r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 381442da2a14cb93770f4c8f6e19d35b
31c48467751e2450a63004c57eea0c7872023eaf
61b0985f47033bd7020ab3b8cdcbc6c17be6ab9b6feba69e006088b78e21c0f0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61B0985F47033BD7020AB3B8CDCBC6C17BE6AB9B6FEBA69E006088B78E21C0F0"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2565
Expires: Fri, 16 Dec 2022 22:17:58 GMT
Date: Fri, 16 Dec 2022 21:35:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4a5e9bc8b7891ac5f4552c29bcbaedb0
39735081eeb64eae477c61c1147daeb68fb37b22
c465efaf205ff2992af02c16187ca14a658cd5335b892903374f3adab32a8cd9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C465EFAF205FF2992AF02C16187CA14A658CD5335B892903374F3ADAB32A8CD9"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11688
Expires: Sat, 17 Dec 2022 00:50:01 GMT
Date: Fri, 16 Dec 2022 21:35:13 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 16 Dec 2022 21:34:03 GMT
content-type: application/json
age: 71
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 555fc6e99ad3bf077d1c4b9b805e428d
4e800fc8e809a950288df0e94992084647762561
fac00cada519279717e2a13528cb202d292fc92ed5eb42782c41f8e7b9509eaf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAC00CADA519279717E2A13528CB202D292FC92ED5EB42782C41F8E7B9509EAF"
Last-Modified: Fri, 16 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2815
Expires: Fri, 16 Dec 2022 22:22:09 GMT
Date: Fri, 16 Dec 2022 21:35:14 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: p32O4mysU5//U7r6CSN/FGADLzk9RZA4cMakd6apZEzsJT33c9bwdGv+uRN/Kb+M6k5+eNabgL6GUwR6LFv1ag==
x-amz-request-id: 44D7EEACBV3339F0
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 16 Dec 2022 20:53:23 GMT
age: 2511
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
czjilce-aqg-6.tk/nene/login.globalsources.com/error.php?email=
162.241.87.224200 OK 12 kB URL HTTP/1.1 czjilce-aqg-6.tk/nene/login.globalsources.com/error.php?email=
IP 162.241.87.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (597), with CRLF line terminators
Hash 2a23682e6c344b2d2b01dc13d0e8c2ff
7373290b4cce98841e2e4c72baf57971cc55e68e
f6de24cb3a3a13acc164ec1d88c628c6bbe7280c7082c50f97bce4e4df3578e9
Analyzer Verdict Alert openphish Global Sources (HK)
fortinet Phishing
quad9 Sinkholed
GET /nene/login.globalsources.com/error.php?email= HTTP/1.1
Host: czjilce-aqg-6.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 21:35:13 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 16 Dec 2022 21:35:14 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 16 Dec 2022 21:08:00 GMT
age: 1634
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 142400be99b933ea5e0c68ea6a6b3e89
80e94132940e5ebe69dd0a03396764127b8fda49
20e8cde3c6907a3c5d97fe9fbcf6a44035e1f7482f7e166adb2c38a30a9084ea
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5552
Cache-Control: max-age=133450
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 21:35:14 GMT
Etag: "639c352c-1d7"
Expires: Sun, 18 Dec 2022 10:39:24 GMT
Last-Modified: Fri, 16 Dec 2022 09:06:52 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.34.4.233101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.34.4.233:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7I+76o5kXJw0mzWUM2HePg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: d4CryBK+LrSceVQvDjBSHD69kQM=
login.globalsources.com/sso/gsol/pex/en/balat/images/APPEDU_LOGO_GOOGLE.JPG
107.154.199.39200 OK 4.7 kB URL HTTP/2 login.globalsources.com/sso/gsol/pex/en/balat/images/APPEDU_LOGO_GOOGLE.JPG
IP 107.154.199.39:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 142x46, components 3\012- data
Hash f68d2d065e34993ce6e4b832737c7147
8e799c63bd8292de2f320b8afa23524107773266
b0501c9294231206d2aeb28e8bbd622910de7fc139e02756dc339cb9a68d017f
GET /sso/gsol/pex/en/balat/images/APPEDU_LOGO_GOOGLE.JPG HTTP/1.1
Host: login.globalsources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Dec 2022 21:35:15 GMT
content-type: image/jpeg
content-length: 4667
set-cookie: AWSALBTG=pmfqzF3iyJjf21bOQr5lWjz7gn+bq0j9XhhEtrMY8wHGP8FLZgSgKOp1WO5gxAvVtCp+du5vssDvYXRp0WkqXIGsX3HujaytsWAaqVrjRTQKZZxfqrHZIXX8N0ElMQ7OnjJrfWUdU54YiBj8HglVIzPsJqQbnjO2a+dGI5Fp9LqT; Expires=Fri, 23 Dec 2022 21:35:15 GMT; Path=/
AWSALBTGCORS=pmfqzF3iyJjf21bOQr5lWjz7gn+bq0j9XhhEtrMY8wHGP8FLZgSgKOp1WO5gxAvVtCp+du5vssDvYXRp0WkqXIGsX3HujaytsWAaqVrjRTQKZZxfqrHZIXX8N0ElMQ7OnjJrfWUdU54YiBj8HglVIzPsJqQbnjO2a+dGI5Fp9LqT; Expires=Fri, 23 Dec 2022 21:35:15 GMT; Path=/; SameSite=None; Secure
AWSALB=uYMARh1rXXOCqCpKVHm4jLfRxxk2k7bceMtKr5+sB9OE4ng0DOnePdzAeHldv7Yon5hi6JExtwhvHp+7cESke9pQjApWmDs6ur4oMeoynm69VbTCsxqNJZCEKeDE; Expires=Fri, 23 Dec 2022 21:35:15 GMT; Path=/
AWSALBCORS=uYMARh1rXXOCqCpKVHm4jLfRxxk2k7bceMtKr5+sB9OE4ng0DOnePdzAeHldv7Yon5hi6JExtwhvHp+7cESke9pQjApWmDs6ur4oMeoynm69VbTCsxqNJZCEKeDE; Expires=Fri, 23 Dec 2022 21:35:15 GMT; Path=/; SameSite=None; Secure
nlbi_2766148=cp5BU7CQU2Sra1kgOJREPwAAAADqYekwKTFU+j/Jk10e2Dck; path=/; Domain=.globalsources.com
visid_incap_2766148=Aw4jcfZzTsijq0vIfRm+4JLknGMAAAAAQUIPAAAAAABS007Um+OhNEvcDadNcy0h; expires=Fri, 15 Dec 2023 22:29:35 GMT; HttpOnly; path=/; Domain=.globalsources.com
incap_ses_277_2766148=A4IzDjQ93yVOdftgiBrYA5LknGMAAAAAuJtZ4RvPrO05W8d8xJC0hA==; path=/; Domain=.globalsources.com
last-modified: Sun, 31 Oct 2021 12:47:51 GMT
accept-ranges: bytes
cache-control: no-cache
pragma: no-cache
expires: Mon, 01 Jan 1999 00:00:00 GMT
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' *.globalsources.com; upgrade-insecure-requests;
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.globalsources.com ; form-action 'none' data: blob: ; frame-ancestors 'self' ; report-uri /csp_report
x-iinfo: 7-68118226-68118231 pNNN RT(1671226514031 52) q(0 0 5 1) r(7 7) U2
X-Firefox-Spdy: h2
login.globalsources.com/sso/gsol/pex/en/balat/images/BLANK.GIF
107.154.199.39200 OK 43 B URL HTTP/2 login.globalsources.com/sso/gsol/pex/en/balat/images/BLANK.GIF
IP 107.154.199.39:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55fade2068e7503eae8d7ddf5eb6bd09
317496a096d6c86486a71d4521994bcd171a6bb3
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
GET /sso/gsol/pex/en/balat/images/BLANK.GIF HTTP/1.1
Host: login.globalsources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Dec 2022 21:35:15 GMT
content-type: image/gif
content-length: 43
set-cookie: AWSALBTG=jp07A9/XMOL0PnuvkDTGp5iyXGPIy+rVM5bk3u9dfga2K465NhXTdwc0ooMjRp1Lrl2zMK1IEdkL+nybfsN5gnTUBvIdv6deAKknKcnKtPDR2YnPmMOO0Y85+WTJj0r9SypLLC/CzbeItMqUjB7iwYwHxftxo/w5mp9bcA/jZhq+; Expires=Fri, 23 Dec 2022 21:35:15 GMT; Path=/
AWSALBTGCORS=jp07A9/XMOL0PnuvkDTGp5iyXGPIy+rVM5bk3u9dfga2K465NhXTdwc0ooMjRp1Lrl2zMK1IEdkL+nybfsN5gnTUBvIdv6deAKknKcnKtPDR2YnPmMOO0Y85+WTJj0r9SypLLC/CzbeItMqUjB7iwYwHxftxo/w5mp9bcA/jZhq+; Expires=Fri, 23 Dec 2022 21:35:15 GMT; Path=/; SameSite=None; Secure
AWSALB=l0MN3LAhpGSANnp9QfPcuFbmuSbWfd2hq26t6Ud3rJSOvLMF49vuYzwqUQDDLm5nQ7k4YWYEPo6/p/pSIoyXet5xq9xPKrufy15l9H/5KoRqgF0QZh1JigK1G4oJ; Expires=Fri, 23 Dec 2022 21:35:15 GMT; Path=/
AWSALBCORS=l0MN3LAhpGSANnp9QfPcuFbmuSbWfd2hq26t6Ud3rJSOvLMF49vuYzwqUQDDLm5nQ7k4YWYEPo6/p/pSIoyXet5xq9xPKrufy15l9H/5KoRqgF0QZh1JigK1G4oJ; Expires=Fri, 23 Dec 2022 21:35:15 GMT; Path=/; SameSite=None; Secure
nlbi_2766148=eVHHT4I5+iWF7RskOJREPwAAAADZsBcXkNNcVNo37aXNeqP8; path=/; Domain=.globalsources.com
visid_incap_2766148=Aw4jcfZzTsijq0vIfRm+4JLknGMAAAAAQUIPAAAAAABS007Um+OhNEvcDadNcy0h; expires=Fri, 15 Dec 2023 22:29:35 GMT; HttpOnly; path=/; Domain=.globalsources.com
incap_ses_277_2766148=ABOacgTl9FhOdftgiBrYA5LknGMAAAAA+7caYM88ITxn1+ucKtnfFA==; path=/; Domain=.globalsources.com
last-modified: Thu, 28 Apr 2022 06:31:57 GMT
accept-ranges: bytes
cache-control: no-cache
pragma: no-cache
expires: Mon, 01 Jan 1999 00:00:00 GMT
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' *.globalsources.com; upgrade-insecure-requests;
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.globalsources.com ; form-action 'none' data: blob: ; frame-ancestors 'self' ; report-uri /csp_report
x-iinfo: 7-68118226-68118231 pNNN RT(1671226514031 54) q(0 1 5 2) r(9 9) U2
X-Firefox-Spdy: h2
login.globalsources.com/sso/gsol/pex/en/balat/images/GSLOGIN_PROMO_PIC.JPG
107.154.199.39200 OK 65 kB URL HTTP/2 login.globalsources.com/sso/gsol/pex/en/balat/images/GSLOGIN_PROMO_PIC.JPG
IP 107.154.199.39:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 456x555, components 3\012- data
Hash f4cfa4fb0267a0184bc6caa933d39633
7871c922ca703ddf022e5cf32d70de76ea42be16
a333d615df16eae983fc674e1e06c445d08bc440cb16eff950ec7570d98c3206
GET /sso/gsol/pex/en/balat/images/GSLOGIN_PROMO_PIC.JPG HTTP/1.1
Host: login.globalsources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Dec 2022 21:35:15 GMT
content-type: image/jpeg
content-length: 64609
set-cookie: AWSALBTG=aTIgu9EcUXSUkPpE3FNC4m9ISMP3fmy/jYwMdF6n9CksxJfHrVLQivdPjGfxL+qPr4zeOhwY1aKwPfP4sHaHw9+woBr7k3LkSpIrsoqCkwBEULQ4HmVpDcBhXyW44ey7yzmM+wWoSQRt9LnivBLWoJrk8hYZwdEZ7f8WnSksD8RX; Expires=Fri, 23 Dec 2022 21:35:15 GMT; Path=/
AWSALBTGCORS=aTIgu9EcUXSUkPpE3FNC4m9ISMP3fmy/jYwMdF6n9CksxJfHrVLQivdPjGfxL+qPr4zeOhwY1aKwPfP4sHaHw9+woBr7k3LkSpIrsoqCkwBEULQ4HmVpDcBhXyW44ey7yzmM+wWoSQRt9LnivBLWoJrk8hYZwdEZ7f8WnSksD8RX; Expires=Fri, 23 Dec 2022 21:35:15 GMT; Path=/; SameSite=None; Secure
AWSALB=XW4iJDDR+rtkxOEKGgp1Lrj5u/oybbKFF3eo7FshjfAApj1dZIAQqgsLj6Act5ZA28Pi6IiXiiGoqLT443WXtdzJfYdaLR0LHA+BpZqyBzdb+fZXD9NH0lmotBo2; Expires=Fri, 23 Dec 2022 21:35:15 GMT; Path=/
AWSALBCORS=XW4iJDDR+rtkxOEKGgp1Lrj5u/oybbKFF3eo7FshjfAApj1dZIAQqgsLj6Act5ZA28Pi6IiXiiGoqLT443WXtdzJfYdaLR0LHA+BpZqyBzdb+fZXD9NH0lmotBo2; Expires=Fri, 23 Dec 2022 21:35:15 GMT; Path=/; SameSite=None; Secure
nlbi_2766148=g43MFS46PFw0HUI9OJREPwAAAAA0gjRJ0aJlgSsFVaT+JYVg; path=/; Domain=.globalsources.com
visid_incap_2766148=Aw4jcfZzTsijq0vIfRm+4JLknGMAAAAAQUIPAAAAAABS007Um+OhNEvcDadNcy0h; expires=Fri, 15 Dec 2023 22:29:35 GMT; HttpOnly; path=/; Domain=.globalsources.com
incap_ses_277_2766148=UVobMFPDiXhOdftgiBrYA5LknGMAAAAALNc9sE4muD7YFDs/VBBjpg==; path=/; Domain=.globalsources.com
last-modified: Sun, 31 Oct 2021 12:47:51 GMT
accept-ranges: bytes
cache-control: no-cache
pragma: no-cache
expires: Mon, 01 Jan 1999 00:00:00 GMT
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' *.globalsources.com; upgrade-insecure-requests;
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.globalsources.com ; form-action 'none' data: blob: ; frame-ancestors 'self' ; report-uri /csp_report
x-iinfo: 7-68118226-68118231 pNNN RT(1671226514031 54) q(0 0 5 0) r(9 9) U2
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0e5a8cf5962c05bf28a3b45f5c8745e2
9c5d7e8aeab26f9fd2e753ab4dc65d6fa8ea955f
f614642045fcd0ee373ed6cabe67514f4bb54c7fb4f1181b52eaec12d7e0479e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F614642045FCD0EE373ED6CABE67514F4BB54C7FB4F1181B52EAEC12D7E0479E"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12626
Expires: Sat, 17 Dec 2022 01:05:41 GMT
Date: Fri, 16 Dec 2022 21:35:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0e5a8cf5962c05bf28a3b45f5c8745e2
9c5d7e8aeab26f9fd2e753ab4dc65d6fa8ea955f
f614642045fcd0ee373ed6cabe67514f4bb54c7fb4f1181b52eaec12d7e0479e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F614642045FCD0EE373ED6CABE67514F4BB54C7FB4F1181B52EAEC12D7E0479E"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12626
Expires: Sat, 17 Dec 2022 01:05:41 GMT
Date: Fri, 16 Dec 2022 21:35:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0e5a8cf5962c05bf28a3b45f5c8745e2
