r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 381442da2a14cb93770f4c8f6e19d35b
31c48467751e2450a63004c57eea0c7872023eaf
61b0985f47033bd7020ab3b8cdcbc6c17be6ab9b6feba69e006088b78e21c0f0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61B0985F47033BD7020AB3B8CDCBC6C17BE6AB9B6FEBA69E006088B78E21C0F0"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8515
Expires: Fri, 16 Dec 2022 20:57:20 GMT
Date: Fri, 16 Dec 2022 18:35:25 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ae86164fd9297dfdc05d67d69284d70e
5e5f27e3fd492f715baa6820f05c0fafde4040b3
be20f6ae6a51d20611cb4d350b52a5d0a339af6722fe9b2482ef58826c1e9de0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE20F6AE6A51D20611CB4D350B52A5D0A339AF6722FE9B2482EF58826C1E9DE0"
Last-Modified: Thu, 15 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6063
Expires: Fri, 16 Dec 2022 20:16:28 GMT
Date: Fri, 16 Dec 2022 18:35:25 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 16 Dec 2022 17:45:11 GMT
content-type: application/json
age: 3014
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 555fc6e99ad3bf077d1c4b9b805e428d
4e800fc8e809a950288df0e94992084647762561
fac00cada519279717e2a13528cb202d292fc92ed5eb42782c41f8e7b9509eaf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAC00CADA519279717E2A13528CB202D292FC92ED5EB42782C41F8E7B9509EAF"
Last-Modified: Fri, 16 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13564
Expires: Fri, 16 Dec 2022 22:21:29 GMT
Date: Fri, 16 Dec 2022 18:35:25 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: aKg9dqD06l1+i8s5NdUF3lQ8Vk8CQfpuaWYLqfspLHz1HsvCRLHEkpS8lKhOXixAOw4Hs55vP9HalLSceHcGiA==
x-amz-request-id: D66KF2RRHEGNDYHF
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 16 Dec 2022 17:53:20 GMT
age: 2525
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
czjilce-aqg-6.tk/nene/login.globalsources.com/error.php?email=
162.241.87.224200 OK 12 kB URL HTTP/1.1 czjilce-aqg-6.tk/nene/login.globalsources.com/error.php?email=
IP 162.241.87.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (597), with CRLF line terminators
Hash 2a23682e6c344b2d2b01dc13d0e8c2ff
7373290b4cce98841e2e4c72baf57971cc55e68e
f6de24cb3a3a13acc164ec1d88c628c6bbe7280c7082c50f97bce4e4df3578e9
Analyzer Verdict Alert openphish Global Sources (HK)
fortinet Phishing
quad9 Sinkholed
GET /nene/login.globalsources.com/error.php?email= HTTP/1.1
Host: czjilce-aqg-6.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 18:35:24 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 16 Dec 2022 18:35:25 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 16 Dec 2022 18:33:23 GMT
age: 122
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 142400be99b933ea5e0c68ea6a6b3e89
80e94132940e5ebe69dd0a03396764127b8fda49
20e8cde3c6907a3c5d97fe9fbcf6a44035e1f7482f7e166adb2c38a30a9084ea
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1359
Cache-Control: max-age=140045
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 18:35:26 GMT
Etag: "639c352c-1d7"
Expires: Sun, 18 Dec 2022 09:29:31 GMT
Last-Modified: Fri, 16 Dec 2022 09:06:52 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.13.173.34101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.13.173.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: fmcbQIxM8kVBOBqV61e1SA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: mftxNs5cXzQMo/8PthCG44+wLAw=
login.globalsources.com/sso/gsol/pex/en/balat/images/BLANK.GIF
107.154.199.39200 OK 43 B URL HTTP/2 login.globalsources.com/sso/gsol/pex/en/balat/images/BLANK.GIF
IP 107.154.199.39:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55fade2068e7503eae8d7ddf5eb6bd09
317496a096d6c86486a71d4521994bcd171a6bb3
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
GET /sso/gsol/pex/en/balat/images/BLANK.GIF HTTP/1.1
Host: login.globalsources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Dec 2022 18:35:26 GMT
content-type: image/gif
content-length: 43
set-cookie: AWSALBTG=h5PO2jko0YqVJ6rdmuJ9GsADMAZX4+3iNZJqHNXJeGOLDpSZJboPADaGegoj9pYYS+/5eVnICCSUmCsqSdpWBoY0z/Q3bazE8dugAZW7do1004Kedys5k4FdDlTysCZ3XqptrbposH2cybPm8ng/jLchUaz0j0KK5n+KdTN/by9n; Expires=Fri, 23 Dec 2022 18:35:26 GMT; Path=/
AWSALBTGCORS=h5PO2jko0YqVJ6rdmuJ9GsADMAZX4+3iNZJqHNXJeGOLDpSZJboPADaGegoj9pYYS+/5eVnICCSUmCsqSdpWBoY0z/Q3bazE8dugAZW7do1004Kedys5k4FdDlTysCZ3XqptrbposH2cybPm8ng/jLchUaz0j0KK5n+KdTN/by9n; Expires=Fri, 23 Dec 2022 18:35:26 GMT; Path=/; SameSite=None; Secure
AWSALB=t/IMahP7BncUU062F4gkz+/PXCAJeQfnm+ufZpz6K1oiIFiJ0y7UJAK4qNQB/ZSQ6NKpUmpAAA6LAqFxsvyzBU5vqtfbCDduTHo4cEBd6FYoGD/7ILeaTIcdfXjY; Expires=Fri, 23 Dec 2022 18:35:26 GMT; Path=/
AWSALBCORS=t/IMahP7BncUU062F4gkz+/PXCAJeQfnm+ufZpz6K1oiIFiJ0y7UJAK4qNQB/ZSQ6NKpUmpAAA6LAqFxsvyzBU5vqtfbCDduTHo4cEBd6FYoGD/7ILeaTIcdfXjY; Expires=Fri, 23 Dec 2022 18:35:26 GMT; Path=/; SameSite=None; Secure
nlbi_2766148=wTuRWwhgey47FKTmOJREPwAAAADxt1G2RgGUrWIKEP1lLMmL; path=/; Domain=.globalsources.com
visid_incap_2766148=8eZgtdo7RNSE+bNVYhmCr226nGMAAAAAQUIPAAAAAACvRYjTNGZWRdpjgKRriOLj; expires=Fri, 15 Dec 2023 22:29:36 GMT; HttpOnly; path=/; Domain=.globalsources.com
incap_ses_277_2766148=syn3VQuUZW0RvvdgiBrYA266nGMAAAAAWufihjinNcGfsBcA32xWoA==; path=/; Domain=.globalsources.com
last-modified: Thu, 28 Apr 2022 06:31:57 GMT
accept-ranges: bytes
cache-control: no-cache
pragma: no-cache
expires: Mon, 01 Jan 1999 00:00:00 GMT
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' *.globalsources.com; upgrade-insecure-requests;
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.globalsources.com ; form-action 'none' data: blob: ; frame-ancestors 'self' ; report-uri /csp_report
x-iinfo: 14-93908584-93908598 nNNN RT(1671215725512 39) q(0 0 5 1) r(7 7) U2
X-Firefox-Spdy: h2
login.globalsources.com/sso/gsol/pex/en/balat/images/APPEDU_LOGO_APP.JPG
107.154.199.39200 OK 4.3 kB URL HTTP/2 login.globalsources.com/sso/gsol/pex/en/balat/images/APPEDU_LOGO_APP.JPG
IP 107.154.199.39:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 142x46, components 3\012- data
Hash 3416d1e30f078febf83bad93f15f7ba6
2997b26ac512fd945f5c1ef64e3bcf178ee47f6b
900774ab9d108ddeee13c38f67680d8b855588ab4b3c37949fa79f4b15c4e3a9
GET /sso/gsol/pex/en/balat/images/APPEDU_LOGO_APP.JPG HTTP/1.1
Host: login.globalsources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Dec 2022 18:35:26 GMT
content-type: image/jpeg
content-length: 4284
set-cookie: AWSALBTG=IQXHMDVNJmMTK6CH7CKkL3e7aDlqtqtVUpdOxpCjt8fN5FtkdNcPnG7mgxRYUFG7rQdnQiiPD+RIllBH0NV7KLUN0FYc3x+tlo92+VcYobf/Lo5HqsQgbLuUxrBok0c2zpy+5yeUc+8194Fcbsgk3pCBHMV1VHhZetqwGbTvtgCN; Expires=Fri, 23 Dec 2022 18:35:26 GMT; Path=/
AWSALBTGCORS=IQXHMDVNJmMTK6CH7CKkL3e7aDlqtqtVUpdOxpCjt8fN5FtkdNcPnG7mgxRYUFG7rQdnQiiPD+RIllBH0NV7KLUN0FYc3x+tlo92+VcYobf/Lo5HqsQgbLuUxrBok0c2zpy+5yeUc+8194Fcbsgk3pCBHMV1VHhZetqwGbTvtgCN; Expires=Fri, 23 Dec 2022 18:35:26 GMT; Path=/; SameSite=None; Secure
AWSALB=pq1YcFARMSpCmK/4u6iXv9hOCk7ZheSzyuucbxSBYJyOXAsXHDjXWivsDkihtycE/NqlHOy0DZ2URnY8WiIjrGUcXKEURDwwU5eirIgEzQqrZkvLvYQrNlUqm21r; Expires=Fri, 23 Dec 2022 18:35:26 GMT; Path=/
AWSALBCORS=pq1YcFARMSpCmK/4u6iXv9hOCk7ZheSzyuucbxSBYJyOXAsXHDjXWivsDkihtycE/NqlHOy0DZ2URnY8WiIjrGUcXKEURDwwU5eirIgEzQqrZkvLvYQrNlUqm21r; Expires=Fri, 23 Dec 2022 18:35:26 GMT; Path=/; SameSite=None; Secure
nlbi_2766148=ZDFFJBuzwD/Spx8LOJREPwAAAADLmwmWyhxJDJA5sZR0QV2U; path=/; Domain=.globalsources.com
visid_incap_2766148=8eZgtdo7RNSE+bNVYhmCr226nGMAAAAAQUIPAAAAAACvRYjTNGZWRdpjgKRriOLj; expires=Fri, 15 Dec 2023 22:29:36 GMT; HttpOnly; path=/; Domain=.globalsources.com
incap_ses_277_2766148=mVVtQ/TiJG8RvvdgiBrYA266nGMAAAAAM5hXdc5enaicVMQEUB/O4w==; path=/; Domain=.globalsources.com
last-modified: Sun, 31 Oct 2021 12:47:51 GMT
accept-ranges: bytes
cache-control: no-cache
pragma: no-cache
expires: Mon, 01 Jan 1999 00:00:00 GMT
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' *.globalsources.com; upgrade-insecure-requests;
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.globalsources.com ; form-action 'none' data: blob: ; frame-ancestors 'self' ; report-uri /csp_report
x-iinfo: 14-93908584-93907033 2NNN RT(1671215725512 34) q(0 0 0 1) r(9 9) U2
X-Firefox-Spdy: h2
login.globalsources.com/sso/gsol/pex/en/balat/images/APPEDU_LOGO_GOOGLE.JPG
107.154.199.39200 OK 4.7 kB URL HTTP/2 login.globalsources.com/sso/gsol/pex/en/balat/images/APPEDU_LOGO_GOOGLE.JPG
IP 107.154.199.39:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 142x46, components 3\012- data
Hash f68d2d065e34993ce6e4b832737c7147
8e799c63bd8292de2f320b8afa23524107773266
b0501c9294231206d2aeb28e8bbd622910de7fc139e02756dc339cb9a68d017f
GET /sso/gsol/pex/en/balat/images/APPEDU_LOGO_GOOGLE.JPG HTTP/1.1
Host: login.globalsources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Dec 2022 18:35:27 GMT
content-type: image/jpeg
content-length: 4667
set-cookie: AWSALBTG=7OfG9KqfhcfLS6YVQtIqIX2wFdfvwa5GGUTtEeeRshnQOjMaYiWPGwujWccZPo770B1ElXg2eZO46YbiiU6H3wPCTvh3pVtL2+Rxezhzs0hOt1ox3clX+zumPNnBIibUSrx7osGcfFEOKo6hW/D8Omqww6cf4dIoEN8uFktkU2nD; Expires=Fri, 23 Dec 2022 18:35:27 GMT; Path=/
AWSALBTGCORS=7OfG9KqfhcfLS6YVQtIqIX2wFdfvwa5GGUTtEeeRshnQOjMaYiWPGwujWccZPo770B1ElXg2eZO46YbiiU6H3wPCTvh3pVtL2+Rxezhzs0hOt1ox3clX+zumPNnBIibUSrx7osGcfFEOKo6hW/D8Omqww6cf4dIoEN8uFktkU2nD; Expires=Fri, 23 Dec 2022 18:35:27 GMT; Path=/; SameSite=None; Secure
AWSALB=/HM3GNt/trfPS0E2SbEP7ZgKGPYvEO8GvmOp6P8ZfBBTPeN0l7TFJf3ihGvGF5VowwPrXmZ/2rtqeLdbwKMmMVGCv2NergbdOAxImkD7Aog6Z+rqEOZwVjD1iSxI; Expires=Fri, 23 Dec 2022 18:35:27 GMT; Path=/
AWSALBCORS=/HM3GNt/trfPS0E2SbEP7ZgKGPYvEO8GvmOp6P8ZfBBTPeN0l7TFJf3ihGvGF5VowwPrXmZ/2rtqeLdbwKMmMVGCv2NergbdOAxImkD7Aog6Z+rqEOZwVjD1iSxI; Expires=Fri, 23 Dec 2022 18:35:27 GMT; Path=/; SameSite=None; Secure
nlbi_2766148=ICzYPFWa7jrqilggOJREPwAAAABPm1xsWOW4Dln2kwvpkjV2; path=/; Domain=.globalsources.com
visid_incap_2766148=8eZgtdo7RNSE+bNVYhmCr226nGMAAAAAQUIPAAAAAACvRYjTNGZWRdpjgKRriOLj; expires=Fri, 15 Dec 2023 22:29:36 GMT; HttpOnly; path=/; Domain=.globalsources.com
incap_ses_277_2766148=zB8HLVueR08RvvdgiBrYA266nGMAAAAA5TNHCRlNX6G4eb09D6LwUQ==; path=/; Domain=.globalsources.com
last-modified: Thu, 28 Apr 2022 06:31:57 GMT
accept-ranges: bytes
cache-control: no-cache
pragma: no-cache
expires: Mon, 01 Jan 1999 00:00:00 GMT
