r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 4a5e9bc8b7891ac5f4552c29bcbaedb0
39735081eeb64eae477c61c1147daeb68fb37b22
c465efaf205ff2992af02c16187ca14a658cd5335b892903374f3adab32a8cd9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C465EFAF205FF2992AF02C16187CA14A658CD5335B892903374F3ADAB32A8CD9"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3979
Expires: Fri, 16 Dec 2022 02:55:45 GMT
Date: Fri, 16 Dec 2022 01:49:26 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 381442da2a14cb93770f4c8f6e19d35b
31c48467751e2450a63004c57eea0c7872023eaf
61b0985f47033bd7020ab3b8cdcbc6c17be6ab9b6feba69e006088b78e21c0f0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61B0985F47033BD7020AB3B8CDCBC6C17BE6AB9B6FEBA69E006088B78E21C0F0"
Last-Modified: Thu, 15 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17651
Expires: Fri, 16 Dec 2022 06:43:37 GMT
Date: Fri, 16 Dec 2022 01:49:26 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 16 Dec 2022 01:33:58 GMT
content-type: application/json
age: 928
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5b38399fcc8246505e5e6b0f62803a5a
bb374f8d97b2bd798873d74c6bbab20ad6843e96
406ab3af8adf2b151c052a06c0379fd8d83d3362e90c17ac2e5481b6b9a7441f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "406AB3AF8ADF2B151C052A06C0379FD8D83D3362E90C17AC2E5481B6B9A7441F"
Last-Modified: Thu, 15 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2394
Expires: Fri, 16 Dec 2022 02:29:20 GMT
Date: Fri, 16 Dec 2022 01:49:26 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 7a+HFhbC8YZy9hoM5/YYhSvwp/my1R+qc9RZpYnJTaivsFgBoSqfAlGj49l3Qf4ZoEmM4oIVLwc=
x-amz-request-id: 3NK0EW6M0HZKKC5Z
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 16 Dec 2022 00:53:00 GMT
age: 3386
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
czjilce-aqg-6.tk/nene/login.globalsources.com/error.php?email=
162.241.87.224200 OK 12 kB URL HTTP/1.1 czjilce-aqg-6.tk/nene/login.globalsources.com/error.php?email=
IP 162.241.87.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (597), with CRLF line terminators
Hash 2a23682e6c344b2d2b01dc13d0e8c2ff
7373290b4cce98841e2e4c72baf57971cc55e68e
f6de24cb3a3a13acc164ec1d88c628c6bbe7280c7082c50f97bce4e4df3578e9
Analyzer Verdict Alert openphish Global Sources (HK)
fortinet Phishing
quad9 Sinkholed
GET /nene/login.globalsources.com/error.php?email= HTTP/1.1
Host: czjilce-aqg-6.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Fri, 16 Dec 2022 01:49:26 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 16 Dec 2022 01:49:26 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 16 Dec 2022 01:33:21 GMT
age: 966
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b9f0adeb27a19629aeff6f34de67f3ad
3876d1b871d7da6d18de23c2edb301eb30728066
c5744a90c8f66629aa2331465a32afe0d430b36d16fd98bc821e370f1b24463c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 407
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 01:49:27 GMT
Last-Modified: Fri, 16 Dec 2022 01:42:41 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.188.211.138101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.188.211.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: pIxy1z46U28sKgcDPziNxw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: BXwFQeyWTeysrUPsQQBYo4hlV+k=
login.globalsources.com/sso/gsol/pex/en/balat/images/GSLOGO.PNG
107.154.199.39200 OK 3.8 kB URL HTTP/2 login.globalsources.com/sso/gsol/pex/en/balat/images/GSLOGO.PNG
IP 107.154.199.39:0
File type PNG image data, 210 x 32, 8-bit colormap, non-interlaced\012- data
Hash a8656a61ac922e6b5e297627ae7b078a
fd0a07d76165669d22d9b8c1e930da9fb51aef22
465c8b941a45a964b3c73162a3357083c03e807f2eb45a6e0cc03658f686ece6
GET /sso/gsol/pex/en/balat/images/GSLOGO.PNG HTTP/1.1
Host: login.globalsources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://czjilce-aqg-6.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Dec 2022 01:49:28 GMT
content-type: image/png
content-length: 3788
set-cookie: AWSALBTG=DP2FTFm2v1w+FNoxcjFXbx6ljli7A3qqDsoSUQxl8Tpgv2CaMYaoq8fpw3e2lestuo1mV1o34xp0uAehC9ZK35rm7ruzfdfmVwfNCZe6X1NC17ShI9W1/9OHSgNJFpqmm4w+pn04LNbsFZSMMwe8/e2pV1q4E67Fjqx6sW08yyWQ; Expires=Fri, 23 Dec 2022 01:49:27 GMT; Path=/
AWSALBTGCORS=DP2FTFm2v1w+FNoxcjFXbx6ljli7A3qqDsoSUQxl8Tpgv2CaMYaoq8fpw3e2lestuo1mV1o34xp0uAehC9ZK35rm7ruzfdfmVwfNCZe6X1NC17ShI9W1/9OHSgNJFpqmm4w+pn04LNbsFZSMMwe8/e2pV1q4E67Fjqx6sW08yyWQ; Expires=Fri, 23 Dec 2022 01:49:27 GMT; Path=/; SameSite=None; Secure
AWSALB=1tx0b9FTQlSUuXKkedaRwr1jpwfx/M8AVdxjQpjMlL8F/Kpkjg4FTA4nv1uGfG5LDcECRIqSRYbxP93rU5b+FyChlRkN6NguXhxYJTs95UOTeLSTyRhV/5FnO7Ou; Expires=Fri, 23 Dec 2022 01:49:27 GMT; Path=/
AWSALBCORS=1tx0b9FTQlSUuXKkedaRwr1jpwfx/M8AVdxjQpjMlL8F/Kpkjg4FTA4nv1uGfG5LDcECRIqSRYbxP93rU5b+FyChlRkN6NguXhxYJTs95UOTeLSTyRhV/5FnO7Ou; Expires=Fri, 23 Dec 2022 01:49:27 GMT; Path=/; SameSite=None; Secure
nlbi_2766148=QeSlWIcqdiQ62XvQOJREPwAAAABKF6d47s/ccx5Wf3fRX4q/; path=/; Domain=.globalsources.com
visid_incap_2766148=GdSIXNg9RYmmQmXiGDzBHKbOm2MAAAAAQUIPAAAAAABMwy4L4azR8z4IBIZTbkfZ; expires=Fri, 15 Dec 2023 22:29:58 GMT; HttpOnly; path=/; Domain=.globalsources.com
incap_ses_277_2766148=7E1MXGRFEE5Bud9giBrYA6fOm2MAAAAApD2D4i1bWIuDF+dXm7FrPA==; path=/; Domain=.globalsources.com
last-modified: Thu, 28 Apr 2022 06:28:08 GMT
accept-ranges: bytes
cache-control: no-cache
pragma: no-cache
expires: Mon, 01 Jan 1999 00:00:00 GMT
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' *.globalsources.com; upgrade-insecure-requests;
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.globalsources.com ; form-action 'none' data: blob: ; frame-ancestors 'self' ; report-uri /csp_report
x-iinfo: 8-10104692-10104697 2NNN RT(1671155366595 37) q(0 0 0 4) r(9 9) U2
X-Firefox-Spdy: h2
login.globalsources.com/sso/gsol/pex/en/balat/images/APPEDU_LOGO_APP.JPG
107.154.199.39200 OK 4.3 kB URL HTTP/2 login.globalsources.com/sso/gsol/pex/en/balat/images/APPEDU_LOGO_APP.JPG
IP 107.154.199.39:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 142x46, components 3\012- data
Hash 3416d1e30f078febf83bad93f15f7ba6
2997b26ac512fd945f5c1ef64e3bcf178ee47f6b
900774ab9d108ddeee13c38f67680d8b855588ab4b3c37949fa79f4b15c4e3a9
GET /sso/gsol/pex/en/balat/images/APPEDU_LOGO_APP.JPG HTTP/1.1
Host: login.globalsources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://czjilce-aqg-6.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Dec 2022 01:49:28 GMT
content-type: image/jpeg
content-length: 4284
set-cookie: AWSALBTG=VjFFU33gxnyHb9XlgH+XeYSwPFH0Wtn+p37ynFdsmfMZ4/z7RoScnKKcG+N23s9e78o1vcofB4zkpNkBBRTgncYibY/jtn6vscFY8GJ6RBTIT5MdWljltVePgoLcXGCTn1MhBazUUBrJkXJ5diRrK5OM6eQcP/hQyA50Q2QiqaGj; Expires=Fri, 23 Dec 2022 01:49:28 GMT; Path=/
AWSALBTGCORS=VjFFU33gxnyHb9XlgH+XeYSwPFH0Wtn+p37ynFdsmfMZ4/z7RoScnKKcG+N23s9e78o1vcofB4zkpNkBBRTgncYibY/jtn6vscFY8GJ6RBTIT5MdWljltVePgoLcXGCTn1MhBazUUBrJkXJ5diRrK5OM6eQcP/hQyA50Q2QiqaGj; Expires=Fri, 23 Dec 2022 01:49:28 GMT; Path=/; SameSite=None; Secure
AWSALB=Ytc8KaNa7zs9PIuPbrRvYBxXwtLvw9o2WErMyyWre2kmq5qO53vSMBlW5cEIlgwav9YUT8tYfceJXE5fW+RMbR+m2DZOyBLS6dTfXabvEEerC/wU/pQj+VOvR+Nx; Expires=Fri, 23 Dec 2022 01:49:28 GMT; Path=/
AWSALBCORS=Ytc8KaNa7zs9PIuPbrRvYBxXwtLvw9o2WErMyyWre2kmq5qO53vSMBlW5cEIlgwav9YUT8tYfceJXE5fW+RMbR+m2DZOyBLS6dTfXabvEEerC/wU/pQj+VOvR+Nx; Expires=Fri, 23 Dec 2022 01:49:28 GMT; Path=/; SameSite=None; Secure
nlbi_2766148=/TZsZZFzfwG5EwzPOJREPwAAAACrDiyaVf+7/22KU4gv+JCv; path=/; Domain=.globalsources.com
visid_incap_2766148=GdSIXNg9RYmmQmXiGDzBHKbOm2MAAAAAQUIPAAAAAABMwy4L4azR8z4IBIZTbkfZ; expires=Fri, 15 Dec 2023 22:29:58 GMT; HttpOnly; path=/; Domain=.globalsources.com
incap_ses_277_2766148=2wkfFQcyPEhBud9giBrYA6fOm2MAAAAA8eN1adPFmbrS8tQoAiHvdw==; path=/; Domain=.globalsources.com
last-modified: Sun, 31 Oct 2021 12:47:51 GMT
accept-ranges: bytes
cache-control: no-cache
pragma: no-cache
expires: Mon, 01 Jan 1999 00:00:00 GMT
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' *.globalsources.com; upgrade-insecure-requests;
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.globalsources.com ; form-action 'none' data: blob: ; frame-ancestors 'self' ; report-uri /csp_report
x-iinfo: 8-10104692-10104697 2NNN RT(1671155366595 41) q(0 0 0 2) r(9 9) U2
X-Firefox-Spdy: h2
login.globalsources.com/sso/gsol/pex/en/balat/images/APPEDU_LOGO_GOOGLE.JPG
107.154.199.39200 OK 4.7 kB URL HTTP/2 login.globalsources.com/sso/gsol/pex/en/balat/images/APPEDU_LOGO_GOOGLE.JPG
IP 107.154.199.39:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 142x46, components 3\012- data
Hash f68d2d065e34993ce6e4b832737c7147
8e799c63bd8292de2f320b8afa23524107773266
b0501c9294231206d2aeb28e8bbd622910de7fc139e02756dc339cb9a68d017f
GET /sso/gsol/pex/en/balat/images/APPEDU_LOGO_GOOGLE.JPG HTTP/1.1