9c5d7e8aeab26f9fd2e753ab4dc65d6fa8ea955f
f614642045fcd0ee373ed6cabe67514f4bb54c7fb4f1181b52eaec12d7e0479e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F614642045FCD0EE373ED6CABE67514F4BB54C7FB4F1181B52EAEC12D7E0479E"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12626
Expires: Sat, 17 Dec 2022 01:05:41 GMT
Date: Fri, 16 Dec 2022 21:35:15 GMT
Connection: keep-alive
login.globalsources.com/sso/gsol/pex/en/balat/includes/SSO.CSS
107.154.199.39200 OK 9.9 kB URL HTTP/2 login.globalsources.com/sso/gsol/pex/en/balat/includes/SSO.CSS
IP 107.154.199.39:0
Hash 24485c4635889ab4cff2ae66f9c994b9
9bf46d428b0189ec10be887394c29c7a713736ff
8d8f2d19afb06fafef7ac2d3c1c9704902fc34412a9291c81559e1acdf4d0c92
GET /sso/gsol/pex/en/balat/includes/SSO.CSS HTTP/1.1
Host: login.globalsources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 16 Dec 2022 21:35:15 GMT
content-type: text/css
set-cookie: AWSALBTG=af3s7KtXM7pPXZgqQ/HkfUWwLO7yueLeb40SOHYv1kkjfJ/0hgHIMgVFqKZprrdg6m+JOvD4nliWxnSKGPfCL6VCp/Ty9E/9Se7iWDspq5En1AQ4pV2WEeI2Kak4fVZs2v0j1/TwVc0vrutJWV2/45o6xbD9loUxpAfKz2OLbZaJ; Expires=Fri, 23 Dec 2022 21:35:15 GMT; Path=/
AWSALBTGCORS=af3s7KtXM7pPXZgqQ/HkfUWwLO7yueLeb40SOHYv1kkjfJ/0hgHIMgVFqKZprrdg6m+JOvD4nliWxnSKGPfCL6VCp/Ty9E/9Se7iWDspq5En1AQ4pV2WEeI2Kak4fVZs2v0j1/TwVc0vrutJWV2/45o6xbD9loUxpAfKz2OLbZaJ; Expires=Fri, 23 Dec 2022 21:35:15 GMT; Path=/; SameSite=None; Secure
AWSALB=BgA134QCJ/gyrhvx2S05uPCNSnheMqpI0a78V2+HSsAKnWvbWmPGCThLDNUlemr0SlqiQei6aGG0KtKy97SuPPSY12/fkf83GrjU2f/+XHSpyciLZpi56qNsnRHH; Expires=Fri, 23 Dec 2022 21:35:15 GMT; Path=/
AWSALBCORS=BgA134QCJ/gyrhvx2S05uPCNSnheMqpI0a78V2+HSsAKnWvbWmPGCThLDNUlemr0SlqiQei6aGG0KtKy97SuPPSY12/fkf83GrjU2f/+XHSpyciLZpi56qNsnRHH; Expires=Fri, 23 Dec 2022 21:35:15 GMT; Path=/; SameSite=None; Secure
nlbi_2766148=0vggfL6D80acePLuOJREPwAAAABl4Ze3GcwYXrqwdurxoUCj; path=/; Domain=.globalsources.com
visid_incap_2766148=Aw4jcfZzTsijq0vIfRm+4JLknGMAAAAAQUIPAAAAAABS007Um+OhNEvcDadNcy0h; expires=Fri, 15 Dec 2023 22:29:35 GMT; HttpOnly; path=/; Domain=.globalsources.com
incap_ses_277_2766148=ess7Ymod+T9OdftgiBrYA5PknGMAAAAAg9AoHPM2Z3dNWNWhEsLcyg==; path=/; Domain=.globalsources.com
last-modified: Thu, 28 Apr 2022 06:31:57 GMT
cache-control: no-cache
pragma: no-cache
expires: Mon, 01 Jan 1999 00:00:00 GMT
content-encoding: gzip
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' *.globalsources.com; upgrade-insecure-requests;
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.globalsources.com ; form-action 'none' data: blob: ; frame-ancestors 'self' ; report-uri /csp_report
x-iinfo: 7-68118226-68118231 nNNN RT(1671226514031 44) q(0 0 5 2) r(12 12) U2
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0e5a8cf5962c05bf28a3b45f5c8745e2
9c5d7e8aeab26f9fd2e753ab4dc65d6fa8ea955f
f614642045fcd0ee373ed6cabe67514f4bb54c7fb4f1181b52eaec12d7e0479e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F614642045FCD0EE373ED6CABE67514F4BB54C7FB4F1181B52EAEC12D7E0479E"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12626
Expires: Sat, 17 Dec 2022 01:05:41 GMT
Date: Fri, 16 Dec 2022 21:35:15 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62fa3452-e15b-41dd-b257-cd6d8cfaea78.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62fa3452-e15b-41dd-b257-cd6d8cfaea78.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c89c607de35e59fa4b8f79762af0f269
362e1b907abcaccb16b3750c21ed04e4fa91f04c
7b9a28ad984bc7544d0798ff38cf8e1ce9f2f21a0112c18ee127a7566ba683e4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62fa3452-e15b-41dd-b257-cd6d8cfaea78.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5791
x-amzn-requestid: 2fb8518c-1fe3-426e-94ed-eea686005473
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dNRKYHeoIAMFgKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639b9575-0e312c40469090d033c6fc6a;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 21:45:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -baQ_JUiZDWWBIizZVrOZrXdHTSgQbIJubNqHqA7Zjj-eKTvCNfKSg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 22:09:08 GMT
age: 84367
etag: "362e1b907abcaccb16b3750c21ed04e4fa91f04c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33ea75fa-e30c-4f7a-b0f6-24942168a508.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33ea75fa-e30c-4f7a-b0f6-24942168a508.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 83be48c5771e071d94ac0d912357ac99
97e31d3e2c268fe9335e1111bd2eb8cc9dd729d1
dc7eaffae4521f6bc297ce21c0abe99fe92bf8938266b550f8e38ff9705bdeda
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33ea75fa-e30c-4f7a-b0f6-24942168a508.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11196
x-amzn-requestid: 1bcdd4c6-14db-40bc-90aa-226a0e411a09
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dNQQJFFeIAMFQgQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639b9400-65c676d06a24e0252e8828dc;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 21:39:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: clnZ4iIDmF0oSqQv7wWwYt-KHO6U1Lp7hz706oDCBLhP3szyWQiDLw==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 22:08:33 GMT
age: 84402
etag: "97e31d3e2c268fe9335e1111bd2eb8cc9dd729d1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d00649e-5d91-47ca-9c8d-62f5c119bb77.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d00649e-5d91-47ca-9c8d-62f5c119bb77.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a0aed397b2418a0fa2cc65d94bcd070e
51394eab37b0b4af7eb384fec3b9e63a84d95f8c
7906dbc6b4819f56b53e37db58b6adb8dceb197cf69dc63d58ad1b8d4696d9f7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d00649e-5d91-47ca-9c8d-62f5c119bb77.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6708
x-amzn-requestid: d3ff70f6-e1fd-49ab-8bdb-7e300cffb565
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dNQQJFqTIAMF15A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639b9400-558b82c515f5055721aa1e95;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 21:39:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qirEt30It1kgWA7fQoh1awdE_rquSiEtUicC8HlcpXCbY006lJXFPw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 22:21:06 GMT
age: 83649
etag: "51394eab37b0b4af7eb384fec3b9e63a84d95f8c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4be35fbc-e4f0-449f-a4a6-8630871dbbca.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4be35fbc-e4f0-449f-a4a6-8630871dbbca.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3ffaf7e3899d2e846612269608ae1286
07e6d729ad09430b483f44c16146dd2707935314
0d101f77b5159818bdac6fd41d43df60d95a08cebea93b9c661d5694a2d92f54
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4be35fbc-e4f0-449f-a4a6-8630871dbbca.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11887
x-amzn-requestid: 1bd2cd9d-d47b-4c67-ab16-9b9b6126fcd6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dNQ9ME94IAMFzWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639b9521-1f916ee5306bdb53701cba5a;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 21:44:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CPFHf2jkYX-Eas9cB8nUrwbbdc1b5HOkQmMosBIUXlQxkK8VXRz8ng==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 22:15:42 GMT
age: 83973
etag: "07e6d729ad09430b483f44c16146dd2707935314"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
login.globalsources.com/sso/gsol/pex/en/balat/includes/SSO.JS
107.154.199.39200 OK 17 kB URL HTTP/2 login.globalsources.com/sso/gsol/pex/en/balat/includes/SSO.JS
IP 107.154.199.39:0
Hash d5518448b3924294f94d968e6cf1be06
300f9490907d12fb76d7c2356be49be7d1743037
d63e23e705915c853d17d7b597b27171043bd5dbcca987228b7d5357a873601f
GET /sso/gsol/pex/en/balat/includes/SSO.JS HTTP/1.1
Host: login.globalsources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Dec 2022 21:35:15 GMT
content-type: application/x-javascript
set-cookie: AWSALBTG=A58wVWGgcIqrmkqaF7i1YU3TYT1bSZ9/XS0DqNCUCh6Diz2BZ0yMfS2u0sg/2CYnzhP/Ir2zXikqGLqSh2D/xLhnkzl80xJ7YUQWvRGrGTldtHs7gEE3+7QTTvSaDPaNGaxvRnqHcqW3hDXOO0s045uE3B/cHnxayZhGevVqKqIJ; Expires=Fri, 23 Dec 2022 21:35:15 GMT; Path=/
AWSALBTGCORS=A58wVWGgcIqrmkqaF7i1YU3TYT1bSZ9/XS0DqNCUCh6Diz2BZ0yMfS2u0sg/2CYnzhP/Ir2zXikqGLqSh2D/xLhnkzl80xJ7YUQWvRGrGTldtHs7gEE3+7QTTvSaDPaNGaxvRnqHcqW3hDXOO0s045uE3B/cHnxayZhGevVqKqIJ; Expires=Fri, 23 Dec 2022 21:35:15 GMT; Path=/; SameSite=None; Secure
AWSALB=N7EvvNoSQzNMOuIw4W5Yu6JDGgGEV/HnrRwY1YlVxLcralwX2aqQsEe5H91I+NnvGEN9vgHglKLYHaSmsFP97NmfJRUP1Z8hbV8rVNuZp3vtGgpzZvuTE9JAhQq7; Expires=Fri, 23 Dec 2022 21:35:15 GMT; Path=/
AWSALBCORS=N7EvvNoSQzNMOuIw4W5Yu6JDGgGEV/HnrRwY1YlVxLcralwX2aqQsEe5H91I+NnvGEN9vgHglKLYHaSmsFP97NmfJRUP1Z8hbV8rVNuZp3vtGgpzZvuTE9JAhQq7; Expires=Fri, 23 Dec 2022 21:35:15 GMT; Path=/; SameSite=None; Secure
nlbi_2766148=eHyxB/Huvlqror6NOJREPwAAAADjYH/2SJ5p7/QR04mSgeaD; path=/; Domain=.globalsources.com
visid_incap_2766148=Aw4jcfZzTsijq0vIfRm+4JLknGMAAAAAQUIPAAAAAABS007Um+OhNEvcDadNcy0h; expires=Fri, 15 Dec 2023 22:29:35 GMT; HttpOnly; path=/; Domain=.globalsources.com
incap_ses_277_2766148=xC5mQkGP8XlOdftgiBrYA5LknGMAAAAAyUP76fxjUrBUP3ifMo//+w==; path=/; Domain=.globalsources.com
last-modified: Thu, 28 Apr 2022 06:28:08 GMT
cache-control: no-cache
pragma: no-cache
expires: Mon, 01 Jan 1999 00:00:00 GMT
content-encoding: gzip
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' *.globalsources.com; upgrade-insecure-requests;
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.globalsources.com ; form-action 'none' data: blob: ; frame-ancestors 'self' ; report-uri /csp_report
x-iinfo: 7-68118226-68118231 pNNN RT(1671226514031 45) q(0 0 5 3) r(9 9) U2
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4368d88-830e-4776-bbdb-c2457233983a.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4368d88-830e-4776-bbdb-c2457233983a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8b031e56b256ee8ed21093f8c5398815
ef4ac091b1804b68c1d8e073d73f7a57e08739a6
f332c68ba6b31d67c02d16412c85e760cbc2e7a67073876c8799365e80b6dbab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4368d88-830e-4776-bbdb-c2457233983a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9851
x-amzn-requestid: 38f12682-d3c4-4e4f-9b24-afe81ca85dde
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c-FX9FsVoAMF5AQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63958299-3d25cec26bcb2ccf73e3526f;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 07:11:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dBS9TPBeVScdBuJSzheNE2lvUb3RqZTfZjJkWcbyuwkyhu0HrFmkIQ==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Dec 2022 16:39:15 GMT
age: 17760
etag: "ef4ac091b1804b68c1d8e073d73f7a57e08739a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
login.globalsources.com/sso/gsol/pex/en/balat/images/APPEDU_LOGO_APP.JPG
107.154.199.39200 OK 4.3 kB URL HTTP/2 login.globalsources.com/sso/gsol/pex/en/balat/images/APPEDU_LOGO_APP.JPG
IP 107.154.199.39:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 142x46, components 3\012- data
Hash 3416d1e30f078febf83bad93f15f7ba6
2997b26ac512fd945f5c1ef64e3bcf178ee47f6b
900774ab9d108ddeee13c38f67680d8b855588ab4b3c37949fa79f4b15c4e3a9
GET /sso/gsol/pex/en/balat/images/APPEDU_LOGO_APP.JPG HTTP/1.1
Host: login.globalsources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Dec 2022 21:35:15 GMT
content-type: image/jpeg
content-length: 4284
set-cookie: AWSALBTG=jTXtRXMXTONiDYqZvuyB/UO7fv2/Dto7NSrXoM6csHX3D+zw32TPYb0Pia9C8BhPTk+4xB5k/cagcRE1s4Oj0mHgP5l9nLwi8gHqXqP192rONcH/wE0mEytkQvPrIgy/XQfOS2XfeUochNjiD/nJfbQqDEvmvUI53QWEOiHoFkio; Expires=Fri, 23 Dec 2022 21:35:15 GMT; Path=/
AWSALBTGCORS=jTXtRXMXTONiDYqZvuyB/UO7fv2/Dto7NSrXoM6csHX3D+zw32TPYb0Pia9C8BhPTk+4xB5k/cagcRE1s4Oj0mHgP5l9nLwi8gHqXqP192rONcH/wE0mEytkQvPrIgy/XQfOS2XfeUochNjiD/nJfbQqDEvmvUI53QWEOiHoFkio; Expires=Fri, 23 Dec 2022 21:35:15 GMT; Path=/; SameSite=None; Secure
AWSALB=BkXg9Kb3S5C/o6A9oKMxGqCQbc6eGed4//44ylmDqE9aSEb+Yv9e0ZpoV/hVCrpw3SbqGS1ksPGJTXUROWR+92NEPzwTgpctFVYlPNleMyZ4CB14DpYrGdMJxRpl; Expires=Fri, 23 Dec 2022 21:35:15 GMT; Path=/
AWSALBCORS=BkXg9Kb3S5C/o6A9oKMxGqCQbc6eGed4//44ylmDqE9aSEb+Yv9e0ZpoV/hVCrpw3SbqGS1ksPGJTXUROWR+92NEPzwTgpctFVYlPNleMyZ4CB14DpYrGdMJxRpl; Expires=Fri, 23 Dec 2022 21:35:15 GMT; Path=/; SameSite=None; Secure
nlbi_2766148=TxN8DRS11jpxY5rMOJREPwAAAACYO7PCqqmlF1l6C6Xl83Lg; path=/; Domain=.globalsources.com
visid_incap_2766148=Aw4jcfZzTsijq0vIfRm+4JLknGMAAAAAQUIPAAAAAABS007Um+OhNEvcDadNcy0h; expires=Fri, 15 Dec 2023 22:29:35 GMT; HttpOnly; path=/; Domain=.globalsources.com
incap_ses_277_2766148=3eJJIVvqmVxOdftgiBrYA5PknGMAAAAA/CKNf6Ca0cJ2BZvJjZZRCw==; path=/; Domain=.globalsources.com
last-modified: Sun, 31 Oct 2021 12:47:51 GMT
accept-ranges: bytes
cache-control: no-cache
pragma: no-cache
expires: Mon, 01 Jan 1999 00:00:00 GMT
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' *.globalsources.com; upgrade-insecure-requests;
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.globalsources.com ; form-action 'none' data: blob: ; frame-ancestors 'self' ; report-uri /csp_report
x-iinfo: 7-68118226-68118231 pNNN RT(1671226514031 50) q(0 0 5 0) r(14 14) U2
X-Firefox-Spdy: h2
login.globalsources.com/sso/gsol/pex/en/balat/images/GSLOGO.PNG
107.154.199.39200 OK 3.8 kB URL HTTP/2 login.globalsources.com/sso/gsol/pex/en/balat/images/GSLOGO.PNG
IP 107.154.199.39:0
File type PNG image data, 210 x 32, 8-bit colormap, non-interlaced\012- data
Hash a8656a61ac922e6b5e297627ae7b078a
fd0a07d76165669d22d9b8c1e930da9fb51aef22
465c8b941a45a964b3c73162a3357083c03e807f2eb45a6e0cc03658f686ece6
GET /sso/gsol/pex/en/balat/images/GSLOGO.PNG HTTP/1.1
Host: login.globalsources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Dec 2022 21:35:15 GMT
content-type: image/png
content-length: 3788
set-cookie: AWSALBTG=8TY1MH5G+sREc6NkcMaaTJXHi1kCTZ14pnYluUbDgvj+Qd192bOS5oYK/ke46iBUF7ysOaO5wZR8T3asVtwnrN9sz7I44LLYuap0BQhZjgJDr84jEVbTRXK6es5Pll4g7Rqf2Zw++b9M0vC0/FKBSaHrMk7hLB8RI3tpnglZUoxs; Expires=Fri, 23 Dec 2022 21:35:15 GMT; Path=/
AWSALBTGCORS=8TY1MH5G+sREc6NkcMaaTJXHi1kCTZ14pnYluUbDgvj+Qd192bOS5oYK/ke46iBUF7ysOaO5wZR8T3asVtwnrN9sz7I44LLYuap0BQhZjgJDr84jEVbTRXK6es5Pll4g7Rqf2Zw++b9M0vC0/FKBSaHrMk7hLB8RI3tpnglZUoxs; Expires=Fri, 23 Dec 2022 21:35:15 GMT; Path=/; SameSite=None; Secure
AWSALB=1UTAiLfeX9PMpb9xwo7j2z5YyAJf4coVGYJiRDSNNYfCCMWMTXEASLjXmlQNJWaU+nDwDcAUI+N5hi/6Q/ZicbDG0WaiBhTebETYurfF9KdfwToAABc7KdibxjHS; Expires=Fri, 23 Dec 2022 21:35:15 GMT; Path=/
AWSALBCORS=1UTAiLfeX9PMpb9xwo7j2z5YyAJf4coVGYJiRDSNNYfCCMWMTXEASLjXmlQNJWaU+nDwDcAUI+N5hi/6Q/ZicbDG0WaiBhTebETYurfF9KdfwToAABc7KdibxjHS; Expires=Fri, 23 Dec 2022 21:35:15 GMT; Path=/; SameSite=None; Secure
nlbi_2766148=3UiIGh2EzSqeJrL6OJREPwAAAAAu0Q8zcun4ct87sbQGSgzr; path=/; Domain=.globalsources.com
visid_incap_2766148=Aw4jcfZzTsijq0vIfRm+4JLknGMAAAAAQUIPAAAAAABS007Um+OhNEvcDadNcy0h; expires=Fri, 15 Dec 2023 22:29:35 GMT; HttpOnly; path=/; Domain=.globalsources.com
incap_ses_277_2766148=32LJbb5ywktOdftgiBrYA5PknGMAAAAA9URlxb0x9K6RH8hoAC6jJg==; path=/; Domain=.globalsources.com
last-modified: Thu, 28 Apr 2022 06:28:08 GMT
accept-ranges: bytes
cache-control: no-cache
pragma: no-cache
expires: Mon, 01 Jan 1999 00:00:00 GMT
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' *.globalsources.com; upgrade-insecure-requests;
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.globalsources.com ; form-action 'none' data: blob: ; frame-ancestors 'self' ; report-uri /csp_report
x-iinfo: 7-68118226-68118231 pNNN RT(1671226514031 45) q(0 0 5 3) r(14 14) U2
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-5CGM9T
142.250.74.40302 Found 250 B URL HTTP/1.1 www.googletagmanager.com/gtm.js?id=GTM-5CGM9T
IP 142.250.74.40:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 08dc1097c83d6f931819890010215132
651f4c8dec266bc1149c5009aeaff8b850c95cfa
45e607d3d26d0460dc67aded9e4bab3da0e230ad8656bc7cde02db523965d5f0
GET /gtm.js?id=GTM-5CGM9T HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtm.js?id=GTM-5CGM9T
Cross-Origin-Resource-Policy: cross-origin
Date: Fri, 16 Dec 2022 21:35:16 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 250
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8cffeaa037aa43ee5dd38d9bf940f0ec
385130d35323155499a61e73e16a9d9e7a6448b5
2938e838bf98de278488e22b736756400136c887e31b44fc608c4da2a07e6ae4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 21:35:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-5CGM9T
142.250.74.40200 OK 97 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-5CGM9T
IP 142.250.74.40:0
File type Unicode text, UTF-8 text, with very long lines (53281)
Hash e31c9f97834cc88d6a2444e798b03271
17afe870abca40d316904d59ed9a2fb6e0fc9a92
ec31cf6fa42668ae90d061a848b7fdbe760cefa80e8bab73aa78b06c7b72e555
GET /gtm.js?id=GTM-5CGM9T HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://czjilce-aqg-6.tk/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 16 Dec 2022 21:35:16 GMT
expires: Fri, 16 Dec 2022 21:35:16 GMT
cache-control: private, max-age=900
last-modified: Fri, 16 Dec 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 96816
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
analytics.analytics-egain.com/onetag/EG48975170
34.249.19.88400 94 B URL HTTP/1.1 analytics.analytics-egain.com/onetag/EG48975170
IP 34.249.19.88:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7c2244849ceda3c6e2bb50114f6058fb
d256ae299f5db884f47827d10825f70724506fa3
d1e261174189998690fd10b216468c539fddb4c0beee035d76e29fac38a378a7
GET /onetag/EG48975170 HTTP/1.1
Host: analytics.analytics-egain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
HTTP/1.1 400
Date: Fri, 16 Dec 2022 21:35:16 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Server:
Cache-Control: no-cache
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8cffeaa037aa43ee5dd38d9bf940f0ec
385130d35323155499a61e73e16a9d9e7a6448b5
2938e838bf98de278488e22b736756400136c887e31b44fc608c4da2a07e6ae4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 21:35:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
login.globalsources.com/sso/gsol/pex/en/balat/images/LINKEDIN_BUTTON.PNG
107.154.199.39200 OK 1.6 kB URL HTTP/2 login.globalsources.com/sso/gsol/pex/en/balat/images/LINKEDIN_BUTTON.PNG
IP 107.154.199.39:0
File type PNG image data, 146 x 63, 8-bit colormap, non-interlaced\012- data
Hash db7ada75691e9de834f24b8e1ca09a9d
e7dacc636b096ab8e4ed8380475b97b39b356ebb
d0f108ac5521a079f476c836ca9612310bd8da9e75ba91ff412653453939ae51
GET /sso/gsol/pex/en/balat/images/LINKEDIN_BUTTON.PNG HTTP/1.1
Host: login.globalsources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://login.globalsources.com/sso/gsol/pex/en/balat/includes/SSO.CSS
Cookie: AWSALBTGCORS=8TY1MH5G+sREc6NkcMaaTJXHi1kCTZ14pnYluUbDgvj+Qd192bOS5oYK/ke46iBUF7ysOaO5wZR8T3asVtwnrN9sz7I44LLYuap0BQhZjgJDr84jEVbTRXK6es5Pll4g7Rqf2Zw++b9M0vC0/FKBSaHrMk7hLB8RI3tpnglZUoxs; AWSALBCORS=1UTAiLfeX9PMpb9xwo7j2z5YyAJf4coVGYJiRDSNNYfCCMWMTXEASLjXmlQNJWaU+nDwDcAUI+N5hi/6Q/ZicbDG0WaiBhTebETYurfF9KdfwToAABc7KdibxjHS
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Dec 2022 21:35:16 GMT
content-type: image/png
content-length: 1634
set-cookie: AWSALBTG=m0GmD5Eb2NXk4WHka0YGBK/PdYEC2N7/NoZJ2ImnytxAbnL3CISkG7Vw/6w0ptiTymESN2NTso+uBkmWgrfqpEuiS2G2NMoqu+QY9jJz/3+mZZE7oupcMS5e14Cft4Bj1Qj5g5OzAlj2lePmBQbylDlrDQjYiHD1mtu2m/Oi6Dg5; Expires=Fri, 23 Dec 2022 21:35:16 GMT; Path=/
AWSALBTGCORS=m0GmD5Eb2NXk4WHka0YGBK/PdYEC2N7/NoZJ2ImnytxAbnL3CISkG7Vw/6w0ptiTymESN2NTso+uBkmWgrfqpEuiS2G2NMoqu+QY9jJz/3+mZZE7oupcMS5e14Cft4Bj1Qj5g5OzAlj2lePmBQbylDlrDQjYiHD1mtu2m/Oi6Dg5; Expires=Fri, 23 Dec 2022 21:35:16 GMT; Path=/; SameSite=None; Secure
AWSALB=R0MyUlQjWQjWp4VMpxodnhjHLbby7iW1NjHZiDSEBDoqV+97pbNRmZzE4w5Jksi9xx6fBgGQYt1pWSSjQlRu3eHZN1TBgb475cWT7woplptbNZZUD6dg729VBUkV; Expires=Fri, 23 Dec 2022 21:35:16 GMT; Path=/
AWSALBCORS=R0MyUlQjWQjWp4VMpxodnhjHLbby7iW1NjHZiDSEBDoqV+97pbNRmZzE4w5Jksi9xx6fBgGQYt1pWSSjQlRu3eHZN1TBgb475cWT7woplptbNZZUD6dg729VBUkV; Expires=Fri, 23 Dec 2022 21:35:16 GMT; Path=/; SameSite=None; Secure
nlbi_2766148=qYpqMYbXi3z0ua68OJREPwAAAAAMItZmnjUcozzuMVI5C/Km; path=/; Domain=.globalsources.com
visid_incap_2766148=Aw4jcfZzTsijq0vIfRm+4JLknGMAAAAAQUIPAAAAAABS007Um+OhNEvcDadNcy0h; expires=Fri, 15 Dec 2023 22:29:35 GMT; HttpOnly; path=/; Domain=.globalsources.com
incap_ses_277_2766148=1SjPXlkNLCtOdftgiBrYA5PknGMAAAAAItoMAqycCqcM7YsNxqLSMA==; path=/; Domain=.globalsources.com
last-modified: Thu, 28 Apr 2022 06:28:08 GMT
accept-ranges: bytes
cache-control: no-cache
pragma: no-cache
expires: Mon, 01 Jan 1999 00:00:00 GMT
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' *.globalsources.com; upgrade-insecure-requests;
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.globalsources.com ; form-action 'none' data: blob: ; frame-ancestors 'self' ; report-uri /csp_report
x-iinfo: 7-68118226-68118231 pNNN RT(1671226514031 1481) q(0 0 0 0) r(2 2) U2
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-M0GFGLPMZ2&l=dataLayer&cx=c
142.250.74.40302 Found 278 B URL HTTP/1.1 www.googletagmanager.com/gtag/js?id=G-M0GFGLPMZ2&l=dataLayer&cx=c
IP 142.250.74.40:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 4febe4716d93c01917cc718ed52f0d1c
9437b5b65a71ae87dc652a40a0e030a6464991e4
3ff71e43c20bb1c8d9018a800fe877e8e4e46be21f0a051b402297f370eca77a
GET /gtag/js?id=G-M0GFGLPMZ2&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtag/js?id=G-M0GFGLPMZ2&l=dataLayer&cx=c
Cross-Origin-Resource-Policy: cross-origin
Date: Fri, 16 Dec 2022 21:35:16 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 278
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a9d455468a5e3f8b30c654fb21626252
b5b65eb57411f9bf660e455ee317abd6350d9aa2
c05be3db932af572f5b89e2da586008fd98f18f58b4c0977e5d2ad5c40f1dd79
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 21:35:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
js.adsrvr.org/up_loader.1.1.0.js
143.204.45.46200 OK 1.9 kB URL HTTP/1.1 js.adsrvr.org/up_loader.1.1.0.js
IP 143.204.45.46:0
File type ASCII text, with very long lines (4593), with no line terminators
Hash 8014ea74946aee77ef2f3b9a264be553
fda85fc27ac2f811e543c11436cf5623cbd46bb2
271b1db0f8cff912a931b78cedb32fd59adeb60025dbcbd7cc5add7d03c82f7c
GET /up_loader.1.1.0.js HTTP/1.1
Host: js.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Fri, 16 Dec 2022 15:54:34 GMT
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: --yp0S5zqosjQw5xn1w4wXdiCn9CvmOS8snewap2-QvIiypCp8uhqw==
Age: 20443
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a9d455468a5e3f8b30c654fb21626252
b5b65eb57411f9bf660e455ee317abd6350d9aa2
c05be3db932af572f5b89e2da586008fd98f18f58b4c0977e5d2ad5c40f1dd79
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 21:35:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
10716254.fls.doubleclick.net/activityi;src=10716254;type=gsol_web;cat=gsol_000;ord=149128619353;gtm=2wgbu0;auiddc=507930566.1671226513;~oref=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D?
142.250.74.6200 OK 262 B URL HTTP/2 10716254.fls.doubleclick.net/activityi;src=10716254;type=gsol_web;cat=gsol_000;ord=149128619353;gtm=2wgbu0;auiddc=507930566.1671226513;~oref=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D?
IP 142.250.74.6:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (502), with no line terminators
Hash d8ade126eb2557438281a6fba3e63fe5
b0f275f248655c4f6c64c2c88ae909e94e780fbf
93bc84b27142fc6a3259cc36875a3caebbbe87bd836898533b0d325b31999857
GET /activityi;src=10716254;type=gsol_web;cat=gsol_000;ord=149128619353;gtm=2wgbu0;auiddc=507930566.1671226513;~oref=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D? HTTP/1.1
Host: 10716254.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 21:35:16 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 262
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 16-Dec-2022 21:50:16 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s.webtrends.com/js/webtrends.hm.js
108.157.229.93200 OK 7.4 kB URL HTTP/1.1 s.webtrends.com/js/webtrends.hm.js
IP 108.157.229.93:0
File type HTML document, ASCII text, with CRLF line terminators
Hash b2ea8b95abb8ab706e7a0cfa9685cd10
8b75b0f6fff26a3a651d9346db02fefe45a67379
fe11671e8ca6d3b5659e5dae0924ecae80c99c0dd72478710eed0886e687f69d
GET /js/webtrends.hm.js HTTP/1.1
Host: s.webtrends.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 7382
Connection: keep-alive
Last-Modified: Tue, 25 Feb 2020 23:34:02 GMT
x-amz-version-id: null
Accept-Ranges: bytes
Server: AmazonS3
Date: Sun, 11 Dec 2022 16:22:49 GMT
ETag: "b2ea8b95abb8ab706e7a0cfa9685cd10"
X-Cache: Hit from cloudfront
Via: 1.1 c26999728b9b80253ea8308df470deba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN56-P2
X-Amz-Cf-Id: 1bh3Mus_dJOCb5wBCU6yr9WDawh0Bi7ccZX-fqRgrbFTjAZjL8xMzg==
Age: 450885
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a9d455468a5e3f8b30c654fb21626252
b5b65eb57411f9bf660e455ee317abd6350d9aa2
c05be3db932af572f5b89e2da586008fd98f18f58b4c0977e5d2ad5c40f1dd79
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 21:35:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.46200 OK 20 kB URL HTTP/1.1 www.google-analytics.com/analytics.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 20039
Date: Fri, 16 Dec 2022 20:14:11 GMT
Expires: Fri, 16 Dec 2022 22:14:11 GMT
Cache-Control: public, max-age=7200
Age: 4865
Last-Modified: Tue, 27 Sep 2022 22:01:05 GMT
Content-Type: text/javascript
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a9d455468a5e3f8b30c654fb21626252
b5b65eb57411f9bf660e455ee317abd6350d9aa2
c05be3db932af572f5b89e2da586008fd98f18f58b4c0977e5d2ad5c40f1dd79
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 21:35:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a504ef384345940f7ad9b039fd2deca2
d0ce426041271eefff01a53ad9d3dc568a368cec
813e762dfbfdfff6f740f9bffce03c72ce9e4eb2c855ffb2305d4bf8d48d6753
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4557
Cache-Control: max-age=91042
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 21:35:16 GMT
Etag: "639b9369-1d7"
Expires: Sat, 17 Dec 2022 22:52:38 GMT
Last-Modified: Thu, 15 Dec 2022 21:36:41 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
statse.webtrendslive.com/dcs222s995baa3dif3txj4i1d_8y2f/wtid.js?callback=Webtrends.dcss.dcsobj_0.dcsGetIdCallback
18.156.98.77301 Moved Permanently 244 B URL HTTP/1.1 statse.webtrendslive.com/dcs222s995baa3dif3txj4i1d_8y2f/wtid.js?callback=Webtrends.dcss.dcsobj_0.dcsGetIdCallback
IP 18.156.98.77:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 8fc9865f26fa25a6392c2f6060ae5df3
848c84d5259d274403799d8f07dce9a524662a0f
6fcb4b79975d55a072ba52bfd817cfba24b1a9f4777c706fb0706fd385601caa
GET /dcs222s995baa3dif3txj4i1d_8y2f/wtid.js?callback=Webtrends.dcss.dcsobj_0.dcsGetIdCallback HTTP/1.1
Host: statse.webtrendslive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
Location: https://statse.webtrendslive.com/dcs222s995baa3dif3txj4i1d_8y2f/wtid.js?callback=Webtrends.dcss.dcsobj_0.dcsGetIdCallback
Date: Fri, 16 Dec 2022 21:35:15 GMT
Connection: close
Content-Length: 244
snap.licdn.com/li.lms-analytics/insight.min.js
95.101.11.48200 OK 4.7 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP 95.101.11.48:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (13063)
Hash bf269a225d9de1d11c6e2747d12ffbfb
f3edd2899cced3e0ae6107c6837e954d8b4f1d86
38bcbdd59ce5cac7da632ad8788f5c520aa88d30a53af4cedeb9a989af4d0986
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 15 Dec 2022 18:31:06 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=66799
date: Fri, 16 Dec 2022 21:35:16 GMT
content-length: 4654
x-cdn: AKAM
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b56a3548738502fa3cc2d975411a7900
e6584e903da8e7e6062fd14d0c927495f6819b83
8b4ed97669a9d9a093cb9b4c92f1676681ea9c279ac47105042fa922bb32057b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 21:35:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/bat.js
204.79.197.200200 OK 12 kB IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39124), with no line terminators
Hash d925a898de26295fdebfc90203ef46fa
77dd3f5893b76530e08058d50e8f9aef017e80c7
8f4a413fec7e48f5ac290f4596fef33b6396e7fb31080ec0203a5ec817d140c8
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11460
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 05 Dec 2022 17:15:50 GMT
accept-ranges: bytes
etag: "027e538cd8d91:0"
vary: Accept-Encoding
set-cookie: MUID=2C68A8FE989762371931BA8299626322; domain=.bing.com; expires=Wed, 10-Jan-2024 21:35:16 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 00688C3BD00340179D1E7C7BE4626A15 Ref B: OSL30EDGE0221 Ref C: 2022-12-16T21:35:16Z
date: Fri, 16 Dec 2022 21:35:15 GMT
X-Firefox-Spdy: h2
login.globalsources.com/sso/gsol/pex/en/balat/includes/jqueryandplugins.js
107.154.199.39200 OK 63 kB URL HTTP/2 login.globalsources.com/sso/gsol/pex/en/balat/includes/jqueryandplugins.js
IP 107.154.199.39:0
File type ASCII text, with very long lines (65470)
Hash 29c90b8b68565a0e6b42f361c4b8070d
b7d26bb40ed723a740a0cd5fa596ccdd7ef15cd5
361294a8d351d7e7ab0c9a1c7370937aada937b954313b3f0446f32f1aae90b5
GET /sso/gsol/pex/en/balat/includes/jqueryandplugins.js HTTP/1.1
Host: login.globalsources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 16 Dec 2022 21:35:15 GMT
content-type: application/x-javascript
set-cookie: AWSALBTG=bvpYcoErNAQcoH6WFCbt+db+DjcrWIrHdPva3CVZyLnXrbqitriMIAEL8c3thq4mENxpPR/A0pr8zLFnuRPjaNcoxDZFpIULR1DUv5MCVqr64FAyrcA1Rj+D2nTdf7sjwo+oAhbwyqCtJdqCLRx/CAdsYwsQM3ib24aqcWwA3rFr; Expires=Fri, 23 Dec 2022 21:35:15 GMT; Path=/
AWSALBTGCORS=bvpYcoErNAQcoH6WFCbt+db+DjcrWIrHdPva3CVZyLnXrbqitriMIAEL8c3thq4mENxpPR/A0pr8zLFnuRPjaNcoxDZFpIULR1DUv5MCVqr64FAyrcA1Rj+D2nTdf7sjwo+oAhbwyqCtJdqCLRx/CAdsYwsQM3ib24aqcWwA3rFr; Expires=Fri, 23 Dec 2022 21:35:15 GMT; Path=/; SameSite=None; Secure
AWSALB=0tg7fe6dsDatyFb4tpKw+wy7r5nfE0pOha6zzWAL+9N9OUXtAHpTGKeh9dbW/EDYMmZwLV7klRZ4BukTplZGK/WwH3RU/augumWxTver5Kg9q1dzcBRxx8Qx0ryC; Expires=Fri, 23 Dec 2022 21:35:15 GMT; Path=/
AWSALBCORS=0tg7fe6dsDatyFb4tpKw+wy7r5nfE0pOha6zzWAL+9N9OUXtAHpTGKeh9dbW/EDYMmZwLV7klRZ4BukTplZGK/WwH3RU/augumWxTver5Kg9q1dzcBRxx8Qx0ryC; Expires=Fri, 23 Dec 2022 21:35:15 GMT; Path=/; SameSite=None; Secure
nlbi_2766148=DXeVf2an4m0k8ES6OJREPwAAAACL7laH80uWD961Xt4WQokG; path=/; Domain=.globalsources.com
visid_incap_2766148=Aw4jcfZzTsijq0vIfRm+4JLknGMAAAAAQUIPAAAAAABS007Um+OhNEvcDadNcy0h; expires=Fri, 15 Dec 2023 22:29:35 GMT; HttpOnly; path=/; Domain=.globalsources.com
incap_ses_277_2766148=ATRxbn+9cnlOdftgiBrYA5PknGMAAAAAd13tVkaj2iwhDqvZjuAsJw==; path=/; Domain=.globalsources.com
last-modified: Thu, 28 Apr 2022 06:28:08 GMT
cache-control: no-cache
pragma: no-cache
expires: Mon, 01 Jan 1999 00:00:00 GMT
content-encoding: gzip
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' *.globalsources.com; upgrade-insecure-requests;
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.globalsources.com ; form-action 'none' data: blob: ; frame-ancestors 'self' ; report-uri /csp_report
x-iinfo: 7-68118226-68118231 pNNN RT(1671226514031 57) q(0 0 5 1) r(14 14) U2
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c7752844f399cd1f7dfb1ca6131bd407
d63b2b783ce290d2e032da1f60999584ab171579
2079c3ea0b15311a93e9bb07c107f209637e040327fd80a15cd17989acb83b81
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 21:35:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b56a3548738502fa3cc2d975411a7900
e6584e903da8e7e6062fd14d0c927495f6819b83
8b4ed97669a9d9a093cb9b4c92f1676681ea9c279ac47105042fa922bb32057b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 21:35:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/1072021429/?random=1671226513197&cv=11&fst=1671226513197&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tiba=Global%20Sources&auid=507930566.1671226513&rfmt=3&fmt=4
142.250.74.162200 OK 892 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1072021429/?random=1671226513197&cv=11&fst=1671226513197&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tiba=Global%20Sources&auid=507930566.1671226513&rfmt=3&fmt=4
IP 142.250.74.162:0
File type ASCII text, with very long lines (1875), with no line terminators
Hash 6a7ccea4ebbdd5105c9b2f2ae8c88603
031f2ff773569a48802b5e6dfa7b6d1611f6cad7
1b3149a68851173f06a1debb5130cf4295359cc560d5d87d35c62637f62c400a
GET /pagead/viewthroughconversion/1072021429/?random=1671226513197&cv=11&fst=1671226513197&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tiba=Global%20Sources&auid=507930566.1671226513&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 21:35:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 892
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 16-Dec-2022 21:50:16 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c8a49c10c60b31f85897b10f4ec4cf83
a36d1f2e9c383be9d1e8f3582e4245848c737942
96090cb245f690b7cc9a8b4cd11b6fbb1eede6e139f3a5485c8e58196024e7bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 21:35:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/ddm/fls/i/src=12419770;type=f_pag0;cat=f_cm_0;ord=5494245996553;gtm=2wgbu0;auiddc=507930566.1671226513;~oref=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D
142.250.74.130200 OK 262 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=12419770;type=f_pag0;cat=f_cm_0;ord=5494245996553;gtm=2wgbu0;auiddc=507930566.1671226513;~oref=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D
IP 142.250.74.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (498), with no line terminators
Hash c64bef7fde34b8b7f3d3d814eebb177c
c1e7274b3d638edef6bfcf6f03df4765538b78db
3e9e5421277caf09126d7281fb5bd405a45dad9bcaa09bb5dc2dbc760153839b
GET /ddm/fls/i/src=12419770;type=f_pag0;cat=f_cm_0;ord=5494245996553;gtm=2wgbu0;auiddc=507930566.1671226513;~oref=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://12419770.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 21:35:16 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 262
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c7752844f399cd1f7dfb1ca6131bd407
d63b2b783ce290d2e032da1f60999584ab171579
2079c3ea0b15311a93e9bb07c107f209637e040327fd80a15cd17989acb83b81
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 21:35:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/collect?v=1&_v=j98&a=1381927022&t=pageview&_s=1&dl=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&ul=en-us&de=UTF-8&dt=Global%20Sources&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YCDAgEABAAAAAAAAI~&jid=903602550&gjid=1234919481&cid=1393043070.1671226513&tid=UA-179370-18&_gid=1062636575.1671226513&cg1=LOGIN_FORM_ERR&z=416418694
142.250.74.46200 OK 35 B URL HTTP/1.1 www.google-analytics.com/collect?v=1&_v=j98&a=1381927022&t=pageview&_s=1&dl=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&ul=en-us&de=UTF-8&dt=Global%20Sources&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YCDAgEABAAAAAAAAI~&jid=903602550&gjid=1234919481&cid=1393043070.1671226513&tid=UA-179370-18&_gid=1062636575.1671226513&cg1=LOGIN_FORM_ERR&z=416418694
IP 142.250.74.46:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /collect?v=1&_v=j98&a=1381927022&t=pageview&_s=1&dl=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&ul=en-us&de=UTF-8&dt=Global%20Sources&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YCDAgEABAAAAAAAAI~&jid=903602550&gjid=1234919481&cid=1393043070.1671226513&tid=UA-179370-18&_gid=1062636575.1671226513&cg1=LOGIN_FORM_ERR&z=416418694 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Pragma: no-cache
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
Date: Fri, 16 Dec 2022 17:00:58 GMT
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Age: 16458
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Content-Type: image/gif
www.google.com/pagead/1p-conversion/1071695260/?random=1671226513221&cv=11&fst=1671226513221&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=EbauCI35y9kDEJyLg_8D&hn=www.google.com&frm=0&url=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tiba=Global%20Sources&value=0&bttype=purchase&auid=507930566.1671226513&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
216.58.207.228302 Found 63 B URL HTTP/2 www.google.com/pagead/1p-conversion/1071695260/?random=1671226513221&cv=11&fst=1671226513221&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=EbauCI35y9kDEJyLg_8D&hn=www.google.com&frm=0&url=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tiba=Global%20Sources&value=0&bttype=purchase&auid=507930566.1671226513&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
IP 216.58.207.228:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/1071695260/?random=1671226513221&cv=11&fst=1671226513221&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=EbauCI35y9kDEJyLg_8D&hn=www.google.com&frm=0&url=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tiba=Global%20Sources&value=0&bttype=purchase&auid=507930566.1671226513&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 21:35:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/1071695260/?random=1671226513221&cv=11&fst=1671226513221&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=EbauCI35y9kDEJyLg_8D&hn=www.google.com&frm=0&url=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tiba=Global%20Sources&value=0&bttype=purchase&auid=507930566.1671226513&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b56a3548738502fa3cc2d975411a7900
e6584e903da8e7e6062fd14d0c927495f6819b83
8b4ed97669a9d9a093cb9b4c92f1676681ea9c279ac47105042fa922bb32057b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 21:35:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c7752844f399cd1f7dfb1ca6131bd407
d63b2b783ce290d2e032da1f60999584ab171579
2079c3ea0b15311a93e9bb07c107f209637e040327fd80a15cd17989acb83b81
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 21:35:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/1071695260/?random=1671226513221&cv=11&fst=1671226513221&fmt=3&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=EbauCI35y9kDEJyLg_8D&hn=www.google.com&frm=0&url=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tiba=Global%20Sources&value=0&bttype=purchase&auid=507930566.1671226513&gcp=1&ct_cookie_present=1
142.250.74.162200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1071695260/?random=1671226513221&cv=11&fst=1671226513221&fmt=3&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=EbauCI35y9kDEJyLg_8D&hn=www.google.com&frm=0&url=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tiba=Global%20Sources&value=0&bttype=purchase&auid=507930566.1671226513&gcp=1&ct_cookie_present=1
IP 142.250.74.162:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/1071695260/?random=1671226513221&cv=11&fst=1671226513221&fmt=3&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=EbauCI35y9kDEJyLg_8D&hn=www.google.com&frm=0&url=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tiba=Global%20Sources&value=0&bttype=purchase&auid=507930566.1671226513&gcp=1&ct_cookie_present=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 21:35:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 16-Dec-2022 21:50:16 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-179370-18&cid=1393043070.1671226513&jid=903602550&gjid=1234919481&_gid=1062636575.1671226513&_u=YCDAgEABAAAAAEAAI~&z=1326532445
64.233.164.155200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-179370-18&cid=1393043070.1671226513&jid=903602550&gjid=1234919481&_gid=1062636575.1671226513&_u=YCDAgEABAAAAAEAAI~&z=1326532445
IP 64.233.164.155:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-179370-18&cid=1393043070.1671226513&jid=903602550&gjid=1234919481&_gid=1062636575.1671226513&_u=YCDAgEABAAAAAEAAI~&z=1326532445 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://czjilce-aqg-6.tk
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://czjilce-aqg-6.tk
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 16 Dec 2022 21:35:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/3267009/domain/czjilce-aqg-6.tk/token
108.157.214.56200 OK 0 B URL HTTP/2 cdn.linkedin.oribi.io/partner/3267009/domain/czjilce-aqg-6.tk/token
IP 108.157.214.56:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /partner/3267009/domain/czjilce-aqg-6.tk/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: http://czjilce-aqg-6.tk/
Origin: http://czjilce-aqg-6.tk
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 0
date: Thu, 15 Dec 2022 22:25:14 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: content-type
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
x-cache: Hit from cloudfront
via: 1.1 47df1466fb55fd6ccae35d2a1425deaa.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: SJMVVDS85iYOVG-V7EwlgnZrP-9iVX9DECzVpIdjzMCLKjbxtn_4Hg==
age: 83402
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a504ef384345940f7ad9b039fd2deca2
d0ce426041271eefff01a53ad9d3dc568a368cec
813e762dfbfdfff6f740f9bffce03c72ce9e4eb2c855ffb2305d4bf8d48d6753
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4557
Cache-Control: max-age=91042
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 21:35:16 GMT
Etag: "639b9369-1d7"
Expires: Sat, 17 Dec 2022 22:52:38 GMT
Last-Modified: Thu, 15 Dec 2022 21:36:41 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8b1f3ab941f9af9d95c8b8de3919330c
581032c8d194a696e353070d25165321504c0176
852cc4977786c9e7c01867e8d4fafc93fa44fd1c4c6d25a9986cf6856aff991c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 21:35:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8b1f3ab941f9af9d95c8b8de3919330c
581032c8d194a696e353070d25165321504c0176
852cc4977786c9e7c01867e8d4fafc93fa44fd1c4c6d25a9986cf6856aff991c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 21:35:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
statse.webtrendslive.com/dcs222s995baa3dif3txj4i1d_8y2f/wtid.js?callback=Webtrends.dcss.dcsobj_0.dcsGetIdCallback
18.156.98.77200 OK 10 B URL HTTP/2 statse.webtrendslive.com/dcs222s995baa3dif3txj4i1d_8y2f/wtid.js?callback=Webtrends.dcss.dcsobj_0.dcsGetIdCallback
IP 18.156.98.77:0
File type exported SGML document, ASCII text, with CRLF line terminators
Hash 944ece9d6d59cdf6eaa8ae6c6c205b93
877b1b2addfb2494453305fa4b93f3f03ee064c2
d3f45949797ac9329127b9e128b0e0656aa48d5dbd8d5e8e42c8b451780c34f2
GET /dcs222s995baa3dif3txj4i1d_8y2f/wtid.js?callback=Webtrends.dcss.dcsobj_0.dcsGetIdCallback HTTP/1.1
Host: statse.webtrendslive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://czjilce-aqg-6.tk/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
strict-transport-security: max-age=31536000
date: Fri, 16 Dec 2022 21:35:16 GMT
content-length: 10
X-Firefox-Spdy: h2
adservice.google.no/ddm/fls/i/src=12419770;type=f_pag0;cat=f_cm_0;ord=5494245996553;gtm=2wgbu0;auiddc=507930566.1671226513;~oref=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D
216.58.207.226200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=12419770;type=f_pag0;cat=f_cm_0;ord=5494245996553;gtm=2wgbu0;auiddc=507930566.1671226513;~oref=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D
IP 216.58.207.226:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=12419770;type=f_pag0;cat=f_cm_0;ord=5494245996553;gtm=2wgbu0;auiddc=507930566.1671226513;~oref=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 21:35:16 GMT
expires: Fri, 16 Dec 2022 21:35:16 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/ddm/fls/i/src=10716254;type=gsol_web;cat=gsol_000;ord=149128619353;gtm=2wgbu0;auiddc=507930566.1671226513;~oref=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D
216.58.207.226200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=10716254;type=gsol_web;cat=gsol_000;ord=149128619353;gtm=2wgbu0;auiddc=507930566.1671226513;~oref=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D
IP 216.58.207.226:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=10716254;type=gsol_web;cat=gsol_000;ord=149128619353;gtm=2wgbu0;auiddc=507930566.1671226513;~oref=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 21:35:16 GMT
expires: Fri, 16 Dec 2022 21:35:16 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8b1f3ab941f9af9d95c8b8de3919330c
581032c8d194a696e353070d25165321504c0176
852cc4977786c9e7c01867e8d4fafc93fa44fd1c4c6d25a9986cf6856aff991c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 21:35:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
px.ads.linkedin.com/collect?v=2&fmt=js&pid=3267009&time=1671226513422&url=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tm=gtmv2
13.107.42.14302 Found 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=3267009&time=1671226513422&url=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tm=gtmv2
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=3267009&time=1671226513422&url=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tm=gtmv2 HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3267009%26time%3D1671226513422%26url%3Dhttp%253A%252F%252Fczjilce-aqg-6.tk%252Fnene%252Flogin.globalsources.com%252Ferror.php%253Femail%253D%26tm%3Dgtmv2%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQIML8CdfQbeyQAAAYUc3OTUjnZEUcfQGzm1kTquulB-4DLbttmW71y1nd3gIdIjUlxWnpBgwONP9A; Max-Age=2592000; Expires=Sun, 15 Jan 2023 21:35:16 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQIKVCDEZASlRwAAAYUc3OTUU7Be-hW_x-KHC4YzFQuThNSgg2Re-WgdZOmZSXDt0vMejnxR2NuMr6ogKxsHkQ; Max-Age=2592000; Expires=Sun, 15 Jan 2023 21:35:16 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&e09acb44-65d8-4da1-8ca8-af40ed055e3f"; domain=.linkedin.com; Path=/; Secure; Expires=Sat, 16-Dec-2023 21:35:16 GMT; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2402:u=1:x=1:i=1671226516:t=1671312916:v=2:sig=AQE-PFaNPwPW7XWXn0tvXohdNLRLTXPm"; Expires=Sat, 17 Dec 2022 21:35:16 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXv+L7dutWYFTeY31plog==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: C6A6BDFBA9C74E54984580577ECE0D6D Ref B: OSL30EDGE0310 Ref C: 2022-12-16T21:35:16Z
date: Fri, 16 Dec 2022 21:35:16 GMT
content-length: 0
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=137022501&tm=gtm002&Ver=2&mid=5bf4ce0b-5007-44c3-afa0-262245ab9f80&sid=8648ef607d8911ed87ab05a55c333200&vid=8648e8d07d8911edba42e73257690007&vids=1&msclkid=N>m_tag_source=1&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Global%20Sources&p=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&r=<=2711&evt=pageLoad&sv=1&rn=34666
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=137022501&tm=gtm002&Ver=2&mid=5bf4ce0b-5007-44c3-afa0-262245ab9f80&sid=8648ef607d8911ed87ab05a55c333200&vid=8648e8d07d8911edba42e73257690007&vids=1&msclkid=N>m_tag_source=1&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Global%20Sources&p=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&r=<=2711&evt=pageLoad&sv=1&rn=34666
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=137022501&tm=gtm002&Ver=2&mid=5bf4ce0b-5007-44c3-afa0-262245ab9f80&sid=8648ef607d8911ed87ab05a55c333200&vid=8648e8d07d8911edba42e73257690007&vids=1&msclkid=N>m_tag_source=1&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Global%20Sources&p=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&r=<=2711&evt=pageLoad&sv=1&rn=34666 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=3154561342A36DC41DE3446F43566CA8; domain=.bing.com; expires=Wed, 10-Jan-2024 21:35:16 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7F6B79DB888B415FBEEF7AB3B0C72BE4 Ref B: OSL30EDGE0221 Ref C: 2022-12-16T21:35:16Z
date: Fri, 16 Dec 2022 21:35:15 GMT
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-179370-18&cid=1393043070.1671226513&jid=903602550&_u=YCDAgEABAAAAAEAAI~&z=1762352125
142.250.74.67200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-179370-18&cid=1393043070.1671226513&jid=903602550&_u=YCDAgEABAAAAAEAAI~&z=1762352125
IP 142.250.74.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-179370-18&cid=1393043070.1671226513&jid=903602550&_u=YCDAgEABAAAAAEAAI~&z=1762352125 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 21:35:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/1072021429/?random=1671226513197&cv=11&fst=1671224400000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tiba=Global%20Sources&fmt=3&is_vtc=1&random=342844313&rmt_tld=1&ipr=y
142.250.74.67200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1072021429/?random=1671226513197&cv=11&fst=1671224400000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tiba=Global%20Sources&fmt=3&is_vtc=1&random=342844313&rmt_tld=1&ipr=y
IP 142.250.74.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1072021429/?random=1671226513197&cv=11&fst=1671224400000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tiba=Global%20Sources&fmt=3&is_vtc=1&random=342844313&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 21:35:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-conversion/1071695260/?random=1671226513221&cv=11&fst=1671226513221&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=EbauCI35y9kDEJyLg_8D&hn=www.google.com&frm=0&url=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tiba=Global%20Sources&value=0&bttype=purchase&auid=507930566.1671226513&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
142.250.74.67200 OK 63 B URL HTTP/2 www.google.no/pagead/1p-conversion/1071695260/?random=1671226513221&cv=11&fst=1671226513221&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=EbauCI35y9kDEJyLg_8D&hn=www.google.com&frm=0&url=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tiba=Global%20Sources&value=0&bttype=purchase&auid=507930566.1671226513&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP 142.250.74.67:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/1071695260/?random=1671226513221&cv=11&fst=1671226513221&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=EbauCI35y9kDEJyLg_8D&hn=www.google.com&frm=0&url=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tiba=Global%20Sources&value=0&bttype=purchase&auid=507930566.1671226513&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://czjilce-aqg-6.tk/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 21:35:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bat.bing.com/p/action/137022501.js
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/137022501.js
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/137022501.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=29096D138EEA6B413B497F6F8F1F6AEC; domain=.bing.com; expires=Wed, 10-Jan-2024 21:35:16 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3A5D72AF5653448A84CD4AF54F17F35B Ref B: OSL30EDGE0221 Ref C: 2022-12-16T21:35:16Z
date: Fri, 16 Dec 2022 21:35:15 GMT
X-Firefox-Spdy: h2
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3267009%26time%3D1671226513422%26url%3Dhttp%253A%252F%252Fczjilce-aqg-6.tk%252Fnene%252Flogin.globalsources.com%252Ferror.php%253Femail%253D%26tm%3Dgtmv2%26liSync%3Dtrue
13.107.42.14302 Found 0 B URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3267009%26time%3D1671226513422%26url%3Dhttp%253A%252F%252Fczjilce-aqg-6.tk%252Fnene%252Flogin.globalsources.com%252Ferror.php%253Femail%253D%26tm%3Dgtmv2%26liSync%3Dtrue
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3267009%26time%3D1671226513422%26url%3Dhttp%253A%252F%252Fczjilce-aqg-6.tk%252Fnene%252Flogin.globalsources.com%252Ferror.php%253Femail%253D%26tm%3Dgtmv2%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://czjilce-aqg-6.tk/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3267009&time=1671226513422&url=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tm=gtmv2&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&be84831d-e6fc-4c12-8d1d-de7676ec0d4f"; Domain=.linkedin.com; Expires=Sat, 16-Dec-2023 21:35:16 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&202212162135169ebc93a5-6c53-4991-8948-3055dd76b9f7AQENCxxnztILpdRae8OHeSVFERAYRXMB"; Domain=.www.linkedin.com; Expires=Sat, 16-Dec-2023 21:35:16 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NzEyMjY1MTY7MjswMjEnSOooEN8sorxeTbbzCMEB5r22V0Uc++f0gOieBZHcsQ==; Domain=.linkedin.com; Expires=Wed, 14 Jun 2023 21:35:16 GMT; Path=/; Secure; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2438:u=1:x=1:i=1671226516:t=1671312916:v=2:sig=AQHrJUq677Tg0M_58BsHzjFSIDrmUxNf"; Expires=Sat, 17 Dec 2022 21:35:16 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' *.licdn.com *.linkedin.com wss://*.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com *.microsoft.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; worker-src blob: 'self'; frame-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' teams.microsoft.com client.learningapp.microsoft.com onyx.www.linkedin.com; report-uri /security/csp?e=p&f=t
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXv+L7gt8dh+R1kEqsnSQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 1FAD4E367C7A4B059FD9D83CACE02079 Ref B: OSL30EDGE0310 Ref C: 2022-12-16T21:35:16Z
date: Fri, 16 Dec 2022 21:35:16 GMT
content-length: 0
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=396613127629341&ev=PageView&dl=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&rl=&if=false&ts=1671226513846&sw=1280&sh=1024&v=2.9.90&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1671226513845.2018076122&it=1671226513466&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=396613127629341&ev=PageView&dl=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&rl=&if=false&ts=1671226513846&sw=1280&sh=1024&v=2.9.90&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1671226513845.2018076122&it=1671226513466&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=396613127629341&ev=PageView&dl=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&rl=&if=false&ts=1671226513846&sw=1280&sh=1024&v=2.9.90&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1671226513845.2018076122&it=1671226513466&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Fri, 16 Dec 2022 21:35:17 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=396613127629341&ev=Subscribe&dl=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&rl=&if=false&ts=1671226513852&cd[subscription_id]=NLI&sw=1280&sh=1024&v=2.9.90&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1671226513845.2018076122&it=1671226513466&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=396613127629341&ev=Subscribe&dl=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&rl=&if=false&ts=1671226513852&cd[subscription_id]=NLI&sw=1280&sh=1024&v=2.9.90&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1671226513845.2018076122&it=1671226513466&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=396613127629341&ev=Subscribe&dl=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&rl=&if=false&ts=1671226513852&cd[subscription_id]=NLI&sw=1280&sh=1024&v=2.9.90&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1671226513845.2018076122&it=1671226513466&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Fri, 16 Dec 2022 21:35:17 GMT
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-M0GFGLPMZ2>m=2oebu0&_p=1381927022&cid=1393043070.1671226513&ul=en-us&sr=1280x1024&_s=1&sid=1671226513&sct=1&seg=0&dl=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&dt=Global%20Sources&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-M0GFGLPMZ2>m=2oebu0&_p=1381927022&cid=1393043070.1671226513&ul=en-us&sr=1280x1024&_s=1&sid=1671226513&sct=1&seg=0&dl=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&dt=Global%20Sources&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-M0GFGLPMZ2>m=2oebu0&_p=1381927022&cid=1393043070.1671226513&ul=en-us&sr=1280x1024&_s=1&sid=1671226513&sct=1&seg=0&dl=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&dt=Global%20Sources&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://czjilce-aqg-6.tk
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://czjilce-aqg-6.tk
date: Fri, 16 Dec 2022 21:35:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=3267009&time=1671226513422&url=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tm=gtmv2&liSync=true
13.107.42.14200 OK 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=3267009&time=1671226513422&url=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tm=gtmv2&liSync=true
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=3267009&time=1671226513422&url=http%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tm=gtmv2&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://czjilce-aqg-6.tk/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&9253caab-5da2-4a6b-83cb-adb7d3f288b8"; domain=.linkedin.com; Path=/; Secure; Expires=Sat, 16-Dec-2023 21:35:17 GMT; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2438:u=1:x=1:i=1671226517:t=1671312917:v=2:sig=AQGwzpMb8-IdoRlHCpvLFJWd3BZqolAo"; Expires=Sat, 17 Dec 2022 21:35:17 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXv+L7kaB++tqMp30mRGA==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 9A93627202774E958E9CCDBBBBE5D929 Ref B: OSL30EDGE0310 Ref C: 2022-12-16T21:35:17Z
date: Fri, 16 Dec 2022 21:35:16 GMT
content-length: 0
X-Firefox-Spdy: h2
login.globalsources.com/sso/gsol/pex/en/balat/images/BLANK.GIF
107.154.199.39200 OK 43 B URL HTTP/2 login.globalsources.com/sso/gsol/pex/en/balat/images/BLANK.GIF
IP 107.154.199.39:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55fade2068e7503eae8d7ddf5eb6bd09
317496a096d6c86486a71d4521994bcd171a6bb3
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
GET /sso/gsol/pex/en/balat/images/BLANK.GIF HTTP/1.1
Host: login.globalsources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Cookie: AWSALBTGCORS=m0GmD5Eb2NXk4WHka0YGBK/PdYEC2N7/NoZJ2ImnytxAbnL3CISkG7Vw/6w0ptiTymESN2NTso+uBkmWgrfqpEuiS2G2NMoqu+QY9jJz/3+mZZE7oupcMS5e14Cft4Bj1Qj5g5OzAlj2lePmBQbylDlrDQjYiHD1mtu2m/Oi6Dg5; AWSALBCORS=R0MyUlQjWQjWp4VMpxodnhjHLbby7iW1NjHZiDSEBDoqV+97pbNRmZzE4w5Jksi9xx6fBgGQYt1pWSSjQlRu3eHZN1TBgb475cWT7woplptbNZZUD6dg729VBUkV
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 28 Apr 2022 06:31:57 GMT
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Dec 2022 21:35:17 GMT
content-type: image/gif
content-length: 43
set-cookie: AWSALBTG=KezhgvuC87Qyp6iaODpY6XoT3fMVKgzjlDZrE+u5oDUyQUDVUSyLrWaVpr8BkxkY6DQ9VQD+zI80uQpLEozwpNeF1W6C9rMVohUO96RBMUf+IOoPa1lyMxI14RHVQqvGEWHWz9LEge6TC6HkAGwgf9/adGoIOudpcdyAKKvhjpLK; Expires=Fri, 23 Dec 2022 21:35:17 GMT; Path=/
AWSALBTGCORS=KezhgvuC87Qyp6iaODpY6XoT3fMVKgzjlDZrE+u5oDUyQUDVUSyLrWaVpr8BkxkY6DQ9VQD+zI80uQpLEozwpNeF1W6C9rMVohUO96RBMUf+IOoPa1lyMxI14RHVQqvGEWHWz9LEge6TC6HkAGwgf9/adGoIOudpcdyAKKvhjpLK; Expires=Fri, 23 Dec 2022 21:35:17 GMT; Path=/; SameSite=None; Secure
AWSALB=tYia+peEmv8foiJWY/K8Jv5g+KYZRYWVYuQP44QnXcJx/tiz6/4RQGzWPEcZuoVELJOaGUxtIs1TVW2dd+TrJSxfble1/YbUuLUXcnleoJ7gNh6Lfw9gvMxvZeE7; Expires=Fri, 23 Dec 2022 21:35:17 GMT; Path=/
AWSALBCORS=tYia+peEmv8foiJWY/K8Jv5g+KYZRYWVYuQP44QnXcJx/tiz6/4RQGzWPEcZuoVELJOaGUxtIs1TVW2dd+TrJSxfble1/YbUuLUXcnleoJ7gNh6Lfw9gvMxvZeE7; Expires=Fri, 23 Dec 2022 21:35:17 GMT; Path=/; SameSite=None; Secure
nlbi_2766148=VexpBQwlVXNtukOqOJREPwAAAAA4f0XcCAT7PpzT6/xn41t7; path=/; Domain=.globalsources.com
visid_incap_2766148=Aw4jcfZzTsijq0vIfRm+4JLknGMAAAAAQUIPAAAAAABS007Um+OhNEvcDadNcy0h; expires=Fri, 15 Dec 2023 22:29:35 GMT; HttpOnly; path=/; Domain=.globalsources.com
incap_ses_277_2766148=r48RJvhnhSdOdftgiBrYA5TknGMAAAAAA5wVU3rvojVBhLz5XDS3TQ==; path=/; Domain=.globalsources.com
last-modified: Thu, 28 Apr 2022 06:28:07 GMT
accept-ranges: bytes
cache-control: no-cache
pragma: no-cache
expires: Mon, 01 Jan 1999 00:00:00 GMT
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' *.globalsources.com; upgrade-insecure-requests;
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.globalsources.com ; form-action 'none' data: blob: ; frame-ancestors 'self' ; report-uri /csp_report
x-iinfo: 7-68118226-68118292 2NNN RT(1671226514031 1926) q(0 0 0 0) r(9 9) U2
X-Firefox-Spdy: h2
login.globalsources.com/csp_report
107.154.199.39200 OK 0 B URL HTTP/2 login.globalsources.com/csp_report
IP 107.154.199.39:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp_report HTTP/1.1
Host: login.globalsources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 411
Origin: https://login.globalsources.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: text/plain
x-robots-tag: noindex
content-length: 0
set-cookie: visid_incap_2766148=Aw4jcfZzTsijq0vIfRm+4JLknGMAAAAAQUIPAAAAAABS007Um+OhNEvcDadNcy0h; expires=Fri, 15 Dec 2023 22:31:10 GMT; HttpOnly; path=/; Domain=.globalsources.com
incap_ses_277_2766148=Kh/WGZICUGBOdftgiBrYA5TknGMAAAAAMpwaxmCqgdtX556r/vUQgA==; path=/; Domain=.globalsources.com
content-security-policy: frame-ancestors 'self' *.globalsources.com; upgrade-insecure-requests;
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.globalsources.com ; form-action 'none' data: blob: ; frame-ancestors 'self' ; report-uri /csp_report
X-Firefox-Spdy: h2
login.globalsources.com/sso/gsol/pex/en/balat/includes/webtrends.min.js
107.154.199.39200 OK 8.9 kB URL HTTP/2 login.globalsources.com/sso/gsol/pex/en/balat/includes/webtrends.min.js
IP 107.154.199.39:0
Hash 9f4c6291693bb81dbd4074f9c97e4dfc
9a325ad64d415f6b6962ba4514a4fc38d2bef954
b213c9aae8294ea945cd68ec21122e94d2975f5a7bc8af8969394eb51728fe67
GET /sso/gsol/pex/en/balat/includes/webtrends.min.js HTTP/1.1
Host: login.globalsources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Cookie: AWSALBTGCORS=8TY1MH5G+sREc6NkcMaaTJXHi1kCTZ14pnYluUbDgvj+Qd192bOS5oYK/ke46iBUF7ysOaO5wZR8T3asVtwnrN9sz7I44LLYuap0BQhZjgJDr84jEVbTRXK6es5Pll4g7Rqf2Zw++b9M0vC0/FKBSaHrMk7hLB8RI3tpnglZUoxs; AWSALBCORS=1UTAiLfeX9PMpb9xwo7j2z5YyAJf4coVGYJiRDSNNYfCCMWMTXEASLjXmlQNJWaU+nDwDcAUI+N5hi/6Q/ZicbDG0WaiBhTebETYurfF9KdfwToAABc7KdibxjHS
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Dec 2022 21:35:16 GMT
content-type: application/x-javascript
set-cookie: AWSALBTG=NVia1mCk2NbQqGOLO3m5XsbWP/4LZUt9m98c01ectOYJ8ZfR+gN54fqmgX5qpKptlHb7mLk4DTRQl//gmvLDi6xqco/b+bIu9vqPCZh/6yfeW5HhDm4d+yNgxp5LxFSqP0WHBfg46RyUr0tOk7jrjJZAFJTQ2oOQqXNmlzVLR/jc; Expires=Fri, 23 Dec 2022 21:35:16 GMT; Path=/
AWSALBTGCORS=NVia1mCk2NbQqGOLO3m5XsbWP/4LZUt9m98c01ectOYJ8ZfR+gN54fqmgX5qpKptlHb7mLk4DTRQl//gmvLDi6xqco/b+bIu9vqPCZh/6yfeW5HhDm4d+yNgxp5LxFSqP0WHBfg46RyUr0tOk7jrjJZAFJTQ2oOQqXNmlzVLR/jc; Expires=Fri, 23 Dec 2022 21:35:16 GMT; Path=/; SameSite=None; Secure
AWSALB=LTwpLjItXymkrCtNF2rIdeUuIgDsmMIsXyEXSF+GbpO3b+/goYq92Fx6lr250hIXu5B+a+1L9My2aDrKAISbu8kMsF6M2c149Y7tsoMYwMy3GQ9rcufAJ05QEVIE; Expires=Fri, 23 Dec 2022 21:35:16 GMT; Path=/
AWSALBCORS=LTwpLjItXymkrCtNF2rIdeUuIgDsmMIsXyEXSF+GbpO3b+/goYq92Fx6lr250hIXu5B+a+1L9My2aDrKAISbu8kMsF6M2c149Y7tsoMYwMy3GQ9rcufAJ05QEVIE; Expires=Fri, 23 Dec 2022 21:35:16 GMT; Path=/; SameSite=None; Secure
nlbi_2766148=KBV3QL/fTEKtMtAjOJREPwAAAABadWGz6BJ3yym725YVAciU; path=/; Domain=.globalsources.com
visid_incap_2766148=Aw4jcfZzTsijq0vIfRm+4JLknGMAAAAAQUIPAAAAAABS007Um+OhNEvcDadNcy0h; expires=Fri, 15 Dec 2023 22:29:35 GMT; HttpOnly; path=/; Domain=.globalsources.com
incap_ses_277_2766148=dgkrSkUOFhhOdftgiBrYA5PknGMAAAAAXxA300GrhYV366FKb/TpQA==; path=/; Domain=.globalsources.com
last-modified: Thu, 28 Apr 2022 06:28:08 GMT
cache-control: no-cache
pragma: no-cache
expires: Mon, 01 Jan 1999 00:00:00 GMT
content-encoding: gzip
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' *.globalsources.com; upgrade-insecure-requests;
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.globalsources.com ; form-action 'none' data: blob: ; frame-ancestors 'self' ; report-uri /csp_report
x-iinfo: 7-68118226-68118231 pNNN RT(1671226514031 1472) q(0 0 0 0) r(2 2) U2
X-Firefox-Spdy: h2
login.globalsources.com/sso/gsol/pex/en/common/includes/ssoscripts.js
107.154.199.39200 OK 11 kB URL HTTP/2 login.globalsources.com/sso/gsol/pex/en/common/includes/ssoscripts.js
IP 107.154.199.39:0
Hash 3a211296daefb631078e1c7ce84c3dc2
04f0661adc100de16f5c7ab411f4de0d524b245c
407b0661484de96062bbc56a8ff63589a32c183b0f83c484571c8f9caef054e8
GET /sso/gsol/pex/en/common/includes/ssoscripts.js HTTP/1.1
Host: login.globalsources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 16 Dec 2022 21:35:15 GMT
content-type: application/x-javascript
set-cookie: AWSALBTG=siyBjP/3TuK0lXbOPOXZLPUogThE9PELJlYu4vSV/29t7qZNxD65q47iHPydTjn0Osw9BpNoog/h8yAa7QpExVuvyoSnMfrlHQmTH4dB4BDjiHMYwE6qE9DsM7gtt7PMzvYRSomZ8bxaG7blhJCBtfX0bo4GNU9oS/4PPIOT9tue; Expires=Fri, 23 Dec 2022 21:35:15 GMT; Path=/
AWSALBTGCORS=siyBjP/3TuK0lXbOPOXZLPUogThE9PELJlYu4vSV/29t7qZNxD65q47iHPydTjn0Osw9BpNoog/h8yAa7QpExVuvyoSnMfrlHQmTH4dB4BDjiHMYwE6qE9DsM7gtt7PMzvYRSomZ8bxaG7blhJCBtfX0bo4GNU9oS/4PPIOT9tue; Expires=Fri, 23 Dec 2022 21:35:15 GMT; Path=/; SameSite=None; Secure
AWSALB=Dqvul4nt5g5s34SpYau0nWOz2W2MatdYv6CAaeV+jRrO398Q7QQzikQhCoPgBat+2oyP7bvToUboPLT4jD/hv4RHyQ++7mXVhy5v//jaOPMihEyJ5E1uYV/8P5AA; Expires=Fri, 23 Dec 2022 21:35:15 GMT; Path=/
AWSALBCORS=Dqvul4nt5g5s34SpYau0nWOz2W2MatdYv6CAaeV+jRrO398Q7QQzikQhCoPgBat+2oyP7bvToUboPLT4jD/hv4RHyQ++7mXVhy5v//jaOPMihEyJ5E1uYV/8P5AA; Expires=Fri, 23 Dec 2022 21:35:15 GMT; Path=/; SameSite=None; Secure
nlbi_2766148=jo0/J+Ly6AgFOH3cOJREPwAAAACNE6PUl4Ew9CkStfKShXsd; path=/; Domain=.globalsources.com
visid_incap_2766148=Aw4jcfZzTsijq0vIfRm+4JLknGMAAAAAQUIPAAAAAABS007Um+OhNEvcDadNcy0h; expires=Fri, 15 Dec 2023 22:29:35 GMT; HttpOnly; path=/; Domain=.globalsources.com
incap_ses_277_2766148=ZkAPHSMkIxdOdftgiBrYA5PknGMAAAAAucyG4oAIC6POLTgeZKs5WQ==; path=/; Domain=.globalsources.com
last-modified: Thu, 28 Apr 2022 06:31:58 GMT
cache-control: no-cache
pragma: no-cache
expires: Mon, 01 Jan 1999 00:00:00 GMT
content-encoding: gzip
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' *.globalsources.com; upgrade-insecure-requests;
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.globalsources.com ; form-action 'none' data: blob: ; frame-ancestors 'self' ; report-uri /csp_report
x-iinfo: 7-68118226-68118231 pNNN RT(1671226514031 55) q(0 0 5 2) r(12 12) U2
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=137022501&tm=gtm002&Ver=2&mid=5bf4ce0b-5007-44c3-afa0-262245ab9f80&sid=8648ef607d8911ed87ab05a55c333200&vid=8648e8d07d8911edba42e73257690007&vids=0&msclkid=N&gc=USD&tpp=1&ea=gtm.scrollDepth&en=Y&sw=1280&sh=1024&sc=24&evt=custom&rn=347383
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=137022501&tm=gtm002&Ver=2&mid=5bf4ce0b-5007-44c3-afa0-262245ab9f80&sid=8648ef607d8911ed87ab05a55c333200&vid=8648e8d07d8911edba42e73257690007&vids=0&msclkid=N&gc=USD&tpp=1&ea=gtm.scrollDepth&en=Y&sw=1280&sh=1024&sc=24&evt=custom&rn=347383
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=137022501&tm=gtm002&Ver=2&mid=5bf4ce0b-5007-44c3-afa0-262245ab9f80&sid=8648ef607d8911ed87ab05a55c333200&vid=8648e8d07d8911edba42e73257690007&vids=0&msclkid=N&gc=USD&tpp=1&ea=gtm.scrollDepth&en=Y&sw=1280&sh=1024&sc=24&evt=custom&rn=347383 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=3BFA5DF08AEE6FAB05B84F8C8B1B6EB2; domain=.bing.com; expires=Wed, 10-Jan-2024 21:35:17 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2C091CB1E3FC428EB14CCEEBF7783EFA Ref B: OSL30EDGE0221 Ref C: 2022-12-16T21:35:17Z
date: Fri, 16 Dec 2022 21:35:16 GMT
X-Firefox-Spdy: h2
czjilce-aqg-6.tk/sso/GeneralManager?action=captchaApi&language=en
162.241.87.224404 Not Found 315 B URL HTTP/1.1 czjilce-aqg-6.tk/sso/GeneralManager?action=captchaApi&language=en
IP 162.241.87.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert quad9 Sinkholed
POST /sso/GeneralManager?action=captchaApi&language=en HTTP/1.1
Host: czjilce-aqg-6.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 20
Origin: http://czjilce-aqg-6.tk
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/nene/login.globalsources.com/error.php?email=
Cookie: _gcl_au=1.1.507930566.1671226513; _ga_M0GFGLPMZ2=GS1.1.1671226513.1.0.1671226513.0.0.0; _ga=GA1.2.1393043070.1671226513; _gid=GA1.2.1062636575.1671226513; _gat=1
HTTP/1.1 404 Not Found
Date: Fri, 16 Dec 2022 21:35:15 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
czjilce-aqg-6.tk/favicon.ico
162.241.87.224404 Not Found 315 B URL HTTP/1.1 czjilce-aqg-6.tk/favicon.ico
IP 162.241.87.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: czjilce-aqg-6.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/nene/login.globalsources.com/error.php?email=
Cookie: _gcl_au=1.1.507930566.1671226513
HTTP/1.1 404 Not Found
Date: Fri, 16 Dec 2022 21:35:16 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F119528a5-7370-4990-b83c-626c858ba99d.webp
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F119528a5-7370-4990-b83c-626c858ba99d.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 20c9788db0532c15e2d42faffc192bba
5051c939cdedb14e313d7413c0dff5fa0eab50ea
0a2e782b848394b167d6e2a9b521be11d473e96048de715a22bd6afaf7c58057
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F119528a5-7370-4990-b83c-626c858ba99d.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8601
x-amzn-requestid: f3be9b43-d8d9-4862-b06a-bac1de46d2c1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dNQ84Hh6oAMFRGw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639b951f-3b85d738211ce0ff0f8e6e74;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 21:43:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZISFRsj2Nq7L27qJheQ33qkfyNdG5_q6S6BcV-dGgcUmvPnYUS2FmA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 22:09:03 GMT
age: 84379
etag: "5051c939cdedb14e313d7413c0dff5fa0eab50ea"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
insight.adsrvr.org/track/pxl/?adv=uo3y5o8&ct=0:8gqij5f&fmt=3&td1={Page%20URL}&td2={Click%20Text}&td3={Click%20Classes}&td4={Event}
15.197.193.217200 OK 0 B URL HTTP/2 insight.adsrvr.org/track/pxl/?adv=uo3y5o8&ct=0:8gqij5f&fmt=3&td1={Page%20URL}&td2={Click%20Text}&td3={Click%20Classes}&td4={Event}
IP 15.197.193.217:0
GET /track/pxl/?adv=uo3y5o8&ct=0:8gqij5f&fmt=3&td1={Page%20URL}&td2={Click%20Text}&td3={Click%20Classes}&td4={Event} HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Dec 2022 21:35:17 GMT
content-type: image/gif
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
login.globalsources.com/rdvoqldvqhjbezvv825122.js
107.154.199.39404 Not Found 0 B URL HTTP/2 login.globalsources.com/rdvoqldvqhjbezvv825122.js
IP 107.154.199.39:0
GET /rdvoqldvqhjbezvv825122.js HTTP/1.1
Host: login.globalsources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Fri, 16 Dec 2022 21:35:15 GMT
content-type: text/html
set-cookie: AWSALBTG=u4cFyahNUPxOo8x2Ai0n/j2hhFTPvlKLm37H1vm9Y56hA5ZtcZu0CAvlUlsaPMg8XsBDnMEF6qfbZ/hF/S9RT3MOrfvn9SJ22h6F6OghmSfK0PIX108cVkaFLZMjn919lNEn/iuf3SYQxEywl3EArGCTc4zRMHWTeTV/6Kre6LQQ; Expires=Fri, 23 Dec 2022 21:35:15 GMT; Path=/
AWSALBTGCORS=u4cFyahNUPxOo8x2Ai0n/j2hhFTPvlKLm37H1vm9Y56hA5ZtcZu0CAvlUlsaPMg8XsBDnMEF6qfbZ/hF/S9RT3MOrfvn9SJ22h6F6OghmSfK0PIX108cVkaFLZMjn919lNEn/iuf3SYQxEywl3EArGCTc4zRMHWTeTV/6Kre6LQQ; Expires=Fri, 23 Dec 2022 21:35:15 GMT; Path=/; SameSite=None; Secure
AWSALB=UgbUqzXp1Im4PDw2ifY0WrxZckXE/Q8xHFgRrEQ7LJTGl3juP99Igpn+C0FSyzBy/4tvZC8TJgCu0ud4ZXCBLhAzQtIQ2iniuEnowxncVd/A1rCOeroNvpfMIz92; Expires=Fri, 23 Dec 2022 21:35:15 GMT; Path=/
AWSALBCORS=UgbUqzXp1Im4PDw2ifY0WrxZckXE/Q8xHFgRrEQ7LJTGl3juP99Igpn+C0FSyzBy/4tvZC8TJgCu0ud4ZXCBLhAzQtIQ2iniuEnowxncVd/A1rCOeroNvpfMIz92; Expires=Fri, 23 Dec 2022 21:35:15 GMT; Path=/; SameSite=None; Secure
nlbi_2766148=hsswWMkaeRGNzcf/OJREPwAAAADkmCN+j1Cywp4nsxaL/Viv; path=/; Domain=.globalsources.com
visid_incap_2766148=Aw4jcfZzTsijq0vIfRm+4JLknGMAAAAAQUIPAAAAAABS007Um+OhNEvcDadNcy0h; expires=Fri, 15 Dec 2023 22:29:35 GMT; HttpOnly; path=/; Domain=.globalsources.com
incap_ses_277_2766148=dGShU7BDckROdftgiBrYA5PknGMAAAAAJjHDYx+b4Sb32HrKmAJHxQ==; path=/; Domain=.globalsources.com
cache-control: no-cache
pragma: no-cache
expires: Mon, 01 Jan 1999 00:00:00 GMT
content-encoding: gzip
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' *.globalsources.com; upgrade-insecure-requests;
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.globalsources.com ; form-action 'none' data: blob: ; frame-ancestors 'self' ; report-uri /csp_report
x-iinfo: 7-68118226-68118252 2NNN RT(1671226514031 60) q(0 1 1 0) r(11 11) U11
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/3267009/domain/czjilce-aqg-6.tk/token
108.157.214.56200 OK 0 B URL HTTP/2 cdn.linkedin.oribi.io/partner/3267009/domain/czjilce-aqg-6.tk/token
IP 108.157.214.56:0
GET /partner/3267009/domain/czjilce-aqg-6.tk/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: http://czjilce-aqg-6.tk
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Fri, 16 Dec 2022 21:35:16 GMT
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: gzip
vary: accept-encoding
x-cache: Miss from cloudfront
via: 1.1 47df1466fb55fd6ccae35d2a1425deaa.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P1
x-amz-cf-id: f66YgL3VBNX_8ses1nuL4dAexKeJO3n_Huk0sqeTRMlGLYlmNTHbKg==
X-Firefox-Spdy: h2
login.globalsources.com/rdvoqldvqhjbezvv825122.js
107.154.199.39404 Not Found 0 B URL HTTP/2 login.globalsources.com/rdvoqldvqhjbezvv825122.js
IP 107.154.199.39:0
GET /rdvoqldvqhjbezvv825122.js HTTP/1.1
Host: login.globalsources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Cookie: AWSALBTGCORS=8TY1MH5G+sREc6NkcMaaTJXHi1kCTZ14pnYluUbDgvj+Qd192bOS5oYK/ke46iBUF7ysOaO5wZR8T3asVtwnrN9sz7I44LLYuap0BQhZjgJDr84jEVbTRXK6es5Pll4g7Rqf2Zw++b9M0vC0/FKBSaHrMk7hLB8RI3tpnglZUoxs; AWSALBCORS=1UTAiLfeX9PMpb9xwo7j2z5YyAJf4coVGYJiRDSNNYfCCMWMTXEASLjXmlQNJWaU+nDwDcAUI+N5hi/6Q/ZicbDG0WaiBhTebETYurfF9KdfwToAABc7KdibxjHS
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
date: Fri, 16 Dec 2022 21:35:16 GMT
content-type: text/html
set-cookie: AWSALBTG=uDsapaGZ8N9dlskuTlo3KjI9DhlCr4d+I200GVpzPBP+mpAEJi9OmOp0uQz9Z8LY4r3LTabOBZptO1EznXT+eyw1Ufx2lvq/5oSUv5wRT9EPLJ2+yNAg8Ti7/AguynNdDNZgwJljvRSNx1Jo+yc8NE9PmYpRW8lpD71/ONQto1nb; Expires=Fri, 23 Dec 2022 21:35:16 GMT; Path=/
AWSALBTGCORS=uDsapaGZ8N9dlskuTlo3KjI9DhlCr4d+I200GVpzPBP+mpAEJi9OmOp0uQz9Z8LY4r3LTabOBZptO1EznXT+eyw1Ufx2lvq/5oSUv5wRT9EPLJ2+yNAg8Ti7/AguynNdDNZgwJljvRSNx1Jo+yc8NE9PmYpRW8lpD71/ONQto1nb; Expires=Fri, 23 Dec 2022 21:35:16 GMT; Path=/; SameSite=None; Secure
AWSALB=UtIRFhOln5SYVXxQLwzLunPrvtra4NpvBklh6tZezHHhRA2fU8LtuU6mcNaDYS+JAfcKVUQV4QGklLhFRUQSQIGDjNS1b2K08nZKyU8Y1wENCMQt9DEQ3uyy79SN; Expires=Fri, 23 Dec 2022 21:35:16 GMT; Path=/
AWSALBCORS=UtIRFhOln5SYVXxQLwzLunPrvtra4NpvBklh6tZezHHhRA2fU8LtuU6mcNaDYS+JAfcKVUQV4QGklLhFRUQSQIGDjNS1b2K08nZKyU8Y1wENCMQt9DEQ3uyy79SN; Expires=Fri, 23 Dec 2022 21:35:16 GMT; Path=/; SameSite=None; Secure
nlbi_2766148=9nJgEb1BglaUIu35OJREPwAAAABc9eDAbVqSbJEsTMxF/hKK; path=/; Domain=.globalsources.com
visid_incap_2766148=Aw4jcfZzTsijq0vIfRm+4JLknGMAAAAAQUIPAAAAAABS007Um+OhNEvcDadNcy0h; expires=Fri, 15 Dec 2023 22:29:35 GMT; HttpOnly; path=/; Domain=.globalsources.com
incap_ses_277_2766148=BVQVbhx/agJOdftgiBrYA5PknGMAAAAArkEIdHUe3a9QAI5hLHUBYg==; path=/; Domain=.globalsources.com
cache-control: no-cache
pragma: no-cache
expires: Mon, 01 Jan 1999 00:00:00 GMT
content-encoding: gzip
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' *.globalsources.com; upgrade-insecure-requests;
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.globalsources.com ; form-action 'none' data: blob: ; frame-ancestors 'self' ; report-uri /csp_report
x-iinfo: 7-68118226-68118252 2NNN RT(1671226514031 1458) q(0 0 0 0) r(3 3) U11
X-Firefox-Spdy: h2
login.globalsources.com/sso/gsol/pex/en/balat/includes/EGSOL_WEB_UI.JS
107.154.199.39200 OK 0 B URL HTTP/2 login.globalsources.com/sso/gsol/pex/en/balat/includes/EGSOL_WEB_UI.JS
IP 107.154.199.39:0
GET /sso/gsol/pex/en/balat/includes/EGSOL_WEB_UI.JS HTTP/1.1
Host: login.globalsources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 16 Dec 2022 21:35:15 GMT
content-type: application/x-javascript
set-cookie: AWSALBTG=p70LOQm+uSRl9+plZMakII2qb8gi+xGgDfRXqxFz2FsGbulBD6G2PqJCAflfmztB+7o/NsxD1F2kmILsLybNw6x65mhzx1FYAA55capldMCVGIb7ffVvcB8wLzYFpkMjQfQVYEOR7WvXkR7EgH1tXkJWkO01D3tOTHsIaFXAT7ER; Expires=Fri, 23 Dec 2022 21:35:15 GMT; Path=/
AWSALBTGCORS=p70LOQm+uSRl9+plZMakII2qb8gi+xGgDfRXqxFz2FsGbulBD6G2PqJCAflfmztB+7o/NsxD1F2kmILsLybNw6x65mhzx1FYAA55capldMCVGIb7ffVvcB8wLzYFpkMjQfQVYEOR7WvXkR7EgH1tXkJWkO01D3tOTHsIaFXAT7ER; Expires=Fri, 23 Dec 2022 21:35:15 GMT; Path=/; SameSite=None; Secure
AWSALB=orBn0Yx0Oca3kUiQqTQv1mELVr54vR3kf94NdQS8prkXlz9KyyF/acM51/X8UAncwvJZQ3dotrQE2q4hZgrXh1fOqC167kkgKSSAOL0Ea25PvSE7om62NyCPP4x/; Expires=Fri, 23 Dec 2022 21:35:15 GMT; Path=/
AWSALBCORS=orBn0Yx0Oca3kUiQqTQv1mELVr54vR3kf94NdQS8prkXlz9KyyF/acM51/X8UAncwvJZQ3dotrQE2q4hZgrXh1fOqC167kkgKSSAOL0Ea25PvSE7om62NyCPP4x/; Expires=Fri, 23 Dec 2022 21:35:15 GMT; Path=/; SameSite=None; Secure
nlbi_2766148=sF52A8cJ5zjAW0vYOJREPwAAAABRqf+FV07/OcDz8dRm+08N; path=/; Domain=.globalsources.com
visid_incap_2766148=Aw4jcfZzTsijq0vIfRm+4JLknGMAAAAAQUIPAAAAAABS007Um+OhNEvcDadNcy0h; expires=Fri, 15 Dec 2023 22:29:35 GMT; HttpOnly; path=/; Domain=.globalsources.com
incap_ses_277_2766148=+jNeWWdbYlFOdftgiBrYA5PknGMAAAAA84Hb8YbYkSSq3MPKSPJzxw==; path=/; Domain=.globalsources.com
last-modified: Thu, 28 Apr 2022 06:31:57 GMT
cache-control: no-cache
pragma: no-cache
expires: Mon, 01 Jan 1999 00:00:00 GMT
content-encoding: gzip
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' *.globalsources.com; upgrade-insecure-requests;
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.globalsources.com ; form-action 'none' data: blob: ; frame-ancestors 'self' ; report-uri /csp_report
x-iinfo: 7-68118226-68118231 pNNN RT(1671226514031 60) q(0 0 5 0) r(14 14) U2
X-Firefox-Spdy: h2
login.globalsources.com/sso/gsol/pex/en/common/includes/egain_docked_chat.js
107.154.199.39200 OK 0 B URL HTTP/2 login.globalsources.com/sso/gsol/pex/en/common/includes/egain_docked_chat.js
IP 107.154.199.39:0
GET /sso/gsol/pex/en/common/includes/egain_docked_chat.js HTTP/1.1
Host: login.globalsources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://czjilce-aqg-6.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 16 Dec 2022 21:35:15 GMT
content-type: application/x-javascript
set-cookie: AWSALBTG=+/g1zvskdV4u7BfNXIyj2DrGbDOL7fsRsPAU1sXk3QKDI9D+N6to3vW5sb3SI2HnuNJJqkeQkdAUwcfGEEDxvilKcML56uWvs7q4GjL9+qxpZ/teXL4m/YuurYwkLVkcNxACuaehAnaN8QX4cpPMQMA8P9KUvzc0pGR81xK9gzFh; Expires=Fri, 23 Dec 2022 21:35:15 GMT; Path=/
AWSALBTGCORS=+/g1zvskdV4u7BfNXIyj2DrGbDOL7fsRsPAU1sXk3QKDI9D+N6to3vW5sb3SI2HnuNJJqkeQkdAUwcfGEEDxvilKcML56uWvs7q4GjL9+qxpZ/teXL4m/YuurYwkLVkcNxACuaehAnaN8QX4cpPMQMA8P9KUvzc0pGR81xK9gzFh; Expires=Fri, 23 Dec 2022 21:35:15 GMT; Path=/; SameSite=None; Secure
AWSALB=LRTP6POLTXJQcvaXA3oraFUKnL9ATm+74bTAjmHOA5i+BWBlSqiveuDI63CKL7DrcFJ1C5eZZgRFQ4sUfkb1xLWuo0UDG6K/FuocC5cwh6/Y9fAnpNXwi0Qwq2TR; Expires=Fri, 23 Dec 2022 21:35:15 GMT; Path=/
AWSALBCORS=LRTP6POLTXJQcvaXA3oraFUKnL9ATm+74bTAjmHOA5i+BWBlSqiveuDI63CKL7DrcFJ1C5eZZgRFQ4sUfkb1xLWuo0UDG6K/FuocC5cwh6/Y9fAnpNXwi0Qwq2TR; Expires=Fri, 23 Dec 2022 21:35:15 GMT; Path=/; SameSite=None; Secure
nlbi_2766148=n/0ReLn/AnJN6BaUOJREPwAAAAARydAWAijpTucxEO7dvlpz; path=/; Domain=.globalsources.com
visid_incap_2766148=Aw4jcfZzTsijq0vIfRm+4JLknGMAAAAAQUIPAAAAAABS007Um+OhNEvcDadNcy0h; expires=Fri, 15 Dec 2023 22:29:35 GMT; HttpOnly; path=/; Domain=.globalsources.com
incap_ses_277_2766148=ItFSe2LYrhNOdftgiBrYA5LknGMAAAAAdmihBCWbWnb5cHzGj3NfpA==; path=/; Domain=.globalsources.com
last-modified: Sun, 31 Oct 2021 12:58:49 GMT
cache-control: no-cache
pragma: no-cache
expires: Mon, 01 Jan 1999 00:00:00 GMT
content-encoding: gzip
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' *.globalsources.com; upgrade-insecure-requests;
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.globalsources.com ; form-action 'none' data: blob: ; frame-ancestors 'self' ; report-uri /csp_report
x-iinfo: 7-68118226-68118231 pNNN RT(1671226514031 58) q(0 0 5 1) r(9 9) U2
X-Firefox-Spdy: h2