r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 81713f952b51a865ad9764cde68e3fdb
278c3a9c4bb2a0ffb7375f90d89a1ba6e90a766a
c2eb0d8a24ecb51af28f1c71db4b9a95c568dcf6c94b41ee8c78787a4ebebcef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2EB0D8A24ECB51AF28F1C71DB4B9A95C568DCF6C94B41EE8C78787A4EBEBCEF"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7725
Expires: Sat, 04 Feb 2023 09:46:41 GMT
Date: Sat, 04 Feb 2023 07:37:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5546
Expires: Sat, 04 Feb 2023 09:10:22 GMT
Date: Sat, 04 Feb 2023 07:37:56 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 04 Feb 2023 06:43:36 GMT
content-type: application/json
age: 3260
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7d2222d41721947297aaeb5a6e3d0714
04cc1ee417c8bf6338657fd4c2e4e1c1ddfd3065
de0e45969a2ad95e52f7e2fbd0d021d9075dd7b14666c929346efe111f648f7c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE0E45969A2AD95E52F7E2FBD0D021D9075DD7B14666C929346EFE111F648F7C"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7388
Expires: Sat, 04 Feb 2023 09:41:04 GMT
Date: Sat, 04 Feb 2023 07:37:56 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: eH0WOaSpq7SULJZPx8XnL2DOsM2YBhewp3HVX/fKm249p0rg7/9JZIF51gZrjfGXprj74oWX45s=
x-amz-request-id: PPGV2FZGY34QVP93
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 04 Feb 2023 07:23:54 GMT
age: 842
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 07:37:56 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
531140.com/vip/120/2.exe
202.160.155.61301 Moved Permanently 169 B IP 202.160.155.61:0
ASN #26658 HENGTONG-IDC-LLC
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 0f952b73d3f5586637ea9a5a789d48f4
b29aff4ffa1d4decd77db5160f920e1c6417e5e9
69d11528ee32902d0c47ed215877f0610399536f755db03ed02a77ecedd74751
NIDS Severity Alert suricata high ET MALWARE Single char EXE direct download likely trojan (multiple families)
GET /vip/120/2.exe HTTP/1.1
Host: 531140.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx/1.20.1
Date: Sat, 04 Feb 2023 07:37:57 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://www.531140.com/vip/120/2.exe
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 04 Feb 2023 06:49:07 GMT
age: 2930
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6317
Expires: Sat, 04 Feb 2023 09:23:14 GMT
Date: Sat, 04 Feb 2023 07:37:57 GMT
Connection: keep-alive
push.services.mozilla.com/
52.10.73.188101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.10.73.188:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: au3ljKTCDeDlfrOyZ8d0oA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 3axqxOoNh3/qx7sQhU7di9cSmpY=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5904b3d9c04fcac68e52b2cee2d56a7d
66045e6d33f66781468fc4199f5a5e755a3cea5c
d526502404adc78388d762a62f965248d12b655477375783cd55a2783c1bec7f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D526502404ADC78388D762A62F965248D12B655477375783CD55A2783C1BEC7F"
Last-Modified: Thu, 02 Feb 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 04 Feb 2023 13:37:58 GMT
Date: Sat, 04 Feb 2023 07:37:58 GMT
Connection: keep-alive
www.531140.com/vip/120/2.exe
202.160.155.61302 Moved Temporarily 0 B URL HTTP/1.1 www.531140.com/vip/120/2.exe
IP 202.160.155.61:0
ASN #26658 HENGTONG-IDC-LLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /vip/120/2.exe HTTP/1.1
Host: www.531140.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 302 Moved Temporarily
Server: nginx/1.20.1
Date: Sat, 04 Feb 2023 07:37:58 GMT
Content-Type: text/html; charset=gbk
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.40
Location: http://www.531140.com/home.php
Strict-Transport-Security: max-age=15768000
www.531140.com/home.php
202.160.155.61200 OK 429 B IP 202.160.155.61:0
ASN #26658 HENGTONG-IDC-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash a6c81579fbee2f237dc2d42bc2b76e91
048bd1bbf4f6022a260e0f7798503de033563bbb
54eab21abd13bc621f76939276d9e38306c3a0aec436a4cd07a78b68c6365abd
GET /home.php HTTP/1.1
Host: www.531140.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 Feb 2023 07:37:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.40
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
www.531140.com/jquery.min.js
202.160.155.61200 OK 12 kB URL HTTP/1.1 www.531140.com/jquery.min.js
IP 202.160.155.61:0
ASN #26658 HENGTONG-IDC-LLC
File type ASCII text, with very long lines (11622), with no line terminators
Hash 843a6bb3a868c16bde06326d17551a08
02127e58612e9871f91d7e0677a8014cf9a14443
8083a12b4a6fb95edbae8ac7bacd3c63d454a55db934abd7227fe761bb067c67
GET /jquery.min.js HTTP/1.1
Host: www.531140.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.531140.com/home.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 Feb 2023 07:37:58 GMT
Content-Type: application/javascript
Content-Length: 11622
Last-Modified: Fri, 30 Sep 2022 04:05:03 GMT
Connection: keep-alive
ETag: "63366aef-2d66"
Expires: Sat, 04 Feb 2023 19:37:58 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.531140.com/jquery.la.min.js
202.160.155.61200 OK 632 B URL HTTP/1.1 www.531140.com/jquery.la.min.js
IP 202.160.155.61:0
ASN #26658 HENGTONG-IDC-LLC
File type HTML document, ASCII text, with very long lines (555), with CRLF line terminators
Hash 834dc0ed932402121162b4e9a7d2da72
f59773c8298e92367d2838dd3414d033e9b722a1
8631d8b900f3d63cfdfbd842b883dcf44f344e058ecc9c33376dfac82e68c6bb
GET /jquery.la.min.js HTTP/1.1
Host: www.531140.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.531140.com/home.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 Feb 2023 07:37:58 GMT
Content-Type: application/javascript
Content-Length: 632
Last-Modified: Fri, 30 Sep 2022 04:05:04 GMT
Connection: keep-alive
ETag: "63366af0-278"