Host: login.globalsources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://czjilce-aqg-6.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Dec 2022 01:49:28 GMT
content-type: image/jpeg
content-length: 4667
set-cookie: AWSALBTG=gv31qzSN8BR9mqmwZa6BwscoMDDabtBMOtzWlZofdjo+sYMeoNMc3491wugcjq5kzhE/NbuRDHaFjvXEfSApPHAwT8Dxa7ABYI4cBC8BUvVpLsUbVT9CVFNLWpDXT2nhVj/EQvW/lH42KGRjzUpU3RR1AiuYmqLVRoO8LdI+l5+l; Expires=Fri, 23 Dec 2022 01:49:28 GMT; Path=/
AWSALBTGCORS=gv31qzSN8BR9mqmwZa6BwscoMDDabtBMOtzWlZofdjo+sYMeoNMc3491wugcjq5kzhE/NbuRDHaFjvXEfSApPHAwT8Dxa7ABYI4cBC8BUvVpLsUbVT9CVFNLWpDXT2nhVj/EQvW/lH42KGRjzUpU3RR1AiuYmqLVRoO8LdI+l5+l; Expires=Fri, 23 Dec 2022 01:49:28 GMT; Path=/; SameSite=None; Secure
AWSALB=ZbDVfI0faffUDrxSyZ782Wksy5VBdNjPNnG906S7APaidx2Kh26F+Qf002Cr6fNc46rnCZKO9retWNZ6RkRDcsINkXfCgIFG2kcvzHQD39s4fmxJYNS+AIxMRjAv; Expires=Fri, 23 Dec 2022 01:49:28 GMT; Path=/
AWSALBCORS=ZbDVfI0faffUDrxSyZ782Wksy5VBdNjPNnG906S7APaidx2Kh26F+Qf002Cr6fNc46rnCZKO9retWNZ6RkRDcsINkXfCgIFG2kcvzHQD39s4fmxJYNS+AIxMRjAv; Expires=Fri, 23 Dec 2022 01:49:28 GMT; Path=/; SameSite=None; Secure
nlbi_2766148=J07cT33R1xPZsD1hOJREPwAAAAA/fFlboXzfFNesq8sN51cJ; path=/; Domain=.globalsources.com
visid_incap_2766148=GdSIXNg9RYmmQmXiGDzBHKbOm2MAAAAAQUIPAAAAAABMwy4L4azR8z4IBIZTbkfZ; expires=Fri, 15 Dec 2023 22:29:58 GMT; HttpOnly; path=/; Domain=.globalsources.com
incap_ses_277_2766148=R1D0YEAQvjBBud9giBrYA6fOm2MAAAAAXS6Jh0FP8vJ2zMR2aCuRdg==; path=/; Domain=.globalsources.com
last-modified: Thu, 28 Apr 2022 06:28:07 GMT
accept-ranges: bytes
cache-control: no-cache
pragma: no-cache
expires: Mon, 01 Jan 1999 00:00:00 GMT
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' *.globalsources.com; upgrade-insecure-requests;
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.globalsources.com ; form-action 'none' data: blob: ; frame-ancestors 'self' ; report-uri /csp_report
x-iinfo: 8-10104692-10104704 2NNN RT(1671155366595 45) q(0 0 0 0) r(10 10) U2
X-Firefox-Spdy: h2
login.globalsources.com/sso/gsol/pex/en/balat/images/BLANK.GIF
107.154.199.39200 OK 43 B URL HTTP/2 login.globalsources.com/sso/gsol/pex/en/balat/images/BLANK.GIF
IP 107.154.199.39:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55fade2068e7503eae8d7ddf5eb6bd09
317496a096d6c86486a71d4521994bcd171a6bb3
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
GET /sso/gsol/pex/en/balat/images/BLANK.GIF HTTP/1.1
Host: login.globalsources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://czjilce-aqg-6.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Dec 2022 01:49:28 GMT
content-type: image/gif
content-length: 43
set-cookie: AWSALBTG=ep9D+KV+vzVOAyIYLThtMwBFWDGRG+zqIIQmmoL+QDPka2A1hSk5QftMT/NHMihvqIlajbLT+iytVyGQ/QRnORSVSlsroQ53J6wg+RFMqjkMwlifO29UgeZ4X3tsTonKnD7D3/V3a/8S/e11Ua2Vf5Z2CCSiWEo44PBGy1c1nFyz; Expires=Fri, 23 Dec 2022 01:49:27 GMT; Path=/
AWSALBTGCORS=ep9D+KV+vzVOAyIYLThtMwBFWDGRG+zqIIQmmoL+QDPka2A1hSk5QftMT/NHMihvqIlajbLT+iytVyGQ/QRnORSVSlsroQ53J6wg+RFMqjkMwlifO29UgeZ4X3tsTonKnD7D3/V3a/8S/e11Ua2Vf5Z2CCSiWEo44PBGy1c1nFyz; Expires=Fri, 23 Dec 2022 01:49:27 GMT; Path=/; SameSite=None; Secure
AWSALB=tQw1OqI27NtNGbum79oBC6TgQR8jnqYnoE9lRPioIV3WtRw29JNwrcnxBLBVfv6b/315z2+jcF16HmSMh8Ew2/knraFv7WlMIgSqccDnwmEBQBAjg7+e6F43o23R; Expires=Fri, 23 Dec 2022 01:49:27 GMT; Path=/
AWSALBCORS=tQw1OqI27NtNGbum79oBC6TgQR8jnqYnoE9lRPioIV3WtRw29JNwrcnxBLBVfv6b/315z2+jcF16HmSMh8Ew2/knraFv7WlMIgSqccDnwmEBQBAjg7+e6F43o23R; Expires=Fri, 23 Dec 2022 01:49:27 GMT; Path=/; SameSite=None; Secure
nlbi_2766148=zDEcV92lUkUy23BFOJREPwAAAAA85TYSQFtx7wnsmN8haPmf; path=/; Domain=.globalsources.com
visid_incap_2766148=GdSIXNg9RYmmQmXiGDzBHKbOm2MAAAAAQUIPAAAAAABMwy4L4azR8z4IBIZTbkfZ; expires=Fri, 15 Dec 2023 22:29:58 GMT; HttpOnly; path=/; Domain=.globalsources.com
incap_ses_277_2766148=pD+7XdVOvyFBud9giBrYA6fOm2MAAAAA52X4YXYKvMI8Incf5JSlbQ==; path=/; Domain=.globalsources.com
last-modified: Sun, 31 Oct 2021 12:47:51 GMT
accept-ranges: bytes
cache-control: no-cache
pragma: no-cache
expires: Mon, 01 Jan 1999 00:00:00 GMT
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' *.globalsources.com; upgrade-insecure-requests;
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.globalsources.com ; form-action 'none' data: blob: ; frame-ancestors 'self' ; report-uri /csp_report
x-iinfo: 8-10104692-10104709 nNNN RT(1671155366595 48) q(0 0 5 0) r(11 11) U2
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d8ee7b5ed9f1ce2717492af01f420e1f
1e1cfe7134e0d88f1398c5e8b54c2632a7d3459b
1b0f0eff510a5eee48139d1f2a02a4f98109541998da638034bc04b05ef72d32
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 01:49:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
login.globalsources.com/rdvoqldvqhjbezvv825122.js
107.154.199.39404 Not Found 100 kB URL HTTP/2 login.globalsources.com/rdvoqldvqhjbezvv825122.js
IP 107.154.199.39:0
Hash b1452dfa09f391bc51514aff2e26f0e6
09176ce6ec7a562e8a194e931c8447db0fc87d4f
2e75295a0747a97d657ba42ff9bad047c194e5654f6451d7072129a0d221e42a
GET /rdvoqldvqhjbezvv825122.js HTTP/1.1
Host: login.globalsources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://czjilce-aqg-6.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Fri, 16 Dec 2022 01:49:28 GMT
content-type: text/html
set-cookie: AWSALBTG=cUWfrvThzUlJMt90DYHAyroFoO8KyXC5ty07QoHeV9jNCjmvaB1wNmn5X6GlnCHy8I+h5ZRUM7Dd96igcyU0mew+k+0ui9v2ZrsoMs58s9HdRVls446ZjwInThXrA27eVY3Z7CKKozw3boXT+W0q0/C1E2216KdLKGe4GU+5t6xD; Expires=Fri, 23 Dec 2022 01:49:28 GMT; Path=/
AWSALBTGCORS=cUWfrvThzUlJMt90DYHAyroFoO8KyXC5ty07QoHeV9jNCjmvaB1wNmn5X6GlnCHy8I+h5ZRUM7Dd96igcyU0mew+k+0ui9v2ZrsoMs58s9HdRVls446ZjwInThXrA27eVY3Z7CKKozw3boXT+W0q0/C1E2216KdLKGe4GU+5t6xD; Expires=Fri, 23 Dec 2022 01:49:28 GMT; Path=/; SameSite=None; Secure
AWSALB=8jrqWTdxApIuBFmTiuABFbb2ppaGym3vEjbI9zCx6CrwbH8repxnI/zTBJ53ObZ6jfOX8QXrn/vCedN3MqWzkXgTR0LmLhWzsnsxfNeJU+VvcvoEyQ1VxdLAYFxK; Expires=Fri, 23 Dec 2022 01:49:28 GMT; Path=/
AWSALBCORS=8jrqWTdxApIuBFmTiuABFbb2ppaGym3vEjbI9zCx6CrwbH8repxnI/zTBJ53ObZ6jfOX8QXrn/vCedN3MqWzkXgTR0LmLhWzsnsxfNeJU+VvcvoEyQ1VxdLAYFxK; Expires=Fri, 23 Dec 2022 01:49:28 GMT; Path=/; SameSite=None; Secure
nlbi_2766148=4p+KLArNLE1HZveIOJREPwAAAABrYKiEmANj+imyQI81S0fX; path=/; Domain=.globalsources.com
visid_incap_2766148=GdSIXNg9RYmmQmXiGDzBHKbOm2MAAAAAQUIPAAAAAABMwy4L4azR8z4IBIZTbkfZ; expires=Fri, 15 Dec 2023 22:29:58 GMT; HttpOnly; path=/; Domain=.globalsources.com
incap_ses_277_2766148=Q+KtYWa8HQBBud9giBrYA6fOm2MAAAAAHdMSUhiTfPIZBZn2kUy9wQ==; path=/; Domain=.globalsources.com
cache-control: no-cache
pragma: no-cache
expires: Mon, 01 Jan 1999 00:00:00 GMT
content-encoding: gzip
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' *.globalsources.com; upgrade-insecure-requests;
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.globalsources.com ; form-action 'none' data: blob: ; frame-ancestors 'self' ; report-uri /csp_report
x-iinfo: 8-10104692-10104714 2NNN RT(1671155366595 56) q(0 0 0 1) r(10 10) U11
X-Firefox-Spdy: h2
login.globalsources.com/sso/gsol/pex/en/balat/images/GSLOGIN_PROMO_PIC.JPG
107.154.199.39200 OK 65 kB URL HTTP/2 login.globalsources.com/sso/gsol/pex/en/balat/images/GSLOGIN_PROMO_PIC.JPG
IP 107.154.199.39:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 456x555, components 3\012- data
Hash f4cfa4fb0267a0184bc6caa933d39633
7871c922ca703ddf022e5cf32d70de76ea42be16
a333d615df16eae983fc674e1e06c445d08bc440cb16eff950ec7570d98c3206
GET /sso/gsol/pex/en/balat/images/GSLOGIN_PROMO_PIC.JPG HTTP/1.1
Host: login.globalsources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://czjilce-aqg-6.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Dec 2022 01:49:28 GMT
content-type: image/jpeg
content-length: 64609
set-cookie: AWSALBTG=gNmvkJLfsI2mI1q6CroMKaE66S6ssKKhUmzawdZ8v21gLQ84mDPLhd3Nz6HLa1T8Lhzz1uq0PbjOFBoY4Rp4hP+532TBiZR9lgFVgslC1ny+qqC3bLcpodzKZmZyqBhCfSlR4b/cIwJzvkqBV2YfIBqw7hL48/brBme2a8B3H/Bj; Expires=Fri, 23 Dec 2022 01:49:28 GMT; Path=/
AWSALBTGCORS=gNmvkJLfsI2mI1q6CroMKaE66S6ssKKhUmzawdZ8v21gLQ84mDPLhd3Nz6HLa1T8Lhzz1uq0PbjOFBoY4Rp4hP+532TBiZR9lgFVgslC1ny+qqC3bLcpodzKZmZyqBhCfSlR4b/cIwJzvkqBV2YfIBqw7hL48/brBme2a8B3H/Bj; Expires=Fri, 23 Dec 2022 01:49:28 GMT; Path=/; SameSite=None; Secure
AWSALB=+vX94oRlQCfapDdNDPcS1JlqFWE3iedmUqi2phr9H5W8EbavSLnxV+NYngsZoZf/Qpoy6F7r3nvlNMaLhiMhDhD9L84cDSMEVKZ1SeUJQYT+atHJkt1s+WmnwY2o; Expires=Fri, 23 Dec 2022 01:49:28 GMT; Path=/
AWSALBCORS=+vX94oRlQCfapDdNDPcS1JlqFWE3iedmUqi2phr9H5W8EbavSLnxV+NYngsZoZf/Qpoy6F7r3nvlNMaLhiMhDhD9L84cDSMEVKZ1SeUJQYT+atHJkt1s+WmnwY2o; Expires=Fri, 23 Dec 2022 01:49:28 GMT; Path=/; SameSite=None; Secure
nlbi_2766148=+yNaFpci7E5ek/T+OJREPwAAAADDJA47entJze7V2rqT5i9x; path=/; Domain=.globalsources.com
visid_incap_2766148=GdSIXNg9RYmmQmXiGDzBHKbOm2MAAAAAQUIPAAAAAABMwy4L4azR8z4IBIZTbkfZ; expires=Fri, 15 Dec 2023 22:29:58 GMT; HttpOnly; path=/; Domain=.globalsources.com