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' *.globalsources.com; upgrade-insecure-requests;
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.globalsources.com ; form-action 'none' data: blob: ; frame-ancestors 'self' ; report-uri /csp_report
x-iinfo: 14-93908584-93906220 2NNN RT(1671215725512 37) q(0 0 0 0) r(10 10) U2
X-Firefox-Spdy: h2
login.globalsources.com/sso/gsol/pex/en/balat/images/GSLOGO.PNG
107.154.199.39200 OK 3.8 kB URL HTTP/2 login.globalsources.com/sso/gsol/pex/en/balat/images/GSLOGO.PNG
IP 107.154.199.39:0
File type PNG image data, 210 x 32, 8-bit colormap, non-interlaced\012- data
Hash a8656a61ac922e6b5e297627ae7b078a
fd0a07d76165669d22d9b8c1e930da9fb51aef22
465c8b941a45a964b3c73162a3357083c03e807f2eb45a6e0cc03658f686ece6
GET /sso/gsol/pex/en/balat/images/GSLOGO.PNG HTTP/1.1
Host: login.globalsources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Dec 2022 18:35:27 GMT
content-type: image/png
content-length: 3788
set-cookie: AWSALBTG=Pnr6bkgJFIneLrgANJTTpO5Tp2WjIrqYXuV/Wtts+z/8U0Dv0gtMQlYWg6+1JUDKPfYrKUH2MxDuzjqf+Sn7ZuQOkBsRDZEk5zPlc/OXm3tLT3aUzMcyuQYbfOh6zKrmpD8sDZiCpoKpsALVLbs98VfaTyAK2qWHkFdupZkRGEHg; Expires=Fri, 23 Dec 2022 18:35:27 GMT; Path=/
AWSALBTGCORS=Pnr6bkgJFIneLrgANJTTpO5Tp2WjIrqYXuV/Wtts+z/8U0Dv0gtMQlYWg6+1JUDKPfYrKUH2MxDuzjqf+Sn7ZuQOkBsRDZEk5zPlc/OXm3tLT3aUzMcyuQYbfOh6zKrmpD8sDZiCpoKpsALVLbs98VfaTyAK2qWHkFdupZkRGEHg; Expires=Fri, 23 Dec 2022 18:35:27 GMT; Path=/; SameSite=None; Secure
AWSALB=JxRdYt/G5gszwIctB9dDW7CMG3ixHuBQeifDznlv113+3pXiNQs2Lc4/0324vnSS4LJv0C3fBUwTsyIFRf9vn0KYSXeXuFpEJASQ+N6iLZtVEJ7X8RjHTS9XdVaN; Expires=Fri, 23 Dec 2022 18:35:27 GMT; Path=/
AWSALBCORS=JxRdYt/G5gszwIctB9dDW7CMG3ixHuBQeifDznlv113+3pXiNQs2Lc4/0324vnSS4LJv0C3fBUwTsyIFRf9vn0KYSXeXuFpEJASQ+N6iLZtVEJ7X8RjHTS9XdVaN; Expires=Fri, 23 Dec 2022 18:35:27 GMT; Path=/; SameSite=None; Secure
nlbi_2766148=1+xOASayAnoygYVTOJREPwAAAADuv89xaxG3O0+9dZIXfRno; path=/; Domain=.globalsources.com
visid_incap_2766148=8eZgtdo7RNSE+bNVYhmCr226nGMAAAAAQUIPAAAAAACvRYjTNGZWRdpjgKRriOLj; expires=Fri, 15 Dec 2023 22:29:36 GMT; HttpOnly; path=/; Domain=.globalsources.com
incap_ses_277_2766148=HyS/VTA3Z2gRvvdgiBrYA266nGMAAAAAKk74wO3u1CM5NMCRMS9hlg==; path=/; Domain=.globalsources.com
last-modified: Sun, 31 Oct 2021 12:47:51 GMT
accept-ranges: bytes
cache-control: no-cache
pragma: no-cache
expires: Mon, 01 Jan 1999 00:00:00 GMT
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' *.globalsources.com; upgrade-insecure-requests;
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.globalsources.com ; form-action 'none' data: blob: ; frame-ancestors 'self' ; report-uri /csp_report
x-iinfo: 14-93908584-93907033 2NNN RT(1671215725512 33) q(0 0 0 2) r(11 11) U2
X-Firefox-Spdy: h2
login.globalsources.com/sso/gsol/pex/en/balat/images/GSLOGIN_PROMO_PIC.JPG
107.154.199.39200 OK 65 kB URL HTTP/2 login.globalsources.com/sso/gsol/pex/en/balat/images/GSLOGIN_PROMO_PIC.JPG
IP 107.154.199.39:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 456x555, components 3\012- data
Hash f4cfa4fb0267a0184bc6caa933d39633
7871c922ca703ddf022e5cf32d70de76ea42be16
a333d615df16eae983fc674e1e06c445d08bc440cb16eff950ec7570d98c3206
GET /sso/gsol/pex/en/balat/images/GSLOGIN_PROMO_PIC.JPG HTTP/1.1
Host: login.globalsources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Dec 2022 18:35:26 GMT
content-type: image/jpeg
content-length: 64609
set-cookie: AWSALBTG=ipI2ImuRnik0EjOfFDcduKTXe20aVQJJaYsEFHMSlNR9bKJDDDCGSfzOIoHItr+Sgyu0DvmKwH6WTQSRuKAK+XB0TOZeKgn7x+bYcKY+xn0HVodCNS75yo+WH0OZPDZP5q3ZRveSCEd/LGBM1iypi1fTA4bLjlwtpo1j3/fxuXp4; Expires=Fri, 23 Dec 2022 18:35:26 GMT; Path=/
AWSALBTGCORS=ipI2ImuRnik0EjOfFDcduKTXe20aVQJJaYsEFHMSlNR9bKJDDDCGSfzOIoHItr+Sgyu0DvmKwH6WTQSRuKAK+XB0TOZeKgn7x+bYcKY+xn0HVodCNS75yo+WH0OZPDZP5q3ZRveSCEd/LGBM1iypi1fTA4bLjlwtpo1j3/fxuXp4; Expires=Fri, 23 Dec 2022 18:35:26 GMT; Path=/; SameSite=None; Secure
AWSALB=6F5cC6s9130+ZqGb+5eT6fjRgMg+34XqcGNiXG+fgAZc4HcE3lGeg5p7ATX+19bvjPc1Tr/F91wKxNhw3DzLwTfYhLJ+4GEXLn7/g0gQ1xH8uHihdJ43oF8bfdAG; Expires=Fri, 23 Dec 2022 18:35:26 GMT; Path=/
AWSALBCORS=6F5cC6s9130+ZqGb+5eT6fjRgMg+34XqcGNiXG+fgAZc4HcE3lGeg5p7ATX+19bvjPc1Tr/F91wKxNhw3DzLwTfYhLJ+4GEXLn7/g0gQ1xH8uHihdJ43oF8bfdAG; Expires=Fri, 23 Dec 2022 18:35:26 GMT; Path=/; SameSite=None; Secure
nlbi_2766148=QofVEx0HoWhwIdt9OJREPwAAAADBk9M55Xjl/1UeVE/n+xfj; path=/; Domain=.globalsources.com
visid_incap_2766148=8eZgtdo7RNSE+bNVYhmCr226nGMAAAAAQUIPAAAAAACvRYjTNGZWRdpjgKRriOLj; expires=Fri, 15 Dec 2023 22:29:36 GMT; HttpOnly; path=/; Domain=.globalsources.com
incap_ses_277_2766148=HND4RgCwAD8RvvdgiBrYA266nGMAAAAAFdsUrjJtqbA2mcjx6oHdhQ==; path=/; Domain=.globalsources.com
last-modified: Sun, 31 Oct 2021 12:47:51 GMT
accept-ranges: bytes
cache-control: no-cache
pragma: no-cache
expires: Mon, 01 Jan 1999 00:00:00 GMT
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' *.globalsources.com; upgrade-insecure-requests;
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.globalsources.com ; form-action 'none' data: blob: ; frame-ancestors 'self' ; report-uri /csp_report
x-iinfo: 14-93908584-93906220 2NNN RT(1671215725512 38) q(0 0 0 2) r(12 12) U2
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-5CGM9T
142.250.74.40302 Found 250 B URL HTTP/1.1 www.googletagmanager.com/gtm.js?id=GTM-5CGM9T
IP 142.250.74.40:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 08dc1097c83d6f931819890010215132
651f4c8dec266bc1149c5009aeaff8b850c95cfa
45e607d3d26d0460dc67aded9e4bab3da0e230ad8656bc7cde02db523965d5f0
GET /gtm.js?id=GTM-5CGM9T HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtm.js?id=GTM-5CGM9T
Cross-Origin-Resource-Policy: cross-origin
Date: Fri, 16 Dec 2022 18:35:27 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 250
X-XSS-Protection: 0
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 0e5a8cf5962c05bf28a3b45f5c8745e2
9c5d7e8aeab26f9fd2e753ab4dc65d6fa8ea955f
f614642045fcd0ee373ed6cabe67514f4bb54c7fb4f1181b52eaec12d7e0479e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F614642045FCD0EE373ED6CABE67514F4BB54C7FB4F1181B52EAEC12D7E0479E"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6717
Expires: Fri, 16 Dec 2022 20:27:24 GMT
Date: Fri, 16 Dec 2022 18:35:27 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 0e5a8cf5962c05bf28a3b45f5c8745e2
9c5d7e8aeab26f9fd2e753ab4dc65d6fa8ea955f
f614642045fcd0ee373ed6cabe67514f4bb54c7fb4f1181b52eaec12d7e0479e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F614642045FCD0EE373ED6CABE67514F4BB54C7FB4F1181B52EAEC12D7E0479E"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6717
Expires: Fri, 16 Dec 2022 20:27:24 GMT
Date: Fri, 16 Dec 2022 18:35:27 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 0e5a8cf5962c05bf28a3b45f5c8745e2
9c5d7e8aeab26f9fd2e753ab4dc65d6fa8ea955f
f614642045fcd0ee373ed6cabe67514f4bb54c7fb4f1181b52eaec12d7e0479e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F614642045FCD0EE373ED6CABE67514F4BB54C7FB4F1181B52EAEC12D7E0479E"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6717
Expires: Fri, 16 Dec 2022 20:27:24 GMT
Date: Fri, 16 Dec 2022 18:35:27 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 0e5a8cf5962c05bf28a3b45f5c8745e2
9c5d7e8aeab26f9fd2e753ab4dc65d6fa8ea955f
f614642045fcd0ee373ed6cabe67514f4bb54c7fb4f1181b52eaec12d7e0479e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F614642045FCD0EE373ED6CABE67514F4BB54C7FB4F1181B52EAEC12D7E0479E"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6717
Expires: Fri, 16 Dec 2022 20:27:24 GMT
Date: Fri, 16 Dec 2022 18:35:27 GMT
Connection: keep-alive
login.globalsources.com/sso/gsol/pex/en/common/includes/egain_docked_chat.js
107.154.199.39200 OK 8.4 kB URL HTTP/2 login.globalsources.com/sso/gsol/pex/en/common/includes/egain_docked_chat.js
IP 107.154.199.39:0
Hash e497ef0075c499f1e0c755ea66500e1c
f38de6bcf3919cd59c60f8602129661b4cff6ac2
d1501d2f494e1321e0e1564522bd58414ecd916c6f97917e49bbe3b5cc4cd6bd
GET /sso/gsol/pex/en/common/includes/egain_docked_chat.js HTTP/1.1
Host: login.globalsources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 16 Dec 2022 18:35:26 GMT
content-type: application/x-javascript
set-cookie: AWSALBTG=Yo6B+GQq6Oz7KTje8buCXNWYulxn94VLlHTdHlTdQrKUdKLY8BsXTypaS62ZkyRGTqCmktsaMOcDtZ7sl8lqx32p4+G2ff+uqxERiIwBfSz6/d4MH3ABTBioSwIuSXTekpmexqtI9HMCfFnnREQomNAST/e9AZ1+vw6KIhZDkRFI; Expires=Fri, 23 Dec 2022 18:35:26 GMT; Path=/
AWSALBTGCORS=Yo6B+GQq6Oz7KTje8buCXNWYulxn94VLlHTdHlTdQrKUdKLY8BsXTypaS62ZkyRGTqCmktsaMOcDtZ7sl8lqx32p4+G2ff+uqxERiIwBfSz6/d4MH3ABTBioSwIuSXTekpmexqtI9HMCfFnnREQomNAST/e9AZ1+vw6KIhZDkRFI; Expires=Fri, 23 Dec 2022 18:35:26 GMT; Path=/; SameSite=None; Secure
AWSALB=IkGL1+X/FRBfLFJbH0VlFT2Je6IbCzSQ+UTOaGx7GCWM9wpuhKyBPWDZNfQrFuyPfxHppeiyF61bkXYHPuUfwo6zUXLzoB9eIreL0cm1S0+hrRgzNOVDD89qlLyk; Expires=Fri, 23 Dec 2022 18:35:26 GMT; Path=/
AWSALBCORS=IkGL1+X/FRBfLFJbH0VlFT2Je6IbCzSQ+UTOaGx7GCWM9wpuhKyBPWDZNfQrFuyPfxHppeiyF61bkXYHPuUfwo6zUXLzoB9eIreL0cm1S0+hrRgzNOVDD89qlLyk; Expires=Fri, 23 Dec 2022 18:35:26 GMT; Path=/; SameSite=None; Secure
nlbi_2766148=vFwGRkq9XlTLcDjHOJREPwAAAADGu7KTsPmXyZ1Kw1/oi14y; path=/; Domain=.globalsources.com
visid_incap_2766148=8eZgtdo7RNSE+bNVYhmCr226nGMAAAAAQUIPAAAAAACvRYjTNGZWRdpjgKRriOLj; expires=Fri, 15 Dec 2023 22:29:36 GMT; HttpOnly; path=/; Domain=.globalsources.com
incap_ses_277_2766148=C48pXiViHhQRvvdgiBrYA266nGMAAAAAuNthq7fN4poUwE83J/BjaA==; path=/; Domain=.globalsources.com
last-modified: Thu, 28 Apr 2022 06:31:58 GMT
cache-control: no-cache
pragma: no-cache
expires: Mon, 01 Jan 1999 00:00:00 GMT
content-encoding: gzip
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' *.globalsources.com; upgrade-insecure-requests;
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.globalsources.com ; form-action 'none' data: blob: ; frame-ancestors 'self' ; report-uri /csp_report
x-iinfo: 14-93908584-93906226 2NNN RT(1671215725512 30) q(0 0 0 1) r(10 10) U2
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4be35fbc-e4f0-449f-a4a6-8630871dbbca.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4be35fbc-e4f0-449f-a4a6-8630871dbbca.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3ffaf7e3899d2e846612269608ae1286
07e6d729ad09430b483f44c16146dd2707935314
0d101f77b5159818bdac6fd41d43df60d95a08cebea93b9c661d5694a2d92f54