Expires: Sat, 04 Feb 2023 19:37:58 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6984
Expires: Sat, 04 Feb 2023 09:34:23 GMT
Date: Sat, 04 Feb 2023 07:37:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6984
Expires: Sat, 04 Feb 2023 09:34:23 GMT
Date: Sat, 04 Feb 2023 07:37:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6984
Expires: Sat, 04 Feb 2023 09:34:23 GMT
Date: Sat, 04 Feb 2023 07:37:59 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: f95a2821-ae89-4ea9-93b2-43e570285df3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEC3FyboAMFe0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8078-7e2177f11d5715d4092cad2c;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dcFgY5x3Ef0J__7wGn3llTjZ9as5nX1H4HErIT3VlKfeQaQTjymW2g==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:33 GMT
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
age: 34046
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0567732b-c9d0-4bac-89d8-3dc6a16e522c.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0567732b-c9d0-4bac-89d8-3dc6a16e522c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 99bf0073acf75f9e04b52a96bf47797b
fa68da2c92fa89ed3dafe9915e064fca022af21f
961b77616486483e5767f214d2417275b9c995614128acab3521b6cd2f8866e2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0567732b-c9d0-4bac-89d8-3dc6a16e522c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8267
x-amzn-requestid: 8bf1f9c3-4508-489e-9f45-3ce50df74b0b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEW0HM6IAMFXog=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd80f8-2e7c768d54981cf1634830db;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:47:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: slDJVVNZDwjopU0kXbAvAJw4A0I_hGKXbRf9O15sXxmvu0JXe8yuPA==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:17:59 GMT
etag: "fa68da2c92fa89ed3dafe9915e064fca022af21f"
content-type: image/jpeg
age: 33600
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lsQxPtozrh2Ty1T-3d-1crDfi8HgVKRafOXb1UFl033bCx3kAzTS7w==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:48:04 GMT
age: 35395
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f7101f6e43855cb76ce48271a847ffbd
8e674830a97d8ce3818132fda197db4f0289d316
e78a83a4024e238bcdec3b9c4d5c12a99f49aabd57e34952f6a4cc8ed4422f55
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9141
x-amzn-requestid: ed7db574-6bca-4f3e-8879-c3e836549339
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD8zE5lIAMF1HA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8051-4480112f11d4ced0037d1ad8;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6kDIOqhM4aVL80sF02uFu2TuGbiBE7_L_S2W7x-P46hO5YZFmuL9nQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:13:30 GMT
age: 33869
etag: "8e674830a97d8ce3818132fda197db4f0289d316"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd74fd89c-32f8-4ed4-ab23-e95f810fbc57.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd74fd89c-32f8-4ed4-ab23-e95f810fbc57.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b5c35cdff2fb0758db780212b0b1f77
edbb557a3bf57128467335685aebbd4831d802f8
e0fa59843073ba8bd171c66610bc1b3d59a1a94c4991e6023507b9453ca0edba
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd74fd89c-32f8-4ed4-ab23-e95f810fbc57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9349
x-amzn-requestid: ecd1913d-7dbe-4ffd-ba85-0549aab51a06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyayOGPlIAMFQ7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dda4da-6a9b8d146155fa8b6c1c02d6;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 00:20:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jGBEz2d-SXXPBZhwlJgR4w248y-NY2c-18euLre5PULjWUIfhfUmNQ==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 00:20:43 GMT
etag: "edbb557a3bf57128467335685aebbd4831d802f8"
content-type: image/jpeg
age: 26236
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 392b61306c346508d3ac4a2f28218f9c
d2de32b52e0d3f4fc6acaf687b3521294b01dc03
018712a4d6734b84ac1777124f97dae4d93b1e5b297a5dcfe0955b52710b8a35
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10253
x-amzn-requestid: a90cb6b3-8a72-4b4b-b4f5-6dafc8c6752a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7GGv5IAMFu8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-3ca59e7c52800a4e44bda8fd;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: G8F3Fflod6HB4QFtjpD09xzi-2LKPw_DBJT0PKYKU3bs3pvOwO_LRw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:32 GMT
age: 34047
etag: "d2de32b52e0d3f4fc6acaf687b3521294b01dc03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash ec75652d5ed6dba43e9138f828845ac7
ec72cfb43cf7472905a72acc830a2e5c4597bb9e
e31b30bb8e3b7f0407061d7ecaf11f062f0df702762d3c9211d79cf9afa737b3
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 07:37:59 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Wed, 08 Feb 2023 04:15:26 GMT
ETag: "ec72cfb43cf7472905a72acc830a2e5c4597bb9e"
Last-Modified: Sat, 04 Feb 2023 04:15:27 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7941be812ddbb50c-OSL
www.531140.com/favicon.ico
202.160.155.61200 OK 17 kB URL HTTP/1.1 www.531140.com/favicon.ico
IP 202.160.155.61:0
ASN #26658 HENGTONG-IDC-LLC
File type MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel\012- data
Hash 764420ba908cbafe55c89277281e0201
2d17f443cd87fba8fde54f2412b631d7c56d60cd
1208f707a2e1df5dc1668ffb426396e0f3572c11ee805a50c1e4f1e35fe6a608
GET /favicon.ico HTTP/1.1
Host: www.531140.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.531140.com/home.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 Feb 2023 07:37:59 GMT
Content-Type: image/x-icon
Content-Length: 16958
Last-Modified: Thu, 29 Sep 2022 06:11:04 GMT
Connection: keep-alive
ETag: "633536f8-423e"
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
