depriveprototype.cn/iocl4in/tb.php?vg=ed1669727701871
172.67.159.242200 OK 598 B URL HTTP/1.1 depriveprototype.cn/iocl4in/tb.php?vg=ed1669727701871
IP 172.67.159.242:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (479), with CRLF line terminators
Hash 6680fcd38c56207680ecfe7d3358f838
34f73b54ecb73d1ecf1eac728e370023647196a4
041a81b4e5311a66bffddf2747a94748dcfe2f53ce9dd51e637de295ce1b1b01
Analyzer Verdict Alert fortinet Phishing
GET /iocl4in/tb.php?vg=ed1669727701871 HTTP/1.1
Host: depriveprototype.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 13:45:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lR%2BuFGOTAMCwb4s2nipk9JDBRvLhzNBHKJG7hCgR92LIeifzR280LvddkjznfJVh8ewh37YrnMnWETH5NUcYAM9LMsGF3pJi3b%2BhOBJIFsfGHPFNrhskRLiM7M2yj8%2Bm2yIkHq5g"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 771bc808ef030b61-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2d2e7649ce9e9ba6fc8b68aa89352e3c
0153d1d3d830a457043e16bb40d48a0b9ddef4b8
8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5863
Expires: Tue, 29 Nov 2022 15:22:44 GMT
Date: Tue, 29 Nov 2022 13:45:01 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4ed065cb23b5fca1a179dd73b3c5b7b2
4422eb24688f5e056fc1b18b127c7f63b1dbf5e0
b723d770d0dec7441d8505dc5a4e7d34f55c9f564ec52f20d9b70c7c3a0d9d35
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6205
Cache-Control: max-age=167375
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 13:45:01 GMT
Etag: "6385df6f-1d7"
Expires: Thu, 01 Dec 2022 12:14:36 GMT
Last-Modified: Tue, 29 Nov 2022 10:31:11 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8245
Expires: Tue, 29 Nov 2022 16:02:26 GMT
Date: Tue, 29 Nov 2022 13:45:01 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 13:19:36 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1525
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ecAmk8KiDHTfGmabgxY9QxSJvJqHkqfteuWfj+WRN5PR371ro1UxK4a0sFizvelRHfK8ybCeEf8=
x-amz-request-id: 7CM6SMYQC17ES74E
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 12:45:27 GMT
age: 3574
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:45:01 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
depriveprototype.cn/favicon.ico
172.67.159.242200 OK 455 B URL HTTP/1.1 depriveprototype.cn/favicon.ico
IP 172.67.159.242:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 3c5d244b8b6b192c76a2c4331450c235
7e53f5ad871fcd67705eaf77f1ca9ff247143e1e
e0f26b6349453a86cd1f0f87cfd80559ef7edb6d88ff0af9ced7d7e413c548e3
GET /favicon.ico HTTP/1.1
Host: depriveprototype.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://depriveprototype.cn/iocl4in/tb.php?vg=ed1669727701871
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 13:45:02 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 27 Dec 2016 03:54:11 GMT
ETag: W/"5861e5e3-1b0"
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lJjS7llY0QaVq7NTUj1xyht3YZLPgxot1vttzt45otsKR758WqkRWCtPXLmReXMUyghQMZZWIsWs9K21zBHK5smX41%2BTrJccXTSq18w0qCyZRBv7Sy0grFLtsC34pe1M9HhIFg3k"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771bc80b69a50b61-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
depriveprototype.cn/j/og2.js?_t=1669729501174
172.67.159.242200 OK 942 B URL HTTP/1.1 depriveprototype.cn/j/og2.js?_t=1669729501174
