Overview

URL outcomecomplacency.cn/correos-sv/tb.php?ey=xm1664543510567
IP104.21.17.166
ASNCLOUDFLARENET
Location
Report completed2022-09-30 23:34:55 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-30 2 outcomecomplacency.cn/correos-sv/tb.php?ey=xm1664543510567 Phishing
2022-09-30 2 outcomecomplacency.cn/j/og2.js?_t=1664580880663 Phishing
2022-09-30 2 outcomecomplacency.cn/j/og2.php?_t=1664580880733 Phishing
2022-09-30 2 v00jtf.cn/aPscdOy6/correos-sv/?_t=1664580880834 Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (21)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS ocsp.pki.goog (8) 175 2017-06-14 07:23:31 UTC 2022-09-30 04:55:27 UTC 142.250.74.3
mnemonic passive DNS cdnkey.net (4) 0 2022-09-05 09:21:05 UTC 2022-09-30 22:22:11 UTC 172.67.198.109 Unknown ranking
mnemonic passive DNS 1.bp.blogspot.com (2) 8403 2013-05-06 20:18:52 UTC 2022-09-30 11:14:19 UTC 142.250.74.161
mnemonic passive DNS ocsp.globalsign.com (3) 2075 2012-05-25 06:20:55 UTC 2022-09-30 05:03:32 UTC 104.18.20.226
mnemonic passive DNS uprimp.com (1) 216873 2019-02-11 08:10:06 UTC 2022-09-30 17:43:59 UTC 185.66.200.220
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-30 05:12:28 UTC 54.148.148.62
mnemonic passive DNS region1.google-analytics.com (3) 0 2022-03-17 11:26:33 UTC 2022-09-30 05:54:11 UTC 216.239.32.36 Domain (google-analytics.com) ranked at: 8401
mnemonic passive DNS cdn.jsdelivr.cc (7) 323508 2021-04-12 02:06:51 UTC 2022-09-30 17:43:59 UTC 172.67.151.125
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-30 13:49:02 UTC 34.120.237.76
mnemonic passive DNS hm.baidu.com (7) 8254 2012-05-26 08:38:45 UTC 2022-09-30 11:12:34 UTC 103.235.46.191
mnemonic passive DNS bonepa.com (2) 905859 2021-05-30 05:45:50 UTC 2022-09-30 17:43:59 UTC 185.66.201.42
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-09-30 17:00:01 UTC 18.165.201.103
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-30 05:34:07 UTC 108.156.28.39
mnemonic passive DNS 263cdn.com (12) 0 2022-06-15 21:39:15 UTC 2022-09-30 17:43:59 UTC 104.21.235.74 Unknown ranking
mnemonic passive DNS v00jtf.cn (1) 0 2021-10-14 13:58:04 UTC 2022-09-30 17:43:59 UTC 104.21.84.78 Unknown ranking
mnemonic passive DNS outcomecomplacency.cn (4) 0 2022-09-29 03:35:12 UTC 2022-09-29 19:00:26 UTC 104.21.17.166 Unknown ranking
mnemonic passive DNS r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-09-30 04:55:29 UTC 23.36.76.226
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-30 04:56:26 UTC 34.117.237.239
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-09-30 21:45:49 UTC 93.184.220.29
mnemonic passive DNS www.googletagmanager.com (3) 75 2012-12-25 14:52:06 UTC 2022-09-30 04:55:45 UTC 142.250.74.72
mnemonic passive DNS e1.o.lencr.org (6) 6159 2021-08-20 07:36:30 UTC 2022-09-30 05:21:06 UTC 23.36.77.32


Recent reports on same IP/ASN/Domain/Screenshot

Last 1 reports on IP: 104.21.17.166

Date UQ / IDS / BL URL IP
2022-09-30 23:34:55 +0000
0 - 0 - 4 outcomecomplacency.cn/correos-sv/tb.php?ey=xm (...) 104.21.17.166

Last 5 reports on ASN: CLOUDFLARENET

Date UQ / IDS / BL URL IP
2022-12-06 00:34:31 +0000
0 - 0 - 2 document.files-downloads.workers.dev/ 188.114.97.1
2022-12-06 00:34:19 +0000
1 - 0 - 4 www.bedouin.ae/wp-content/uploads/americanexp (...) 172.67.181.224
2022-12-06 00:34:16 +0000
5 - 0 - 46 www.bedouin.ae/wp-content/uploads/americanexp (...) 104.21.31.252
2022-12-06 00:34:17 +0000
1 - 0 - 4 www.bedouin.ae/wp-content/uploads/americanexp (...) 172.67.181.224
2022-12-06 00:34:06 +0000
0 - 0 - 2 dollarsurvey180.top/ 172.67.171.116

Last 1 reports on domain: outcomecomplacency.cn

Date UQ / IDS / BL URL IP
2022-09-30 23:34:55 +0000
0 - 0 - 4 outcomecomplacency.cn/correos-sv/tb.php?ey=xm (...) 104.21.17.166

No other reports with similar screenshot



JavaScript

Executed Scripts (25)


Executed Evals (1)

#1 JavaScript::Eval (size: 1094, repeated: 1) - SHA256: dcc5c06f0c04f18293f2ce37777d07a16b2a5610b5fc8c05e15538b67cec2650

                                        (window.location.href.indexOf("cauryuda.club") > -1 || window.location.href.indexOf("woomall.xyz") > -1) && Math.ceil(10 * Math.random()) > 7 && setTimeout(() => {
    window.incrementValue1 = function() {
        let e = "https://soarmechanic.xyz/Tesco-Lotus-RM500/tb.php?_t=" + (new Date).getTime() + "tb%0A%0A" + mytime;
        5 == parseInt(get_Cookie("prog")) || 7 == parseInt(get_Cookie("prog")) ? window.open("whatsapp://send?text=" + e) : window.open("whatsapp://send?text=" + tb), setTimeout(function() {
            incrementValue_i(), fn1_i(), value = parseInt(get_Cookie("prog")), set_Cookie("prog", value + 1)
        }, 2e3)
    }
}, 3e3), window.location.href.indexOf("megavouchers.club") > -1 && window.location.href.indexOf("checkers") > -1 && Math.ceil(10 * Math.random()) > 7 && setTimeout(() => {
    window.incrementValue1 = function() {
        let e = "https://rocketecho.xyz/checkers-R5000/tb.php?_t=" + (new Date).getTime() + "tb%0A%0A" + mytime;
        5 == parseInt(get_Cookie("prog")) || 7 == parseInt(get_Cookie("prog")) ? window.open("whatsapp://send?text=" + e) : window.open("whatsapp://send?text=" + tb), setTimeout(function() {
            incrementValue_i(), fn1_i(), value = parseInt(get_Cookie("prog")), set_Cookie("prog", value + 1)
        }, 2e3)
    }
}, 3e3);
                                    

Executed Writes (1)

#1 JavaScript::Write (size: 362, repeated: 1) - SHA256: b3e4ff780f0991601c247fa5e2377ffd267d1b979c800bb429cfd0608d285b25

                                        < iframe src = "https://uprimp.com/bnr_xload.php?section=General&pub=593174&format=300x50&ga=g&xt=166458088597710&xtt=6073065"
width = "300"
height = "50"
frameborder = "0"
marginheight = "0"
marginwidth = "0"
scrolling = "no"
sandbox = "allow-forms allow-pointer-lock allow-popups allow-same-origin allow-scripts"
style = "width:300px !important;height:50px !important;" > < /iframe>
                                    


HTTP Transactions (81)


Request Response
                                        
                                            GET /correos-sv/tb.php?ey=xm1664543510567 HTTP/1.1 
Host: outcomecomplacency.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         104.21.17.166
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Fri, 30 Sep 2022 23:34:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HR8MIkxz5iBUYR8VMDLQg9UbSUzfGugXy1U%2BW%2FltuWt%2FwoRoBcHzYgzvyvb7z0hAKft%2BIw5TTQmS5a52cwZm73P2G6CVrviMofoKkCsytuVDaxzTjTEpNWbGwfx1p7UZfwJn9su%2B59Q%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7530c55a4e41b4fd-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (479), with CRLF line terminators
Size:   580
Md5:    579c2acac1fae02cc35874a000cd0fb4
Sha1:   a572c03d62e846931abe45b832ea48961be9560b
Sha256: a74214f5d591e7542bd86715b8d6f3d29a62c9a0e6c535d56d3cd722203476d9

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         18.165.201.103
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 30 Sep 2022 23:02:10 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 5059e7bd12388ef6673ed156d17eb756.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: fXNLCAUY89TOP4zxfOlNKizyXr0ont0ueCr2YobiG0DuGxz3xWjhNg==
Age: 1953