incap_ses_277_2766148=wR4aS3GooXJBud9giBrYA6jOm2MAAAAADRMi/cxJhyX+chrFP9LqPg==; path=/; Domain=.globalsources.com
last-modified: Thu, 28 Apr 2022 06:31:57 GMT
accept-ranges: bytes
cache-control: no-cache
pragma: no-cache
expires: Mon, 01 Jan 1999 00:00:00 GMT
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' *.globalsources.com; upgrade-insecure-requests;
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.globalsources.com ; form-action 'none' data: blob: ; frame-ancestors 'self' ; report-uri /csp_report
x-iinfo: 8-10104692-10104704 2NNN RT(1671155366595 47) q(0 0 0 0) r(14 14) U2
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d8ee7b5ed9f1ce2717492af01f420e1f
1e1cfe7134e0d88f1398c5e8b54c2632a7d3459b
1b0f0eff510a5eee48139d1f2a02a4f98109541998da638034bc04b05ef72d32
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 01:49:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
login.globalsources.com/sso/gsol/pex/en/common/includes/ssoscripts.js
107.154.199.39200 OK 11 kB URL HTTP/2 login.globalsources.com/sso/gsol/pex/en/common/includes/ssoscripts.js
IP 107.154.199.39:0
Hash 484427e8594cab6b7e86e772e2baed52
55d1c942ceedb9d37faf6adf6f3d17957c987580
15a640322fe4e11d470e46693cd57b20150ca7a1bec7fefe3b1797797db5297d
GET /sso/gsol/pex/en/common/includes/ssoscripts.js HTTP/1.1
Host: login.globalsources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://czjilce-aqg-6.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 16 Dec 2022 01:49:28 GMT
content-type: application/x-javascript
set-cookie: AWSALBTG=bN11qOhnUflnfn8lHWOVTalR/pnBkHeqWSQaNs7dJHh2jHS1/I3zGCWsarScVPQKv7D99cJcY39GLp3LlBHJvSz8gzMkImObSFQFhCqPrACminaul7IDGDYBaBQcjqQwxEjZCv1YFZ672eMT3K3iG2KrgBHv3qvpi8a6okx5154h; Expires=Fri, 23 Dec 2022 01:49:28 GMT; Path=/
AWSALBTGCORS=bN11qOhnUflnfn8lHWOVTalR/pnBkHeqWSQaNs7dJHh2jHS1/I3zGCWsarScVPQKv7D99cJcY39GLp3LlBHJvSz8gzMkImObSFQFhCqPrACminaul7IDGDYBaBQcjqQwxEjZCv1YFZ672eMT3K3iG2KrgBHv3qvpi8a6okx5154h; Expires=Fri, 23 Dec 2022 01:49:28 GMT; Path=/; SameSite=None; Secure
AWSALB=GqXHEN1GvOXoy69WxHmUuEXNfViwOrLKfPoykkbu7TvbnQxxxjguGIpg3Y+P/zJk03HhJB84o/NREKasiYovzCkwcVrUsVr09jfXkNqDJ4Jh2BytcoxZtGbrVSId; Expires=Fri, 23 Dec 2022 01:49:28 GMT; Path=/
AWSALBCORS=GqXHEN1GvOXoy69WxHmUuEXNfViwOrLKfPoykkbu7TvbnQxxxjguGIpg3Y+P/zJk03HhJB84o/NREKasiYovzCkwcVrUsVr09jfXkNqDJ4Jh2BytcoxZtGbrVSId; Expires=Fri, 23 Dec 2022 01:49:28 GMT; Path=/; SameSite=None; Secure
nlbi_2766148=o5awdKUzSz3BQjZnOJREPwAAAAC4/PRqb4oeLEY6w3VqmSN5; path=/; Domain=.globalsources.com
visid_incap_2766148=GdSIXNg9RYmmQmXiGDzBHKbOm2MAAAAAQUIPAAAAAABMwy4L4azR8z4IBIZTbkfZ; expires=Fri, 15 Dec 2023 22:29:58 GMT; HttpOnly; path=/; Domain=.globalsources.com
incap_ses_277_2766148=d0yZTyUeYiVBud9giBrYA6fOm2MAAAAA/i7fIdroo10HAznaeAAcSA==; path=/; Domain=.globalsources.com
last-modified: Thu, 28 Apr 2022 06:31:58 GMT
cache-control: no-cache
pragma: no-cache
expires: Mon, 01 Jan 1999 00:00:00 GMT
content-encoding: gzip
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' *.globalsources.com; upgrade-insecure-requests;
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.globalsources.com ; form-action 'none' data: blob: ; frame-ancestors 'self' ; report-uri /csp_report
x-iinfo: 8-10104692-10104714 2NNN RT(1671155366595 53) q(0 0 0 0) r(12 12) U2
X-Firefox-Spdy: h2
login.globalsources.com/sso/gsol/pex/en/balat/images/LINKEDIN_BUTTON.PNG
107.154.199.39200 OK 1.6 kB URL HTTP/2 login.globalsources.com/sso/gsol/pex/en/balat/images/LINKEDIN_BUTTON.PNG
IP 107.154.199.39:0
File type PNG image data, 146 x 63, 8-bit colormap, non-interlaced\012- data
Hash db7ada75691e9de834f24b8e1ca09a9d
e7dacc636b096ab8e4ed8380475b97b39b356ebb
d0f108ac5521a079f476c836ca9612310bd8da9e75ba91ff412653453939ae51
GET /sso/gsol/pex/en/balat/images/LINKEDIN_BUTTON.PNG HTTP/1.1
Host: login.globalsources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://login.globalsources.com/sso/gsol/pex/en/balat/includes/SSO.CSS
Cookie: AWSALBTGCORS=gNmvkJLfsI2mI1q6CroMKaE66S6ssKKhUmzawdZ8v21gLQ84mDPLhd3Nz6HLa1T8Lhzz1uq0PbjOFBoY4Rp4hP+532TBiZR9lgFVgslC1ny+qqC3bLcpodzKZmZyqBhCfSlR4b/cIwJzvkqBV2YfIBqw7hL48/brBme2a8B3H/Bj; AWSALBCORS=+vX94oRlQCfapDdNDPcS1JlqFWE3iedmUqi2phr9H5W8EbavSLnxV+NYngsZoZf/Qpoy6F7r3nvlNMaLhiMhDhD9L84cDSMEVKZ1SeUJQYT+atHJkt1s+WmnwY2o
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Dec 2022 01:49:28 GMT
content-type: image/png
content-length: 1634
set-cookie: AWSALBTG=bE3nMV0gV5K+y2xWWleNSuwGtCuS/g0McqhVtU43vmRfRRjM+A4KP9sTQHDZD948Bqjy36J6biWLPtmQ6mNDsP4o7jq4b5T4SDMuNqevnXfFcpWlUtGN/4cl5WfGIw7fvh6hf785rst5Y4h2Bn+idhyRj1+vnmkEYPmisUIoTNs3; Expires=Fri, 23 Dec 2022 01:49:28 GMT; Path=/
AWSALBTGCORS=bE3nMV0gV5K+y2xWWleNSuwGtCuS/g0McqhVtU43vmRfRRjM+A4KP9sTQHDZD948Bqjy36J6biWLPtmQ6mNDsP4o7jq4b5T4SDMuNqevnXfFcpWlUtGN/4cl5WfGIw7fvh6hf785rst5Y4h2Bn+idhyRj1+vnmkEYPmisUIoTNs3; Expires=Fri, 23 Dec 2022 01:49:28 GMT; Path=/; SameSite=None; Secure
AWSALB=UNfcqJ5waJXZ6yZEDvLGEGMm+PtS+VrcDQGa69pKbZx2pT1HeJlmQ8Cpawh/yC53qVdSv4EPmiFD9iQhwRxsOu9yyQnFQ4irjuGqiCmWWmWj494woaiTDN/JWnmz; Expires=Fri, 23 Dec 2022 01:49:28 GMT; Path=/
AWSALBCORS=UNfcqJ5waJXZ6yZEDvLGEGMm+PtS+VrcDQGa69pKbZx2pT1HeJlmQ8Cpawh/yC53qVdSv4EPmiFD9iQhwRxsOu9yyQnFQ4irjuGqiCmWWmWj494woaiTDN/JWnmz; Expires=Fri, 23 Dec 2022 01:49:28 GMT; Path=/; SameSite=None; Secure
nlbi_2766148=MI1uQLeRAS3r6LmHOJREPwAAAADJ6onWJegcUtbB0cnWcZxo; path=/; Domain=.globalsources.com
visid_incap_2766148=GdSIXNg9RYmmQmXiGDzBHKbOm2MAAAAAQUIPAAAAAABMwy4L4azR8z4IBIZTbkfZ; expires=Fri, 15 Dec 2023 22:29:58 GMT; HttpOnly; path=/; Domain=.globalsources.com
incap_ses_277_2766148=Zzq7cE16EBdBud9giBrYA6jOm2MAAAAAXFktbnXe1ZorwjGPMOHx0A==; path=/; Domain=.globalsources.com
last-modified: Thu, 28 Apr 2022 06:31:57 GMT
accept-ranges: bytes
cache-control: no-cache
pragma: no-cache
expires: Mon, 01 Jan 1999 00:00:00 GMT
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' *.globalsources.com; upgrade-insecure-requests;
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.globalsources.com ; form-action 'none' data: blob: ; frame-ancestors 'self' ; report-uri /csp_report
x-iinfo: 8-10104692-10104697 2NNN RT(1671155366595 1545) q(0 0 0 0) r(2 2) U2
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 630bc9b449dfd1ba7d3ed2315995699d
192667d22228e41bfac246c10a6ecd7c23f99d06
1149f633a403e855f2bcf4614e70eca60286e83931499c8e113298315504275a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=111300
Date: Fri, 16 Dec 2022 01:49:28 GMT
Etag: "639ad6fe-1d7"
Expires: Sat, 17 Dec 2022 08:44:28 GMT
Last-Modified: Thu, 15 Dec 2022 08:12:46 GMT
Server: ECS (nyb/1D15)
X-Cache: Miss from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 4BtsLMk3SsmLTdKsu1kBXDG8I2VvcsO8YgsgwME3bLvPsnyz0s1pkQ==
Age: 1903
login.globalsources.com/csp_report
107.154.199.39200 OK 0 B URL HTTP/2 login.globalsources.com/csp_report
IP 107.154.199.39:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp_report HTTP/1.1
Host: login.globalsources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 412
Origin: https://login.globalsources.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: text/plain
x-robots-tag: noindex
content-length: 0
set-cookie: visid_incap_2766148=GdSIXNg9RYmmQmXiGDzBHKbOm2MAAAAAQUIPAAAAAABMwy4L4azR8z4IBIZTbkfZ; expires=Fri, 15 Dec 2023 22:30:04 GMT; HttpOnly; path=/; Domain=.globalsources.com
incap_ses_277_2766148=pBQ/Ko82RHhBud9giBrYA6jOm2MAAAAAAToHcTdgIBNwJ9aankwwiQ==; path=/; Domain=.globalsources.com
content-security-policy: frame-ancestors 'self' *.globalsources.com; upgrade-insecure-requests;
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.globalsources.com ; form-action 'none' data: blob: ; frame-ancestors 'self' ; report-uri /csp_report
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 555d5f8ec20f82dee19df8138d5e4089
1afc389f7bd05c154890d93c835fe7fb7e09a109
58775b6c6b1471ca0e71cc02bc7ca6bcc62405f6c3d358082adb02504e3376fb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 01:49:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 555d5f8ec20f82dee19df8138d5e4089
1afc389f7bd05c154890d93c835fe7fb7e09a109
58775b6c6b1471ca0e71cc02bc7ca6bcc62405f6c3d358082adb02504e3376fb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 01:49:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
10716254.fls.doubleclick.net/activityi;src=10716254;type=gsol_web;cat=gsol_000;ord=3590001824517;gtm=2wgbu0;auiddc=1896492296.1671155366;~oref=https%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D?
142.250.74.70200 OK 270 B URL HTTP/2 10716254.fls.doubleclick.net/activityi;src=10716254;type=gsol_web;cat=gsol_000;ord=3590001824517;gtm=2wgbu0;auiddc=1896492296.1671155366;~oref=https%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D?