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4be35fbc-e4f0-449f-a4a6-8630871dbbca.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11887
x-amzn-requestid: 1bd2cd9d-d47b-4c67-ab16-9b9b6126fcd6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dNQ9ME94IAMFzWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639b9521-1f916ee5306bdb53701cba5a;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 21:44:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CPFHf2jkYX-Eas9cB8nUrwbbdc1b5HOkQmMosBIUXlQxkK8VXRz8ng==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 22:15:42 GMT
age: 73185
etag: "07e6d729ad09430b483f44c16146dd2707935314"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
login.globalsources.com/sso/gsol/pex/en/balat/includes/SSO.JS
107.154.199.39200 OK 11 kB URL HTTP/2 login.globalsources.com/sso/gsol/pex/en/balat/includes/SSO.JS
IP 107.154.199.39:0
Hash b399382f4410b72d4863df7fdc30b26d
eae9ff88191033dc8f0376166788edb7e51d56fe
3b3947b966c655448040c0d4965b5404105c05effa6502203092ae68b1a79406
GET /sso/gsol/pex/en/balat/includes/SSO.JS HTTP/1.1
Host: login.globalsources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Dec 2022 18:35:26 GMT
content-type: application/x-javascript
set-cookie: AWSALBTG=0sQfL8cK4xSkhtYR/0kUz7njDNwRLRwbmwVgOWWL6r0J81U+iilS9bOLPdOxhZ5LELo+9Xnaov0a51G0Z2xz5yU5xXwy/hqXaiDFafTV0QvWkCZRUpmOL+JGhqVRLoj4d43EXz4zux0yLSGW5g9HeNv20DWSp3mGR2cBg+T+8Rf2; Expires=Fri, 23 Dec 2022 18:35:26 GMT; Path=/
AWSALBTGCORS=0sQfL8cK4xSkhtYR/0kUz7njDNwRLRwbmwVgOWWL6r0J81U+iilS9bOLPdOxhZ5LELo+9Xnaov0a51G0Z2xz5yU5xXwy/hqXaiDFafTV0QvWkCZRUpmOL+JGhqVRLoj4d43EXz4zux0yLSGW5g9HeNv20DWSp3mGR2cBg+T+8Rf2; Expires=Fri, 23 Dec 2022 18:35:26 GMT; Path=/; SameSite=None; Secure
AWSALB=2cW0lVfnSd4aofRqYZ94i3L9fj0PxJUZ12GYkk6UxW8AeaDe5oAvReq6PF7gerhPcb7ED969xeDVeaWO6MJwrPXsQ2E7hcdKQq+F0TMyoj6QBV+Mj7FZvwCk4nW+; Expires=Fri, 23 Dec 2022 18:35:26 GMT; Path=/
AWSALBCORS=2cW0lVfnSd4aofRqYZ94i3L9fj0PxJUZ12GYkk6UxW8AeaDe5oAvReq6PF7gerhPcb7ED969xeDVeaWO6MJwrPXsQ2E7hcdKQq+F0TMyoj6QBV+Mj7FZvwCk4nW+; Expires=Fri, 23 Dec 2022 18:35:26 GMT; Path=/; SameSite=None; Secure
nlbi_2766148=2xCDT6692CYNi49eOJREPwAAAAAyZ+E/QvLivq4KxKH/ZOv1; path=/; Domain=.globalsources.com
visid_incap_2766148=8eZgtdo7RNSE+bNVYhmCr226nGMAAAAAQUIPAAAAAACvRYjTNGZWRdpjgKRriOLj; expires=Fri, 15 Dec 2023 22:29:36 GMT; HttpOnly; path=/; Domain=.globalsources.com
incap_ses_277_2766148=oiM+CmwIwkgRvvdgiBrYA266nGMAAAAA9vbafCi7NkneX0VjHB02Rw==; path=/; Domain=.globalsources.com
last-modified: Thu, 28 Apr 2022 06:28:08 GMT
cache-control: no-cache
pragma: no-cache
expires: Mon, 01 Jan 1999 00:00:00 GMT
content-encoding: gzip
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' *.globalsources.com; upgrade-insecure-requests;
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.globalsources.com ; form-action 'none' data: blob: ; frame-ancestors 'self' ; report-uri /csp_report
x-iinfo: 14-93908584-93907033 2NNN RT(1671215725512 33) q(0 0 0 0) r(9 9) U2
X-Firefox-Spdy: h2
login.globalsources.com/sso/gsol/pex/en/balat/includes/EGSOL_WEB_UI.JS
107.154.199.39200 OK 14 kB URL HTTP/2 login.globalsources.com/sso/gsol/pex/en/balat/includes/EGSOL_WEB_UI.JS
IP 107.154.199.39:0
Hash a0fbcfae021cee6fc59130702bab0804
484c5205dbd6192691f6b2f2ff241b5ad82a729d
ac15d5080098e6ac62934c8101e9dd2742fad6348f96b8a66786241ff92b2705
GET /sso/gsol/pex/en/balat/includes/EGSOL_WEB_UI.JS HTTP/1.1
Host: login.globalsources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 16 Dec 2022 18:35:26 GMT
content-type: application/x-javascript
set-cookie: AWSALBTG=a/g3OueiHqC4h4w7+tvM0lpTBPZ+kQqEhZNrfmqVS5GHktTEz+O4UHnieGMJPMDXBVK3x1veDCKR9OSeXnBc3vdvDmquNzTCQIyiAf7ppL7UCoIwv04Qe1G1e1qKwBhChodMRik+nbgrLA53Wt1rZPkChLbogKkK1KHdMzPQH/L9; Expires=Fri, 23 Dec 2022 18:35:26 GMT; Path=/
AWSALBTGCORS=a/g3OueiHqC4h4w7+tvM0lpTBPZ+kQqEhZNrfmqVS5GHktTEz+O4UHnieGMJPMDXBVK3x1veDCKR9OSeXnBc3vdvDmquNzTCQIyiAf7ppL7UCoIwv04Qe1G1e1qKwBhChodMRik+nbgrLA53Wt1rZPkChLbogKkK1KHdMzPQH/L9; Expires=Fri, 23 Dec 2022 18:35:26 GMT; Path=/; SameSite=None; Secure
AWSALB=SpTudoU0+3awjlDklec78Opyi1OF1xxJcjwfZy9iDna3I5Xe9DSbhDimVHHD42D+JK+d3/NMpEZLc0hn4De17XbAbLNG0rvqYAkqMgQk22GvHEarHbyRRp4lpsmq; Expires=Fri, 23 Dec 2022 18:35:26 GMT; Path=/
AWSALBCORS=SpTudoU0+3awjlDklec78Opyi1OF1xxJcjwfZy9iDna3I5Xe9DSbhDimVHHD42D+JK+d3/NMpEZLc0hn4De17XbAbLNG0rvqYAkqMgQk22GvHEarHbyRRp4lpsmq; Expires=Fri, 23 Dec 2022 18:35:26 GMT; Path=/; SameSite=None; Secure
nlbi_2766148=92B+TJFYInOzWR2lOJREPwAAAAA6jWr+ljizE8albITOfwld; path=/; Domain=.globalsources.com
visid_incap_2766148=8eZgtdo7RNSE+bNVYhmCr226nGMAAAAAQUIPAAAAAACvRYjTNGZWRdpjgKRriOLj; expires=Fri, 15 Dec 2023 22:29:36 GMT; HttpOnly; path=/; Domain=.globalsources.com
incap_ses_277_2766148=/eOiY/mJMDcRvvdgiBrYA266nGMAAAAAycKVbjwNYLzLRkBL6v592w==; path=/; Domain=.globalsources.com
last-modified: Thu, 28 Apr 2022 06:28:08 GMT
cache-control: no-cache
pragma: no-cache
expires: Mon, 01 Jan 1999 00:00:00 GMT
content-encoding: gzip
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' *.globalsources.com; upgrade-insecure-requests;
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.globalsources.com ; form-action 'none' data: blob: ; frame-ancestors 'self' ; report-uri /csp_report
x-iinfo: 14-93908584-93906220 2NNN RT(1671215725512 45) q(0 0 0 0) r(10 10) U2
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07861bcb-0cbb-458b-b85e-45f3efc2391a.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07861bcb-0cbb-458b-b85e-45f3efc2391a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9d38060edf5f77bdaa18a4dd3b092c12
50b89e4fbdb88026899ce49cb45b0d6286f303a7
8ff9d03bca03022c717004f96a178d4982d16b575cb70a1a237ca76f90f4f0e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07861bcb-0cbb-458b-b85e-45f3efc2391a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5789
x-amzn-requestid: bb0455df-4252-4b04-a24c-eb101e3e40db
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dKWBdFAUIAMFaig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639a6a09-1e3f6b0d0a59da3807acffee;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 00:27:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8Im_bGe9hCSbJVWPHhR1w_VPgmBayLnOwFnfi812N1q-5R9xvCp_KQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 02:02:37 GMT
age: 59570
etag: "50b89e4fbdb88026899ce49cb45b0d6286f303a7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 857c233c12303c504881fe6be8c763ac
f3c9d38f9d2b00d0d0af42b2c7fd0798facb90b7
dca13a7171433f1934346cdbf171275adccc74d9325afc8c80d19f6e0ec50404
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 18:35:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33ea75fa-e30c-4f7a-b0f6-24942168a508.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33ea75fa-e30c-4f7a-b0f6-24942168a508.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 83be48c5771e071d94ac0d912357ac99
97e31d3e2c268fe9335e1111bd2eb8cc9dd729d1
dc7eaffae4521f6bc297ce21c0abe99fe92bf8938266b550f8e38ff9705bdeda
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33ea75fa-e30c-4f7a-b0f6-24942168a508.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11196
x-amzn-requestid: 1bcdd4c6-14db-40bc-90aa-226a0e411a09
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dNQQJFFeIAMFQgQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639b9400-65c676d06a24e0252e8828dc;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 21:39:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: clnZ4iIDmF0oSqQv7wWwYt-KHO6U1Lp7hz706oDCBLhP3szyWQiDLw==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 22:08:33 GMT
age: 73614
etag: "97e31d3e2c268fe9335e1111bd2eb8cc9dd729d1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
analytics.analytics-egain.com/onetag/EG48975170
54.229.238.74400 94 B URL HTTP/1.1 analytics.analytics-egain.com/onetag/EG48975170
IP 54.229.238.74:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7c2244849ceda3c6e2bb50114f6058fb
d256ae299f5db884f47827d10825f70724506fa3
d1e261174189998690fd10b216468c539fddb4c0beee035d76e29fac38a378a7
GET /onetag/EG48975170 HTTP/1.1
Host: analytics.analytics-egain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
HTTP/1.1 400
Date: Fri, 16 Dec 2022 18:35:27 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Server:
Cache-Control: no-cache
www.googletagmanager.com/gtm.js?id=GTM-5CGM9T
142.250.74.40200 OK 97 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-5CGM9T
IP 142.250.74.40:0
File type Unicode text, UTF-8 text, with very long lines (53281)
Hash d0e8e40c44b8d305cd8dbeccdcab1aea
f8c727b2aba1c11560f7289678ec3e21f6413026
1c287661283bac7dd73c19ac30a91649acd85c1e4d87fdea8031ad79ffa994ba
GET /gtm.js?id=GTM-5CGM9T HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://czjilce-aqg-6.tk/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 16 Dec 2022 18:35:27 GMT
expires: Fri, 16 Dec 2022 18:35:27 GMT
cache-control: private, max-age=900
last-modified: Fri, 16 Dec 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 96815
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
login.globalsources.com/sso/gsol/pex/en/balat/images/BLANK.GIF
107.154.199.39200 OK 43 B URL HTTP/2 login.globalsources.com/sso/gsol/pex/en/balat/images/BLANK.GIF
IP 107.154.199.39:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55fade2068e7503eae8d7ddf5eb6bd09
317496a096d6c86486a71d4521994bcd171a6bb3
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
GET /sso/gsol/pex/en/balat/images/BLANK.GIF HTTP/1.1
Host: login.globalsources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Cookie: AWSALBTGCORS=AqLdNhrj2QLzTg9IbXCdWfyoPfffhniS0gVNRjH4oPsthbUDdJs4UIMvWHt6ay7gPX84BS4BhZW04Qkc7q7EFFrUQsEOCnSzu1R3aVaWwf4cKLREYLt7SO54U8ryJ2FEpqbMbDATuQY8mRADnKH+LRRVY+0mf/w0PXIMMJgFZXRK; AWSALBCORS=VlwcIxZCkqyhjHhvSZddDL42F6ohKT+7UFbDyfXEzBO6+ZRIJQclsgQvAeA/9C5Bldx1NKE150VDPTtEgdyovNazug304g5GYeZFqRsld8zBhW8K0WlufSNhQG/a
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 28 Apr 2022 06:31:57 GMT
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Dec 2022 18:35:27 GMT
content-type: image/gif
content-length: 43
set-cookie: AWSALBTG=KkPuzmPdRwp0Je+wFboLJX4wBObDrHa1SMmlYGsAwaYF14y5cOuEwRnhLGiroC/MBPtf79FkrGNlEjgjEPjS6eQZ4GEwXLehfbw+SoeAntpvc0O0kTe05FNLfQK7WWHPoWVLGlih1CtY+ygGzkMovgZus8UiLJ1sZTbMbwZt0Nzh; Expires=Fri, 23 Dec 2022 18:35:27 GMT; Path=/