sdk.51.la/js-sdk-pro.min.js
47.253.50.2200 OK 13 kB URL HTTP/1.1 sdk.51.la/js-sdk-pro.min.js
IP 47.253.50.2:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type Unicode text, UTF-8 text, with very long lines (34110)
Hash 29243483fe441404931c046d27be80a6
92a0c68b0169eff0addb8cc05a53f6e009d41d47
4865f22b0a68c6a0a6c2d3cbedb9a190ffbea105c4f1e2a5806172919456f3b1
GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.531140.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 04 Feb 2023 07:37:59 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 10 Jan 2023 04:34:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63bceaef-861a"
Cache-Control: max-age=1296000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
www.go8ffs.com/nlp/index.php?keyword=%E4%B8%96%E7%95%8C%E6%9D%AF%E4%B9%B0%E7%90%83%E5%85%A5%E5%8F%A3-%E4%B8%96%E7%95%8C%E6%9D%AF%E4%B9%B0%E7%90%83%E7%BD%91%E5%9B%BD%E9%99%85%7C2022%E5%B9%B4%E4%B8%96%E7%95%8C%E6%9D%AF%E5%9B%9B%E5%BC%BA%E6%8A%95%E6%B3%A8&from=pc&originUrl=https%3A%2F%2Fwww.531140.com%2Fhome.php&referer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&v=2017
85.208.118.17200 OK 2.0 kB URL HTTP/1.1 www.go8ffs.com/nlp/index.php?keyword=%E4%B8%96%E7%95%8C%E6%9D%AF%E4%B9%B0%E7%90%83%E5%85%A5%E5%8F%A3-%E4%B8%96%E7%95%8C%E6%9D%AF%E4%B9%B0%E7%90%83%E7%BD%91%E5%9B%BD%E9%99%85%7C2022%E5%B9%B4%E4%B8%96%E7%95%8C%E6%9D%AF%E5%9B%9B%E5%BC%BA%E6%8A%95%E6%B3%A8&from=pc&originUrl=https%3A%2F%2Fwww.531140.com%2Fhome.php&referer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&v=2017
IP 85.208.118.17:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text
Hash aa430724c9831d096ee7e98f2c3725c9
796ecba0d8ccf82afea51ddf4936aea9405ebb9f
56adec71ca4e485f55adcd4e7637f756391ad928f7d92b16b6e67fe3e3f51443
GET /nlp/index.php?keyword=%E4%B8%96%E7%95%8C%E6%9D%AF%E4%B9%B0%E7%90%83%E5%85%A5%E5%8F%A3-%E4%B8%96%E7%95%8C%E6%9D%AF%E4%B9%B0%E7%90%83%E7%BD%91%E5%9B%BD%E9%99%85%7C2022%E5%B9%B4%E4%B8%96%E7%95%8C%E6%9D%AF%E5%9B%9B%E5%BC%BA%E6%8A%95%E6%B3%A8&from=pc&originUrl=https%3A%2F%2Fwww.531140.com%2Fhome.php&referer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&v=2017 HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.531140.com
Connection: keep-alive
Referer: https://www.531140.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 Feb 2023 07:37:59 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.40
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Content-Encoding: gzip
www.go8ffs.com/nlp/html/css/global.css
85.208.118.17200 OK 1.6 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/css/global.css
IP 85.208.118.17:0
File type ASCII text, with CRLF line terminators
Hash 8311a8491b15d5e792b7258b4e9bc02f
020035a406341c16f27a1072cefeaf71fe2aec9f
1b42d73b3170f0601b0b50565e978007accecfeb197b7a1b750744d34fc0c51a
GET /nlp/html/css/global.css HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.531140.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 Feb 2023 07:38:00 GMT
Content-Type: text/css
Last-Modified: Sat, 15 Feb 2020 09:21:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5e47b816-1b88"
Expires: Sat, 04 Feb 2023 19:38:00 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
www.go8ffs.com/nlp/html/css/reset.css
85.208.118.17200 OK 5.2 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/css/reset.css
IP 85.208.118.17:0
File type ASCII text, with very long lines (2097), with CRLF line terminators
Hash 7df0df24bd7a3fe1f6c10d9379dc461a
6e7fe0999ee4ce69a764f17aeebb5153185e7d5a
ff55ccb5d3823664606dfbea42aa42b5f8a18743ab68fd9ff4cca0dfc13ed03d
GET /nlp/html/css/reset.css HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.531140.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 Feb 2023 07:38:00 GMT
Content-Type: text/css
Last-Modified: Mon, 09 Dec 2019 10:22:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5dee2050-4a87"
Expires: Sat, 04 Feb 2023 19:38:00 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
www.go8ffs.com/nlp/html/css/style1.css
85.208.118.17200 OK 1.9 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/css/style1.css
IP 85.208.118.17:0
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 1c281d8a45982360f40b4243ceb5dad4
712ff608c770150f7063bc21577adebe1535db6a
d64b3d6dece221fd8610e461b560360d78d4e8d9458c7f3c0f03088d6e4fd5cd
GET /nlp/html/css/style1.css HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.531140.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 Feb 2023 07:38:00 GMT
Content-Type: text/css
Last-Modified: Sat, 15 Feb 2020 09:14:48 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5e47b688-188a"
Expires: Sat, 04 Feb 2023 19:38:00 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
www.go8ffs.com/nlp/html/js/xSlider.js
85.208.118.17200 OK 4.8 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/js/xSlider.js
IP 85.208.118.17:0
File type HTML document, Unicode text, UTF-8 (with BOM) text
Hash ac986046071f223f32ef0b57c5e83372
9ad8b6b8851448c876396b74fb2414beb217ed6c
ba5a0c25b65512451e4a8132d8f85e6cf40128d7f744b7aab3deddc46295b02b
GET /nlp/html/js/xSlider.js HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.531140.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 Feb 2023 07:38:00 GMT
Content-Type: application/javascript
Content-Length: 4760
Last-Modified: Mon, 09 Dec 2019 10:22:08 GMT
Connection: keep-alive
ETag: "5dee2050-1298"
Expires: Sat, 04 Feb 2023 19:38:00 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/css/app.css
85.208.118.17200 OK 531 B URL HTTP/1.1 www.go8ffs.com/nlp/html/css/app.css
IP 85.208.118.17:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash d19984884d458a401c17381534c74df7
4f18f14c373ec54c9e719b4df6ee20f835eb4736
9104572473f82d01a50d3633621532e3d9567d0f45d81bb6a29b61540055ccb0
