40 Last Seen2023-05-23 07:30:01 Times Seen3 Hash ad3098fd3c631eed0e8dcfafb5d051b1 091edddb64a3786da555a4d6f771a47490d2bf5d e3ff26517384f18d04932d23eda5ccc9f8c5a090ec7bae1fdd33d9bbd9f3f361 Loading...

	#4 Write - 0a3a0b592b9c285e050805307cee87c2	6 B	2023-03-07	2024-04-19
Pretty Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-19 09:34:57 Times Seen11419 Hash 0a3a0b592b9c285e050805307cee87c2 125a168e24b2bd38aadb84cbb5f87f316b073c41 aac32651b10f567c461b9b4f255d6fb1fa6859b5368d8bd9a51af920ab21cf23 Loading...

HTTP Transactions (102)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a9f1d4d98705c281fed3b60343463200
db6f8aa98d2eda4e5473b116a222c3055568bb78
164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6860
Expires: Sat, 26 Nov 2022 17:07:18 GMT
Date: Sat, 26 Nov 2022 15:12:58 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
15b59d5e62caedb4bec3ba6724906c1e
960f801e608a56fdd11449f4face29f62cad2b21
8c72a45737c2eeddf328b0ed3236f3243551d904e94ec9dd7254972ebfb9229e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3891
Cache-Control: max-age=159781
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 15:12:58 GMT
Etag: "6381eaec-1d7"
Expires: Mon, 28 Nov 2022 11:35:59 GMT
Last-Modified: Sat, 26 Nov 2022 10:31:08 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16857
Expires: Sat, 26 Nov 2022 19:53:55 GMT
Date: Sat, 26 Nov 2022 15:12:58 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 26 Nov 2022 14:19:13 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3225
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: mWYdozSbUyANcji1XuaGo9VCnRyM4g9N0zBPCjy2lDOvbv9N2eo9tS2p7t7ZflHwAkpvHdvrDR8=
x-amz-request-id: SDTD41J7JGDYC32R
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 26 Nov 2022 14:41:15 GMT
age: 1903
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 26 Nov 2022 15:12:58 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 26 Nov 2022 15:11:12 GMT
cache-control: public,max-age=3600
age: 106
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

www.zgbzh.com/a/cn/page_12.html

45.122.136.226

200 OK

2.8 kB

URL HTTP/1.1
www.zgbzh.com/a/cn/page_12.html
IP
45.122.136.226:0
ASN
#132742 Guochao Group limited

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF, LF line terminators
Size
2.8 kB (2751 bytes)
Hash
a2a0fc5971bb531d652ea7b06ed5801b
fb0bf69730ed65b066659c48c4fc2a5f5e975213
750501d809affbc1952d1b704a5e4de185cea57d79bb97acdc296be1b1544a21

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /a/cn/page_12.html HTTP/1.1
Host: www.zgbzh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:12:58 GMT
Content-Type: text/html
Last-Modified: Sat, 26 Nov 2022 15:12:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63822cee-441d"
Content-Encoding: gzip

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d3df71aab146eefc49acb608796aab63
8401892995193919376dfcd798b09c8261579454
a616c1e54e896576601e6107c1814adbebf35364d8ed807cdd89ac36b8200c88

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5542
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 26 Nov 2022 15:12:59 GMT
Last-Modified: Sat, 26 Nov 2022 13:40:37 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

35.163.38.240

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.163.38.240:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: igt9QrXbdbAWGCUJReMcyQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: BG0MX/ApH/2axnxdxkpoPWwEZeo=

www.zgbzh.com/jquery.gg.min.js

45.122.136.226

200 OK

12 kB

URL HTTP/1.1
www.zgbzh.com/jquery.gg.min.js
IP
45.122.136.226:0
ASN
#132742 Guochao Group limited

File type
Unicode text, UTF-8 text, with very long lines (27951), with no line terminators
Size
12 kB (11460 bytes)
Hash
51322614173b5ad84c8f646dc8a6407d
5e14f0bd94c75a113a83079ec33e9436feadc99a
5c7c0122523fa0d857219bd06d043c868078067e1a178719edede4f668ccc88f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /jquery.gg.min.js HTTP/1.1
Host: www.zgbzh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.zgbzh.com/a/cn/page_12.html

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:12:59 GMT
Content-Type: application/javascript
Last-Modified: Mon, 14 Nov 2022 05:13:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6371ce64-6d37"
Expires: Sun, 27 Nov 2022 03:12:59 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

www.zgbzh.com/statics/home/css/tkr.css

45.122.136.226

200 OK

24 kB

URL HTTP/1.1
www.zgbzh.com/statics/home/css/tkr.css
IP
45.122.136.226:0
ASN
#132742 Guochao Group limited

File type
ASCII text, with very long lines (64987)
Size
24 kB (24347 bytes)
Hash
c0bb7f6a52e678fa6ff67daafb7f40e2
ff83ebddfdfbd3c3178997965d2fd5bd4b6d1433
b48d3b2fd2cd8f9cfd25b115d97d57b78521c3bc18fcb2444700d3b3ac9e53b2

HTTP Headers

GET /statics/home/css/tkr.css HTTP/1.1
Host: www.zgbzh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.zgbzh.com/a/cn/page_12.html

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:12:59 GMT
Content-Type: text/css
Last-Modified: Mon, 14 Nov 2022 09:24:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63720936-1dd75"
Expires: Sun, 27 Nov 2022 03:12:59 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

www.zgbzh.com/jquery.tj.min.js

45.122.136.226

200 OK

516 B

URL HTTP/1.1
www.zgbzh.com/jquery.tj.min.js
IP
45.122.136.226:0
ASN
#132742 Guochao Group limited

File type
ASCII text
Size
516 B (516 bytes)
Hash
6143fbcf54656b26a2a1bd5aa350cf65
7fbd7a1647b5318ef020917e38bb1c1925ed1b0a
1f6bd52978f232b919f62f0a827238cf729d7d935f6c6f6c291275f2806cf931

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /jquery.tj.min.js HTTP/1.1
Host: www.zgbzh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.zgbzh.com/a/cn/page_12.html

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:12:59 GMT
Content-Type: application/javascript
Content-Length: 516
Last-Modified: Mon, 14 Nov 2022 05:13:08 GMT
Connection: keep-alive
ETag: "6371ce64-204"
Expires: Sun, 27 Nov 2022 03:12:59 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes

www.zgbzh.com/statics/home/css/jwg.css

45.122.136.226

200 OK

1.2 kB

URL HTTP/1.1
www.zgbzh.com/statics/home/css/jwg.css
IP
45.122.136.226:0
ASN
#132742 Guochao Group limited

File type
troff or preprocessor input, Unicode text, UTF-8 text
Size
1.2 kB (1189 bytes)
Hash
7868bd3ffe2377782f2f6a693b2d5654
721c7ad7ef312863d1cd6957e2e7d2d7f66e97b9
fbf739c6b8f5c650b04efc81d11d6098ee1f36c94f43771e920cae623abe434a

HTTP Headers

GET /statics/home/css/jwg.css HTTP/1.1
Host: www.zgbzh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.zgbzh.com/a/cn/page_12.html

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:12:59 GMT
Content-Type: text/css
Last-Modified: Mon, 14 Nov 2022 09:24:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63720936-d35"
Expires: Sun, 27 Nov 2022 03:12:59 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

www.zgbzh.com/statics/home/css/elm.css

45.122.136.226

200 OK

5.3 kB

URL HTTP/1.1
www.zgbzh.com/statics/home/css/elm.css
IP
45.122.136.226:0
ASN
#132742 Guochao Group limited

File type
ASCII text, with very long lines (57319)
Size
5.3 kB (5284 bytes)
Hash
5b58ce0329dc7859856962e7b20a257a
3505b43e170d1bf7be09a0d1a33328e76f25e361
823ea76640f8198195f04e1a5ed9696f825e6f3cb968fa9d2cc103548bad8cd9

HTTP Headers

GET /statics/home/css/elm.css HTTP/1.1
Host: www.zgbzh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.zgbzh.com/a/cn/page_12.html

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:12:59 GMT
Content-Type: text/css
Last-Modified: Mon, 14 Nov 2022 09:24:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63720939-e089"
Expires: Sun, 27 Nov 2022 03:12:59 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

www.zgbzh.com/statics/home/css/hfn.css

45.122.136.226

200 OK

1.1 kB

URL HTTP/1.1
www.zgbzh.com/statics/home/css/hfn.css
IP
45.122.136.226:0
ASN
#132742 Guochao Group limited

File type
ASCII text, with very long lines (3184)
Size
1.1 kB (1127 bytes)
Hash
209e6446f0ac61cd77efee3aee008126
1f1b5d580b7b28db861032347c809fd53de2dd00
011951983768636cab58192c860ff5909cea2ee1069177a5761f61dc4a8947c7

HTTP Headers

GET /statics/home/css/hfn.css HTTP/1.1
Host: www.zgbzh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.zgbzh.com/a/cn/page_12.html

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:12:59 GMT
Content-Type: text/css
Last-Modified: Mon, 14 Nov 2022 09:24:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63720937-d17"
Expires: Sun, 27 Nov 2022 03:12:59 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

www.zgbzh.com/statics/home/css/qcq.css

45.122.136.226

200 OK

1.0 kB

URL HTTP/1.1
www.zgbzh.com/statics/home/css/qcq.css
IP
45.122.136.226:0
ASN
#132742 Guochao Group limited

File type
ASCII text, with very long lines (846)
Size
1.0 kB (1013 bytes)
Hash
594b81805a98b267e47c70a8fad30d9f
684d84ec40b305ca14efc88c91f12972cb6342b4
924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac

HTTP Headers

GET /statics/home/css/qcq.css HTTP/1.1
Host: www.zgbzh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.zgbzh.com/a/cn/page_12.html

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:12:59 GMT
Content-Type: text/css
Content-Length: 1013
Last-Modified: Mon, 14 Nov 2022 09:24:07 GMT
Connection: keep-alive
ETag: "63720937-3f5"
Expires: Sun, 27 Nov 2022 03:12:59 GMT
Cache-Control: max-age=43200
Accept-Ranges: bytes

www.zgbzh.com/statics/home/css/rsm.css

45.122.136.226

200 OK

947 B

URL HTTP/1.1
www.zgbzh.com/statics/home/css/rsm.css
IP
45.122.136.226:0
ASN
#132742 Guochao Group limited

File type
ASCII text
Size
947 B (947 bytes)
Hash
6d558d5ae0599ad7242d6326d0bcc81a
8353b72a9ee1ff9c5547a67f22077416ede0a189
436ce7e334e040d4625e4773f213a676aec72d280a1b53be0cd12f000e6e599f

HTTP Headers

GET /statics/home/css/rsm.css HTTP/1.1
Host: www.zgbzh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.zgbzh.com/a/cn/page_12.html

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:13:00 GMT
Content-Type: text/css
Last-Modified: Mon, 14 Nov 2022 09:24:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63720937-beb"
Expires: Sun, 27 Nov 2022 03:13:00 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

www.zgbzh.com/statics/home/js/zka.js

45.122.136.226

200 OK

12 kB

URL HTTP/1.1
www.zgbzh.com/statics/home/js/zka.js
IP
45.122.136.226:0
ASN
#132742 Guochao Group limited