AWSALBTGCORS=KkPuzmPdRwp0Je+wFboLJX4wBObDrHa1SMmlYGsAwaYF14y5cOuEwRnhLGiroC/MBPtf79FkrGNlEjgjEPjS6eQZ4GEwXLehfbw+SoeAntpvc0O0kTe05FNLfQK7WWHPoWVLGlih1CtY+ygGzkMovgZus8UiLJ1sZTbMbwZt0Nzh; Expires=Fri, 23 Dec 2022 18:35:27 GMT; Path=/; SameSite=None; Secure
AWSALB=W6hFs1pOiB2PXTZC+quAwXzrHpWbopvzfxhr19W9V4Xup3vOQPKoLJZVdnTxvcndmFOeLJQ3XCoI+bEKV8q0aLMe24gVwsg7uAi2NFSPITarxCAVExHo5lxyOcc5; Expires=Fri, 23 Dec 2022 18:35:27 GMT; Path=/
AWSALBCORS=W6hFs1pOiB2PXTZC+quAwXzrHpWbopvzfxhr19W9V4Xup3vOQPKoLJZVdnTxvcndmFOeLJQ3XCoI+bEKV8q0aLMe24gVwsg7uAi2NFSPITarxCAVExHo5lxyOcc5; Expires=Fri, 23 Dec 2022 18:35:27 GMT; Path=/; SameSite=None; Secure
nlbi_2766148=kg5WaYAVCm1oCSEiOJREPwAAAADB+K207KpmMWSoTN9fZIyC; path=/; Domain=.globalsources.com
visid_incap_2766148=8eZgtdo7RNSE+bNVYhmCr226nGMAAAAAQUIPAAAAAACvRYjTNGZWRdpjgKRriOLj; expires=Fri, 15 Dec 2023 22:29:36 GMT; HttpOnly; path=/; Domain=.globalsources.com
incap_ses_277_2766148=x65FTzkuejERvvdgiBrYA2+6nGMAAAAAdTKuBIZudbVQFZ4Ne1j9gw==; path=/; Domain=.globalsources.com
last-modified: Thu, 28 Apr 2022 06:28:07 GMT
accept-ranges: bytes
cache-control: no-cache
pragma: no-cache
expires: Mon, 01 Jan 1999 00:00:00 GMT
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' *.globalsources.com; upgrade-insecure-requests;
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.globalsources.com ; form-action 'none' data: blob: ; frame-ancestors 'self' ; report-uri /csp_report
x-iinfo: 14-93908584-93907033 2NNN RT(1671215725512 1471) q(0 0 0 0) r(3 3) U2
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 857c233c12303c504881fe6be8c763ac
f3c9d38f9d2b00d0d0af42b2c7fd0798facb90b7
dca13a7171433f1934346cdbf171275adccc74d9325afc8c80d19f6e0ec50404
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 18:35:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
login.globalsources.com/csp_report
107.154.199.39200 OK 0 B URL HTTP/2 login.globalsources.com/csp_report
IP 107.154.199.39:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp_report HTTP/1.1
Host: login.globalsources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 411
Origin: https://login.globalsources.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: text/plain
x-robots-tag: noindex
content-length: 0
set-cookie: visid_incap_2766148=8eZgtdo7RNSE+bNVYhmCr226nGMAAAAAQUIPAAAAAACvRYjTNGZWRdpjgKRriOLj; expires=Fri, 15 Dec 2023 22:29:37 GMT; HttpOnly; path=/; Domain=.globalsources.com
incap_ses_277_2766148=pUWvQXTePwERvvdgiBrYA2+6nGMAAAAAvZMvo/MHU0wM0E8cH56vug==; path=/; Domain=.globalsources.com
content-security-policy: frame-ancestors 'self' *.globalsources.com; upgrade-insecure-requests;
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.globalsources.com ; form-action 'none' data: blob: ; frame-ancestors 'self' ; report-uri /csp_report
X-Firefox-Spdy: h2
login.globalsources.com/sso/gsol/pex/en/balat/images/LINKEDIN_BUTTON.PNG
107.154.199.39200 OK 1.6 kB URL HTTP/2 login.globalsources.com/sso/gsol/pex/en/balat/images/LINKEDIN_BUTTON.PNG
IP 107.154.199.39:0
File type PNG image data, 146 x 63, 8-bit colormap, non-interlaced\012- data
Hash db7ada75691e9de834f24b8e1ca09a9d
e7dacc636b096ab8e4ed8380475b97b39b356ebb
d0f108ac5521a079f476c836ca9612310bd8da9e75ba91ff412653453939ae51
GET /sso/gsol/pex/en/balat/images/LINKEDIN_BUTTON.PNG HTTP/1.1
Host: login.globalsources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://login.globalsources.com/sso/gsol/pex/en/balat/includes/SSO.CSS
Cookie: AWSALBTGCORS=AqLdNhrj2QLzTg9IbXCdWfyoPfffhniS0gVNRjH4oPsthbUDdJs4UIMvWHt6ay7gPX84BS4BhZW04Qkc7q7EFFrUQsEOCnSzu1R3aVaWwf4cKLREYLt7SO54U8ryJ2FEpqbMbDATuQY8mRADnKH+LRRVY+0mf/w0PXIMMJgFZXRK; AWSALBCORS=VlwcIxZCkqyhjHhvSZddDL42F6ohKT+7UFbDyfXEzBO6+ZRIJQclsgQvAeA/9C5Bldx1NKE150VDPTtEgdyovNazug304g5GYeZFqRsld8zBhW8K0WlufSNhQG/a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Dec 2022 18:35:27 GMT
content-type: image/png
content-length: 1634
set-cookie: AWSALBTG=zcuFXd4txS9KJ3u27Cfw/dhG+eq7JtlOYUK8v/pX6PFdXG8qyqyPLdiKbqUPee8dk4nsoIV9HpEJ0aHudE5JaZYvRYjxmz36exYShvIC0SaI+zM2qLUzmfbaucrHXMcCJ7H/dPrjGsm07yJhJgldHjnvwzo6je7BueCrY2t8fpzp; Expires=Fri, 23 Dec 2022 18:35:27 GMT; Path=/
AWSALBTGCORS=zcuFXd4txS9KJ3u27Cfw/dhG+eq7JtlOYUK8v/pX6PFdXG8qyqyPLdiKbqUPee8dk4nsoIV9HpEJ0aHudE5JaZYvRYjxmz36exYShvIC0SaI+zM2qLUzmfbaucrHXMcCJ7H/dPrjGsm07yJhJgldHjnvwzo6je7BueCrY2t8fpzp; Expires=Fri, 23 Dec 2022 18:35:27 GMT; Path=/; SameSite=None; Secure
AWSALB=S/C6GwFCc82wgZ5b+oCcGpcmlsvV1IEqynI26py4p39qTghTUxqJ9SbseDoA555Drg99ItUSfy9HWMPgZK+xj/jKFVYVQfakRON+cNfZVR3clVyzebcmBBTtD3jG; Expires=Fri, 23 Dec 2022 18:35:27 GMT; Path=/
AWSALBCORS=S/C6GwFCc82wgZ5b+oCcGpcmlsvV1IEqynI26py4p39qTghTUxqJ9SbseDoA555Drg99ItUSfy9HWMPgZK+xj/jKFVYVQfakRON+cNfZVR3clVyzebcmBBTtD3jG; Expires=Fri, 23 Dec 2022 18:35:27 GMT; Path=/; SameSite=None; Secure
nlbi_2766148=ZlwXIORDRGx6BnvyOJREPwAAAAA/UOcOlEYK5T4VEmxt4NuF; path=/; Domain=.globalsources.com
visid_incap_2766148=8eZgtdo7RNSE+bNVYhmCr226nGMAAAAAQUIPAAAAAACvRYjTNGZWRdpjgKRriOLj; expires=Fri, 15 Dec 2023 22:29:36 GMT; HttpOnly; path=/; Domain=.globalsources.com
incap_ses_277_2766148=6tiKdqDNEFgRvvdgiBrYA2+6nGMAAAAA2TGaR28uu7f+GZr7R7qXRw==; path=/; Domain=.globalsources.com
last-modified: Thu, 28 Apr 2022 06:28:08 GMT
accept-ranges: bytes
cache-control: no-cache
pragma: no-cache
expires: Mon, 01 Jan 1999 00:00:00 GMT
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' *.globalsources.com; upgrade-insecure-requests;
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.globalsources.com ; form-action 'none' data: blob: ; frame-ancestors 'self' ; report-uri /csp_report
x-iinfo: 14-93908584-93907033 2NNN RT(1671215725512 1514) q(0 0 0 0) r(2 2) U2
X-Firefox-Spdy: h2
s.webtrends.com/js/webtrends.hm.js
143.204.55.43200 OK 7.4 kB URL HTTP/1.1 s.webtrends.com/js/webtrends.hm.js
IP 143.204.55.43:0
File type HTML document, ASCII text, with CRLF line terminators
Hash b2ea8b95abb8ab706e7a0cfa9685cd10
8b75b0f6fff26a3a651d9346db02fefe45a67379
fe11671e8ca6d3b5659e5dae0924ecae80c99c0dd72478710eed0886e687f69d
GET /js/webtrends.hm.js HTTP/1.1
Host: s.webtrends.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 7382
Connection: keep-alive
Date: Sun, 11 Dec 2022 16:20:32 GMT
Last-Modified: Tue, 25 Feb 2020 23:34:02 GMT
ETag: "b2ea8b95abb8ab706e7a0cfa9685cd10"
x-amz-version-id: null
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: P2L9S9ZjWECjAnSMpnNK_HJ1te-NIpTLdmrzDHLXzJ4jUpnL2u1k-w==
Age: 440096
www.google-analytics.com/analytics.js
142.250.74.46200 OK 20 kB URL HTTP/1.1 www.google-analytics.com/analytics.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 20039
Date: Fri, 16 Dec 2022 18:14:11 GMT
Expires: Fri, 16 Dec 2022 20:14:11 GMT
Cache-Control: public, max-age=7200
Age: 1276
Last-Modified: Tue, 27 Sep 2022 22:01:05 GMT
Content-Type: text/javascript
statse.webtrendslive.com/dcs222s995baa3dif3txj4i1d_8y2f/wtid.js?callback=Webtrends.dcss.dcsobj_0.dcsGetIdCallback
18.158.208.124301 Moved Permanently 244 B URL HTTP/1.1 statse.webtrendslive.com/dcs222s995baa3dif3txj4i1d_8y2f/wtid.js?callback=Webtrends.dcss.dcsobj_0.dcsGetIdCallback
IP 18.158.208.124:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 8fc9865f26fa25a6392c2f6060ae5df3
848c84d5259d274403799d8f07dce9a524662a0f
6fcb4b79975d55a072ba52bfd817cfba24b1a9f4777c706fb0706fd385601caa
GET /dcs222s995baa3dif3txj4i1d_8y2f/wtid.js?callback=Webtrends.dcss.dcsobj_0.dcsGetIdCallback HTTP/1.1
Host: statse.webtrendslive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
Location: https://statse.webtrendslive.com/dcs222s995baa3dif3txj4i1d_8y2f/wtid.js?callback=Webtrends.dcss.dcsobj_0.dcsGetIdCallback
Date: Fri, 16 Dec 2022 18:35:27 GMT
Connection: close
Content-Length: 244
czjilce-aqg-6.tk/favicon.ico
162.241.87.224404 Not Found 315 B URL HTTP/1.1 czjilce-aqg-6.tk/favicon.ico
IP 162.241.87.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: czjilce-aqg-6.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/nene/login.globalsources.com/error.php?email=
HTTP/1.1 404 Not Found
Date: Fri, 16 Dec 2022 18:35:27 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.google-analytics.com/collect?v=1&_v=j98&a=1141843028&t=pageview&_s=1&dl=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&ul=en-us&de=UTF-8&dt=Global%20Sources&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YGBAgEABAAAAAAAAI~&jid=60930020&gjid=390782496&cid=1027445396.1671215725&tid=UA-179370-18&_gid=896157208.1671215725&cg1=LOGIN_FORM_ERR&z=905438538
142.250.74.46200 OK 35 B URL HTTP/1.1 www.google-analytics.com/collect?v=1&_v=j98&a=1141843028&t=pageview&_s=1&dl=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&ul=en-us&de=UTF-8&dt=Global%20Sources&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YGBAgEABAAAAAAAAI~&jid=60930020&gjid=390782496&cid=1027445396.1671215725&tid=UA-179370-18&_gid=896157208.1671215725&cg1=LOGIN_FORM_ERR&z=905438538
IP 142.250.74.46:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /collect?v=1&_v=j98&a=1141843028&t=pageview&_s=1&dl=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&ul=en-us&de=UTF-8&dt=Global%20Sources&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YGBAgEABAAAAAAAAI~&jid=60930020&gjid=390782496&cid=1027445396.1671215725&tid=UA-179370-18&_gid=896157208.1671215725&cg1=LOGIN_FORM_ERR&z=905438538 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Pragma: no-cache
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
Date: Fri, 16 Dec 2022 17:20:31 GMT
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Age: 4497
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Content-Type: image/gif
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 76342e17f518d383455bb527dcd69aaf
7deb5f63197259b85d651f28cccf6ed7b876cc47
a8d3ef749bee471bf92905f15fabc171be88cc03cb97e9f7566e70efcd82864d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 18:35:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-179370-18&cid=1027445396.1671215725&jid=60930020&gjid=390782496&_gid=896157208.1671215725&_u=YGBAgEABAAAAAEAAI~&z=85666639
108.177.14.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-179370-18&cid=1027445396.1671215725&jid=60930020&gjid=390782496&_gid=896157208.1671215725&_u=YGBAgEABAAAAAEAAI~&z=85666639
