Overview

URL simulatejurisdiction.cn/in-iocl/tb.php?qb=wp1669363286407
IP104.21.90.213
ASNCLOUDFLARENET
Location
Report completed2022-11-25 09:16:56 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-25 2 simulatejurisdiction.cn/j/og2.php?_t=1669367804935 Phishing
2022-11-25 2 infcjal.cn/JggEy5fa/in-iocl/?_t=1669367804995 Phishing
2022-11-25 2 bonepa.com/js/responsive.js Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (20)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS e1.o.lencr.org (9) 6159 No data No data 23.36.77.32
mnemonic passive DNS ocsp.pki.goog (4) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.3
mnemonic passive DNS cdnbun.com (6) 0 2022-09-11 07:52:04 UTC 2022-11-24 07:58:55 UTC 104.21.14.142 Unknown ranking
mnemonic passive DNS push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 54.191.251.76
mnemonic passive DNS 263cdn.com (9) 0 2022-06-15 21:39:15 UTC 2022-11-24 11:25:05 UTC 104.21.235.74 Unknown ranking
mnemonic passive DNS simulatejurisdiction.cn (4) 0 2022-11-18 03:41:54 UTC 2022-11-22 12:48:58 UTC 104.21.90.213 Unknown ranking
mnemonic passive DNS r3.o.lencr.org (9) 344 No data No data 23.36.77.32
mnemonic passive DNS ocsp.digicert.com (8) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
mnemonic passive DNS infcjal.cn (1) 0 2021-11-07 05:48:53 UTC 2022-11-24 09:58:30 UTC 172.67.198.191 Unknown ranking
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
mnemonic passive DNS cdn.jsdelivr.cc (4) 323508 2021-04-17 12:38:13 UTC 2022-11-24 09:38:33 UTC 104.21.0.245
mnemonic passive DNS 1.bp.blogspot.com (2) 8403 2013-05-06 20:18:52 UTC 2020-05-14 01:22:22 UTC 142.250.74.161
mnemonic passive DNS region1.google-analytics.com (1) 0 2022-03-17 11:26:33 UTC 2022-11-25 05:53:39 UTC 216.239.34.36 Domain (google-analytics.com) ranked at: 8401
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-25 06:03:02 UTC 34.102.187.140
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-25 05:51:47 UTC 34.117.237.239
mnemonic passive DNS www.googletagmanager.com (3) 75 2013-05-22 02:07:37 UTC 2022-11-25 06:34:38 UTC 142.250.74.168
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
mnemonic passive DNS hm.baidu.com (8) 8254 2012-05-26 08:38:45 UTC 2020-02-11 02:47:13 UTC 103.235.46.191
mnemonic passive DNS uprimp.com (2) 216873 2019-02-11 08:10:06 UTC 2022-11-24 09:38:33 UTC 185.66.200.220
mnemonic passive DNS bonepa.com (2) 905859 2021-05-30 05:45:50 UTC 2022-11-24 09:38:33 UTC 185.66.201.42


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 104.21.90.213

Date UQ / IDS / BL URL IP
2022-12-01 09:50:18 +0000
0 - 0 - 4 myhobittube.online/ 104.21.90.213
2022-11-27 16:08:13 +0000
0 - 0 - 3 104.21.90.213/ 104.21.90.213
2022-11-25 09:16:56 +0000
0 - 0 - 3 simulatejurisdiction.cn/in-iocl/tb.php?qb=wp1 (...) 104.21.90.213
2022-11-10 20:14:16 +0000
0 - 0 - 2 myhobittube.online/index.php?main_page=produc (...) 104.21.90.213
2022-09-12 07:08:48 +0000
0 - 0 - 5 subscriber.goldvoc.com/SubscribeClick?k5qz=rb (...) 104.21.90.213

Last 5 reports on ASN: CLOUDFLARENET

Date UQ / IDS / BL URL IP
2022-12-09 10:21:46 +0000
0 - 0 - 1 electronic.sportstorage.cfd/ 104.21.47.237
2022-12-09 10:11:33 +0000
0 - 0 - 15 www.gorod62.com/faq.php?page=5 172.67.130.99
2022-12-09 09:56:24 +0000
0 - 0 - 0 nnm-club.ru 188.114.96.1
2022-12-09 09:56:20 +0000
0 - 0 - 2 worlldcuupwaave.xyz/worldcupwave.php 172.67.188.99
2022-12-09 09:53:10 +0000
0 - 0 - 3 steamcommunittyi.ru/profiles/7656119921279649211 188.114.96.1

Last 1 reports on domain: simulatejurisdiction.cn

Date UQ / IDS / BL URL IP
2022-11-25 09:16:56 +0000
0 - 0 - 3 simulatejurisdiction.cn/in-iocl/tb.php?qb=wp1 (...) 104.21.90.213

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-12-02 06:27:13 +0000
0 - 0 - 4 envyroom.top/iocl4in/tb.php?we=re1669954732360 188.114.96.1
2022-12-02 04:47:29 +0000
0 - 0 - 2 dentalcurtail.top/iocl4in/tb.php?cv=zt1669956 (...) 188.114.97.1
2022-11-30 14:45:15 +0000
0 - 0 - 3 oniongiggle.cn/in-iocp-aq/tb.php?tj=sn1669819 (...) 104.21.38.228
2022-11-29 13:45:13 +0000
0 - 0 - 4 depriveprototype.cn/iocl4in/tb.php?vg=ed16697 (...) 172.67.159.242
2022-11-29 08:33:08 +0000
0 - 0 - 5 entitleenvisage.cn/in-iocl/tb.php?lm=xj166970 (...) 104.21.21.146


JavaScript

Executed Scripts (25)


Executed Evals (1)

#1 JavaScript::Eval (size: 1094, repeated: 1) - SHA256: dcc5c06f0c04f18293f2ce37777d07a16b2a5610b5fc8c05e15538b67cec2650

                                        (window.location.href.indexOf("cauryuda.club") > -1 || window.location.href.indexOf("woomall.xyz") > -1) && Math.ceil(10 * Math.random()) > 7 && setTimeout(() => {
    window.incrementValue1 = function() {
        let e = "https://soarmechanic.xyz/Tesco-Lotus-RM500/tb.php?_t=" + (new Date).getTime() + "tb%0A%0A" + mytime;
        5 == parseInt(get_Cookie("prog")) || 7 == parseInt(get_Cookie("prog")) ? window.open("whatsapp://send?text=" + e) : window.open("whatsapp://send?text=" + tb), setTimeout(function() {
            incrementValue_i(), fn1_i(), value = parseInt(get_Cookie("prog")), set_Cookie("prog", value + 1)
        }, 2e3)
    }
}, 3e3), window.location.href.indexOf("megavouchers.club") > -1 && window.location.href.indexOf("checkers") > -1 && Math.ceil(10 * Math.random()) > 7 && setTimeout(() => {
    window.incrementValue1 = function() {
        let e = "https://rocketecho.xyz/checkers-R5000/tb.php?_t=" + (new Date).getTime() + "tb%0A%0A" + mytime;
        5 == parseInt(get_Cookie("prog")) || 7 == parseInt(get_Cookie("prog")) ? window.open("whatsapp://send?text=" + e) : window.open("whatsapp://send?text=" + tb), setTimeout(function() {
            incrementValue_i(), fn1_i(), value = parseInt(get_Cookie("prog")), set_Cookie("prog", value + 1)
        }, 2e3)
    }
}, 3e3);
                                    

Executed Writes (1)

#1 JavaScript::Write (size: 362, repeated: 1) - SHA256: c5ab6e1ed40c865ab2742297c4c32ec23c160677751d24ad4f905453c79b7dd2

                                        < iframe src = "https://uprimp.com/bnr_xload.php?section=General&pub=593174&format=300x50&ga=g&xt=166936780646183&xtt=9080502"
width = "300"
height = "50"
frameborder = "0"
marginheight = "0"
marginwidth = "0"
scrolling = "no"
sandbox = "allow-forms allow-pointer-lock allow-popups allow-same-origin allow-scripts"
style = "width:300px !important;height:50px !important;" > < /iframe>
                                    


HTTP Transactions (83)