File type
ASCII text, with very long lines (32004)
Size
12 kB (11592 bytes)
Hash
028209095d55bc5e19727c49bfe4d921
725d42ad2e764dd161004d652252d23620dd84b8
55a59309a92cbc788ce871da48ae9bfb03158b7d1fd286983db457d9eab0b014

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /statics/home/js/zka.js HTTP/1.1
Host: www.zgbzh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.zgbzh.com/a/cn/page_12.html

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:13:00 GMT
Content-Type: application/javascript
Last-Modified: Mon, 14 Nov 2022 09:24:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63720939-91d0"
Expires: Sun, 27 Nov 2022 03:13:00 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

www.zgbzh.com/statics/home/js/zdc.js

45.122.136.226

200 OK

13 kB

URL HTTP/1.1
www.zgbzh.com/statics/home/js/zdc.js
IP
45.122.136.226:0
ASN
#132742 Guochao Group limited

File type
ASCII text, with very long lines (31997)
Size
13 kB (13238 bytes)
Hash
4ec413917ff107b66a3a9e1eb5605e80
4ec23152043ede60f0ea0a3eb93fa68de52de02a
dcf9c2fb90a091260980dc6908aac49474abe63de142c96eef7c57394daa10f0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /statics/home/js/zdc.js HTTP/1.1
Host: www.zgbzh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.zgbzh.com/a/cn/page_12.html

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:13:00 GMT
Content-Type: application/javascript
Last-Modified: Mon, 14 Nov 2022 09:24:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63720939-ad36"
Expires: Sun, 27 Nov 2022 03:13:00 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

ocsp.globalsign.com/gsrsaovsslca2018

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
04c3a43b6c4d52e99dad07e6fce44697
e37ea1ca0745e29a51b3bce2d4dbd66727f2ab03
a7d6523eec8617d19acea316df8e58db7071823108bf7cc553da72396d7d2042

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:13:00 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 30 Nov 2022 12:15:18 GMT
ETag: "e37ea1ca0745e29a51b3bce2d4dbd66727f2ab03"
Last-Modified: Sat, 26 Nov 2022 12:15:19 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2589
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770390c95e9eb4f1-OSL

ocsp.globalsign.com/gsrsaovsslca2018

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
04c3a43b6c4d52e99dad07e6fce44697
e37ea1ca0745e29a51b3bce2d4dbd66727f2ab03
a7d6523eec8617d19acea316df8e58db7071823108bf7cc553da72396d7d2042

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:13:00 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 30 Nov 2022 12:15:18 GMT
ETag: "e37ea1ca0745e29a51b3bce2d4dbd66727f2ab03"
Last-Modified: Sat, 26 Nov 2022 12:15:19 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2589
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770390c96eb3b4f1-OSL

www.go8ffs.com/nlp/index.php

85.208.118.17

200 OK

2.0 kB

URL HTTP/1.1
www.go8ffs.com/nlp/index.php
IP
85.208.118.17:0
ASN
#18978 ENZUINC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text
Size
2.0 kB (2024 bytes)
Hash
4f6234cab31018ff9234029a143870d1
1d5c1b8b5e1b8c7d105750072908854845912cfb
f86e79722c847f9b234bc471203ed1731061b4a8c3a407287c28c0d87abb00e7

HTTP Headers

GET /nlp/index.php HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.zgbzh.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:00 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.40
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Content-Encoding: gzip

www.zgbzh.com/statics/home/js/hxn.js

45.122.136.226

200 OK

3.9 kB

URL HTTP/1.1
www.zgbzh.com/statics/home/js/hxn.js
IP
45.122.136.226:0
ASN
#132742 Guochao Group limited

File type
Unicode text, UTF-8 text, with very long lines (11042), with CRLF line terminators
Size
3.9 kB (3859 bytes)
Hash
7e93d164eff538d73cbd7d422d822a35
01a108b19ef9119d2e389b9804088ef1178e7c7d
2a0a23ec0895fa48e0c5b8f1eb2bc44c2e9b029805adeffb4d5b1973ecec1c4c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /statics/home/js/hxn.js HTTP/1.1
Host: www.zgbzh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.zgbzh.com/a/cn/page_12.html

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:13:00 GMT
Content-Type: application/javascript
Last-Modified: Mon, 14 Nov 2022 09:24:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63720939-2c46"
Expires: Sun, 27 Nov 2022 03:13:00 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

www.zgbzh.com/statics/home/js/rpc.js

45.122.136.226

200 OK

37 kB

URL HTTP/1.1
www.zgbzh.com/statics/home/js/rpc.js
IP
45.122.136.226:0
ASN
#132742 Guochao Group limited

File type
Unicode text, UTF-8 text, with very long lines (65479), with CRLF line terminators
Size
37 kB (37412 bytes)
Hash
dad6b552d85a5ddb2ffb6428b4e648f0
2bc3faf980de5ed7aa5fe3bc86dc9b9441b361f1
ff8ae3aa8a5f947733ef432b0ec06fbd38fe4c85d92b76976164d317b998c0a5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /statics/home/js/rpc.js HTTP/1.1
Host: www.zgbzh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.zgbzh.com/a/cn/page_12.html

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:13:00 GMT
Content-Type: application/javascript
Last-Modified: Mon, 14 Nov 2022 09:24:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63720939-16cfc"
Expires: Sun, 27 Nov 2022 03:13:00 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

www.go8ffs.com/nlp/html/css/reset.css

85.208.118.17

200 OK

5.2 kB

URL HTTP/1.1
www.go8ffs.com/nlp/html/css/reset.css
IP
85.208.118.17:0
ASN
#18978 ENZUINC

File type
ASCII text, with very long lines (2097), with CRLF line terminators
Size
5.2 kB (5152 bytes)
Hash
7df0df24bd7a3fe1f6c10d9379dc461a
6e7fe0999ee4ce69a764f17aeebb5153185e7d5a
ff55ccb5d3823664606dfbea42aa42b5f8a18743ab68fd9ff4cca0dfc13ed03d

HTTP Headers

GET /nlp/html/css/reset.css HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:00 GMT
Content-Type: text/css
Last-Modified: Mon, 09 Dec 2019 10:22:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5dee2050-4a87"
Expires: Sun, 27 Nov 2022 03:13:00 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip

www.zgbzh.com/statics/home/js/gkv.js

45.122.136.226

200 OK

692 B

URL HTTP/1.1
www.zgbzh.com/statics/home/js/gkv.js
IP
45.122.136.226:0
ASN
#132742 Guochao Group limited

File type
ASCII text
Size
692 B (692 bytes)
Hash
84d8a875766dc5047ff9d02bef958e3e
04a85060b1939537f0e475832c61288cf1909f55
c556adbd17ae3480ad0081913529b7884c253931af46afa8be6d605d38664eaa

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /statics/home/js/gkv.js HTTP/1.1
Host: www.zgbzh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.zgbzh.com/a/cn/page_12.html

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:13:00 GMT
Content-Type: application/javascript
Last-Modified: Mon, 14 Nov 2022 09:24:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6372093a-4d7"
Expires: Sun, 27 Nov 2022 03:13:00 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

www.go8ffs.com/nlp/html/css/global.css

85.208.118.17

200 OK

1.6 kB

URL HTTP/1.1
www.go8ffs.com/nlp/html/css/global.css
IP
85.208.118.17:0
ASN
#18978 ENZUINC

File type
ASCII text, with CRLF line terminators
Size
1.6 kB (1586 bytes)
Hash
8311a8491b15d5e792b7258b4e9bc02f
020035a406341c16f27a1072cefeaf71fe2aec9f
1b42d73b3170f0601b0b50565e978007accecfeb197b7a1b750744d34fc0c51a

HTTP Headers

GET /nlp/html/css/global.css HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:00 GMT
Content-Type: text/css
Last-Modified: Sat, 15 Feb 2020 09:21:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5e47b816-1b88"
Expires: Sun, 27 Nov 2022 03:13:00 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9674
Expires: Sat, 26 Nov 2022 17:54:14 GMT
Date: Sat, 26 Nov 2022 15:13:00 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9674
Expires: Sat, 26 Nov 2022 17:54:14 GMT
Date: Sat, 26 Nov 2022 15:13:00 GMT
Connection: keep-alive

www.zgbzh.com/statics/home/js/ssb.js

45.122.136.226

200 OK

2.6 kB

URL HTTP/1.1
www.zgbzh.com/statics/home/js/ssb.js
IP
45.122.136.226:0
ASN
#132742 Guochao Group limited

File type
ASCII text, with very long lines (7027)
Size
2.6 kB (2618 bytes)
Hash
ba3c66419257721c5fb8fda0ef5b9dcf
f644fc7d37c0199ad567695de834f92a3c6f67ff
9e2d25218bd622462db6e064b92498c197e358bab9aadecf0f617ff9a62720ea

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /statics/home/js/ssb.js HTTP/1.1
Host: www.zgbzh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.zgbzh.com/a/cn/page_12.html

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:13:00 GMT
Content-Type: application/javascript
Last-Modified: Mon, 14 Nov 2022 09:24:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6372093a-1b91"
Expires: Sun, 27 Nov 2022 03:13:00 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg

34.120.237.76

200 OK

4.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.3 kB (4309 bytes)
Hash
841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ezHvyK3va4SioabOjSittTiLQRs_Q8k4TPxkiGp_svtZ8omDPTUN-A==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 05:04:28 GMT
age: 36512
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc537c2d0-d011-4ed0-a5d4-5f5d2190c49b.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.4 kB (4366 bytes)
Hash
abd79421a3c44a8df11ad2cc50083309
8665e5f3026f2c2b9505eb139c478f4d359851c3
3a66b00498fa1322730705b1c4502614b5a520ac3f884f494d65e27a5bb62c3f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc537c2d0-d011-4ed0-a5d4-5f5d2190c49b.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4366
x-amzn-requestid: ce25f5ab-0c92-431e-ae4e-618829594a74
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVNZFjHoAMFXLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63813588-6a3a8dff70e717011e3a0606;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:37:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 75AMMfa7oq0Y51YPEC_FEDOoNVc9cgfjg9bOSOXwikONPdhW7OG3uQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:48:10 GMT
age: 62690
etag: "8665e5f3026f2c2b9505eb139c478f4d359851c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