IP 108.177.14.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-179370-18&cid=1027445396.1671215725&jid=60930020&gjid=390782496&_gid=896157208.1671215725&_u=YGBAgEABAAAAAEAAI~&z=85666639 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://czjilce-aqg-6.tk
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://czjilce-aqg-6.tk
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 16 Dec 2022 18:35:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
statse.webtrendslive.com/dcs222s995baa3dif3txj4i1d_8y2f/wtid.js?callback=Webtrends.dcss.dcsobj_0.dcsGetIdCallback
18.158.208.124200 OK 10 B URL HTTP/2 statse.webtrendslive.com/dcs222s995baa3dif3txj4i1d_8y2f/wtid.js?callback=Webtrends.dcss.dcsobj_0.dcsGetIdCallback
IP 18.158.208.124:0
File type exported SGML document, ASCII text, with CRLF line terminators
Hash 944ece9d6d59cdf6eaa8ae6c6c205b93
877b1b2addfb2494453305fa4b93f3f03ee064c2
d3f45949797ac9329127b9e128b0e0656aa48d5dbd8d5e8e42c8b451780c34f2
GET /dcs222s995baa3dif3txj4i1d_8y2f/wtid.js?callback=Webtrends.dcss.dcsobj_0.dcsGetIdCallback HTTP/1.1
Host: statse.webtrendslive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://czjilce-aqg-6.tk/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
strict-transport-security: max-age=31536000
date: Fri, 16 Dec 2022 18:35:27 GMT
content-length: 10
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-M0GFGLPMZ2&l=dataLayer&cx=c
142.250.74.40302 Found 278 B URL HTTP/1.1 www.googletagmanager.com/gtag/js?id=G-M0GFGLPMZ2&l=dataLayer&cx=c
IP 142.250.74.40:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 4febe4716d93c01917cc718ed52f0d1c
9437b5b65a71ae87dc652a40a0e030a6464991e4
3ff71e43c20bb1c8d9018a800fe877e8e4e46be21f0a051b402297f370eca77a
GET /gtag/js?id=G-M0GFGLPMZ2&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=G-M0GFGLPMZ2&l=dataLayer&cx=c
Cross-Origin-Resource-Policy: cross-origin
Date: Fri, 16 Dec 2022 18:35:28 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 278
X-XSS-Protection: 0
login.globalsources.com/sso/gsol/pex/en/balat/includes/webtrends.min.js
107.154.199.39200 OK 9.1 kB URL HTTP/2 login.globalsources.com/sso/gsol/pex/en/balat/includes/webtrends.min.js
IP 107.154.199.39:0
Hash d1b346b54d82737c40ba776f55043217
b3de5aaea67f62009837f2743fa0c74407c877a0
e6954a214a714e2f8ecdf32d5b626a97d5d1c322a6944496736c9b9b853588ef
GET /sso/gsol/pex/en/balat/includes/webtrends.min.js HTTP/1.1
Host: login.globalsources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Cookie: AWSALBTGCORS=AqLdNhrj2QLzTg9IbXCdWfyoPfffhniS0gVNRjH4oPsthbUDdJs4UIMvWHt6ay7gPX84BS4BhZW04Qkc7q7EFFrUQsEOCnSzu1R3aVaWwf4cKLREYLt7SO54U8ryJ2FEpqbMbDATuQY8mRADnKH+LRRVY+0mf/w0PXIMMJgFZXRK; AWSALBCORS=VlwcIxZCkqyhjHhvSZddDL42F6ohKT+7UFbDyfXEzBO6+ZRIJQclsgQvAeA/9C5Bldx1NKE150VDPTtEgdyovNazug304g5GYeZFqRsld8zBhW8K0WlufSNhQG/a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Dec 2022 18:35:27 GMT
content-type: application/x-javascript
set-cookie: AWSALBTG=YNJgtu9uBnxOVFuKbWgMo15ReXFV4EpQO2sGoByU2lk/3MLCZDsLyuOTZ+Z5B8MMG+2m+nGZ6NpuCefGi7XIhL+uI47jeE/5iUGSvg9LpexSnPbAHRlehDbp7zOcjE33JVR6MbnFJZSYoB9Bi1/tE6ch+cO04vXsuNrGUK+OxBDJ; Expires=Fri, 23 Dec 2022 18:35:27 GMT; Path=/
AWSALBTGCORS=YNJgtu9uBnxOVFuKbWgMo15ReXFV4EpQO2sGoByU2lk/3MLCZDsLyuOTZ+Z5B8MMG+2m+nGZ6NpuCefGi7XIhL+uI47jeE/5iUGSvg9LpexSnPbAHRlehDbp7zOcjE33JVR6MbnFJZSYoB9Bi1/tE6ch+cO04vXsuNrGUK+OxBDJ; Expires=Fri, 23 Dec 2022 18:35:27 GMT; Path=/; SameSite=None; Secure
AWSALB=CFJLgscly1sydEyRNDDDAkky+XMQnkwLYEt5XrPYbM1Yq6v/stqq2qMk5PuVM+ySgUQgIgD5RWdh6pf/WRKte3Ne4R0ve/PgblqpWxT6O4aU6w13oxUJ/4QAZBDI; Expires=Fri, 23 Dec 2022 18:35:27 GMT; Path=/
AWSALBCORS=CFJLgscly1sydEyRNDDDAkky+XMQnkwLYEt5XrPYbM1Yq6v/stqq2qMk5PuVM+ySgUQgIgD5RWdh6pf/WRKte3Ne4R0ve/PgblqpWxT6O4aU6w13oxUJ/4QAZBDI; Expires=Fri, 23 Dec 2022 18:35:27 GMT; Path=/; SameSite=None; Secure
nlbi_2766148=/YjobHFeEylNf3APOJREPwAAAABdhvs/clnoIu7pLzDnGcTd; path=/; Domain=.globalsources.com
visid_incap_2766148=8eZgtdo7RNSE+bNVYhmCr226nGMAAAAAQUIPAAAAAACvRYjTNGZWRdpjgKRriOLj; expires=Fri, 15 Dec 2023 22:29:36 GMT; HttpOnly; path=/; Domain=.globalsources.com
incap_ses_277_2766148=SMtvJJAVlxoRvvdgiBrYA2+6nGMAAAAAjjXzMClocwnuqGYB18N/Xg==; path=/; Domain=.globalsources.com
last-modified: Thu, 28 Apr 2022 06:28:08 GMT
cache-control: no-cache
pragma: no-cache
expires: Mon, 01 Jan 1999 00:00:00 GMT
content-encoding: gzip
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' *.globalsources.com; upgrade-insecure-requests;
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.globalsources.com ; form-action 'none' data: blob: ; frame-ancestors 'self' ; report-uri /csp_report
x-iinfo: 14-93908584-93906220 2NNN RT(1671215725512 1478) q(0 0 0 0) r(3 3) U2
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 136bd46a9be0a4b93904f1f09f0d3b8e
e6ed009f017b9f9f8df0446bc28374ff5c776271
e1f368a7537bb71b76ce9ee9b25a96f16e204a48f4e9f9bdf5e7c8dbe76aef98
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 18:35:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
login.globalsources.com/sso/gsol/pex/en/balat/includes/SSO.CSS
107.154.199.39200 OK 9.8 kB URL HTTP/2 login.globalsources.com/sso/gsol/pex/en/balat/includes/SSO.CSS
IP 107.154.199.39:0
Hash c00ec7b9f754c7cecb942f7dcb46dcd1
9bf4e52901cd29980e9ae6e904511e688fc3f14e
f96e57058a8e21b337c29ca6d1f0b5afb89d59b212ebc801e8b5ee2c1442b9a7
GET /sso/gsol/pex/en/balat/includes/SSO.CSS HTTP/1.1
Host: login.globalsources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 16 Dec 2022 18:35:26 GMT
content-type: text/css
set-cookie: AWSALBTG=Lx9rK6CxlWRbXbEgwz9DbpbARC5KpObE+c2eskg0JQnhRLyf8P02rlWBQH2pC4WFRPUEZXkhPxjFt6qM3RkzWjbOEhZ6mX9H1mz8/UoZS/dJJXHoO9ZFjmGKUGyWrgYioUVeoGzFHGGq937DMbezhoBnhRy8FWERntivA4J4bJmZ; Expires=Fri, 23 Dec 2022 18:35:26 GMT; Path=/
AWSALBTGCORS=Lx9rK6CxlWRbXbEgwz9DbpbARC5KpObE+c2eskg0JQnhRLyf8P02rlWBQH2pC4WFRPUEZXkhPxjFt6qM3RkzWjbOEhZ6mX9H1mz8/UoZS/dJJXHoO9ZFjmGKUGyWrgYioUVeoGzFHGGq937DMbezhoBnhRy8FWERntivA4J4bJmZ; Expires=Fri, 23 Dec 2022 18:35:26 GMT; Path=/; SameSite=None; Secure
AWSALB=W04phq4vazeuafzOKOXkNma7PWxgegArlvEy2OnApiDOOeBkKdWmaMNnfM423kMBUyTgNixfUaD0XQoj9jCrEv+AydESAmvwB7S5inynbaUfvYXTl64a36Q48LE7; Expires=Fri, 23 Dec 2022 18:35:26 GMT; Path=/
AWSALBCORS=W04phq4vazeuafzOKOXkNma7PWxgegArlvEy2OnApiDOOeBkKdWmaMNnfM423kMBUyTgNixfUaD0XQoj9jCrEv+AydESAmvwB7S5inynbaUfvYXTl64a36Q48LE7; Expires=Fri, 23 Dec 2022 18:35:26 GMT; Path=/; SameSite=None; Secure
nlbi_2766148=PcE7G8ty+W+TBly+OJREPwAAAACEL+wkg3bFXFMIw3PXFsqg; path=/; Domain=.globalsources.com
visid_incap_2766148=8eZgtdo7RNSE+bNVYhmCr226nGMAAAAAQUIPAAAAAACvRYjTNGZWRdpjgKRriOLj; expires=Fri, 15 Dec 2023 22:29:36 GMT; HttpOnly; path=/; Domain=.globalsources.com
incap_ses_277_2766148=k621bzxz/hIRvvdgiBrYA266nGMAAAAAxmDQE5txEzpoYpuCu+m4yQ==; path=/; Domain=.globalsources.com
last-modified: Sun, 31 Oct 2021 12:58:49 GMT
cache-control: no-cache
pragma: no-cache
expires: Mon, 01 Jan 1999 00:00:00 GMT
content-encoding: gzip
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' *.globalsources.com; upgrade-insecure-requests;
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.globalsources.com ; form-action 'none' data: blob: ; frame-ancestors 'self' ; report-uri /csp_report
x-iinfo: 14-93908584-93907033 2NNN RT(1671215725512 42) q(0 0 0 1) r(11 11) U2
X-Firefox-Spdy: h2
10716254.fls.doubleclick.net/activityi;src=10716254;type=gsol_web;cat=gsol_000;ord=6902596470209;gtm=2wgbu0;auiddc=521369489.1671215725;~oref=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D?
142.250.74.38200 OK 263 B URL HTTP/2 10716254.fls.doubleclick.net/activityi;src=10716254;type=gsol_web;cat=gsol_000;ord=6902596470209;gtm=2wgbu0;auiddc=521369489.1671215725;~oref=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D?
IP 142.250.74.38:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (503), with no line terminators
Hash ca35b9bb3ac50979694768eebd30053a
cd7240ff2b8ec3477dd67421e037b6c18de224fd
441ee66b0581193a19bae754d626ad94faa7110f71d22ff80b4819f56ef71c73
GET /activityi;src=10716254;type=gsol_web;cat=gsol_000;ord=6902596470209;gtm=2wgbu0;auiddc=521369489.1671215725;~oref=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D? HTTP/1.1
Host: 10716254.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 18:35:28 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 263
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 16-Dec-2022 18:50:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
js.adsrvr.org/up_loader.1.1.0.js
143.204.45.46200 OK 1.9 kB URL HTTP/1.1 js.adsrvr.org/up_loader.1.1.0.js
IP 143.204.45.46:0
File type ASCII text, with very long lines (4593), with no line terminators
Hash 8014ea74946aee77ef2f3b9a264be553
fda85fc27ac2f811e543c11436cf5623cbd46bb2
271b1db0f8cff912a931b78cedb32fd59adeb60025dbcbd7cc5add7d03c82f7c
GET /up_loader.1.1.0.js HTTP/1.1
Host: js.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Fri, 16 Dec 2022 15:54:34 GMT
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: VPWx3rr1GTDj2w9uy3NEzFamHdg6J5QiaYmOsv6uTjyjf3z0nEPRCQ==
Age: 9655
czjilce-aqg-6.tk/sso/GeneralManager?action=captchaApi&language=en
162.241.87.224404 Not Found 315 B URL HTTP/1.1 czjilce-aqg-6.tk/sso/GeneralManager?action=captchaApi&language=en
IP 162.241.87.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert quad9 Sinkholed
POST /sso/GeneralManager?action=captchaApi&language=en HTTP/1.1
Host: czjilce-aqg-6.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 20
Origin: http://czjilce-aqg-6.tk
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/nene/login.globalsources.com/error.php?email=
Cookie: _ga=GA1.2.1027445396.1671215725; _gid=GA1.2.896157208.1671215725; _gat=1
HTTP/1.1 404 Not Found
Date: Fri, 16 Dec 2022 18:35:27 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
12419770.fls.doubleclick.net/activityi;src=12419770;type=f_pag0;cat=f_cm_0;ord=9162455636967;gtm=2wgbu0;auiddc=521369489.1671215725;~oref=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D?
142.250.74.38200 OK 283 B URL HTTP/2 12419770.fls.doubleclick.net/activityi;src=12419770;type=f_pag0;cat=f_cm_0;ord=9162455636967;gtm=2wgbu0;auiddc=521369489.1671215725;~oref=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D?