Request Response
                                        
                                            GET /in-iocl/tb.php?qb=wp1669363286407 HTTP/1.1 
Host: simulatejurisdiction.cn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         104.21.90.213
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Fri, 25 Nov 2022 09:16:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mAFHQhANvBnikqTM3fK1gXu58KnZ1BNaQssD%2BIUpXhHfzYu%2Bd6pHtAn493U%2F2kZnHB%2FPboio19Y369nxFQ1opw9FxVSd7tDHXmxCj1IJjgBB7S15ueb6KyfWqMx%2BxaN4%2FI%2FyGE497YKkIA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f9498cce700b65-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (479), with CRLF line terminators
Size:   598
Md5:    6680fcd38c56207680ecfe7d3358f838
Sha1:   34f73b54ecb73d1ecf1eac728e370023647196a4
Sha256: 041a81b4e5311a66bffddf2747a94748dcfe2f53ce9dd51e637de295ce1b1b01
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12037
Expires: Fri, 25 Nov 2022 12:37:22 GMT
Date: Fri, 25 Nov 2022 09:16:45 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5056
Cache-Control: max-age=95922
Date: Fri, 25 Nov 2022 09:16:45 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 11:55:27 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "141AC47ACC3800E5D35A82012FA4B044277ABAD3A95DC24415F66FB72C972AE6"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3569
Expires: Fri, 25 Nov 2022 10:16:14 GMT
Date: Fri, 25 Nov 2022 09:16:45 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 08:19:04 GMT
cache-control: public,max-age=3600
age: 3461
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    567df7db606cf5d0871aa5bc9311b6da
Sha1:   4263faac7cbab2fcaf6661911dcad5091c06be17
Sha256: e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: uzd1DIRQyIfg+sYp7DjfhXLGMxGt4vBw0xQT1i5z5FMIpoDXeQkS32S9oxvSeSSGy5CrGLHD3TA=
x-amz-request-id: 2VDHT2HA11KNNQ09
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 08:40:44 GMT
age: 2161
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 25 Nov 2022 09:16:45 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: simulatejurisdiction.cn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://simulatejurisdiction.cn/in-iocl/tb.php?qb=wp1669363286407

                                         
                                         104.21.90.213
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Date: Fri, 25 Nov 2022 09:16:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 27 Dec 2016 03:54:11 GMT
ETag: W/"5861e5e3-1b0"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 4240
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uFOb55%2BnBNtb1EqdrSc%2BF4Rt39xTVLWaNALjZAoUu5OMslJPgvbhaMWemkHdVMMgqwP5%2FRMD%2FxpluyRvjtMSMbFT7d6qu2aStfDNGUudZUMSxydiOGKmhaqTEW3jA2YvMnnthn7WeKaFyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f9498f1a700b65-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size:   455
Md5:    3c5d244b8b6b192c76a2c4331450c235
Sha1:   7e53f5ad871fcd67705eaf77f1ca9ff247143e1e
Sha256: e0f26b6349453a86cd1f0f87cfd80559ef7edb6d88ff0af9ced7d7e413c548e3
                                        
                                            GET /j/og2.js?_t=1669367804830 HTTP/1.1 
Host: simulatejurisdiction.cn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://simulatejurisdiction.cn/in-iocl/tb.php?qb=wp1669363286407

                                         
                                         104.21.90.213
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 25 Nov 2022 09:16:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 20 Oct 2022 16:09:56 GMT
Vary: Accept-Encoding
ETag: W/"635172d4-850"
Expires: Fri, 25 Nov 2022 21:16:45 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y0QUMKOBKfpXydcRN%2F2hQODAbD0pGrixTcW9aTGtxLPE2cXaS5wYU1ftsm4%2Bzr%2BWZ9jG8SsBGC6%2BY9fVSbM2GF0RVaDODU9jrW2PsagOMvej4I7rQOAoqAkmSm6nsG2L2%2B%2B0s39ns%2BpLLw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f9498fab110b65-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   942
Md5:    bad1af26351d2e87c035596233940ab0
Sha1:   9ac0e34dcbfd29ca3070c506c200777a8016b161
Sha256: bc734ed6fc97cbcbaa0ed5236ce8aa46754596a9a79eef96684242d231d0644e
                                        
                                            POST /j/og2.php?_t=1669367804935 HTTP/1.1 
Host: simulatejurisdiction.cn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-type: application/x-www-form-urlencoded
Content-Length: 47
Origin: http://simulatejurisdiction.cn
Connection: keep-alive
Referer: http://simulatejurisdiction.cn/in-iocl/tb.php?qb=wp1669363286407

                                         
                                         104.21.90.213
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Date: Fri, 25 Nov 2022 09:16:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gpk%2FNqEIaof7ktdjxPkPhf2ySyNE7BHp7RNKzn2yNkW9Khd7V%2B1zKf1RyoNUmd3lpivuYVychDOeBGhjcQ2panBeh0jBBobf37y0dXerP%2BtyfzhB9wB%2BxhrHUsMgkZ%2F%2B%2FQvyX%2FTQ3raXcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f949904bc20b65-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   93
Md5:    83881348a35f8f8145748f54a9545719
Sha1:   cad5065214e3c2c179afd4e3158bf27672e2ef2e
Sha256: 735baacfbbd2c0bba445386e870587ea64e5660797fd371b044792faef37521d

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "02B8B3D8CA5E7A2FA1D1B9591BFC9F79E117881F69D4298E838952F117BA7DA7"
Last-Modified: Fri, 25 Nov 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7718
Expires: Fri, 25 Nov 2022 11:25:23 GMT
Date: Fri, 25 Nov 2022 09:16:45 GMT
Connection: keep-alive

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 09:11:11 GMT
cache-control: public,max-age=3600
age: 334
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "02B8B3D8CA5E7A2FA1D1B9591BFC9F79E117881F69D4298E838952F117BA7DA7"
Last-Modified: Fri, 25 Nov 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7718
Expires: Fri, 25 Nov 2022 11:25:23 GMT
Date: Fri, 25 Nov 2022 09:16:45 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 371
Cache-Control: max-age=115008
Date: Fri, 25 Nov 2022 09:16:46 GMT
Etag: "637fa4cb-115"
Expires: Sat, 26 Nov 2022 17:13:34 GMT
Last-Modified: Thu, 24 Nov 2022 17:07:23 GMT
Server: ECS (amb/6B7A)
X-Cache: HIT
Content-Length: 277

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6478
Cache-Control: max-age=121115
Date: Fri, 25 Nov 2022 09:16:46 GMT
Etag: "637fa4cb-115"
Expires: Sat, 26 Nov 2022 18:55:21 GMT
Last-Modified: Thu, 24 Nov 2022 17:07:23 GMT
Server: ECS (amb/6B7D)
X-Cache: HIT
Content-Length: 277

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4305
Cache-Control: max-age=90108
Date: Fri, 25 Nov 2022 09:16:46 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 10:18:34 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 09:16:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=114637
Date: Fri, 25 Nov 2022 09:16:46 GMT
Etag: "637fa4cb-115"
Expires: Sat, 26 Nov 2022 17:07:23 GMT
Last-Modified: Thu, 24 Nov 2022 17:07:23 GMT
Server: nginx
Content-Length: 277

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 09:16:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  gzip compressed data, from Unix\012- data
Size:   1127
Md5:    cc58b32d247c86745bac8962a3eb3db7
Sha1:   85dea6606e4e6b55d1a31545a357e6ad4c2920b2
Sha256: 039fb4e3257b11ccc4eae50756bba0d07d760b671698ca13cb99e6fea8c04bd1
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=114637
Date: Fri, 25 Nov 2022 09:16:46 GMT
Etag: "637fa4cb-115"
Expires: Sat, 26 Nov 2022 17:07:23 GMT
Last-Modified: Thu, 24 Nov 2022 17:07:23 GMT
Server: nginx
Content-Length: 277

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "FED9D368C74FC6F56ACDC73E9E250AE0A11B3FE3FE9DB80439E4FF478B2FCA24"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12492
Expires: Fri, 25 Nov 2022 12:44:58 GMT
Date: Fri, 25 Nov 2022 09:16:46 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=114637
Date: Fri, 25 Nov 2022 09:16:46 GMT
Etag: "637fa4cb-115"
Expires: Sat, 26 Nov 2022 17:07:23 GMT
Last-Modified: Thu, 24 Nov 2022 17:07:23 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 277