IP 142.250.74.70:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (505), with no line terminators
Hash f003346851848846bb24598deee2bc7b
1340979055367353447ae3f1057720bc7a42cb40
e58371e6ff809d44ee5d8adc94ab8a8d185b77decc7d870dfaadb4c11d265d2b
GET /activityi;src=10716254;type=gsol_web;cat=gsol_000;ord=3590001824517;gtm=2wgbu0;auiddc=1896492296.1671155366;~oref=https%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D? HTTP/1.1
Host: 10716254.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://czjilce-aqg-6.tk/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 01:49:29 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 270
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 16-Dec-2022 02:04:29 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
js.adsrvr.org/up_loader.1.1.0.js
143.204.45.46200 OK 1.9 kB URL HTTP/1.1 js.adsrvr.org/up_loader.1.1.0.js
IP 143.204.45.46:0
File type ASCII text, with very long lines (4593), with no line terminators
Hash 8014ea74946aee77ef2f3b9a264be553
fda85fc27ac2f811e543c11436cf5623cbd46bb2
271b1db0f8cff912a931b78cedb32fd59adeb60025dbcbd7cc5add7d03c82f7c
GET /up_loader.1.1.0.js HTTP/1.1
Host: js.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://czjilce-aqg-6.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Thu, 15 Dec 2022 15:54:34 GMT
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: xvz-XaIeQW1aLeAyY4_DT1OXzaU45G26eFMURwZ6Rsk5rM5xpBsP-A==
Age: 35696
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 555d5f8ec20f82dee19df8138d5e4089
1afc389f7bd05c154890d93c835fe7fb7e09a109
58775b6c6b1471ca0e71cc02bc7ca6bcc62405f6c3d358082adb02504e3376fb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 01:49:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
login.globalsources.com/sso/gsol/pex/en/balat/includes/SSO.JS
107.154.199.39200 OK 5.4 kB URL HTTP/2 login.globalsources.com/sso/gsol/pex/en/balat/includes/SSO.JS
IP 107.154.199.39:0
Hash 241aeb3303863aaf297d1f58508743d0
c45c97aceff6b121ee94f7f0607d623b0f25b746
3addd16396ce564506d2487c5f7d37561e8e8a000c766de001aeddfd0ef70ed8
GET /sso/gsol/pex/en/balat/includes/SSO.JS HTTP/1.1
Host: login.globalsources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://czjilce-aqg-6.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Dec 2022 01:49:28 GMT
content-type: application/x-javascript
set-cookie: AWSALBTG=L4WKbZXwsEIFcR5VkdIGVGrrbAhHXfZEfSk35I+uXdjCFOj+g3MNzi3SitfB9qdOUOae3d4nqt/zk2SENSylk4H3EIkykyboraivNo/e2vjxBjLiz7Icyk1kcaOodLkSBxFP68MQ6B1JzjexluoujCCCSid1mt4Mdjl28iIBHGjY; Expires=Fri, 23 Dec 2022 01:49:28 GMT; Path=/
AWSALBTGCORS=L4WKbZXwsEIFcR5VkdIGVGrrbAhHXfZEfSk35I+uXdjCFOj+g3MNzi3SitfB9qdOUOae3d4nqt/zk2SENSylk4H3EIkykyboraivNo/e2vjxBjLiz7Icyk1kcaOodLkSBxFP68MQ6B1JzjexluoujCCCSid1mt4Mdjl28iIBHGjY; Expires=Fri, 23 Dec 2022 01:49:28 GMT; Path=/; SameSite=None; Secure
AWSALB=5JpzFTT+ywAatQxDtw/H5zdT0G4eZzdzs0jjTi2PY7GKrQ7FCqMiO5CYs6Tulp/A7KBL51WMPVoN5Btp6ZLVQpOCmw2KKwUFEDAeYEZfis7NUrIQ6qU882bPP6L/; Expires=Fri, 23 Dec 2022 01:49:28 GMT; Path=/
AWSALBCORS=5JpzFTT+ywAatQxDtw/H5zdT0G4eZzdzs0jjTi2PY7GKrQ7FCqMiO5CYs6Tulp/A7KBL51WMPVoN5Btp6ZLVQpOCmw2KKwUFEDAeYEZfis7NUrIQ6qU882bPP6L/; Expires=Fri, 23 Dec 2022 01:49:28 GMT; Path=/; SameSite=None; Secure
nlbi_2766148=qyUMF/qJ91yELhPWOJREPwAAAABwEhAxHNifevzuvy7ZOLaA; path=/; Domain=.globalsources.com
visid_incap_2766148=GdSIXNg9RYmmQmXiGDzBHKbOm2MAAAAAQUIPAAAAAABMwy4L4azR8z4IBIZTbkfZ; expires=Fri, 15 Dec 2023 22:29:58 GMT; HttpOnly; path=/; Domain=.globalsources.com
incap_ses_277_2766148=R2cOc3PVXntBud9giBrYA6fOm2MAAAAANlS779n4axa7HZLMWVl6nw==; path=/; Domain=.globalsources.com
last-modified: Thu, 28 Apr 2022 06:31:57 GMT
cache-control: no-cache
pragma: no-cache
expires: Mon, 01 Jan 1999 00:00:00 GMT
content-encoding: gzip
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' *.globalsources.com; upgrade-insecure-requests;
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.globalsources.com ; form-action 'none' data: blob: ; frame-ancestors 'self' ; report-uri /csp_report
x-iinfo: 8-10104692-10104697 2NNN RT(1671155366595 37) q(0 0 0 2) r(12 12) U2
X-Firefox-Spdy: h2
s.webtrends.com/js/webtrends.hm.js
143.204.55.49200 OK 7.4 kB URL HTTP/2 s.webtrends.com/js/webtrends.hm.js
IP 143.204.55.49:0
File type HTML document, ASCII text, with CRLF line terminators
Hash b2ea8b95abb8ab706e7a0cfa9685cd10
8b75b0f6fff26a3a651d9346db02fefe45a67379
fe11671e8ca6d3b5659e5dae0924ecae80c99c0dd72478710eed0886e687f69d
GET /js/webtrends.hm.js HTTP/1.1
Host: s.webtrends.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://czjilce-aqg-6.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 7382
last-modified: Tue, 25 Feb 2020 23:34:02 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Sun, 11 Dec 2022 16:20:52 GMT
etag: "b2ea8b95abb8ab706e7a0cfa9685cd10"
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: lDGcka7g6kH48o3kqjl1oXUGBIxFvqzQQUmjHnTlQ_26XOWyBRwHwg==
age: 379738
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 302bca8b4776eca1d6dc94dfc7822bd9
3be17682c8639eda9854fbc8b21f5e43efdce33d
ae8438d6acbef18faace93a4421beb91356ad1290621032183a002d6c2151de3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AE8438D6ACBEF18FAACE93A4421BEB91356AD1290621032183A002D6C2151DE3"
Last-Modified: Thu, 15 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7327
Expires: Fri, 16 Dec 2022 03:51:36 GMT
Date: Fri, 16 Dec 2022 01:49:29 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 302bca8b4776eca1d6dc94dfc7822bd9
3be17682c8639eda9854fbc8b21f5e43efdce33d
ae8438d6acbef18faace93a4421beb91356ad1290621032183a002d6c2151de3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AE8438D6ACBEF18FAACE93A4421BEB91356AD1290621032183A002D6C2151DE3"
Last-Modified: Thu, 15 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7327
Expires: Fri, 16 Dec 2022 03:51:36 GMT
Date: Fri, 16 Dec 2022 01:49:29 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 302bca8b4776eca1d6dc94dfc7822bd9
3be17682c8639eda9854fbc8b21f5e43efdce33d
ae8438d6acbef18faace93a4421beb91356ad1290621032183a002d6c2151de3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AE8438D6ACBEF18FAACE93A4421BEB91356AD1290621032183A002D6C2151DE3"
Last-Modified: Thu, 15 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7327
Expires: Fri, 16 Dec 2022 03:51:36 GMT
Date: Fri, 16 Dec 2022 01:49:29 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 302bca8b4776eca1d6dc94dfc7822bd9
3be17682c8639eda9854fbc8b21f5e43efdce33d
ae8438d6acbef18faace93a4421beb91356ad1290621032183a002d6c2151de3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AE8438D6ACBEF18FAACE93A4421BEB91356AD1290621032183A002D6C2151DE3"
Last-Modified: Thu, 15 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7327
Expires: Fri, 16 Dec 2022 03:51:36 GMT
Date: Fri, 16 Dec 2022 01:49:29 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 302bca8b4776eca1d6dc94dfc7822bd9
3be17682c8639eda9854fbc8b21f5e43efdce33d
ae8438d6acbef18faace93a4421beb91356ad1290621032183a002d6c2151de3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AE8438D6ACBEF18FAACE93A4421BEB91356AD1290621032183A002D6C2151DE3"
Last-Modified: Thu, 15 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7327
Expires: Fri, 16 Dec 2022 03:51:36 GMT
Date: Fri, 16 Dec 2022 01:49:29 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61dd0e23-c172-4f68-b254-9fd26e2782f6.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61dd0e23-c172-4f68-b254-9fd26e2782f6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5d9d95001bfc942895a41fb4bbd50c56
67e1f40fbf45d7f32e4bd05f7c9e71f352483fa9
042c3809a802ef44ff6de8a270194cdf69cc3ba9d8f5192110dda7829d2d52d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61dd0e23-c172-4f68-b254-9fd26e2782f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5710
x-amzn-requestid: 9e587daa-7632-4765-a8c5-6cea13058bac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dNQQJEp6IAMF1Og=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639b9400-63c04fa4691c32f914301a3d;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 21:39:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VKiSckNu6PytSQ7EIpATluVcfUOgFKEGId4nCg2sGcbl6Bqbt2-wRg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 21:50:30 GMT
age: 14339
etag: "67e1f40fbf45d7f32e4bd05f7c9e71f352483fa9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3d8e92b-b195-43c0-8e2f-62a017239151.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3d8e92b-b195-43c0-8e2f-62a017239151.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 45931af14497dd73408c02ccc0b581c3
53ada59827f09895eb8394c6b40af52dd45c2232
f05aa573d327a6290b7517ffd4e2d9bdecbf636df162c2ce06619da956903524
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3d8e92b-b195-43c0-8e2f-62a017239151.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8858
x-amzn-requestid: a9d48630-b01d-4a1a-b70a-b60359b0f66f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dNQQJG_yIAMF7cA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639b9400-16dd0ea1486fc41c64588e91;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 21:39:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YVnv0n7djPTXmnYDOq7Z1vLh5RtjErQ7N6N0v_J-NMLi8L_lBLq26Q==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 22:08:36 GMT
age: 13253
etag: "53ada59827f09895eb8394c6b40af52dd45c2232"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d782d01-6608-4338-b97b-e67de1b79501.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d782d01-6608-4338-b97b-e67de1b79501.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 61f4298f623f1d3736e5a4e34d42cb29
d183592b6efcd90bc1b10b11641999e82b30b813
3f69949de6c2328a1cb564d90338220812b05b50acafd02051619a0777b90a57
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d782d01-6608-4338-b97b-e67de1b79501.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11517
x-amzn-requestid: 0a7dcdfb-d929-402d-9c1b-3fb369ae56d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dNRJJELFIAMFRVA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639b956d-2a8feedd7c51991c1fb9676c;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 21:45:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bfTeGDInC1kr-T9TbxxhYeym2_TeJp734xXUh87QOybYDZFgROncQw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 22:19:32 GMT
age: 12597
etag: "d183592b6efcd90bc1b10b11641999e82b30b813"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5de62f4-2e0a-4c45-87fd-f9690df72d83.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5de62f4-2e0a-4c45-87fd-f9690df72d83.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7368b60db0458b59ffc968f09b85fdd5
f359f9799d0f0dc7dccfbadeaf922b4050a5e692
26aa7f684080dace9064fc7973c6a5761985c69e73373fb24c644ab2efe26c54
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5de62f4-2e0a-4c45-87fd-f9690df72d83.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12482
x-amzn-requestid: edd7e693-4c4a-4203-8b12-c044825947bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dNRJvGAUIAMF1gA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639b9571-151a50943b420ba86ab61dda;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 21:45:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: s2ITT38OGjs_LjIKFKnrqzT0Oay3veQw3iPUL8b3tdD1yOhIzwvu4g==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 22:17:09 GMT
age: 12740
etag: "f359f9799d0f0dc7dccfbadeaf922b4050a5e692"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad9b3731-4e58-4b83-86cf-7f2ecd6c4eb1.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad9b3731-4e58-4b83-86cf-7f2ecd6c4eb1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cab96eaa42941683dff4d1b6b093c007
ba5269c77dd0422ab275c9a3529fb2e1a1af6bc3
4fe48e9a35a50b7ae88f4b4de67aa82c4acbbe43aab655921f7bacb5524789f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad9b3731-4e58-4b83-86cf-7f2ecd6c4eb1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10132
x-amzn-requestid: 9484ad87-61cb-40e5-9823-930ec9925e02