16 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
16 kB (15818 bytes)
Hash
17ebe470d040a6ea8c57e9b9d4f4e828
1ac7a410cd4f3709f476c776dd5646dd982dcfa8
d65114b68fcc12344c6df7bf294718b79822fa9782d3bd54ca044b66f82052b1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1de44df6-bdc7-487f-a2a0-b42d26be2420.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 15818
x-amzn-requestid: a6570859-3b03-492e-9f84-e25b01223da2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLXrUF3bIAMF8CA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381397b-379b1bcf2ac0715835e10e48;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:54:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: HgiyaodE2vJx5JL8QfOiTersSAgAwq74gtsPkpHUhnQ3In2vZ-3rbQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 22:33:09 GMT
etag: "1ac7a410cd4f3709f476c776dd5646dd982dcfa8"
content-type: image/jpeg
age: 59991
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f5318cc-4728-4160-afd1-9d20b79b7de9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9914 bytes)
Hash
3b1c6878914466cfece680fa7cb73502
47fac81a2dd809df5c42ca1362f71d553572d2b1
6458883dfa2bdfd483e92e5f847a229508ef00ce1dbd11f49eec369d0bd3160a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f5318cc-4728-4160-afd1-9d20b79b7de9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9914
x-amzn-requestid: 4db4ed29-20b4-4ca7-8835-2463d0989d5b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVVFHQYIAMFc4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638135b9-613da006118724124e345b29;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:38:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7cJmhEGkKqLUQUMqGuYtWBeu_1nlEUAxgTMy4ABekPJYrJP95wE6Jg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:59:05 GMT
age: 62035
etag: "47fac81a2dd809df5c42ca1362f71d553572d2b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.5 kB (3502 bytes)
Hash
a783df85f30f9c555f9df6b99f61744d
61f9bed607e81606be78285596acdc5e0e4f4994
19db42201d0fa059f680d890ede6683c04e893e6308a2256d0203f826a7f34de

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3502
x-amzn-requestid: ca3f2610-e03c-48a7-abb3-fbbab76f63d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvYUHO5IAMFqDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5ce-7e36137711dc4668278c1c94;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QS3ZKYetcm87GNwSr34eRPF2d4r8ppwf3fT19aV-u84f7ObX4bU8wQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 07:13:26 GMT
age: 28774
etag: "61f9bed607e81606be78285596acdc5e0e4f4994"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.0 kB (9049 bytes)
Hash
c8dc4b8a7e9f7f4f84f0da568b43392b
3d32bff85cb7ec118c4496d0c3802829fdc9af3b
4b0ffde427085c796a7a5823604b29a4af43dbb93e99ec41f34feb37f52ac7d9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9049
x-amzn-requestid: 6cbd9639-c29d-4ff4-8091-3168f64f4c78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLVVGHzKoAMFSuA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638135ba-100ea4235fdf1df8491041c8;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 21:38:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OJZkZ18TlSgdBWsmSroQPIcYIvBFvz5-7hu9_GravTcz6zqxKXHZrg==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 21:43:36 GMT
age: 62964
etag: "3d32bff85cb7ec118c4496d0c3802829fdc9af3b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.zgbzh.com/statics/home/js/gjd.js

45.122.136.226

200 OK

1.1 kB

URL HTTP/1.1
www.zgbzh.com/statics/home/js/gjd.js
IP
45.122.136.226:0
ASN
#132742 Guochao Group limited

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
1.1 kB (1088 bytes)
Hash
f0966bccbb73df7d4642085eb4fce9ea
7c0b144eafb2f055089db632487b7c9ecb0b9d62
1f9252d8149b9444bea115f9b6f750993f0108fe49d51ba4c22a8c63c5fca826

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /statics/home/js/gjd.js HTTP/1.1
Host: www.zgbzh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.zgbzh.com/a/cn/page_12.html

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:13:00 GMT
Content-Type: application/javascript
Last-Modified: Mon, 14 Nov 2022 09:24:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6372093a-baa"
Expires: Sun, 27 Nov 2022 03:13:00 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

www.go8ffs.com/nlp/html/css/style1.css

85.208.118.17

200 OK

1.9 kB

URL HTTP/1.1
www.go8ffs.com/nlp/html/css/style1.css
IP
85.208.118.17:0
ASN
#18978 ENZUINC

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
1.9 kB (1900 bytes)
Hash
1c281d8a45982360f40b4243ceb5dad4
712ff608c770150f7063bc21577adebe1535db6a
d64b3d6dece221fd8610e461b560360d78d4e8d9458c7f3c0f03088d6e4fd5cd

HTTP Headers

GET /nlp/html/css/style1.css HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:00 GMT
Content-Type: text/css
Last-Modified: Sat, 15 Feb 2020 09:14:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5e47b688-188a"
Expires: Sun, 27 Nov 2022 03:13:00 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip

www.go8ffs.com/nlp/html/css/app.css

85.208.118.17

200 OK

531 B

URL HTTP/1.1
www.go8ffs.com/nlp/html/css/app.css
IP
85.208.118.17:0
ASN
#18978 ENZUINC

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
531 B (531 bytes)
Hash
d19984884d458a401c17381534c74df7
4f18f14c373ec54c9e719b4df6ee20f835eb4736
9104572473f82d01a50d3633621532e3d9567d0f45d81bb6a29b61540055ccb0

HTTP Headers

GET /nlp/html/css/app.css HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:00 GMT
Content-Type: text/css
Last-Modified: Mon, 09 Dec 2019 10:22:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5dee2050-61c"
Expires: Sun, 27 Nov 2022 03:13:00 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip

www.go8ffs.com/nlp/html/js/xSlider.js

85.208.118.17

200 OK

4.8 kB

URL HTTP/1.1
www.go8ffs.com/nlp/html/js/xSlider.js
IP
85.208.118.17:0
ASN
#18978 ENZUINC

File type
HTML document, Unicode text, UTF-8 (with BOM) text
Size
4.8 kB (4760 bytes)
Hash
ac986046071f223f32ef0b57c5e83372
9ad8b6b8851448c876396b74fb2414beb217ed6c
ba5a0c25b65512451e4a8132d8f85e6cf40128d7f744b7aab3deddc46295b02b

HTTP Headers

GET /nlp/html/js/xSlider.js HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:00 GMT
Content-Type: application/javascript
Content-Length: 4760
Last-Modified: Mon, 09 Dec 2019 10:22:08 GMT
Connection: keep-alive
ETag: "5dee2050-1298"
Expires: Sun, 27 Nov 2022 03:13:00 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes

www.go8ffs.com/nlp/html/js/jquery.la.min.js

85.208.118.17

200 OK

632 B

URL HTTP/1.1
www.go8ffs.com/nlp/html/js/jquery.la.min.js
IP
85.208.118.17:0
ASN
#18978 ENZUINC

File type
HTML document, ASCII text, with very long lines (555), with CRLF line terminators
Size
632 B (632 bytes)
Hash
8a8bfecd8df26e4c6d013512afdaebad
4996b9f9dd54e3925bd520cc16ac27747a2980aa
6beaf3b08041f5f85deea786e2d40c4bce08a6a4d31428f6d326c927078e505e

HTTP Headers

GET /nlp/html/js/jquery.la.min.js HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:00 GMT
Content-Type: application/javascript
Content-Length: 632
Last-Modified: Fri, 04 Feb 2022 06:48:20 GMT
Connection: keep-alive
ETag: "61fccc34-278"
Expires: Sun, 27 Nov 2022 03:13:00 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes

www.go8ffs.com/nlp/html/js/shoucang.js

85.208.118.17

200 OK

5.4 kB

URL HTTP/1.1
www.go8ffs.com/nlp/html/js/shoucang.js
IP
85.208.118.17:0
ASN
#18978 ENZUINC

File type
HTML document, ISO-8859 text, with CRLF line terminators
Size
5.4 kB (5365 bytes)
Hash
f6c62d3a18f942ddf065e609d6ebfd20
d37794a201186252a39b04375a80311e11b1028c
9ad0ed616194a69f6604c0dea9c80f7e3097bec72d110189bb3627a6837569dd

HTTP Headers

GET /nlp/html/js/shoucang.js HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:00 GMT
Content-Type: application/javascript
Content-Length: 5365
Last-Modified: Mon, 09 Dec 2019 10:22:08 GMT
Connection: keep-alive
ETag: "5dee2050-14f5"
Expires: Sun, 27 Nov 2022 03:13:00 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes

www.zgbzh.com/statics/home/css/lig.css

45.122.136.226

200 OK

3.4 kB

URL HTTP/1.1
www.zgbzh.com/statics/home/css/lig.css
IP
45.122.136.226:0
ASN
#132742 Guochao Group limited

File type
Unicode text, UTF-8 text
Size
3.4 kB (3430 bytes)
Hash
e864ae531266407956fae0470917341a
e2547f43a3e915e8e8eaa389dca7c3513f8ce6fe
60714d5519521b5d674c02d4ef6b54adfcb128b79dfc1539ae927ff172f43a8e

HTTP Headers

GET /statics/home/css/lig.css HTTP/1.1
Host: www.zgbzh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.zgbzh.com/a/cn/page_12.html

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:13:00 GMT
Content-Type: text/css
Last-Modified: Mon, 14 Nov 2022 09:24:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63720937-3a67"
Expires: Sun, 27 Nov 2022 03:13:00 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

www.zgbzh.com/statics/home/css/cssreset.css

45.122.136.226

200 OK

1.3 kB

URL HTTP/1.1
www.zgbzh.com/statics/home/css/cssreset.css
IP
45.122.136.226:0
ASN
#132742 Guochao Group limited

File type
Unicode text, UTF-8 text
Size
1.3 kB (1285 bytes)
Hash
cab427459d50612f2e2bc079bd779483
349d695fad644b537e51565c82140526b66b38ec
f02f2f8a989050890b9e1d1dbf80e03abca00104ea52a482d2415b58a6ae370e

HTTP Headers

GET /statics/home/css/cssreset.css HTTP/1.1
Host: www.zgbzh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.zgbzh.com/statics/home/css/jwg.css

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:13:00 GMT
Content-Type: text/css
Last-Modified: Mon, 14 Nov 2022 09:24:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63720938-c66"
Expires: Sun, 27 Nov 2022 03:13:00 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

ocsp.globalsign.com/gsgccr3dvtlsca2020

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1414 bytes)
Hash
99ee12a9647cb620357454b8822518f6
e883686f093a5ac9847ffaebf87b708e9561613d
72128be1d1872f5264843ad67f74720f16378d67b9092994e3d94a850aea6ebd

HTTP Headers

POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 26 Nov 2022 15:13:01 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Wed, 30 Nov 2022 10:59:36 GMT
ETag: "e883686f093a5ac9847ffaebf87b708e9561613d"
Last-Modified: Sat, 26 Nov 2022 10:59:37 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2581
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770390cf9eb9b4f1-OSL

www.zgbzh.com/statics/home/js/zgk.js

45.122.136.226

200 OK

5.5 kB

URL HTTP/1.1
www.zgbzh.com/statics/home/js/zgk.js
IP
45.122.136.226:0
ASN
#132742 Guochao Group limited

File type
ASCII text, with very long lines (11620)
Size
5.5 kB (5478 bytes)
Hash
f15215f46f72f2800eec1f653540e75a
f9da45a1ee0a2376cf13d2d202b64d90047b96a3
fcc12ba167e213ad47404c57220de0020adf0d84615e99f7d1789fff10ab6a88

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /statics/home/js/zgk.js HTTP/1.1
Host: www.zgbzh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.zgbzh.com/a/cn/page_12.html