GET /nlp/html/css/app.css HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.531140.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 Feb 2023 07:38:00 GMT
Content-Type: text/css
Last-Modified: Mon, 09 Dec 2019 10:22:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5dee2050-61c"
Expires: Sat, 04 Feb 2023 19:38:00 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=15768000
Content-Encoding: gzip
www.go8ffs.com/nlp/html/js/shoucang.js
85.208.118.17200 OK 5.4 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/js/shoucang.js
IP 85.208.118.17:0
File type HTML document, ISO-8859 text, with CRLF line terminators
Hash f6c62d3a18f942ddf065e609d6ebfd20
d37794a201186252a39b04375a80311e11b1028c
9ad0ed616194a69f6604c0dea9c80f7e3097bec72d110189bb3627a6837569dd
GET /nlp/html/js/shoucang.js HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.531140.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 Feb 2023 07:38:00 GMT
Content-Type: application/javascript
Content-Length: 5365
Last-Modified: Mon, 09 Dec 2019 10:22:08 GMT
Connection: keep-alive
ETag: "5dee2050-14f5"
Expires: Sat, 04 Feb 2023 19:38:00 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/js/jquery.la.min.js
85.208.118.17200 OK 632 B URL HTTP/1.1 www.go8ffs.com/nlp/html/js/jquery.la.min.js
IP 85.208.118.17:0
File type HTML document, ASCII text, with very long lines (555), with CRLF line terminators
Hash 8a8bfecd8df26e4c6d013512afdaebad
4996b9f9dd54e3925bd520cc16ac27747a2980aa
6beaf3b08041f5f85deea786e2d40c4bce08a6a4d31428f6d326c927078e505e
GET /nlp/html/js/jquery.la.min.js HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.531140.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 Feb 2023 07:38:00 GMT
Content-Type: application/javascript
Content-Length: 632
Last-Modified: Fri, 04 Feb 2022 06:48:20 GMT
Connection: keep-alive
ETag: "61fccc34-278"
Expires: Sat, 04 Feb 2023 19:38:00 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/img99.jpg
85.208.118.17200 OK 4.7 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/img99.jpg
IP 85.208.118.17:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 160x73, components 3\012- data
Hash 6c48d1b9433e82ae9454632a06f5cbf5
21914adfc8da2aa3c21fa9a787d761df06639b46
57e21b4e617ed4b771fd7d0dd011af8ed8c6331c8f91ec826e070ad0cf839752
GET /nlp/html/images/img99.jpg HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.531140.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 Feb 2023 07:38:00 GMT
Content-Type: image/jpeg
Content-Length: 4709
Last-Modified: Mon, 09 Dec 2019 10:22:08 GMT
Connection: keep-alive
ETag: "5dee2050-1265"
Expires: Mon, 06 Mar 2023 07:38:00 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/img88.jpg
85.208.118.17200 OK 7.6 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/img88.jpg
IP 85.208.118.17:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 357x35, components 3\012- data
Hash ca6f9c9ef342dbbed0778a0bee1c906f
a90e8cee96fd6293e68e6fd06f8e832d04f04fbe
f69070142d07a750add0c593bc699646b3f4dec6d85d4f88ac6d969ee916158c
GET /nlp/html/images/img88.jpg HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.531140.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 Feb 2023 07:38:00 GMT
Content-Type: image/jpeg
Content-Length: 7602
Last-Modified: Mon, 09 Dec 2019 10:22:08 GMT
Connection: keep-alive
ETag: "5dee2050-1db2"
Expires: Mon, 06 Mar 2023 07:38:00 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/bob66.png
85.208.118.17200 OK 12 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/bob66.png
IP 85.208.118.17:0
File type PNG image data, 422 x 144, 8-bit/color RGBA, non-interlaced\012- data
Hash 703f8c6c46b4d39096ccadde4cc98d02
c8a612d808834494b29f2b55be058d8cab43264e
80582d7d90fba4c39e14b49e0159c722fe937d807aad524a946ac336e7631598
GET /nlp/html/images/bob66.png HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.531140.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 Feb 2023 07:38:00 GMT
Content-Type: image/png
Content-Length: 11733
Last-Modified: Fri, 27 Dec 2019 09:14:24 GMT
Connection: keep-alive
ETag: "5e05cb70-2dd5"
Expires: Mon, 06 Mar 2023 07:38:00 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/logo.png
85.208.118.17200 OK 39 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/logo.png
IP 85.208.118.17:0
File type PNG image data, 320 x 88, 8-bit/color RGBA, non-interlaced\012- data
Hash 844a297f3e5a9f7c9637f3027fc353fe
8bf23977d6dedbd995e844af1b9e6323496987d8
b0b4f3f1bc192b70008213d53ee6603a4199e9cfc2f1637c6d3cb12c89970703
GET /nlp/html/images/logo.png HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.531140.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 Feb 2023 07:38:00 GMT
Content-Type: image/png
Content-Length: 38610
Last-Modified: Mon, 09 Dec 2019 10:22:08 GMT
Connection: keep-alive
ETag: "5dee2050-96d2"
Expires: Mon, 06 Mar 2023 07:38:00 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/ob66.png
85.208.118.17200 OK 9.9 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/ob66.png
IP 85.208.118.17:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, progressive, precision 8, 420x145, components 3\012- data
Hash 689ffa11f2db4397d03dc5e9057e3d6b
0ca16ec3b71d00035300ea8ae67245cbd3ac543c
23ac9f1510913bb7e73765bb9114b7578eed8a5160431bfc14f13e7217859a7c
GET /nlp/html/images/ob66.png HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.531140.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 Feb 2023 07:38:00 GMT
Content-Type: image/png
Content-Length: 9907
Last-Modified: Thu, 01 Jul 2021 00:04:06 GMT
Connection: keep-alive
ETag: "60dd0676-26b3"
Expires: Mon, 06 Mar 2023 07:38:00 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/obm.gif
85.208.118.17200 OK 38 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/obm.gif
IP 85.208.118.17:0
File type GIF image data, version 89a, 335 x 185\012- data