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dH-dXEfTIAMFZQw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63997788-5dea61195ba653a87915845d;Sampled=0
x-amzn-remapped-date: Wed, 14 Dec 2022 07:13:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: VImsv72dpcwiDXWm67XU-rpUEuO5CMDwFs00DA9C6l-sKX5e2ChsQA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 07:22:49 GMT
age: 66400
etag: "ba5269c77dd0422ab275c9a3529fb2e1a1af6bc3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33ea75fa-e30c-4f7a-b0f6-24942168a508.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33ea75fa-e30c-4f7a-b0f6-24942168a508.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 83be48c5771e071d94ac0d912357ac99
97e31d3e2c268fe9335e1111bd2eb8cc9dd729d1
dc7eaffae4521f6bc297ce21c0abe99fe92bf8938266b550f8e38ff9705bdeda
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33ea75fa-e30c-4f7a-b0f6-24942168a508.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11196
x-amzn-requestid: 1bcdd4c6-14db-40bc-90aa-226a0e411a09
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dNQQJFFeIAMFQgQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639b9400-65c676d06a24e0252e8828dc;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 21:39:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: clnZ4iIDmF0oSqQv7wWwYt-KHO6U1Lp7hz706oDCBLhP3szyWQiDLw==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Dec 2022 22:08:33 GMT
age: 13256
etag: "97e31d3e2c268fe9335e1111bd2eb8cc9dd729d1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
snap.licdn.com/li.lms-analytics/insight.min.js
95.101.11.48200 OK 4.7 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP 95.101.11.48:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (13063)
Hash bf269a225d9de1d11c6e2747d12ffbfb
f3edd2899cced3e0ae6107c6837e954d8b4f1d86
38bcbdd59ce5cac7da632ad8788f5c520aa88d30a53af4cedeb9a989af4d0986
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://czjilce-aqg-6.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 15 Dec 2022 18:31:06 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=60186
date: Fri, 16 Dec 2022 01:49:29 GMT
content-length: 4654
x-cdn: AKAM
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash abadd7d5a404a7814a3d13e7698d0821
6f3dbf5dfcc020dabad7ecfe832fe31d32a046c7
9d56ae6698401d555d5d99c088261a58a3287b8f3ef691e899f10f9e87c5a520
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 01:49:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/bat.js
204.79.197.200200 OK 12 kB IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39124), with no line terminators
Hash d925a898de26295fdebfc90203ef46fa
77dd3f5893b76530e08058d50e8f9aef017e80c7
8f4a413fec7e48f5ac290f4596fef33b6396e7fb31080ec0203a5ec817d140c8
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://czjilce-aqg-6.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11460
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 05 Dec 2022 17:15:50 GMT
accept-ranges: bytes
etag: "027e538cd8d91:0"
vary: Accept-Encoding
set-cookie: MUID=150DD373035F6B1E3448C10F02AA6A20; domain=.bing.com; expires=Wed, 10-Jan-2024 01:49:29 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DDEAEB97419B4E24869934A3307DDD61 Ref B: OSL30EDGE0208 Ref C: 2022-12-16T01:49:29Z
date: Fri, 16 Dec 2022 01:49:28 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e30904bd9b57028f7ba1cc8e04ff08fd
9acb88374abef6387243ce8c5cf1149d73879ac1
be1ece2af7858ffc84e916d4554a805760c13a2eab346ac5a09a232b79116225
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 01:49:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-conversion/1071695260/?random=1671155366083&cv=11&fst=1671155366083&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=EbauCI35y9kDEJyLg_8D&hn=www.google.com&frm=0&url=https%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tiba=Global%20Sources&value=0&bttype=purchase&auid=1896492296.1671155366&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
216.58.207.228302 Found 63 B URL HTTP/2 www.google.com/pagead/1p-conversion/1071695260/?random=1671155366083&cv=11&fst=1671155366083&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=EbauCI35y9kDEJyLg_8D&hn=www.google.com&frm=0&url=https%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tiba=Global%20Sources&value=0&bttype=purchase&auid=1896492296.1671155366&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
IP 216.58.207.228:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/1071695260/?random=1671155366083&cv=11&fst=1671155366083&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=EbauCI35y9kDEJyLg_8D&hn=www.google.com&frm=0&url=https%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tiba=Global%20Sources&value=0&bttype=purchase&auid=1896492296.1671155366&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://czjilce-aqg-6.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 01:49:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/1071695260/?random=1671155366083&cv=11&fst=1671155366083&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=EbauCI35y9kDEJyLg_8D&hn=www.google.com&frm=0&url=https%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tiba=Global%20Sources&value=0&bttype=purchase&auid=1896492296.1671155366&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 265916d2a0593eb24feac5fbc15140ed
ab86ab5c1da114c82fabd9752f98fbf65502648d
40da94ba8f4698a6671d41eebb2fb54b1d7ed31b3a7583892f11ee7cea975c5b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1184
Cache-Control: max-age=130028
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 01:49:29 GMT
Etag: "639b22f6-1d7"
Expires: Sat, 17 Dec 2022 13:56:37 GMT
Last-Modified: Thu, 15 Dec 2022 13:36:54 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://czjilce-aqg-6.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 16 Dec 2022 00:41:08 GMT
expires: Fri, 16 Dec 2022 02:41:08 GMT
cache-control: public, max-age=7200
age: 4101
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 76342e17f518d383455bb527dcd69aaf
7deb5f63197259b85d651f28cccf6ed7b876cc47
a8d3ef749bee471bf92905f15fabc171be88cc03cb97e9f7566e70efcd82864d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 01:49:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
statse.webtrendslive.com/dcs222s995baa3dif3txj4i1d_8y2f/wtid.js?callback=Webtrends.dcss.dcsobj_0.dcsGetIdCallback
18.156.98.77200 OK 10 B URL HTTP/2 statse.webtrendslive.com/dcs222s995baa3dif3txj4i1d_8y2f/wtid.js?callback=Webtrends.dcss.dcsobj_0.dcsGetIdCallback
IP 18.156.98.77:0
File type exported SGML document, ASCII text, with CRLF line terminators
Hash 944ece9d6d59cdf6eaa8ae6c6c205b93
877b1b2addfb2494453305fa4b93f3f03ee064c2
d3f45949797ac9329127b9e128b0e0656aa48d5dbd8d5e8e42c8b451780c34f2
GET /dcs222s995baa3dif3txj4i1d_8y2f/wtid.js?callback=Webtrends.dcss.dcsobj_0.dcsGetIdCallback HTTP/1.1
Host: statse.webtrendslive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://czjilce-aqg-6.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
strict-transport-security: max-age=31536000
date: Fri, 16 Dec 2022 01:49:28 GMT
content-length: 10
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 8b26cd4609e2025e51e90573a0fbd6f7
efc2006ae5297ad5ae5e064188b9fba73f6b868f
e288b6a1e220f5fb781cfbb0b739b36c6acfdceccff8f0278fc151c241b0b50b
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://czjilce-aqg-6.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: LL7sIRn+jPDR5BbT74PLeI7Dj9m4EnQ/FsAdjcQ6soVJSS/2mPXdx8AA/lc+1/YYkS3Hv4nW6I+SuIDxOOoXtw==
content-length: 27298
x-fb-trip-id: 2050670934
date: Fri, 16 Dec 2022 01:49:29 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 76342e17f518d383455bb527dcd69aaf
7deb5f63197259b85d651f28cccf6ed7b876cc47
a8d3ef749bee471bf92905f15fabc171be88cc03cb97e9f7566e70efcd82864d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 01:49:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/1072021429/?random=1671155366063&cv=11&fst=1671155366063&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tiba=Global%20Sources&auid=1896492296.1671155366&rfmt=3&fmt=4
172.217.21.162200 OK 893 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1072021429/?random=1671155366063&cv=11&fst=1671155366063&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tiba=Global%20Sources&auid=1896492296.1671155366&rfmt=3&fmt=4
IP 172.217.21.162:0
File type ASCII text, with very long lines (1879), with no line terminators
Hash 65698cd745757535f0a61be488cc742c
bd99afc796817d0f3a689058802d728a3231629a
372f2a9a68c693ad82d176964d3debd8dc7cdfeb8765b63386b015ee4e7fb784
GET /pagead/viewthroughconversion/1072021429/?random=1671155366063&cv=11&fst=1671155366063&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tiba=Global%20Sources&auid=1896492296.1671155366&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://czjilce-aqg-6.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 01:49:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 893
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 16-Dec-2022 02:04:29 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/3267009/domain/czjilce-aqg-6.tk/token
54.230.111.112200 OK 0 B URL HTTP/2 cdn.linkedin.oribi.io/partner/3267009/domain/czjilce-aqg-6.tk/token
IP 54.230.111.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /partner/3267009/domain/czjilce-aqg-6.tk/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://czjilce-aqg-6.tk/
Origin: https://czjilce-aqg-6.tk
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
date: Thu, 15 Dec 2022 22:25:14 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: content-type
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
x-cache: Hit from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: huxyxPrN9b9AAMhrPFXEENzq5nK_5dU5OrXrSDHoxr6B2cH0D2HUiQ==
age: 12255
X-Firefox-Spdy: h2
czjilce-aqg-6.tk/favicon.ico
162.241.87.224404 Not Found 315 B URL HTTP/1.1 czjilce-aqg-6.tk/favicon.ico
IP 162.241.87.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: czjilce-aqg-6.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://czjilce-aqg-6.tk/nene/login.globalsources.com/error.php?email=
Cookie: _gcl_au=1.1.1896492296.1671155366; _ga_M0GFGLPMZ2=GS1.1.1671155366.1.0.1671155366.0.0.0; _ga=GA1.1.451862801.1671155366
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 16 Dec 2022 01:49:28 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 215b076267525eee2fadb8d889e5f351
28d0a048b68627916191262fee89a8db4b1614b2
44da07142c9aad7201a7ccb38b4bf03c82f1a66b730a953c0306fe09e3025ad5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 01:49:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 265916d2a0593eb24feac5fbc15140ed
ab86ab5c1da114c82fabd9752f98fbf65502648d
40da94ba8f4698a6671d41eebb2fb54b1d7ed31b3a7583892f11ee7cea975c5b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1184
Cache-Control: max-age=130028
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 01:49:29 GMT
Etag: "639b22f6-1d7"
Expires: Sat, 17 Dec 2022 13:56:37 GMT
Last-Modified: Thu, 15 Dec 2022 13:36:54 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 215b076267525eee2fadb8d889e5f351
28d0a048b68627916191262fee89a8db4b1614b2
44da07142c9aad7201a7ccb38b4bf03c82f1a66b730a953c0306fe09e3025ad5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 01:49:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/1071695260/?random=1671155366083&cv=11&fst=1671155366083&fmt=3&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=EbauCI35y9kDEJyLg_8D&hn=www.google.com&frm=0&url=https%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tiba=Global%20Sources&value=0&bttype=purchase&auid=1896492296.1671155366&gcp=1&ct_cookie_present=1
172.217.21.162200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1071695260/?random=1671155366083&cv=11&fst=1671155366083&fmt=3&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=EbauCI35y9kDEJyLg_8D&hn=www.google.com&frm=0&url=https%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tiba=Global%20Sources&value=0&bttype=purchase&auid=1896492296.1671155366&gcp=1&ct_cookie_present=1