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:13:01 GMT
Content-Type: application/javascript
Last-Modified: Mon, 14 Nov 2022 09:24:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63720939-2e1f"
Expires: Sun, 27 Nov 2022 03:13:01 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip

www.go8ffs.com/nlp/html/images/mx4.jpg

85.208.118.17

200 OK

63 kB

URL HTTP/1.1
www.go8ffs.com/nlp/html/images/mx4.jpg
IP
85.208.118.17:0
ASN
#18978 ENZUINC

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1020x95, components 3\012- data
Size
63 kB (62760 bytes)
Hash
bd1ccf53feb63803f829f1196a0278e7
994b943cc52a5421defb8e2638e6dd2ca7fd83aa
c8a099ad4e7c20b9da973ae94f3e1f89126378cefe8e69d4f3a9303a653052e6

HTTP Headers

GET /nlp/html/images/mx4.jpg HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:01 GMT
Content-Type: image/jpeg
Content-Length: 62760
Last-Modified: Mon, 09 Dec 2019 10:22:08 GMT
Connection: keep-alive
ETag: "5dee2050-f528"
Expires: Mon, 26 Dec 2022 15:13:01 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes

hm.baidu.com/hm.js?f83ac9c714d97f9c5568c1ef26ca9c6b

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?f83ac9c714d97f9c5568c1ef26ca9c6b
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (621)
Size
11 kB (11259 bytes)
Hash
1c746ab90d527198243d3a6ffa12d119
a3a925b02bf2b0b0da6b301a0336d3b963c60e67
fa5ba1b1ba36d5aa6bf5a04c94f0d92c14d9a3e1bd480643d491108c50db1078

HTTP Headers

GET /hm.js?f83ac9c714d97f9c5568c1ef26ca9c6b HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.zgbzh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11259
Content-Type: application/javascript
Date: Sat, 26 Nov 2022 15:13:00 GMT
Etag: e9f330724a9f8cad5797489b29de00ac
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=E3D147C4444E4887; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.js?0b522056fa9ded0b7ae7beae7435129e

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?0b522056fa9ded0b7ae7beae7435129e
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (619)
Size
11 kB (11257 bytes)
Hash
fe006741614156d4d10deba983d83fd0
1b61ed75669725a5402699c420d02d05bf051fce
ce45f5c1ca20d1953c6b28d934cf2d1787f887e05aca1a4ed34aa28b1defd4ee

HTTP Headers

GET /hm.js?0b522056fa9ded0b7ae7beae7435129e HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.zgbzh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Sat, 26 Nov 2022 15:13:00 GMT
Etag: 09ad5b0a099a02f973cef81586c92dd3
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=A5C35A70278D946E; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

sdk.51.la/js-sdk-pro.min.js

47.253.50.2

200 OK

13 kB

URL HTTP/1.1
sdk.51.la/js-sdk-pro.min.js
IP
47.253.50.2:0
ASN
#45102 Alibaba US Technology Co., Ltd.

File type
Unicode text, UTF-8 text, with very long lines (34110)
Size
13 kB (12853 bytes)
Hash
29243483fe441404931c046d27be80a6
92a0c68b0169eff0addb8cc05a53f6e009d41d47
4865f22b0a68c6a0a6c2d3cbedb9a190ffbea105c4f1e2a5806172919456f3b1

HTTP Headers

GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: openresty
Date: Sat, 26 Nov 2022 15:13:01 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Fri, 15 Jul 2022 04:05:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"62d0e7a4-861a"
Cache-Control: max-age=1296000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip

www.go8ffs.com/nlp/html/images/ay1.gif

85.208.118.17

200 OK

168 kB

URL HTTP/1.1
www.go8ffs.com/nlp/html/images/ay1.gif
IP
85.208.118.17:0
ASN
#18978 ENZUINC

File type
GIF image data, version 89a, 1020 x 70\012- data
Size
168 kB (168357 bytes)
Hash
317efd40aea16414912ef7b3a796e8fb
001d7645d8f094607be78bb6cbae30b9554610ed
8be50c4d8951f8e27d1a914203b90dabfd4fc5f808c5731d8faf14d22fb6235d

HTTP Headers

GET /nlp/html/images/ay1.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:01 GMT
Content-Type: image/gif
Content-Length: 168357
Last-Modified: Mon, 12 Apr 2021 06:02:12 GMT
Connection: keep-alive
ETag: "6073e264-291a5"
Expires: Mon, 26 Dec 2022 15:13:01 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes

www.go8ffs.com/nlp/html/images/logo.png

85.208.118.17

200 OK

39 kB

URL HTTP/1.1
www.go8ffs.com/nlp/html/images/logo.png
IP
85.208.118.17:0
ASN
#18978 ENZUINC

File type
PNG image data, 320 x 88, 8-bit/color RGBA, non-interlaced\012- data
Size
39 kB (38610 bytes)
Hash
844a297f3e5a9f7c9637f3027fc353fe
8bf23977d6dedbd995e844af1b9e6323496987d8
b0b4f3f1bc192b70008213d53ee6603a4199e9cfc2f1637c6d3cb12c89970703

HTTP Headers

GET /nlp/html/images/logo.png HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:01 GMT
Content-Type: image/png
Content-Length: 38610
Last-Modified: Mon, 09 Dec 2019 10:22:08 GMT
Connection: keep-alive
ETag: "5dee2050-96d2"
Expires: Mon, 26 Dec 2022 15:13:01 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes

www.go8ffs.com/nlp/html/images/tycjt1.gif

85.208.118.17

200 OK

204 kB

URL HTTP/1.1
www.go8ffs.com/nlp/html/images/tycjt1.gif
IP
85.208.118.17:0
ASN
#18978 ENZUINC

File type
GIF image data, version 89a, 1020 x 70\012- data
Size
204 kB (203635 bytes)
Hash
de83368a21ce4654207a1441cbb451f7
463fb19a4acdbc6488a53ddf4d5462537474c0cf
0ab902da706f52e2a68fe955edef879f196cd045c95be9155c54867ed013c777

HTTP Headers

GET /nlp/html/images/tycjt1.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:01 GMT
Content-Type: image/gif
Content-Length: 203635
Last-Modified: Mon, 07 Mar 2022 11:42:46 GMT
Connection: keep-alive
ETag: "6225efb6-31b73"
Expires: Mon, 26 Dec 2022 15:13:01 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes

www.zgbzh.com/statics/home/images/logo.png

45.122.136.226

200 OK

15 kB

URL HTTP/1.1
www.zgbzh.com/statics/home/images/logo.png
IP
45.122.136.226:0
ASN
#132742 Guochao Group limited

File type
PNG image data, 450 x 60, 8-bit/color RGBA, non-interlaced\012- data
Size
15 kB (14709 bytes)
Hash
7af9ba8d239571d3caebdc4094a8a06b
3c151a4bc5565c53d50982e02ecb83e8cf65b765
80beb2df8c9c07ca1316dddd0fdf6ba56bb6a692d3188c6322c3eced3f6b098a

HTTP Headers

GET /statics/home/images/logo.png HTTP/1.1
Host: www.zgbzh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.zgbzh.com/a/cn/page_12.html

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:13:01 GMT
Content-Type: image/png
Content-Length: 14709
Last-Modified: Mon, 14 Nov 2022 09:24:10 GMT
Connection: keep-alive
ETag: "6372093a-3975"
Expires: Mon, 26 Dec 2022 15:13:01 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

www.go8ffs.com/nlp/html/images/bob1.gif

85.208.118.17

200 OK

356 kB

URL HTTP/1.1
www.go8ffs.com/nlp/html/images/bob1.gif
IP
85.208.118.17:0
ASN
#18978 ENZUINC

File type
GIF image data, version 89a, 1020 x 85\012- data
Size
356 kB (355798 bytes)
Hash
7efc6c4cf3550462ea743cf108b64750
8f327ebea4bcc4868966878f3c903a05cd904c96
5d273c3267385f2d96283e7ba2c696af3ff61622ebe701aba1d4ba8bf64fb027

HTTP Headers

GET /nlp/html/images/bob1.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:01 GMT
Content-Type: image/gif
Content-Length: 355798
Last-Modified: Wed, 29 Apr 2020 06:08:26 GMT
Connection: keep-alive
ETag: "5ea919da-56dd6"
Expires: Mon, 26 Dec 2022 15:13:01 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes

www.zgbzh.com/statics/home/images/img-02.png

45.122.136.226

200 OK

1.3 kB

URL HTTP/1.1
www.zgbzh.com/statics/home/images/img-02.png
IP
45.122.136.226:0
ASN
#132742 Guochao Group limited

File type
PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced\012- data
Size
1.3 kB (1269 bytes)
Hash
4990b1ed9102a99dd6f4de9282d4d06c
1c7216efbaa4475921dede8aa3812a7bf84a2e67
6eb55f1e0074cfe56fb6ef031a4376f1e30ee7a2227070a24e49760d19979cc7

HTTP Headers

GET /statics/home/images/img-02.png HTTP/1.1
Host: www.zgbzh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.zgbzh.com/statics/home/css/lig.css

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:13:01 GMT
Content-Type: image/png
Content-Length: 1269
Last-Modified: Wed, 16 Nov 2022 03:01:06 GMT
Connection: keep-alive
ETag: "63745272-4f5"
Expires: Mon, 26 Dec 2022 15:13:01 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

www.go8ffs.com/nlp/html/images/jinsha1.gif

85.208.118.17

200 OK

275 kB

URL HTTP/1.1
www.go8ffs.com/nlp/html/images/jinsha1.gif
IP
85.208.118.17:0
ASN
#18978 ENZUINC

File type
GIF image data, version 89a, 1020 x 70\012- data
Size
275 kB (275240 bytes)
Hash
8d78b68fbe5b6212d7975c89ac1bfe0e
d3124003c22985891964e6881f59cc8f4a97d8e4
ebcc12f6f8b6ad20d0712823d8750bd877598ed948da5cb4eaaba5a30bfb49e0

HTTP Headers

GET /nlp/html/images/jinsha1.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:01 GMT
Content-Type: image/gif
Content-Length: 275240
Last-Modified: Wed, 29 Apr 2020 06:08:28 GMT
Connection: keep-alive
ETag: "5ea919dc-43328"
Expires: Mon, 26 Dec 2022 15:13:01 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes

www.go8ffs.com/nlp/html/images/yabo1.gif

85.208.118.17

200 OK

301 kB

URL HTTP/1.1
www.go8ffs.com/nlp/html/images/yabo1.gif
IP
85.208.118.17:0
ASN
#18978 ENZUINC

File type
GIF image data, version 89a, 1000 x 100\012- data
Size
301 kB (301227 bytes)
Hash
7c1f1fba6fdcd0d5fbd43be8c89f940b
8d22c2d441aa5cf8bd6366205b56a83eb6677e5e
81bc5064ee4a6f424b83a9b7255f7270aaecde4d7392d1dee828be768aa62346

HTTP Headers

GET /nlp/html/images/yabo1.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:01 GMT
Content-Type: image/gif
Content-Length: 301227
Last-Modified: Mon, 03 Jan 2022 07:20:30 GMT
Connection: keep-alive
ETag: "61d2a3be-498ab"
Expires: Mon, 26 Dec 2022 15:13:01 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes

www.go8ffs.com/nlp/html/images/bob66.png

85.208.118.17

200 OK

12 kB

URL HTTP/1.1
www.go8ffs.com/nlp/html/images/bob66.png
IP
85.208.118.17:0
ASN
#18978 ENZUINC