Hash 22542b9bd33c17660ce0985855e29e10
3f11eb910f1d94448cee830f92f6fa7dbca91cae
31abc2e6290e1c372052b085dc670c4a9cac8d02bcdeb72629181f5d20bd5ea8
GET /nlp/html/images/obm.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.531140.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 Feb 2023 07:38:00 GMT
Content-Type: image/gif
Content-Length: 37915
Last-Modified: Wed, 07 Apr 2021 07:58:54 GMT
Connection: keep-alive
ETag: "606d663e-941b"
Expires: Mon, 06 Mar 2023 07:38:00 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/hh66.png
85.208.118.17200 OK 43 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/hh66.png
IP 85.208.118.17:0
File type PNG image data, 420 x 145, 8-bit/color RGB, non-interlaced\012- data
Hash 8bc94f16a216b9e02115c527636a02ec
77bfe082f63c01466de75a6e0161935012dfa116
df03cc76624df9d7da60edc249938f16142f190a94f3364d316731f541ec70f4
GET /nlp/html/images/hh66.png HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.531140.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 Feb 2023 07:38:01 GMT
Content-Type: image/png
Content-Length: 43080
Last-Modified: Sun, 18 Apr 2021 19:33:52 GMT
Connection: keep-alive
ETag: "607c89a0-a848"
Expires: Mon, 06 Mar 2023 07:38:01 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
collect-v6.51.la/v6/collect?dt=4
103.143.19.103200 0 B URL HTTP/1.1 collect-v6.51.la/v6/collect?dt=4
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 380
Origin: https://www.531140.com
Connection: keep-alive
Referer: https://www.531140.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: CloudWAF
Date: Sat, 04 Feb 2023 07:38:01 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=5bb841219bbdf8496955; path=/
HWWAFSESTIME=1675496276744; path=/
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: https://www.531140.com
Access-Control-Allow-Credentials: true
www.go8ffs.com/nlp/html/images/hhm.gif
85.208.118.17200 OK 37 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/hhm.gif
IP 85.208.118.17:0
File type GIF image data, version 89a, 335 x 185\012- data
Hash 52011f0bb09cc250d2aa15226567bb99
aa620b7dfbd788949df290034711908a61e1a8fa
a72e274028f4e4c98aa582cfb8add8e461870ead3096c7c2473243f5fcbc33ef
GET /nlp/html/images/hhm.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.531140.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 Feb 2023 07:38:00 GMT
Content-Type: image/gif
Content-Length: 36844
Last-Modified: Wed, 14 Apr 2021 08:11:28 GMT
Connection: keep-alive
ETag: "6076a3b0-8fec"
Expires: Mon, 06 Mar 2023 07:38:00 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/ay66.png
85.208.118.17200 OK 41 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/ay66.png
IP 85.208.118.17:0
File type PNG image data, 420 x 145, 8-bit/color RGB, non-interlaced\012- data
Hash 99b44476f8fb3d824b7a1fa0db227f90
d38fdc047da93bfc9209a1efbe136ff297aec628
8f444c7f43d06f36f3590e70fdc8d86814d3b65bc99399aeef4d190a257bba2d
GET /nlp/html/images/ay66.png HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.531140.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 Feb 2023 07:38:01 GMT
Content-Type: image/png
Content-Length: 41212
Last-Modified: Sun, 18 Apr 2021 19:34:40 GMT
Connection: keep-alive
ETag: "607c89d0-a0fc"
Expires: Mon, 06 Mar 2023 07:38:01 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/315tyc0.gif
85.208.118.17200 OK 204 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/315tyc0.gif
IP 85.208.118.17:0
File type GIF image data, version 89a, 1020 x 255\012- data
Size 204 kB (203489 bytes)
Hash b7094080de97390fd0e9f07806e7bf93
42f37766367a3b86a7aa0239506c0434aa15b06e
e47ea417f49f65c9a2fde6f4701f06fae16985e28231cb63ceebbaea1ac27753
GET /nlp/html/images/315tyc0.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.531140.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 Feb 2023 07:38:00 GMT
Content-Type: image/gif
Content-Length: 203489
Last-Modified: Wed, 29 Apr 2020 13:15:20 GMT
Connection: keep-alive
ETag: "5ea97de8-31ae1"
Expires: Mon, 06 Mar 2023 07:38:00 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/yabo66.png
85.208.118.17200 OK 16 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/yabo66.png
IP 85.208.118.17:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 420x145, components 3\012- data
Hash d9f881dc84bfd7b67edcc941cd79faaf
87ac18b68e41fded80f28fdca2810784af167432
85e0a7b088a01d5f537e34dc76236c968a81b1b627f866b56e3cd3b5731d60e3
GET /nlp/html/images/yabo66.png HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.531140.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 Feb 2023 07:38:01 GMT
Content-Type: image/png
Content-Length: 16271
Last-Modified: Fri, 30 Oct 2020 06:23:22 GMT
Connection: keep-alive
ETag: "5f9bb15a-3f8f"
Expires: Mon, 06 Mar 2023 07:38:01 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/tbm.gif
85.208.118.17200 OK 48 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/tbm.gif
IP 85.208.118.17:0
File type GIF image data, version 89a, 335 x 185\012- data
Hash 92b0b93b348a401f5f9c48b569b0023c
cd4c74bc891825920c2d3a1c3b83dee403bb331b
96582f2b81a10bd6a52bab63b8cd5350b499a94e5de7e0e7789a6b73ce4aab54
GET /nlp/html/images/tbm.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.531140.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 Feb 2023 07:38:01 GMT
Content-Type: image/gif
Content-Length: 48121
Last-Modified: Sun, 09 Aug 2020 17:27:08 GMT
Connection: keep-alive
ETag: "5f3031ec-bbf9"
Expires: Mon, 06 Mar 2023 07:38:01 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/bobm.gif
85.208.118.17200 OK 336 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/bobm.gif
IP 85.208.118.17:0
File type GIF image data, version 89a, 335 x 185\012- data
Size 336 kB (335675 bytes)
Hash 35c68e7c242d17d7ada7e8109ad24f0a