IP 172.217.21.162:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/1071695260/?random=1671155366083&cv=11&fst=1671155366083&fmt=3&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=EbauCI35y9kDEJyLg_8D&hn=www.google.com&frm=0&url=https%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tiba=Global%20Sources&value=0&bttype=purchase&auid=1896492296.1671155366&gcp=1&ct_cookie_present=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://czjilce-aqg-6.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 01:49:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 16-Dec-2022 02:04:29 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3972e23b068a857e4b879417ecbf1d1a
c5593984f70d07200faa6a1ca10572cb8670665d
db8f4f555c201994b386c718409b4f7b9dc75ef6910891a3d27097a0cb425e24
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 01:49:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e30904bd9b57028f7ba1cc8e04ff08fd
9acb88374abef6387243ce8c5cf1149d73879ac1
be1ece2af7858ffc84e916d4554a805760c13a2eab346ac5a09a232b79116225
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 01:49:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/ddm/fls/i/src=12419770;type=f_pag0;cat=f_cm_0;ord=1961795782473;gtm=2wgbu0;auiddc=1896492296.1671155366;~oref=https%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D
142.250.74.98200 OK 273 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=12419770;type=f_pag0;cat=f_cm_0;ord=1961795782473;gtm=2wgbu0;auiddc=1896492296.1671155366;~oref=https%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D
IP 142.250.74.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (500), with no line terminators
Hash 153a6a97e40f9e628cfa4b27f5f1e445
7826aeab3a8927f8655617d9dc305868ccb820cb
9f9a2aff57014b1366f972bc8bc01b0ee8273a502225fb7d13a5f150c4de0da2
GET /ddm/fls/i/src=12419770;type=f_pag0;cat=f_cm_0;ord=1961795782473;gtm=2wgbu0;auiddc=1896492296.1671155366;~oref=https%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://12419770.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 01:49:29 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 273
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/ddm/fls/i/src=10716254;type=gsol_web;cat=gsol_000;ord=3590001824517;gtm=2wgbu0;auiddc=1896492296.1671155366;~oref=https%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D
142.250.74.98200 OK 272 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=10716254;type=gsol_web;cat=gsol_000;ord=3590001824517;gtm=2wgbu0;auiddc=1896492296.1671155366;~oref=https%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D
IP 142.250.74.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (504), with no line terminators
Hash 7c20a76e2047e445c7b7ba2f68cc2b5c
e1d585bb0d9be597aac7f5a40db9cc70c9af94fa
146d77dd5183a468736498fd99bf116b7b97e6c5324534efe605600ca7b6430b
GET /ddm/fls/i/src=10716254;type=gsol_web;cat=gsol_000;ord=3590001824517;gtm=2wgbu0;auiddc=1896492296.1671155366;~oref=https%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10716254.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 01:49:29 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 272
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 76342e17f518d383455bb527dcd69aaf
7deb5f63197259b85d651f28cccf6ed7b876cc47
a8d3ef749bee471bf92905f15fabc171be88cc03cb97e9f7566e70efcd82864d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 01:49:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
px.ads.linkedin.com/collect?v=2&fmt=js&pid=3267009&time=1671155366398&url=https%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tm=gtmv2
13.107.42.14302 Found 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=3267009&time=1671155366398&url=https%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tm=gtmv2
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=3267009&time=1671155366398&url=https%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tm=gtmv2 HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://czjilce-aqg-6.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3267009%26time%3D1671155366398%26url%3Dhttps%253A%252F%252Fczjilce-aqg-6.tk%252Fnene%252Flogin.globalsources.com%252Ferror.php%253Femail%253D%26tm%3Dgtmv2%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQK2A00-z2jGmgAAAYUYn0WlLICUJgiE8L1bZmbdfVHMZLAiJPvIGqCTUqNe9G2OtD_SFgGBfpCrtA; Max-Age=2592000; Expires=Sun, 15 Jan 2023 01:49:29 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQJsxqabj2Pv0QAAAYUYn0WlP84axkTCS7kyuNVyFFiVpqag2tnKRTf70i9npFldYepRvlFBhgvsVpg7dN2KXA; Max-Age=2592000; Expires=Sun, 15 Jan 2023 01:49:29 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&349a2e8c-5f0d-41b3-8b75-35c227d6a50c"; domain=.linkedin.com; Path=/; Secure; Expires=Sat, 16-Dec-2023 01:49:29 GMT; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2438:u=1:x=1:i=1671155369:t=1671241769:v=2:sig=AQG6Wa7tW41tJaMyUuJsbiXUkAXGk4hU"; Expires=Sat, 17 Dec 2022 01:49:29 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXv6C4n3sKzFK6ar/b9Wg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 021B56DEE43645DBA74BAF7D4C8035A2 Ref B: OSL30EDGE0118 Ref C: 2022-12-16T01:49:29Z
date: Fri, 16 Dec 2022 01:49:29 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 06612a702dd3686207e6a4031f79d34e
3a1be9901f9c9271b91a2b00ee7e6abc49086ba5
154da1479719d54b088120f2435ab08c2a44743abe2c2e67ae78db9537ecef40
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 01:49:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 06612a702dd3686207e6a4031f79d34e
3a1be9901f9c9271b91a2b00ee7e6abc49086ba5
154da1479719d54b088120f2435ab08c2a44743abe2c2e67ae78db9537ecef40
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 01:49:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
czjilce-aqg-6.tk/sso/GeneralManager?action=captchaApi&language=en
162.241.87.224404 Not Found 315 B URL HTTP/1.1 czjilce-aqg-6.tk/sso/GeneralManager?action=captchaApi&language=en
IP 162.241.87.224:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert quad9 Sinkholed
POST /sso/GeneralManager?action=captchaApi&language=en HTTP/1.1
Host: czjilce-aqg-6.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 20
Origin: https://czjilce-aqg-6.tk
Connection: keep-alive
Referer: https://czjilce-aqg-6.tk/nene/login.globalsources.com/error.php?email=
Cookie: _gcl_au=1.1.1896492296.1671155366; _ga_M0GFGLPMZ2=GS1.1.1671155366.1.0.1671155366.0.0.0; _ga=GA1.1.451862801.1671155366
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Fri, 16 Dec 2022 01:49:28 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
adservice.google.no/ddm/fls/i/src=12419770;type=f_pag0;cat=f_cm_0;ord=1961795782473;gtm=2wgbu0;auiddc=1896492296.1671155366;~oref=https%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D
216.58.207.194200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=12419770;type=f_pag0;cat=f_cm_0;ord=1961795782473;gtm=2wgbu0;auiddc=1896492296.1671155366;~oref=https%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D
IP 216.58.207.194:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=12419770;type=f_pag0;cat=f_cm_0;ord=1961795782473;gtm=2wgbu0;auiddc=1896492296.1671155366;~oref=https%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 01:49:29 GMT
expires: Fri, 16 Dec 2022 01:49:29 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/ddm/fls/i/src=10716254;type=gsol_web;cat=gsol_000;ord=3590001824517;gtm=2wgbu0;auiddc=1896492296.1671155366;~oref=https%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D
216.58.207.194200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=10716254;type=gsol_web;cat=gsol_000;ord=3590001824517;gtm=2wgbu0;auiddc=1896492296.1671155366;~oref=https%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D
IP 216.58.207.194:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=10716254;type=gsol_web;cat=gsol_000;ord=3590001824517;gtm=2wgbu0;auiddc=1896492296.1671155366;~oref=https%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 01:49:29 GMT
expires: Fri, 16 Dec 2022 01:49:29 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
login.globalsources.com/sso/gsol/pex/en/balat/images/BLANK.GIF
107.154.199.39200 OK 43 B URL HTTP/2 login.globalsources.com/sso/gsol/pex/en/balat/images/BLANK.GIF
IP 107.154.199.39:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55fade2068e7503eae8d7ddf5eb6bd09
317496a096d6c86486a71d4521994bcd171a6bb3
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
GET /sso/gsol/pex/en/balat/images/BLANK.GIF HTTP/1.1
Host: login.globalsources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://czjilce-aqg-6.tk/
Cookie: AWSALBTGCORS=m8Qgylfmg3yh0jyFf0XNP+zxYRvjDRW7/mbe80y8u/XdrpvLBaKmp8PJ4g/6Pw70oXcyxhGcdxjtkY2cHYKSB/MWKqRuUxecelxnK6c0xhcJ5aO8duAfYO4u8MA10FnX5J6PC26oW9Rp4V/0GLdO6IBmOe3pR7yGJ2g6JN41CMgd; AWSALBCORS=58Luktax/FUEKJUWksNmYGVqri/zP1kyr9oTTqHZAE2ReiUzDoldqZverJS7WABwp82k5t1B4ZSYAh79aSIIkOsJYJ9VYJGyp4PowsSpL2q5FpAq+Clw2OBYd++3
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Dec 2022 01:49:29 GMT
content-type: image/gif
content-length: 43
set-cookie: AWSALBTG=9ka+Yb5t9RdmadaV8IGNIwsyjCNEAZHncFsUEM6g1yPLqjXUafhofrBrJwPmsmpXUZYxEyGPaNKbBvNeAz9UR0HucsZ1TiDc7QqOZeyCvQULNCGUJZf0Cfs4byPmI7VDlNmIlpPWwFjZU2py30Sg+8Ke1JhY2w4VEbRMyzr3XTgf; Expires=Fri, 23 Dec 2022 01:49:29 GMT; Path=/
AWSALBTGCORS=9ka+Yb5t9RdmadaV8IGNIwsyjCNEAZHncFsUEM6g1yPLqjXUafhofrBrJwPmsmpXUZYxEyGPaNKbBvNeAz9UR0HucsZ1TiDc7QqOZeyCvQULNCGUJZf0Cfs4byPmI7VDlNmIlpPWwFjZU2py30Sg+8Ke1JhY2w4VEbRMyzr3XTgf; Expires=Fri, 23 Dec 2022 01:49:29 GMT; Path=/; SameSite=None; Secure
AWSALB=3/bhEY3dhFPuubObiASlS1pe1SZWl0FlBI2mXSBEPQ8zfJP5cKDY6b3vxDC7mGqra8Nu1obHkKg+vkcY5Wgli3mZziMDN25cPQ1Ij78lL13od3OjzJxc8OzPh5eB; Expires=Fri, 23 Dec 2022 01:49:29 GMT; Path=/
AWSALBCORS=3/bhEY3dhFPuubObiASlS1pe1SZWl0FlBI2mXSBEPQ8zfJP5cKDY6b3vxDC7mGqra8Nu1obHkKg+vkcY5Wgli3mZziMDN25cPQ1Ij78lL13od3OjzJxc8OzPh5eB; Expires=Fri, 23 Dec 2022 01:49:29 GMT; Path=/; SameSite=None; Secure
nlbi_2766148=kFfKQnFXolnr3B/KOJREPwAAAACWsrb6T5hf3c66X2jGg5vb; path=/; Domain=.globalsources.com
visid_incap_2766148=GdSIXNg9RYmmQmXiGDzBHKbOm2MAAAAAQUIPAAAAAABMwy4L4azR8z4IBIZTbkfZ; expires=Fri, 15 Dec 2023 22:29:58 GMT; HttpOnly; path=/; Domain=.globalsources.com
incap_ses_277_2766148=A4r5eQKRWCZBud9giBrYA6jOm2MAAAAAXrplwMxdIfPlkv7639pNow==; path=/; Domain=.globalsources.com
last-modified: Thu, 28 Apr 2022 06:31:57 GMT
accept-ranges: bytes
cache-control: no-cache
pragma: no-cache
expires: Mon, 01 Jan 1999 00:00:00 GMT
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' *.globalsources.com; upgrade-insecure-requests;
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.globalsources.com ; form-action 'none' data: blob: ; frame-ancestors 'self' ; report-uri /csp_report
x-iinfo: 8-10104692-10104709 pNNN RT(1671155366595 2130) q(0 0 0 1) r(2 2) U2
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=137022501&tm=gtm002&Ver=2&mid=57cf39ee-bf0b-49b1-a3fa-987d1b387aaf&sid=df5b78607ce311edb3633957d4e8093f&vid=df5b73207ce311ed84fce5e05782113d&vids=1&msclkid=N>m_tag_source=1&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Global%20Sources&p=https%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&r=<=2695&evt=pageLoad&sv=1&rn=165609
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=137022501&tm=gtm002&Ver=2&mid=57cf39ee-bf0b-49b1-a3fa-987d1b387aaf&sid=df5b78607ce311edb3633957d4e8093f&vid=df5b73207ce311ed84fce5e05782113d&vids=1&msclkid=N>m_tag_source=1&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Global%20Sources&p=https%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&r=<=2695&evt=pageLoad&sv=1&rn=165609