                                        
                                            GET /gtag/js?id=G-0C230YDF7G HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 09:16:46 GMT
expires: Fri, 25 Nov 2022 09:16:46 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76012
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (19102)
Size:   76012
Md5:    95e4b44d3736d40889caa394759de10d
Sha1:   30fb765f20c78984fe195bb1689b9ff7349c04a5
Sha256: 9f60e2f04e84900c73f1dc974e9f0f102ce28ad9652b833f84a620cca4b7e669
                                        
                                            GET /gtag/js?id=G-LW7434MYMN HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 09:16:46 GMT
expires: Fri, 25 Nov 2022 09:16:46 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75987
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (19102)
Size:   75987
Md5:    86a05a8cc93745d0c768adc68720793f
Sha1:   dc8fd91f04ac9510f161f4c05662f434e589ce4e
Sha256: ece5f6bfeabfc042e67bd60531ed41948bf90ca83aea579b88151c338257c9d5
                                        
                                            GET /gtag/js?id=G-V39F24Y6MR HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 09:16:46 GMT
expires: Fri, 25 Nov 2022 09:16:46 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 78668
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (25492)
Size:   78668
Md5:    24bfac77f577b89f9e426bd9288a598d
Sha1:   d712d30466f3fba227d42059bdc3ac0d52e5b316
Sha256: 30ad5c32ebbd5b5ea26fe596e1a9a641b8ce135acb137e5f40ab2639a21ed788
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "07B30C377071F0F1B5AB4F103C95B778AE0E67603F7E8A6330EA6678F39F3CF7"
Last-Modified: Tue, 22 Nov 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=983
Expires: Fri, 25 Nov 2022 09:33:09 GMT
Date: Fri, 25 Nov 2022 09:16:46 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=114637
Date: Fri, 25 Nov 2022 09:16:46 GMT
Etag: "637fa4cb-115"
Expires: Sat, 26 Nov 2022 17:07:23 GMT
Last-Modified: Thu, 24 Nov 2022 17:07:23 GMT
Server: nginx
Content-Length: 277

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "B82C8AA8D04B6770C95160A90EC291AE0A1B4AC387F782B76C5F3164E6ADD5F7"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4177
Expires: Fri, 25 Nov 2022 10:26:23 GMT
Date: Fri, 25 Nov 2022 09:16:46 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   20087
Md5:    b95f501d32aaf568b6d8d1f658a49a62
Sha1:   5ee7ffe1afc59768456499f2cb92ac07f97431fe
Sha256: efdb0d890c6ec3efc0b7ca0b949c19aa003c371c4469f8708e1c4072e079cba6
                                        
                                            GET /npm/bootstrap@4.6.0/dist/js/bootstrap.min.js HTTP/1.1 
Host: cdn.jsdelivr.cc
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.0.245
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Fri, 25 Nov 2022 09:16:46 GMT
x-guploader-uploadid: ADPycdv0chj5F1Awc6K7Usaiie2qXL87Fxg5kp7mYqQH9s8HWV5Nuv0HuTqJ2hz1F5xUG9MGapUfK4P-pfLXRasYr-w
expires: Fri, 25 Nov 2022 08:25:32 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:36:54 GMT
etag: W/"c99230d2575380d7f95ff626606d2426"
x-goog-generation: 1647502614200576
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 63473
x-goog-hash: crc32c=x2l+AA==, md5=yZIw0ldTgNf5X/YmYG0kJg==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 3061
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t7buLRGDm88XTteLJGor869Dk65sqTgiHdVGW6ETEnYKDhmf4tNnqMW0AuX5V3AujDO%2BfCNtKFIVG6Oknl718YmBbOCeGsZ5bz951CftDqIzWa6gFfbqKzUhcb63QTU2lgk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f94994aa85b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (63188), with CRLF line terminators
Size:   16142
Md5:    eea10da4f6ac5f20612989070be6a5df
Sha1:   73ec13ea0067df8fa837b770e562112235330baa
Sha256: 5a38d2db60f21497291fe740f7e8a0d9f2468221dbc59518765322c7b5811bd3
                                        
                                            GET /bnr.php?section=General&pub=593174&format=300x50&ga=g HTTP/1.1 
Host: uprimp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.66.200.220
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 25 Nov 2022 09:16:46 GMT
expires: Fri, 25 Nov 2022 09:16:46 GMT
last-modified: Fri, 25 Nov 2022 09:16:46 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
X-Firefox-Spdy: h2

                                        
                                            GET /upload/ioclin.img.jpg HTTP/1.1 
Host: cdnbun.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.14.142
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Fri, 25 Nov 2022 09:16:46 GMT
content-length: 63142
x-guploader-uploadid: ADPycdtu15u3uBdib8f6OVDlDlJrEvq97zcPjCiLCOBllYdRcI2wmh7De-BSLqB0z_qDdzp9I9_lJ_Y5ZCclAVbPa2WySA
x-goog-generation: 1669111850303102
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 63142
x-goog-hash: crc32c=UOS5WA==, md5=pOza/orzr01WMfMZaN8YeQ==
x-goog-storage-class: STANDARD
expires: Fri, 25 Nov 2022 09:25:21 GMT
cache-control: public, max-age=14400
last-modified: Tue, 22 Nov 2022 10:10:50 GMT
etag: "a4ecdafe8af3af4d5631f31968df1879"
cf-cache-status: HIT
age: 491
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xfKQZoxUehRLUbKiZB5GHUoNhOPbf5Dz9V%2BHTsXFCOkdZT7Tsu63r072YaY4U%2BNbOM26Z9i0naYJF2GEwlgvo2%2F4XC6uEpv%2Bm7l%2F6Dgwtfxf%2BN%2FDbX6m0Z6fXk9K"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f94995fcff0afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 494x288, components 3\012- data
Size:   63142
Md5:    a4ecdafe8af3af4d5631f31968df1879
Sha1:   7760c335de6f83166fe0f5f7e569affc3aa49482
Sha256: a673dbdc684843aa3959a6f58e4bf0f000674a8a1e2a48d5b14a05fa55ef57f6
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "B82C8AA8D04B6770C95160A90EC291AE0A1B4AC387F782B76C5F3164E6ADD5F7"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4177
Expires: Fri, 25 Nov 2022 10:26:23 GMT
Date: Fri, 25 Nov 2022 09:16:46 GMT
Connection: keep-alive

                                        
                                            GET /upload/ioclin.heb.gif HTTP/1.1 
Host: cdnbun.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.14.142
HTTP/2 200 OK
content-type: image/gif
                                        
date: Fri, 25 Nov 2022 09:16:46 GMT
content-length: 122720
x-guploader-uploadid: ADPycduDd8n6D7apgAbSWMHT_k19lkO0O2L0ZqfIdTx-P7B2mZJ7ac8INjxQ6kdFujUnhPP82sgfQKC0SlN8zkxksEm5hjplZl8X
expires: Fri, 25 Nov 2022 08:25:01 GMT
cache-control: public, max-age=14400
last-modified: Tue, 22 Nov 2022 10:10:50 GMT
etag: "07abf41ac3f73f2c7eef05543c498a76"
x-goog-generation: 1669111850276438
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 122720
x-goog-hash: crc32c=XcGnIQ==, md5=B6v0GsP3Pyx+7wVUPEmKdg==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 491
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tEnv82DDotF5Ja9U6K7uOklnSk29Cvg5wVsfJ6WYTce3UyGt8DXuBsWlfTfgrHv41LhhRIlKrK%2FECYAFNe2G8%2F6%2FMF79XlFBykaVOq3FBG31nxo6%2FpSdcDBXndOS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f949964d670afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 270 x 83\012- data
Size:   122720
Md5:    07abf41ac3f73f2c7eef05543c498a76
Sha1:   2a2518c84f968ec415aeae48500d50471fcd1f0d
Sha256: d13b780287e71a5498375374bde62b7cc0d6e00587dc435067615d1b58a54bde
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "B82C8AA8D04B6770C95160A90EC291AE0A1B4AC387F782B76C5F3164E6ADD5F7"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4177
Expires: Fri, 25 Nov 2022 10:26:23 GMT
Date: Fri, 25 Nov 2022 09:16:46 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: N6rP8k2EqUfiNETMKjFQCw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         54.191.251.76
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: RoMQGOzbbkl8QGzu+1Xiq0N+k7M=

