w.2wj4fe.cyou/talaatmoustafawh/tb.php?ff=ym1675098078182
200 OK 565 B URL HTTP/1.1 w.2wj4fe.cyou/talaatmoustafawh/tb.php?ff=ym1675098078182
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (553), with CRLF line terminators
Hash 671281efdb246f7708f890db5ad4bb09
5f4f748e5c0c42558a8259c3fe42227036e7cca7
37bb772848e8b45fd4e14f91f6a2629aca309be8cb395a181f287b408cb03d0d
Analyzer Verdict Alert fortinet Phishing
GET /talaatmoustafawh/tb.php?ff=ym1675098078182 HTTP/1.1
Host: w.2wj4fe.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 17:03:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ytqj8osj0THK9Fow2tBB8FuGc22M15irQm3vPYyRjpW%2B3rsc8KXbpssSm6ndlKj5CWsDjcqTh1Syp0Hqx5H%2BA%2F6C4CFfQosThWmoG4k4p3QvqXeG%2FCjFyjilxqL7GBtQ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 791bc82f5e4bb509-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4667
Expires: Mon, 30 Jan 2023 18:21:24 GMT
Date: Mon, 30 Jan 2023 17:03:37 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5eb7c9bc996a0ff420e58af45526f053
8c2614832b8efe1c9da0bbd465d6f3f172d95a9e
c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4076
Expires: Mon, 30 Jan 2023 18:11:33 GMT
Date: Mon, 30 Jan 2023 17:03:37 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 30 Jan 2023 16:43:12 GMT
content-type: application/json
age: 1225
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6486
Expires: Mon, 30 Jan 2023 18:51:43 GMT
Date: Mon, 30 Jan 2023 17:03:37 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: GELRlQTYdn51eadTrFnaUMJPEktlPri4FnoIoxT0m+lG4fjw2dN0y6iS+KdKaHPRLz9jx97DH8g=
x-amz-request-id: GXKCAHVFN40HS0A9
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 30 Jan 2023 16:21:52 GMT
age: 2505
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 17:03:37 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
w.2wj4fe.cyou/favicon.ico
200 OK 455 B URL HTTP/1.1 w.2wj4fe.cyou/favicon.ico
IP
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 3c5d244b8b6b192c76a2c4331450c235
7e53f5ad871fcd67705eaf77f1ca9ff247143e1e
e0f26b6349453a86cd1f0f87cfd80559ef7edb6d88ff0af9ced7d7e413c548e3
GET /favicon.ico HTTP/1.1
Host: w.2wj4fe.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://w.2wj4fe.cyou/talaatmoustafawh/tb.php?ff=ym1675098078182
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 17:03:37 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 27 Dec 2016 03:54:11 GMT
ETag: W/"5861e5e3-1b0"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 314
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dtGvI8YNNC9M7sZYwf%2FPysevOs9hZ7EEWrYLFiJsa%2F0NyueRVaBxIiWv84oJyv6U5F7vQd69zA1Out%2Bcdnnub3Hxk3SPz%2FvlTQO53r7ulUj3yrAV8S0Cc9zElOQl0Orj"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791bc831e9c4b509-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
w.2wj4fe.cyou/j/og2.js?_t=1675098230233
200 OK 942 B URL HTTP/1.1 w.2wj4fe.cyou/j/og2.js?_t=1675098230233
IP
File type ASCII text, with CRLF line terminators
Hash bad1af26351d2e87c035596233940ab0
9ac0e34dcbfd29ca3070c506c200777a8016b161
bc734ed6fc97cbcbaa0ed5236ce8aa46754596a9a79eef96684242d231d0644e
Analyzer Verdict Alert fortinet Phishing
GET /j/og2.js?_t=1675098230233 HTTP/1.1
Host: w.2wj4fe.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://w.2wj4fe.cyou/talaatmoustafawh/tb.php?ff=ym1675098078182
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 17:03:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 20 Oct 2022 16:09:56 GMT
Vary: Accept-Encoding
ETag: W/"635172d4-850"
Expires: Tue, 31 Jan 2023 05:03:37 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8FXpIIaYZgGlbOzpYEAdfgAJrIcqnzna61HONx2UqdXFdn5R3TcrwDYsi5mOGfxNv%2F42gZJy9SgG%2BTsiZyt1U%2BqxV3GfggdNXQiRPJzS%2B6dktxLhkaVS%2B2ZddQ1XF%2Bsk"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 791bc8327ac1b509-OSL
alt-svc: h2=":443"; ma=60
w.2wj4fe.cyou/j/og2.php?_t=1675098230344
200 OK 105 B URL HTTP/1.1 w.2wj4fe.cyou/j/og2.php?_t=1675098230344
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 3bab6ec7ac3189c11643fa069113c139
430f1a79c7666c0f86f061a6638fe6d751cfaa9e
bc5c6a8f165684652e0e8d716ca33b758a7907c3c2204ca368555d74bf9ea41b
POST /j/og2.php?_t=1675098230344 HTTP/1.1
Host: w.2wj4fe.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-type: application/x-www-form-urlencoded
Content-Length: 56
Origin: http://w.2wj4fe.cyou
Connection: keep-alive
Referer: http://w.2wj4fe.cyou/talaatmoustafawh/tb.php?ff=ym1675098078182
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 17:03:37 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oUd2Y2NtS45Gwlh1EJZYtTDPqcYpuczkSyLPcyxxut2QAyUbu9%2FcD9e6RUwAWOysf5lfGJ%2ByKy9%2F7xRmBslCGEL%2FwgsK6TGEFudonqp5Xw7s9slWm414vUwkxx0KpavO"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 791bc8332bb7b509-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash c1cd094d3473f9f857cac9b92c6ba289
3344f1ad7db9e211ca3947249215a131eafe8d75
062aea35e3de4c5f4d5e2bad65aaac96ca1e7838e81e5dbad82b12c02a9be958
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "062AEA35E3DE4C5F4D5E2BAD65AAAC96CA1E7838E81E5DBAD82B12C02A9BE958"
Last-Modified: Sat, 28 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10940
Expires: Mon, 30 Jan 2023 20:05:57 GMT
Date: Mon, 30 Jan 2023 17:03:37 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash c1cd094d3473f9f857cac9b92c6ba289
3344f1ad7db9e211ca3947249215a131eafe8d75
062aea35e3de4c5f4d5e2bad65aaac96ca1e7838e81e5dbad82b12c02a9be958
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "062AEA35E3DE4C5F4D5E2BAD65AAAC96CA1E7838E81E5DBAD82B12C02A9BE958"
Last-Modified: Sat, 28 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10940
Expires: Mon, 30 Jan 2023 20:05:57 GMT
Date: Mon, 30 Jan 2023 17:03:37 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 30 Jan 2023 16:49:04 GMT
age: 873
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2475
Expires: Mon, 30 Jan 2023 17:44:52 GMT
Date: Mon, 30 Jan 2023 17:03:37 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 280 B IP
Hash 98a7f980a8d95df1ae26524eceab3fe9
95b25d26a9e8ad740c49495ea16cfb8cba2192f3
7d2a740bdfba0834d0144eea48e2b66bf1fc552e21a7ee84caff33bd4ea3c728
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5300
Cache-Control: max-age=93326
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:03:37 GMT
Etag: "63d6ad44-118"
Expires: Tue, 31 Jan 2023 18:59:03 GMT
Last-Modified: Sun, 29 Jan 2023 17:30:44 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ba2ca6af7b23ce2e11aa4f9d86e66269
212aef55d64b6add292dcf6241b16e7c93d1bae2
f163a94d190f5aeeb05b2e344bc8e1544d9701772b08585e9c92b529c8652b3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:03:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1c4a4bd19dc4151309a9231b14009f52
8b6a996323901484805618d0abebd28b5c07f24f
4d9c32e31016c61e9cad45fe516b4a14bde3d6576573bfb125e249efc7262e9b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D9C32E31016C61E9CAD45FE516B4A14BDE3D6576573BFB125E249EFC7262E9B"
Last-Modified: Sat, 28 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9395
Expires: Mon, 30 Jan 2023 19:40:13 GMT
Date: Mon, 30 Jan 2023 17:03:38 GMT
Connection: keep-alive
www.googletagmanager.com/gtag/js?id=G-LW7434MYMN
200 OK 78 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-LW7434MYMN
IP
Hash e964eb6e4c8f0197c08ff0d8362243cd
6b2fd08ed608f6a5d5f762b8a5cb93ed8240e4c8
4991ebec1431c37f4acb2213667975d3944434f28fe9f38d365cd6ee75bf0b3b
GET /gtag/js?id=G-LW7434MYMN HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:03:38 GMT
expires: Mon, 30 Jan 2023 17:03:38 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77225
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash d81f874741beb45c89de8bb5c6de438e
a251ab903e654953631d84721479bbae55aa5cdf
ec28dafa2a54818028d4dfe99218d9e4b507f3bd7efaabfba630d85f24d4d75d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:03:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 316ee2d146b2f63cdd0d215a3a42ad03
55a32bd94554387b8c843d195d57c812c677e500
2624c12a292bdebecbe2df173c84204748622e76f5e44739d811e9ba21b997bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2624C12A292BDEBECBE2DF173C84204748622E76F5E44739D811E9BA21B997BC"
Last-Modified: Sat, 28 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5370
Expires: Mon, 30 Jan 2023 18:33:08 GMT
Date: Mon, 30 Jan 2023 17:03:38 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 0bd549cb1a96522b079dad4e400f62a6
82e532a9d6fce2545f55e37ddb7b2d4d4eaafbce
bb30b0c9f02724101802aaa60601733b517241926ad6ab524e7d63911e83010f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "BB30B0C9F02724101802AAA60601733B517241926AD6AB524E7D63911E83010F"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1753
Expires: Mon, 30 Jan 2023 17:32:51 GMT
Date: Mon, 30 Jan 2023 17:03:38 GMT
Connection: keep-alive
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: V0NksRCDRV/vTHuEJHsjLA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 8p55XrFzpx5gS/R2/hZnGx8v3ko=
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 70d6774d320ab72ec40a4def22b52661
c432f1445ef41088dad9b249a52c6e31d81cff34
3e84c5a3a40ab5677e61ebf1a0c31b2efa3d155eef5876afce832ccd84fb1780
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "3E84C5A3A40AB5677E61EBF1A0C31B2EFA3D155EEF5876AFCE832CCD84FB1780"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15391
Expires: Mon, 30 Jan 2023 21:20:09 GMT
Date: Mon, 30 Jan 2023 17:03:38 GMT
Connection: keep-alive
www.googletagmanager.com/gtag/js?id=G-0C230YDF7G
200 OK 77 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-0C230YDF7G
IP
File type ASCII text, with very long lines (19467)
Hash 2b49f7085f56ec6d4bb0bf90295dc4d6
6713b0ebafd7a160725aa1b6741a35b505337354
0c322f5827c6fdc9a2f2a21979dc9317369df7c44d0e470ddcae3709c3ab4dcb
GET /gtag/js?id=G-0C230YDF7G HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:03:38 GMT
expires: Mon, 30 Jan 2023 17:03:38 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77226
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdnbun.com/upload/talaatmoustafaxh.box1.png
200 OK 40 kB URL HTTP/2 cdnbun.com/upload/talaatmoustafaxh.box1.png
IP
File type PNG image data, 350 x 251, 8-bit/color RGBA, non-interlaced\012- data
Hash 3a3cb9d059025a3be465399d7efecf2a
288a5f6fa94b3c91e3baee42500c72e31d2d3f8e
c91b964890348e24484a260dccb2cf25ce2a421f281660126363ad0858a4589e
GET /upload/talaatmoustafaxh.box1.png HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: 0
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:03:38 GMT
content-type: image/png
content-length: 40239
x-guploader-uploadid: ADPycdspamub7oF7CYe3i3QaeF8iMG-yI4x-MKX3J0O_5cdjsGtmYFQKRZALnO4dh6yBltEyvU9oK2cdRP8nD3ZgDJ8Gtw
expires: Mon, 30 Jan 2023 17:41:01 GMT
cache-control: public, max-age=14400
last-modified: Sun, 15 Jan 2023 01:11:58 GMT
etag: "3a3cb9d059025a3be465399d7efecf2a"
x-goog-generation: 1673745118260368
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 40239
x-goog-hash: crc32c=6wTnUg==, md5=Ojy50FkCWjvkZTmdfv7PKg==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 1346
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fga8K0ctrOsA6HWgHffvEWEH1hMvEgbUURWdih6psUWVB27QNK82XlgNGZrfd%2FH%2BiMvEUitFH%2B7ESX%2BIegPNXvzaLMyXK6Ir1Pntl0AdyLQ8RD%2F6vvQ4xKVaR7PQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bc8383f8c8877-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 07dcea82ca0677d77347c58bcd943425
b0882a71b171ddf5c333f71151db2dd4a80e4c39
b6005a8ac35ada7bfc816a964f9af962c0835b041e63466b0a18a42696786b57
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:03:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 70d6774d320ab72ec40a4def22b52661
c432f1445ef41088dad9b249a52c6e31d81cff34
3e84c5a3a40ab5677e61ebf1a0c31b2efa3d155eef5876afce832ccd84fb1780
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "3E84C5A3A40AB5677E61EBF1A0C31B2EFA3D155EEF5876AFCE832CCD84FB1780"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15391
Expires: Mon, 30 Jan 2023 21:20:09 GMT
Date: Mon, 30 Jan 2023 17:03:38 GMT
Connection: keep-alive
cdnbun.com/upload/zz.png
200 OK 1.0 kB IP
File type PNG image data, 88 x 88, 8-bit/color RGBA, non-interlaced\012- data
Hash 8bdb6c469768e9d9f777c34de9be5aef
a1ba6a7bc0795224c3b67e75e0a6f7fb76100429
0bc2cd189e1c51ddbc3d02b93e62b8a25941937f08646190f319b5c2c1ebc050
GET /upload/zz.png HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: 0
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:03:38 GMT
content-type: image/png
content-length: 1046
x-guploader-uploadid: ADPycdtoo35mwOT7oUlD_zlRXqUfljcN8Ob85_urcn2Bt730aNQ6uUuRcKohz8d8oRf7AcbpbqqXYrXp76jBCSuRI9dkCCKdznY-
expires: Mon, 30 Jan 2023 16:16:44 GMT
cache-control: public, max-age=14400
last-modified: Tue, 29 Nov 2022 10:20:34 GMT
etag: "8bdb6c469768e9d9f777c34de9be5aef"
x-goog-generation: 1669717234576530
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1046
x-goog-hash: crc32c=i8MWbQ==, md5=i9tsRpdo6dn3d8NN6b5a7w==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 3018
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BM1GFiOMB7ZhXyqHiLK9QJwg29tfkGKQ5BrTk5QakwGrkfoh1jxizcU82uU3b9vTmDoeoQCYSY%2Bee8qQKRClcqYj8t6xLYp8nsam6I%2FxO%2BkAyfonCapqb3k466KQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bc8386fd08877-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash 85ba32d40423f063f2de6d43daa58a91
69766ae7408fa215ec8d2e5c52bdd520e525bdc1
cf8b546f1431c16b1c8b9613fc060488cefa4ad1e136487451a116dc5745fa56
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "CF8B546F1431C16B1C8B9613FC060488CEFA4AD1E136487451A116DC5745FA56"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14380
Expires: Mon, 30 Jan 2023 21:03:18 GMT
Date: Mon, 30 Jan 2023 17:03:38 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 70d6774d320ab72ec40a4def22b52661
c432f1445ef41088dad9b249a52c6e31d81cff34
3e84c5a3a40ab5677e61ebf1a0c31b2efa3d155eef5876afce832ccd84fb1780
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "3E84C5A3A40AB5677E61EBF1A0C31B2EFA3D155EEF5876AFCE832CCD84FB1780"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15391
Expires: Mon, 30 Jan 2023 21:20:09 GMT
Date: Mon, 30 Jan 2023 17:03:38 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash 85ba32d40423f063f2de6d43daa58a91
69766ae7408fa215ec8d2e5c52bdd520e525bdc1
cf8b546f1431c16b1c8b9613fc060488cefa4ad1e136487451a116dc5745fa56
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "CF8B546F1431C16B1C8B9613FC060488CEFA4AD1E136487451A116DC5745FA56"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14380
Expires: Mon, 30 Jan 2023 21:03:18 GMT
Date: Mon, 30 Jan 2023 17:03:38 GMT
Connection: keep-alive
1.bp.blogspot.com/-6OjTtrMq588/YKsjbL-wmoI/AAAAAAAABhs/UuUHtZD40v4QF-PMdm29IuYEYXf1-gCCwCLcBGAsYHQ/s16000/Norway_outbox.png
200 OK 181 kB URL HTTP/2 1.bp.blogspot.com/-6OjTtrMq588/YKsjbL-wmoI/AAAAAAAABhs/UuUHtZD40v4QF-PMdm29IuYEYXf1-gCCwCLcBGAsYHQ/s16000/Norway_outbox.png
IP
File type PNG image data, 497 x 308, 8-bit/color RGBA, non-interlaced\012- data
Size 181 kB (180954 bytes)
Hash fd835c1f326d3e7da0d9839550f66723
5004618bc15011d7d0f569f60f900d076b164b3d
b2286c3ed452ee4eeb15d2044a90cfc456d4789b2fdbe42bb9e023c9da18e4a8
GET /-6OjTtrMq588/YKsjbL-wmoI/AAAAAAAABhs/UuUHtZD40v4QF-PMdm29IuYEYXf1-gCCwCLcBGAsYHQ/s16000/Norway_outbox.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Norway_outbox.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 180954
x-xss-protection: 0
date: Mon, 30 Jan 2023 15:04:34 GMT
expires: Fri, 27 Jan 2023 22:59:37 GMT
cache-control: public, max-age=86400, no-transform
age: 7144
etag: "v632"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdnbun.com/upload/talaatmoustafaxh.zhu.jpg
200 OK 63 kB URL HTTP/2 cdnbun.com/upload/talaatmoustafaxh.zhu.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 512x288, components 3\012- data
Hash 3287ca6f319cea9a9df33d163dfd9427
8df1bf138d78b93098336c717130593d9976dc08
7c1fdeae457871fb64c7fb908ba0babf83f35fabe9e2e83831e4179d34d55d45
GET /upload/talaatmoustafaxh.zhu.jpg HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: 0
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:03:38 GMT
content-type: image/jpeg
content-length: 63109
x-guploader-uploadid: ADPycdtNRVMPHJvwU4JD6TLM2XxhMKA8goMnwJQOTpA5bA_OT8LmnacWzTbQqel7l_gCZeUfbxKfiu2VFe5bIgvI-KjksauO11UX
expires: Mon, 30 Jan 2023 17:41:01 GMT
cache-control: public, max-age=14400
last-modified: Sun, 15 Jan 2023 01:11:58 GMT
etag: "3287ca6f319cea9a9df33d163dfd9427"
x-goog-generation: 1673745118159286
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 63109
x-goog-hash: crc32c=PBINJw==, md5=MofKbzGc6pqd8z0WPf2UJw==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 1293
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=92pDKoONtlC4%2BGFHuyUQZnUp2gl9%2BBdFDs9Ni81o%2BQ1eGuyUevix8mt1L2jn5vpHZgWSTD8IxReAzWQyY5XQ2xmOWUWRiGksDUkTwh6z3Xa4p2jAsPmF6626q%2FC1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bc8386fc98877-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 70d6774d320ab72ec40a4def22b52661
c432f1445ef41088dad9b249a52c6e31d81cff34
3e84c5a3a40ab5677e61ebf1a0c31b2efa3d155eef5876afce832ccd84fb1780
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "3E84C5A3A40AB5677E61EBF1A0C31B2EFA3D155EEF5876AFCE832CCD84FB1780"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15391
Expires: Mon, 30 Jan 2023 21:20:09 GMT
Date: Mon, 30 Jan 2023 17:03:38 GMT
Connection: keep-alive
www.googletagmanager.com/gtag/js?id=G-S8GL39Q7DJ&l=dataLayer&cx=c
200 OK 82 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-S8GL39Q7DJ&l=dataLayer&cx=c
IP
File type ASCII text, with very long lines (29660)
Hash 6680f694af328b88aaf1182c1f6f8f5d
3d556cd776c4a4ec8543d79744de3293a33c0427
06cbbeb3326b3288cce0fd59b680bf342631784ef3707988121562689aa712dc
GET /gtag/js?id=G-S8GL39Q7DJ&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 30 Jan 2023 17:03:38 GMT
expires: Mon, 30 Jan 2023 17:03:38 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 81813
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 07dcea82ca0677d77347c58bcd943425
b0882a71b171ddf5c333f71151db2dd4a80e4c39
b6005a8ac35ada7bfc816a964f9af962c0835b041e63466b0a18a42696786b57
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:03:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnbun.com/upload/yy.png
200 OK 1.0 kB IP
File type PNG image data, 88 x 88, 8-bit/color RGBA, non-interlaced\012- data
Hash 294678e67680a37a0c577f3605ef7d41
b2cc5849975d27c589aec621a0b6f65b570684cd
e87a7a594e7a1ca9fcd099d956913911f88ad9fe15eba6427b0d574c7f32e3cb
GET /upload/yy.png HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: 0
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:03:38 GMT
content-type: image/png
content-length: 1046
x-guploader-uploadid: ADPycds4NRRlhpTHzLjhFvp3ZhafXgK2qKRcz6BqxFHTyaGeo2ga_BL0JCJfZuom0H0GPtaxPRDa59d4oiVBujrP7-f_DA
expires: Mon, 30 Jan 2023 17:09:07 GMT
cache-control: public, max-age=14400
last-modified: Tue, 29 Nov 2022 10:20:34 GMT
etag: "294678e67680a37a0c577f3605ef7d41"
x-goog-generation: 1669717234582083
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1046
x-goog-hash: crc32c=qpNAIA==, md5=KUZ45naAo3oMV382Be99QQ==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 1084
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zut%2FDFcf0vIKjj7gP9fQRW2oKrrw8Up%2FzAMIXHHZ904oI97iUpG6LmMv507QbUUXLc%2FiUbW4BS5GQKeXdSd6XjnRVxO4OzWENck6I%2BKyoJKgoqdqE%2F4e%2B%2B0C6Zdn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bc8393e4524b5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/ai5.jpg
200 OK 10 kB URL HTTP/2 263cdn.com/upload/ai5.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Hash 015b3da26d950d3a0998b8aa91cce43e
4c14d62d9f9caadd26fb3d7fc78351f0b2829d60
1bf2799c196a3f01bc4768307aa93fa43b5019851bd8880566203ade024e4453
GET /upload/ai5.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:03:38 GMT
content-type: image/jpeg
content-length: 10064
x-guploader-uploadid: ADPycdsPoZJSAdj8mYi6iaxk7lY5RvJ6Re3Kbnb-62ul4y5GD2_wqXJR0tQkLkd-OgH034gywx8bCQn9FVFVlRbjfpc3
expires: Mon, 30 Jan 2023 16:45:59 GMT
cache-control: public, max-age=14400
last-modified: Wed, 15 Jun 2022 21:48:28 GMT
etag: "015b3da26d950d3a0998b8aa91cce43e"
x-goog-generation: 1655329708799605
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 10064
x-goog-hash: crc32c=KNm9SQ==, md5=AVs9om2VDToJmLiqkczkPg==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 2151
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ryJhJbDZKg7pCI3n89FWWrN4pKvIgC%2BxiZz%2B2q4fZz8jEmkQhDIXGzM9DwAS2We7qBeD6aLaWdZMSyaoW%2FwAlv2rs9x4o8YsuUsSvqgcfWdZNbTr6WtbWUzfWONM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bc8391a2f3860-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/aiji5.jpg
200 OK 9.7 kB URL HTTP/2 263cdn.com/upload/aiji5.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 200x200, components 3\012- data
Hash b33736e8626b5d351d823f9a03a9a534
81ece949e8b652e1b40977e1ed5aa1b45cfbac6e
ce58ae019d98cce21e4024278b7ff604a239cc4ce62ed26aa5191696fab33c42
GET /upload/aiji5.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:03:38 GMT
content-type: image/jpeg
content-length: 9724
x-guploader-uploadid: ADPycdtv779MDOiJRyS_kwTLKSHdqohxWi-ChseUd53knexykeJqtgEBlIQZcgHhsptZLCH0DC5nhtuH2CvAOPpT8_SizA
expires: Mon, 30 Jan 2023 17:39:28 GMT
cache-control: public, max-age=14400
last-modified: Wed, 15 Jun 2022 21:48:31 GMT
etag: "b33736e8626b5d351d823f9a03a9a534"
x-goog-generation: 1655329711908920
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 9724
x-goog-hash: crc32c=gF/70A==, md5=szc26GJrXTUdgj+aA6mlNA==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 456
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BQNdVNeL%2FQKcGX3sCw8OYpk7h%2BcN8sQwOwSBqp1u0z7X1MZk%2BqClS03fBQypzAg4F%2B7zVonQnM30bX1Gfu4ttcZTqCIro%2BuNf42tSxmnVGOMRCOMj4d%2FrdEi8KXp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bc8391a2b3860-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnbun.com/upload/talaatmoustafaxh.zo.jpg
200 OK 17 kB URL HTTP/2 cdnbun.com/upload/talaatmoustafaxh.zo.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 247x68, components 3\012- data
Hash 712ece675b03115cc3b0019bf33d3aa1
aea1d8c524494fa7e2e24f6267de8a2b16100077
36c028f21db13c5feb2598cfa4e3c83c1fcc354a7042c864f80d6a154fceae51
GET /upload/talaatmoustafaxh.zo.jpg HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: 0
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:03:38 GMT
content-type: image/jpeg
content-length: 16922
x-guploader-uploadid: ADPycdvWWA9Mot8xl5AOSpSu2eGkORw9tkMgV2Xg3AzS1zowV6ApBb7189GuCknLoXSVdE_oae_svZEt-iTHqcjmZImIhCPU76pb
expires: Mon, 30 Jan 2023 16:40:42 GMT
cache-control: public, max-age=14400
last-modified: Sun, 15 Jan 2023 01:11:58 GMT
etag: "712ece675b03115cc3b0019bf33d3aa1"
x-goog-generation: 1673745118309112
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 16922
x-goog-hash: crc32c=SEhuyg==, md5=cS7OZ1sDEVzDsAGb8z06oQ==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 2441
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e0Qeem2bO7P15APDD38IhTSfFigKTlhYv%2FnlcQPQ3nrIWrLco9iu5kiTNA3tLmC8n%2BbmDQfmiVW%2FYOrRai2pwqbJD4gAog3Gp%2BrnbYbUJ119TZWvqKoYWZKZaZ5n"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bc8393e4924b5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/ai4.jpg
200 OK 9.1 kB URL HTTP/2 263cdn.com/upload/ai4.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Hash 295bb8a4ed4802063d26fb8e1066bafc
c1aa780d7109ddf79c210b9407b6971654fc1f74
4422a6cadc8a33604c151cc3589db8956b133bb169732939228b422bbf0ae222
GET /upload/ai4.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:03:38 GMT
content-type: image/jpeg
content-length: 9092
x-guploader-uploadid: ADPycds3AgtCAGyMi28-XwktiBramjgBXSNdrehlJEFSAUOfVQ5HbgpBkoWGe7n3v5LO9aS8ID5FKC-6YCjzChlQbfORtEYMks8f
expires: Mon, 30 Jan 2023 17:45:29 GMT
cache-control: public, max-age=14400
last-modified: Wed, 15 Jun 2022 21:48:28 GMT
etag: "295bb8a4ed4802063d26fb8e1066bafc"
x-goog-generation: 1655329708803647
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 9092
x-goog-hash: crc32c=HSHWcA==, md5=KVu4pO1IAgY9JvuOEGa6/A==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 376
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CedVL%2B7za1xpK76uoSbJ1OaNmJ4mxs8yb1n1VeHeTjmLH%2FfGK9E7Xib9cxCbmhSbAT3Nxttv1oWT%2FnFOuaoClxfn0Ho7wliN8n7R8U%2BMX3QeaQpo53kN%2BP%2BCBAYa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bc8391a1f3860-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnbun.com/upload/talaatmoustafaxh.box2.png
200 OK 8.9 kB URL HTTP/2 cdnbun.com/upload/talaatmoustafaxh.box2.png
IP
File type PNG image data, 350 x 251, 8-bit/color RGBA, non-interlaced\012- data
Hash aea7ffcb083688f46a52b634b52ca06d
25a074dd91ac0e5a3e84215b28c9281d39bcdb55
a0e6e055e4a60d421d571ce10f4625859b21f5aaaab6a2d2990b7a488cc3fb70
GET /upload/talaatmoustafaxh.box2.png HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: 0
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:03:38 GMT
content-type: image/png
content-length: 8908
x-guploader-uploadid: ADPycdswwykY21WY3lNkrtY2IeOEVnsOhouyGS_5Dvs2LY6MmOGKFRprKEj8YZR81duvjYflKuf_cWJFW3sOfLzhIyi4nw
expires: Mon, 30 Jan 2023 16:40:12 GMT
cache-control: public, max-age=14400
last-modified: Sun, 15 Jan 2023 01:11:59 GMT
etag: "aea7ffcb083688f46a52b634b52ca06d"
x-goog-generation: 1673745119271305
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 8908
x-goog-hash: crc32c=oJFL1A==, md5=rqf/ywg2iPRqUrY0tSygbQ==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 2441
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=10qrthon23b%2By75fre09U1ezEM86wYl77SYRysRIZr7xDFby9Yz%2BJuP5salFweiiIPvSyJQzTv%2FCnsMMiJU8oZLYsZt04MFjRDwit77s6JpjKHP9rMXqvrpoDsXG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bc8393e4124b5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash d81f874741beb45c89de8bb5c6de438e
a251ab903e654953631d84721479bbae55aa5cdf
ec28dafa2a54818028d4dfe99218d9e4b507f3bd7efaabfba630d85f24d4d75d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:03:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-T_4FPQJDXos/YKsjbNLDpRI/AAAAAAAABho/lE-RXu-La9UZUtmJisWFGBB7Gyzc2-M_QCLcBGAsYHQ/s16000/Norway_inbox.png
200 OK 14 kB URL HTTP/2 1.bp.blogspot.com/-T_4FPQJDXos/YKsjbNLDpRI/AAAAAAAABho/lE-RXu-La9UZUtmJisWFGBB7Gyzc2-M_QCLcBGAsYHQ/s16000/Norway_inbox.png
IP
File type PNG image data, 350 x 251, 8-bit colormap, non-interlaced\012- data
Hash ff055162c5d233506eece3fb69a47e74
49812e303ae6674819b6a7a6e0721d555ef64df4
7e46c8bcf219a0d6f0f3d5c5b027ed613678a0c54d637172d6495f428ff80150
GET /-T_4FPQJDXos/YKsjbNLDpRI/AAAAAAAABho/lE-RXu-La9UZUtmJisWFGBB7Gyzc2-M_QCLcBGAsYHQ/s16000/Norway_inbox.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Norway_inbox.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 13695
x-xss-protection: 0
date: Mon, 30 Jan 2023 15:04:34 GMT
expires: Mon, 23 Jan 2023 07:16:14 GMT
cache-control: public, max-age=86400, no-transform
age: 7144
etag: "v630"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
263cdn.com/upload/aiji2.jpg
200 OK 20 kB URL HTTP/2 263cdn.com/upload/aiji2.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 200x200, components 3\012- data
Hash 048481223ab8fdead6b4a6fe353463a1
392ddada33593146f58fed673412aa8dd973c3fc
c80fad36d38f0cced671a7e4ae2069a98e20cc5be0cef8c9d09309761361f629
GET /upload/aiji2.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:03:38 GMT
content-type: image/jpeg
content-length: 20120
x-guploader-uploadid: ADPycdvU-f3e2WXA8swUuTWilEjuRL6fttdevxJwPLMgpXDJLJ5UK8vV0pfh4bxFbZfPsfbIdm4fHpga54PutYYTOcG0SwZmk3gh
expires: Mon, 30 Jan 2023 16:57:19 GMT
cache-control: public, max-age=14400
last-modified: Wed, 15 Jun 2022 21:48:31 GMT
etag: "048481223ab8fdead6b4a6fe353463a1"
x-goog-generation: 1655329711676494
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 20120
x-goog-hash: crc32c=9e67Iw==, md5=BISBIjq4/erWtKb+NTRjoQ==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 1926
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=stoUjzAkUPhrjusTGf4R4QwIvurNHaD4JQYUjt%2FJ5zICtFSQE3gQ7p5lmHHbsUdkVx%2FFOUD8D7Te%2BqJlSeueHyVDVDF3nIv2x4yEEZpCbjdxzkD0Bv1w84kj0Y5w"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bc8391a253860-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/ai2.jpg
200 OK 9.9 kB URL HTTP/2 263cdn.com/upload/ai2.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Hash 077be20fe7234e83753b9ba09909c4db
6aa665714e62e7a78a6621ad09170226f1ac45ed
afb033724092299dfc5ad27f7eaf77f259149f0e2a9acd9778217bc6729c9bb4
GET /upload/ai2.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:03:38 GMT
content-type: image/jpeg
content-length: 9862
x-guploader-uploadid: ADPycdvpinJqIosU3r6JDgkve7VXsJgp_m0CLuXZRt0T3OAsxUYBV3j82nRDkNyUoLODI1wlP-Lq_4MzHOEa7FPmeKzzEmEmuUf8
expires: Mon, 30 Jan 2023 16:44:35 GMT
cache-control: public, max-age=14400
last-modified: Wed, 15 Jun 2022 21:48:28 GMT
etag: "077be20fe7234e83753b9ba09909c4db"
x-goog-generation: 1655329708632998
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 9862
x-goog-hash: crc32c=DgSg1Q==, md5=B3viD+cjToN1O5ugmQnE2w==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 2644
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wus5Qlt8fk6wapN8%2FJhI23gFnHH3cRX468CT9UrwKkyBJ2YDQhN%2FVLv9YpVKKG5It%2F3FyyfW17DXhDAeVfIMgbWPsjl54KMopg1%2F032Z8ttEjabsI9ElQVTzxVJL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bc8391a363860-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 07dcea82ca0677d77347c58bcd943425
b0882a71b171ddf5c333f71151db2dd4a80e4c39
b6005a8ac35ada7bfc816a964f9af962c0835b041e63466b0a18a42696786b57
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 17:03:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
263cdn.com/upload/ai1.jpg
200 OK 12 kB URL HTTP/2 263cdn.com/upload/ai1.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Hash bac3492752e1e3f05a901178771302bc
ea477f17d592758778a0ddbfefe740578b5dec42
469ad240f4483cf03def2e55756158b02c77272b6c5ad410b6a168399bf831bd
GET /upload/ai1.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:03:38 GMT
content-type: image/jpeg
content-length: 12023
x-guploader-uploadid: ADPycdtnYq28cPU1q-VHldhUYNLjCxCEyzHTwHsob0ijVJzy4ZfNfEm9NE3mVcqx_hfO7lwWYLkjPmKDmajJk9QxVDQ31w
x-goog-generation: 1655329708623670
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 12023
x-goog-hash: crc32c=/CTDGA==, md5=usNJJ1Lh4/BakBF4dxMCvA==
x-goog-storage-class: STANDARD
expires: Mon, 30 Jan 2023 17:19:30 GMT
cache-control: public, max-age=14400
last-modified: Wed, 15 Jun 2022 21:48:28 GMT
etag: "bac3492752e1e3f05a901178771302bc"
cf-cache-status: HIT
age: 2644
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oTFEoVBg1ryopY6H6QLov%2Fh7YGce9Ttw5iQ%2BbWFTfZGu%2FZ%2BPtWMawc7JiZRGT%2FiLCtn9GFNfaU8Uh8F4K8zV8zMMCz%2BwkQxftbq698mJ1l8N0ccZMk0MmOnet79D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bc8391a333860-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/aiji3.jpg
200 OK 17 kB URL HTTP/2 263cdn.com/upload/aiji3.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 200x200, components 3\012- data
Hash 6fd4e106d815780a6381473831053d57
a122e87e48c9f7caa13951dec1e217047f908b43
04b5225b10878f4c28d3364eb3c83683d27609be43d47b40562d46a9b187e5e1
GET /upload/aiji3.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:03:38 GMT
content-type: image/jpeg
content-length: 17370
x-guploader-uploadid: ADPycdtZHrQOC8uZpRbBFJN9Hft1-_hxoSSw-9Y-Mk7UcKZIBdXHY8d_XH3g_mkUCGw9RUcZk36w4JnHTNiLad-Gtq2J
expires: Mon, 30 Jan 2023 17:04:18 GMT
cache-control: public, max-age=14400
last-modified: Wed, 15 Jun 2022 21:48:31 GMT
etag: "6fd4e106d815780a6381473831053d57"
x-goog-generation: 1655329711674777
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 17370
x-goog-hash: crc32c=8ynjPg==, md5=b9ThBtgVeApjgUc4MQU9Vw==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 3560
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R7JlovFjFVUtyf%2BXqEgaoS%2Fystsi%2BcZWlHbjh6n0a4VhX2aQN5V%2BsKLaE5jqFoH8zgfV3CYDyl5TN46oHESt7K6uwppa8qtKp4KprSA0wziHHoBQkom8ilf4AX44"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bc8391a273860-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/aiji1.jpg
200 OK 14 kB URL HTTP/2 263cdn.com/upload/aiji1.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 200x200, components 3\012- data
Hash d311ed890dba91c0cdd8dddb3d89cc9a
c25faf5e5c0482d599338cf0bb3930354f81bc88
36a20d2000d206ef86e56435fe605f49cda98785b84aa2f539b7492ac40ca4af
GET /upload/aiji1.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:03:38 GMT
content-type: image/jpeg
content-length: 14340
x-guploader-uploadid: ADPycdvUiREnmm5LoOGstptpv82pIHwmVUezCEjdMSPfrK5QD2-9JhJpA-2PTGUd4HRwOblbSbB0tyszI1WFqG7teWifqBAzma6O
expires: Mon, 30 Jan 2023 17:04:26 GMT
cache-control: public, max-age=14400
last-modified: Wed, 15 Jun 2022 21:48:31 GMT
etag: "d311ed890dba91c0cdd8dddb3d89cc9a"
x-goog-generation: 1655329711535508
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 14340
x-goog-hash: crc32c=ITNPJg==, md5=0xHtiQ26kcDN2N3bPYnMmg==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 2222
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VJNI9wV3IWYcSrbCaW0aIGVvwPehautC%2BV%2FH%2BiyqlY3nKyJgZWkTqfjCMZ%2BoJvYbEroij%2FvC%2F73cWEUqm9QlYrgX2eaFBxncQgqrV1i4had0I%2Byh5IU%2B%2F25diSP9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bc8391a223860-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnbun.com/upload/talaatmoustafaxh.box3.png
200 OK 29 kB URL HTTP/2 cdnbun.com/upload/talaatmoustafaxh.box3.png
IP
File type PNG image data, 350 x 251, 8-bit/color RGBA, non-interlaced\012- data
Hash 6d1373d54c8d89041feea849a0154cb4
55499366405c381316a75b2930fb82a15a681816
17a6e49aef7e0cb8eb47c458043375c09967ffdd84a767d1677dad7acb92674c
GET /upload/talaatmoustafaxh.box3.png HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Alt-Used: 0
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:03:38 GMT
content-type: image/png
content-length: 28758
x-guploader-uploadid: ADPycduZjma0_qrZ-j627ptgw0LgXQ0rSRmJp5gdUm3pCyahtsQhYE8RNlJ_q0blnJgjYIVcp064Pa8fkpAbv85v9YHJ0yjulxHu
expires: Mon, 30 Jan 2023 16:40:12 GMT
cache-control: public, max-age=14400
last-modified: Sun, 15 Jan 2023 01:11:59 GMT
etag: "6d1373d54c8d89041feea849a0154cb4"
x-goog-generation: 1673745119344227
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 28758
x-goog-hash: crc32c=QF01Rg==, md5=bRNz1UyNiQQf7qhJoBVMtA==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 2595
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F0hPQ2KrjY7LDBXU5U7Do87Rpu1Dn4LpwjDXQIz%2BFfuZe2Mf0vVHgDg5QgRPy8qbTXvbn%2FC8nnGOsgRcQptxlSVBm8RMqasphbdy4ig73Ach9nH6aVxlhPSa%2F%2F4E"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bc8397ed324b5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/ai3.jpg
200 OK 10 kB URL HTTP/2 263cdn.com/upload/ai3.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Hash 9532661da61cc2a1a3cd7634bcd12a85
b4968a18acdf51a5f36b6f79266a59ae33273f9a
b4657f9bc1c1cc9321b4463a194a746fd3e42379c8fea4cc4f9b04c042e72aaf
GET /upload/ai3.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:03:38 GMT
content-type: image/jpeg
content-length: 10320
x-guploader-uploadid: ADPycds2FLOwFVCnNYllrv3SJYaMHwcdY8IYswEeoQ30p3O-5hVlT-emfsmh0RUh5fBIGKa8Q_wKkvUbgU8danakIakU2Q
expires: Mon, 30 Jan 2023 16:35:42 GMT
cache-control: public, max-age=14400
last-modified: Wed, 15 Jun 2022 21:48:28 GMT
etag: "9532661da61cc2a1a3cd7634bcd12a85"
x-goog-generation: 1655329708720507
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 10320
x-goog-hash: crc32c=+hZ9nw==, md5=lTJmHaYcwqGjzXY0vNEqhQ==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 3557
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KoeeXdKEAKAtkJvlY%2FDMEKONVZIX9ZT0o1%2FwmF%2BwtLFkEDL%2FZWS7EbA5TivA0dzTCma7UMZulwNWIdXz12u%2BvMSmwz5MwbYU9S%2BqeMN%2BDJKQgBO%2FCqqk3HaxFVwg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bc8391a353860-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/aiji10.jpg
200 OK 18 kB URL HTTP/2 263cdn.com/upload/aiji10.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 200x200, components 3\012- data
Hash 8d5409ac44fb85cdbb5ad45b9a890ea7
ac0dcb602d36991de0a691970914c9c0ead34163
c3e86c821401369cba776c71cc29b795e73bef9afdc1af0045e2eeccaf670116
GET /upload/aiji10.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:03:38 GMT
content-type: image/jpeg
content-length: 18332
x-guploader-uploadid: ADPycdsQz1wP_gI5QpCFLmm2L8azXn_Wm27cH3LyeVH4k7WYF9cHCcvo63RLC8cHO1u1wGYyaugbcnDeRWpDVQwG5Ze_Sg
expires: Mon, 30 Jan 2023 17:03:33 GMT
cache-control: public, max-age=14400
last-modified: Wed, 15 Jun 2022 21:48:31 GMT
etag: "8d5409ac44fb85cdbb5ad45b9a890ea7"
x-goog-generation: 1655329711620489
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 18332
x-goog-hash: crc32c=+oavVQ==, md5=jVQJrET7hc27WtRbmokOpw==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 2323
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d0W5CliCWfIqE1viCYc9pqo5SJ%2FiIMAF3SWHpe0IpapyrwX7HwWkXNTnq4qL%2FzM5cJiMCHh3EI6Tp1%2BABW%2FO%2FArFnuQRECPZvYi4XBt8ugRC1kCaQtlYGoZZclWN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bc8398af23860-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash 85ba32d40423f063f2de6d43daa58a91
69766ae7408fa215ec8d2e5c52bdd520e525bdc1
cf8b546f1431c16b1c8b9613fc060488cefa4ad1e136487451a116dc5745fa56
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "CF8B546F1431C16B1C8B9613FC060488CEFA4AD1E136487451A116DC5745FA56"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14380
Expires: Mon, 30 Jan 2023 21:03:18 GMT
Date: Mon, 30 Jan 2023 17:03:38 GMT
Connection: keep-alive
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash 89086667f6ed6d6b5cd0560f56590bce
3713db85315606d927b997c1da8ba9a7e04255e1
dfccfc12b8d43ed87ab681feb045bc0673b7b16250f22dcd7c8a108f4663b749
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 17:03:38 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 03 Feb 2023 15:40:14 GMT
ETag: "3713db85315606d927b997c1da8ba9a7e04255e1"
Last-Modified: Mon, 30 Jan 2023 15:40:15 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1292
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791bc83bbec9b529-OSL
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash 89086667f6ed6d6b5cd0560f56590bce
3713db85315606d927b997c1da8ba9a7e04255e1
dfccfc12b8d43ed87ab681feb045bc0673b7b16250f22dcd7c8a108f4663b749
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 17:03:38 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 03 Feb 2023 15:40:14 GMT
ETag: "3713db85315606d927b997c1da8ba9a7e04255e1"
Last-Modified: Mon, 30 Jan 2023 15:40:15 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1292
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791bc83bbcceb4f9-OSL
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash 89086667f6ed6d6b5cd0560f56590bce
3713db85315606d927b997c1da8ba9a7e04255e1
dfccfc12b8d43ed87ab681feb045bc0673b7b16250f22dcd7c8a108f4663b749
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 17:03:38 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 03 Feb 2023 15:40:14 GMT
ETag: "3713db85315606d927b997c1da8ba9a7e04255e1"
Last-Modified: Mon, 30 Jan 2023 15:40:15 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1292
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791bc83bcee7b529-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7659
Expires: Mon, 30 Jan 2023 19:11:18 GMT
Date: Mon, 30 Jan 2023 17:03:39 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7659
Expires: Mon, 30 Jan 2023 19:11:18 GMT
Date: Mon, 30 Jan 2023 17:03:39 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7659
Expires: Mon, 30 Jan 2023 19:11:18 GMT
Date: Mon, 30 Jan 2023 17:03:39 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7659
Expires: Mon, 30 Jan 2023 19:11:18 GMT
Date: Mon, 30 Jan 2023 17:03:39 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65c02d8a1b0d6a210cb2a649c5c67469
027dbc7a104c922904f067ed15d696c363c11774
89d5443a1d313c632d09a583ef602aa4645a16986076387329f434262d15b0a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10997
x-amzn-requestid: a6fac0ab-1acf-4808-8785-3b4ec5e32edf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj30FX7IAMFa5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e698-005109ec2e76529e793678d6;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: skGKI_MWvDwpAbGibUcr8wTlimgoPU9ZYhEHltd3uhdJZ_GoNznVAA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:53:08 GMT
age: 69031
etag: "027dbc7a104c922904f067ed15d696c363c11774"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e9b24d-3c7c-46d8-89b7-084483cc3d1d.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e9b24d-3c7c-46d8-89b7-084483cc3d1d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5190c0bdc6abe0ee258e9f8c20ddaf51
d60f280f8a742480527dbc32d08f321f972d4fcf
874b38a04aa3736e65aaef72da2cc2efceb208618267107a495bdfe51ec58e58
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e9b24d-3c7c-46d8-89b7-084483cc3d1d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12507
x-amzn-requestid: 85c9adcd-b997-48ca-bbfb-ccdeaf3e8cfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhklyFaJoAMFqKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e7be-2bcdd8c353d8429d2b1e95f6;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:40:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UDJKl99GiUxTW_EgWFDjLaJZbKFhfaJR-XRLsbQphwHuCXczDlxrDA==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:54:37 GMT
age: 68942
etag: "d60f280f8a742480527dbc32d08f321f972d4fcf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg
200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 51aa950d5eed7b90cab6632107092edc
e4388ced02e5576867e77547496dec1ac2338ef7
588830e5f725e8e56270565e40f817f2658b0ee7c0425d138e5f65a17ff40483
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9457
x-amzn-requestid: 7c48e5ca-2128-43da-ba83-fd91568af1ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkBOGHVoAMFQtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6d4-1b850ffd543f51f92dec3894;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: soTFEnYjNcti77h3FpnztwzR7ypv68NbyoI6DxS0NhU412ykFsWAgA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:00:38 GMT
age: 68581
etag: "e4388ced02e5576867e77547496dec1ac2338ef7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fe31ee140c2fd62e616c8a1edc9e78bb
7aa5fbdc8156514770ae620e81f1afef1c77890f
799af4bf9fa07ed27ebdc9d1a3344ee8a2b6529f076c263495b93290c47a1cc4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8464
x-amzn-requestid: bf2cf356-ebb1-469b-ba35-a79bb009cad6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj3qGeboAMFzNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e697-7c96841f52b6a96d1b0eaf34;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: UNub7Gd4S0ogn5EJhtJVu8q1qML5_4eL2lIPQXiAuXy_q-XiR4s-5w==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:55:21 GMT
etag: "7aa5fbdc8156514770ae620e81f1afef1c77890f"
content-type: image/jpeg
age: 68898
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e04b9eaf7449828136ad59e4c9d69f1
b820be4ed885dcf288eb6460c57e1fa7b1c7c476
df75cf7183d401a19655aab025d08ad2c498573c88b32e9b258d951d2993b936
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7679
x-amzn-requestid: 0c7983d5-6040-44e9-b394-21c3784702a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkEtEfHoAMFaNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6ea-54c55dbd09ca642048af8916;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Wx-qjsrMLYpLmE-8QmpR46BeRySbUGL2Rrr6LqhEQ8jaEEj_6Aj0qg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:52:09 GMT
age: 69090
etag: "b820be4ed885dcf288eb6460c57e1fa7b1c7c476"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: f644ca78-a07a-43d1-96e4-95bcdecff7fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPGLfFtOIAMFp7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf83e2-202ca7160544acd24259bd5d;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:08:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xRwqrWS66l4qJfg2HnGphN1dbrIUod9XKW3zTk_-Km9AQRPyV2UqWg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 20:46:17 GMT
age: 73042
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?e7e7025b571eeccd60ac9ae34f7130e5
200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?e7e7025b571eeccd60ac9ae34f7130e5
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (666)
Hash 2c03bedd8c2c93d828c7a702d84c809d
fce03665f5b4d498b8b9ddd6e40f5160aa6afd32
4b58a9a6b304c3311e15a3c9df7d4275f0407707ba5c2e40d618e42092921bf2
GET /hm.js?e7e7025b571eeccd60ac9ae34f7130e5 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11304
Content-Type: application/javascript
Date: Mon, 30 Jan 2023 17:03:39 GMT
Etag: 1bbe4640d7231ecb439d1df0fe432645
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=A9107B1F9ABABDFC; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?ba99808308e7272d58c43367a11d1204
200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?ba99808308e7272d58c43367a11d1204
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (629)
Hash c7c291f9890b0afe58793353144b37c7
9b56bc498e9f7a4a2b4686dc7a7dc338b9bb3706
a6f601923adac4dc64e968b864f47f7048ce9a47f8cfea78d3125193065df03f
GET /hm.js?ba99808308e7272d58c43367a11d1204 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11267
Content-Type: application/javascript
Date: Mon, 30 Jan 2023 17:03:39 GMT
Etag: a18b8af6059d2a7e0d90318034d14dd6
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=B1092B067E7AF9BC; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?ee082e5d73b289b4f71288ef23cf2ef1
200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?ee082e5d73b289b4f71288ef23cf2ef1
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (663)
Hash b0c8a88ae45000e15b6a83b05cf30c32
88e2b41e1c46e50db564bc81711d031f3dbe3110
1ea20571a68a867c9c59bfde367317bbceb25236669f25d3db23915d6f03229e
GET /hm.js?ee082e5d73b289b4f71288ef23cf2ef1 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11301
Content-Type: application/javascript
Date: Mon, 30 Jan 2023 17:03:39 GMT
Etag: 39f3fb4f8e311627ff6ba13ae5410582
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=21FC20862B04375E; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?8b68846a3ac1709b0ec7199084ee5ea8
200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?8b68846a3ac1709b0ec7199084ee5ea8
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (620)
Hash ce3f6bb23c77fe71a8c670536711b523
4dbce0d896fcf5cc47252822466c886621913514
821d88760e3d75944994bc6aed618706fbaff231e7d9748518ed661deb9b9650
GET /hm.js?8b68846a3ac1709b0ec7199084ee5ea8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11258
Content-Type: application/javascript
Date: Mon, 30 Jan 2023 17:03:39 GMT
Etag: d83b6e8260e9a2d45cc3320b36ab687c
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=D94CAB14E3C7402F; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=621087072&si=e7e7025b571eeccd60ac9ae34f7130e5&su=http%3A%2F%2Fw.2wj4fe.cyou%2F&v=1.3.0&lv=1&sn=23633&r=0&ww=1280&u=https%3A%2F%2Fjzupsq.cyou%2FxeCi5nHD%2Ftalaatmoustafawh%2F%3F_t%3D1675098230403%231675098231596
200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=621087072&si=e7e7025b571eeccd60ac9ae34f7130e5&su=http%3A%2F%2Fw.2wj4fe.cyou%2F&v=1.3.0&lv=1&sn=23633&r=0&ww=1280&u=https%3A%2F%2Fjzupsq.cyou%2FxeCi5nHD%2Ftalaatmoustafawh%2F%3F_t%3D1675098230403%231675098231596
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=621087072&si=e7e7025b571eeccd60ac9ae34f7130e5&su=http%3A%2F%2Fw.2wj4fe.cyou%2F&v=1.3.0&lv=1&sn=23633&r=0&ww=1280&u=https%3A%2F%2Fjzupsq.cyou%2FxeCi5nHD%2Ftalaatmoustafawh%2F%3F_t%3D1675098230403%231675098231596 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 30 Jan 2023 17:03:39 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=4305D2EAA494A603; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0<=1675098233&rnd=246669711&si=ba99808308e7272d58c43367a11d1204&su=http%3A%2F%2Fw.2wj4fe.cyou%2F&v=1.3.0&lv=2&sn=23633&r=0&ww=1280&u=https%3A%2F%2Fjzupsq.cyou%2FxeCi5nHD%2Ftalaatmoustafawh%2F%3F_t%3D1675098230403%231675098231596
200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0<=1675098233&rnd=246669711&si=ba99808308e7272d58c43367a11d1204&su=http%3A%2F%2Fw.2wj4fe.cyou%2F&v=1.3.0&lv=2&sn=23633&r=0&ww=1280&u=https%3A%2F%2Fjzupsq.cyou%2FxeCi5nHD%2Ftalaatmoustafawh%2F%3F_t%3D1675098230403%231675098231596
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0<=1675098233&rnd=246669711&si=ba99808308e7272d58c43367a11d1204&su=http%3A%2F%2Fw.2wj4fe.cyou%2F&v=1.3.0&lv=2&sn=23633&r=0&ww=1280&u=https%3A%2F%2Fjzupsq.cyou%2FxeCi5nHD%2Ftalaatmoustafawh%2F%3F_t%3D1675098230403%231675098231596 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 30 Jan 2023 17:03:40 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=67BD6F4FA6D37856; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=632540905&si=ee082e5d73b289b4f71288ef23cf2ef1&su=http%3A%2F%2Fw.2wj4fe.cyou%2F&v=1.3.0&lv=1&sn=23633&r=0&ww=1280&u=https%3A%2F%2Fjzupsq.cyou%2FxeCi5nHD%2Ftalaatmoustafawh%2F%3F_t%3D1675098230403%231675098231596
200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=632540905&si=ee082e5d73b289b4f71288ef23cf2ef1&su=http%3A%2F%2Fw.2wj4fe.cyou%2F&v=1.3.0&lv=1&sn=23633&r=0&ww=1280&u=https%3A%2F%2Fjzupsq.cyou%2FxeCi5nHD%2Ftalaatmoustafawh%2F%3F_t%3D1675098230403%231675098231596
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=632540905&si=ee082e5d73b289b4f71288ef23cf2ef1&su=http%3A%2F%2Fw.2wj4fe.cyou%2F&v=1.3.0&lv=1&sn=23633&r=0&ww=1280&u=https%3A%2F%2Fjzupsq.cyou%2FxeCi5nHD%2Ftalaatmoustafawh%2F%3F_t%3D1675098230403%231675098231596 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 30 Jan 2023 17:03:40 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=994220B3E744D2C7; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0<=1675098233&rnd=273354384&si=8b68846a3ac1709b0ec7199084ee5ea8&su=http%3A%2F%2Fw.2wj4fe.cyou%2F&v=1.3.0&lv=2&sn=23633&r=0&ww=1280&u=https%3A%2F%2Fjzupsq.cyou%2FxeCi5nHD%2Ftalaatmoustafawh%2F%3F_t%3D1675098230403%231675098231596
200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0<=1675098233&rnd=273354384&si=8b68846a3ac1709b0ec7199084ee5ea8&su=http%3A%2F%2Fw.2wj4fe.cyou%2F&v=1.3.0&lv=2&sn=23633&r=0&ww=1280&u=https%3A%2F%2Fjzupsq.cyou%2FxeCi5nHD%2Ftalaatmoustafawh%2F%3F_t%3D1675098230403%231675098231596
IP
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0<=1675098233&rnd=273354384&si=8b68846a3ac1709b0ec7199084ee5ea8&su=http%3A%2F%2Fw.2wj4fe.cyou%2F&v=1.3.0&lv=2&sn=23633&r=0&ww=1280&u=https%3A%2F%2Fjzupsq.cyou%2FxeCi5nHD%2Ftalaatmoustafawh%2F%3F_t%3D1675098230403%231675098231596 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 30 Jan 2023 17:03:40 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=D22CB879C3718D39; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
cdn.jsdelivr.cc/npm/jquery@3.6.0/dist/jquery.min.js
200 OK 0 B URL HTTP/2 cdn.jsdelivr.cc/npm/jquery@3.6.0/dist/jquery.min.js
IP
GET /npm/jquery@3.6.0/dist/jquery.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:03:38 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycdsf3tzwudZfkPS2DQ_oOQj0OKcbfGJswraNIZcM1hyXfZh87zci_6ainLgL0N_3wk_VzjbaWR9jSWBbFY1nGttIvPpZHBsd
expires: Mon, 30 Jan 2023 17:04:23 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:30:17 GMT
etag: W/"3e4bb227fb55271bfe9c9d4a09147bd8"
x-goog-generation: 1647502217775195
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 89501
x-goog-hash: crc32c=JnXAUA==, md5=PkuyJ/tVJxv+nJ1KCRR72A==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 3401
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bq81S6yhazzaApslgNuhkRBYd%2FC%2FXzp6%2BxXDNZpB7XtRpyojDR8w6SfmSEtJGLCm3ByMvpDazi%2FuBoK55p7TUR7h61pcVvvGhtoFMeYWtmkPeS9ZkLUW3wUXLLy3%2BwqoSvY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bc8368b247200-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css
200 OK 0 B URL HTTP/2 cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css
IP
GET /npm/bootstrap@4.6.0/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:03:38 GMT
content-type: text/css
x-guploader-uploadid: ADPycdu5uAaRno4bHNFLFgygxni3jHAOMBdIMq69dQqYugLweM0yAoXPFzYzE9PblykdtUtsSDtg_NQM52w3GQIMgh0-cxhtrVO3
expires: Mon, 30 Jan 2023 16:54:45 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:38:12 GMT
etag: W/"feba0d0760607b9e21393156949afcd9"
x-goog-generation: 1647502692716912
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 161415
x-goog-hash: crc32c=Sb/HMQ==, md5=/roNB2Bge54hOTFWlJr82Q==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 2987
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1cPr8pSRFRAKOIFwJCZYOQNwJa4CuNlzQ6y0OCnQh3IOZ%2FHhIEhAXIvJsX78n69NLi2IDoHbWIMLYlmWMrEuSvA681x2ERLROkFe%2Bd522ZAlyBgkbuwbo15uaqi5ZRBJ1m8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bc836bb787200-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
uprimp.com/bnr.php?section=General&pub=593174&format=300x50&ga=g
200 OK 0 B URL HTTP/2 uprimp.com/bnr.php?section=General&pub=593174&format=300x50&ga=g
IP
ASN #201702 skHosting.eu s.r.o.
GET /bnr.php?section=General&pub=593174&format=300x50&ga=g HTTP/1.1
Host: uprimp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 17:03:38 GMT
content-type: application/javascript
expires: Mon, 30 Jan 2023 17:03:38 GMT
last-modified: Mon, 30 Jan 2023 17:03:38 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
X-Firefox-Spdy: h2
uprimp.com/bnr_xload.php?section=General&pub=593174&format=300x50&ga=g&xt=167509821835396&xtt=1524806
200 OK 0 B URL HTTP/2 uprimp.com/bnr_xload.php?section=General&pub=593174&format=300x50&ga=g&xt=167509821835396&xtt=1524806
IP
ASN #201702 skHosting.eu s.r.o.
GET /bnr_xload.php?section=General&pub=593174&format=300x50&ga=g&xt=167509821835396&xtt=1524806 HTTP/1.1
Host: uprimp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 17:03:38 GMT
content-type: text/html; charset=UTF-8
expires: Mon, 30 Jan 2023 17:03:38 GMT
last-modified: Mon, 30 Jan 2023 17:03:38 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
X-Firefox-Spdy: h2
cdn.jsdelivr.cc/npm/sweetalert2@10.16.0/dist/sweetalert2.all.min.js
200 OK 0 B URL HTTP/2 cdn.jsdelivr.cc/npm/sweetalert2@10.16.0/dist/sweetalert2.all.min.js
IP
GET /npm/sweetalert2@10.16.0/dist/sweetalert2.all.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:03:38 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycdtEi86mIADHQx0-Tw3Js-aisdL1bu5HdnObfPOJR-JODbwuU8Dh4go8RIl-0rhgjH4sKU6FrNPd2I-NyGdX-_jHzA5D73Bc
expires: Mon, 30 Jan 2023 17:14:00 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:40:39 GMT
etag: W/"80924b62e5b3ac73aa4849776b439770"
x-goog-generation: 1647502839791727
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 72765
x-goog-hash: crc32c=8ZRUYw==, md5=gJJLYuWzrHOqSEl3a0OXcA==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 1642
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=psouPIlY8eWXIQsRnPoxIN5N0U8gyMuE7CT2ol6tvNLNzOt2geYH0Sw8buAFEoS6fjmsNhPONz6dIbaALHqbuvr0P7Ax06lLdfeu%2B6w86A8fYuZVhvYL5CUNXlwEa5Z3XDo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bc836bb7a7200-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.cc/npm/popper.js@1.16.1/dist/umd/popper.min.js
200 OK 0 B URL HTTP/2 cdn.jsdelivr.cc/npm/popper.js@1.16.1/dist/umd/popper.min.js
IP
GET /npm/popper.js@1.16.1/dist/umd/popper.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:03:38 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycdvlE_DLoVV9BUo5AxOAhNxOSaLc0DTEnR_RrnAhqI2xSKui-ObXzfrmbzVJmlvWpzcQ9A8YUPlODUqcZtb8ik2WclFgR_Ik
expires: Mon, 30 Jan 2023 17:06:24 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:44:44 GMT
etag: W/"31c898c6d2ea13c30441657ff1900d81"
x-goog-generation: 1647503084523089
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 21236
x-goog-hash: crc32c=7cW0Gg==, md5=MciYxtLqE8MEQWV/8ZANgQ==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 2601
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Wb6El%2FkEcVhkPIB5LBJuAHmhnGPRJ4co8vh03Sjcthe6oIA6Yrg%2B7p7xpLw4JONmhmKCavp86JKNNBAozRdqxdHQ3FCdz2nsF5ljL5T01uuyXOfCUbfQxrzOtmaKm5J0v0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bc836bb817200-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bonepa.com/js/responsive.js
200 OK 0 B URL HTTP/2 bonepa.com/js/responsive.js
IP
ASN #201702 skHosting.eu s.r.o.
Analyzer Verdict Alert fortinet Phishing
GET /js/responsive.js HTTP/1.1
Host: bonepa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Cookie: used_ad2706804=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 17:03:38 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 13:52:39 GMT
etag: W/"63627627-e32"
content-encoding: br
X-Firefox-Spdy: h2
cdn.jsdelivr.cc/npm/lazyload@2.0.0-rc.2/lazyload.min.js
200 OK 0 B URL HTTP/2 cdn.jsdelivr.cc/npm/lazyload@2.0.0-rc.2/lazyload.min.js
IP
GET /npm/lazyload@2.0.0-rc.2/lazyload.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:03:38 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycduIPxBxn9HV1RvlxQW5n8gWMNt2gH6LJACR5zSppFALBLzrzJxa_8ctHWVRnxFIChP9qRRTmrjDnfJ9VGLfuaiuefHrtsZR
x-goog-generation: 1647502963816044
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 4798
x-goog-hash: crc32c=lted8w==, md5=3G3pgTxxS6mXM8pPtdOh+g==
x-goog-storage-class: STANDARD
expires: Mon, 30 Jan 2023 17:01:53 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:42:43 GMT
etag: W/"dc6de9813c714ba99733ca4fb5d3a1fa"
age: 2244
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iB14H2C16N%2B%2FzGk2ET0BELFYCQSFqeKywWFrZpg5Llm8XW7aIznFTH0qXGibPUl7lRcyxcxrLR%2BFSwNDch6gjiRgOG6VWvRDrVMTU7wQqAeNlJzKCx%2BZvrTS0Pf2SU%2BcnzU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bc836bb7b7200-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/js/bootstrap.min.js
200 OK 0 B URL HTTP/2 cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/js/bootstrap.min.js
IP
GET /npm/bootstrap@4.6.0/dist/js/bootstrap.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 17:03:38 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycdu1uLyqvDmhguSZuTbI1iQCXdFSsjn9qfpazj_rw9BTzdDYAlrjdbWX5xLwqRvP4JuzcRyzK0e7bN4Tq1Un0CU
expires: Mon, 30 Jan 2023 16:54:45 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:36:54 GMT
etag: W/"c99230d2575380d7f95ff626606d2426"
x-goog-generation: 1647502614200576
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 63473
x-goog-hash: crc32c=x2l+AA==, md5=yZIw0ldTgNf5X/YmYG0kJg==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 1448
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZJXxVpsO4Em11RxWStGQbGbcvmhmI9Dyw%2FaPSIFli4Ezc2pdUNzfekmQosTX46MrqTC2NfuqMUcN86bTfE0Zi6KpBHytu4utObONmJpJpa%2BbsiDeZaeUbnxrVtX0QINxS%2FM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 791bc836ab567200-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bonepa.com/4fe48aebd6/4f59451604/?placementName=Under&is_first=true&randomA=0_260&maxw=0
200 OK 0 B URL HTTP/2 bonepa.com/4fe48aebd6/4f59451604/?placementName=Under&is_first=true&randomA=0_260&maxw=0
IP
ASN #201702 skHosting.eu s.r.o.
GET /4fe48aebd6/4f59451604/?placementName=Under&is_first=true&randomA=0_260&maxw=0 HTTP/1.1
Host: bonepa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jzupsq.cyou/
Cookie: shown1=0; total_impressions=1; used_ad2706804=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 17:03:40 GMT
content-type: text/html; charset=UTF-8
set-cookie: shown1=0; expires=Tue, 31-Jan-2023 17:03:40 GMT; Max-Age=86400; secure; SameSite=None
used_ad2633278=1; expires=Tue, 31-Jan-2023 04:59:59 GMT; Max-Age=42979; path=/; secure; SameSite=None
total_impressions=2; expires=Tue, 31-Jan-2023 04:59:59 GMT; Max-Age=42979; secure; SameSite=None
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
172.67.153.233
185.66.201.42
104.21.12.234
93.184.220.29
103.235.46.191
23.36.76.226