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=137022501&tm=gtm002&Ver=2&mid=57cf39ee-bf0b-49b1-a3fa-987d1b387aaf&sid=df5b78607ce311edb3633957d4e8093f&vid=df5b73207ce311ed84fce5e05782113d&vids=1&msclkid=N>m_tag_source=1&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Global%20Sources&p=https%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&r=<=2695&evt=pageLoad&sv=1&rn=165609 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://czjilce-aqg-6.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=158B4430D89B69731DF2564CD96E681A; domain=.bing.com; expires=Wed, 10-Jan-2024 01:49:29 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B80840B4475344D7BDA88FDB6D1353E8 Ref B: OSL30EDGE0208 Ref C: 2022-12-16T01:49:29Z
date: Fri, 16 Dec 2022 01:49:28 GMT
X-Firefox-Spdy: h2
login.globalsources.com/csp_report
107.154.199.39200 OK 0 B URL HTTP/2 login.globalsources.com/csp_report
IP 107.154.199.39:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /csp_report HTTP/1.1
Host: login.globalsources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/csp-report
Content-Length: 412
Origin: https://login.globalsources.com
Connection: keep-alive
Sec-Fetch-Dest: report
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: text/plain
x-robots-tag: noindex
content-length: 0
set-cookie: visid_incap_2766148=GdSIXNg9RYmmQmXiGDzBHKbOm2MAAAAAQUIPAAAAAABMwy4L4azR8z4IBIZTbkfZ; expires=Fri, 15 Dec 2023 22:30:04 GMT; HttpOnly; path=/; Domain=.globalsources.com
incap_ses_277_2766148=E2gPR08Bz0NBud9giBrYA6jOm2MAAAAAtB7LluDOzENFtP6UM3BgXg==; path=/; Domain=.globalsources.com
content-security-policy: frame-ancestors 'self' *.globalsources.com; upgrade-insecure-requests;
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.globalsources.com ; form-action 'none' data: blob: ; frame-ancestors 'self' ; report-uri /csp_report
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9df5a2d7dc4f2ded8585dd6bf607f855
e567f1911212b5fc1fd6feb7cead9445995f3c0c
896bdd2e8d74af6dcb32b8fbb28a1b068dcd97ae9c2fec590c692f24317eb58e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 01:49:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 06612a702dd3686207e6a4031f79d34e
3a1be9901f9c9271b91a2b00ee7e6abc49086ba5
154da1479719d54b088120f2435ab08c2a44743abe2c2e67ae78db9537ecef40
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 01:49:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-conversion/1071695260/?random=1671155366083&cv=11&fst=1671155366083&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=EbauCI35y9kDEJyLg_8D&hn=www.google.com&frm=0&url=https%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tiba=Global%20Sources&value=0&bttype=purchase&auid=1896492296.1671155366&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
142.250.74.163200 OK 63 B URL HTTP/2 www.google.no/pagead/1p-conversion/1071695260/?random=1671155366083&cv=11&fst=1671155366083&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=EbauCI35y9kDEJyLg_8D&hn=www.google.com&frm=0&url=https%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tiba=Global%20Sources&value=0&bttype=purchase&auid=1896492296.1671155366&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP 142.250.74.163:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/1071695260/?random=1671155366083&cv=11&fst=1671155366083&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=EbauCI35y9kDEJyLg_8D&hn=www.google.com&frm=0&url=https%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tiba=Global%20Sources&value=0&bttype=purchase&auid=1896492296.1671155366&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://czjilce-aqg-6.tk/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 01:49:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/1072021429/?random=1671155366063&cv=11&fst=1671152400000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tiba=Global%20Sources&fmt=3&is_vtc=1&random=4247956581&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1072021429/?random=1671155366063&cv=11&fst=1671152400000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tiba=Global%20Sources&fmt=3&is_vtc=1&random=4247956581&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1072021429/?random=1671155366063&cv=11&fst=1671152400000&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tiba=Global%20Sources&fmt=3&is_vtc=1&random=4247956581&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://czjilce-aqg-6.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 16 Dec 2022 01:49:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-179370-18&cid=451862801.1671155366&jid=981037474&gjid=838811404&_gid=431612314.1671155366&_u=YCDAgEABAAAAAEAAI~&z=1238927495
74.125.205.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-179370-18&cid=451862801.1671155366&jid=981037474&gjid=838811404&_gid=431612314.1671155366&_u=YCDAgEABAAAAAEAAI~&z=1238927495
IP 74.125.205.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-179370-18&cid=451862801.1671155366&jid=981037474&gjid=838811404&_gid=431612314.1671155366&_u=YCDAgEABAAAAAEAAI~&z=1238927495 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://czjilce-aqg-6.tk
Connection: keep-alive
Referer: https://czjilce-aqg-6.tk/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://czjilce-aqg-6.tk
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 16 Dec 2022 01:49:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bat.bing.com/p/action/137022501.js
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/137022501.js
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/137022501.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://czjilce-aqg-6.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=1E5816568F5D652E29E9042A8EA864E0; domain=.bing.com; expires=Wed, 10-Jan-2024 01:49:29 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 399F7CA6063D43548000D8DCFFC5AE9B Ref B: OSL30EDGE0208 Ref C: 2022-12-16T01:49:29Z
date: Fri, 16 Dec 2022 01:49:28 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9df5a2d7dc4f2ded8585dd6bf607f855
e567f1911212b5fc1fd6feb7cead9445995f3c0c
896bdd2e8d74af6dcb32b8fbb28a1b068dcd97ae9c2fec590c692f24317eb58e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Dec 2022 01:49:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3267009%26time%3D1671155366398%26url%3Dhttps%253A%252F%252Fczjilce-aqg-6.tk%252Fnene%252Flogin.globalsources.com%252Ferror.php%253Femail%253D%26tm%3Dgtmv2%26liSync%3Dtrue
13.107.42.14302 Found 0 B URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3267009%26time%3D1671155366398%26url%3Dhttps%253A%252F%252Fczjilce-aqg-6.tk%252Fnene%252Flogin.globalsources.com%252Ferror.php%253Femail%253D%26tm%3Dgtmv2%26liSync%3Dtrue
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3267009%26time%3D1671155366398%26url%3Dhttps%253A%252F%252Fczjilce-aqg-6.tk%252Fnene%252Flogin.globalsources.com%252Ferror.php%253Femail%253D%26tm%3Dgtmv2%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://czjilce-aqg-6.tk/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3267009&time=1671155366398&url=https%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&tm=gtmv2&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&383e27e4-4377-4193-8c2f-ee7fbb0e960e"; Domain=.linkedin.com; Expires=Sat, 16-Dec-2023 01:49:29 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&20221216014929b1c46074-691d-4b89-8d84-1c379a31060dAQHSUAZV5Uov1VpA5hBBdUv0JINRPP8Z"; Domain=.www.linkedin.com; Expires=Sat, 16-Dec-2023 01:49:29 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NzExNTUzNjk7MjswMjHSA5LVc+xFfHqvmfpbWB2pd8nZDafPCWx/JVwbYtjFlA==; Domain=.linkedin.com; Expires=Wed, 14 Jun 2023 01:49:29 GMT; Path=/; Secure; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2438:u=1:x=1:i=1671155369:t=1671241769:v=2:sig=AQG6Wa7tW41tJaMyUuJsbiXUkAXGk4hU"; Expires=Sat, 17 Dec 2022 01:49:29 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' *.licdn.com *.linkedin.com wss://*.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com *.microsoft.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; worker-src blob: 'self'; frame-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' teams.microsoft.com client.learningapp.microsoft.com onyx.www.linkedin.com; report-uri /security/csp?e=p&f=t
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXv6C4qrl8RczAN0PWpMg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: EEE0C6E34E8D41489C4E0BC837C58AB0 Ref B: OSL30EDGE0118 Ref C: 2022-12-16T01:49:29Z
date: Fri, 16 Dec 2022 01:49:29 GMT
content-length: 0
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/3267009/domain/czjilce-aqg-6.tk/token
54.230.111.112200 OK 62 B URL HTTP/2 cdn.linkedin.oribi.io/partner/3267009/domain/czjilce-aqg-6.tk/token
IP 54.230.111.112:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d39abb34da93ec5faa48669ac4788977
cc2627a86b99e91540251b6fb7e17a9b1faa1ee7
b329d16bd7e06de93beac4a9e4d67b8be6d1c944b7b8e398b929460f73b7c4ce
GET /partner/3267009/domain/czjilce-aqg-6.tk/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://czjilce-aqg-6.tk
Connection: keep-alive
Referer: https://czjilce-aqg-6.tk/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Fri, 16 Dec 2022 01:49:29 GMT
access-control-allow-origin: *
cache-control: public, max-age=20123
content-encoding: gzip
vary: accept-encoding
x-cache: Miss from cloudfront
via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: X9r8kQjBg3FnkX4ysXnHSRjsY1K7fKpr7p0G-oZDs4mElFAcLj3MNQ==
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-M0GFGLPMZ2>m=2oebu0&_p=190579056&cid=451862801.1671155366&ul=en-us&sr=1280x1024&_s=1&sid=1671155366&sct=1&seg=0&dl=https%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&dt=Global%20Sources&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-M0GFGLPMZ2>m=2oebu0&_p=190579056&cid=451862801.1671155366&ul=en-us&sr=1280x1024&_s=1&sid=1671155366&sct=1&seg=0&dl=https%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&dt=Global%20Sources&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-M0GFGLPMZ2>m=2oebu0&_p=190579056&cid=451862801.1671155366&ul=en-us&sr=1280x1024&_s=1&sid=1671155366&sct=1&seg=0&dl=https%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&dt=Global%20Sources&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://czjilce-aqg-6.tk
Connection: keep-alive
Referer: https://czjilce-aqg-6.tk/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://czjilce-aqg-6.tk
date: Fri, 16 Dec 2022 01:49:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=396613127629341&ev=PageView&dl=https%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&rl=&if=false&ts=1671155367059&sw=1280&sh=1024&v=2.9.90&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1671155367058.692315958&it=1671155366518&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=396613127629341&ev=PageView&dl=https%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&rl=&if=false&ts=1671155367059&sw=1280&sh=1024&v=2.9.90&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1671155367058.692315958&it=1671155366518&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=396613127629341&ev=PageView&dl=https%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&rl=&if=false&ts=1671155367059&sw=1280&sh=1024&v=2.9.90&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1671155367058.692315958&it=1671155366518&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://czjilce-aqg-6.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Fri, 16 Dec 2022 01:49:29 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=396613127629341&ev=Subscribe&dl=https%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&rl=&if=false&ts=1671155367062&cd[subscription_id]=NLI&sw=1280&sh=1024&v=2.9.90&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1671155367058.692315958&it=1671155366518&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=396613127629341&ev=Subscribe&dl=https%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&rl=&if=false&ts=1671155367062&cd[subscription_id]=NLI&sw=1280&sh=1024&v=2.9.90&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1671155367058.692315958&it=1671155366518&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=396613127629341&ev=Subscribe&dl=https%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&rl=&if=false&ts=1671155367062&cd[subscription_id]=NLI&sw=1280&sh=1024&v=2.9.90&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1671155367058.692315958&it=1671155366518&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://czjilce-aqg-6.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Fri, 16 Dec 2022 01:49:29 GMT