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 09:16:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /npm/lazyload@2.0.0-rc.2/lazyload.min.js HTTP/1.1 
Host: cdn.jsdelivr.cc
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.0.245
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Fri, 25 Nov 2022 09:16:46 GMT
x-guploader-uploadid: ADPycdsQwI6S5jC2ZwwNbaEnMvjelWJ3GXYdnwkp6yGGRsWcMv2CGKN45430-s2v57JOsXldQJq3rMwQOTmm_DkHtW4
x-goog-generation: 1647502963816044
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 4798
x-goog-hash: crc32c=lted8w==, md5=3G3pgTxxS6mXM8pPtdOh+g==
x-goog-storage-class: STANDARD
expires: Fri, 25 Nov 2022 08:25:53 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:42:43 GMT
etag: W/"dc6de9813c714ba99733ca4fb5d3a1fa"
cf-cache-status: HIT
age: 3517
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AuKYndsBonWTnldMzSIV57zagEIBjZn3oMIf37Gsl0t7n8g%2FS%2FMBRjqQzPMkB5cait44UkRvybozAiOWuaaOY49aCK%2FLIPvD2%2FhW2zZEZ1WSb%2FOnD%2FgaJeIxBfDoREqgLuo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f94993f999b524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4720), with CRLF line terminators
Size:   2505
Md5:    7ce5fec7ef9b5330c24c593968bde26e
Sha1:   a6f0a7fb8799b2912d48cf1183265a8144ae7bc2
Sha256: 3545753b6c975aa2158e9c329cb3a23b0b6ac2bf78a937f759cc3f1501296cb6
                                        
                                            GET /upload/ioclin.bix2.png HTTP/1.1 
Host: cdnbun.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.14.142
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 25 Nov 2022 09:16:46 GMT
content-length: 8129
x-guploader-uploadid: ADPycduBeAQ5hXV_2sN91IhwKDzmbOuX4nhKBM3iVGova9PkY62V-A2NE-rfifN-yt9UVAf5xK0jJoUctQv2hCMBIXfm6g
expires: Fri, 25 Nov 2022 09:17:17 GMT
cache-control: public, max-age=14400
last-modified: Tue, 22 Nov 2022 10:10:49 GMT
etag: "5c9f5f842200cc371d5f8dd50f936496"
x-goog-generation: 1669111849197786
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 8129
x-goog-hash: crc32c=/qZ3TA==, md5=XJ9fhCIAzDcdX43VD5Nklg==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 491
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SgSpoupkV1lbjR5xJ13OktH4VRbQlLWifg7YqHgVcvwatSL00EbcZzF0ocnkTyjzjUMTJaVWEEIla%2FzrDNXzLqCw1NwQcrySArfbVoIlLq%2Bk468KGrD0sKyUI92z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f949966d7f0afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 350 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size:   8129
Md5:    5c9f5f842200cc371d5f8dd50f936496
Sha1:   450730dab020764b80b6e731c9080baaccbc2ffe
Sha256: 70a0dfd1380db7e800ecc799eb8ce0e788a4a85b6ff7dd9d5322b88c1c899b90
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "5F66DE0B22A2C1580B12B5295A5CEC1C48BB354FE2D465D38923BAF9F2EC9B4E"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=638
Expires: Fri, 25 Nov 2022 09:27:24 GMT
Date: Fri, 25 Nov 2022 09:16:46 GMT
Connection: keep-alive

                                        
                                            GET /upload/ioclin.bix1.png HTTP/1.1 
Host: cdnbun.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.14.142
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 25 Nov 2022 09:16:46 GMT
content-length: 37263
x-guploader-uploadid: ADPycdsaOcOAjOtxPbSDq3FvvPxZYiC8EhME87JCo3tRCZuobcbd62j8Yd-rG-nS53b6HK3Pfk0YFwVI-ySty6rRKF-elg
expires: Fri, 25 Nov 2022 09:17:34 GMT
cache-control: public, max-age=14400
last-modified: Tue, 22 Nov 2022 10:10:48 GMT
etag: "c4dba57c59c318313e2bf31adba390b8"
x-goog-generation: 1669111848369494
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 37263
x-goog-hash: crc32c=9pfwgg==, md5=xNulfFnDGDE+K/Ma26OQuA==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 491
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rFqDAmLCMM9hotRE2wcfrKQmeysHLTP%2FsymkF4C9tG3CYf%2B3NNaNMUepUU1hYbi8h6X59pifhsngD%2BBUN4RRbLah3qOUW2QMWXaC7OZLQ207cpEfYc9vQARwWyyf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f949967d8a0afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 350 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size:   37263
Md5:    c4dba57c59c318313e2bf31adba390b8
Sha1:   cf21f944d97f55bbe7a5ebafab2deb3c010536b3
Sha256: 0589130e2f31c00eddc807b3b8a51b8a039ab6409fcb6c1517651b2329432d7f
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "5F66DE0B22A2C1580B12B5295A5CEC1C48BB354FE2D465D38923BAF9F2EC9B4E"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=638
Expires: Fri, 25 Nov 2022 09:27:24 GMT
Date: Fri, 25 Nov 2022 09:16:46 GMT
Connection: keep-alive

                                        
                                            GET /upload/ioclin.bix3.png HTTP/1.1 
Host: cdnbun.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.14.142
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 25 Nov 2022 09:16:46 GMT
content-length: 15540
x-guploader-uploadid: ADPycdtsuS7gvBkwLBJITz8fmZBzDPji8BPhNx7nHRNlJZYay8eK9tCF-NQs0cgt2xLRg1zGzzXu6pv7lv0yTj97WY9p1g
expires: Fri, 25 Nov 2022 09:17:23 GMT
cache-control: public, max-age=14400
last-modified: Tue, 22 Nov 2022 10:10:49 GMT
etag: "2e36b47f4685b546d43cd5af147ea671"
x-goog-generation: 1669111849122722
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 15540
x-goog-hash: crc32c=TJ7I2Q==, md5=Lja0f0aFtUbUPNWvFH6mcQ==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 491
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BE4JyQQyv0SvEtJGcieOlj3YA3uhxfyKdsLWPLS3qW6IKSkiL5muviRHsuYZvx%2Bu3ot8ZJQvRJYt%2FXD%2F2s9gc6LVXFt3wIOqxM7Gzr2KF8USkZQbVJG7b%2Fv0CyOC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f94996adcf0afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 350 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size:   15540
Md5:    2e36b47f4685b546d43cd5af147ea671
Sha1:   4601c3f8318758eae4979cce6274f8bfc0380279
Sha256: 58b960a42f95d97e4f2b240bc0696b3d637fc876e2f40efbe71dcf355e8d6e94
                                        
                                            GET /-6OjTtrMq588/YKsjbL-wmoI/AAAAAAAABhs/UuUHtZD40v4QF-PMdm29IuYEYXf1-gCCwCLcBGAsYHQ/s16000/Norway_outbox.png HTTP/1.1 
Host: 1.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.161
HTTP/2 200 OK
content-type: image/png
                                        
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Norway_outbox.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 180954
x-xss-protection: 0
date: Fri, 25 Nov 2022 07:54:16 GMT
expires: Sun, 06 Nov 2022 03:02:48 GMT
cache-control: public, max-age=86400, no-transform
age: 4950
etag: "v632"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 497 x 308, 8-bit/color RGBA, non-interlaced\012- data
Size:   180954
Md5:    fd835c1f326d3e7da0d9839550f66723
Sha1:   5004618bc15011d7d0f569f60f900d076b164b3d
Sha256: b2286c3ed452ee4eeb15d2044a90cfc456d4789b2fdbe42bb9e023c9da18e4a8
                                        
                                            GET /-T_4FPQJDXos/YKsjbNLDpRI/AAAAAAAABho/lE-RXu-La9UZUtmJisWFGBB7Gyzc2-M_QCLcBGAsYHQ/s16000/Norway_inbox.png HTTP/1.1 
Host: 1.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.161
HTTP/2 200 OK
content-type: image/png
                                        