File type
PNG image data, 422 x 144, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (11733 bytes)
Hash
703f8c6c46b4d39096ccadde4cc98d02
c8a612d808834494b29f2b55be058d8cab43264e
80582d7d90fba4c39e14b49e0159c722fe937d807aad524a946ac336e7631598

HTTP Headers

GET /nlp/html/images/bob66.png HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:01 GMT
Content-Type: image/png
Content-Length: 11733
Last-Modified: Fri, 27 Dec 2019 09:14:24 GMT
Connection: keep-alive
ETag: "5e05cb70-2dd5"
Expires: Mon, 26 Dec 2022 15:13:01 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=711861040&si=f83ac9c714d97f9c5568c1ef26ca9c6b&v=1.3.0&lv=1&sn=36992&r=0&ww=1280&u=http%3A%2F%2Fwww.zgbzh.com%2Fa%2Fcn%2Fpage_12.html&tt=%E7%88%B1%E6%B8%B8%E6%88%8F%E7%94%B5%E7%AB%9E%E6%B3%A8%E5%86%8C-%E7%88%B1%E6%B8%B8%E6%88%8F%E7%94%B5%E7%AB%9E%E6%B3%A8%E5%86%8C

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=711861040&si=f83ac9c714d97f9c5568c1ef26ca9c6b&v=1.3.0&lv=1&sn=36992&r=0&ww=1280&u=http%3A%2F%2Fwww.zgbzh.com%2Fa%2Fcn%2Fpage_12.html&tt=%E7%88%B1%E6%B8%B8%E6%88%8F%E7%94%B5%E7%AB%9E%E6%B3%A8%E5%86%8C-%E7%88%B1%E6%B8%B8%E6%88%8F%E7%94%B5%E7%AB%9E%E6%B3%A8%E5%86%8C
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=711861040&si=f83ac9c714d97f9c5568c1ef26ca9c6b&v=1.3.0&lv=1&sn=36992&r=0&ww=1280&u=http%3A%2F%2Fwww.zgbzh.com%2Fa%2Fcn%2Fpage_12.html&tt=%E7%88%B1%E6%B8%B8%E6%88%8F%E7%94%B5%E7%AB%9E%E6%B3%A8%E5%86%8C-%E7%88%B1%E6%B8%B8%E6%88%8F%E7%94%B5%E7%AB%9E%E6%B3%A8%E5%86%8C HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.zgbzh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 26 Nov 2022 15:13:01 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=4107A2EABCD2F696; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=500735913&si=0b522056fa9ded0b7ae7beae7435129e&v=1.3.0&lv=1&sn=36992&r=0&ww=1280&u=http%3A%2F%2Fwww.zgbzh.com%2Fa%2Fcn%2Fpage_12.html&tt=%E7%88%B1%E6%B8%B8%E6%88%8F%E7%94%B5%E7%AB%9E%E6%B3%A8%E5%86%8C-%E7%88%B1%E6%B8%B8%E6%88%8F%E7%94%B5%E7%AB%9E%E6%B3%A8%E5%86%8C

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=500735913&si=0b522056fa9ded0b7ae7beae7435129e&v=1.3.0&lv=1&sn=36992&r=0&ww=1280&u=http%3A%2F%2Fwww.zgbzh.com%2Fa%2Fcn%2Fpage_12.html&tt=%E7%88%B1%E6%B8%B8%E6%88%8F%E7%94%B5%E7%AB%9E%E6%B3%A8%E5%86%8C-%E7%88%B1%E6%B8%B8%E6%88%8F%E7%94%B5%E7%AB%9E%E6%B3%A8%E5%86%8C
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=500735913&si=0b522056fa9ded0b7ae7beae7435129e&v=1.3.0&lv=1&sn=36992&r=0&ww=1280&u=http%3A%2F%2Fwww.zgbzh.com%2Fa%2Fcn%2Fpage_12.html&tt=%E7%88%B1%E6%B8%B8%E6%88%8F%E7%94%B5%E7%AB%9E%E6%B3%A8%E5%86%8C-%E7%88%B1%E6%B8%B8%E6%88%8F%E7%94%B5%E7%AB%9E%E6%B3%A8%E5%86%8C HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.zgbzh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 26 Nov 2022 15:13:01 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=39936822F68AA74A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

www.go8ffs.com/nlp/html/images/315tyc0.gif

85.208.118.17

200 OK

204 kB

URL HTTP/1.1
www.go8ffs.com/nlp/html/images/315tyc0.gif
IP
85.208.118.17:0
ASN
#18978 ENZUINC

File type
GIF image data, version 89a, 1020 x 255\012- data
Size
204 kB (203489 bytes)
Hash
b7094080de97390fd0e9f07806e7bf93
42f37766367a3b86a7aa0239506c0434aa15b06e
e47ea417f49f65c9a2fde6f4701f06fae16985e28231cb63ceebbaea1ac27753

HTTP Headers

GET /nlp/html/images/315tyc0.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:01 GMT
Content-Type: image/gif
Content-Length: 203489
Last-Modified: Wed, 29 Apr 2020 13:15:20 GMT
Connection: keep-alive
ETag: "5ea97de8-31ae1"
Expires: Mon, 26 Dec 2022 15:13:01 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes

www.go8ffs.com/nlp/html/images/obm.gif

85.208.118.17

200 OK

38 kB

URL HTTP/1.1
www.go8ffs.com/nlp/html/images/obm.gif
IP
85.208.118.17:0
ASN
#18978 ENZUINC

File type
GIF image data, version 89a, 335 x 185\012- data
Size
38 kB (37915 bytes)
Hash
22542b9bd33c17660ce0985855e29e10
3f11eb910f1d94448cee830f92f6fa7dbca91cae
31abc2e6290e1c372052b085dc670c4a9cac8d02bcdeb72629181f5d20bd5ea8

HTTP Headers

GET /nlp/html/images/obm.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:01 GMT
Content-Type: image/gif
Content-Length: 37915
Last-Modified: Wed, 07 Apr 2021 07:58:54 GMT
Connection: keep-alive
ETag: "606d663e-941b"
Expires: Mon, 26 Dec 2022 15:13:01 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes

www.go8ffs.com/nlp/html/images/hhm.gif

85.208.118.17

200 OK

37 kB

URL HTTP/1.1
www.go8ffs.com/nlp/html/images/hhm.gif
IP
85.208.118.17:0
ASN
#18978 ENZUINC

File type
GIF image data, version 89a, 335 x 185\012- data
Size
37 kB (36844 bytes)
Hash
52011f0bb09cc250d2aa15226567bb99
aa620b7dfbd788949df290034711908a61e1a8fa
a72e274028f4e4c98aa582cfb8add8e461870ead3096c7c2473243f5fcbc33ef

HTTP Headers

GET /nlp/html/images/hhm.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:01 GMT
Content-Type: image/gif
Content-Length: 36844
Last-Modified: Wed, 14 Apr 2021 08:11:28 GMT
Connection: keep-alive
ETag: "6076a3b0-8fec"
Expires: Mon, 26 Dec 2022 15:13:01 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes

www.go8ffs.com/nlp/html/images/ob66.png

85.208.118.17

200 OK

9.9 kB

URL HTTP/1.1
www.go8ffs.com/nlp/html/images/ob66.png
IP
85.208.118.17:0
ASN
#18978 ENZUINC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, progressive, precision 8, 420x145, components 3\012- data
Size
9.9 kB (9907 bytes)
Hash
689ffa11f2db4397d03dc5e9057e3d6b
0ca16ec3b71d00035300ea8ae67245cbd3ac543c
23ac9f1510913bb7e73765bb9114b7578eed8a5160431bfc14f13e7217859a7c

HTTP Headers

GET /nlp/html/images/ob66.png HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:01 GMT
Content-Type: image/png
Content-Length: 9907
Last-Modified: Thu, 01 Jul 2021 00:04:06 GMT
Connection: keep-alive
ETag: "60dd0676-26b3"
Expires: Mon, 26 Dec 2022 15:13:01 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes

www.go8ffs.com/nlp/html/images/hh66.png

85.208.118.17

200 OK

43 kB

URL HTTP/1.1
www.go8ffs.com/nlp/html/images/hh66.png
IP
85.208.118.17:0
ASN
#18978 ENZUINC

File type
PNG image data, 420 x 145, 8-bit/color RGB, non-interlaced\012- data
Size
43 kB (43080 bytes)
Hash
8bc94f16a216b9e02115c527636a02ec
77bfe082f63c01466de75a6e0161935012dfa116
df03cc76624df9d7da60edc249938f16142f190a94f3364d316731f541ec70f4

HTTP Headers

GET /nlp/html/images/hh66.png HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:01 GMT
Content-Type: image/png
Content-Length: 43080
Last-Modified: Sun, 18 Apr 2021 19:33:52 GMT
Connection: keep-alive
ETag: "607c89a0-a848"
Expires: Mon, 26 Dec 2022 15:13:01 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes

www.go8ffs.com/nlp/html/images/ay66.png

85.208.118.17

200 OK

41 kB

URL HTTP/1.1
www.go8ffs.com/nlp/html/images/ay66.png
IP
85.208.118.17:0
ASN
#18978 ENZUINC

File type
PNG image data, 420 x 145, 8-bit/color RGB, non-interlaced\012- data
Size
41 kB (41212 bytes)
Hash
99b44476f8fb3d824b7a1fa0db227f90
d38fdc047da93bfc9209a1efbe136ff297aec628
8f444c7f43d06f36f3590e70fdc8d86814d3b65bc99399aeef4d190a257bba2d

HTTP Headers

GET /nlp/html/images/ay66.png HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:02 GMT
Content-Type: image/png
Content-Length: 41212
Last-Modified: Sun, 18 Apr 2021 19:34:40 GMT
Connection: keep-alive
ETag: "607c89d0-a0fc"
Expires: Mon, 26 Dec 2022 15:13:02 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes

www.go8ffs.com/nlp/html/images/aym.gif

85.208.118.17

200 OK

172 kB

URL HTTP/1.1
www.go8ffs.com/nlp/html/images/aym.gif
IP
85.208.118.17:0
ASN
#18978 ENZUINC

File type
GIF image data, version 89a, 335 x 185\012- data
Size
172 kB (172480 bytes)
Hash
5136f9dcd7f4b24a29c2b113af42d96a
46a61b970169a7e8fd5fb32dffd74c2ff0a10c46
d5a00a63e2c3c344fd3e8aca43e5f3107cd627863fa47f2e2485afb2b217193b

HTTP Headers

GET /nlp/html/images/aym.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:02 GMT
Content-Type: image/gif
Content-Length: 172480
Last-Modified: Mon, 12 Apr 2021 04:58:08 GMT
Connection: keep-alive
ETag: "6073d360-2a1c0"
Expires: Mon, 26 Dec 2022 15:13:02 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes

www.go8ffs.com/nlp/html/images/bobm.gif

85.208.118.17

200 OK

336 kB

URL HTTP/1.1
www.go8ffs.com/nlp/html/images/bobm.gif
IP
85.208.118.17:0
ASN
#18978 ENZUINC