IP 172.67.159.242:0
File type ASCII text, with CRLF line terminators
Hash bad1af26351d2e87c035596233940ab0
9ac0e34dcbfd29ca3070c506c200777a8016b161
bc734ed6fc97cbcbaa0ed5236ce8aa46754596a9a79eef96684242d231d0644e
Analyzer Verdict Alert fortinet Phishing
GET /j/og2.js?_t=1669729501174 HTTP/1.1
Host: depriveprototype.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://depriveprototype.cn/iocl4in/tb.php?vg=ed1669727701871
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 13:45:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 20 Oct 2022 16:09:56 GMT
Vary: Accept-Encoding
ETag: W/"635172d4-850"
Expires: Wed, 30 Nov 2022 01:45:02 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KWfs0oAAyU5622mI%2FoBUHNVDYGlAPmx64aa8YfdhH2bk7QE42Dg2xjdD%2Bb0XLeTbv3fWx4V3exC7oh1pvvK1i16uH3LeCFBPT3m9mtHFbnFcLNblU8V10cPX3ySpXFgMwxsepuI5"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 771bc80bfa6f0b61-OSL
alt-svc: h2=":443"; ma=60
depriveprototype.cn/j/og2.php?_t=1669729501277
172.67.159.242200 OK 94 B URL HTTP/1.1 depriveprototype.cn/j/og2.php?_t=1669729501277
IP 172.67.159.242:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 21d15cbc605c44c98f7927915251d07b
bcb335e4c2644d349a37957526ebe4e9222a1306
077b82ec7bd42eb02ebb1ce6850866d60b1c0e4bf3d429248b0d7f8b8354ffa5
POST /j/og2.php?_t=1669729501277 HTTP/1.1
Host: depriveprototype.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-type: application/x-www-form-urlencoded
Content-Length: 45
Origin: http://depriveprototype.cn
Connection: keep-alive
Referer: http://depriveprototype.cn/iocl4in/tb.php?vg=ed1669727701871
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 13:45:02 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OSkNGxC8Bhpv%2F09ZoY6ti8XYo1R8EWPVLh9wnXng%2BFTCm4OZx9I9tlcq4INhr9QSwpkZrQGK0AHYD9YWfSsNDeTVtssllWxh9sU0KKWGVAEoQPgSwGyn%2FK%2Bv6rosoAekVFAnjMiu"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 771bc80c9b430b61-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 40788650907e408588fb7ba8f7a09e3b
b425e0d0cd9623674e701f860f055225c90f834b
b26e42beaca509b7e1055ca75f8dc0b0d2b4c57b85eeb351fafaaae007a67a7f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "B26E42BEACA509B7E1055CA75F8DC0B0D2B4C57B85EEB351FAFAAAE007A67A7F"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1120
Expires: Tue, 29 Nov 2022 14:03:42 GMT
Date: Tue, 29 Nov 2022 13:45:02 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 13:11:13 GMT
cache-control: public,max-age=3600
age: 2029
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 40788650907e408588fb7ba8f7a09e3b
b425e0d0cd9623674e701f860f055225c90f834b
b26e42beaca509b7e1055ca75f8dc0b0d2b4c57b85eeb351fafaaae007a67a7f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "B26E42BEACA509B7E1055CA75F8DC0B0D2B4C57B85EEB351FAFAAAE007A67A7F"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1120
Expires: Tue, 29 Nov 2022 14:03:42 GMT
Date: Tue, 29 Nov 2022 13:45:02 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3c8c689bd654417640d85f3da51af313
85123b6d46230a23d03768bf304b386e5d301305
516138ca79703b45e904d32d7dde1c1e9fd35995b9f1bb1331c547542745676d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5469
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 13:45:02 GMT