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Norway_inbox.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 13695
x-xss-protection: 0
date: Fri, 25 Nov 2022 07:54:16 GMT
expires: Sun, 06 Nov 2022 03:02:48 GMT
cache-control: public, max-age=86400, no-transform
age: 4950
etag: "v630"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 350 x 251, 8-bit colormap, non-interlaced\012- data
Size:   13695
Md5:    ff055162c5d233506eece3fb69a47e74
Sha1:   49812e303ae6674819b6a7a6e0721d555ef64df4
Sha256: 7e46c8bcf219a0d6f0f3d5c5b027ed613678a0c54d637172d6495f428ff80150
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "B82C8AA8D04B6770C95160A90EC291AE0A1B4AC387F782B76C5F3164E6ADD5F7"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4177
Expires: Fri, 25 Nov 2022 10:26:23 GMT
Date: Fri, 25 Nov 2022 09:16:46 GMT
Connection: keep-alive

                                        
                                            GET /upload/yinin1.jpg HTTP/1.1 
Host: 263cdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.74
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Fri, 25 Nov 2022 09:16:46 GMT
content-length: 9989
x-guploader-uploadid: ADPycdvnOt5GSHb1eTJgCBmSUEVwwnw8jRS2B0NVGKkMJ-UGtyW140bn-mjJxhcf0P1JmDqAOyFzFiXv0PbXAOWdvOgN7v7AXq8D
expires: Fri, 25 Nov 2022 09:21:21 GMT
cache-control: public, max-age=14400
last-modified: Sun, 21 Aug 2022 22:47:12 GMT
etag: "9f839127e951e6cba423df87e5cf07ec"
x-goog-generation: 1661122032089592
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 9989
x-goog-hash: crc32c=l82UJA==, md5=n4ORJ+lR5sukI9+H5c8H7A==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 3241
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EdQApBdho8k6Bugv9WPvDPqdMl7BsqQM8DzeEFfKxWkcNMU2vfl77Wl1tNaK7TTeUvd%2BeKw6Euv%2FmtgqZqQM9zMkmJ1wi3tKrWbpy8jWLF%2F6aEYAbhCDRKgYzaU0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f94996fa5bdcb7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Size:   9989
Md5:    9f839127e951e6cba423df87e5cf07ec
Sha1:   6ee3bd1afdfe9ec2f1f79114249755c0ab2c4466
Sha256: babd75ed88bcf9a7c7d6a4cb955550fb76c4e0e314138b1f78137a0b013aba71
                                        
                                            GET /upload/yinin10.jpg HTTP/1.1 
Host: 263cdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.235.74
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Fri, 25 Nov 2022 09:16:46 GMT
content-length: 13584
x-guploader-uploadid: ADPycdssBq3cPdFGz-piT05pd4lVZzXcUR7BJQoI0tXsBxEIDEC_5lxykSCflTN4wtUBOH8mYgpt7RZytNwskIrB8Ik6-ckCJ6Gd
x-goog-generation: 1661122031937437
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 13584
x-goog-hash: crc32c=W2VoYQ==, md5=5NYEcgeIFWutumwko64vGA==
x-goog-storage-class: STANDARD
expires: Fri, 25 Nov 2022 09:08:35 GMT
cache-control: public, max-age=14400
last-modified: Sun, 21 Aug 2022 22:47:11 GMT
etag: "e4d604720788156badba6c24a3ae2f18"
cf-cache-status: HIT
age: 3274
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jfR6RdJa4dAcV0XImqTojtM7sCrL1UMQXUa4VWIi57ZmdHheqeR7hUN%2Bh1UGa%2FvUzXGIAfwynnIn%2FBvVvghNBvY5iGEhqyIgD9lIniSrRIVEteIuxHHaleb8V6t6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f94996fa61dcb7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Size:   13584
Md5:    e4d604720788156badba6c24a3ae2f18
Sha1:   e3ac1b8a8683c93590c3c833400bb8426033617f
Sha256: e06c2ce9f625b4fe7242a681f4f304295c919d2d60d1c686308aa8b937d19687
                                        
                                            GET /upload/yinin8.jpg HTTP/1.1 
Host: 263cdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.235.74
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Fri, 25 Nov 2022 09:16:46 GMT
content-length: 9470
x-guploader-uploadid: ADPycduKQTA0L5apGgRSmeE6OZ3_s2kZ9A43pSMx-UuSyE8z6gXaVRHPV9S7IJ45rxbUU3B4IrguBhlSBpPESLyRNSqKlg
x-goog-generation: 1661122030922846
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 9470
x-goog-hash: crc32c=PSDQww==, md5=lDj91YD5TJePaQNRBeE80w==
x-goog-storage-class: STANDARD
expires: Fri, 25 Nov 2022 10:12:28 GMT
cache-control: public, max-age=14400
last-modified: Sun, 21 Aug 2022 22:47:10 GMT
etag: "9438fdd580f94c978f69035105e13cd3"
cf-cache-status: HIT
age: 258
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9YQY48elgGDuOebVfhgWleCOh481BTeqRTT7xxuAHbygQOpcRQX0jzGO%2B6pmuvQHEQcAEvaZ37LVjRar3OmPj9Td9GfJ7ZUmRb67PhUU3c65rm1Z%2FhxttjXpK5iD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f94996fa58dcb7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Size:   9470
Md5:    9438fdd580f94c978f69035105e13cd3
Sha1:   d46d09bf3ca401c1c0d91663a08168f3297afff4
Sha256: e575c73e80a1cf7134b629c99a5727a0f108c739ce21c8f06f11903276b6f0db
                                        
                                            GET /upload/yhyindu3.jpg HTTP/1.1 
Host: 263cdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.74
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Fri, 25 Nov 2022 09:16:46 GMT
content-length: 10484
x-guploader-uploadid: ADPycdsclz7CGzmGOYRnuA6bwtF4qs1ZxTBDlYZX4nOZIoiZfYax8yWRs5PzyuevrE8AZ9h4Jjn38CXTNKkLVxea0lq244qbCyPb
expires: Fri, 25 Nov 2022 10:14:44 GMT
cache-control: public, max-age=14400
last-modified: Sat, 16 Jul 2022 22:59:48 GMT
etag: "390c5e6fc8954a86a99bab6ecbd6f568"
x-goog-generation: 1658012388724948
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 10484
x-goog-hash: crc32c=7xTvOg==, md5=OQxeb8iVSoapm6tuy9b1aA==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 122
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pC4Fuv57meaDZrpN2IfUcBxCv8WjXQ%2FuJwetFSioKsKv%2BAemp30SpuAsB%2BxagMJkI6r16nYNXI9wDnxlugmqCK1RGapR7qWMQKMc74GrLNIba%2ButpuBQlYok5wAa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f94996fa60dcb7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Size:   10484
Md5:    390c5e6fc8954a86a99bab6ecbd6f568
Sha1:   b3fa57b0133216f52d1f20ff3562fe78fb71ee9b
Sha256: 4d798e5fb6086e8ea192e3c7c242dd067fd56b9f2b26fc2a54820db57a07a7c0
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 09:16:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /upload/yinin6.jpg HTTP/1.1 
Host: 263cdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.235.74
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Fri, 25 Nov 2022 09:16:46 GMT
content-length: 7772
x-guploader-uploadid: ADPycdthsxCjtZOrmiRFp-rCCjdYeZoB0eddNnQHSfnpWILqrvUMb9FfsNZnWokAwb0vbItEVQAIUlYU3wS9XpZUMNVWSQ
expires: Fri, 25 Nov 2022 10:08:49 GMT
cache-control: public, max-age=14400
last-modified: Sun, 21 Aug 2022 22:47:09 GMT
etag: "04c35687c4695f37e1a5f4658d356f23"
x-goog-generation: 1661122029689954
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 7772
x-goog-hash: crc32c=en2NPg==, md5=BMNWh8RpXzfhpfRljTVvIw==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 122
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tYliKQI8OzA%2FeusWh2FY5viMl4UI5gmDAjFl06B%2FSgb8WeBHf0krJR3uxBS%2Bxc8X67cGzglwTgT%2F6pXUMtZk8%2Bq3rU2KGRDiKPrpbrrPR0pifz0XliHIh0d%2FIleN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f94996fa68dcb7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Size:   7772
Md5:    04c35687c4695f37e1a5f4658d356f23
Sha1:   ad851fa11794c089e9808d4ef884341ef82e9ccc
Sha256: 32988077ca75419c484ea3f154136fb61dc4983d5efb4178031d05ec210dbe45
                                        