File type
GIF image data, version 89a, 335 x 185\012- data
Size
336 kB (335675 bytes)
Hash
35c68e7c242d17d7ada7e8109ad24f0a
27df36ff7dd2b17fee70cee1fd988c69a12cf27e
6082c920c9a036667c67b32eb2414bbb31b4a0fb70b10ebacb9cfb4001065e27

HTTP Headers

GET /nlp/html/images/bobm.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:01 GMT
Content-Type: image/gif
Content-Length: 335675
Last-Modified: Wed, 29 Apr 2020 06:08:26 GMT
Connection: keep-alive
ETag: "5ea919da-51f3b"
Expires: Mon, 26 Dec 2022 15:13:01 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes

www.go8ffs.com/nlp/html/images/yabo66.png

85.208.118.17

200 OK

16 kB

URL HTTP/1.1
www.go8ffs.com/nlp/html/images/yabo66.png
IP
85.208.118.17:0
ASN
#18978 ENZUINC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 420x145, components 3\012- data
Size
16 kB (16271 bytes)
Hash
d9f881dc84bfd7b67edcc941cd79faaf
87ac18b68e41fded80f28fdca2810784af167432
85e0a7b088a01d5f537e34dc76236c968a81b1b627f866b56e3cd3b5731d60e3

HTTP Headers

GET /nlp/html/images/yabo66.png HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:02 GMT
Content-Type: image/png
Content-Length: 16271
Last-Modified: Fri, 30 Oct 2020 06:23:22 GMT
Connection: keep-alive
ETag: "5f9bb15a-3f8f"
Expires: Mon, 26 Dec 2022 15:13:02 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes

www.go8ffs.com/nlp/html/images/tbm.gif

85.208.118.17

200 OK

48 kB

URL HTTP/1.1
www.go8ffs.com/nlp/html/images/tbm.gif
IP
85.208.118.17:0
ASN
#18978 ENZUINC

File type
GIF image data, version 89a, 335 x 185\012- data
Size
48 kB (48121 bytes)
Hash
92b0b93b348a401f5f9c48b569b0023c
cd4c74bc891825920c2d3a1c3b83dee403bb331b
96582f2b81a10bd6a52bab63b8cd5350b499a94e5de7e0e7789a6b73ce4aab54

HTTP Headers

GET /nlp/html/images/tbm.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:02 GMT
Content-Type: image/gif
Content-Length: 48121
Last-Modified: Sun, 09 Aug 2020 17:27:08 GMT
Connection: keep-alive
ETag: "5f3031ec-bbf9"
Expires: Mon, 26 Dec 2022 15:13:02 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes

www.go8ffs.com/nlp/html/images/tb66.png

85.208.118.17

200 OK

13 kB

URL HTTP/1.1
www.go8ffs.com/nlp/html/images/tb66.png
IP
85.208.118.17:0
ASN
#18978 ENZUINC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 420x145, components 3\012- data
Size
13 kB (13335 bytes)
Hash
389de8b12a7dc9d1bb8182a7b82f40ef
cbf940a9e524facb25b9295bfa42a9ab1d7f722d
458df63c82dba79d21a0b371a8a922973bef1e498309142451ae018da3b314b1

HTTP Headers

GET /nlp/html/images/tb66.png HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:02 GMT
Content-Type: image/png
Content-Length: 13335
Last-Modified: Fri, 30 Oct 2020 06:23:32 GMT
Connection: keep-alive
ETag: "5f9bb164-3417"
Expires: Mon, 26 Dec 2022 15:13:02 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes

www.go8ffs.com/nlp/html/images/yl1.gif

85.208.118.17

200 OK

93 kB

URL HTTP/1.1
www.go8ffs.com/nlp/html/images/yl1.gif
IP
85.208.118.17:0
ASN
#18978 ENZUINC

File type
GIF image data, version 89a, 1020 x 85\012- data
Size
93 kB (92802 bytes)
Hash
ec8ac7a8dd9610b594e21a63b42efec6
cf0aa061e01a5f1276e66ef291a44ae5c3e7aa06
601d48923ede2ba20e3d03c9ec7e4cf7195b735924c5b653d1b735bf3f62332a

HTTP Headers

GET /nlp/html/images/yl1.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:02 GMT
Content-Type: image/gif
Content-Length: 92802
Last-Modified: Sat, 06 Mar 2021 10:55:06 GMT
Connection: keep-alive
ETag: "60435f8a-16a82"
Expires: Mon, 26 Dec 2022 15:13:02 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes

www.go8ffs.com/nlp/html/images/hh1.gif

85.208.118.17

200 OK

40 kB

URL HTTP/1.1
www.go8ffs.com/nlp/html/images/hh1.gif
IP
85.208.118.17:0
ASN
#18978 ENZUINC

File type
GIF image data, version 89a, 1020 x 70\012- data
Size
40 kB (39682 bytes)
Hash
af1846692b1b7bebd5d62e845ce0c720
071c6d464fa016880952bac08853aabdab1ae6e2
e9f87192d6170241bed520bb3313426b696640933264e8289b217fdd0140b239

HTTP Headers

GET /nlp/html/images/hh1.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:02 GMT
Content-Type: image/gif
Content-Length: 39682
Last-Modified: Wed, 14 Apr 2021 08:16:54 GMT
Connection: keep-alive
ETag: "6076a4f6-9b02"
Expires: Mon, 26 Dec 2022 15:13:02 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes

www.go8ffs.com/nlp/html/images/yabodjm.gif

85.208.118.17

200 OK

483 kB

URL HTTP/1.1
www.go8ffs.com/nlp/html/images/yabodjm.gif
IP
85.208.118.17:0
ASN
#18978 ENZUINC

File type
GIF image data, version 89a, 335 x 185\012- data
Size
483 kB (482963 bytes)
Hash
19a770d267abbae92fd758fdb6e26023
d46954faf3bc3a56f09786a0d4f48dec35b87754
5e869ce1bc6348282f0af4ce5c3cb4664064941eec483a4f61b5a162f8fb7bc9

HTTP Headers

GET /nlp/html/images/yabodjm.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:02 GMT
Content-Type: image/gif
Content-Length: 482963
Last-Modified: Wed, 29 Apr 2020 06:08:34 GMT
Connection: keep-alive
ETag: "5ea919e2-75e93"
Expires: Mon, 26 Dec 2022 15:13:02 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes

www.go8ffs.com/nlp/html/images/ob1.gif

85.208.118.17

200 OK

45 kB

URL HTTP/1.1
www.go8ffs.com/nlp/html/images/ob1.gif
IP
85.208.118.17:0
ASN
#18978 ENZUINC

File type
GIF image data, version 89a, 1020 x 70\012- data
Size
45 kB (45445 bytes)
Hash
dad1fdc00b084a1e29440eb5f56b7fd2
6b1cb925aea096b480b4368ab49424f6c6832290
84324dbd4cf418b502c9a494fd28bfe0af8802b62d12144ee2a9123717bec103

HTTP Headers

GET /nlp/html/images/ob1.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:02 GMT
Content-Type: image/gif
Content-Length: 45445
Last-Modified: Wed, 07 Apr 2021 07:59:08 GMT
Connection: keep-alive
ETag: "606d664c-b185"
Expires: Mon, 26 Dec 2022 15:13:02 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes

www.go8ffs.com/nlp/html/images/kok1.gif

85.208.118.17

200 OK

293 kB

URL HTTP/1.1
www.go8ffs.com/nlp/html/images/kok1.gif
IP
85.208.118.17:0
ASN
#18978 ENZUINC

File type
GIF image data, version 89a, 1020 x 85\012- data
Size
293 kB (293334 bytes)
Hash
008af843b07e36d190fd9c13208b1198
571e18d2093dd1ff506e3499b28ad393f5357368
74cb82dbd82af41d5896646b3f848a6667b2883696b29481443dda9ac4192dea

HTTP Headers

GET /nlp/html/images/kok1.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:02 GMT
Content-Type: image/gif
Content-Length: 293334
Last-Modified: Mon, 04 Jan 2021 08:36:36 GMT
Connection: keep-alive
ETag: "5ff2d394-479d6"
Expires: Mon, 26 Dec 2022 15:13:02 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes

www.go8ffs.com/nlp/html/images/tb1.gif

85.208.118.17

200 OK

32 kB

URL HTTP/1.1
www.go8ffs.com/nlp/html/images/tb1.gif
IP
85.208.118.17:0
ASN
#18978 ENZUINC

File type
GIF image data, version 89a, 1020 x 85\012- data
Size
32 kB (31794 bytes)
Hash
fb7303495a9f7cae06d46cd737e3f515
c7d432541253742026a855e2a8e22586e36e08c5
4b2465709e6dfd8f34129c78819c14e9aa4a35a2d152d7d28d3055ea41195cac

HTTP Headers

GET /nlp/html/images/tb1.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:02 GMT
Content-Type: image/gif
Content-Length: 31794
Last-Modified: Sun, 09 Aug 2020 17:27:08 GMT
Connection: keep-alive
ETag: "5f3031ec-7c32"
Expires: Mon, 26 Dec 2022 15:13:02 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes

www.go8ffs.com/nlp/html/images/315tyc1.gif

85.208.118.17

200 OK

272 kB

URL HTTP/1.1
www.go8ffs.com/nlp/html/images/315tyc1.gif
IP
85.208.118.17:0
ASN
#18978 ENZUINC

File type
GIF image data, version 89a, 1020 x 85\012- data
Size
272 kB (272091 bytes)
Hash
aca01c6c4d59c00a25aa9133e80b398a
819d373db065f988f66d1d7ed1805668efc94838
5a09a0bd37d494fb3c825f0e253c3ade27859e5cadb6f2eaca5278bcd929c68d

HTTP Headers

GET /nlp/html/images/315tyc1.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:02 GMT
Content-Type: image/gif
Content-Length: 272091
Last-Modified: Sat, 06 Mar 2021 10:44:44 GMT
Connection: keep-alive
ETag: "60435d1c-426db"
Expires: Mon, 26 Dec 2022 15:13:02 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes

www.go8ffs.com/nlp/html/images/fimg.jpg

85.208.118.17

200 OK

57 kB

URL HTTP/1.1
www.go8ffs.com/nlp/html/images/fimg.jpg
IP
85.208.118.17:0
ASN
#18978 ENZUINC

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1020x80, components 3\012- data
Size
57 kB (57429 bytes)
Hash
d7482bc54b977407ba2a5599a0e5adb3
ed8da2d34e50c8bf733f5d13968f7164f32744b9
b677661b107682a2c4c381a13550bcdcf86f2a8d04f14febd7188deba8c0b252