Last-Modified: Tue, 29 Nov 2022 12:13:53 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 08d1e67461d10c9bb3bb308394d239e1
5f4c08b27e1e958af5a6bb4d1cfc5fa5e2544285
b28904e3ad5e69316ddecf7bdb6dd11899559756be9a55fa875d74c22f5c2806
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4170
Cache-Control: max-age=102701
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 13:45:02 GMT
Etag: "6384eac1-117"
Expires: Wed, 30 Nov 2022 18:16:43 GMT
Last-Modified: Mon, 28 Nov 2022 17:07:13 GMT
Server: ECS (amb/6BB0)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 08d1e67461d10c9bb3bb308394d239e1
5f4c08b27e1e958af5a6bb4d1cfc5fa5e2544285
b28904e3ad5e69316ddecf7bdb6dd11899559756be9a55fa875d74c22f5c2806
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4247
Cache-Control: max-age=102778
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 13:45:02 GMT
Etag: "6384eac1-117"
Expires: Wed, 30 Nov 2022 18:18:00 GMT
Last-Modified: Mon, 28 Nov 2022 17:07:13 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 08d1e67461d10c9bb3bb308394d239e1
5f4c08b27e1e958af5a6bb4d1cfc5fa5e2544285
b28904e3ad5e69316ddecf7bdb6dd11899559756be9a55fa875d74c22f5c2806
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 175
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 13:45:02 GMT
Last-Modified: Tue, 29 Nov 2022 13:42:07 GMT
Server: ECS (amb/6B9E)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 08d1e67461d10c9bb3bb308394d239e1
5f4c08b27e1e958af5a6bb4d1cfc5fa5e2544285
b28904e3ad5e69316ddecf7bdb6dd11899559756be9a55fa875d74c22f5c2806
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4373
Cache-Control: max-age=102904
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 13:45:02 GMT
Etag: "6384eac1-117"
Expires: Wed, 30 Nov 2022 18:20:06 GMT
Last-Modified: Mon, 28 Nov 2022 17:07:13 GMT
Server: ECS (amb/6B85)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 08d1e67461d10c9bb3bb308394d239e1
5f4c08b27e1e958af5a6bb4d1cfc5fa5e2544285
b28904e3ad5e69316ddecf7bdb6dd11899559756be9a55fa875d74c22f5c2806
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 175
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 13:45:02 GMT
Last-Modified: Tue, 29 Nov 2022 13:42:07 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 46ad906b91518c5f672881178dfc2051
f096aa09472058a90524fdab796e7d6cfcb8b5b0
87bd51d765d63371615244f3c3160e36417d2a97169c7b5e80f53df10eb17907
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "87BD51D765D63371615244F3C3160E36417D2A97169C7B5E80F53DF10EB17907"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5113
Expires: Tue, 29 Nov 2022 15:10:15 GMT
Date: Tue, 29 Nov 2022 13:45:02 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 46ad906b91518c5f672881178dfc2051
f096aa09472058a90524fdab796e7d6cfcb8b5b0
87bd51d765d63371615244f3c3160e36417d2a97169c7b5e80f53df10eb17907
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "87BD51D765D63371615244F3C3160E36417D2A97169C7B5E80F53DF10EB17907"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5113
Expires: Tue, 29 Nov 2022 15:10:15 GMT
Date: Tue, 29 Nov 2022 13:45:02 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f50fd635895870df33a17fe377a6a038
dd65dfbbc810b095432cfd59f971af04a9e31ab7
ebd9b6c3f67865c297d08802839c940994424000df3bf8a3f1316b8e13666e94