                                            GET /upload/yhyindu5.jpg HTTP/1.1 
Host: 263cdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.235.74
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Fri, 25 Nov 2022 09:16:46 GMT
content-length: 15908
x-guploader-uploadid: ADPycdtW32sGQ0KFEhS6qjzZW3OLp-9oQCQNU-ft9cKhHIb2SIcBJ1tzdjVhCkHyMk0-WqYWgzHJu3A3f9YWW-JREbmOiA
expires: Fri, 25 Nov 2022 09:43:10 GMT
cache-control: public, max-age=14400
last-modified: Sat, 16 Jul 2022 22:59:49 GMT
etag: "f0e55666582522445bbd6489c6bb2734"
x-goog-generation: 1658012389858068
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 15908
x-goog-hash: crc32c=qkrYYA==, md5=8OVWZlglIkRbvWSJxrsnNA==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 2016
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mgjPGWxX634vvXhtZG2vxE45tUA6h2PAsDBI3b5ejdYHJFoNL9eksD8U%2B9sMYVMQoIQ2uV%2BqPEVA2c2jMXRTAd74Y24tH7eSVOpzYHmqsq6i%2BTKEN%2BgrBwMXY%2FkQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f94996fa63dcb7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Size:   15908
Md5:    f0e55666582522445bbd6489c6bb2734
Sha1:   2a4a8caa659c5218aac0e43f57848f47ceeecd13
Sha256: 95db2af0008e286058d56bdb942e95f0345d39254aec4363de0d3699bdc68658
                                        
                                            GET /upload/yhyindu2.jpg HTTP/1.1 
Host: 263cdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.74
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Fri, 25 Nov 2022 09:16:46 GMT
content-length: 12136
x-guploader-uploadid: ADPycdufgem4C7hn2pe1rEbAx7He4C7IsKHW_3z0MHym1AdkMbr-9YSWSleMDllZo3vaXctevmB67syEa5Elv5Fp3rK7cBcFpfNb
expires: Fri, 25 Nov 2022 09:46:14 GMT
cache-control: public, max-age=14400
last-modified: Sat, 16 Jul 2022 22:59:48 GMT
etag: "5b0b1a5debe90a3d277d36f50e6ae672"
x-goog-generation: 1658012388751359
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 12136
x-goog-hash: crc32c=jJQeAg==, md5=WwsaXevpCj0nfTb1Dmrmcg==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 1483
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Awxgc8a2bERqJmJnl1%2Bc%2BZS0rgbRqdx2Ma7dJa2o6B3qVXoLZpdKSgqQ9LoxDKFhZ2ZtRCQeF5ctI73FZWa7vGKvaegRf81php7Ao8i1dwHMbF82Auy6eKgYlpn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f94996fa5ddcb7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Size:   12136
Md5:    5b0b1a5debe90a3d277d36f50e6ae672
Sha1:   c4898b15f3c780d2ce697e446ab37c4528b6e001
Sha256: f275d532ec2a4da265aa8bc2e0d2c3cd336324c88809b41d1e6b4e3864dc08aa
                                        
                                            GET /upload/yinin7.jpg HTTP/1.1 
Host: 263cdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.235.74
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Fri, 25 Nov 2022 09:16:46 GMT
content-length: 9701
x-guploader-uploadid: ADPycdtfVI0dxeeqUpWBp15Q5TGb0S7Q1qT580AtkJFhrJlw3M87mSjBHivnBMEITmV0Rt8BA4lcQIBImQ79OBwPu-LcjA
x-goog-generation: 1661122030852213
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 9701
x-goog-hash: crc32c=N23pRQ==, md5=mL9UcilCj9iduFz36u4/XA==
x-goog-storage-class: STANDARD
expires: Fri, 25 Nov 2022 10:14:44 GMT
cache-control: public, max-age=14400
last-modified: Sun, 21 Aug 2022 22:47:10 GMT
etag: "98bf547229428fd89db85cf7eaee3f5c"
cf-cache-status: HIT
age: 122
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WH4vqUSSTq8VIy2G9aE6nyuLMom05uFkwB%2F6S8bdCiwmtSvThGZAKZhQmIaL%2BocttnQfkMlSO56R7PCosHBjqESYVipGrRRypu%2BytN%2FKQhCSElh%2BkpDq5cqfRKKq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f94996fa67dcb7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Size:   9701
Md5:    98bf547229428fd89db85cf7eaee3f5c
Sha1:   28e8820afa88cb0431816eb9b9df2d6d7c37e6f2
Sha256: 27fc0ee79674e43ea6c89bee0b5f685e6a954dbd9b8279e93cff26e24b6224cb
                                        
                                            GET /JggEy5fa/in-iocl/?_t=1669367804995 HTTP/1.1 
Host: infcjal.cn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://simulatejurisdiction.cn/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         172.67.198.191
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Fri, 25 Nov 2022 09:16:45 GMT
vary: Accept-Encoding
set-cookie: in-iocl-tthh1=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.infcjal.cn in-iocl-tthh2=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.infcjal.cn
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CqD1%2BpM%2B5xB8ObLt%2Fv2VR1%2BXOxD8kgVb9kle8RG6il9%2FJinB%2B5biFL9GGPqIshrHBFHi3P0suUYqDu0bmBO8TKvRx2pABGU0BNPII6dpFZF0DsUxq5DpfY%2Fukqi0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f949913ca80b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Size:   27189
Md5:    e00711fb30eb12482fce7797bdc136e7
Sha1:   7962f1e35f1c564cefdc12a02315f6c2d2825dfb
Sha256: 6046611ce762d0b9977266f1bfd4f1f4ad850ec74efc0afc750486b6dbfaf1d1

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /upload/yinin9.jpg HTTP/1.1 
Host: 263cdn.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.235.74
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Fri, 25 Nov 2022 09:16:46 GMT
content-length: 11423
x-guploader-uploadid: ADPycdu1BPKDcUnV5wI39RzOQiGQWjlcR4EveEAOlFsCLksqib6cd0iQl1n30ag__HfvMW0_9gJJZl_uNBiYWgjH5iPTlq44snP1
x-goog-generation: 1661122030898080
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 11423
x-goog-hash: crc32c=2FXwkQ==, md5=2JwqpnYl+OlqJq1YseMFzg==
x-goog-storage-class: STANDARD
expires: Fri, 25 Nov 2022 10:13:35 GMT
cache-control: public, max-age=14400
last-modified: Sun, 21 Aug 2022 22:47:10 GMT
etag: "d89c2aa67625f8e96a26ad58b1e305ce"
cf-cache-status: HIT
age: 191
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1U%2BampON5jqfvSSJxSsO2WAuXDOMR%2B45xUCyfhbRso7KtkQj1yvJyCCa6tWkFxfvxMKjG44Q1q343IqSpDufAskbqpOSQBxEDwc9H3WEjM0ORt6hk88vepv1ciHW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f949970a8bdcb7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Size:   11423
Md5:    d89c2aa67625f8e96a26ad58b1e305ce
Sha1:   b0528b506c7cdb2e419d2a6da73cefdb72c2ed2c
Sha256: 6a07c5e915cbecd3802cb30dab35e08c084a11736b7bc7b54084b4a6bcae828b
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "25F1FD69F774FB8DA4D6812797F82246AC5433572C01A7C8538C651B1E1A4A2C"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13056
Expires: Fri, 25 Nov 2022 12:54:22 GMT
Date: Fri, 25 Nov 2022 09:16:46 GMT
Connection: keep-alive