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=137022501&tm=gtm002&Ver=2&mid=57cf39ee-bf0b-49b1-a3fa-987d1b387aaf&sid=df5b78607ce311edb3633957d4e8093f&vid=df5b73207ce311ed84fce5e05782113d&vids=0&msclkid=N&gc=USD&tpp=1&ea=gtm.scrollDepth&en=Y&sw=1280&sh=1024&sc=24&evt=custom&rn=885765
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=137022501&tm=gtm002&Ver=2&mid=57cf39ee-bf0b-49b1-a3fa-987d1b387aaf&sid=df5b78607ce311edb3633957d4e8093f&vid=df5b73207ce311ed84fce5e05782113d&vids=0&msclkid=N&gc=USD&tpp=1&ea=gtm.scrollDepth&en=Y&sw=1280&sh=1024&sc=24&evt=custom&rn=885765
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=137022501&tm=gtm002&Ver=2&mid=57cf39ee-bf0b-49b1-a3fa-987d1b387aaf&sid=df5b78607ce311edb3633957d4e8093f&vid=df5b73207ce311ed84fce5e05782113d&vids=0&msclkid=N&gc=USD&tpp=1&ea=gtm.scrollDepth&en=Y&sw=1280&sh=1024&sc=24&evt=custom&rn=885765 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://czjilce-aqg-6.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=39EA47C799B564B22AF255BB984065F7; domain=.bing.com; expires=Wed, 10-Jan-2024 01:49:30 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A0AEE4B8FB38428D9ECA5A3C40576358 Ref B: OSL30EDGE0208 Ref C: 2022-12-16T01:49:30Z
date: Fri, 16 Dec 2022 01:49:29 GMT
X-Firefox-Spdy: h2
insight.adsrvr.org/track/up?adv=uo3y5o8&ref=https%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&upid=sijvout&upv=1.1.0
52.223.40.198200 OK 0 B URL HTTP/2 insight.adsrvr.org/track/up?adv=uo3y5o8&ref=https%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&upid=sijvout&upv=1.1.0
IP 52.223.40.198:0
GET /track/up?adv=uo3y5o8&ref=https%3A%2F%2Fczjilce-aqg-6.tk%2Fnene%2Flogin.globalsources.com%2Ferror.php%3Femail%3D&upid=sijvout&upv=1.1.0 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://czjilce-aqg-6.tk/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 16 Dec 2022 01:49:30 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
login.globalsources.com/sso/gsol/pex/en/common/includes/egain_docked_chat.js
107.154.199.39200 OK 0 B URL HTTP/2 login.globalsources.com/sso/gsol/pex/en/common/includes/egain_docked_chat.js
IP 107.154.199.39:0
GET /sso/gsol/pex/en/common/includes/egain_docked_chat.js HTTP/1.1
Host: login.globalsources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://czjilce-aqg-6.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 16 Dec 2022 01:49:28 GMT
content-type: application/x-javascript
set-cookie: AWSALBTG=wMNcDpVvVcYybDR3fxTEkoWf2AnlOGb7zIROvKj3MDWGpqFgTrjga9lOqvUAo1389JHqXmN4cvxBPSFrxTx0OZyw/IHBY2ZZrVFqyTk4nGp2qtNdO6487HHamxwkDy2KkTdStoc3bhrqJQk3tmwgHSsPyqhZxCbEpU3uYgcFnKRM; Expires=Fri, 23 Dec 2022 01:49:28 GMT; Path=/
AWSALBTGCORS=wMNcDpVvVcYybDR3fxTEkoWf2AnlOGb7zIROvKj3MDWGpqFgTrjga9lOqvUAo1389JHqXmN4cvxBPSFrxTx0OZyw/IHBY2ZZrVFqyTk4nGp2qtNdO6487HHamxwkDy2KkTdStoc3bhrqJQk3tmwgHSsPyqhZxCbEpU3uYgcFnKRM; Expires=Fri, 23 Dec 2022 01:49:28 GMT; Path=/; SameSite=None; Secure
AWSALB=x5/3JOkUIKkWEtW9arFEDqhxYRQL0Tmcwl7E3N9LDVNUmi1/A62pQTpsZYplUII4dmtajR1HqpLNYSNYcjCI/v/PQo96BNJ47fhO1F+PmgVyjFfIZ6t1E1zc+HBQ; Expires=Fri, 23 Dec 2022 01:49:28 GMT; Path=/
AWSALBCORS=x5/3JOkUIKkWEtW9arFEDqhxYRQL0Tmcwl7E3N9LDVNUmi1/A62pQTpsZYplUII4dmtajR1HqpLNYSNYcjCI/v/PQo96BNJ47fhO1F+PmgVyjFfIZ6t1E1zc+HBQ; Expires=Fri, 23 Dec 2022 01:49:28 GMT; Path=/; SameSite=None; Secure
nlbi_2766148=nfv0NrG30gOejJPXOJREPwAAAACBfbA6Lpk31GH5mzBeG3MR; path=/; Domain=.globalsources.com
visid_incap_2766148=GdSIXNg9RYmmQmXiGDzBHKbOm2MAAAAAQUIPAAAAAABMwy4L4azR8z4IBIZTbkfZ; expires=Fri, 15 Dec 2023 22:29:58 GMT; HttpOnly; path=/; Domain=.globalsources.com
incap_ses_277_2766148=QrD/GtjXmFBBud9giBrYA6fOm2MAAAAAifrPljD4XNzmE6k68tHDXQ==; path=/; Domain=.globalsources.com
last-modified: Thu, 28 Apr 2022 06:28:09 GMT
cache-control: no-cache
pragma: no-cache
expires: Mon, 01 Jan 1999 00:00:00 GMT
content-encoding: gzip
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' *.globalsources.com; upgrade-insecure-requests;
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.globalsources.com ; form-action 'none' data: blob: ; frame-ancestors 'self' ; report-uri /csp_report
x-iinfo: 8-10104692-10104714 2NNN RT(1671155366595 54) q(0 0 0 1) r(10 10) U2
X-Firefox-Spdy: h2
login.globalsources.com/sso/gsol/pex/en/balat/includes/SSO.CSS
107.154.199.39200 OK 0 B URL HTTP/2 login.globalsources.com/sso/gsol/pex/en/balat/includes/SSO.CSS
IP 107.154.199.39:0
GET /sso/gsol/pex/en/balat/includes/SSO.CSS HTTP/1.1
Host: login.globalsources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://czjilce-aqg-6.tk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 16 Dec 2022 01:49:28 GMT
content-type: text/css
set-cookie: AWSALBTG=yBncATIsBh01bzG9mZK0YhuMmkLfTTe0ETnZWwvvJYnl8RdFPnVJWtsOE6pV7Uq6joV+lTOk+5fpPdtM67En5QcxYLgjFFggzw74Q73aTZl1rRXuxStZbHNNSAE9Ezf7WkWrt2lqDfQ5tz18GOHm2GLFQt84H8da71IIHMJWGMob; Expires=Fri, 23 Dec 2022 01:49:28 GMT; Path=/
AWSALBTGCORS=yBncATIsBh01bzG9mZK0YhuMmkLfTTe0ETnZWwvvJYnl8RdFPnVJWtsOE6pV7Uq6joV+lTOk+5fpPdtM67En5QcxYLgjFFggzw74Q73aTZl1rRXuxStZbHNNSAE9Ezf7WkWrt2lqDfQ5tz18GOHm2GLFQt84H8da71IIHMJWGMob; Expires=Fri, 23 Dec 2022 01:49:28 GMT; Path=/; SameSite=None; Secure
AWSALB=7PCual8+hFmt0SO7KABDhmCLtr9Oh4SZhLx217455VCagD34JPJHtOu9NxXKe7cJaUb4uiOJ0BVQdE2Wfnl18KEoqXQyDQr3kcrmTSw9yhSb69/XxVIZu5TQ/055; Expires=Fri, 23 Dec 2022 01:49:28 GMT; Path=/
AWSALBCORS=7PCual8+hFmt0SO7KABDhmCLtr9Oh4SZhLx217455VCagD34JPJHtOu9NxXKe7cJaUb4uiOJ0BVQdE2Wfnl18KEoqXQyDQr3kcrmTSw9yhSb69/XxVIZu5TQ/055; Expires=Fri, 23 Dec 2022 01:49:28 GMT; Path=/; SameSite=None; Secure
nlbi_2766148=vSQxA8KYhgEbWhBnOJREPwAAAADpvT2iXrGeE6q+iZ6wHJSK; path=/; Domain=.globalsources.com
visid_incap_2766148=GdSIXNg9RYmmQmXiGDzBHKbOm2MAAAAAQUIPAAAAAABMwy4L4azR8z4IBIZTbkfZ; expires=Fri, 15 Dec 2023 22:29:58 GMT; HttpOnly; path=/; Domain=.globalsources.com
incap_ses_277_2766148=8lKbCKMaB3FBud9giBrYA6fOm2MAAAAA+30tuf0u3WWm13aEUb9xdg==; path=/; Domain=.globalsources.com
last-modified: Thu, 28 Apr 2022 06:28:08 GMT
cache-control: no-cache
pragma: no-cache
expires: Mon, 01 Jan 1999 00:00:00 GMT
content-encoding: gzip
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' *.globalsources.com; upgrade-insecure-requests;
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.globalsources.com ; form-action 'none' data: blob: ; frame-ancestors 'self' ; report-uri /csp_report
x-iinfo: 8-10104692-10104697 2NNN RT(1671155366595 36) q(0 0 0 0) r(12 12) U2
X-Firefox-Spdy: h2
insight.adsrvr.org/track/pxl/?adv=uo3y5o8&ct=0:8gqij5f&fmt=3&td1={Page%20URL}&td2={Click%20Text}&td3={Click%20Classes}&td4={Event}
52.223.40.198200 OK 0 B URL HTTP/2 insight.adsrvr.org/track/pxl/?adv=uo3y5o8&ct=0:8gqij5f&fmt=3&td1={Page%20URL}&td2={Click%20Text}&td3={Click%20Classes}&td4={Event}
IP 52.223.40.198:0
GET /track/pxl/?adv=uo3y5o8&ct=0:8gqij5f&fmt=3&td1={Page%20URL}&td2={Click%20Text}&td3={Click%20Classes}&td4={Event} HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://czjilce-aqg-6.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 16 Dec 2022 01:49:30 GMT
content-type: image/gif
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
login.globalsources.com/sso/gsol/pex/en/balat/includes/jqueryandplugins.js
107.154.199.39200 OK 0 B URL HTTP/2 login.globalsources.com/sso/gsol/pex/en/balat/includes/jqueryandplugins.js
IP 107.154.199.39:0
GET /sso/gsol/pex/en/balat/includes/jqueryandplugins.js HTTP/1.1
Host: login.globalsources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://czjilce-aqg-6.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 16 Dec 2022 01:49:28 GMT
content-type: application/x-javascript
set-cookie: AWSALBTG=buEBeiSmXOvVH+eSHA8wrRnb4zSjKR4AujTnE2kgzKaGylk8q6l8l8ve/fWbPlU0egz7pJjeeMGQc58CXXAWAB52abogS/lq43JKBYPqLJ2D8+chij8fiAYd/FWpXPyrFEvQmcOVxfJ0OjTk/M0HkwZuWBmfatNEwxjQkxTH1gwk; Expires=Fri, 23 Dec 2022 01:49:28 GMT; Path=/
AWSALBTGCORS=buEBeiSmXOvVH+eSHA8wrRnb4zSjKR4AujTnE2kgzKaGylk8q6l8l8ve/fWbPlU0egz7pJjeeMGQc58CXXAWAB52abogS/lq43JKBYPqLJ2D8+chij8fiAYd/FWpXPyrFEvQmcOVxfJ0OjTk/M0HkwZuWBmfatNEwxjQkxTH1gwk; Expires=Fri, 23 Dec 2022 01:49:28 GMT; Path=/; SameSite=None; Secure
AWSALB=Jdmb7YMp8dv+fg3Krye8RxaaiTs+KjP4eM/TuBu/igEeW0oYcUUlHyEq141ngXzZHNqWbONIIuKkJJs3m5UAcK5k3lmlkw3JXrWSJ/Tm/l/tuyuRMsMrYpDpbWYu; Expires=Fri, 23 Dec 2022 01:49:28 GMT; Path=/
AWSALBCORS=Jdmb7YMp8dv+fg3Krye8RxaaiTs+KjP4eM/TuBu/igEeW0oYcUUlHyEq141ngXzZHNqWbONIIuKkJJs3m5UAcK5k3lmlkw3JXrWSJ/Tm/l/tuyuRMsMrYpDpbWYu; Expires=Fri, 23 Dec 2022 01:49:28 GMT; Path=/; SameSite=None; Secure
nlbi_2766148=QG23Uq7lg19XYoUoOJREPwAAAADnOlCrsYs+pfyaWrtcoSom; path=/; Domain=.globalsources.com
visid_incap_2766148=GdSIXNg9RYmmQmXiGDzBHKbOm2MAAAAAQUIPAAAAAABMwy4L4azR8z4IBIZTbkfZ; expires=Fri, 15 Dec 2023 22:29:58 GMT; HttpOnly; path=/; Domain=.globalsources.com
incap_ses_277_2766148=Ro05MinOpmRBud9giBrYA6fOm2MAAAAAg7AfVAyjRMLUkzd/rNKtSg==; path=/; Domain=.globalsources.com
last-modified: Thu, 28 Apr 2022 06:31:57 GMT
cache-control: no-cache
pragma: no-cache
expires: Mon, 01 Jan 1999 00:00:00 GMT
content-encoding: gzip
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' *.globalsources.com; upgrade-insecure-requests;
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.globalsources.com ; form-action 'none' data: blob: ; frame-ancestors 'self' ; report-uri /csp_report
x-iinfo: 8-10104692-10104697 2NNN RT(1671155366595 51) q(0 0 0 0) r(12 12) U2
X-Firefox-Spdy: h2
login.globalsources.com/sso/gsol/pex/en/balat/includes/EGSOL_WEB_UI.JS
107.154.199.39200 OK 0 B URL HTTP/2 login.globalsources.com/sso/gsol/pex/en/balat/includes/EGSOL_WEB_UI.JS
IP 107.154.199.39:0
GET /sso/gsol/pex/en/balat/includes/EGSOL_WEB_UI.JS HTTP/1.1
Host: login.globalsources.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://czjilce-aqg-6.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 16 Dec 2022 01:49:28 GMT
content-type: application/x-javascript
set-cookie: AWSALBTG=VNHcIRus2W0QCGLA4zdXzNTosBbdQ0NTI2OWutb5/sTDxzZK8gXHzK0W2NSZKaeRTNloUGprW+Dx1lP9hl/aHTv9hXFPrEvYBOLODNG7PkMIN8XHlZbhFNvDw6ucOzyyfZN6NaCWwo7X88hVHF2VNy0M8k/2qh7PtbHkdaUBLEzf; Expires=Fri, 23 Dec 2022 01:49:28 GMT; Path=/
AWSALBTGCORS=VNHcIRus2W0QCGLA4zdXzNTosBbdQ0NTI2OWutb5/sTDxzZK8gXHzK0W2NSZKaeRTNloUGprW+Dx1lP9hl/aHTv9hXFPrEvYBOLODNG7PkMIN8XHlZbhFNvDw6ucOzyyfZN6NaCWwo7X88hVHF2VNy0M8k/2qh7PtbHkdaUBLEzf; Expires=Fri, 23 Dec 2022 01:49:28 GMT; Path=/; SameSite=None; Secure
AWSALB=dGtR8nRS+A4UaZ2DWmQUUWjyVmwGmgSq91buSxMlbdVngPPGDlk/DxpRvDdgWCSHQE/oCpXJ8G9WP2dEQo66/gZtko4/YEwGmKTtsAIZk+H73hdWn8UDQNFCg4Jr; Expires=Fri, 23 Dec 2022 01:49:28 GMT; Path=/
AWSALBCORS=dGtR8nRS+A4UaZ2DWmQUUWjyVmwGmgSq91buSxMlbdVngPPGDlk/DxpRvDdgWCSHQE/oCpXJ8G9WP2dEQo66/gZtko4/YEwGmKTtsAIZk+H73hdWn8UDQNFCg4Jr; Expires=Fri, 23 Dec 2022 01:49:28 GMT; Path=/; SameSite=None; Secure
nlbi_2766148=L93NFFOwXD+BNJPROJREPwAAAAD9rFpyOM7XD5gSsSqsCg/J; path=/; Domain=.globalsources.com
visid_incap_2766148=GdSIXNg9RYmmQmXiGDzBHKbOm2MAAAAAQUIPAAAAAABMwy4L4azR8z4IBIZTbkfZ; expires=Fri, 15 Dec 2023 22:29:58 GMT; HttpOnly; path=/; Domain=.globalsources.com
incap_ses_277_2766148=jE3wZOo4/hBBud9giBrYA6fOm2MAAAAAGnttU2Jw5lZv0vtXyYS9bw==; path=/; Domain=.globalsources.com
last-modified: Thu, 28 Apr 2022 06:31:57 GMT
cache-control: no-cache
pragma: no-cache
expires: Mon, 01 Jan 1999 00:00:00 GMT
content-encoding: gzip
x-cdn: Imperva
content-security-policy: frame-ancestors 'self' *.globalsources.com; upgrade-insecure-requests;
content-security-policy-report-only: default-src 'self' 'unsafe-eval' 'unsafe-hashes' 'unsafe-inline' data: blob: *.globalsources.com ; form-action 'none' data: blob: ; frame-ancestors 'self' ; report-uri /csp_report
x-iinfo: 8-10104692-10104704 2NNN RT(1671155366595 55) q(0 0 0 1) r(12 12) U2
X-Firefox-Spdy: h2