27df36ff7dd2b17fee70cee1fd988c69a12cf27e
6082c920c9a036667c67b32eb2414bbb31b4a0fb70b10ebacb9cfb4001065e27
GET /nlp/html/images/bobm.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.531140.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 Feb 2023 07:38:00 GMT
Content-Type: image/gif
Content-Length: 335675
Last-Modified: Wed, 29 Apr 2020 06:08:26 GMT
Connection: keep-alive
ETag: "5ea919da-51f3b"
Expires: Mon, 06 Mar 2023 07:38:00 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/aym.gif
85.208.118.17200 OK 172 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/aym.gif
IP 85.208.118.17:0
File type GIF image data, version 89a, 335 x 185\012- data
Size 172 kB (172480 bytes)
Hash 5136f9dcd7f4b24a29c2b113af42d96a
46a61b970169a7e8fd5fb32dffd74c2ff0a10c46
d5a00a63e2c3c344fd3e8aca43e5f3107cd627863fa47f2e2485afb2b217193b
GET /nlp/html/images/aym.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.531140.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 Feb 2023 07:38:01 GMT
Content-Type: image/gif
Content-Length: 172480
Last-Modified: Mon, 12 Apr 2021 04:58:08 GMT
Connection: keep-alive
ETag: "6073d360-2a1c0"
Expires: Mon, 06 Mar 2023 07:38:01 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/tb66.png
85.208.118.17200 OK 13 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/tb66.png
IP 85.208.118.17:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 420x145, components 3\012- data
Hash 389de8b12a7dc9d1bb8182a7b82f40ef
cbf940a9e524facb25b9295bfa42a9ab1d7f722d
458df63c82dba79d21a0b371a8a922973bef1e498309142451ae018da3b314b1
GET /nlp/html/images/tb66.png HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.531140.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 Feb 2023 07:38:01 GMT
Content-Type: image/png
Content-Length: 13335
Last-Modified: Fri, 30 Oct 2020 06:23:32 GMT
Connection: keep-alive
ETag: "5f9bb164-3417"
Expires: Mon, 06 Mar 2023 07:38:01 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/yabodjm.gif
85.208.118.17200 OK 483 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/yabodjm.gif
IP 85.208.118.17:0
File type GIF image data, version 89a, 335 x 185\012- data
Size 483 kB (482963 bytes)
Hash 19a770d267abbae92fd758fdb6e26023
d46954faf3bc3a56f09786a0d4f48dec35b87754
5e869ce1bc6348282f0af4ce5c3cb4664064941eec483a4f61b5a162f8fb7bc9
GET /nlp/html/images/yabodjm.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.531140.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 Feb 2023 07:38:01 GMT
Content-Type: image/gif
Content-Length: 482963
Last-Modified: Wed, 29 Apr 2020 06:08:34 GMT
Connection: keep-alive
ETag: "5ea919e2-75e93"
Expires: Mon, 06 Mar 2023 07:38:01 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/hh1.gif
85.208.118.17200 OK 40 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/hh1.gif
IP 85.208.118.17:0
File type GIF image data, version 89a, 1020 x 70\012- data
Hash af1846692b1b7bebd5d62e845ce0c720
071c6d464fa016880952bac08853aabdab1ae6e2
e9f87192d6170241bed520bb3313426b696640933264e8289b217fdd0140b239
GET /nlp/html/images/hh1.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.531140.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 Feb 2023 07:38:01 GMT
Content-Type: image/gif
Content-Length: 39682
Last-Modified: Wed, 14 Apr 2021 08:16:54 GMT
Connection: keep-alive
ETag: "6076a4f6-9b02"
Expires: Mon, 06 Mar 2023 07:38:01 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/ob1.gif
85.208.118.17200 OK 45 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/ob1.gif
IP 85.208.118.17:0
File type GIF image data, version 89a, 1020 x 70\012- data
Hash dad1fdc00b084a1e29440eb5f56b7fd2
6b1cb925aea096b480b4368ab49424f6c6832290
84324dbd4cf418b502c9a494fd28bfe0af8802b62d12144ee2a9123717bec103
GET /nlp/html/images/ob1.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.531140.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 Feb 2023 07:38:01 GMT
Content-Type: image/gif
Content-Length: 45445
Last-Modified: Wed, 07 Apr 2021 07:59:08 GMT
Connection: keep-alive
ETag: "606d664c-b185"
Expires: Mon, 06 Mar 2023 07:38:01 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/ky1.gif
85.208.118.17200 OK 120 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/ky1.gif
IP 85.208.118.17:0
File type GIF image data, version 89a, 1020 x 70\012- data
Size 120 kB (119872 bytes)
Hash 7c0c37f98ec2ed50375973bb70800e06
4a0577a61facb55fcfc8721c67715b9473443531
d08cac1e4a345ac2415852cda2ed1f8491219085cfdcdd98517dfea5784b7c7d
GET /nlp/html/images/ky1.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.531140.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 Feb 2023 07:38:01 GMT
Content-Type: image/gif
Content-Length: 119872
Last-Modified: Sun, 16 Oct 2022 23:07:26 GMT
Connection: keep-alive
ETag: "634c8eae-1d440"
Expires: Mon, 06 Mar 2023 07:38:01 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/yl1.gif
85.208.118.17200 OK 93 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/yl1.gif
IP 85.208.118.17:0
File type GIF image data, version 89a, 1020 x 85\012- data
Hash ec8ac7a8dd9610b594e21a63b42efec6
cf0aa061e01a5f1276e66ef291a44ae5c3e7aa06
601d48923ede2ba20e3d03c9ec7e4cf7195b735924c5b653d1b735bf3f62332a
GET /nlp/html/images/yl1.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.531140.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 Feb 2023 07:38:01 GMT
Content-Type: image/gif
Content-Length: 92802
Last-Modified: Sat, 06 Mar 2021 10:55:06 GMT
Connection: keep-alive
ETag: "60435f8a-16a82"
Expires: Mon, 06 Mar 2023 07:38:01 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/tb1.gif
85.208.118.17200 OK 32 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/tb1.gif
IP 85.208.118.17:0
File type GIF image data, version 89a, 1020 x 85\012- data
Hash fb7303495a9f7cae06d46cd737e3f515