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 13:45:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f50fd635895870df33a17fe377a6a038
dd65dfbbc810b095432cfd59f971af04a9e31ab7
ebd9b6c3f67865c297d08802839c940994424000df3bf8a3f1316b8e13666e94
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 13:45:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnbun.com/upload/ioclin.bix2.png
172.67.159.172200 OK 8.1 kB URL HTTP/2 cdnbun.com/upload/ioclin.bix2.png
IP 172.67.159.172:0
File type PNG image data, 350 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 5c9f5f842200cc371d5f8dd50f936496
450730dab020764b80b6e731c9080baaccbc2ffe
70a0dfd1380db7e800ecc799eb8ce0e788a4a85b6ff7dd9d5322b88c1c899b90
GET /upload/ioclin.bix2.png HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 13:45:02 GMT
content-type: image/png
content-length: 8129
x-guploader-uploadid: ADPycduBeAQ5hXV_2sN91IhwKDzmbOuX4nhKBM3iVGova9PkY62V-A2NE-rfifN-yt9UVAf5xK0jJoUctQv2hCMBIXfm6g
expires: Tue, 29 Nov 2022 13:00:35 GMT
cache-control: public, max-age=14400
last-modified: Tue, 22 Nov 2022 10:10:49 GMT
etag: "5c9f5f842200cc371d5f8dd50f936496"
x-goog-generation: 1669111849197786
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 8129
x-goog-hash: crc32c=/qZ3TA==, md5=XJ9fhCIAzDcdX43VD5Nklg==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 985
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p5D4hRTKvt%2BUhONZJmlNH2Y0jBSY6CbbbxeG9VMhotB9bcUP1HJebVUJ57ae9OlKML%2B76tfYoYQ%2BHEiAKBAG0k9jW57tUBky3r9yFYddr0TnIWIBwww9Fwk5n5Yn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771bc810bcbcb4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnbun.com/upload/ioclin.heb.gif
172.67.159.172200 OK 123 kB URL HTTP/2 cdnbun.com/upload/ioclin.heb.gif
IP 172.67.159.172:0
File type GIF image data, version 89a, 270 x 83\012- data
Size 123 kB (122720 bytes)
Hash 07abf41ac3f73f2c7eef05543c498a76
2a2518c84f968ec415aeae48500d50471fcd1f0d
d13b780287e71a5498375374bde62b7cc0d6e00587dc435067615d1b58a54bde
GET /upload/ioclin.heb.gif HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 13:45:02 GMT
content-type: image/gif
content-length: 122720
x-guploader-uploadid: ADPycduDd8n6D7apgAbSWMHT_k19lkO0O2L0ZqfIdTx-P7B2mZJ7ac8INjxQ6kdFujUnhPP82sgfQKC0SlN8zkxksEm5hjplZl8X
expires: Tue, 29 Nov 2022 13:02:38 GMT
cache-control: public, max-age=14400
last-modified: Tue, 22 Nov 2022 10:10:50 GMT
etag: "07abf41ac3f73f2c7eef05543c498a76"
x-goog-generation: 1669111850276438
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 122720
x-goog-hash: crc32c=XcGnIQ==, md5=B6v0GsP3Pyx+7wVUPEmKdg==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 987
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HRAnw48jeyT9AXAEZMoojfF4eKpZ815V%2BumLqGnmq3OUPK0OFJ%2Fk%2FatJ3VJYj4qSZombryl6oZW6u5%2Fh2zaxaNktDK%2B1njLqO2H8vG%2B91PGu0sNThpwWI6NO5jUx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771bc810bcbeb4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnbun.com/upload/ioclin.img.jpg
172.67.159.172200 OK 63 kB URL HTTP/2 cdnbun.com/upload/ioclin.img.jpg
IP 172.67.159.172:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 494x288, components 3\012- data
Hash a4ecdafe8af3af4d5631f31968df1879
7760c335de6f83166fe0f5f7e569affc3aa49482