                                        
                                            GET /js/responsive.js HTTP/1.1 
Host: bonepa.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.66.201.42
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 25 Nov 2022 09:16:46 GMT
last-modified: Wed, 02 Nov 2022 13:52:39 GMT
etag: W/"63627627-e32"
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   2628
Md5:    17e6e5b8a83eac901756b95ec1ed24b4
Sha1:   10f4ea3f7d74a14c8a0529bf28767710ca1f4a6b
Sha256: 5963379743bb6ae36ef39a439bbcb3a0da9e25a241dae11eb9a48f1e6515342f

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /upload/ioclin..png HTTP/1.1 
Host: cdnbun.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.14.142
HTTP/2 404 Not Found
content-type: application/xml; charset=UTF-8
                                        
date: Fri, 25 Nov 2022 09:16:46 GMT
x-guploader-uploadid: ADPycdtdoWFx5YbKnsZnFGiPsIyHm6BXnXamBOwgtyRcAqRG9Vr0XmWncJWnLKOptKFTq_P7b6plrxu7krw4Sxy1U4nuVvMBJ7c3
expires: Fri, 25 Nov 2022 09:16:46 GMT
cache-control: private, max-age=0
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iuUfv6aiICOjD6veCBW0nKhFazuw6X5Wk52Yq3FG7m837vM%2BZjlXTd0CDehPcWdF0DbEm3OqDTEBvcXC8pCEeuIgsDNq6klbZIMgX%2BrxEMqy3R%2F4SsEjiUN84yV8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f949962d490afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  XML 1.0 document text\012- XML document, ASCII text, with no line terminators
Size:   9834
Md5:    5267474d115e25c7e574b119d54f5c5f
Sha1:   140af995c77490a182dcbee04d89048d55b7fc06
Sha256: 722d92dee156011d363e7b50d1ad681d5650120fc61d4e8fe8806d6bffd04b11
                                        
                                            POST /g/collect?v=2&tid=G-V39F24Y6MR&gtm=2oeb90&_p=521801082&cid=785361375.1669367806&ul=en-us&sr=1280x1024&_s=1&sid=1669367806&sct=1&seg=0&dl=https%3A%2F%2Finfcjal.cn%2FJggEy5fa%2Fin-iocl%2F%3F_t%3D1669367804995&dr=http%3A%2F%2Fsimulatejurisdiction.cn%2F&dt=%F0%9F%8E%89%E2%9B%BD%F0%9F%92%B5%EF%B8%8F%EF%B8%8FIndian%20Oil%2065th%20Anniversary%20Fuel%20Subsidy!%F0%9F%8E%81%F0%9F%8E%8A&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1 
Host: region1.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://infcjal.cn
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

                                         
                                         216.239.34.36
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: https://infcjal.cn
date: Fri, 25 Nov 2022 09:16:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2557
Expires: Fri, 25 Nov 2022 09:59:24 GMT
Date: Fri, 25 Nov 2022 09:16:47 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2557
Expires: Fri, 25 Nov 2022 09:59:24 GMT
Date: Fri, 25 Nov 2022 09:16:47 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2557
Expires: Fri, 25 Nov 2022 09:59:24 GMT
Date: Fri, 25 Nov 2022 09:16:47 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2557
Expires: Fri, 25 Nov 2022 09:59:24 GMT
Date: Fri, 25 Nov 2022 09:16:47 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2557
Expires: Fri, 25 Nov 2022 09:59:24 GMT
Date: Fri, 25 Nov 2022 09:16:47 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31c66612-f3a0-4e62-8b93-c9f774ffc236.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6130
x-amzn-requestid: 0ab34b27-2c6b-4a37-87ad-6fa56a265453
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8wF7KIAMFjlw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-4a3d24f93ceb37d37a5ce1ee;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SHmcFNiZ97RU02VeLiHLjFynYiSuaQP8T_XKG2UaAigWXG5sYhdVLQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:35:01 GMT
etag: "0214fc0deecb1115766802f42cfd256e3c479490"
age: 42106
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6130
Md5:    ba7b9c131ab7e5998f25b069ba3860a0
Sha1:   0214fc0deecb1115766802f42cfd256e3c479490
Sha256: 717aa23c687ccebc1b5ebbfd88d0e4fe181fef038d308231842b2b1969f3976b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4dfd2143-7cf2-4a28-b8bf-bc3121d6a4d8.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10950
x-amzn-requestid: 9bb73841-83d9-48b2-8c79-f00a57612b4a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFNstFeZoAMFopQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637ec31d-4e6aafd367c7740c77df133b;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 01:04:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5e4ptr__XHPd9Qsf8lEDqiZGKptuB9en72UAucNWxlGG_mEbhpFgdA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 07:43:51 GMT
age: 5576
etag: "18800e21d05596f7b64213072dee7dda5c1faf61"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10950
Md5:    4abf25d4a15ce58edadd54994b3434a2
Sha1:   18800e21d05596f7b64213072dee7dda5c1faf61
Sha256: 633138e70f43e2be9cc447967044c4070bfc4d9285e5228361bebe255dc286e2
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F981a8e9a-f018-45b6-af7e-199dc4c02c27.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8917
x-amzn-requestid: 10f3b269-9437-476d-ae4f-a0ac3fb78491
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8wEIwoAMF8uA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-4cfeecf4553b26381ed11875;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 6ibPrCdDNQqWzxiVYDsl87yUfTP8sUmu22GbhBdDHJruil0qxbw7Fw==
via: 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:35:00 GMT
etag: "2eba66ff6539388c48562503e8d11ff0e060350a"
age: 42107
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8917
Md5:    5863138af1ddbba34a7856242a7b3a06
Sha1:   2eba66ff6539388c48562503e8d11ff0e060350a
Sha256: d1543e1b803a07095148b743925eebbbf21f566a2df9b785a1a9d48c5604496c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3955
x-amzn-requestid: 42c8d309-a8d2-47cc-8d97-c7fa3a63f8cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCM9NGJHoAMF4sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8eba-2a06cda9346bd02c46955444;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5MlzpHpq7auKLSAYikINuPAylXI11VJL3xxIJ9Dyub-7rjQaPfg0WQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 02:07:28 GMT
age: 25759
etag: "74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3955
Md5:    4006a9037ab5f28dca62b0aa7a704c41
Sha1:   74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b
Sha256: 556ae6516a1f272a96569a3637858292731a34e82672b682f6e7442ca68f4b1d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96a33fb5-b971-4386-a670-7dcbbf52b051.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 2351
x-amzn-requestid: 141bbf99-5d78-4b9c-a537-491718aee68a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b43YGE_SoAMFlbw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6379d29a-00017cd344caea2b6408aeb3;Sampled=0
x-amzn-remapped-date: Sun, 20 Nov 2022 07:09:14 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 1-8WM-7tNqakPDW9-K0GVbOKdotndEXj2QeJzw3cJol-g9TT5IVyOQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 28fdf6e146f70e7372911f118404fb20.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 16:45:53 GMT
age: 59454
etag: "41ef94d198bbf98185eb332a3b6934c3c26c3afc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   2351
Md5:    66d06d3cac1784e4ce6c8c89c300f10a
Sha1:   41ef94d198bbf98185eb332a3b6934c3c26c3afc
Sha256: 55312d1b43447e4f77d8e9e52451bb63a9868ba8122c9e16e0a20479d34367e3
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8089
x-amzn-requestid: f4b5f150-a5dc-40bf-93b9-394c294a51cb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEmkRFSnIAMF5vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e8481-74454bee1a1ec6d506f3d75b;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 20:37:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ZVv8iTGCYV-IiBJ6KwNSG1ZWSEwClaQopUejSqZq0S1wd782lRoyKA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 22:59:49 GMT
age: 37018
etag: "318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8089
Md5:    c8f6118fc03f31862ff68fef8a2b9a7f
Sha1:   318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73
Sha256: cdd4d44f05cc524d7f2b1d6d792ecd8a9a933e52ecb7685a7d7ea786a510ef39
                                        
                                            GET /hm.js?ba99808308e7272d58c43367a11d1204 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11267
Date: Fri, 25 Nov 2022 09:16:47 GMT
Etag: 86efed04bcc7720e306d6bfd9f8dc6dd
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=03EFBDB5F59CBF80; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (629)
Size:   11267
Md5:    0b0c091dccbde4bd536f3f05ed307e6b
Sha1:   b6033ecd8db36b8163823caa35d61bb47c09277d
Sha256: 4b576406899c079ae6fc9d8cdbbbd6014d5d75ebc95efd36ed4ba1c7230998ca
                                        