c7d432541253742026a855e2a8e22586e36e08c5
4b2465709e6dfd8f34129c78819c14e9aa4a35a2d152d7d28d3055ea41195cac
GET /nlp/html/images/tb1.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.531140.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 Feb 2023 07:38:01 GMT
Content-Type: image/gif
Content-Length: 31794
Last-Modified: Sun, 09 Aug 2020 17:27:08 GMT
Connection: keep-alive
ETag: "5f3031ec-7c32"
Expires: Mon, 06 Mar 2023 07:38:01 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/kok1.gif
85.208.118.17200 OK 293 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/kok1.gif
IP 85.208.118.17:0
File type GIF image data, version 89a, 1020 x 85\012- data
Size 293 kB (293334 bytes)
Hash 008af843b07e36d190fd9c13208b1198
571e18d2093dd1ff506e3499b28ad393f5357368
74cb82dbd82af41d5896646b3f848a6667b2883696b29481443dda9ac4192dea
GET /nlp/html/images/kok1.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.531140.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 Feb 2023 07:38:01 GMT
Content-Type: image/gif
Content-Length: 293334
Last-Modified: Mon, 04 Jan 2021 08:36:36 GMT
Connection: keep-alive
ETag: "5ff2d394-479d6"
Expires: Mon, 06 Mar 2023 07:38:01 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/bet3651.gif
85.208.118.17200 OK 219 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/bet3651.gif
IP 85.208.118.17:0
File type GIF image data, version 89a, 1020 x 70\012- data
Size 219 kB (218843 bytes)
Hash c7780b56e5417ac5ae107ceeed79ec0b
7753cf45bb4a204dc40ba71e5aa04263e0ee1275
e4063ed845265a33c28cf4d756ba16bb03bfb86508a6993eff3d1c481e2f45ca
GET /nlp/html/images/bet3651.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.531140.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 Feb 2023 07:38:01 GMT
Content-Type: image/gif
Content-Length: 218843
Last-Modified: Wed, 29 Apr 2020 06:08:24 GMT
Connection: keep-alive
ETag: "5ea919d8-356db"
Expires: Mon, 06 Mar 2023 07:38:01 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
collect-v6.51.la/v6/collect?dt=4
103.143.19.103200 0 B URL HTTP/1.1 collect-v6.51.la/v6/collect?dt=4
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 325
Origin: https://www.531140.com
Connection: keep-alive
Referer: https://www.531140.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: CloudWAF
Date: Sat, 04 Feb 2023 07:38:01 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=5d7c571b1c57c1de7e8; path=/
HWWAFSESTIME=1675496280613; path=/
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: https://www.531140.com
Access-Control-Allow-Credentials: true
www.go8ffs.com/nlp/html/images/ay1.gif
85.208.118.17200 OK 168 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/ay1.gif
IP 85.208.118.17:0
File type GIF image data, version 89a, 1020 x 70\012- data
Size 168 kB (168357 bytes)
Hash 317efd40aea16414912ef7b3a796e8fb
001d7645d8f094607be78bb6cbae30b9554610ed
8be50c4d8951f8e27d1a914203b90dabfd4fc5f808c5731d8faf14d22fb6235d
GET /nlp/html/images/ay1.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.531140.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 Feb 2023 07:38:01 GMT
Content-Type: image/gif
Content-Length: 168357
Last-Modified: Mon, 12 Apr 2021 06:02:12 GMT
Connection: keep-alive
ETag: "6073e264-291a5"
Expires: Mon, 06 Mar 2023 07:38:01 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/315tyc1.gif
85.208.118.17200 OK 272 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/315tyc1.gif
IP 85.208.118.17:0
File type GIF image data, version 89a, 1020 x 85\012- data
Size 272 kB (272091 bytes)
Hash aca01c6c4d59c00a25aa9133e80b398a
819d373db065f988f66d1d7ed1805668efc94838
5a09a0bd37d494fb3c825f0e253c3ade27859e5cadb6f2eaca5278bcd929c68d
GET /nlp/html/images/315tyc1.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.531140.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 Feb 2023 07:38:01 GMT
Content-Type: image/gif
Content-Length: 272091
Last-Modified: Sat, 06 Mar 2021 10:44:44 GMT
Connection: keep-alive
ETag: "60435d1c-426db"
Expires: Mon, 06 Mar 2023 07:38:01 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/tycjt1.gif
85.208.118.17200 OK 204 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/tycjt1.gif
IP 85.208.118.17:0
File type GIF image data, version 89a, 1020 x 70\012- data
Size 204 kB (203635 bytes)
Hash de83368a21ce4654207a1441cbb451f7
463fb19a4acdbc6488a53ddf4d5462537474c0cf
0ab902da706f52e2a68fe955edef879f196cd045c95be9155c54867ed013c777
GET /nlp/html/images/tycjt1.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.531140.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 Feb 2023 07:38:02 GMT
Content-Type: image/gif
Content-Length: 203635
Last-Modified: Mon, 07 Mar 2022 11:42:46 GMT
Connection: keep-alive
ETag: "6225efb6-31b73"
Expires: Mon, 06 Mar 2023 07:38:02 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/jinsha1.gif
85.208.118.17200 OK 275 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/jinsha1.gif
IP 85.208.118.17:0
File type GIF image data, version 89a, 1020 x 70\012- data
Size 275 kB (275240 bytes)
Hash 8d78b68fbe5b6212d7975c89ac1bfe0e
d3124003c22985891964e6881f59cc8f4a97d8e4
ebcc12f6f8b6ad20d0712823d8750bd877598ed948da5cb4eaaba5a30bfb49e0
GET /nlp/html/images/jinsha1.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.531140.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 Feb 2023 07:38:01 GMT
Content-Type: image/gif
Content-Length: 275240
Last-Modified: Wed, 29 Apr 2020 06:08:28 GMT
Connection: keep-alive
ETag: "5ea919dc-43328"
Expires: Mon, 06 Mar 2023 07:38:01 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/bob1.gif
85.208.118.17200 OK 356 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/bob1.gif
IP 85.208.118.17:0
File type GIF image data, version 89a, 1020 x 85\012- data
Size 356 kB (355798 bytes)