HTTP Headers

GET /nlp/html/images/fimg.jpg HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/html/css/global.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:02 GMT
Content-Type: image/jpeg
Content-Length: 57429
Last-Modified: Mon, 09 Dec 2019 10:22:08 GMT
Connection: keep-alive
ETag: "5dee2050-e055"
Expires: Mon, 26 Dec 2022 15:13:02 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes

www.go8ffs.com/nlp/html/images/footer.jpg

85.208.118.17

200 OK

22 kB

URL HTTP/1.1
www.go8ffs.com/nlp/html/images/footer.jpg
IP
85.208.118.17:0
ASN
#18978 ENZUINC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4], baseline, precision 8, 501x114, components 3\012- data
Size
22 kB (22342 bytes)
Hash
1b226fdfac594e7b8473f48ddfa969f2
e7b4c743bfbf85c34624352d16ef06d9e60cd539
f48c85bed24a188afdefef08c681618b663778195972782cf6e72dda06b0ba6c

HTTP Headers

GET /nlp/html/images/footer.jpg HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:02 GMT
Content-Type: image/jpeg
Content-Length: 22342
Last-Modified: Mon, 30 Dec 2019 06:33:46 GMT
Connection: keep-alive
ETag: "5e099a4a-5746"
Expires: Mon, 26 Dec 2022 15:13:02 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes

www.go8ffs.com/nlp/html/images/bet3651.gif

85.208.118.17

200 OK

219 kB

URL HTTP/1.1
www.go8ffs.com/nlp/html/images/bet3651.gif
IP
85.208.118.17:0
ASN
#18978 ENZUINC

File type
GIF image data, version 89a, 1020 x 70\012- data
Size
219 kB (218843 bytes)
Hash
c7780b56e5417ac5ae107ceeed79ec0b
7753cf45bb4a204dc40ba71e5aa04263e0ee1275
e4063ed845265a33c28cf4d756ba16bb03bfb86508a6993eff3d1c481e2f45ca

HTTP Headers

GET /nlp/html/images/bet3651.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:02 GMT
Content-Type: image/gif
Content-Length: 218843
Last-Modified: Wed, 29 Apr 2020 06:08:24 GMT
Connection: keep-alive
ETag: "5ea919d8-356db"
Expires: Mon, 26 Dec 2022 15:13:02 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes

www.go8ffs.com/nlp/html/images/img99.jpg

85.208.118.17

200 OK

4.7 kB

URL HTTP/1.1
www.go8ffs.com/nlp/html/images/img99.jpg
IP
85.208.118.17:0
ASN
#18978 ENZUINC

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 160x73, components 3\012- data
Size
4.7 kB (4709 bytes)
Hash
6c48d1b9433e82ae9454632a06f5cbf5
21914adfc8da2aa3c21fa9a787d761df06639b46
57e21b4e617ed4b771fd7d0dd011af8ed8c6331c8f91ec826e070ad0cf839752

HTTP Headers

GET /nlp/html/images/img99.jpg HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:02 GMT
Content-Type: image/jpeg
Content-Length: 4709
Last-Modified: Mon, 09 Dec 2019 10:22:08 GMT
Connection: keep-alive
ETag: "5dee2050-1265"
Expires: Mon, 26 Dec 2022 15:13:02 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes

www.go8ffs.com/nlp/html/images/img88.jpg

85.208.118.17

200 OK

7.6 kB

URL HTTP/1.1
www.go8ffs.com/nlp/html/images/img88.jpg
IP
85.208.118.17:0
ASN
#18978 ENZUINC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 357x35, components 3\012- data
Size
7.6 kB (7602 bytes)
Hash
ca6f9c9ef342dbbed0778a0bee1c906f
a90e8cee96fd6293e68e6fd06f8e832d04f04fbe
f69070142d07a750add0c593bc699646b3f4dec6d85d4f88ac6d969ee916158c

HTTP Headers

GET /nlp/html/images/img88.jpg HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:02 GMT
Content-Type: image/jpeg
Content-Length: 7602
Last-Modified: Mon, 09 Dec 2019 10:22:08 GMT
Connection: keep-alive
ETag: "5dee2050-1db2"
Expires: Mon, 26 Dec 2022 15:13:02 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes

www.go8ffs.com/nlp/html/images/yabo88.gif

85.208.118.17

200 OK

117 kB

URL HTTP/1.1
www.go8ffs.com/nlp/html/images/yabo88.gif
IP
85.208.118.17:0
ASN
#18978 ENZUINC

File type
GIF image data, version 89a, 128 x 526\012- data
Size
117 kB (117075 bytes)
Hash
7ead899c7a9e0cab9f4878b7e7ccecda
c04e01ea153c040ec0fa2b53b59391195f6c5866
36889b58d9d6f13e51ccc0f396035860a5cd04d1a179ccf91db7fbb9f3801962

HTTP Headers

GET /nlp/html/images/yabo88.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:02 GMT
Content-Type: image/gif
Content-Length: 117075
Last-Modified: Tue, 04 May 2021 05:02:06 GMT
Connection: keep-alive
ETag: "6090d54e-1c953"
Expires: Mon, 26 Dec 2022 15:13:02 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes

www.go8ffs.com/nlp/html/images/yabo99.gif

85.208.118.17

200 OK

120 kB

URL HTTP/1.1
www.go8ffs.com/nlp/html/images/yabo99.gif
IP
85.208.118.17:0
ASN
#18978 ENZUINC

File type
GIF image data, version 89a, 128 x 526\012- data
Size
120 kB (119975 bytes)
Hash
6939088f0c4dc000a363afa06a6e2ae9
ccb5ae50ee46b53903b1d876966cca067060566b
e18171a811e9db037dffcda1b45a081e0a603f24f08cc2abdf11add55d6bbe12

HTTP Headers

GET /nlp/html/images/yabo99.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:02 GMT
Content-Type: image/gif
Content-Length: 119975
Last-Modified: Tue, 04 May 2021 05:14:56 GMT
Connection: keep-alive
ETag: "6090d850-1d4a7"
Expires: Mon, 26 Dec 2022 15:13:02 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes

collect-v6.51.la/v6/collect?dt=4

103.143.19.103

200

0 B

URL HTTP/1.1
collect-v6.51.la/v6/collect?dt=4
IP
103.143.19.103:0
ASN
#4837 CHINA UNICOM China169 Backbone

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 268
Origin: https://www.go8ffs.com
Connection: keep-alive
Referer: https://www.go8ffs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 
Server: CloudWAF
Date: Sat, 26 Nov 2022 15:13:02 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=82e231511a76bb74d89; path=/
HWWAFSESTIME=1669475582460; path=/
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: https://www.go8ffs.com
Access-Control-Allow-Credentials: true

www.zgbzh.com/favicon.ico

45.122.136.226

200 OK

4.3 kB

URL HTTP/1.1
www.zgbzh.com/favicon.ico
IP
45.122.136.226:0
ASN
#132742 Guochao Group limited

File type
MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Size
4.3 kB (4286 bytes)
Hash
844b4fa1c92156fc476e8d112d9efa2e
93f914912819452bc7ba9052e416bfc4a0d169eb
d6c190500a6523876ecadbb09dc045899f1e8e95639c50f842ebe9124d7cf4e4

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.zgbzh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.zgbzh.com/a/cn/page_12.html
Cookie: Hm_lvt_f83ac9c714d97f9c5568c1ef26ca9c6b=1669475582; Hm_lpvt_f83ac9c714d97f9c5568c1ef26ca9c6b=1669475582; Hm_lvt_0b522056fa9ded0b7ae7beae7435129e=1669475582; Hm_lpvt_0b522056fa9ded0b7ae7beae7435129e=1669475582

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:13:03 GMT
Content-Type: image/x-icon
Content-Length: 4286
Last-Modified: Mon, 14 Nov 2022 05:13:08 GMT
Connection: keep-alive
ETag: "6371ce64-10be"
Accept-Ranges: bytes

www.zgbzh.com/

45.122.136.226

200 OK

7.9 kB

URL HTTP/1.1
www.zgbzh.com/
IP
45.122.136.226:0
ASN
#132742 Guochao Group limited

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (325), with CRLF, LF line terminators
Size
7.9 kB (7892 bytes)
Hash
3ff85991b72dc1202d111b85418020aa
819b87be8f4f8b4df819a907138e12f584b5379f
de6eb3a1248c7d6c395c234157c46c6f6469392dacce26c904e61b1c8b968315

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: www.zgbzh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: Hm_lvt_f83ac9c714d97f9c5568c1ef26ca9c6b=1669475582; Hm_lpvt_f83ac9c714d97f9c5568c1ef26ca9c6b=1669475582; Hm_lvt_0b522056fa9ded0b7ae7beae7435129e=1669475582; Hm_lpvt_0b522056fa9ded0b7ae7beae7435129e=1669475582
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:13:05 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 18 Nov 2022 11:29:55 GMT
ETag: W/"636eaae9-2a0c"
Content-Encoding: gzip

www.go8ffs.com/nlp/index.php

85.208.118.17

200 OK

2.0 kB

URL HTTP/1.1
www.go8ffs.com/nlp/index.php
IP
85.208.118.17:0
ASN
#18978 ENZUINC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text
Size
2.0 kB (2024 bytes)
Hash
4f6234cab31018ff9234029a143870d1
1d5c1b8b5e1b8c7d105750072908854845912cfb
f86e79722c847f9b234bc471203ed1731061b4a8c3a407287c28c0d87abb00e7

HTTP Headers

GET /nlp/index.php HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.zgbzh.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 26 Nov 2022 15:13:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.40
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Content-Encoding: gzip

hm.baidu.com/hm.gif?hca=A5C35A70278D946E&cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&ep=4599%2C4598&et=3&ja=0&ln=en-us&lo=0&rnd=167513381&si=0b522056fa9ded0b7ae7beae7435129e&v=1.3.0&lv=1&sn=36992&r=0&ww=1280&u=http%3A%2F%2Fwww.zgbzh.com%2Fa%2Fcn%2Fpage_12.html

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?hca=A5C35A70278D946E&cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&ep=4599%2C4598&et=3&ja=0&ln=en-us&lo=0&rnd=167513381&si=0b522056fa9ded0b7ae7beae7435129e&v=1.3.0&lv=1&sn=36992&r=0&ww=1280&u=http%3A%2F%2Fwww.zgbzh.com%2Fa%2Fcn%2Fpage_12.html
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?hca=A5C35A70278D946E&cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&ep=4599%2C4598&et=3&ja=0&ln=en-us&lo=0&rnd=167513381&si=0b522056fa9ded0b7ae7beae7435129e&v=1.3.0&lv=1&sn=36992&r=0&ww=1280&u=http%3A%2F%2Fwww.zgbzh.com%2Fa%2Fcn%2Fpage_12.html HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.zgbzh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 26 Nov 2022 15:13:06 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=522BDE587A43C433; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

hm.baidu.com/hm.gif?hca=E3D147C4444E4887&cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&ep=4621%2C4621&et=3&ja=0&ln=en-us&lo=0&rnd=330605331&si=f83ac9c714d97f9c5568c1ef26ca9c6b&v=1.3.0&lv=1&sn=36992&r=0&ww=1280&u=http%3A%2F%2Fwww.zgbzh.com%2Fa%2Fcn%2Fpage_12.html