                                            GET /hm.js?9d07124c85740cb1f9e93799960960fe HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11300
Date: Fri, 25 Nov 2022 09:16:47 GMT
Etag: caf207d596f9d70febe4619a6321b2f6
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=C1067B64D3F313B0; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (662)
Size:   11300
Md5:    070eec296568fdc67b4563220344dd68
Sha1:   6a097edd0b661a46c4b6e3dbbf831722283d93f8
Sha256: 7a06e714cd64af94ab801d2bac486df560d494507a4d61a24d532cd5fb1f149c
                                        
                                            GET /hm.js?bbb3e86814c9ceef66d180a6c15fa17d HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11303
Date: Fri, 25 Nov 2022 09:16:47 GMT
Etag: 551e90261afe6f4dd2b002dc52dcd54a
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=470FD6EEEBDA05E5; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (665)
Size:   11303
Md5:    976df6c0fcd70dc56a647b2646c348f7
Sha1:   c0437e174655730939fdbda93897eb5ecc0e5125
Sha256: 8ca09c3b2bc4859579c1192c01fbdae252ba841558209b17f042d31f2b098f5c
                                        
                                            GET /hm.js?8b68846a3ac1709b0ec7199084ee5ea8 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11258
Date: Fri, 25 Nov 2022 09:16:47 GMT
Etag: 661e539aa3263e2625cda62f9bbef58e
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=0919F2BE0B32EC07; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (620)
Size:   11258
Md5:    bb836c95ca7439a392cf199e0d8c291a
Sha1:   d84abdf3ed20ac51e8308f3a3c7fb388d25ef166
Sha256: 71ec18647b0a2386ad6dda53ab98c9354ab1fa6059984527fb0245a67cb5e0db
                                        
                                            GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1076128264&si=ba99808308e7272d58c43367a11d1204&su=http%3A%2F%2Fsimulatejurisdiction.cn%2F&v=1.3.0&lv=1&sn=60288&r=0&ww=1280&u=https%3A%2F%2Finfcjal.cn%2FJggEy5fa%2Fin-iocl%2F%3F_t%3D1669367804995%231669367806351&tt=%F0%9F%8E%89%E2%9B%BD%F0%9F%92%B5%EF%B8%8F%EF%B8%8FIndian%20Oil%2065th%20Anniversary%20Fuel%20Subsidy!%F0%9F%8E%81%F0%9F%8E%8A HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Fri, 25 Nov 2022 09:16:48 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=166D0494E5CBEAE9; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=645422670&si=9d07124c85740cb1f9e93799960960fe&su=http%3A%2F%2Fsimulatejurisdiction.cn%2F&v=1.3.0&lv=1&sn=60288&r=0&ww=1280&u=https%3A%2F%2Finfcjal.cn%2FJggEy5fa%2Fin-iocl%2F%3F_t%3D1669367804995%231669367806351&tt=%F0%9F%8E%89%E2%9B%BD%F0%9F%92%B5%EF%B8%8F%EF%B8%8FIndian%20Oil%2065th%20Anniversary%20Fuel%20Subsidy!%F0%9F%8E%81%F0%9F%8E%8A HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Fri, 25 Nov 2022 09:16:48 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=7FE87882B61E1B61; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1403457449&si=bbb3e86814c9ceef66d180a6c15fa17d&su=http%3A%2F%2Fsimulatejurisdiction.cn%2F&v=1.3.0&lv=1&sn=60288&r=0&ww=1280&u=https%3A%2F%2Finfcjal.cn%2FJggEy5fa%2Fin-iocl%2F%3F_t%3D1669367804995%231669367806351&tt=%F0%9F%8E%89%E2%9B%BD%F0%9F%92%B5%EF%B8%8F%EF%B8%8FIndian%20Oil%2065th%20Anniversary%20Fuel%20Subsidy!%F0%9F%8E%81%F0%9F%8E%8A HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Fri, 25 Nov 2022 09:16:48 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=7D69867B0277650C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=733820427&si=8b68846a3ac1709b0ec7199084ee5ea8&su=http%3A%2F%2Fsimulatejurisdiction.cn%2F&v=1.3.0&lv=1&sn=60288&r=0&ww=1280&u=https%3A%2F%2Finfcjal.cn%2FJggEy5fa%2Fin-iocl%2F%3F_t%3D1669367804995%231669367806351&tt=%F0%9F%8E%89%E2%9B%BD%F0%9F%92%B5%EF%B8%8F%EF%B8%8FIndian%20Oil%2065th%20Anniversary%20Fuel%20Subsidy!%F0%9F%8E%81%F0%9F%8E%8A HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Fri, 25 Nov 2022 09:16:48 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=CB5CD81DBEE5B172; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /4fe48aebd6/4f59451604/?placementName=Flow&is_first=true&randomA=0_8271&maxw=0 HTTP/1.1 
Host: bonepa.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.66.201.42
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Fri, 25 Nov 2022 09:16:48 GMT
set-cookie: shown1=0; expires=Sat, 26-Nov-2022 09:16:48 GMT; Max-Age=86400; secure; SameSite=None used_ad2633278=1; expires=Sat, 26-Nov-2022 04:59:59 GMT; Max-Age=70991; path=/; secure; SameSite=None total_impressions=1; expires=Sat, 26-Nov-2022 04:59:59 GMT; Max-Age=70991; secure; SameSite=None
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /npm/popper.js@1.16.1/dist/umd/popper.min.js HTTP/1.1 
Host: cdn.jsdelivr.cc
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.0.245
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Fri, 25 Nov 2022 09:16:46 GMT
x-guploader-uploadid: ADPycdt8iAiFUD-J6NleyhXb8_vV8-wAPh_5tba_l2ugugXdkSJbrWiN1EsoSHZyahG4iSEJB_zV100HdRQRWXjd72Q
expires: Fri, 25 Nov 2022 08:09:39 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:44:44 GMT
etag: W/"31c898c6d2ea13c30441657ff1900d81"
x-goog-generation: 1647503084523089
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 21236
x-goog-hash: crc32c=7cW0Gg==, md5=MciYxtLqE8MEQWV/8ZANgQ==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 2612
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=40rMIQgGqB7tAclgC4vRzB47mCHmZYflpM5Yhro5l2Hwyoxcmm7tV1pai7gx5TcZGENN6JZu0SMiF3JRXKSyO5yYE%2BfIaMnvaCOcA709MLUE6uBOtzkgFe5LuoOAVcAFRdw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f94994099fb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /npm/bootstrap@4.6.0/dist/css/bootstrap.min.css HTTP/1.1 
Host: cdn.jsdelivr.cc
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.0.245
HTTP/2 200 OK
content-type: text/css
                                        
date: Fri, 25 Nov 2022 09:16:46 GMT
x-guploader-uploadid: ADPycduCHwg6n53VPzNb_-57qJzhoPJbEBdMgpsWgTX19t4NIh3Tdte6MCXenDGQTAuiJrpSRG3G9WDZErClLNvZVXhXccOSWw
expires: Fri, 25 Nov 2022 07:48:12 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:38:12 GMT
etag: W/"feba0d0760607b9e21393156949afcd9"
x-goog-generation: 1647502692716912
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 161415
x-goog-hash: crc32c=Sb/HMQ==, md5=/roNB2Bge54hOTFWlJr82Q==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 3061
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NtoByPhAMlSMFxlG263nTWk7kc8h2HfzOP2qnSbqbsNc3UJhaP2axSUAZqLp6kyZVY%2FVSjKQ4sd4IaUvvOsIRk818rIjsBb81B26GRN6ZOTIxe8dNDIWFW4atrlm2n5Rtxc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f9499409aab524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /bnr_xload.php?section=General&pub=593174&format=300x50&ga=g&xt=166936780646183&xtt=9080502 HTTP/1.1 
Host: uprimp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.66.200.220
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Fri, 25 Nov 2022 09:16:46 GMT
expires: Fri, 25 Nov 2022 09:16:46 GMT
last-modified: Fri, 25 Nov 2022 09:16:46 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
X-Firefox-Spdy: h2


--- Additional Info ---