Hash 7efc6c4cf3550462ea743cf108b64750
8f327ebea4bcc4868966878f3c903a05cd904c96
5d273c3267385f2d96283e7ba2c696af3ff61622ebe701aba1d4ba8bf64fb027
GET /nlp/html/images/bob1.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.531140.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 Feb 2023 07:38:01 GMT
Content-Type: image/gif
Content-Length: 355798
Last-Modified: Wed, 29 Apr 2020 06:08:26 GMT
Connection: keep-alive
ETag: "5ea919da-56dd6"
Expires: Mon, 06 Mar 2023 07:38:01 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/yabo1.gif
85.208.118.17200 OK 301 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/yabo1.gif
IP 85.208.118.17:0
File type GIF image data, version 89a, 1000 x 100\012- data
Size 301 kB (301227 bytes)
Hash 7c1f1fba6fdcd0d5fbd43be8c89f940b
8d22c2d441aa5cf8bd6366205b56a83eb6677e5e
81bc5064ee4a6f424b83a9b7255f7270aaecde4d7392d1dee828be768aa62346
GET /nlp/html/images/yabo1.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.531140.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 Feb 2023 07:38:01 GMT
Content-Type: image/gif
Content-Length: 301227
Last-Modified: Mon, 03 Jan 2022 07:20:30 GMT
Connection: keep-alive
ETag: "61d2a3be-498ab"
Expires: Mon, 06 Mar 2023 07:38:01 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/footer.jpg
85.208.118.17200 OK 22 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/footer.jpg
IP 85.208.118.17:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4], baseline, precision 8, 501x114, components 3\012- data
Hash 1b226fdfac594e7b8473f48ddfa969f2
e7b4c743bfbf85c34624352d16ef06d9e60cd539
f48c85bed24a188afdefef08c681618b663778195972782cf6e72dda06b0ba6c
GET /nlp/html/images/footer.jpg HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.531140.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 Feb 2023 07:38:02 GMT
Content-Type: image/jpeg
Content-Length: 22342
Last-Modified: Mon, 30 Dec 2019 06:33:46 GMT
Connection: keep-alive
ETag: "5e099a4a-5746"
Expires: Mon, 06 Mar 2023 07:38:02 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/fimg.jpg
85.208.118.17200 OK 57 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/fimg.jpg
IP 85.208.118.17:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1020x80, components 3\012- data
Hash d7482bc54b977407ba2a5599a0e5adb3
ed8da2d34e50c8bf733f5d13968f7164f32744b9
b677661b107682a2c4c381a13550bcdcf86f2a8d04f14febd7188deba8c0b252
GET /nlp/html/images/fimg.jpg HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.go8ffs.com/nlp/html/css/global.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 Feb 2023 07:38:02 GMT
Content-Type: image/jpeg
Content-Length: 57429
Last-Modified: Mon, 09 Dec 2019 10:22:08 GMT
Connection: keep-alive
ETag: "5dee2050-e055"
Expires: Mon, 06 Mar 2023 07:38:02 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/mx4.jpg
85.208.118.17200 OK 63 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/mx4.jpg
IP 85.208.118.17:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1020x95, components 3\012- data
Hash bd1ccf53feb63803f829f1196a0278e7
994b943cc52a5421defb8e2638e6dd2ca7fd83aa
c8a099ad4e7c20b9da973ae94f3e1f89126378cefe8e69d4f3a9303a653052e6
GET /nlp/html/images/mx4.jpg HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.531140.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 Feb 2023 07:38:02 GMT
Content-Type: image/jpeg
Content-Length: 62760
Last-Modified: Mon, 09 Dec 2019 10:22:08 GMT
Connection: keep-alive
ETag: "5dee2050-f528"
Expires: Mon, 06 Mar 2023 07:38:02 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/yabo88.gif
85.208.118.17200 OK 117 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/yabo88.gif
IP 85.208.118.17:0
File type GIF image data, version 89a, 128 x 526\012- data
Size 117 kB (117075 bytes)
Hash 7ead899c7a9e0cab9f4878b7e7ccecda
c04e01ea153c040ec0fa2b53b59391195f6c5866
36889b58d9d6f13e51ccc0f396035860a5cd04d1a179ccf91db7fbb9f3801962
GET /nlp/html/images/yabo88.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.531140.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 Feb 2023 07:38:02 GMT
Content-Type: image/gif
Content-Length: 117075
Last-Modified: Tue, 04 May 2021 05:02:06 GMT
Connection: keep-alive
ETag: "6090d54e-1c953"
Expires: Mon, 06 Mar 2023 07:38:02 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/yabo99.gif
85.208.118.17200 OK 120 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/yabo99.gif
IP 85.208.118.17:0
File type GIF image data, version 89a, 128 x 526\012- data
Size 120 kB (119975 bytes)
Hash 6939088f0c4dc000a363afa06a6e2ae9
ccb5ae50ee46b53903b1d876966cca067060566b
e18171a811e9db037dffcda1b45a081e0a603f24f08cc2abdf11add55d6bbe12
GET /nlp/html/images/yabo99.gif HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.531140.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 Feb 2023 07:38:02 GMT
Content-Type: image/gif
Content-Length: 119975
Last-Modified: Tue, 04 May 2021 05:14:56 GMT
Connection: keep-alive
ETag: "6090d850-1d4a7"
Expires: Mon, 06 Mar 2023 07:38:02 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes
www.go8ffs.com/nlp/html/images/favicon.ico
85.208.118.17200 OK 1.2 kB URL HTTP/1.1 www.go8ffs.com/nlp/html/images/favicon.ico
IP 85.208.118.17:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash da64874d3d6160fc26f5b21c9cdbe4c9
54dd03aeb4e1f9426dacdbfe4279426e24e0c701
8b15264873ab1a15d0cadc6be85e2288ee4a5709bd321bcaf67fcc6040d5fb29
GET /nlp/html/images/favicon.ico HTTP/1.1
Host: www.go8ffs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.531140.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 04 Feb 2023 07:38:02 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Mon, 09 Dec 2019 10:22:08 GMT
Connection: keep-alive
ETag: "5dee2050-47e"
Strict-Transport-Security: max-age=15768000
Accept-Ranges: bytes