a673dbdc684843aa3959a6f58e4bf0f000674a8a1e2a48d5b14a05fa55ef57f6
GET /upload/ioclin.img.jpg HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 13:45:02 GMT
content-type: image/jpeg
content-length: 63142
x-guploader-uploadid: ADPycdtu15u3uBdib8f6OVDlDlJrEvq97zcPjCiLCOBllYdRcI2wmh7De-BSLqB0z_qDdzp9I9_lJ_Y5ZCclAVbPa2WySA
x-goog-generation: 1669111850303102
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 63142
x-goog-hash: crc32c=UOS5WA==, md5=pOza/orzr01WMfMZaN8YeQ==
x-goog-storage-class: STANDARD
expires: Tue, 29 Nov 2022 13:59:25 GMT
cache-control: public, max-age=14400
last-modified: Tue, 22 Nov 2022 10:10:50 GMT
etag: "a4ecdafe8af3af4d5631f31968df1879"
cf-cache-status: HIT
age: 986
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NiMLER%2FPOuWXH2v3HqkTJn690R7VGOaO6ur75HytbBafmidjI2ZvyjGxLxkRWEacZl86RkicqDt1%2Fy3cWJJ%2BwI3ybJwNob305%2FgoTqOrbLkFJHqN%2BSt7OyEoTS8g"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771bc810bcbab4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnbun.com/upload/ioclin.bix1.png
172.67.159.172200 OK 37 kB URL HTTP/2 cdnbun.com/upload/ioclin.bix1.png
IP 172.67.159.172:0
File type PNG image data, 350 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash c4dba57c59c318313e2bf31adba390b8
cf21f944d97f55bbe7a5ebafab2deb3c010536b3
0589130e2f31c00eddc807b3b8a51b8a039ab6409fcb6c1517651b2329432d7f
GET /upload/ioclin.bix1.png HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 13:45:02 GMT
content-type: image/png
content-length: 37263
x-guploader-uploadid: ADPycdsaOcOAjOtxPbSDq3FvvPxZYiC8EhME87JCo3tRCZuobcbd62j8Yd-rG-nS53b6HK3Pfk0YFwVI-ySty6rRKF-elg
expires: Tue, 29 Nov 2022 13:59:35 GMT
cache-control: public, max-age=14400
last-modified: Tue, 22 Nov 2022 10:10:48 GMT
etag: "c4dba57c59c318313e2bf31adba390b8"
x-goog-generation: 1669111848369494
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 37263
x-goog-hash: crc32c=9pfwgg==, md5=xNulfFnDGDE+K/Ma26OQuA==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 985
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ty9nPrSyZOMj0X30f8tgI%2BLavPMhRo2wco7dpF9P8d%2BTSWTUqgBfOJlVZVL%2BjxSkMalJSUgwR9mz%2FdEc9gIXbtkTWQnhEwfS2pB9mZEdR%2BJJQBV3TwSZkjCfIOT9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771bc810bcbdb4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnbun.com/upload/ioclin.bix3.png
172.67.159.172200 OK 16 kB URL HTTP/2 cdnbun.com/upload/ioclin.bix3.png
IP 172.67.159.172:0
File type PNG image data, 350 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 2e36b47f4685b546d43cd5af147ea671
4601c3f8318758eae4979cce6274f8bfc0380279
58b960a42f95d97e4f2b240bc0696b3d637fc876e2f40efbe71dcf355e8d6e94
GET /upload/ioclin.bix3.png HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 13:45:02 GMT
content-type: image/png
content-length: 15540
x-guploader-uploadid: ADPycdtsuS7gvBkwLBJITz8fmZBzDPji8BPhNx7nHRNlJZYay8eK9tCF-NQs0cgt2xLRg1zGzzXu6pv7lv0yTj97WY9p1g
expires: Tue, 29 Nov 2022 13:59:50 GMT
cache-control: public, max-age=14400
last-modified: Tue, 22 Nov 2022 10:10:49 GMT
etag: "2e36b47f4685b546d43cd5af147ea671"
x-goog-generation: 1669111849122722
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 15540
x-goog-hash: crc32c=TJ7I2Q==, md5=Lja0f0aFtUbUPNWvFH6mcQ==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 984