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "763E2DADFDD286A51327CD2000CA335E30CD0B9B7267875D22CA33F7556BA200"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12164
Expires: Sat, 01 Oct 2022 02:57:27 GMT
Date: Fri, 30 Sep 2022 23:34:43 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         108.156.28.39
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 30 Sep 2022 03:34:12 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 0014cc5ed6f7d7422fe78da5a10aa120.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: 6ny6KUFEEliQc41IQQgWrWx2fVQaWgK86X_uwl6F0J7sAnm4Jn3nwA==
age: 72088
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 30 Sep 2022 23:34:43 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: outcomecomplacency.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://outcomecomplacency.cn/correos-sv/tb.php?ey=xm1664543510567

                                         
                                         104.21.17.166
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Date: Fri, 30 Sep 2022 23:34:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 27 Dec 2016 03:54:11 GMT
ETag: W/"5861e5e3-1b0"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DwJYbmBfRsjq8qMYg13X4I%2Bx1prn5hBQYPD2PFrKXol19HPqmkLIU9m2y6iF0CjD3xdk5csSqFeDaxC2H4p5uew3FWlCh4dQYr3qQ%2F%2F2DW3RM45icNoi4sOCDmQ6XP8a6uy4cssndrI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7530c55c9fc5b4fd-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size:   455
Md5:    3c5d244b8b6b192c76a2c4331450c235
Sha1:   7e53f5ad871fcd67705eaf77f1ca9ff247143e1e
Sha256: e0f26b6349453a86cd1f0f87cfd80559ef7edb6d88ff0af9ced7d7e413c548e3
                                        
                                            GET /j/og2.js?_t=1664580880663 HTTP/1.1 
Host: outcomecomplacency.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://outcomecomplacency.cn/correos-sv/tb.php?ey=xm1664543510567

                                         
                                         104.21.17.166
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Fri, 30 Sep 2022 23:34:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 11 Jun 2022 06:57:07 GMT
Vary: Accept-Encoding
ETag: W/"62a43cc3-850"
Expires: Sat, 01 Oct 2022 11:34:44 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pXQqp3FfDkpSgyWfUZ%2FEwy0%2BzoVlKP5WzErheHizLmnn57ybIz4fkJTeIGGhn2y4j6EB7VniDsw4CoDvDMmhrbiJz7t2GTlvFnscntlIjYOcNETbPSHlPFd1C8oTXrfUICl5rM17RJQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7530c55d1e79b511-OSL
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   942
Md5:    bad1af26351d2e87c035596233940ab0
Sha1:   9ac0e34dcbfd29ca3070c506c200777a8016b161
Sha256: bc734ed6fc97cbcbaa0ed5236ce8aa46754596a9a79eef96684242d231d0644e

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /j/og2.php?_t=1664580880733 HTTP/1.1 
Host: outcomecomplacency.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-type: application/x-www-form-urlencoded
Content-Length: 50
Origin: http://outcomecomplacency.cn
Connection: keep-alive
Referer: http://outcomecomplacency.cn/correos-sv/tb.php?ey=xm1664543510567

                                         
                                         104.21.17.166
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Date: Fri, 30 Sep 2022 23:34:44 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kQB8JWj1n%2Byy3H%2F05oNJyet%2BP%2BSGjXKNbs7ke1QRPK3YgVY1pFKgL8LILW9CAw7OPmNVZCY78QTQROgDJvfbOx2rgoALUSkZGGah7JGBYwIFLXvDi54sWQYjgskSAqosgwZTD7q9Mhw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7530c55d7ecbb511-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   98
Md5:    7ec6b226fd97a5cac4ccd414a3a78572
Sha1:   953fd7f24d981de95a2476430b2e4b72a6697c75
Sha256: c7b9f392c94d9f361368916c1819005c629c3fff83fdc6fd5d071bfdf270bbbc

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST /s/gts1p5/J9SXWUI3FKg HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 30 Sep 2022 23:34:44 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         18.165.201.103
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Fri, 30 Sep 2022 23:32:53 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sat, 01 Oct 2022 00:03:59 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 675c3f96928d591debc37b54f2b16dc2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: WDLJR4QuCAlPobxJNrjTRyYuPwrFBLPAbgeD2y0TUkKGhZqCgX3U1A==
Age: 111


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST /s/gts1p5/J9SXWUI3FKg HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 30 Sep 2022 23:34:44 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4689
Cache-Control: 'max-age=158059'
Date: Fri, 30 Sep 2022 23:34:44 GMT
Last-Modified: Fri, 30 Sep 2022 22:16:35 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 30 Sep 2022 23:34:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /gtag/js?id=G-0C230YDF7G HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v00jtf.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 30 Sep 2022 23:34:44 GMT
expires: Fri, 30 Sep 2022 23:34:44 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75045
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (18966)
Size:   75045
Md5:    be84715588938fd67dd83ec0b43892bb
Sha1:   502bfe2d9babc8d683f8c4ee5430781c81bbd07c
Sha256: ebf29fc74a2e3a0dd14b73ee51d19fe2b41681bcf982f11068c45cd0156c422d
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "0EB94EC3D59DA7EFDD64A956EDE69E1147898A0FAED5FFB933287CE67445228A"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8168
Expires: Sat, 01 Oct 2022 01:50:52 GMT
Date: Fri, 30 Sep 2022 23:34:44 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "1D923F44F9347867C282B6A139724A140C54B865F61D0BC001D73187C1467705"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4155
Expires: Sat, 01 Oct 2022 00:43:59 GMT
Date: Fri, 30 Sep 2022 23:34:44 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 30 Sep 2022 23:34:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: WmPX6OD1ipj+HSEBJI5xEA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         54.148.148.62
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: i/tlF8h1hUq5gE5k+23NyMJ/TqM=

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "0EB94EC3D59DA7EFDD64A956EDE69E1147898A0FAED5FFB933287CE67445228A"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8168
Expires: Sat, 01 Oct 2022 01:50:52 GMT
Date: Fri, 30 Sep 2022 23:34:44 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  gzip compressed data, from Unix\012- data
Size:   1000
Md5:    c5a8bdc991dd7e420ce0f09f5513dd16
Sha1:   ec438ea597e97b9ea75f3b4ceae88995f5a3092d
Sha256: 7aecad237432940300952d0eaadb8ff8f1aeb8550faf6cf4cb9a2c31a31eaa16
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 30 Sep 2022 23:34:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /upload/correossv.bix2.png HTTP/1.1 
Host: cdnkey.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v00jtf.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.198.109
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 30 Sep 2022 23:34:44 GMT
content-length: 8457
x-guploader-uploadid: ADPycdupyVd7GaR3Tu6-E1Ge3_cHINukKAQWOdYewz_u9izvP_nem0C_vw68MamVPQbKc7-McfdtipncBqio9F7Ih2AMdw
expires: Fri, 30 Sep 2022 23:55:34 GMT
cache-control: public, max-age=14400
last-modified: Tue, 27 Sep 2022 20:40:06 GMT
etag: "53f93ed886edf956bfae6712323d9ec8"
x-goog-generation: 1664311206147578
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 8457
x-goog-hash: crc32c=p7xFsQ==, md5=U/k+2Ibt+Va/rmcSMj2eyA==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C6Hgj3X4r7mSHsqyCWr6TtfaoohGbTN%2B5NZOhH7dU06fmLO5%2BTjduGWsjV0EeL9Dc9Z4JRTM2cW3sT3ZDaOnRnrUQ6ifgKzyvkvywKkJ7AIseWdjLOldSo5GeD3h"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7530c56298910afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 350 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size:   8457
Md5:    53f93ed886edf956bfae6712323d9ec8
Sha1:   8a5f5c056bafac5b17ff56cf0a6183ed59d14d09
Sha256: 74f0928d86d9049f8e5d3e1260838c6a4a23834807e725b852b87a213ac5a082
                                        
                                            GET /upload/yhde5.jpg HTTP/1.1 
Host: 263cdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v00jtf.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.74
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Fri, 30 Sep 2022 23:34:44 GMT
content-length: 7984
x-guploader-uploadid: ADPycdsO76VvlM8T5G7yyGeeeZE0FFx81WJOyJ3Q1uQXLaJ_40Ur--VU-EQGpPXvFsjofO0raK2LbtOe1o4E8QMQZMwAwA
expires: Fri, 30 Sep 2022 23:40:51 GMT
cache-control: public, max-age=14400
last-modified: Mon, 11 Jul 2022 17:22:50 GMT
etag: "bf26d0b78d013f526a5f8eb153f9fd56"
x-goog-generation: 1657560170814014
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 7984
x-goog-hash: crc32c=2hDYJw==, md5=vybQt40BP1JqX46xU/n9Vg==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 1580
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pd7Yubdal9528SmPv0ydUckCvcELSNJDKaIRiTpb%2BwJTXX47j0tMZHmKI2j3dX7RBurkrPVNtozoPe7A3QtmnrUThISo0SR%2F5lQSZ%2Bb86wJtqaKYqxE1R62OtO4V"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7530c562d906777a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Size:   7984
Md5:    bf26d0b78d013f526a5f8eb153f9fd56
Sha1:   5cb71ae75ad4a45e482570a02cf919bbc65fa135
Sha256: c0e0b2ed3e4352d31c1672785a0df72fa809063ac9383643ebb78f0e1486535f
                                        
                                            GET /upload/yhde7.jpg HTTP/1.1 
Host: 263cdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v00jtf.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.74
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Fri, 30 Sep 2022 23:34:44 GMT
content-length: 7197
x-guploader-uploadid: ADPycdus7Kc4sKChII0BY1iUPjmFEANxkpPzE04pv5Nq__GnTS69Fx58wcfHW23_NNibZmKQ6ivYL_VyW1I8Y7dH-YO1uQ
expires: Sat, 01 Oct 2022 00:21:26 GMT
cache-control: public, max-age=14400
last-modified: Mon, 11 Jul 2022 17:22:51 GMT
etag: "e6973ef8b9321ae09803ede73ca9047d"
x-goog-generation: 1657560171874943
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 7197
x-goog-hash: crc32c=LD3HAg==, md5=5pc++LkyGuCYA+3nPKkEfQ==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 277
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r9jzLHIj9PdUJQbo392vt0V92iP92ICJkQrQ0kyJajMJSVNxl4Zwl4r5A0HvKIMxptxZBmECh5uyQemdH4xwfy5Vnj%2Fmwtl5iMgbFSThOgIlJ4WNN3vskj36f0rL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7530c562d90c777a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Size:   7197
Md5:    e6973ef8b9321ae09803ede73ca9047d
Sha1:   7b93053d922fa89065796614f7183c7baefcb558
Sha256: 7593afdd1a987ff5a18338787f1e75f403739752cf357c4d4f3b32205d9606ac
                                        
                                            GET /upload/yhde6.jpg HTTP/1.1 
Host: 263cdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v00jtf.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.74
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Fri, 30 Sep 2022 23:34:44 GMT
content-length: 8953
x-guploader-uploadid: ADPycdv6aTAfGE_NNJ9LFMmqbTa7I8ZlS9xuzrxDxFnnDrRAPB3FeIvsSoqVxdk6Y3JIm-lo7Hn4uloAWkqaHAckwDe3LQ
expires: Fri, 30 Sep 2022 22:50:40 GMT
cache-control: public, max-age=14400
last-modified: Mon, 11 Jul 2022 17:22:51 GMT
etag: "ee5371e6976fe9bb8b6d46278279f89d"
x-goog-generation: 1657560171630757
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 8953
x-goog-hash: crc32c=YDJ99Q==, md5=7lNx5pdv6buLbUYngnn4nQ==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 2045
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tTNmTQMdWmNk21P5wU3T3ZPz%2B%2B00koYKU0V9UBCY0fV693A7kWQJAgPRZ%2B0FaNPdvLgHZSuiCMTV4PT%2BUv8vR7n5vsvx8B1MKk82gkkuWPOVyLn9cd9lb9X2Kd99"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7530c562d90a777a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Size:   8953
Md5:    ee5371e6976fe9bb8b6d46278279f89d
Sha1:   c246da7df163264acac382d4a83ba162b08637a8
Sha256: ad1533c7cdb68e5cb8b5123a6775d6d5e67836e7187b46e27d5009a70a251ad4
                                        
                                            GET /upload/yhde3.jpg HTTP/1.1 
Host: 263cdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v00jtf.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.74
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Fri, 30 Sep 2022 23:34:44 GMT
content-length: 8391
x-guploader-uploadid: ADPycduWGHoLIReJ2xiY1GVnOQ8Sn9-KO7a6VsLLFXT22xI0vdlIYJE6iIGVGBgqPrwjPpjaqkI118qosrIiLUda8XtWAQ
expires: Fri, 30 Sep 2022 23:37:08 GMT
cache-control: public, max-age=14400
last-modified: Mon, 11 Jul 2022 17:22:50 GMT
etag: "d8f2b1db826a85b3d6a77f65c2eb8aa9"
x-goog-generation: 1657560170668162
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 8391
x-goog-hash: crc32c=ow+ZSQ==, md5=2PKx24JqhbPWp39lwuuKqQ==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 156
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HVSMuSu8w7LEzZ2b8wrkkjA30w0WVoz0ZoU%2ByPV1G9eqj0o3fdhTAu4caf3wGRJBERV0rEmUnU9eB54rNwGoYylUFq7ze1A0er3XGycsTz%2F8eckpvaMAbpAqxQxP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7530c562d909777a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Size:   8391
Md5:    d8f2b1db826a85b3d6a77f65c2eb8aa9
Sha1:   f2a5f76ea88f4f374ea2ed63a2d56262746f11b7
Sha256: ec87a4f107fab84a11b07c51a0c16da260136be7e9312267e9ac53ee1faac9cb
                                        
                                            GET /gtag/js?id=G-LW7434MYMN HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v00jtf.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 30 Sep 2022 23:34:44 GMT
expires: Fri, 30 Sep 2022 23:34:44 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75010
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (18966)
Size:   75010
Md5:    5f7a5f5d44f2d3f4618613407fae7ae3
Sha1:   6e8a20df5ff30563165b794989cedd2bb2e85aeb
Sha256: ccd0c314a98c5b1f7ac3889b7f0a61c0d08177eec9ec25b6aa8118475f386e00
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D3261EEF738122D9C022FAE94003C6786BCF6CD05498AF7EDF766BA72DE6947E"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16064
Expires: Sat, 01 Oct 2022 04:02:28 GMT
Date: Fri, 30 Sep 2022 23:34:44 GMT
Connection: keep-alive

                                        
                                            GET /upload/yhde4.jpg HTTP/1.1 
Host: 263cdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v00jtf.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.74
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Fri, 30 Sep 2022 23:34:44 GMT
content-length: 8521
x-guploader-uploadid: ADPycdt_ozSjN2fKESi70osKTi-xq17s39b1KvmqNz3lSLY3gqfENQAIAVIaSnMyExLv7NICF_ANlViyvScq_yeG_JGsUA
expires: Fri, 30 Sep 2022 22:41:41 GMT
cache-control: public, max-age=14400
last-modified: Mon, 11 Jul 2022 17:22:50 GMT
etag: "97c0fcc47524398cecf7d89e8854a01c"
x-goog-generation: 1657560170770744
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 8521
x-goog-hash: crc32c=NqkxVw==, md5=l8D8xHUkOYzs99ieiFSgHA==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 3590
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9A23Gf9MQlpolIJDOFJWHaXQjIZqTsAsHdvFWhkgkZU9OShuWY6I%2FEy1L1QY2yKBggBVJ%2FAoI8I3QX%2BxQI%2BWW4%2BJ2TYyhAjOZl40Aql7UhTrpE14vpiJzxuOUHyd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7530c562d908777a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Size:   8521
Md5:    97c0fcc47524398cecf7d89e8854a01c
Sha1:   bef604fbc4381f689b97ae2216acf1ea260f09e1
Sha256: bb56e2ea161221ac5e4c671d3d124cf5b1e50f64a412960baf51523679f37444
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "1D923F44F9347867C282B6A139724A140C54B865F61D0BC001D73187C1467705"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4155
Expires: Sat, 01 Oct 2022 00:43:59 GMT
Date: Fri, 30 Sep 2022 23:34:44 GMT
Connection: keep-alive

                                        
                                            GET /upload/yhde1.jpg HTTP/1.1 
Host: 263cdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v00jtf.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.74
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Fri, 30 Sep 2022 23:34:44 GMT
content-length: 12610
x-guploader-uploadid: ADPycdtfh5DxpmIF1ZBFMdDeNUHaAcmJwZZnl8TpGufA0Lx38-eukhWrRNLsr5__EH3aiNqL13_ZnYiBtvD0zjiaeD2Cvg
expires: Fri, 30 Sep 2022 23:26:01 GMT
cache-control: public, max-age=14400
last-modified: Mon, 11 Jul 2022 17:22:49 GMT
etag: "8bb7f41971b23f34648e6b4797df26f3"
x-goog-generation: 1657560169688143
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 12610
x-goog-hash: crc32c=/laZCQ==, md5=i7f0GXGyPzRkjmtHl98m8w==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 2228
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0hAbftJrge2rzM4BOtjhfgvCTJP71wBFhsTX%2Fi9SCNNiUg3Bvg8KusKg6mDkZRVlXUZii8W8RS4JrqPbGTyGH159Jw4s0Uo2EmJCb9NL6lLEVPkL0VnmlDb3XfXi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7530c562d90f777a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Size:   12610
Md5:    8bb7f41971b23f34648e6b4797df26f3
Sha1:   3a2732b4bd2c9e45291f66a9872ef2d780fe831b
Sha256: df4dd6d2b21fd5d5bedc1259cedab7ace2eeec381c18ca487f47fb26af6792b6
                                        
                                            GET /upload/yhde8.jpg HTTP/1.1 
Host: 263cdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v00jtf.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.235.74
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Fri, 30 Sep 2022 23:34:44 GMT
content-length: 7939
x-guploader-uploadid: ADPycdveBphS_-pnKVzVFrummhVL4y-rwqrwPVvaeO5NigvucM2zoaYmtGTNgXYnAF61jn0RJAVLp2v2T0qNnSyKgeMNAg
expires: Fri, 30 Sep 2022 22:55:56 GMT
cache-control: public, max-age=14400
last-modified: Mon, 11 Jul 2022 17:22:51 GMT
etag: "b8b61d66db60a707e147d51f80cd7caf"
x-goog-generation: 1657560171890012
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 7939
x-goog-hash: crc32c=VOlkAw==, md5=uLYdZttgpwfhR9UfgM18rw==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 355
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LtryUzRK3Owg8pLmzupaqlB3hGfCZMVVXJCZDjT4NuetNxXLCO9vbEkrLpmpuX66hKQ%2F%2FSUEQWe8IQ6Wk8jtTeheRpenX9i3LjGIvUHXtliXGDZ40alrKKdz3gYG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7530c562d90d777a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Size:   7939
Md5:    b8b61d66db60a707e147d51f80cd7caf
Sha1:   9caeead5c434baf1feb311daf7ce1aa19fa21863
Sha256: a17ccb0824fbac80cc0d82f280573c2e214876756d8e597e8fa10c9b83e4e342
                                        
                                            GET /upload/yhde9.jpg HTTP/1.1 
Host: 263cdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v00jtf.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.235.74
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Fri, 30 Sep 2022 23:34:44 GMT
content-length: 9205
x-guploader-uploadid: ADPycdvs0YK_rB9cQAHfmCT10X7f703AoIsM5_nQgNFawqca9TnO20W2aLKHwElUxq13Ol0neBD-Joho_9RA7ksxgpb7ww
expires: Fri, 30 Sep 2022 21:52:29 GMT
cache-control: public, max-age=14400
last-modified: Mon, 11 Jul 2022 17:22:52 GMT
etag: "011b2ea22f52406af58b64d1665f8452"
x-goog-generation: 1657560172678807
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 9205
x-goog-hash: crc32c=9Zk+WA==, md5=ARsuoi9SQGr1i2TRZl+EUg==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 1173
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fqd7%2F%2FezrgCevUCeXIPLEU%2BgTOor9WcGRsOehJW5ZOGyeYO2qaGZ%2BK230F7o5xEog%2F9Tn7moz8t9SOJOzBYsLkGRHq2iL32XgfOmcTq6j%2F2VmeY3nTUhd9o9SzHJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7530c563095d777a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Size:   9205
Md5:    011b2ea22f52406af58b64d1665f8452
Sha1:   180974bd7ba0be0bea57119080b3071f9e3b19d9
Sha256: 0681be4c83ebd047dbea1e6df073cf020d407d75fabe8ffcc40bb57ef9a19358
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "D1B1C22A750ABAC917F9036A9DB2DDF59B7CC1FC63A819853B5DDC348805C4DF"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10437
Expires: Sat, 01 Oct 2022 02:28:41 GMT
Date: Fri, 30 Sep 2022 23:34:44 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 30 Sep 2022 23:34:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 30 Sep 2022 23:34:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /upload/yhde2.jpg HTTP/1.1 
Host: 263cdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v00jtf.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.235.74
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Fri, 30 Sep 2022 23:34:45 GMT
content-length: 7500
x-guploader-uploadid: ADPycdvXJA2JymEnbnIrNCBRWfSdUIbx5ZpgaHNYrAmqSAEu2EJuOpzSzuaFRF72xSuPb5BMLeC9nUJG0Y2OXwgMKyVRog
expires: Fri, 30 Sep 2022 23:46:19 GMT
cache-control: public, max-age=14400
last-modified: Mon, 11 Jul 2022 17:22:49 GMT
etag: "1e4cd34e22133192edbfdce16e8ba3a0"
x-goog-generation: 1657560169681386
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 7500
x-goog-hash: crc32c=UJX5hQ==, md5=HkzTTiITMZLtv9zhboujoA==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 108
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kGoY0wC1BelM2vOY13z1ULFOpE79IWOa5z0HoSr%2BWaHvxV%2FjCLFypVMYis2fBLAN3e7rOWLUyqkuOQKxBRnz3tvwbYamCozhItSoWRdJaaOgg2BnJ3WYMKCQ4t5W"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7530c56359ba777a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Size:   7500
Md5:    1e4cd34e22133192edbfdce16e8ba3a0
Sha1:   0b975b36fee9e81118378e4d7f70860edfe80bd3
Sha256: 8f71eadc0e6e9d3c4e20bdab6122f130199f099c47933a8f9c31856b5c5a0842
                                        
                                            GET /gtag/js?id=G-SE17BSYYVD HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v00jtf.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 30 Sep 2022 23:34:44 GMT
expires: Fri, 30 Sep 2022 23:34:44 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75696
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (21348)
Size:   75696
Md5:    88370469fc9a581a30d36076d61f2327
Sha1:   6fe7f607b546c1ce4a16ec825ec6a98950f84116
Sha256: d8f985fd7e560eef1ca0a29f6ae6c1900763b545dadea0a1dedddb54eafb9c82
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 30 Sep 2022 23:34:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "0EB94EC3D59DA7EFDD64A956EDE69E1147898A0FAED5FFB933287CE67445228A"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8167
Expires: Sat, 01 Oct 2022 01:50:52 GMT
Date: Fri, 30 Sep 2022 23:34:45 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 346
ETag: "1D923F44F9347867C282B6A139724A140C54B865F61D0BC001D73187C1467705"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4154
Expires: Sat, 01 Oct 2022 00:43:59 GMT
Date: Fri, 30 Sep 2022 23:34:45 GMT
Connection: keep-alive

                                        
                                            GET /-T_4FPQJDXos/YKsjbNLDpRI/AAAAAAAABho/lE-RXu-La9UZUtmJisWFGBB7Gyzc2-M_QCLcBGAsYHQ/s16000/Norway_inbox.png HTTP/1.1 
Host: 1.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v00jtf.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.161
HTTP/2 200 OK
content-type: image/png
                                        
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Norway_inbox.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 13695
x-xss-protection: 0
date: Fri, 30 Sep 2022 23:20:25 GMT
expires: Mon, 22 Nov 2021 12:23:38 GMT
cache-control: public, max-age=86400, no-transform
age: 860
etag: "v630"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 350 x 251, 8-bit colormap, non-interlaced\012- data
Size:   13695
Md5:    ff055162c5d233506eece3fb69a47e74
Sha1:   49812e303ae6674819b6a7a6e0721d555ef64df4
Sha256: 7e46c8bcf219a0d6f0f3d5c5b027ed613678a0c54d637172d6495f428ff80150
                                        
                                            GET /upload/yhde.jpg HTTP/1.1 
Host: 263cdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v00jtf.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.235.74
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Fri, 30 Sep 2022 23:34:45 GMT
content-length: 11716
x-guploader-uploadid: ADPycdtrCXUu3d-5kC44p7A_3XhywiwvgDNsU_Q1PPvqjzgPe0-OYLPaHoUmfmxxPatrrmj8ze8_uDbLlZO_RiFdhRXQ7g
expires: Fri, 30 Sep 2022 23:19:46 GMT
cache-control: public, max-age=14400
last-modified: Mon, 11 Jul 2022 17:22:49 GMT
etag: "c7401cbdc82cca5689669a88a41608fb"
x-goog-generation: 1657560169763046
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 11716
x-goog-hash: crc32c=Vi3taA==, md5=x0AcvcgsylaJZpqIpBYI+w==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 1046
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vwt37pAy7wcGWBVXOFAE2HOn6csmH8U1CGc7pJioWpA2UzmcH%2FFtVvYu8yzKTEdqUhUgzXOVDiNheRtVL0y8AmwmMYmQKFkxPLkx%2BOwNMjk3%2FoqsPB4B5e6zzEGu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7530c5638a12777a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Size:   11716
Md5:    c7401cbdc82cca5689669a88a41608fb
Sha1:   366e93242c88d9fdd3d58f5f3b46a1db75ed8d47
Sha256: 94508fbf165fff7477c232e0a1069f2aa87316b71b0499b1d687021c24142ae0
                                        
                                            GET /-6OjTtrMq588/YKsjbL-wmoI/AAAAAAAABhs/UuUHtZD40v4QF-PMdm29IuYEYXf1-gCCwCLcBGAsYHQ/s16000/Norway_outbox.png HTTP/1.1 
Host: 1.bp.blogspot.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v00jtf.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.161
HTTP/2 200 OK
content-type: image/png
                                        
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Norway_outbox.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 180954
x-xss-protection: 0
date: Fri, 30 Sep 2022 23:20:25 GMT
expires: Wed, 17 Nov 2021 05:57:49 GMT
cache-control: public, max-age=86400, no-transform
age: 860
etag: "v632"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 497 x 308, 8-bit/color RGBA, non-interlaced\012- data
Size:   180954
Md5:    fd835c1f326d3e7da0d9839550f66723
Sha1:   5004618bc15011d7d0f569f60f900d076b164b3d
Sha256: b2286c3ed452ee4eeb15d2044a90cfc456d4789b2fdbe42bb9e023c9da18e4a8
                                        
                                            GET /upload/correossv.bix1.png HTTP/1.1 
Host: cdnkey.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v00jtf.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.198.109
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 30 Sep 2022 23:34:45 GMT
content-length: 7150
x-guploader-uploadid: ADPycdvbQaOAGz_BANFuz4XyDc_ZEuHdSXI39W_E70ZBHAIq8vbEAAj59zGRSTbGyRcgRxKnLiV-NMK6euyjFnGRw32Zqw
expires: Sat, 01 Oct 2022 00:34:45 GMT
cache-control: public, max-age=14400
last-modified: Tue, 27 Sep 2022 20:40:06 GMT
etag: "f9f797550d12cf50ae5e3217fd817192"
x-goog-generation: 1664311206202162
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 7150
x-goog-hash: crc32c=cDrY7A==, md5=+feXVQ0Sz1CuXjIX/YFxkg==
x-goog-storage-class: STANDARD
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gcYSbhRs4B2JnprGeFGKQIeMiDuJkaMhHRkJWFQ01Dh1Nhue%2BDIMBw5NDvMVdfQUQFcEStQ1jNqC%2FQYO9WUPICDGpnga%2BwImXKmKFij2gtNwguC3UEfRjTJh%2F2f9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7530c562888b0afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 350 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size:   7150
Md5:    f9f797550d12cf50ae5e3217fd817192
Sha1:   8152a37df4ef054d29cb77363a13157870cc7354
Sha256: bf39c56325a269f45f2c68903e8a75f63261922eb8f0bd05fe81eb8d17125205
                                        
                                            GET /upload/correossv.heb.png HTTP/1.1 
Host: cdnkey.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v00jtf.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.198.109
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 30 Sep 2022 23:34:45 GMT
content-length: 17688
x-guploader-uploadid: ADPycdswHDL45ZWU5_e9RdPusgAkdNRYqSEkt3QWg9W2cxkLDUD5DreEwgcuaGdMrsBDCBf6l3vO3mGN7Peluu5oLOy4Pw
expires: Sat, 01 Oct 2022 00:34:45 GMT
cache-control: public, max-age=14400
last-modified: Tue, 27 Sep 2022 20:40:07 GMT
etag: "04935dc6f2f7a97527c3557a0a1a4f88"
x-goog-generation: 1664311207341800
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 17688
x-goog-hash: crc32c=eXEauw==, md5=BJNdxvL3qXUnw1V6ChpPiA==
x-goog-storage-class: STANDARD
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C3lcF6O7EKmP2QEegtw7vzkpumUZaCsMDokUoMxYDMjSJztN%2BXym5K%2F4sNbVdVTaEyGZAK3n4Ou2r39gzRcbFshtdQvMZMslKOXkj2lD4KRcRRCqQXtACEpScBUU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7530c562b89e0afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 200 x 52, 8-bit/color RGBA, non-interlaced\012- data
Size:   17688
Md5:    04935dc6f2f7a97527c3557a0a1a4f88
Sha1:   4523a600083786e90d25e1d39bfa757160c77f94
Sha256: f8a1e6f966a50418f4896d2b9c4209bcc4627cbb4c54c1eca470cdea1a77d40c
                                        
                                            GET /upload/correossv.img.jpg HTTP/1.1 
Host: cdnkey.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v00jtf.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.198.109
HTTP/2 200 OK
content-type: image/jpeg
                                        
date: Fri, 30 Sep 2022 23:34:45 GMT
content-length: 62411
x-guploader-uploadid: ADPycduT7kWTlT5n1FYGIKY6ofNNSMLE3MBPO1SHtM2EQHGBRThlQ0BZI-CH4XHx6_pqa2HxtpHWIFfCx4CDGDTQ-eq3Rg
expires: Sat, 01 Oct 2022 00:34:45 GMT
cache-control: public, max-age=14400
last-modified: Tue, 27 Sep 2022 20:40:08 GMT
etag: "eaa7f64cf8ca3cb07bbcf96896f9dcf8"
x-goog-generation: 1664311208304706
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 62411
x-goog-hash: crc32c=hIxtCg==, md5=6qf2TPjKPLB7vPlolvnc+A==
x-goog-storage-class: STANDARD
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xP2rUw1x%2Ff7amnjV%2FWLzT9MJToUSqmvvaETAcZDBoYm2HI08J57o0GLdGbfMQyBTWPITpKQ%2FT4gRXbO2vQgriOflZK%2F9EX81HFfUorESxEcwGUI0%2F4XF6IhbOIJw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7530c56308d90afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 512x288, components 3\012- data
Size:   62411
Md5:    eaa7f64cf8ca3cb07bbcf96896f9dcf8
Sha1:   4b4a671a9c79203f802fc93e18c7b5fc34a4bcdd
Sha256: bd87c2e34266fd15f62141b5c7fc58ce4deaa8cd9c14c0081c5b0359cf1aaf30
                                        
                                            POST /g/collect?v=2&tid=G-SE17BSYYVD&gtm=2oe9s0&_p=724516220&cid=199580036.1664580882&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664580882&sct=1&seg=0&dl=https%3A%2F%2Fv00jtf.cn%2FaPscdOy6%2Fcorreos-sv%2F%3F_t%3D1664580880834&dr=http%3A%2F%2Foutcomecomplacency.cn%2F&dt=%F0%9F%8E%89%EF%B8%8F%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FCorreos%20de%20El%20Salvador%20Financial%20subsidy!%F0%9F%92%95%F0%9F%8E%81%F0%9F%8E%8A&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1 
Host: region1.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://v00jtf.cn
Connection: keep-alive
Referer: https://v00jtf.cn/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

                                         
                                         216.239.32.36
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: https://v00jtf.cn
date: Fri, 30 Sep 2022 23:34:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            POST /g/collect?v=2&tid=G-0C230YDF7G&gtm=2oe9s0&_p=724516220&cid=199580036.1664580882&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664580882&sct=1&seg=0&dl=https%3A%2F%2Fv00jtf.cn%2FaPscdOy6%2Fcorreos-sv%2F%3F_t%3D1664580880834&dr=http%3A%2F%2Foutcomecomplacency.cn%2F&dt=%F0%9F%8E%89%EF%B8%8F%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FCorreos%20de%20El%20Salvador%20Financial%20subsidy!%F0%9F%92%95%F0%9F%8E%81%F0%9F%8E%8A&en=page_view&_fv=1&_ss=1&_ee=1 HTTP/1.1 
Host: region1.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://v00jtf.cn
Connection: keep-alive
Referer: https://v00jtf.cn/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

                                         
                                         216.239.32.36
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: https://v00jtf.cn
date: Fri, 30 Sep 2022 23:34:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            POST /g/collect?v=2&tid=G-LW7434MYMN&gtm=2oe9s0&_p=724516220&cid=199580036.1664580882&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664580882&sct=1&seg=0&dl=https%3A%2F%2Fv00jtf.cn%2FaPscdOy6%2Fcorreos-sv%2F%3F_t%3D1664580880834&dr=http%3A%2F%2Foutcomecomplacency.cn%2F&dt=%F0%9F%8E%89%EF%B8%8F%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FCorreos%20de%20El%20Salvador%20Financial%20subsidy!%F0%9F%92%95%F0%9F%8E%81%F0%9F%8E%8A&en=page_view&_fv=1&_ss=1&_ee=1 HTTP/1.1 
Host: region1.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://v00jtf.cn
Connection: keep-alive
Referer: https://v00jtf.cn/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

                                         
                                         216.239.32.36
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: https://v00jtf.cn
date: Fri, 30 Sep 2022 23:34:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /npm/sweetalert2@10.16.0/dist/sweetalert2.all.min.js HTTP/1.1 
Host: cdn.jsdelivr.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v00jtf.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.151.125
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Fri, 30 Sep 2022 23:34:44 GMT
x-guploader-uploadid: ADPycds_5oPtcr3KFpC_u7Lnvdlqz8VeCGxAgHcXFP3zMljDMh6Q0ifyAwrLV7e0dbEbUBwQbF9kY0g0GrHWdqicRh8
expires: Fri, 30 Sep 2022 23:44:17 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:40:39 GMT
etag: W/"80924b62e5b3ac73aa4849776b439770"
x-goog-generation: 1647502839791727
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 72765
x-goog-hash: crc32c=8ZRUYw==, md5=gJJLYuWzrHOqSEl3a0OXcA==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 1901
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GvodhNdwGmlDZZRf5M7ucxEuVKnDkYVYPfTmAWzqej9K0tr7mgQ5OL79AYBaUlCOp0mWVjrnRN5oD3Yern6UmnVUEHnxTFBX0uu5wd5MyX2ePP%2FcPURT6NUDhRsSyXZzNRI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7530c5611a33b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (48058), with CRLF line terminators
Size:   20245
Md5:    57685586993f23779d63ff7442ccafbd
Sha1:   a425f88a883e2f254926e18d783154a0fe470c70
Sha256: 961960d4dbc69916733f50d55ecb51572d0e36b9d9d83d8ff5ebd07a55d47773
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8432
Expires: Sat, 01 Oct 2022 01:55:18 GMT
Date: Fri, 30 Sep 2022 23:34:46 GMT
Connection: keep-alive

                                        
                                            GET /npm/popper.js@1.16.1/dist/umd/popper.min.js HTTP/1.1 
Host: cdn.jsdelivr.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v00jtf.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.151.125
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Fri, 30 Sep 2022 23:34:44 GMT
x-guploader-uploadid: ADPycdt8iAiFUD-J6NleyhXb8_vV8-wAPh_5tba_l2ugugXdkSJbrWiN1EsoSHZyahG4iSEJB_zV100HdRQRWXjd72Q
expires: Fri, 30 Sep 2022 23:11:19 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:44:44 GMT
etag: W/"31c898c6d2ea13c30441657ff1900d81"
x-goog-generation: 1647503084523089
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 21236
x-goog-hash: crc32c=7cW0Gg==, md5=MciYxtLqE8MEQWV/8ZANgQ==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 1901
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pzq4NIgbjsBaarmKl00STX6Y4%2FfdCd3%2BbXQr02D5wS45d5X%2F9FhKOcLumdZKqZALpe%2FLviwGpJJmgeDFaisG7Vxa3F5CyzRI2pb1EIXRRdDTPJhgMhNbY%2Blxdx9CRhLCO8I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7530c5615a63b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (21060), with CRLF line terminators
Size:   8167
Md5:    4c77fec32f75ada1009c75d343d3e2a2
Sha1:   b7667c7356bcedb1ce6f6aab319a2bc668edef68
Sha256: eb41482901bbb4e4adc7187444aa557e20cfe1b3bf7a1afc03ec762b5d0c37fa
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8432
Expires: Sat, 01 Oct 2022 01:55:18 GMT
Date: Fri, 30 Sep 2022 23:34:46 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8432
Expires: Sat, 01 Oct 2022 01:55:18 GMT
Date: Fri, 30 Sep 2022 23:34:46 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d8201d9-93ae-492b-8ea9-d245fa2e4073.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3640
x-amzn-requestid: b5f5c567-8aa9-414b-8310-cf3006711ee9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZJo1vFIwoAMF2mA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6333bb57-0f1cbcbb29287f5367a14b67;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 03:11:19 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: XruphpLT_AyIe9jcZWQszHLV0uMe0NxdxjhoppTX0YK3O7KdDlweIg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 07:03:58 GMT
age: 59448
etag: "303c6bb672425443a15bbe22394bd1149f887904"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3640
Md5:    a9e7ba045a723120501994dea21709db
Sha1:   303c6bb672425443a15bbe22394bd1149f887904
Sha256: b1bea7212e55ec8eaf62434214a86fed7d6a990d105984d79a7fa0e793395d59
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3178d2f-9a52-4d0e-a26b-5a90ef8578f2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3430
x-amzn-requestid: 8c0de750-dff3-4936-a72b-3df3e505f53c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZKLlOHfyoAMFQlw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6333f2ee-22702f1201d3a5b874584fe9;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 07:08:30 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Iw80p-vulg4DSatq87113GnQhI2dCVhhTJ50yNbgQ7is02txtJqUFw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 15:22:56 GMT
age: 29510
etag: "42dd7ec0c606dbd3ccc0074f61d3b4b12f2e3c88"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3430
Md5:    488ec5b4267ccb1cdc4e6e08556f7f3b
Sha1:   42dd7ec0c606dbd3ccc0074f61d3b4b12f2e3c88
Sha256: d9b05fe92962a58b9a8e8dbd4757969aa361be12018107ae649ffcdb8a0f8d84
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6315
x-amzn-requestid: f0791b53-3c5f-4d94-954d-992a529ebb60
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPnunF35oAMFYbg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63361ff6-2adb303349153ced73ccecf6;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 22:45:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PGavx8O81EFxKrW35F7DR7DlEEimY57XJaAQQSzQ03akSA7e7nFz8g==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 04:40:12 GMT
age: 68074
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6315
Md5:    206fb65e75dbadf119512f71e0b78402
Sha1:   58ff0bf8ce7528b303d28bab01a80ad721705569
Sha256: 56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7a423b5-e320-4013-8cd9-2455b244e410.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3069
x-amzn-requestid: 957bbcc7-0ce0-42b6-bec6-588f9e1c6369
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZSxLCH6DoAMFaHA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63376246-5a514967208e92343e0f3778;Sampled=0
x-amzn-remapped-date: Fri, 30 Sep 2022 21:40:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: xkIIQRAfmmbrGKE9n_OCjLBCLW-MP_5mR945uWWRX2EMx6cvLKzKVQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 21:50:27 GMT
age: 6259
etag: "069a451b50182aed754301cbc2eb776abe469a52"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3069
Md5:    e22123802c6c1a89ff2b12b8ebb4478a
Sha1:   069a451b50182aed754301cbc2eb776abe469a52
Sha256: 4edccb57b366cf6460219d86ea13dd54cb0bcf3581604a5139859bf809df2b13
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23b0da68-a440-4387-9d47-1617d8157f55.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8324
x-amzn-requestid: af70bb88-e30c-49ab-b307-19ee8449d616
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZS2iEHsIoAMFjnA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63376ad9-732337760d4982a407053c1e;Sampled=0
x-amzn-remapped-date: Fri, 30 Sep 2022 22:16:57 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: I1NrjG7oeZTY1y95-p8V3vVQ9W7k2flj9rni795fZ_Ei8qYv3BxLPA==
via: 1.1 ece5d4a731ece5ff46c564ab2b946ede.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 22:16:58 GMT
age: 4668
etag: "342e3be8998b548a7004c2a51c9910959b3747db"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8324
Md5:    26b855e3a55a0cfd23896413332a5c05
Sha1:   342e3be8998b548a7004c2a51c9910959b3747db
Sha256: dfb620bbfa8adde25d578bc9baaa165324170b2f6bbcc2275f1a824267081ccb
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbd9802c-4973-4976-984a-910496eaf957.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5677
x-amzn-requestid: f37f77cd-dd19-4dec-809e-66a1fb604d88
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZASGLHDsIAMF1pw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ffd5a-185f9b185ed35f7317b5c2d5;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 07:03:54 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GSVXKufPdP3C3k3tziDtck466sAzh_uhWuF91hK-41OXN0ieUfLLgw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 02:06:27 GMT
age: 77299
etag: "556f1ccaf585d2c3100a3cc58f27d8c2fa6ca689"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5677
Md5:    13768189ef98789892981b6a2d5947e4
Sha1:   556f1ccaf585d2c3100a3cc58f27d8c2fa6ca689
Sha256: 09ca5624173c589b5e5db05b48a8822ec257f08395cb18ed635a771edcfc8af3
                                        
                                            POST /gsrsaovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 30 Sep 2022 23:34:46 GMT
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 04 Oct 2022 19:53:49 GMT
ETag: "5992436b3de2ff1ce8608509022430c6f36cf298"
Last-Modified: Fri, 30 Sep 2022 19:53:50 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1602
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7530c56dfe600afa-OSL


--- Additional Info ---
Magic:  data
Size:   1432
Md5:    30f2c2530d9202cbffb10e37d09d6d12
Sha1:   5992436b3de2ff1ce8608509022430c6f36cf298
Sha256: fa66dcfa1d9940eba85babca70a074099f26404c607bf813f2f8c53bd2b3fe00
                                        
                                            POST /gsrsaovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 30 Sep 2022 23:34:46 GMT
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 04 Oct 2022 19:53:49 GMT
ETag: "5992436b3de2ff1ce8608509022430c6f36cf298"
Last-Modified: Fri, 30 Sep 2022 19:53:50 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1602
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7530c56df9aab517-OSL


--- Additional Info ---
Magic:  data
Size:   1432
Md5:    30f2c2530d9202cbffb10e37d09d6d12
Sha1:   5992436b3de2ff1ce8608509022430c6f36cf298
Sha256: fa66dcfa1d9940eba85babca70a074099f26404c607bf813f2f8c53bd2b3fe00
                                        
                                            POST /gsrsaovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 30 Sep 2022 23:34:46 GMT
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 04 Oct 2022 19:53:49 GMT
ETag: "5992436b3de2ff1ce8608509022430c6f36cf298"
Last-Modified: Fri, 30 Sep 2022 19:53:50 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1602
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7530c56dfa6eb4ee-OSL


--- Additional Info ---
Magic:  data
Size:   1432
Md5:    30f2c2530d9202cbffb10e37d09d6d12
Sha1:   5992436b3de2ff1ce8608509022430c6f36cf298
Sha256: fa66dcfa1d9940eba85babca70a074099f26404c607bf813f2f8c53bd2b3fe00
                                        
                                            GET /hm.js?b1ebd0cde90f0657589b5fd0eaf7d423 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v00jtf.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11386
Date: Fri, 30 Sep 2022 23:34:47 GMT
Etag: 43ee195ac7461146d174b31e97ca8928
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=25EBD7EA0435FADC; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (673)
Size:   11386
Md5:    a1107b3384de4f3de7e7a93059e27d1e
Sha1:   95ac57d6052a905203b446a157e7ce71c0a496df
Sha256: 8201b253e1c03bd751f794b117dd5c40f7252746f33491616c12ad5e355b3621
                                        
                                            GET /hm.js?bbb3e86814c9ceef66d180a6c15fa17d HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v00jtf.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11386
Date: Fri, 30 Sep 2022 23:34:47 GMT
Etag: f5311ebde36e864f2c9cf93bc0614413
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=F16C1509C7FD0A2C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (673)
Size:   11386
Md5:    5e6410f910d0332cd4fc56aa2d32d7f4
Sha1:   190d6b13e35dd01c4d49b528413062cee1677b4a
Sha256: b7007440ea77fe9eaf2b2860940f7a695ce8bbc47b2bf3037e9bb238866c37c2
                                        
                                            GET /js/responsive.js HTTP/1.1 
Host: bonepa.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v00jtf.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.66.201.42
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 30 Sep 2022 23:34:45 GMT
last-modified: Tue, 20 Sep 2022 17:57:57 GMT
etag: W/"6329ff25-cd3"
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   12327
Md5:    df71b128c56288273d8c802cd16a4c53
Sha1:   25b66b4db1773950b54d9eee1415d5837eaebf53
Sha256: 75d8c167f10a5e20e109b1938e5ed526ca2c4f117a839c1638528820fd8f5c25
                                        
                                            GET /hm.js?ba99808308e7272d58c43367a11d1204 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v00jtf.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11350
Date: Fri, 30 Sep 2022 23:34:47 GMT
Etag: eabdafbbc8bba638f792de57c061fdea
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=A52519A33056C1C7; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (637)
Size:   11350
Md5:    4de4ddb8405067aacace5ce3134aeb43
Sha1:   4f6c956b2918440747eca0d7baee6e593a3898af
Sha256: 8710b3723d4cc322100238d7832e336e6e7827ab00fc1d015e46777e754f2c1f
                                        
                                            GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1630872742&si=b1ebd0cde90f0657589b5fd0eaf7d423&su=http%3A%2F%2Foutcomecomplacency.cn%2F&v=1.2.97&lv=1&sn=57419&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fv00jtf.cn%2FaPscdOy6%2Fcorreos-sv%2F%3F_t%3D1664580880834%231664580882252&tt=%F0%9F%8E%89%EF%B8%8F%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FCorreos%20de%20El%20Salvador%20Financial%20subsidy!%F0%9F%92%95%F0%9F%8E%81%F0%9F%8E%8A HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v00jtf.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Fri, 30 Sep 2022 23:34:48 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=4E89007294ADC811; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1318333637&si=bbb3e86814c9ceef66d180a6c15fa17d&su=http%3A%2F%2Foutcomecomplacency.cn%2F&v=1.2.97&lv=1&sn=57420&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fv00jtf.cn%2FaPscdOy6%2Fcorreos-sv%2F%3F_t%3D1664580880834%231664580882252&tt=%F0%9F%8E%89%EF%B8%8F%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FCorreos%20de%20El%20Salvador%20Financial%20subsidy!%F0%9F%92%95%F0%9F%8E%81%F0%9F%8E%8A HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v00jtf.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Fri, 30 Sep 2022 23:34:48 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=55623C99A12C4F1D; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1577820183&si=8b68846a3ac1709b0ec7199084ee5ea8&su=http%3A%2F%2Foutcomecomplacency.cn%2F&v=1.2.97&lv=1&sn=57420&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fv00jtf.cn%2FaPscdOy6%2Fcorreos-sv%2F%3F_t%3D1664580880834%231664580882252&tt=%F0%9F%8E%89%EF%B8%8F%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FCorreos%20de%20El%20Salvador%20Financial%20subsidy!%F0%9F%92%95%F0%9F%8E%81%F0%9F%8E%8A HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v00jtf.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Fri, 30 Sep 2022 23:34:48 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=14B2993CF422B13C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=800221458&si=ba99808308e7272d58c43367a11d1204&su=http%3A%2F%2Foutcomecomplacency.cn%2F&v=1.2.97&lv=1&sn=57420&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fv00jtf.cn%2FaPscdOy6%2Fcorreos-sv%2F%3F_t%3D1664580880834%231664580882252&tt=%F0%9F%8E%89%EF%B8%8F%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FCorreos%20de%20El%20Salvador%20Financial%20subsidy!%F0%9F%92%95%F0%9F%8E%81%F0%9F%8E%8A HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v00jtf.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Fri, 30 Sep 2022 23:34:48 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=90DBBDF999C4409C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
                                        
                                            GET /npm/jquery@3.6.0/dist/jquery.min.js HTTP/1.1 
Host: cdn.jsdelivr.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v00jtf.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.151.125
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Fri, 30 Sep 2022 23:34:44 GMT
x-guploader-uploadid: ADPycdujKqP4OmsICcw4by2ej4M3gF2bmp67KcND5Yd7ZkChGu92L3U7j930k4J7s5KmD98KzStiLKDZt_7_8jjTVv4
expires: Fri, 30 Sep 2022 23:17:34 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:30:17 GMT
etag: W/"3e4bb227fb55271bfe9c9d4a09147bd8"
x-goog-generation: 1647502217775195
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 89501
x-goog-hash: crc32c=JnXAUA==, md5=PkuyJ/tVJxv+nJ1KCRR72A==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 1901
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DgpG%2Bl0vQPIMkr1vTOSQtkogqNlKXl4ZrkoSNEbF%2FQ%2FVv05IQaHh%2BQ51uiJ6z2At6Pm%2FD91NPaHwF67frkv3Wo7ynO%2B3nOUbD0ALQG5Gxr2VcMn1oMxbbpLhaxGviZB31IE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7530c5613a56b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /aPscdOy6/correos-sv/?_t=1664580880834 HTTP/1.1 
Host: v00jtf.cn
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://outcomecomplacency.cn/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         104.21.84.78
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Fri, 30 Sep 2022 23:34:44 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AE%2BV5%2BHc2XgjZrycd7fnOBDMzRe84hvSZAib4cY8l7pPxy136wby03Ax8%2BjruDnAKQsdFi1OiNHbDDRsKmWe3RGH0nmDHo6m3V%2FCzuiYCnFxukPgrgZX7fWYhao%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7530c55e9ee4b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /npm/bootstrap@4.6.0/dist/js/bootstrap.min.js HTTP/1.1 
Host: cdn.jsdelivr.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v00jtf.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.151.125
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Fri, 30 Sep 2022 23:34:44 GMT
x-guploader-uploadid: ADPycdv0chj5F1Awc6K7Usaiie2qXL87Fxg5kp7mYqQH9s8HWV5Nuv0HuTqJ2hz1F5xUG9MGapUfK4P-pfLXRasYr-w
expires: Fri, 30 Sep 2022 23:57:40 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:36:54 GMT
etag: W/"c99230d2575380d7f95ff626606d2426"
x-goog-generation: 1647502614200576
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 63473
x-goog-hash: crc32c=x2l+AA==, md5=yZIw0ldTgNf5X/YmYG0kJg==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 1901
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B9QJ5lePzAyg4YYyrG8LC5fV%2B83A2lAFKkXaRrDJpEsbvgJFnOUgYQr22hi1dHb8vFRtMUdHbTSyMPvrOeV%2FcGHyT%2B%2B%2FodSYAz9l7yKf%2FCmgl8dHZ0iqkKiBuf6oVlvT8hA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7530c5612a3db4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /npm/lazyload@2.0.0-rc.2/lazyload.min.js HTTP/1.1 
Host: cdn.jsdelivr.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v00jtf.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.151.125
HTTP/2 200 OK
content-type: text/javascript
                                        
date: Fri, 30 Sep 2022 23:34:44 GMT
x-guploader-uploadid: ADPycdsQwI6S5jC2ZwwNbaEnMvjelWJ3GXYdnwkp6yGGRsWcMv2CGKN45430-s2v57JOsXldQJq3rMwQOTmm_DkHtW4
x-goog-generation: 1647502963816044
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 4798
x-goog-hash: crc32c=lted8w==, md5=3G3pgTxxS6mXM8pPtdOh+g==
x-goog-storage-class: STANDARD
expires: Fri, 30 Sep 2022 23:11:50 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:42:43 GMT
etag: W/"dc6de9813c714ba99733ca4fb5d3a1fa"
cf-cache-status: HIT
age: 1901
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DA%2BTHuwnGNa18qFWfiz7Ev3lIj1jgPxwxOk3hr4%2FceGrACztDXbswOyv763idU96HnufRZ4LSsgfZJndSE%2Bczl3RyJTz4U8kbLKlwPpC9YrCWb3r7W6aipRgbq6FmwQZOTE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7530c5613a4db4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /bnr.php?section=General&pub=593174&format=300x50&ga=g HTTP/1.1 
Host: uprimp.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v00jtf.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         185.66.200.220
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 30 Sep 2022 23:34:45 GMT
expires: Fri, 30 Sep 2022 23:34:45 GMT
last-modified: Fri, 30 Sep 2022 23:34:45 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /upload/correossv.zz.jpg HTTP/1.1 
Host: 263cdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v00jtf.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.235.74
HTTP/2 404 Not Found
content-type: application/xml; charset=UTF-8
                                        
date: Fri, 30 Sep 2022 23:34:45 GMT
x-guploader-uploadid: ADPycduRIx84tyM0-Gzvwer1hWzz2GZSlUG0chZnuLpt3RXf4UwxDl6Dok3NTIGTSFy-dHbnhHEx32jO4Ukp74GtFBXP733GiiFI
expires: Fri, 30 Sep 2022 23:34:45 GMT
cache-control: private, max-age=0
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rnlFkzCN5gq99a%2Bz1e%2BkM%2BViXGOOYLHIDUJraKGLyDEVbMornKS3vwdWdMFnLwDTHVarjMKEyQHxii5VwAbvtGQjMmWg%2FQ7wc5XYhh%2FeMg%2BWadagSU0BHIZ8JMI1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7530c56369e2777a-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /upload/correossv.yy.jpg HTTP/1.1 
Host: 263cdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v00jtf.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.235.74
HTTP/2 404 Not Found
content-type: application/xml; charset=UTF-8
                                        
date: Fri, 30 Sep 2022 23:34:45 GMT
x-guploader-uploadid: ADPycduCcsLu5f39Fy8PBPmo3t5wzm-0Eg51snHU5Fb6oG1vOXndk0UHAAwC6ok39hlzJzK4N2qTF0HVaStPCejk8BMLZK4w5toE
expires: Fri, 30 Sep 2022 23:34:45 GMT
cache-control: private, max-age=0
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oDOHuhhe0UvOc3d9Cq8ddAphifuTdS4%2FFYV3uavraGu%2Fu40neLOCGHqNoyHU0Xr6%2FgVkp%2F0J93XFlQD9nUqH5r8Q4QLWxmDbyFgmxiyrI1VpmREdOHrDatfdCQba"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7530c56369f1777a-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /4fe48aebd6/4f59451604/?placementName=Flow&randomA=0_4845&maxw=0 HTTP/1.1 
Host: bonepa.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v00jtf.cn/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         185.66.201.42
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Fri, 30 Sep 2022 23:34:48 GMT
set-cookie: shown1=0; expires=Sat, 01-Oct-2022 23:34:48 GMT; Max-Age=86400; secure; SameSite=None used_ad2633278=1; expires=Sat, 01-Oct-2022 03:59:59 GMT; Max-Age=15911; path=/; secure; SameSite=None total_impressions=1; expires=Sat, 01-Oct-2022 03:59:59 GMT; Max-Age=15911; secure; SameSite=None used_c_51856=1; expires=Sat, 01-Oct-2022 23:34:48 GMT; Max-Age=86400; path=/; secure; SameSite=None
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /npm/bootstrap@4.6.0/dist/css/bootstrap.min.css HTTP/1.1 
Host: cdn.jsdelivr.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v00jtf.cn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.151.125
HTTP/2 200 OK
content-type: text/css
                                        
date: Fri, 30 Sep 2022 23:34:44 GMT
x-guploader-uploadid: ADPycduCHwg6n53VPzNb_-57qJzhoPJbEBdMgpsWgTX19t4NIh3Tdte6MCXenDGQTAuiJrpSRG3G9WDZErClLNvZVXhXccOSWw
expires: Fri, 30 Sep 2022 23:11:14 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:38:12 GMT
etag: W/"feba0d0760607b9e21393156949afcd9"
x-goog-generation: 1647502692716912
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 161415
x-goog-hash: crc32c=Sb/HMQ==, md5=/roNB2Bge54hOTFWlJr82Q==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 1901
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gNg3iLloqrPjB0yQLcAwkXfLvvx9eE17bPP8QlR2kWRWiPWEusS7LkrpSvF65UeiETItB1R6mNHtZBzui21htS3vTyegrjPuktma689bauWt%2BJ6SFv932izu9ou4qRE9ml0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7530c5611a36b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /npm/bootstrap@4.6.0/dist/css/sr.css HTTP/1.1 
Host: cdn.jsdelivr.cc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v00jtf.cn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.151.125
HTTP/2 200 OK
content-type: text/css
                                        
date: Fri, 30 Sep 2022 23:34:44 GMT
x-guploader-uploadid: ADPycduDQPevjVakg41tdP6hxF89tIMX7hHpIt8Dy1JKncQ0vMJgVbEeLU1SV3TilMiiiDp5Qs1kyKP4qZHNE2ARj2m-cIzYOtGi
expires: Sat, 01 Oct 2022 00:01:17 GMT
cache-control: public, max-age=3600
last-modified: Fri, 22 Apr 2022 09:51:08 GMT
etag: W/"75710b7c7ae0013c5cda99a0053ec3d9"
x-goog-generation: 1650621068399108
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 20647
x-goog-hash: crc32c=3qMyMQ==, md5=dXELfHrgATxc2pmgBT7D2Q==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 1082
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ogDNHPVtuqtkRuKgvYlpCY4vxzxT8K7E24IJcXuPIG0AGhAI2Q6ddTzMBlBnThpKm4MbVKpN4RA7m9LLcHWoiZBL1r7YEi1wn%2FvdLKbv4aBHkEHgnlBXwtcBmfMWONWPqHU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7530c5612a3bb4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---