IP 142.250.74.38:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (499), with no line terminators
Hash ec8c44fed3a1f863546b03cd09f68a8b
f45fded5f6700774f650f95fd40870e9924ef2be
923231997f20b458290ecfa092dc974f07da948a5539b40b51742250833c0b39
GET /activityi;src=12419770;type=f_pag0;cat=f_cm_0;ord=9162455636967;gtm=2wgbu0;auiddc=521369489.1671215725;~oref=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D? HTTP/1.1
Host: 12419770.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 18:35:28 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 283
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 16-Dec-2022 18:50:28 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 136bd46a9be0a4b93904f1f09f0d3b8e
e6ed009f017b9f9f8df0446bc28374ff5c776271
e1f368a7537bb71b76ce9ee9b25a96f16e204a48f4e9f9bdf5e7c8dbe76aef98
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 18:35:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a504ef384345940f7ad9b039fd2deca2
d0ce426041271eefff01a53ad9d3dc568a368cec
813e762dfbfdfff6f740f9bffce03c72ce9e4eb2c855ffb2305d4bf8d48d6753
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2786
Cache-Control: max-age=100059
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 18:35:28 GMT
Etag: "639b9369-1d7"
Expires: Sat, 17 Dec 2022 22:23:07 GMT
Last-Modified: Thu, 15 Dec 2022 21:36:41 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
snap.licdn.com/li.lms-analytics/insight.min.js
23.36.76.121200 OK 4.7 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP 23.36.76.121:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (13063)
Hash bf269a225d9de1d11c6e2747d12ffbfb
f3edd2899cced3e0ae6107c6837e954d8b4f1d86
38bcbdd59ce5cac7da632ad8788f5c520aa88d30a53af4cedeb9a989af4d0986
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 15 Dec 2022 18:31:06 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=77530
date: Fri, 16 Dec 2022 18:35:28 GMT
content-length: 4654
x-cdn: AKAM
X-Firefox-Spdy: h2
login.globalsources.com/sso/gsol/pex/en/balat/images/BLANK.GIF
107.154.199.39200 OK 43 B URL HTTP/2 login.globalsources.com/sso/gsol/pex/en/balat/images/BLANK.GIF
IP 107.154.199.39:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55fade2068e7503eae8d7ddf5eb6bd09
317496a096d6c86486a71d4521994bcd171a6bb3
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
GET /sso/gsol/pex/en/balat/images/BLANK.GIF HTTP/1.1
Host: login.globalsources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Cookie: AWSALBTGCORS=zcuFXd4txS9KJ3u27Cfw/dhG+eq7JtlOYUK8v/pX6PFdXG8qyqyPLdiKbqUPee8dk4nsoIV9HpEJ0aHudE5JaZYvRYjxmz36exYShvIC0SaI+zM2qLUzmfbaucrHXMcCJ7H/dPrjGsm07yJhJgldHjnvwzo6je7BueCrY2t8fpzp; AWSALBCORS=S/C6GwFCc82wgZ5b+oCcGpcmlsvV1IEqynI26py4p39qTghTUxqJ9SbseDoA555Drg99ItUSfy9HWMPgZK+xj/jKFVYVQfakRON+cNfZVR3clVyzebcmBBTtD3jG
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Dec 2022 18:35:28 GMT
content-type: image/gif
content-length: 43
set-cookie: AWSALBTG=+pLzZDSaSmfneC8mg6mZzZ3Ox5NriSRAl1nMZeqdgXzwL977pyQyMRo59KBJzmTxckVFLOcwUv3aZKFhTsaJeI8DkGvZSAfUztueOuWoBvhoqTCTLt8TlcNDG5lETtJHHIshqXURJfUK1wBfK4YL8KoHKPp9WnowsPx+4E3cdB1V; Expires=Fri, 23 Dec 2022 18:35:28 GMT; Path=/
AWSALBTGCORS=+pLzZDSaSmfneC8mg6mZzZ3Ox5NriSRAl1nMZeqdgXzwL977pyQyMRo59KBJzmTxckVFLOcwUv3aZKFhTsaJeI8DkGvZSAfUztueOuWoBvhoqTCTLt8TlcNDG5lETtJHHIshqXURJfUK1wBfK4YL8KoHKPp9WnowsPx+4E3cdB1V; Expires=Fri, 23 Dec 2022 18:35:28 GMT; Path=/; SameSite=None; Secure
AWSALB=BWSyiR+m1bxTg1wogmBJyhJXQutRWbvVBSXrFTNs9A6xb5IMsPCGbOu+hhXjLQ4ifApETtJAl6uITNRoKU98KapqyLrwJLuZ6ThhCPFUt9abx9fWygwCNmTGxGvE; Expires=Fri, 23 Dec 2022 18:35:28 GMT; Path=/
AWSALBCORS=BWSyiR+m1bxTg1wogmBJyhJXQutRWbvVBSXrFTNs9A6xb5IMsPCGbOu+hhXjLQ4ifApETtJAl6uITNRoKU98KapqyLrwJLuZ6ThhCPFUt9abx9fWygwCNmTGxGvE; Expires=Fri, 23 Dec 2022 18:35:28 GMT; Path=/; SameSite=None; Secure
nlbi_2766148=B12TFiimOGihZF2tOJREPwAAAABNwhWIl9H1aXGwnyCoCkhQ; path=/; Domain=.globalsources.com
visid_incap_2766148=8eZgtdo7RNSE+bNVYhmCr226nGMAAAAAQUIPAAAAAACvRYjTNGZWRdpjgKRriOLj; expires=Fri, 15 Dec 2023 22:29:36 GMT; HttpOnly; path=/; Domain=.globalsources.com
incap_ses_277_2766148=j9kaSiOlSHcRvvdgiBrYA2+6nGMAAAAAvLNzLi0STBi2HSU/OqIQEQ==; path=/; Domain=.globalsources.com
last-modified: Thu, 28 Apr 2022 06:28:07 GMT
accept-ranges: bytes
cache-control: no-cache
pragma: no-cache
expires: Mon, 01 Jan 1999 00:00:00 GMT
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' *.globalsources.com; upgrade-insecure-requests;
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.globalsources.com ; form-action 'none' data: blob: ; frame-ancestors 'self' ; report-uri /csp_report
x-iinfo: 14-93908584-93908598 pNNN RT(1671215725512 1985) q(0 1 1 0) r(3 3) U2
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 3972e23b068a857e4b879417ecbf1d1a
c5593984f70d07200faa6a1ca10572cb8670665d
db8f4f555c201994b386c718409b4f7b9dc75ef6910891a3d27097a0cb425e24
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 18:35:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 06612a702dd3686207e6a4031f79d34e
3a1be9901f9c9271b91a2b00ee7e6abc49086ba5
154da1479719d54b088120f2435ab08c2a44743abe2c2e67ae78db9537ecef40
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 18:35:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash d8728b37979eb7ff6c3ad5a96091d4ce
988859950d480caa2fe23e14d5f29df17827dc6d
a33db1e064a2e10cb01ecc3184b4f65f134f93a10647c67602bfcea6d0c56740
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 18:35:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 8b26cd4609e2025e51e90573a0fbd6f7
efc2006ae5297ad5ae5e064188b9fba73f6b868f
e288b6a1e220f5fb781cfbb0b739b36c6acfdceccff8f0278fc151c241b0b50b
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: ZVX8c0aDVW2XIjdF5ZRz4mdsILGP5eEYJl6o5ZUXHAEyzJQrVY9B6z4oJgweFq9S/focr8I5lmehu1m4IIneww==
content-length: 27298
x-fb-trip-id: 1904183273
date: Fri, 16 Dec 2022 18:35:28 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1072021429/?random=1671215725047&cv=11&fst=1671215725047&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tiba=Global%20Sources&auid=521369489.1671215725&rfmt=3&fmt=4
216.58.207.194200 OK 894 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1072021429/?random=1671215725047&cv=11&fst=1671215725047&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tiba=Global%20Sources&auid=521369489.1671215725&rfmt=3&fmt=4
IP 216.58.207.194:0
File type ASCII text, with very long lines (1877), with no line terminators
Hash 52283a5d4485874ebf32a531a8f729d6
886fda41ee0b8ba7e0c06f5da2c6468763a6f9a9
5d817c748a1d7df3075d5092bd8bb80958062bdbc370c5e3361dbd1bfa5ef048
GET /pagead/viewthroughconversion/1072021429/?random=1671215725047&cv=11&fst=1671215725047&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tiba=Global%20Sources&auid=521369489.1671215725&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 18:35:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 894
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 16-Dec-2022 18:50:28 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bat.bing.com/bat.js
13.107.21.200200 OK 12 kB IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39124), with no line terminators
Hash d925a898de26295fdebfc90203ef46fa
77dd3f5893b76530e08058d50e8f9aef017e80c7
8f4a413fec7e48f5ac290f4596fef33b6396e7fb31080ec0203a5ec817d140c8
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11460
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 05 Dec 2022 17:15:50 GMT
accept-ranges: bytes
etag: "027e538cd8d91:0"
vary: Accept-Encoding
set-cookie: MUID=167173FDF43560AC187B6181F5626187; domain=.bing.com; expires=Wed, 10-Jan-2024 18:35:28 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DEB81B7C12A64606B3B1826402DEAB9A Ref B: OSL30EDGE0414 Ref C: 2022-12-16T18:35:28Z
date: Fri, 16 Dec 2022 18:35:27 GMT
X-Firefox-Spdy: h2
login.globalsources.com/csp_report
107.154.199.39200 OK 0 B URL HTTP/2 login.globalsources.com/csp_report
IP 107.154.199.39:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp_report HTTP/1.1
Host: login.globalsources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 411
Origin: https://login.globalsources.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: text/plain
x-robots-tag: noindex
content-length: 0
set-cookie: visid_incap_2766148=8eZgtdo7RNSE+bNVYhmCr226nGMAAAAAQUIPAAAAAACvRYjTNGZWRdpjgKRriOLj; expires=Fri, 15 Dec 2023 22:29:37 GMT; HttpOnly; path=/; Domain=.globalsources.com
incap_ses_277_2766148=2xgWUKlUCVkRvvdgiBrYA2+6nGMAAAAAq+xB9oBy6Qr1MCBkRLm5Yg==; path=/; Domain=.globalsources.com
content-security-policy: frame-ancestors 'self' *.globalsources.com; upgrade-insecure-requests;
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.globalsources.com ; form-action 'none' data: blob: ; frame-ancestors 'self' ; report-uri /csp_report
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1071695260/?random=1671215725065&cv=11&fst=1671215725065&fmt=3&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=EbauCI35y9kDEJyLg_8D&hn=www.google.com&frm=0&url=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tiba=Global%20Sources&value=0&bttype=purchase&auid=521369489.1671215725&gcp=1&ct_cookie_present=1
216.58.207.194200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1071695260/?random=1671215725065&cv=11&fst=1671215725065&fmt=3&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=EbauCI35y9kDEJyLg_8D&hn=www.google.com&frm=0&url=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tiba=Global%20Sources&value=0&bttype=purchase&auid=521369489.1671215725&gcp=1&ct_cookie_present=1
IP 216.58.207.194:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/1071695260/?random=1671215725065&cv=11&fst=1671215725065&fmt=3&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=EbauCI35y9kDEJyLg_8D&hn=www.google.com&frm=0&url=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tiba=Global%20Sources&value=0&bttype=purchase&auid=521369489.1671215725&gcp=1&ct_cookie_present=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 18:35:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 16-Dec-2022 18:50:28 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/ddm/fls/i/src=10716254;type=gsol_web;cat=gsol_000;ord=6902596470209;gtm=2wgbu0;auiddc=521369489.1671215725;~oref=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D
142.250.74.98200 OK 266 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=10716254;type=gsol_web;cat=gsol_000;ord=6902596470209;gtm=2wgbu0;auiddc=521369489.1671215725;~oref=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D
IP 142.250.74.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (502), with no line terminators
Hash fa9676fd4a652f395916cbcb711b188d
8e660553cfbb4d9f96b20bddf6d0696bc4394b17
f18016a8efcbf480e0de5031605fcbaeb71825e89d75cc977ea7da3a44426986
GET /ddm/fls/i/src=10716254;type=gsol_web;cat=gsol_000;ord=6902596470209;gtm=2wgbu0;auiddc=521369489.1671215725;~oref=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10716254.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 18:35:28 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 266
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-179370-18&cid=1027445396.1671215725&jid=60930020&_u=YGBAgEABAAAAAEAAI~&z=1582089382
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-179370-18&cid=1027445396.1671215725&jid=60930020&_u=YGBAgEABAAAAAEAAI~&z=1582089382
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-179370-18&cid=1027445396.1671215725&jid=60930020&_u=YGBAgEABAAAAAEAAI~&z=1582089382 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 18:35:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-179370-18&cid=1027445396.1671215725&jid=60930020&_u=YGBAgEABAAAAAEAAI~&z=1582089382
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-179370-18&cid=1027445396.1671215725&jid=60930020&_u=YGBAgEABAAAAAEAAI~&z=1582089382
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-179370-18&cid=1027445396.1671215725&jid=60930020&_u=YGBAgEABAAAAAEAAI~&z=1582089382 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 18:35:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/1072021429/?random=1671215725047&cv=11&fst=1671213600000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tiba=Global%20Sources&fmt=3&is_vtc=1&random=4015116020&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/1072021429/?random=1671215725047&cv=11&fst=1671213600000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tiba=Global%20Sources&fmt=3&is_vtc=1&random=4015116020&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1072021429/?random=1671215725047&cv=11&fst=1671213600000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tiba=Global%20Sources&fmt=3&is_vtc=1&random=4015116020&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 18:35:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/1072021429/?random=1671215725047&cv=11&fst=1671213600000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tiba=Global%20Sources&fmt=3&is_vtc=1&random=4015116020&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1072021429/?random=1671215725047&cv=11&fst=1671213600000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tiba=Global%20Sources&fmt=3&is_vtc=1&random=4015116020&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1072021429/?random=1671215725047&cv=11&fst=1671213600000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tiba=Global%20Sources&fmt=3&is_vtc=1&random=4015116020&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 18:35:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-conversion/1071695260/?random=1671215725065&cv=11&fst=1671215725065&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=EbauCI35y9kDEJyLg_8D&hn=www.google.com&frm=0&url=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tiba=Global%20Sources&value=0&bttype=purchase&auid=521369489.1671215725&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