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?hca=E3D147C4444E4887&cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&ep=4621%2C4621&et=3&ja=0&ln=en-us&lo=0&rnd=330605331&si=f83ac9c714d97f9c5568c1ef26ca9c6b&v=1.3.0&lv=1&sn=36992&r=0&ww=1280&u=http%3A%2F%2Fwww.zgbzh.com%2Fa%2Fcn%2Fpage_12.html
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?hca=E3D147C4444E4887&cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&ep=4621%2C4621&et=3&ja=0&ln=en-us&lo=0&rnd=330605331&si=f83ac9c714d97f9c5568c1ef26ca9c6b&v=1.3.0&lv=1&sn=36992&r=0&ww=1280&u=http%3A%2F%2Fwww.zgbzh.com%2Fa%2Fcn%2Fpage_12.html HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.zgbzh.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 26 Nov 2022 15:13:06 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=6C6419D437DF94CC; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

www.zgbzh.com/Uploads/image/20180606/5.jpg

45.122.136.226

200 OK

39 kB

URL HTTP/1.1
www.zgbzh.com/Uploads/image/20180606/5.jpg
IP
45.122.136.226:0
ASN
#132742 Guochao Group limited

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2018:06:06 23:07:25], progressive, precision 8, 185x122, components 3\012- data
Size
39 kB (39255 bytes)
Hash
d6b030fdc8d64b2d278cfe48b04c9624
294407ca303a9bd8c53d91147677f25a59745374
8acac652037c755f2ad806a2f6955182c59532202bdd0ce1ec76ac9969748e64

HTTP Headers

GET /Uploads/image/20180606/5.jpg HTTP/1.1
Host: www.zgbzh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.zgbzh.com/
Cookie: Hm_lvt_f83ac9c714d97f9c5568c1ef26ca9c6b=1669475582; Hm_lpvt_f83ac9c714d97f9c5568c1ef26ca9c6b=1669475582; Hm_lvt_0b522056fa9ded0b7ae7beae7435129e=1669475582; Hm_lpvt_0b522056fa9ded0b7ae7beae7435129e=1669475582

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:13:06 GMT
Content-Type: image/jpeg
Content-Length: 39255
Last-Modified: Mon, 14 Nov 2022 09:24:10 GMT
Connection: keep-alive
ETag: "6372093a-9957"
Expires: Mon, 26 Dec 2022 15:13:06 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

www.zgbzh.com/Uploads/image/20180606/20.jpg

45.122.136.226

200 OK

31 kB

URL HTTP/1.1
www.zgbzh.com/Uploads/image/20180606/20.jpg
IP
45.122.136.226:0
ASN
#132742 Guochao Group limited

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2018:06:06 23:04:40], progressive, precision 8, 185x122, components 3\012- data
Size
31 kB (30904 bytes)
Hash
9de39aba2a3a4dfc4b77c0136f67c714
0264f6f6553a19ce3e85a7d5a36b17ca10032f23
0cc3f3f87430fe6e150e0e93f7f8a46a8a85cabc56f0c05a6bc06bb31fbba2c0

HTTP Headers

GET /Uploads/image/20180606/20.jpg HTTP/1.1
Host: www.zgbzh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.zgbzh.com/
Cookie: Hm_lvt_f83ac9c714d97f9c5568c1ef26ca9c6b=1669475582; Hm_lpvt_f83ac9c714d97f9c5568c1ef26ca9c6b=1669475582; Hm_lvt_0b522056fa9ded0b7ae7beae7435129e=1669475582; Hm_lpvt_0b522056fa9ded0b7ae7beae7435129e=1669475582

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:13:06 GMT
Content-Type: image/jpeg
Content-Length: 30904
Last-Modified: Mon, 14 Nov 2022 09:24:16 GMT
Connection: keep-alive
ETag: "63720940-78b8"
Expires: Mon, 26 Dec 2022 15:13:06 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

collect-v6.51.la/v6/collect?dt=4

103.143.19.103

200

0 B

URL HTTP/1.1
collect-v6.51.la/v6/collect?dt=4
IP
103.143.19.103:0
ASN
#4837 CHINA UNICOM China169 Backbone

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 267
Origin: https://www.go8ffs.com
Connection: keep-alive
Referer: https://www.go8ffs.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 
Server: CloudWAF
Date: Sat, 26 Nov 2022 15:13:06 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=82e2312c41a76bb74d89; path=/
HWWAFSESTIME=1669475582460; path=/
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: https://www.go8ffs.com
Access-Control-Allow-Credentials: true

hm.baidu.com/hm.js?0b522056fa9ded0b7ae7beae7435129e

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?0b522056fa9ded0b7ae7beae7435129e
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (619)
Size
11 kB (11257 bytes)
Hash
9b4dfcdbbe6ffece99c08c2eaa581b86
5c4e44943a71332eee04df3e2d0a95ace96b33f0
0824399ea10b3fad99c6722db0974f69c373dd6aa35f5572ebd3af92e0a4ac5a

HTTP Headers

GET /hm.js?0b522056fa9ded0b7ae7beae7435129e HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.zgbzh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-None-Match: 09ad5b0a099a02f973cef81586c92dd3

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11257
Content-Type: application/javascript
Date: Sat, 26 Nov 2022 15:13:06 GMT
Etag: babcfee15b6c9d21835ddda344f126c4
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=0200F7F33A456161; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.js?f83ac9c714d97f9c5568c1ef26ca9c6b

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?f83ac9c714d97f9c5568c1ef26ca9c6b
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (621)
Size
11 kB (11259 bytes)
Hash
4e6c41a995d47434870c61f9570f9d0a
ae48e4d28a50dbb4237a5e75aef887442d350c35
2c55c53354e9a4a1f86e0683de4a6fbeb072b3d0c6ff39737a01253f9c018536

HTTP Headers

GET /hm.js?f83ac9c714d97f9c5568c1ef26ca9c6b HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.zgbzh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-None-Match: e9f330724a9f8cad5797489b29de00ac

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11259
Content-Type: application/javascript
Date: Sat, 26 Nov 2022 15:13:06 GMT
Etag: 8d16672d23e5a10774196923d591ddaf
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=1E8777AD2E903F41; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

www.zgbzh.com/Uploads/image/20180606/18.jpg

45.122.136.226

200 OK

36 kB

URL HTTP/1.1
www.zgbzh.com/Uploads/image/20180606/18.jpg
IP
45.122.136.226:0
ASN
#132742 Guochao Group limited

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2018:06:06 23:03:50], progressive, precision 8, 185x122, components 3\012- data
Size
36 kB (36389 bytes)
Hash
4dab1a2618a86edd45931229ff62166a
539d9cc31353df218ab2dd70a6f9a849970f9768
c7d659f518f5c54da4c058679e2bc1134d6ee0b64b195fa4d5de69a78894d62d

HTTP Headers

GET /Uploads/image/20180606/18.jpg HTTP/1.1
Host: www.zgbzh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.zgbzh.com/
Cookie: Hm_lvt_f83ac9c714d97f9c5568c1ef26ca9c6b=1669475582; Hm_lpvt_f83ac9c714d97f9c5568c1ef26ca9c6b=1669475582; Hm_lvt_0b522056fa9ded0b7ae7beae7435129e=1669475582; Hm_lpvt_0b522056fa9ded0b7ae7beae7435129e=1669475582

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:13:06 GMT
Content-Type: image/jpeg
Content-Length: 36389
Last-Modified: Mon, 14 Nov 2022 09:24:16 GMT
Connection: keep-alive
ETag: "63720940-8e25"
Expires: Mon, 26 Dec 2022 15:13:06 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

www.zgbzh.com/Uploads/image/20180606/11.jpg

45.122.136.226

200 OK

28 kB

URL HTTP/1.1
www.zgbzh.com/Uploads/image/20180606/11.jpg
IP
45.122.136.226:0
ASN
#132742 Guochao Group limited

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC (Windows), datetime=2018:06:06 23:02:41], progressive, precision 8, 185x122, components 3\012- data
Size
28 kB (28120 bytes)
Hash
49d638ca05bee09d0e289cd02595fcd7
e166942b06fba021b5683d75c36e7b4ff0f20068
48be552665c9299832978ad81b500359f497dd71fde471ecd9df7e22666de4a9

HTTP Headers

GET /Uploads/image/20180606/11.jpg HTTP/1.1
Host: www.zgbzh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.zgbzh.com/
Cookie: Hm_lvt_f83ac9c714d97f9c5568c1ef26ca9c6b=1669475582; Hm_lpvt_f83ac9c714d97f9c5568c1ef26ca9c6b=1669475582; Hm_lvt_0b522056fa9ded0b7ae7beae7435129e=1669475582; Hm_lpvt_0b522056fa9ded0b7ae7beae7435129e=1669475582

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:13:06 GMT
Content-Type: image/jpeg
Content-Length: 28120
Last-Modified: Mon, 14 Nov 2022 09:24:16 GMT
Connection: keep-alive
ETag: "63720940-6dd8"
Expires: Mon, 26 Dec 2022 15:13:06 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

www.zgbzh.com/Uploads/image/20180529/56.png

45.122.136.226

200 OK

43 kB

URL HTTP/1.1
www.zgbzh.com/Uploads/image/20180529/56.png
IP
45.122.136.226:0
ASN
#132742 Guochao Group limited

File type
PNG image data, 325 x 70, 8-bit/color RGB, non-interlaced\012- data
Size
43 kB (43158 bytes)
Hash
1932772ed4a8c99bacc2f342ad46ebe8
ac8057cc5039d849df809dc962b9763011ee5b18
20083d6dec71a25cf7a845b464242d1b34c97831b461ad70ec455d9a4c50040f

HTTP Headers

GET /Uploads/image/20180529/56.png HTTP/1.1
Host: www.zgbzh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.zgbzh.com/
Cookie: Hm_lvt_f83ac9c714d97f9c5568c1ef26ca9c6b=1669475582; Hm_lpvt_f83ac9c714d97f9c5568c1ef26ca9c6b=1669475582; Hm_lvt_0b522056fa9ded0b7ae7beae7435129e=1669475582; Hm_lpvt_0b522056fa9ded0b7ae7beae7435129e=1669475582

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:13:07 GMT
Content-Type: image/png
Content-Length: 43158
Last-Modified: Mon, 14 Nov 2022 12:16:53 GMT
Connection: keep-alive
ETag: "637231b5-a896"
Expires: Mon, 26 Dec 2022 15:13:07 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

www.supoil.com/image/logo1.jpg

103.39.155.108

200 OK

0 B

URL HTTP/1.1
www.supoil.com/image/logo1.jpg
IP
103.39.155.108:0
ASN
#132742 Guochao Group limited

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /image/logo1.jpg HTTP/1.1
Host: www.supoil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.zgbzh.com/

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 26 Nov 2022 15:13:06 GMT
Content-Type: image/jpeg
Content-Length: 152728
Last-Modified: Fri, 18 Nov 2022 14:06:35 GMT
Connection: keep-alive
ETag: "6377916b-25498"
Expires: Mon, 26 Dec 2022 15:13:06 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (32)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations