wouldterminate.cn/pttgovtrh/tb.php?ew=km1669569745517
104.21.9.91200 OK 579 B URL HTTP/1.1 wouldterminate.cn/pttgovtrh/tb.php?ew=km1669569745517
IP 104.21.9.91:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (479), with CRLF line terminators
Hash 44a7d0b12ba66acaac115ff352c73a36
924fea821d731786efe6c48504990d361b1b8515
6f0777ff8397f090c49c0749e8594b971a47dead8802b95a4b0124fe4debb1d3
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /pttgovtrh/tb.php?ew=km1669569745517 HTTP/1.1
Host: wouldterminate.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 17:47:33 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ib3FiDYBy41uJNbYYLbaeNwFfavGxXILuW4occUuA8LnQB3qSOgbonShqlTq3wcurR0caLIfJeWk8TA5cMMhW3tfifWqRmK9f8yR1lUmXo%2FTY4rg2v%2BoSBe%2BHZV5XiHHgWC7OA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 770cb08afe7db4ee-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cdbad2434b7d127a4fc769807a9dc3e7
fa98cd9fc2309ab4423f33f683d17bdb17d76713
560cbbb751ab2884024da3b93fba6bc45c6434797dba72a98c05e7fc2bb94bc1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8345
Expires: Sun, 27 Nov 2022 20:06:38 GMT
Date: Sun, 27 Nov 2022 17:47:33 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 64b2a23eab6e5ae8c010ec7242be930c
0673e4385ba01a5a245711bab96cafc34f765793
64751d193f7af72431e9689581faffcae1a30ff50ea425697b2b80ff61c87909
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3897
Cache-Control: max-age=150517
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 17:47:33 GMT
Etag: "63833c71-1d7"
Expires: Tue, 29 Nov 2022 11:36:10 GMT
Last-Modified: Sun, 27 Nov 2022 10:31:13 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13962
Expires: Sun, 27 Nov 2022 21:40:15 GMT
Date: Sun, 27 Nov 2022 17:47:33 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 27 Nov 2022 17:19:23 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1690
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: nMioK9S/kBRbh83RJYSdht4DRcY1iKQRUnS9VNehTWl6j20eyiKPMaHWY7jUayBciQKppZwxExU=
x-amz-request-id: QTG020B0RBPSXES8
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 27 Nov 2022 17:41:43 GMT
age: 350
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
wouldterminate.cn/favicon.ico
104.21.9.91200 OK 455 B URL HTTP/1.1 wouldterminate.cn/favicon.ico
IP 104.21.9.91:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 3c5d244b8b6b192c76a2c4331450c235
7e53f5ad871fcd67705eaf77f1ca9ff247143e1e
e0f26b6349453a86cd1f0f87cfd80559ef7edb6d88ff0af9ced7d7e413c548e3
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: wouldterminate.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wouldterminate.cn/pttgovtrh/tb.php?ew=km1669569745517
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 17:47:33 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 27 Dec 2016 03:54:11 GMT
ETag: W/"5861e5e3-1b0"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1337
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Uhf6CDH8Wfccclsf63GZ8sKbV5XtNzMV9tuMGaOX9tfkuwo%2F362SPTUokkLDzln8DLRznB33ftvkGImQQKKkbmZkzbcmbxH1UGwFqD3Px2FROxbsYwcFJ3s5014ToU1zNb6vg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770cb08d2907b4ee-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 17:47:33 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
wouldterminate.cn/j/og2.js?_t=1669571253074
104.21.9.91200 OK 942 B URL HTTP/1.1 wouldterminate.cn/j/og2.js?_t=1669571253074
IP 104.21.9.91:0
File type ASCII text, with CRLF line terminators
Hash bad1af26351d2e87c035596233940ab0
9ac0e34dcbfd29ca3070c506c200777a8016b161
bc734ed6fc97cbcbaa0ed5236ce8aa46754596a9a79eef96684242d231d0644e
Analyzer Verdict Alert quad9 Sinkholed
GET /j/og2.js?_t=1669571253074 HTTP/1.1
Host: wouldterminate.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://wouldterminate.cn/pttgovtrh/tb.php?ew=km1669569745517
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 17:47:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 20 Oct 2022 16:09:56 GMT
Vary: Accept-Encoding
ETag: W/"635172d4-850"
Expires: Mon, 28 Nov 2022 05:47:33 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SKhDWiXE9TnBXH93mb2OwiqZWCV5nE5w2A8%2BrefXcihudam9HzNc4Cz27ZNB3sF8KpO7aSlA7naBntwebehsMi5RpwIpMrEIclF8ctpGQnSRJYbzZtYe1%2FNQwJOIiO%2BWEAT93g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 770cb08dfa28b4ee-OSL
alt-svc: h2=":443"; ma=60
wouldterminate.cn/j/og2.php?_t=1669571253140
104.21.9.91200 OK 98 B URL HTTP/1.1 wouldterminate.cn/j/og2.php?_t=1669571253140
IP 104.21.9.91:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 79e789089033d59e79df139e8303afae
43e3c38a47828c99ad1d2e1197ee76e89c62d7c0
b920105c8a836f3a4ee3ace19369983ee7fb730a266ed25626e68bea36f4cf00
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
POST /j/og2.php?_t=1669571253140 HTTP/1.1
Host: wouldterminate.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-type: application/x-www-form-urlencoded
Content-Length: 49
Origin: http://wouldterminate.cn
Connection: keep-alive
Referer: http://wouldterminate.cn/pttgovtrh/tb.php?ew=km1669569745517
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 17:47:33 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EDWSOmQUQm%2BwGcb92E%2FdDLVp2AZh9BBRbWCho%2FfZr0mz%2BLaYvVkXBcPupCk0%2FqiMdILf5ZCiYVYqgVbgorCQMWzrwiDSWo7e1SUh2tS64IHSqth2n5G91qoay6NO1pP5hINdVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 770cb08e6a9db4ee-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9ff9bb0f3d71f5d28f90e0f34b7b4aed
657373a090f7d64d403131ee3528ef748f31582e
239d27564d8709de0115f50023664664cab3c1d7d44bfe03ca716a460fe8fdd9
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "239D27564D8709DE0115F50023664664CAB3C1D7D44BFE03CA716A460FE8FDD9"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11230
Expires: Sun, 27 Nov 2022 20:54:43 GMT
Date: Sun, 27 Nov 2022 17:47:33 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 27 Nov 2022 17:11:12 GMT
cache-control: public,max-age=3600
age: 2181
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9ff9bb0f3d71f5d28f90e0f34b7b4aed
657373a090f7d64d403131ee3528ef748f31582e
239d27564d8709de0115f50023664664cab3c1d7d44bfe03ca716a460fe8fdd9
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "239D27564D8709DE0115F50023664664CAB3C1D7D44BFE03CA716A460FE8FDD9"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11230
Expires: Sun, 27 Nov 2022 20:54:43 GMT
Date: Sun, 27 Nov 2022 17:47:33 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3be4a22cee73926b9c6a3df7d66baf3d
d04fa066bd3058cd36abf46bfc82bc273897e1ce
f7bee07a480a26bc131dd9fbdc371380423893923f68284bc38c06ce68a42c4a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4806
Cache-Control: max-age=88788
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 17:47:33 GMT
Etag: "638247c3-117"
Expires: Mon, 28 Nov 2022 18:27:21 GMT
Last-Modified: Sat, 26 Nov 2022 17:07:15 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a6fee11dfe1b88cd768a0ca3e2bd0c89
59cec9a44a4a92467678afe65f347f68641a2174
50870c499aae4d5dfd6df25a36cd04b6d185b66ef0590e46933984bf52e2483f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3149
Cache-Control: max-age=144708
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 17:47:33 GMT
Etag: "638328ac-1d7"
Expires: Tue, 29 Nov 2022 09:59:21 GMT
Last-Modified: Sun, 27 Nov 2022 09:06:52 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3be4a22cee73926b9c6a3df7d66baf3d
d04fa066bd3058cd36abf46bfc82bc273897e1ce
f7bee07a480a26bc131dd9fbdc371380423893923f68284bc38c06ce68a42c4a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4806
Cache-Control: max-age=88788
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 17:47:33 GMT
Etag: "638247c3-117"
Expires: Mon, 28 Nov 2022 18:27:21 GMT
Last-Modified: Sat, 26 Nov 2022 17:07:15 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3be4a22cee73926b9c6a3df7d66baf3d
d04fa066bd3058cd36abf46bfc82bc273897e1ce
f7bee07a480a26bc131dd9fbdc371380423893923f68284bc38c06ce68a42c4a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4807
Cache-Control: max-age=88788
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 17:47:34 GMT
Etag: "638247c3-117"
Expires: Mon, 28 Nov 2022 18:27:22 GMT
Last-Modified: Sat, 26 Nov 2022 17:07:15 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 18fdd57d4da92c47b214dffa69e59828
6e00122c6edaf995c6a34219cbba101d25f375bf
0ab937ba4ad2f42d28853713a0a41e7e15ae6c6f0fd6568a04a75dc6c7669c38
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0AB937BA4AD2F42D28853713A0A41E7E15AE6C6F0FD6568A04A75DC6C7669C38"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10072
Expires: Sun, 27 Nov 2022 20:35:26 GMT
Date: Sun, 27 Nov 2022 17:47:34 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0ee1d1a60ec1770ec3e880a25c257f5d
015b05feff63bdcf8fae4d1a8c0c83c923a2ca67
b6845619444a37f322c044933a44cf3fd283a18a54d03bad4f76a2ed8c2cbaf6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 17:47:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0ee1d1a60ec1770ec3e880a25c257f5d
015b05feff63bdcf8fae4d1a8c0c83c923a2ca67
b6845619444a37f322c044933a44cf3fd283a18a54d03bad4f76a2ed8c2cbaf6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 17:47:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0ee1d1a60ec1770ec3e880a25c257f5d
015b05feff63bdcf8fae4d1a8c0c83c923a2ca67
b6845619444a37f322c044933a44cf3fd283a18a54d03bad4f76a2ed8c2cbaf6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 17:47:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b952a91815d329219cf132713fb514e8
77537a63e10521a0aba6aeb78e0c1442e604d25d
4399be8b06ea6574821b30a9e0fe9f49e63b19729bb1e019d26a91f5126d192d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4399BE8B06EA6574821B30A9E0FE9F49E63B19729BB1E019D26A91F5126D192D"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1799
Expires: Sun, 27 Nov 2022 18:17:33 GMT
Date: Sun, 27 Nov 2022 17:47:34 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3be4a22cee73926b9c6a3df7d66baf3d
d04fa066bd3058cd36abf46bfc82bc273897e1ce
f7bee07a480a26bc131dd9fbdc371380423893923f68284bc38c06ce68a42c4a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4807
Cache-Control: max-age=88788
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 17:47:34 GMT
Etag: "638247c3-117"
Expires: Mon, 28 Nov 2022 18:27:22 GMT
Last-Modified: Sat, 26 Nov 2022 17:07:15 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d35e495dd6633bc55ed5be739e027bd3
d6e5152aacbc7dda2b17e69af734fe2fb404e857
bdd8f94337277febf2a258dfa401703f0709657f8a255e1cfb01e2306b4899e0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDD8F94337277FEBF2A258DFA401703F0709657F8A255E1CFB01E2306B4899E0"
Last-Modified: Sat, 26 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5702
Expires: Sun, 27 Nov 2022 19:22:36 GMT
Date: Sun, 27 Nov 2022 17:47:34 GMT
Connection: keep-alive
www.googletagmanager.com/gtag/js?id=G-LW7434MYMN
142.250.74.168200 OK 76 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-LW7434MYMN
IP 142.250.74.168:0
File type ASCII text, with very long lines (19102)
Hash 5c15fb39482568a7ed0a7ee23cfcd197
491398189c8d6acf3bc23bc3fd30da8c4d3980d2
e865bea3a0ee66e8bf1cd045e08f36ae426b9d0c0d43801803c75ca4ef3ec131
GET /gtag/js?id=G-LW7434MYMN HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 27 Nov 2022 17:47:34 GMT
expires: Sun, 27 Nov 2022 17:47:34 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75983
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-0C230YDF7G
142.250.74.168200 OK 76 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-0C230YDF7G
IP 142.250.74.168:0
File type ASCII text, with very long lines (19102)
Hash 0a72c53e2f8f9f4087f405d8eb8392a9
63dac52bb76201f6538f2a4d496ab1ceb1989c8c
d8ca50c94b39f13d786db825f2c21ced6beaac400a3b7299e32d44ab848f1e95
GET /gtag/js?id=G-0C230YDF7G HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 27 Nov 2022 17:47:34 GMT
expires: Sun, 27 Nov 2022 17:47:34 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75999
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
263cdn.com/upload/Keshan%20Sadaru.jpg
104.21.235.74200 OK 17 kB URL HTTP/2 263cdn.com/upload/Keshan%20Sadaru.jpg
IP 104.21.235.74:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 198x200, components 3\012- data
Hash fe342f0ffe63a8d20a98aff08febd94f
3b9b63c41d09dd6455ae87ad4f6b6453f552ec18
56d42765898dea5160ce65414486a729d3fc4b7665f1fd6d43742ab061db4e50
GET /upload/Keshan%20Sadaru.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 17:47:34 GMT
content-type: image/jpeg
content-length: 17330
x-guploader-uploadid: ADPycdvpRL2ugk0bG0K_JTLp_VgBu75cgqj6mxEFBKaljyWruQR7iXI80qy5YyBl01bGQXwCxuljElMIiX9vp9G84O0l-TDZ3pq4
expires: Sun, 27 Nov 2022 18:04:10 GMT
cache-control: public, max-age=14400
last-modified: Wed, 15 Jun 2022 21:46:42 GMT
etag: "fe342f0ffe63a8d20a98aff08febd94f"
x-goog-generation: 1655329602763398
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 17330
x-goog-hash: crc32c=q6DV6A==, md5=/jQvD/5jqNIKmK/wj+vZTw==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 2271
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZQtZ9EjdySWOh0%2BCLEAJ3457A4Mc%2FTni0mTJI1TEovlo1alnbzwMORgSRPbB0M9JFd%2BH4oYNbGx5tVELttZV7C5T5N9%2BG9oJNahoFkoN1cdI%2BEeuaHpZqivNok75"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770cb091f9ab7433-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-H405T7BH4N
142.250.74.168200 OK 77 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-H405T7BH4N
IP 142.250.74.168:0
File type ASCII text, with very long lines (21484)
Hash 96a413a65c90e06832760275d9bebce2
836231e0dd08d30d9b20fc1dfb5dea9ac5d6acf5
c75100be119ba0720329802d7cf3295221fcd18d44724b9763434b885178287a
GET /gtag/js?id=G-H405T7BH4N HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 27 Nov 2022 17:47:34 GMT
expires: Sun, 27 Nov 2022 17:47:34 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76560
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
263cdn.com/upload/Augusto%20Cano%20Rios.jpg
104.21.235.74200 OK 18 kB URL HTTP/2 263cdn.com/upload/Augusto%20Cano%20Rios.jpg
IP 104.21.235.74:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 200x199, components 3\012- data
Hash 71d4f6e9330f075780b4f85b52174f3c
0551b08448b4b009611e75899e5223b51e51ac90
224965aa08705fbd324d308d6cdcffa21a4d3be4b1bf18ce65d9bae07ab6df6a
GET /upload/Augusto%20Cano%20Rios.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 17:47:34 GMT
content-type: image/jpeg
content-length: 18487
x-guploader-uploadid: ADPycdsyj-ovDNZDj9Eh6cexbtMtHXgERCDC1vhX_Yn8P78cemOzpObjiRJB02ZTu16poTvk_lQUG0OPgroyNp8DmAMXT0txRFev
x-goog-generation: 1655329536330744
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 18487
x-goog-hash: crc32c=rAMxbA==, md5=cdT26TMPB1eAtPhbUhdPPA==
x-goog-storage-class: STANDARD
expires: Sun, 27 Nov 2022 17:37:12 GMT
cache-control: public, max-age=14400
last-modified: Wed, 15 Jun 2022 21:45:36 GMT
etag: "71d4f6e9330f075780b4f85b52174f3c"
cf-cache-status: HIT
age: 1129
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mmpBvANjGQDT11nck33f7H9%2Fl5WVLx8R9B9Yb%2FvFkMth2HuU0ja%2FivgysUyjJHlicvAdlC9T2c9YYsr7rKxgJ4wfcGW425AGeV%2BZky7tncu94YdQUsw%2F%2F7oPXYmw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770cb091f9b97433-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/Sandra%20Becerra%20Gonzalez.jpg
104.21.235.74200 OK 15 kB URL HTTP/2 263cdn.com/upload/Sandra%20Becerra%20Gonzalez.jpg
IP 104.21.235.74:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 200x200, components 3\012- data
Hash 8f181f5f7a9e7ad30df02ecdc97c5380
f607456a86d2705893e91ef577818344e02ea53c
80c9d8b86613f109fc438d137af52f56d1ecd60282631fbf1baa791933cd9879
GET /upload/Sandra%20Becerra%20Gonzalez.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 17:47:34 GMT
content-type: image/jpeg
content-length: 14577
x-guploader-uploadid: ADPycduD1iwoiL8Lq9eDUOVLvfFiNfCDSX17cT_AObCoLwyUqldS0OSdHlw5vqmTE-sOB8wjoLM1e2lVN52kUGmQcTW1V0iItKZy
x-goog-generation: 1655329653007008
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 14577
x-goog-hash: crc32c=jTnv7Q==, md5=jxgfX3qeetMN8C7NyXxTgA==
x-goog-storage-class: STANDARD
expires: Sun, 27 Nov 2022 17:37:12 GMT
cache-control: public, max-age=14400
age: 3320
last-modified: Wed, 15 Jun 2022 21:47:33 GMT
etag: "8f181f5f7a9e7ad30df02ecdc97c5380"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Z3YgJgfUWzltbBhAh79tzrwtVlGD7%2BEKkjSg%2BUcaiwSaJZi7DO1GMkU8xMxu3172tJOrIMftvLImzfv5kEivkiQZImSJPqwEhNhByDeYMz357UshD9zFFRFofkM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770cb091f9b37433-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/Nethmi%20Bagya.jpg
104.21.235.74200 OK 18 kB URL HTTP/2 263cdn.com/upload/Nethmi%20Bagya.jpg
IP 104.21.235.74:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 200x200, components 3\012- data
Hash 5069d4643386097f12663e4030588ca9
f420b5fca4c2d9b0d9322823aa68b47031c29269
1132b432519ffcbeee529075d13225fa5800bfbc78fa8121f3b2f0d7f93b771f
GET /upload/Nethmi%20Bagya.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 17:47:34 GMT
content-type: image/jpeg
content-length: 17580
x-guploader-uploadid: ADPycdvoYZpNoobfhQAgRDKN5KDqMaMJGTreLHZI8YLHyWPYghCnFUwuC7i_RPDk6_pH6ewH3zTR8caIEvIm3JpZZ28-ld9brJjM
expires: Sun, 27 Nov 2022 18:04:10 GMT
cache-control: public, max-age=14400
last-modified: Wed, 15 Jun 2022 21:47:04 GMT
etag: "5069d4643386097f12663e4030588ca9"
x-goog-generation: 1655329624398100
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 17580
x-goog-hash: crc32c=txNVsQ==, md5=UGnUZDOGCX8SZj5AMFiMqQ==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 1974
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=if9xR8tCeNcJiYOO3s9pPHyvnfJX%2FJySb8OfLStMnnBTqC9byAtI8m%2BjAKGr%2BVWp%2BdmKs9b6vRo9f0o%2FmrYZiWsI9KvSTm3urBnjseJ81jiNQk7rI19U%2BcfTfp3a"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770cb091f9b27433-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0ee1d1a60ec1770ec3e880a25c257f5d
015b05feff63bdcf8fae4d1a8c0c83c923a2ca67
b6845619444a37f322c044933a44cf3fd283a18a54d03bad4f76a2ed8c2cbaf6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 17:47:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
263cdn.com/upload/pttgovtrh.zz.png
104.21.235.74200 OK 17 kB URL HTTP/2 263cdn.com/upload/pttgovtrh.zz.png
IP 104.21.235.74:0
File type PNG image data, 249 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 382b3d707947a3ddef3091620c782174
0297f8782442a1a55d8b79b7cba19a6a4fbfebc0
e301e803dcdddbac8f9eff1cf18b5066585c93483c7e0b716a7bc43261002731
GET /upload/pttgovtrh.zz.png HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 17:47:34 GMT
content-type: image/png
content-length: 17409
x-guploader-uploadid: ADPycdsinMKz6v_Akcri5A5B9D_ldPc6vND56vJa8LWAGmpm40_vzzb4AzMtJLtV6BK8Ddq1hHkxZUiyT4t2D_fOgjc6Eg
expires: Sun, 27 Nov 2022 17:21:12 GMT
cache-control: public, max-age=14400
last-modified: Wed, 10 Aug 2022 12:17:07 GMT
etag: "382b3d707947a3ddef3091620c782174"
x-goog-generation: 1660133827484418
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 17409
x-goog-hash: crc32c=Sc6Aug==, md5=OCs9cHlHo93vMJFiDHghdA==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 1657
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2B9Lf6f9lUY4aD24QZblrAwdB6mAMo8e0iX8XbvxlXNCZvtKMYXOqMIoJu3FIp6Owz4dTM1m8Z0xWi85Lxwl427%2FxURf%2FAXQJ2nTSNSSzLehkIdx8ikmTAyAuuj6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770cb091f9b57433-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/Nirmal%20N.%20K.jpg
104.21.235.74200 OK 7.9 kB URL HTTP/2 263cdn.com/upload/Nirmal%20N.%20K.jpg
IP 104.21.235.74:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Hash 04c48f5eab9f24d0ce5706ed21dbbc04
32b6411ac6a93b67822422ad7526cba37c7abf05
f38b01e0efd279e87ac41b08860ee0a644437cfc47818843b41e39ef55b36565
GET /upload/Nirmal%20N.%20K.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 17:47:34 GMT
content-type: image/jpeg
content-length: 7913
x-guploader-uploadid: ADPycdu0wqvES6NLJXoulZreTiTX-kP8lc87cJH7OuQ2ZJ9vzWngUBD1eIJOu0U4zqbscQ5JOuTltUD4aP7tDvkILwwzsA
expires: Sun, 27 Nov 2022 17:37:12 GMT
cache-control: public, max-age=14400
last-modified: Wed, 15 Jun 2022 21:47:05 GMT
etag: "04c48f5eab9f24d0ce5706ed21dbbc04"
x-goog-generation: 1655329625102087
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 7913
x-goog-hash: crc32c=hIv6mw==, md5=BMSPXqufJNDOVwbtIdu8BA==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 755
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yr5UDJrQZu9AHkp1TDKmROAzGEt4EE5WwZX6SwHzmHxlRjU2Zq%2BeJ925XtFd0FWXCBJW1Qx%2FTPzAwBIvsRPm%2Fg76akb0g8R%2FD1uAxHwZ4ZK8JdguD1e90LvXfNLm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770cb09219e77433-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/Jessica%20Cediel.jpg
104.21.235.74200 OK 11 kB URL HTTP/2 263cdn.com/upload/Jessica%20Cediel.jpg
IP 104.21.235.74:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 200x199, components 3\012- data
Hash 6ba530c5fd8a3c8b2f1e8b229abf9342
c1fc0e26ccb7902fa39c66fe99270cd80b69125c
1f5095f8810ab9621801237fb254fffb03d70d869d0e6a6141499c86c18f3462
GET /upload/Jessica%20Cediel.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 17:47:34 GMT
content-type: image/jpeg
content-length: 11084
x-guploader-uploadid: ADPycdv3dGKng1AdEwmIQYVFGfgms37PTqIDHtW2gVCHIyEl7ACLgAHn_fJFNlNH3qLoePF5trZwoOKfmU5sUmjG7wVe3EzqhVmj
x-goog-generation: 1655329596649677
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 11084
x-goog-hash: crc32c=cxk7cQ==, md5=a6Uwxf2KPIsvHosimr+TQg==
x-goog-storage-class: STANDARD
expires: Sun, 27 Nov 2022 18:04:10 GMT
cache-control: public, max-age=14400
age: 2294
last-modified: Wed, 15 Jun 2022 21:46:36 GMT
etag: "6ba530c5fd8a3c8b2f1e8b229abf9342"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=utyNMSDDT5KNNG1f1mkNrj45LkVnErd9S6kABFKQgR1Gl58yf5zf9VY%2FyZcJfJ7qHX9FWkJ0qM6y1cWx8VPHMp9ilqL1FIcoOIgwhEICoSgnCSLUULQ5ch5ObfUV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770cb09219e67433-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/Ishika%20Sharma.jpg
104.21.235.74200 OK 6.3 kB URL HTTP/2 263cdn.com/upload/Ishika%20Sharma.jpg
IP 104.21.235.74:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Hash 7da7bc3260bbe1cee90ab50478bca71f
ec3a08f36fccc26c5e039d10c64b3aec92edf7a4
3bdc8f4d4640414042a55306215d01516dd6bbea1b2d2beccba37c0fe3c807fe
GET /upload/Ishika%20Sharma.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 17:47:34 GMT
content-type: image/jpeg
content-length: 6307
x-guploader-uploadid: ADPycduSy0_xbjAN6fsCvN5RlMbP4277pKNS8nc8ey1c5vqAzc4rn7MgTTeUagHT4yj2HU4usr6n_uQqKaTjAQHPLq6LlmEyikL-
x-goog-generation: 1655329595729519
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 6307
x-goog-hash: crc32c=8FNbZA==, md5=fae8MmC74c7pCrUEeLynHw==
x-goog-storage-class: STANDARD
expires: Sun, 27 Nov 2022 17:37:12 GMT
cache-control: public, max-age=14400
age: 3230
last-modified: Wed, 15 Jun 2022 21:46:35 GMT
etag: "7da7bc3260bbe1cee90ab50478bca71f"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RI5PK%2BGYe9KLC49K%2FusodBKIbjrYxhxoUA8jcue2VlOv3ejijC3JARWjOrUSPAu1ltyusOpKRYF%2F3EkdqdAL1Wb9JIorIol%2BmrM%2B6kNva4vN2Wde%2BazL32uzIvaw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770cb09219e07433-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/pttgovtrh.box2.png
104.21.235.74200 OK 7.2 kB URL HTTP/2 263cdn.com/upload/pttgovtrh.box2.png
IP 104.21.235.74:0
File type PNG image data, 350 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 93ca32c2e557b0040e7f932b98f3e080
438259a4355bceb9175589a665707c41177b855b
8eac5ef924ec2e8d64940a74404eca4d40ddd41b0ea1e636eec4847f23479688
GET /upload/pttgovtrh.box2.png HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 17:47:34 GMT
content-type: image/png
content-length: 7199
x-guploader-uploadid: ADPycdtPTsM5zHeu9-Ki-_DV5CtYp7awwml8WecuU59kjILbm36i61Joj_OGWLSCB5T-mrk4dl9CUkBviy7aYRQG9-yTDmrHxfC4
expires: Sun, 27 Nov 2022 18:21:31 GMT
cache-control: public, max-age=14400
last-modified: Wed, 10 Aug 2022 12:17:10 GMT
etag: "93ca32c2e557b0040e7f932b98f3e080"
x-goog-generation: 1660133830079738
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 7199
x-goog-hash: crc32c=frOlLA==, md5=k8oywuVXsAQOf5MrmPPggA==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W7SUDKAqA7PSLklSmu25tc8t7cJjeieQKodpiCbUUeMrNMhs6DrIvGfbAB%2BCdWTCrJZ0RUk9TYOceKpoNDosuzuN6SvtKI%2BYMvason3pp%2FhjdPPcGi8e%2BYYWo6Xt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770cb09219d87433-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/pttgovtrh.yy.png
104.21.235.74200 OK 16 kB URL HTTP/2 263cdn.com/upload/pttgovtrh.yy.png
IP 104.21.235.74:0
File type PNG image data, 669 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 3b54916f257594105aca475f478c5ec3
86c83143779210403a2daac2de49e263a8e0abd4
6e2c711def43cd7f7c08a656fa5d0127bdac71153213566bef3fa78782e411fb
GET /upload/pttgovtrh.yy.png HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 17:47:34 GMT
content-type: image/png
content-length: 15778
x-guploader-uploadid: ADPycduHCcDs9yuersE55N9I0ZANkBFKMfsmBOIus6X245ikCh6YGT0SCcdGs_vymegJZeBwrGUerJG4WWsEBDDX9FPafA
expires: Sun, 27 Nov 2022 18:21:31 GMT
cache-control: public, max-age=14400
last-modified: Wed, 10 Aug 2022 12:17:07 GMT
etag: "3b54916f257594105aca475f478c5ec3"
x-goog-generation: 1660133827579143
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 15778
x-goog-hash: crc32c=kGVRZA==, md5=O1SRbyV1lBBaykdfR4xeww==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fECBqRDluGdw3J48EaHDyZLr5JcCSoxNYX1d8o0%2BCbNLVn7WkoxeKYmVRFhbEXx4WO8RzXS6PRb%2BCuo%2BrF6F%2Fuq0VdmVqMX1erZTXcCJ84bdUrNpfcJHIMvjcRAX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770cb091f9b67433-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/Lakshman%20Delpechitra.jpg
104.21.235.74200 OK 18 kB URL HTTP/2 263cdn.com/upload/Lakshman%20Delpechitra.jpg
IP 104.21.235.74:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 200x200, components 3\012- data
Hash 82675adbd17ad5f9bdcf0495a92aeb62
85dc4e8c56bc6da1218af543e1bb155abb917781
731f10138f2853bd4210707c74f1013d292b973087ef57fed513600e01915626
GET /upload/Lakshman%20Delpechitra.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 17:47:34 GMT
content-type: image/jpeg
content-length: 17694
x-guploader-uploadid: ADPycdvLSCzxNRh-3yh3zmEdMNjO-R5clMkXY4jRxSPESSS0xL3Q9gT_CIXPORqpsSlaKZ6wo5T3fffAYuJwNHkCSgugKu-b1nFU
expires: Sun, 27 Nov 2022 18:21:32 GMT
cache-control: public, max-age=14400
last-modified: Wed, 15 Jun 2022 21:46:48 GMT
etag: "82675adbd17ad5f9bdcf0495a92aeb62"
x-goog-generation: 1655329607991364
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 17694
x-goog-hash: crc32c=J4Wr8w==, md5=gmda29F61fm9zwSVqSrrYg==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 483
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UrvqOdpGRczyyJQDQg8Ux1kY1vHki0AtDieXmnCHScjK7Agyrv0BUbgyfkfn9z8RN%2FgZLDdNfHUj4h6amd8tSWDETb0SesA9vFDG7lLz7oiCoZWpGq2hTKI63Abr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770cb09219e47433-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/pttgovtrh.box1.png
104.21.235.74200 OK 28 kB URL HTTP/2 263cdn.com/upload/pttgovtrh.box1.png
IP 104.21.235.74:0
File type PNG image data, 350 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 021480cc6c08ac63aeb27449a55b9697
f6345aea9204d55e12b7e8bed26d08b988286f0e
3753f9be3759e0277927f88b8c8caf0f8ee574fb526a7a73fca0f15e94d36eed
GET /upload/pttgovtrh.box1.png HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 17:47:34 GMT
content-type: image/png
content-length: 27996
x-guploader-uploadid: ADPycdvQnosE4HZEVxrcFaB09RDDdrEKqvGqYh-szqrwptQGJ8lAQatxkOtVmKn_boc1ccLaY9vRzF56MeCcleaAdG26-3rr4sn2
expires: Sun, 27 Nov 2022 18:21:31 GMT
cache-control: public, max-age=14400
last-modified: Wed, 10 Aug 2022 12:17:09 GMT
etag: "021480cc6c08ac63aeb27449a55b9697"
x-goog-generation: 1660133828987532
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 27996
x-goog-hash: crc32c=8HDHNg==, md5=AhSAzGwIrGOusnRJpVuWlw==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2BiobhreT%2B5Mwi30OM7UcyVBt8kgmwpGKmm527HywhPW1BIwSj6562F0T5JpRehdmf2GiMha9il%2ByTdtrag8GTS0xqnynrOBXbIXagZ6CgH9VZTd66jddE1zbDCe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770cb091f9b87433-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/Roshel%20Fernando.jpg
104.21.235.74200 OK 18 kB URL HTTP/2 263cdn.com/upload/Roshel%20Fernando.jpg
IP 104.21.235.74:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 200x200, components 3\012- data
Hash 3ff8d45b140648ef6216fb98734ca01e
f820b296a83a6b7e8082ad641a45c1eee714dd2a
bc9fa09ef1bf78ee5ce7fdd994af392359f4a4ca0248574398d926a1b4f1228a
GET /upload/Roshel%20Fernando.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 17:47:34 GMT
content-type: image/jpeg
content-length: 18516
x-guploader-uploadid: ADPycdtQy_lq86wnGna4NEftfOiOPj_AB2fuP4JzAVJ6obsu0OknHOgH2W0PplGMU3fSOKNAFaYRuyF270oMQPQLvfu3kaFvhZ8M
x-goog-generation: 1655329646675391
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 18516
x-goog-hash: crc32c=7o2efQ==, md5=P/jUWxQGSO9iFvuYc0ygHg==
x-goog-storage-class: STANDARD
expires: Sun, 27 Nov 2022 18:04:07 GMT
cache-control: public, max-age=14400
last-modified: Wed, 15 Jun 2022 21:47:26 GMT
etag: "3ff8d45b140648ef6216fb98734ca01e"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uaUQcONlWAzN233nc0pe5JRQ6REsdlVamb5uC4iLdl0Jv8ZazoRkvgJNvIQ8HfV1P3CdCdCIQCjvYGrqvG4jowYaWhNqEm8gUyAwUNvcWaKb5J3y7l7Tckw5BQ3O"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770cb09219e27433-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/Crystal%20Chu.jpg
104.21.235.74200 OK 43 kB URL HTTP/2 263cdn.com/upload/Crystal%20Chu.jpg
IP 104.21.235.74:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 21cde227b776e55442b2a560934c9b0d
df0e96f5d66f78e5bf2f7c24a209ad34411bfdac
799d00b2c7b9a4bf8691fe8a53d5916f5022458cb0c128f1433bbc434ffda1ea
GET /upload/Crystal%20Chu.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 17:47:34 GMT
content-type: image/jpeg
content-length: 42695
x-guploader-uploadid: ADPycds2uuPhKLPokKCiE6niv60KC9nB6JMj9IJEKDasq1OlJE5Sx1MrluLh-CtuQpVn8QTyaRyI9RyoYPeGujbkWuOog2FaIz3e
expires: Sun, 27 Nov 2022 17:37:12 GMT
cache-control: public, max-age=14400
last-modified: Wed, 15 Jun 2022 21:46:04 GMT
etag: "21cde227b776e55442b2a560934c9b0d"
x-goog-generation: 1655329564575992
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 42695
x-goog-hash: crc32c=fc8jLQ==, md5=Ic3iJ7d25VRCsqVgk0ybDQ==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 3117
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E8S3Otkp6QQ5APWS1G8BPC2pRbmvnxJP0f0wDi2uzLgg%2BFC0U2uUf2Ja9BRVRvX3uP%2FghlVL75douEFCyRBOa5bX4b5bO5wGZTqJ%2Buix2hUm%2BMkLyg2OCnntnP5D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770cb09219d37433-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/pttgovtrh.zhu.jpg
104.21.235.74200 OK 63 kB URL HTTP/2 263cdn.com/upload/pttgovtrh.zhu.jpg
IP 104.21.235.74:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 512x288, components 3\012- data
Hash 0601a2685550f03348655fc080e25c31
fd194ddffaf9c6a04d82be594ea6357721684d9f
f84d8584962093d70e9685cca4cba009e538c1ff8185401905b8bb2e9180041a
GET /upload/pttgovtrh.zhu.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 17:47:34 GMT
content-type: image/jpeg
content-length: 63042
x-guploader-uploadid: ADPycdssqvP5OMGcvEnxwcfUZ1NaZk1awktNjhkkfwKWvLiKc_HNHbheFGGITC9WiklDRh6JXnemsUKxgx6O8VVngNelPjxaN6jD
expires: Sun, 27 Nov 2022 18:28:26 GMT
cache-control: public, max-age=14400
last-modified: Wed, 10 Aug 2022 12:17:09 GMT
etag: "0601a2685550f03348655fc080e25c31"
x-goog-generation: 1660133829401589
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 63042
x-goog-hash: crc32c=s2JPRw==, md5=BgGiaFVQ8DNIZV/AgOJcMQ==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TNmk1MAQ13PatRWxg%2FrYzAGzS7v2rp%2F9352b5db1gLhvFxtbZc9OPPunUWt5CeQXZ26Ku0yhz5K0cvIqKfJJAEU4KHp1zSKN5wacGWDlKXPX2rdfxlQdsNKC6Ya1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770cb091f9b77433-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/pttgovtrh.box3.png
104.21.235.74200 OK 32 kB URL HTTP/2 263cdn.com/upload/pttgovtrh.box3.png
IP 104.21.235.74:0
File type PNG image data, 350 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash f93edb634c1f341e74d43f0292ca27ca
d71b5761162229011dc5c3da98222828202dda99
fcb5aa9c6fd0f5c44d30421a60f2a0035db99a45c146bf7499db5bbeed5b81f3
GET /upload/pttgovtrh.box3.png HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 17:47:34 GMT
content-type: image/png
content-length: 32127
x-guploader-uploadid: ADPycdvFBLVaElovZH3Ewas-phJ2HupcnM8F9zyrGVopGKSR5QKNnpMxMfpr7Oq7S0hk_cC2sQFTH60LSd1hNgpO0Q3PTA
expires: Sun, 27 Nov 2022 18:28:26 GMT
cache-control: public, max-age=14400
last-modified: Wed, 10 Aug 2022 12:17:10 GMT
etag: "f93edb634c1f341e74d43f0292ca27ca"
x-goog-generation: 1660133830184363
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 32127
x-goog-hash: crc32c=fXgbkQ==, md5=+T7bY0wfNB501D8Cksonyg==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=luThz44GB6xP%2BKw9LzuHfGq2A%2FMcOL8AIL0RlxQeKpruHNKRxh6TFXuR0UHolzrIf0eQLlqsp5ogEddj5ntZjLBMx2Kc1Ol42aH9s55oTmitHQ6pyF%2FQ7%2B1ktTh7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770cb09219db7433-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 18fdd57d4da92c47b214dffa69e59828
6e00122c6edaf995c6a34219cbba101d25f375bf
0ab937ba4ad2f42d28853713a0a41e7e15ae6c6f0fd6568a04a75dc6c7669c38
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0AB937BA4AD2F42D28853713A0A41E7E15AE6C6F0FD6568A04A75DC6C7669C38"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10072
Expires: Sun, 27 Nov 2022 20:35:26 GMT
Date: Sun, 27 Nov 2022 17:47:34 GMT
Connection: keep-alive
push.services.mozilla.com/
34.214.17.205101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.214.17.205:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: NiVzoRconqBJj+yDktPbpw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 4cwU/f2BfPqmE5713pbdBTShwio=
ocsp.digicert.com/
93.184.220.29200 OK 934 B IP 93.184.220.29:0
File type gzip compressed data, from Unix\012- data
Hash a4c2ec13dacfc953da8598dc1b4992a6
b119cc386ced588dd3e44f9a4d991a70b153ef69
10723387da75a1ad0b98b471dfd2b85a5d1182d64e3f10768ec9815838751268
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 17:47:34 GMT
Server: ECS (amb/6BC0)
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 1070f987d04f66ed32c3055c234c9912
106e630271a81d058e7cb3c2b659feb17c611388
cdf1aa8aa5ab6b1a46108e12c388d75fa72a4089dd979c2ccb8003d536567d07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 17:47:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 1070f987d04f66ed32c3055c234c9912
106e630271a81d058e7cb3c2b659feb17c611388
cdf1aa8aa5ab6b1a46108e12c388d75fa72a4089dd979c2ccb8003d536567d07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 17:47:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-T_4FPQJDXos/YKsjbNLDpRI/AAAAAAAABho/lE-RXu-La9UZUtmJisWFGBB7Gyzc2-M_QCLcBGAsYHQ/s16000/Norway_inbox.png
142.250.74.161200 OK 14 kB URL HTTP/2 1.bp.blogspot.com/-T_4FPQJDXos/YKsjbNLDpRI/AAAAAAAABho/lE-RXu-La9UZUtmJisWFGBB7Gyzc2-M_QCLcBGAsYHQ/s16000/Norway_inbox.png
IP 142.250.74.161:0
File type PNG image data, 350 x 251, 8-bit colormap, non-interlaced\012- data
Hash ff055162c5d233506eece3fb69a47e74
49812e303ae6674819b6a7a6e0721d555ef64df4
7e46c8bcf219a0d6f0f3d5c5b027ed613678a0c54d637172d6495f428ff80150
GET /-T_4FPQJDXos/YKsjbNLDpRI/AAAAAAAABho/lE-RXu-La9UZUtmJisWFGBB7Gyzc2-M_QCLcBGAsYHQ/s16000/Norway_inbox.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Norway_inbox.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 13695
x-xss-protection: 0
date: Sun, 27 Nov 2022 16:13:35 GMT
expires: Sun, 06 Nov 2022 03:02:48 GMT
cache-control: public, max-age=86400, no-transform
age: 5639
etag: "v630"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/-6OjTtrMq588/YKsjbL-wmoI/AAAAAAAABhs/UuUHtZD40v4QF-PMdm29IuYEYXf1-gCCwCLcBGAsYHQ/s16000/Norway_outbox.png
142.250.74.161200 OK 181 kB URL HTTP/2 1.bp.blogspot.com/-6OjTtrMq588/YKsjbL-wmoI/AAAAAAAABhs/UuUHtZD40v4QF-PMdm29IuYEYXf1-gCCwCLcBGAsYHQ/s16000/Norway_outbox.png
IP 142.250.74.161:0
File type PNG image data, 497 x 308, 8-bit/color RGBA, non-interlaced\012- data
Size 181 kB (180954 bytes)
Hash fd835c1f326d3e7da0d9839550f66723
5004618bc15011d7d0f569f60f900d076b164b3d
b2286c3ed452ee4eeb15d2044a90cfc456d4789b2fdbe42bb9e023c9da18e4a8
GET /-6OjTtrMq588/YKsjbL-wmoI/AAAAAAAABhs/UuUHtZD40v4QF-PMdm29IuYEYXf1-gCCwCLcBGAsYHQ/s16000/Norway_outbox.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Norway_outbox.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 180954
x-xss-protection: 0
date: Sun, 27 Nov 2022 16:13:36 GMT
expires: Sun, 06 Nov 2022 03:02:48 GMT
cache-control: public, max-age=86400, no-transform
age: 5638
etag: "v632"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 1070f987d04f66ed32c3055c234c9912
106e630271a81d058e7cb3c2b659feb17c611388
cdf1aa8aa5ab6b1a46108e12c388d75fa72a4089dd979c2ccb8003d536567d07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 17:47:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 2dfd3ac6ce735c991b3704497aa13790
b57954595099aef5199194bac11222b880e1d487
6c587d1fb95ac97db8ccb293302c5c6ff7b6b76bf644f71152b7947970f76d40
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 17:47:34 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 01 Dec 2022 16:52:02 GMT
ETag: "b57954595099aef5199194bac11222b880e1d487"
Last-Modified: Sun, 27 Nov 2022 16:52:03 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 627
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770cb096ff791bfa-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 2dfd3ac6ce735c991b3704497aa13790
b57954595099aef5199194bac11222b880e1d487
6c587d1fb95ac97db8ccb293302c5c6ff7b6b76bf644f71152b7947970f76d40
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 17:47:34 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 01 Dec 2022 16:52:02 GMT
ETag: "b57954595099aef5199194bac11222b880e1d487"
Last-Modified: Sun, 27 Nov 2022 16:52:03 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 627
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770cb0970f921bfa-OSL
region1.google-analytics.com/g/collect?v=2&tid=G-LW7434MYMN>m=2oeb90&_p=934046888&cid=1880941614.1669571254&ul=en-us&sr=1280x1024&_s=1&sid=1669571254&sct=1&seg=0&dl=https%3A%2F%2Finfcjal.cn%2FmXh3wcAf%2Fpttgovtrh%2F%3F_t%3D1669571253214&dr=http%3A%2F%2Fwouldterminate.cn%2F&dt=%F0%9F%8E%89%EF%B8%8F%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FPtt%20180th%20Anniversary%20Government%20Postal%20Subsidy!%F0%9F%92%95%F0%9F%8E%81%F0%9F%8E%8A&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-LW7434MYMN>m=2oeb90&_p=934046888&cid=1880941614.1669571254&ul=en-us&sr=1280x1024&_s=1&sid=1669571254&sct=1&seg=0&dl=https%3A%2F%2Finfcjal.cn%2FmXh3wcAf%2Fpttgovtrh%2F%3F_t%3D1669571253214&dr=http%3A%2F%2Fwouldterminate.cn%2F&dt=%F0%9F%8E%89%EF%B8%8F%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FPtt%20180th%20Anniversary%20Government%20Postal%20Subsidy!%F0%9F%92%95%F0%9F%8E%81%F0%9F%8E%8A&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-LW7434MYMN>m=2oeb90&_p=934046888&cid=1880941614.1669571254&ul=en-us&sr=1280x1024&_s=1&sid=1669571254&sct=1&seg=0&dl=https%3A%2F%2Finfcjal.cn%2FmXh3wcAf%2Fpttgovtrh%2F%3F_t%3D1669571253214&dr=http%3A%2F%2Fwouldterminate.cn%2F&dt=%F0%9F%8E%89%EF%B8%8F%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FPtt%20180th%20Anniversary%20Government%20Postal%20Subsidy!%F0%9F%92%95%F0%9F%8E%81%F0%9F%8E%8A&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://infcjal.cn
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://infcjal.cn
date: Sun, 27 Nov 2022 17:47:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-H405T7BH4N>m=2oeb90&_p=934046888&cid=1880941614.1669571254&ul=en-us&sr=1280x1024&_s=1&sid=1669571254&sct=1&seg=0&dl=https%3A%2F%2Finfcjal.cn%2FmXh3wcAf%2Fpttgovtrh%2F%3F_t%3D1669571253214&dr=http%3A%2F%2Fwouldterminate.cn%2F&dt=%F0%9F%8E%89%EF%B8%8F%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FPtt%20180th%20Anniversary%20Government%20Postal%20Subsidy!%F0%9F%92%95%F0%9F%8E%81%F0%9F%8E%8A&en=page_view&_fv=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-H405T7BH4N>m=2oeb90&_p=934046888&cid=1880941614.1669571254&ul=en-us&sr=1280x1024&_s=1&sid=1669571254&sct=1&seg=0&dl=https%3A%2F%2Finfcjal.cn%2FmXh3wcAf%2Fpttgovtrh%2F%3F_t%3D1669571253214&dr=http%3A%2F%2Fwouldterminate.cn%2F&dt=%F0%9F%8E%89%EF%B8%8F%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FPtt%20180th%20Anniversary%20Government%20Postal%20Subsidy!%F0%9F%92%95%F0%9F%8E%81%F0%9F%8E%8A&en=page_view&_fv=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-H405T7BH4N>m=2oeb90&_p=934046888&cid=1880941614.1669571254&ul=en-us&sr=1280x1024&_s=1&sid=1669571254&sct=1&seg=0&dl=https%3A%2F%2Finfcjal.cn%2FmXh3wcAf%2Fpttgovtrh%2F%3F_t%3D1669571253214&dr=http%3A%2F%2Fwouldterminate.cn%2F&dt=%F0%9F%8E%89%EF%B8%8F%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FPtt%20180th%20Anniversary%20Government%20Postal%20Subsidy!%F0%9F%92%95%F0%9F%8E%81%F0%9F%8E%8A&en=page_view&_fv=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://infcjal.cn
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: https://infcjal.cn
date: Sun, 27 Nov 2022 17:47:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11378
Expires: Sun, 27 Nov 2022 20:57:13 GMT
Date: Sun, 27 Nov 2022 17:47:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11378
Expires: Sun, 27 Nov 2022 20:57:13 GMT
Date: Sun, 27 Nov 2022 17:47:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11378
Expires: Sun, 27 Nov 2022 20:57:13 GMT
Date: Sun, 27 Nov 2022 17:47:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11378
Expires: Sun, 27 Nov 2022 20:57:13 GMT
Date: Sun, 27 Nov 2022 17:47:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11378
Expires: Sun, 27 Nov 2022 20:57:13 GMT
Date: Sun, 27 Nov 2022 17:47:35 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1db6041a0bdb2319ae85afcc30caaeec
3b0ec6a7188dadf986f72fda8110296d9abd6f35
05f1f9b7834e7268dc34e3233434217f58cb68ee43a403cd08d0bb0ab4f37815
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34752db1-0be8-4784-9fa0-41e828e40e06.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13049
x-amzn-requestid: 2755f206-af23-4597-b4b9-7dae5001d6be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cBsvpHDJoAMFhFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d5b30-600008f573bd7e0024585eb1;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 23:28:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MA_O50Lu6RRAFJpzXmVXhkxvYazdX5Lhk2Qa5k9fYUhBta-IWpVT1g==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 01:46:48 GMT
age: 57647
etag: "3b0ec6a7188dadf986f72fda8110296d9abd6f35"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AVwDLlKoy5pc9NNuR_OakMB0ONGAoO-k2AKwV--b2sjiaqYSKAWlZg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:37 GMT
age: 71758
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2cd887044e91d7ed0f1a8d7119ff7dd0
ae8aa4ce6ddaccba771fe65446926b60fc5628da
bad283c15531000b7a8c126d442154b64a880cc26196a46cbd2e6266a526db67
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10199
x-amzn-requestid: baee3bbe-7ded-425a-ae39-fccfc8169217
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iF1VIAMF09g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-5522727b2f09b27e63b23270;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CXOqm7bjsSV0aJBTkTI7LsMovjgPeISPt3sZotEc7CjZnUL_y4_OoQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:51:41 GMT
age: 71754
etag: "ae8aa4ce6ddaccba771fe65446926b60fc5628da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.jsdelivr.cc/npm/jquery@3.6.0/dist/jquery.min.js
104.21.0.245200 OK 41 kB URL HTTP/2 cdn.jsdelivr.cc/npm/jquery@3.6.0/dist/jquery.min.js
IP 104.21.0.245:0
File type ASCII text, with very long lines (65446), with CRLF line terminators
Hash 347c332fef32877ef9bda12b36a7d0b4
fc06cac3f2ef57decd77775cc8e26940fa9bfcca
9a23a05e6c295d709422486e4282e4b5685eae0a8a20d3b034e6046219bddba6
GET /npm/jquery@3.6.0/dist/jquery.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 17:47:34 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycdujKqP4OmsICcw4by2ej4M3gF2bmp67KcND5Yd7ZkChGu92L3U7j930k4J7s5KmD98KzStiLKDZt_7_8jjTVv4
expires: Sun, 27 Nov 2022 18:35:23 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:30:17 GMT
etag: W/"3e4bb227fb55271bfe9c9d4a09147bd8"
x-goog-generation: 1647502217775195
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 89501
x-goog-hash: crc32c=JnXAUA==, md5=PkuyJ/tVJxv+nJ1KCRR72A==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 545
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xsVBs%2F1LY487sb1YPH9o4v%2BMtRfLQ9OzvZRJQOXGA1AE%2FXyV0OCvE1IsKCrELFUWaHgY%2BLfevvSCZjhiPiCkoiBF5w%2FHbCzTwJ%2FF4bjRgFREsKIlJqKFGfok9TtP1FHUCZM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770cb0918cc11c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfaef414-0c01-4bb9-800d-29da0ef5607d.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfaef414-0c01-4bb9-800d-29da0ef5607d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e97baa4851785eac92c719abf481c64
c32a57038d3cdbc514c9081c9938eca6a04fb481
adb59e982648082e5421f58899a5331b2747e9d45be33c495fbe3ab8cc872b22
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfaef414-0c01-4bb9-800d-29da0ef5607d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8387
x-amzn-requestid: e4ce369f-7654-4c1a-94c2-70c913eb1a01
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFL0tEcqIAMFXHw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637ec01d-37bd969f4cdfe220096b8c1f;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 00:51:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: __2hrJIdzCKzhuJ_YfbSSfz-WwyIqnPugk7P6SuYSjn6b2wwm0otCw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 20:58:18 GMT
age: 74957
etag: "c32a57038d3cdbc514c9081c9938eca6a04fb481"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15290721-a62e-49b8-80c6-967680cff24f.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15290721-a62e-49b8-80c6-967680cff24f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f7f16c0f8a8e710210ce77c0e4c1c2a2
590c34be54c9889eec4ff7993e070fda836f711f
4224287ba765da59c877ac4f1dec65accc5bec934b7598d9cbbee669ba4ab12e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15290721-a62e-49b8-80c6-967680cff24f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6883
x-amzn-requestid: 9e3878c9-1817-427e-b121-969a8cbc7ad8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cL1ySF0tIAMFY4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638169a8-5143ffea77b70cf67ef60ad7;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 01:19:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GT3Futv4Ztnl2Og2TQFk5311m92Mv_jfvkIZYJXpjJMdkxSB6MI06g==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 06:42:16 GMT
age: 39919
etag: "590c34be54c9889eec4ff7993e070fda836f711f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?ba99808308e7272d58c43367a11d1204
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?ba99808308e7272d58c43367a11d1204
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (629)
Hash 94af2852d77ad99d8f5e423c5e042ddc
96d801e24e588d75acb4c054e3299b5f5a6c0fbd
b41f81d053e301ccd5f227ecb7d62b61ecd923f5e91852e0168de7d41a6633b9
GET /hm.js?ba99808308e7272d58c43367a11d1204 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11267
Content-Type: application/javascript
Date: Sun, 27 Nov 2022 17:47:35 GMT
Etag: d57034c6c9db5d537fe53c83e32577e7
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=59B61D6C330AADC5; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?e92034f33759a42b06b99361ecc0f55c
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?e92034f33759a42b06b99361ecc0f55c
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (664)
Hash 9f35fe24496ff399b9ba7aa48d8eb004
fb7001795903e088f8c4e80dc694728674b5b170
d7709eb354b4b3557c558ec0018ddc9a3e932eaacef03cedfd6e8f88adb1221e
GET /hm.js?e92034f33759a42b06b99361ecc0f55c HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11302
Content-Type: application/javascript
Date: Sun, 27 Nov 2022 17:47:35 GMT
Etag: f6fa6d5a4f3c31570ff16aa469b42a81
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=41DB309D55D0AC1E; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?957de4d70bf7b7be33bc859d43ad70c6
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?957de4d70bf7b7be33bc859d43ad70c6
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (625)
Hash 7ca9b88fe4d21188db1efc347288e7ee
3c140d0a6ecc03441e133c47b9796b47e6ebf390
ec1a5baba143a08ae4b3ae8425dd0e77885355b73bd7af456ab35906ee182dc0
GET /hm.js?957de4d70bf7b7be33bc859d43ad70c6 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11263
Content-Type: application/javascript
Date: Sun, 27 Nov 2022 17:47:35 GMT
Etag: 68ecc2b86939833916b8e99282fb4983
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=9AEB35C418BDF088; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
uprimp.com/bnr.php?section=General&pub=593174&format=300x50&ga=g
185.66.200.220200 OK 12 kB URL HTTP/2 uprimp.com/bnr.php?section=General&pub=593174&format=300x50&ga=g
IP 185.66.200.220:0
ASN #201702 skHosting.eu s.r.o.
Hash 36f715fe845d34e511f4c959a9a7624d
8b9ea11efaa76d5f8ffae39f872fac11620cd7fb
0c3d9796934b83944f22012103837e60d052f0775d9972efbba57f9e9954349b
GET /bnr.php?section=General&pub=593174&format=300x50&ga=g HTTP/1.1
Host: uprimp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 17:47:34 GMT
content-type: application/javascript
expires: Sun, 27 Nov 2022 17:47:34 GMT
last-modified: Sun, 27 Nov 2022 17:47:34 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
X-Firefox-Spdy: h2
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1056199379&si=ba99808308e7272d58c43367a11d1204&su=http%3A%2F%2Fwouldterminate.cn%2F&v=1.3.0&lv=1&sn=1595&r=0&ww=1280&u=https%3A%2F%2Finfcjal.cn%2FmXh3wcAf%2Fpttgovtrh%2F%3F_t%3D1669571253214%231669571254489&tt=%F0%9F%8E%89%EF%B8%8F%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FPtt%20180th%20Anniversary%20Government%20Postal%20Subsidy!%F0%9F%92%95%F0%9F%8E%81%F0%9F%8E%8A
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1056199379&si=ba99808308e7272d58c43367a11d1204&su=http%3A%2F%2Fwouldterminate.cn%2F&v=1.3.0&lv=1&sn=1595&r=0&ww=1280&u=https%3A%2F%2Finfcjal.cn%2FmXh3wcAf%2Fpttgovtrh%2F%3F_t%3D1669571253214%231669571254489&tt=%F0%9F%8E%89%EF%B8%8F%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FPtt%20180th%20Anniversary%20Government%20Postal%20Subsidy!%F0%9F%92%95%F0%9F%8E%81%F0%9F%8E%8A
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1056199379&si=ba99808308e7272d58c43367a11d1204&su=http%3A%2F%2Fwouldterminate.cn%2F&v=1.3.0&lv=1&sn=1595&r=0&ww=1280&u=https%3A%2F%2Finfcjal.cn%2FmXh3wcAf%2Fpttgovtrh%2F%3F_t%3D1669571253214%231669571254489&tt=%F0%9F%8E%89%EF%B8%8F%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FPtt%20180th%20Anniversary%20Government%20Postal%20Subsidy!%F0%9F%92%95%F0%9F%8E%81%F0%9F%8E%8A HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sun, 27 Nov 2022 17:47:35 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=2F9103733AB09EEC; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=222344678&si=e92034f33759a42b06b99361ecc0f55c&su=http%3A%2F%2Fwouldterminate.cn%2F&v=1.3.0&lv=1&sn=1595&r=0&ww=1280&u=https%3A%2F%2Finfcjal.cn%2FmXh3wcAf%2Fpttgovtrh%2F%3F_t%3D1669571253214%231669571254489&tt=%F0%9F%8E%89%EF%B8%8F%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FPtt%20180th%20Anniversary%20Government%20Postal%20Subsidy!%F0%9F%92%95%F0%9F%8E%81%F0%9F%8E%8A
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=222344678&si=e92034f33759a42b06b99361ecc0f55c&su=http%3A%2F%2Fwouldterminate.cn%2F&v=1.3.0&lv=1&sn=1595&r=0&ww=1280&u=https%3A%2F%2Finfcjal.cn%2FmXh3wcAf%2Fpttgovtrh%2F%3F_t%3D1669571253214%231669571254489&tt=%F0%9F%8E%89%EF%B8%8F%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FPtt%20180th%20Anniversary%20Government%20Postal%20Subsidy!%F0%9F%92%95%F0%9F%8E%81%F0%9F%8E%8A
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=222344678&si=e92034f33759a42b06b99361ecc0f55c&su=http%3A%2F%2Fwouldterminate.cn%2F&v=1.3.0&lv=1&sn=1595&r=0&ww=1280&u=https%3A%2F%2Finfcjal.cn%2FmXh3wcAf%2Fpttgovtrh%2F%3F_t%3D1669571253214%231669571254489&tt=%F0%9F%8E%89%EF%B8%8F%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FPtt%20180th%20Anniversary%20Government%20Postal%20Subsidy!%F0%9F%92%95%F0%9F%8E%81%F0%9F%8E%8A HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sun, 27 Nov 2022 17:47:35 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=01B6C78B25E36780; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=516721891&si=957de4d70bf7b7be33bc859d43ad70c6&su=http%3A%2F%2Fwouldterminate.cn%2F&v=1.3.0&lv=1&sn=1596&r=0&ww=1280&u=https%3A%2F%2Finfcjal.cn%2FmXh3wcAf%2Fpttgovtrh%2F%3F_t%3D1669571253214%231669571254489&tt=%F0%9F%8E%89%EF%B8%8F%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FPtt%20180th%20Anniversary%20Government%20Postal%20Subsidy!%F0%9F%92%95%F0%9F%8E%81%F0%9F%8E%8A
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=516721891&si=957de4d70bf7b7be33bc859d43ad70c6&su=http%3A%2F%2Fwouldterminate.cn%2F&v=1.3.0&lv=1&sn=1596&r=0&ww=1280&u=https%3A%2F%2Finfcjal.cn%2FmXh3wcAf%2Fpttgovtrh%2F%3F_t%3D1669571253214%231669571254489&tt=%F0%9F%8E%89%EF%B8%8F%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FPtt%20180th%20Anniversary%20Government%20Postal%20Subsidy!%F0%9F%92%95%F0%9F%8E%81%F0%9F%8E%8A
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=516721891&si=957de4d70bf7b7be33bc859d43ad70c6&su=http%3A%2F%2Fwouldterminate.cn%2F&v=1.3.0&lv=1&sn=1596&r=0&ww=1280&u=https%3A%2F%2Finfcjal.cn%2FmXh3wcAf%2Fpttgovtrh%2F%3F_t%3D1669571253214%231669571254489&tt=%F0%9F%8E%89%EF%B8%8F%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FPtt%20180th%20Anniversary%20Government%20Postal%20Subsidy!%F0%9F%92%95%F0%9F%8E%81%F0%9F%8E%8A HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sun, 27 Nov 2022 17:47:36 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=EB9CC3D7367A16A9; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2135621200&si=8b68846a3ac1709b0ec7199084ee5ea8&su=http%3A%2F%2Fwouldterminate.cn%2F&v=1.3.0&lv=1&sn=1596&r=0&ww=1280&u=https%3A%2F%2Finfcjal.cn%2FmXh3wcAf%2Fpttgovtrh%2F%3F_t%3D1669571253214%231669571254489&tt=%F0%9F%8E%89%EF%B8%8F%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FPtt%20180th%20Anniversary%20Government%20Postal%20Subsidy!%F0%9F%92%95%F0%9F%8E%81%F0%9F%8E%8A
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2135621200&si=8b68846a3ac1709b0ec7199084ee5ea8&su=http%3A%2F%2Fwouldterminate.cn%2F&v=1.3.0&lv=1&sn=1596&r=0&ww=1280&u=https%3A%2F%2Finfcjal.cn%2FmXh3wcAf%2Fpttgovtrh%2F%3F_t%3D1669571253214%231669571254489&tt=%F0%9F%8E%89%EF%B8%8F%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FPtt%20180th%20Anniversary%20Government%20Postal%20Subsidy!%F0%9F%92%95%F0%9F%8E%81%F0%9F%8E%8A
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2135621200&si=8b68846a3ac1709b0ec7199084ee5ea8&su=http%3A%2F%2Fwouldterminate.cn%2F&v=1.3.0&lv=1&sn=1596&r=0&ww=1280&u=https%3A%2F%2Finfcjal.cn%2FmXh3wcAf%2Fpttgovtrh%2F%3F_t%3D1669571253214%231669571254489&tt=%F0%9F%8E%89%EF%B8%8F%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FPtt%20180th%20Anniversary%20Government%20Postal%20Subsidy!%F0%9F%92%95%F0%9F%8E%81%F0%9F%8E%8A HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sun, 27 Nov 2022 17:47:36 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=55AC99A0551546A7; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
cdn.jsdelivr.cc/npm/popper.js@1.16.1/dist/umd/popper.min.js
104.21.0.245200 OK 0 B URL HTTP/2 cdn.jsdelivr.cc/npm/popper.js@1.16.1/dist/umd/popper.min.js
IP 104.21.0.245:0
GET /npm/popper.js@1.16.1/dist/umd/popper.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 17:47:34 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycdt8iAiFUD-J6NleyhXb8_vV8-wAPh_5tba_l2ugugXdkSJbrWiN1EsoSHZyahG4iSEJB_zV100HdRQRWXjd72Q
expires: Sun, 27 Nov 2022 16:32:35 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:44:44 GMT
etag: W/"31c898c6d2ea13c30441657ff1900d81"
x-goog-generation: 1647503084523089
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 21236
x-goog-hash: crc32c=7cW0Gg==, md5=MciYxtLqE8MEQWV/8ZANgQ==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 2715
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kBgm9cZR1JK%2FWrqL8AfL0eH2zlUH9COaDz20gurWO1TWuscVi1c44tpVm9%2BuO2%2Ft1I7Af5TOo1xAjQkXEKl46bzCzpUS3QA25oXyMKsgntk1qOTX1UdDvmpwbH8i0Bm2934%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770cb0918cc01c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
infcjal.cn/mXh3wcAf/pttgovtrh/?_t=1669571253214
104.21.36.189200 OK 0 B URL HTTP/2 infcjal.cn/mXh3wcAf/pttgovtrh/?_t=1669571253214
IP 104.21.36.189:0
Analyzer Verdict Alert fortinet Phishing
GET /mXh3wcAf/pttgovtrh/?_t=1669571253214 HTTP/1.1
Host: infcjal.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://wouldterminate.cn/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 17:47:33 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: pttgovtrh-tthh1=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.infcjal.cn
pttgovtrh-tthh2=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.infcjal.cn
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O9n234vy560ljRzOkUrdm2Hv5COehaYzQ9wmruMLfWcgtgBHAdwY9LhJngEL1aQYqo0ScVxPFaSi1gi9PZhTVXNkbMdu%2FsSPqFHFLSJ%2Bp8voqf44aB4dMDS4EgZk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770cb08f8c09fac8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/js/bootstrap.min.js
104.21.0.245200 OK 0 B URL HTTP/2 cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/js/bootstrap.min.js
IP 104.21.0.245:0
GET /npm/bootstrap@4.6.0/dist/js/bootstrap.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 17:47:34 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycdv0chj5F1Awc6K7Usaiie2qXL87Fxg5kp7mYqQH9s8HWV5Nuv0HuTqJ2hz1F5xUG9MGapUfK4P-pfLXRasYr-w
expires: Sun, 27 Nov 2022 17:31:44 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:36:54 GMT
etag: W/"c99230d2575380d7f95ff626606d2426"
x-goog-generation: 1647502614200576
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 63473
x-goog-hash: crc32c=x2l+AA==, md5=yZIw0ldTgNf5X/YmYG0kJg==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 2714
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tf9VGcWQZ%2FwjypISCYz9LDuP5H5rL5PuhqYNAMrfZyqU%2F4MDqTIgndtM8VgSA8%2F0nb6YSMQtEUPzUcqe4AWL%2BZLP0xN1XVChhbH2IQNpVz4cM2g6N71cXm0erPvbXn4YT3s%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770cb0917cae1c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/css/sr.css
104.21.0.245200 OK 0 B URL HTTP/2 cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/css/sr.css
IP 104.21.0.245:0
GET /npm/bootstrap@4.6.0/dist/css/sr.css HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 17:47:34 GMT
content-type: text/css
x-guploader-uploadid: ADPycduD-oecLGxdSVXxwsATms3sZ66KUyJQMx86RGpCbZYX3ICKx1iZA9il28jSUCwHCQ3gKHfrPibNdTgninyBBtinxg
expires: Sun, 27 Nov 2022 18:00:27 GMT
cache-control: public, max-age=3600
last-modified: Fri, 22 Apr 2022 09:51:08 GMT
etag: W/"75710b7c7ae0013c5cda99a0053ec3d9"
x-goog-generation: 1650621068399108
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 20647
x-goog-hash: crc32c=3qMyMQ==, md5=dXELfHrgATxc2pmgBT7D2Q==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 102
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wQ1GBdsAqiiXbw1arK5YQibAuEKnV67Hyr1Q9TtfDGVqp9DD3j9uR1s34srOMsko%2BVyM%2B9hKD6xrg10W9qIHcI1huwNA6Vfyff8mZjD5Co6lVX%2FM2cT2obW5Lnvdu9dYvn0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770cb0917cb61c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.cc/npm/lazyload@2.0.0-rc.2/lazyload.min.js
104.21.0.245200 OK 0 B URL HTTP/2 cdn.jsdelivr.cc/npm/lazyload@2.0.0-rc.2/lazyload.min.js
IP 104.21.0.245:0
GET /npm/lazyload@2.0.0-rc.2/lazyload.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 17:47:34 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycdsQwI6S5jC2ZwwNbaEnMvjelWJ3GXYdnwkp6yGGRsWcMv2CGKN45430-s2v57JOsXldQJq3rMwQOTmm_DkHtW4
x-goog-generation: 1647502963816044
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 4798
x-goog-hash: crc32c=lted8w==, md5=3G3pgTxxS6mXM8pPtdOh+g==
x-goog-storage-class: STANDARD
expires: Sun, 27 Nov 2022 17:35:02 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:42:43 GMT
etag: W/"dc6de9813c714ba99733ca4fb5d3a1fa"
cf-cache-status: HIT
age: 2715
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P43XQzcUaapy%2BPZ1r4OeinEB46I0XvKX0rnAzyk6Uoqi%2BocxiTVE%2Fvh1B4wsF5HlrceclnC4puuxGuMkvAJgAD%2B3YMY6D2JODdu%2FV5KAwUX8Vx3WLG%2FOWQ7MuScdIZdxvEA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770cb091acdf1c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bonepa.com/4fe48aebd6/4f59451604/?placementName=Tab&is_first=true&randomA=0_3957&maxw=0
185.66.201.42200 OK 0 B URL HTTP/2 bonepa.com/4fe48aebd6/4f59451604/?placementName=Tab&is_first=true&randomA=0_3957&maxw=0
IP 185.66.201.42:0
ASN #201702 skHosting.eu s.r.o.
GET /4fe48aebd6/4f59451604/?placementName=Tab&is_first=true&randomA=0_3957&maxw=0 HTTP/1.1
Host: bonepa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 17:47:36 GMT
content-type: text/html; charset=UTF-8
set-cookie: shown1=0; expires=Mon, 28-Nov-2022 17:47:36 GMT; Max-Age=86400; secure; SameSite=None
used_ad2633299=1; expires=Mon, 28-Nov-2022 04:59:59 GMT; Max-Age=40343; path=/; secure; SameSite=None
total_impressions=1; expires=Mon, 28-Nov-2022 04:59:59 GMT; Max-Age=40343; secure; SameSite=None
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css
104.21.0.245200 OK 0 B URL HTTP/2 cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css
IP 104.21.0.245:0
GET /npm/bootstrap@4.6.0/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 17:47:34 GMT
content-type: text/css
x-guploader-uploadid: ADPycduCHwg6n53VPzNb_-57qJzhoPJbEBdMgpsWgTX19t4NIh3Tdte6MCXenDGQTAuiJrpSRG3G9WDZErClLNvZVXhXccOSWw
expires: Sun, 27 Nov 2022 17:29:13 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:38:12 GMT
etag: W/"feba0d0760607b9e21393156949afcd9"
x-goog-generation: 1647502692716912
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 161415
x-goog-hash: crc32c=Sb/HMQ==, md5=/roNB2Bge54hOTFWlJr82Q==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 2715
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2B64VLJwK0PmOaHSObYnuO2PT278BJA0aYqdbLMJ8E2MM1%2FBGNjJPW3JPpZ3pMf%2Bk6jpm4CYDTvdXtd3iQkN%2BM7isiiUC1NNoXvkiy2UPlLDxzlo9I4F8OTZYLGiJpBpzBA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770cb0918cc41c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bonepa.com/js/responsive.js
185.66.201.42200 OK 0 B URL HTTP/2 bonepa.com/js/responsive.js
IP 185.66.201.42:0
ASN #201702 skHosting.eu s.r.o.
Analyzer Verdict Alert fortinet Phishing
GET /js/responsive.js HTTP/1.1
Host: bonepa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 17:47:34 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 13:52:39 GMT
etag: W/"63627627-e32"
content-encoding: br
X-Firefox-Spdy: h2