142.250.74.164302 Found 63 B URL HTTP/2 www.google.com/pagead/1p-conversion/1071695260/?random=1671215725065&cv=11&fst=1671215725065&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=EbauCI35y9kDEJyLg_8D&hn=www.google.com&frm=0&url=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tiba=Global%20Sources&value=0&bttype=purchase&auid=521369489.1671215725&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
IP 142.250.74.164:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/1071695260/?random=1671215725065&cv=11&fst=1671215725065&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=EbauCI35y9kDEJyLg_8D&hn=www.google.com&frm=0&url=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tiba=Global%20Sources&value=0&bttype=purchase&auid=521369489.1671215725&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 18:35:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/1071695260/?random=1671215725065&cv=11&fst=1671215725065&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=EbauCI35y9kDEJyLg_8D&hn=www.google.com&frm=0&url=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tiba=Global%20Sources&value=0&bttype=purchase&auid=521369489.1671215725&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a504ef384345940f7ad9b039fd2deca2
d0ce426041271eefff01a53ad9d3dc568a368cec
813e762dfbfdfff6f740f9bffce03c72ce9e4eb2c855ffb2305d4bf8d48d6753
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2786
Cache-Control: max-age=100059
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 18:35:28 GMT
Etag: "639b9369-1d7"
Expires: Sat, 17 Dec 2022 22:23:07 GMT
Last-Modified: Thu, 15 Dec 2022 21:36:41 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/signals/config/396613127629341?v=2.9.90&r=stable
31.13.72.12200 OK 86 kB URL HTTP/2 connect.facebook.net/signals/config/396613127629341?v=2.9.90&r=stable
IP 31.13.72.12:0
File type ASCII text, with very long lines (64471)
Hash edf7c2c94343db4823d23bd21cf3b1eb
b615fefd69c24248590df0ee2a018350830b3afe
cdad9911dc660d2093c72e072667a5037177a745f3ad74e8fb10d9fa1a22e85a
GET /signals/config/396613127629341?v=2.9.90&r=stable HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: H3Nxj0f+nyTi/MhWKaMWyr24BuptxPv+eVjtnaatYjOm8/rxpDg5CwzmAy8vOzfiQ1FPMuCaIU3Vfkp8LrTCGw==
priority: u=3,i
content-length: 86132
x-fb-trip-id: 1904183273
date: Fri, 16 Dec 2022 18:35:28 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=137022501&tm=gtm002&Ver=2&mid=2e7c0517-362a-4876-9b4b-1f2058a034ae&sid=680a9cf07d7011ed93f21fbe400954b1&vid=680ac6d07d7011ed80a233afab39ab70&vids=1&msclkid=N>m_tag_source=1&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Global%20Sources&p=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&r=<=2567&evt=pageLoad&sv=1&rn=971745
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=137022501&tm=gtm002&Ver=2&mid=2e7c0517-362a-4876-9b4b-1f2058a034ae&sid=680a9cf07d7011ed93f21fbe400954b1&vid=680ac6d07d7011ed80a233afab39ab70&vids=1&msclkid=N>m_tag_source=1&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Global%20Sources&p=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&r=<=2567&evt=pageLoad&sv=1&rn=971745
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=137022501&tm=gtm002&Ver=2&mid=2e7c0517-362a-4876-9b4b-1f2058a034ae&sid=680a9cf07d7011ed93f21fbe400954b1&vid=680ac6d07d7011ed80a233afab39ab70&vids=1&msclkid=N>m_tag_source=1&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Global%20Sources&p=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&r=<=2567&evt=pageLoad&sv=1&rn=971745 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=28EE03628E596EF626CB111E8F0E6F16; domain=.bing.com; expires=Wed, 10-Jan-2024 18:35:28 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 882B2D4E34B64057A77C4BC9139DC9B2 Ref B: OSL30EDGE0414 Ref C: 2022-12-16T18:35:28Z
date: Fri, 16 Dec 2022 18:35:28 GMT
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/3267009/domain/czjilce-aqg-6.tk/token
54.230.111.42200 OK 0 B URL HTTP/2 cdn.linkedin.oribi.io/partner/3267009/domain/czjilce-aqg-6.tk/token
IP 54.230.111.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /partner/3267009/domain/czjilce-aqg-6.tk/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: http://czjilce-aqg-6.tk/
Origin: http://czjilce-aqg-6.tk
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
date: Thu, 15 Dec 2022 22:25:14 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: content-type
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mZIzJKoHJ6YvFVky9thBpvxNR3N1eoV8yuyzBRLVbZKwYnJ8ERSclg==
age: 72614
X-Firefox-Spdy: h2
www.google.no/pagead/1p-conversion/1071695260/?random=1671215725065&cv=11&fst=1671215725065&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=EbauCI35y9kDEJyLg_8D&hn=www.google.com&frm=0&url=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tiba=Global%20Sources&value=0&bttype=purchase&auid=521369489.1671215725&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
142.250.74.163200 OK 63 B URL HTTP/2 www.google.no/pagead/1p-conversion/1071695260/?random=1671215725065&cv=11&fst=1671215725065&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=EbauCI35y9kDEJyLg_8D&hn=www.google.com&frm=0&url=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tiba=Global%20Sources&value=0&bttype=purchase&auid=521369489.1671215725&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP 142.250.74.163:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/1071695260/?random=1671215725065&cv=11&fst=1671215725065&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=EbauCI35y9kDEJyLg_8D&hn=www.google.com&frm=0&url=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tiba=Global%20Sources&value=0&bttype=purchase&auid=521369489.1671215725&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://czjilce-aqg-6.tk/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 18:35:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 3972e23b068a857e4b879417ecbf1d1a
c5593984f70d07200faa6a1ca10572cb8670665d
db8f4f555c201994b386c718409b4f7b9dc75ef6910891a3d27097a0cb425e24
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 18:35:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash b56a3548738502fa3cc2d975411a7900
e6584e903da8e7e6062fd14d0c927495f6819b83
8b4ed97669a9d9a093cb9b4c92f1676681ea9c279ac47105042fa922bb32057b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 18:35:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/p/action/137022501.js
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/137022501.js
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/137022501.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=26A05AE17E6863900DC5489D7F3F62C1; domain=.bing.com; expires=Wed, 10-Jan-2024 18:35:28 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6B5BBA0D32F446928D036B7F55DF3E71 Ref B: OSL30EDGE0414 Ref C: 2022-12-16T18:35:28Z
date: Fri, 16 Dec 2022 18:35:28 GMT
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=3267009&time=1671215725271&url=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tm=gtmv2
13.107.42.14302 Found 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=3267009&time=1671215725271&url=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tm=gtmv2
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=3267009&time=1671215725271&url=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tm=gtmv2 HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3267009%26time%3D1671215725271%26url%3Dhttp%253A%252F%252Fczjilce-aqg-6.tk%252Fnene%252Flogin.globalsources.com%252Ferror.php%253Femail%253D%26tm%3Dgtmv2%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQJf1zyqpCF1egAAAYUcOEeOVjQk9yYkYvOo8QrsNKnQE5cQY3_Oxo5HS58X40t45woQSPEBYJymlw; Max-Age=2592000; Expires=Sun, 15 Jan 2023 18:35:28 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQLbNUVmESH_BQAAAYUcOEeO94x9k111FrRvXyQIHU6GJy0sHvCTvy_0VRU_KDUQ1kkQ9Iz1gamqjGkSpxz3dg; Max-Age=2592000; Expires=Sun, 15 Jan 2023 18:35:28 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&bf9517b4-ce5f-49a7-89a8-6dc7645fcd85"; domain=.linkedin.com; Path=/; Secure; Expires=Sat, 16-Dec-2023 18:35:28 GMT; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2402:u=1:x=1:i=1671215728:t=1671302128:v=2:sig=AQEWdufFb_aW0IwQsFgQfb2Xe9XW1uoF"; Expires=Sat, 17 Dec 2022 18:35:28 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXv9jvXYZE9lchrUs98vw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: EBB40B7AD58143DA9959D19876C0B5A5 Ref B: OSL30EDGE0116 Ref C: 2022-12-16T18:35:28Z
date: Fri, 16 Dec 2022 18:35:27 GMT
content-length: 0
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=396613127629341&ev=PageView&dl=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&rl=&if=false&ts=1671215725530&sw=1280&sh=1024&v=2.9.90&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1671215725529.2079309148&it=1671215725338&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=396613127629341&ev=PageView&dl=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&rl=&if=false&ts=1671215725530&sw=1280&sh=1024&v=2.9.90&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1671215725529.2079309148&it=1671215725338&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=396613127629341&ev=PageView&dl=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&rl=&if=false&ts=1671215725530&sw=1280&sh=1024&v=2.9.90&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1671215725529.2079309148&it=1671215725338&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Fri, 16 Dec 2022 18:35:28 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=396613127629341&ev=Subscribe&dl=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&rl=&if=false&ts=1671215725532&cd[subscription_id]=NLI&sw=1280&sh=1024&v=2.9.90&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1671215725529.2079309148&it=1671215725338&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=396613127629341&ev=Subscribe&dl=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&rl=&if=false&ts=1671215725532&cd[subscription_id]=NLI&sw=1280&sh=1024&v=2.9.90&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1671215725529.2079309148&it=1671215725338&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=396613127629341&ev=Subscribe&dl=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&rl=&if=false&ts=1671215725532&cd[subscription_id]=NLI&sw=1280&sh=1024&v=2.9.90&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1671215725529.2079309148&it=1671215725338&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Fri, 16 Dec 2022 18:35:28 GMT
X-Firefox-Spdy: h2
adservice.google.no/ddm/fls/i/src=10716254;type=gsol_web;cat=gsol_000;ord=6902596470209;gtm=2wgbu0;auiddc=521369489.1671215725;~oref=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D
216.58.207.194200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=10716254;type=gsol_web;cat=gsol_000;ord=6902596470209;gtm=2wgbu0;auiddc=521369489.1671215725;~oref=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D
IP 216.58.207.194:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=10716254;type=gsol_web;cat=gsol_000;ord=6902596470209;gtm=2wgbu0;auiddc=521369489.1671215725;~oref=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 18:35:28 GMT
expires: Fri, 16 Dec 2022 18:35:28 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/ddm/fls/i/src=12419770;type=f_pag0;cat=f_cm_0;ord=9162455636967;gtm=2wgbu0;auiddc=521369489.1671215725;~oref=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D
216.58.207.194200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=12419770;type=f_pag0;cat=f_cm_0;ord=9162455636967;gtm=2wgbu0;auiddc=521369489.1671215725;~oref=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D
IP 216.58.207.194:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=12419770;type=f_pag0;cat=f_cm_0;ord=9162455636967;gtm=2wgbu0;auiddc=521369489.1671215725;~oref=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 18:35:28 GMT
expires: Fri, 16 Dec 2022 18:35:28 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3267009%26time%3D1671215725271%26url%3Dhttp%253A%252F%252Fczjilce-aqg-6.tk%252Fnene%252Flogin.globalsources.com%252Ferror.php%253Femail%253D%26tm%3Dgtmv2%26liSync%3Dtrue
13.107.42.14302 Found 0 B URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3267009%26time%3D1671215725271%26url%3Dhttp%253A%252F%252Fczjilce-aqg-6.tk%252Fnene%252Flogin.globalsources.com%252Ferror.php%253Femail%253D%26tm%3Dgtmv2%26liSync%3Dtrue
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3267009%26time%3D1671215725271%26url%3Dhttp%253A%252F%252Fczjilce-aqg-6.tk%252Fnene%252Flogin.globalsources.com%252Ferror.php%253Femail%253D%26tm%3Dgtmv2%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://czjilce-aqg-6.tk/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3267009&time=1671215725271&url=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tm=gtmv2&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&dc662e8c-b7b5-4cf8-88ec-d2b3e93f681c"; Domain=.linkedin.com; Expires=Sat, 16-Dec-2023 18:35:28 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&2022121618352887d5b8cc-ff8a-4248-8482-90cef2bd994dAQHi_HGMVhkkB3BtgNBV8YrPPmOIqnhM"; Domain=.www.linkedin.com; Expires=Sat, 16-Dec-2023 18:35:28 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NzEyMTU3Mjg7MjswMjHX09WdpTdv6teP87NlnOvWuyhaSlp7j64a/ys9OR7AKA==; Domain=.linkedin.com; Expires=Wed, 14 Jun 2023 18:35:28 GMT; Path=/; Secure; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2460:u=1:x=1:i=1671215728:t=1671302128:v=2:sig=AQHoc0drZdXfj7SZf7zGMmVDaDeuf3ax"; Expires=Sat, 17 Dec 2022 18:35:28 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' *.licdn.com *.linkedin.com wss://*.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com *.microsoft.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; worker-src blob: 'self'; frame-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' teams.microsoft.com client.learningapp.microsoft.com onyx.www.linkedin.com; report-uri /security/csp?e=p&f=t
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXv9jvaWlmk7Ofb06Demg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: ED5329838CE047CA90B0DDC9980C44FF Ref B: OSL30EDGE0116 Ref C: 2022-12-16T18:35:28Z
date: Fri, 16 Dec 2022 18:35:27 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash d8ee7b5ed9f1ce2717492af01f420e1f
1e1cfe7134e0d88f1398c5e8b54c2632a7d3459b
1b0f0eff510a5eee48139d1f2a02a4f98109541998da638034bc04b05ef72d32
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 18:35:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.google-analytics.com/g/collect?v=2&tid=G-M0GFGLPMZ2>m=2oebu0&_p=1141843028&cid=1027445396.1671215725&ul=en-us&sr=1280x1024&_s=1&sid=1671215725&sct=1&seg=0&dl=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&dt=Global%20Sources&en=page_view&_fv=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-M0GFGLPMZ2>m=2oebu0&_p=1141843028&cid=1027445396.1671215725&ul=en-us&sr=1280x1024&_s=1&sid=1671215725&sct=1&seg=0&dl=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&dt=Global%20Sources&en=page_view&_fv=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-M0GFGLPMZ2>m=2oebu0&_p=1141843028&cid=1027445396.1671215725&ul=en-us&sr=1280x1024&_s=1&sid=1671215725&sct=1&seg=0&dl=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&dt=Global%20Sources&en=page_view&_fv=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://czjilce-aqg-6.tk
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://czjilce-aqg-6.tk
date: Fri, 16 Dec 2022 18:35:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=3267009&time=1671215725271&url=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tm=gtmv2&liSync=true
13.107.42.14200 OK 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=3267009&time=1671215725271&url=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tm=gtmv2&liSync=true
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=3267009&time=1671215725271&url=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tm=gtmv2&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://czjilce-aqg-6.tk/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&dcd06319-3caa-4b88-8e90-6a993a54dc3d"; domain=.linkedin.com; Path=/; Secure; Expires=Sat, 16-Dec-2023 18:35:28 GMT; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2402:u=1:x=1:i=1671215728:t=1671302128:v=2:sig=AQEWdufFb_aW0IwQsFgQfb2Xe9XW1uoF"; Expires=Sat, 17 Dec 2022 18:35:28 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXv9jvc8tGZItou+UW2bw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 6DFFFEDDB0BF4A57A422CE32C4AB59C5 Ref B: OSL30EDGE0116 Ref C: 2022-12-16T18:35:28Z
date: Fri, 16 Dec 2022 18:35:28 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash d8ee7b5ed9f1ce2717492af01f420e1f
1e1cfe7134e0d88f1398c5e8b54c2632a7d3459b
1b0f0eff510a5eee48139d1f2a02a4f98109541998da638034bc04b05ef72d32
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 18:35:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/action/0?ti=137022501&tm=gtm002&Ver=2&mid=2e7c0517-362a-4876-9b4b-1f2058a034ae&sid=680a9cf07d7011ed93f21fbe400954b1&vid=680ac6d07d7011ed80a233afab39ab70&vids=0&msclkid=N&gc=USD&tpp=1&ea=gtm.scrollDepth&en=Y&sw=1280&sh=1024&sc=24&evt=custom&rn=890835
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=137022501&tm=gtm002&Ver=2&mid=2e7c0517-362a-4876-9b4b-1f2058a034ae&sid=680a9cf07d7011ed93f21fbe400954b1&vid=680ac6d07d7011ed80a233afab39ab70&vids=0&msclkid=N&gc=USD&tpp=1&ea=gtm.scrollDepth&en=Y&sw=1280&sh=1024&sc=24&evt=custom&rn=890835
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=137022501&tm=gtm002&Ver=2&mid=2e7c0517-362a-4876-9b4b-1f2058a034ae&sid=680a9cf07d7011ed93f21fbe400954b1&vid=680ac6d07d7011ed80a233afab39ab70&vids=0&msclkid=N&gc=USD&tpp=1&ea=gtm.scrollDepth&en=Y&sw=1280&sh=1024&sc=24&evt=custom&rn=890835 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=3C99D183E2416AC70120C3FFE3166B9D; domain=.bing.com; expires=Wed, 10-Jan-2024 18:35:29 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7D8804A6B0FB4EF2993A8E3155D468D4 Ref B: OSL30EDGE0414 Ref C: 2022-12-16T18:35:29Z
date: Fri, 16 Dec 2022 18:35:28 GMT
X-Firefox-Spdy: h2
insight.adsrvr.org/track/up?adv=uo3y5o8&ref=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&upid=sijvout&upv=1.1.0
52.223.40.198200 OK 0 B URL HTTP/2 insight.adsrvr.org/track/up?adv=uo3y5o8&ref=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&upid=sijvout&upv=1.1.0
IP 52.223.40.198:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /track/up?adv=uo3y5o8&ref=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&upid=sijvout&upv=1.1.0 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 16 Dec 2022 18:35:29 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
login.globalsources.com/sso/gsol/pex/en/balat/includes/jqueryandplugins.js
107.154.199.39200 OK 0 B URL HTTP/2 login.globalsources.com/sso/gsol/pex/en/balat/includes/jqueryandplugins.js
IP 107.154.199.39:0
GET /sso/gsol/pex/en/balat/includes/jqueryandplugins.js HTTP/1.1
Host: login.globalsources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 16 Dec 2022 18:35:27 GMT
content-type: application/x-javascript
set-cookie: AWSALBTG=q615L5/dCwgtKetBxPrZPLUalmB2IVwxE9tb/5HelOFXfA1tD7usv54q0i89kg6f4YvG560bUXGqQsbykmBw80z+b3ncSblOlHcNmh98ZDsNYE3gEJ0pU7WK3zk9GpgyGmpNf6sdyBrr3bYjFNR35qjJNOvyElBYyBDFYon9CbT5; Expires=Fri, 23 Dec 2022 18:35:26 GMT; Path=/
AWSALBTGCORS=q615L5/dCwgtKetBxPrZPLUalmB2IVwxE9tb/5HelOFXfA1tD7usv54q0i89kg6f4YvG560bUXGqQsbykmBw80z+b3ncSblOlHcNmh98ZDsNYE3gEJ0pU7WK3zk9GpgyGmpNf6sdyBrr3bYjFNR35qjJNOvyElBYyBDFYon9CbT5; Expires=Fri, 23 Dec 2022 18:35:26 GMT; Path=/; SameSite=None; Secure
AWSALB=UpHV2wPmLTVKmws46TTNlHbBHVEANThCsGkZuZoic15tAlz7r2cMPQU3rSbA99JjFTSJi7KGOl4UWcjoj2UayLFOxA+nZAf+ZKT0mfLJkY4EKlnwLggLLmwcjhVr; Expires=Fri, 23 Dec 2022 18:35:26 GMT; Path=/
AWSALBCORS=UpHV2wPmLTVKmws46TTNlHbBHVEANThCsGkZuZoic15tAlz7r2cMPQU3rSbA99JjFTSJi7KGOl4UWcjoj2UayLFOxA+nZAf+ZKT0mfLJkY4EKlnwLggLLmwcjhVr; Expires=Fri, 23 Dec 2022 18:35:26 GMT; Path=/; SameSite=None; Secure
nlbi_2766148=Pr8oCKp370sBvzZuOJREPwAAAABSuqX1bS6FyzhMMOqTe/qv; path=/; Domain=.globalsources.com
visid_incap_2766148=8eZgtdo7RNSE+bNVYhmCr226nGMAAAAAQUIPAAAAAACvRYjTNGZWRdpjgKRriOLj; expires=Fri, 15 Dec 2023 22:29:36 GMT; HttpOnly; path=/; Domain=.globalsources.com
incap_ses_277_2766148=4GA4cvUfu0IRvvdgiBrYA266nGMAAAAAAvNlGi01v6I9z++TNQ1xaA==; path=/; Domain=.globalsources.com
last-modified: Thu, 28 Apr 2022 06:31:57 GMT
cache-control: no-cache
pragma: no-cache
expires: Mon, 01 Jan 1999 00:00:00 GMT
content-encoding: gzip
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' *.globalsources.com; upgrade-insecure-requests;
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.globalsources.com ; form-action 'none' data: blob: ; frame-ancestors 'self' ; report-uri /csp_report
x-iinfo: 14-93908584-93907033 2NNN RT(1671215725512 43) q(0 0 0 1) r(11 11) U2
X-Firefox-Spdy: h2
login.globalsources.com/sso/gsol/pex/en/common/includes/ssoscripts.js
107.154.199.39200 OK 0 B URL HTTP/2 login.globalsources.com/sso/gsol/pex/en/common/includes/ssoscripts.js
IP 107.154.199.39:0
GET /sso/gsol/pex/en/common/includes/ssoscripts.js HTTP/1.1
Host: login.globalsources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 16 Dec 2022 18:35:27 GMT
content-type: application/x-javascript
set-cookie: AWSALBTG=AqLdNhrj2QLzTg9IbXCdWfyoPfffhniS0gVNRjH4oPsthbUDdJs4UIMvWHt6ay7gPX84BS4BhZW04Qkc7q7EFFrUQsEOCnSzu1R3aVaWwf4cKLREYLt7SO54U8ryJ2FEpqbMbDATuQY8mRADnKH+LRRVY+0mf/w0PXIMMJgFZXRK; Expires=Fri, 23 Dec 2022 18:35:27 GMT; Path=/
AWSALBTGCORS=AqLdNhrj2QLzTg9IbXCdWfyoPfffhniS0gVNRjH4oPsthbUDdJs4UIMvWHt6ay7gPX84BS4BhZW04Qkc7q7EFFrUQsEOCnSzu1R3aVaWwf4cKLREYLt7SO54U8ryJ2FEpqbMbDATuQY8mRADnKH+LRRVY+0mf/w0PXIMMJgFZXRK; Expires=Fri, 23 Dec 2022 18:35:27 GMT; Path=/; SameSite=None; Secure
AWSALB=VlwcIxZCkqyhjHhvSZddDL42F6ohKT+7UFbDyfXEzBO6+ZRIJQclsgQvAeA/9C5Bldx1NKE150VDPTtEgdyovNazug304g5GYeZFqRsld8zBhW8K0WlufSNhQG/a; Expires=Fri, 23 Dec 2022 18:35:27 GMT; Path=/
AWSALBCORS=VlwcIxZCkqyhjHhvSZddDL42F6ohKT+7UFbDyfXEzBO6+ZRIJQclsgQvAeA/9C5Bldx1NKE150VDPTtEgdyovNazug304g5GYeZFqRsld8zBhW8K0WlufSNhQG/a; Expires=Fri, 23 Dec 2022 18:35:27 GMT; Path=/; SameSite=None; Secure
nlbi_2766148=qobzcUHKZU7hq1HAOJREPwAAAAAE7+xs41h147cp3RVCAopO; path=/; Domain=.globalsources.com
visid_incap_2766148=8eZgtdo7RNSE+bNVYhmCr226nGMAAAAAQUIPAAAAAACvRYjTNGZWRdpjgKRriOLj; expires=Fri, 15 Dec 2023 22:29:36 GMT; HttpOnly; path=/; Domain=.globalsources.com
incap_ses_277_2766148=bwCnCEhGl1MRvvdgiBrYA266nGMAAAAAlgM12KWuCF/YeKdWLdbxdw==; path=/; Domain=.globalsources.com
last-modified: Thu, 28 Apr 2022 06:28:09 GMT
cache-control: no-cache
pragma: no-cache
expires: Mon, 01 Jan 1999 00:00:00 GMT
content-encoding: gzip
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' *.globalsources.com; upgrade-insecure-requests;
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.globalsources.com ; form-action 'none' data: blob: ; frame-ancestors 'self' ; report-uri /csp_report
x-iinfo: 14-93908584-93906226 2NNN RT(1671215725512 44) q(0 0 0 1) r(13 13) U2
X-Firefox-Spdy: h2
login.globalsources.com/rdvoqldvqhjbezvv825122.js
107.154.199.39404 Not Found 0 B URL HTTP/2 login.globalsources.com/rdvoqldvqhjbezvv825122.js
IP 107.154.199.39:0
GET /rdvoqldvqhjbezvv825122.js HTTP/1.1
Host: login.globalsources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Cookie: AWSALBTGCORS=AqLdNhrj2QLzTg9IbXCdWfyoPfffhniS0gVNRjH4oPsthbUDdJs4UIMvWHt6ay7gPX84BS4BhZW04Qkc7q7EFFrUQsEOCnSzu1R3aVaWwf4cKLREYLt7SO54U8ryJ2FEpqbMbDATuQY8mRADnKH+LRRVY+0mf/w0PXIMMJgFZXRK; AWSALBCORS=VlwcIxZCkqyhjHhvSZddDL42F6ohKT+7UFbDyfXEzBO6+ZRIJQclsgQvAeA/9C5Bldx1NKE150VDPTtEgdyovNazug304g5GYeZFqRsld8zBhW8K0WlufSNhQG/a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
date: Fri, 16 Dec 2022 18:35:27 GMT
content-type: text/html
set-cookie: AWSALBTG=df2P6uTo1J2WD6m5RcMTVttSkFOIi6y1blxBemrxRNMGynyggKZWGURlkLyYncGdUZ9c89oeREIIAyJp1y+phWxWesmivbKP03a/Nee0lcvCUYyN/tFCvRWFfJbKmm9Iettvht6K5XYGfsObeY1h5VrQo4wctRTpJ1OEJ45oy4s3; Expires=Fri, 23 Dec 2022 18:35:27 GMT; Path=/
AWSALBTGCORS=df2P6uTo1J2WD6m5RcMTVttSkFOIi6y1blxBemrxRNMGynyggKZWGURlkLyYncGdUZ9c89oeREIIAyJp1y+phWxWesmivbKP03a/Nee0lcvCUYyN/tFCvRWFfJbKmm9Iettvht6K5XYGfsObeY1h5VrQo4wctRTpJ1OEJ45oy4s3; Expires=Fri, 23 Dec 2022 18:35:27 GMT; Path=/; SameSite=None; Secure
AWSALB=sujFPkQURqHXBTZGDQMwsiOuU1ulvJpWr9Gg32OXEmXOMYkr28lGYB4PF/zp5WIzmGUV2VnEDER1v5B7YTCXv6upA8a840xQEKGB14wlNRdWYf9orIEkSsYChB46; Expires=Fri, 23 Dec 2022 18:35:27 GMT; Path=/
AWSALBCORS=sujFPkQURqHXBTZGDQMwsiOuU1ulvJpWr9Gg32OXEmXOMYkr28lGYB4PF/zp5WIzmGUV2VnEDER1v5B7YTCXv6upA8a840xQEKGB14wlNRdWYf9orIEkSsYChB46; Expires=Fri, 23 Dec 2022 18:35:27 GMT; Path=/; SameSite=None; Secure
nlbi_2766148=aTboVVPTHxwtsyacOJREPwAAAACKX7Af3yFl/JxYjNQkUT/w; path=/; Domain=.globalsources.com
visid_incap_2766148=8eZgtdo7RNSE+bNVYhmCr226nGMAAAAAQUIPAAAAAACvRYjTNGZWRdpjgKRriOLj; expires=Fri, 15 Dec 2023 22:29:36 GMT; HttpOnly; path=/; Domain=.globalsources.com
incap_ses_277_2766148=UMQ3H1SsKG4RvvdgiBrYA2+6nGMAAAAACsrytjCocQdkW5XxHqb0Zg==; path=/; Domain=.globalsources.com
cache-control: no-cache
pragma: no-cache
expires: Mon, 01 Jan 1999 00:00:00 GMT
content-encoding: gzip
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' *.globalsources.com; upgrade-insecure-requests;
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.globalsources.com ; form-action 'none' data: blob: ; frame-ancestors 'self' ; report-uri /csp_report
x-iinfo: 14-93908584-93906226 2NNN RT(1671215725512 1468) q(0 0 0 0) r(3 3) U11
X-Firefox-Spdy: h2
insight.adsrvr.org/track/pxl/?adv=uo3y5o8&ct=0:8gqij5f&fmt=3&td1={Page%20URL}&td2={Click%20Text}&td3={Click%20Classes}&td4={Event}
52.223.40.198200 OK 0 B URL HTTP/2 insight.adsrvr.org/track/pxl/?adv=uo3y5o8&ct=0:8gqij5f&fmt=3&td1={Page%20URL}&td2={Click%20Text}&td3={Click%20Classes}&td4={Event}
IP 52.223.40.198:0
GET /track/pxl/?adv=uo3y5o8&ct=0:8gqij5f&fmt=3&td1={Page%20URL}&td2={Click%20Text}&td3={Click%20Classes}&td4={Event} HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 16 Dec 2022 18:35:29 GMT
content-type: image/gif
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
login.globalsources.com/rdvoqldvqhjbezvv825122.js
107.154.199.39404 Not Found 0 B URL HTTP/2 login.globalsources.com/rdvoqldvqhjbezvv825122.js
IP 107.154.199.39:0
GET /rdvoqldvqhjbezvv825122.js HTTP/1.1
Host: login.globalsources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Fri, 16 Dec 2022 18:35:27 GMT
content-type: text/html
set-cookie: AWSALBTG=1fxpZRDmt8Z1ZBKtblFYsR3JmUYtoVHc2NIbaHtepCuZ+YtiolAu0kVj7weBAPxGSqh7YiaiD0v2R0LQkxpBQOMkZOOPh0HR34OQZNWnt+MopoCrZsLxGG/TPOW5zUmNmupFyo25oxF4gZRCLgDjRevZlJGLy2yslcJqjNl49G+6; Expires=Fri, 23 Dec 2022 18:35:27 GMT; Path=/
AWSALBTGCORS=1fxpZRDmt8Z1ZBKtblFYsR3JmUYtoVHc2NIbaHtepCuZ+YtiolAu0kVj7weBAPxGSqh7YiaiD0v2R0LQkxpBQOMkZOOPh0HR34OQZNWnt+MopoCrZsLxGG/TPOW5zUmNmupFyo25oxF4gZRCLgDjRevZlJGLy2yslcJqjNl49G+6; Expires=Fri, 23 Dec 2022 18:35:27 GMT; Path=/; SameSite=None; Secure
AWSALB=u/eyep0n7UQF/s9He8HWC67e2eKVqucxwlknQJH1AykeSQ+QeiYDsBkhH0xVPMUC7F1C98IOd2tSL/S0EKVYKDLxe8+AO+dKj/3Ljn9BEjBXEZdM7VdeWTMx2xHT; Expires=Fri, 23 Dec 2022 18:35:27 GMT; Path=/
AWSALBCORS=u/eyep0n7UQF/s9He8HWC67e2eKVqucxwlknQJH1AykeSQ+QeiYDsBkhH0xVPMUC7F1C98IOd2tSL/S0EKVYKDLxe8+AO+dKj/3Ljn9BEjBXEZdM7VdeWTMx2xHT; Expires=Fri, 23 Dec 2022 18:35:27 GMT; Path=/; SameSite=None; Secure
nlbi_2766148=NP0ZELIL0FgJb50XOJREPwAAAAD/X/Lq/urj6/7TNUBvVr35; path=/; Domain=.globalsources.com
visid_incap_2766148=8eZgtdo7RNSE+bNVYhmCr226nGMAAAAAQUIPAAAAAACvRYjTNGZWRdpjgKRriOLj; expires=Fri, 15 Dec 2023 22:29:36 GMT; HttpOnly; path=/; Domain=.globalsources.com
incap_ses_277_2766148=8UmUUGT3+RIRvvdgiBrYA266nGMAAAAAAsSfuyOt5ZYkatPo+KUg2Q==; path=/; Domain=.globalsources.com
cache-control: no-cache
pragma: no-cache
expires: Mon, 01 Jan 1999 00:00:00 GMT
content-encoding: gzip
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' *.globalsources.com; upgrade-insecure-requests;
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.globalsources.com ; form-action 'none' data: blob: ; frame-ancestors 'self' ; report-uri /csp_report
x-iinfo: 14-93908584-93906226 2NNN RT(1671215725512 42) q(0 0 0 0) r(11 11) U11
X-Firefox-Spdy: h2