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LEkTyODB0e78bBtC4GQCLiJtpgX1AEMSGTB8PhTHsmwXqpZxi%2F%2Bxw4p3ciM%2FWoTLVgfb%2F7nN8Gw9jXmroSUZ7cvE6987Gd3xBk%2Bx76p5ikV74XwNFIyoiZRgJR6T"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771bc810fd13b4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 99c2bc3813eb029fc1fd33a329f3f1bd
43e3f4c3a663121f7d338e5f557626131d49ce86
12514e36878dfe4742b88efcfd056987ddb785de7af45daeaa4377ddd5662a07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 13:45:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-T_4FPQJDXos/YKsjbNLDpRI/AAAAAAAABho/lE-RXu-La9UZUtmJisWFGBB7Gyzc2-M_QCLcBGAsYHQ/s16000/Norway_inbox.png
142.250.74.161200 OK 14 kB URL HTTP/2 1.bp.blogspot.com/-T_4FPQJDXos/YKsjbNLDpRI/AAAAAAAABho/lE-RXu-La9UZUtmJisWFGBB7Gyzc2-M_QCLcBGAsYHQ/s16000/Norway_inbox.png
IP 142.250.74.161:0
File type PNG image data, 350 x 251, 8-bit colormap, non-interlaced\012- data
Hash ff055162c5d233506eece3fb69a47e74
49812e303ae6674819b6a7a6e0721d555ef64df4
7e46c8bcf219a0d6f0f3d5c5b027ed613678a0c54d637172d6495f428ff80150
GET /-T_4FPQJDXos/YKsjbNLDpRI/AAAAAAAABho/lE-RXu-La9UZUtmJisWFGBB7Gyzc2-M_QCLcBGAsYHQ/s16000/Norway_inbox.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Norway_inbox.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 13695
x-xss-protection: 0
date: Tue, 29 Nov 2022 13:14:44 GMT
expires: Sun, 06 Nov 2022 03:02:48 GMT
cache-control: public, max-age=86400, no-transform
age: 1818
etag: "v630"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-2T6GB3S68P
142.250.74.168200 OK 79 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-2T6GB3S68P
IP 142.250.74.168:0
File type ASCII text, with very long lines (25492)
Hash 36e446c96410126e17b00dddc9c4de24
38b899dd9b120e26fbe03e9ce6d3d564354536ad
eed74a14d8cf0c5b5daa325e948e3b8a39f36f855182c8b43e87a0f9667d6e01
GET /gtag/js?id=G-2T6GB3S68P HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 29 Nov 2022 13:45:02 GMT
expires: Tue, 29 Nov 2022 13:45:02 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 78697
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-0C230YDF7G
142.250.74.168200 OK 76 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-0C230YDF7G
IP 142.250.74.168:0
File type ASCII text, with very long lines (19102)
Hash cecec6a2bfc75e501508f64ce94a6dc3
c80a5106c558e589f44544e93f901c0262c1de02
8354eaf046257623c3de3597a8b1eb66f26f8dc146bea41c10adf173f958a96d
GET /gtag/js?id=G-0C230YDF7G HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 29 Nov 2022 13:45:02 GMT
expires: Tue, 29 Nov 2022 13:45:02 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75970
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.bp.blogspot.com/-6OjTtrMq588/YKsjbL-wmoI/AAAAAAAABhs/UuUHtZD40v4QF-PMdm29IuYEYXf1-gCCwCLcBGAsYHQ/s16000/Norway_outbox.png
142.250.74.161200 OK 181 kB URL HTTP/2 1.bp.blogspot.com/-6OjTtrMq588/YKsjbL-wmoI/AAAAAAAABhs/UuUHtZD40v4QF-PMdm29IuYEYXf1-gCCwCLcBGAsYHQ/s16000/Norway_outbox.png
IP 142.250.74.161:0
File type PNG image data, 497 x 308, 8-bit/color RGBA, non-interlaced\012- data
Size 181 kB (180954 bytes)
Hash fd835c1f326d3e7da0d9839550f66723
5004618bc15011d7d0f569f60f900d076b164b3d
b2286c3ed452ee4eeb15d2044a90cfc456d4789b2fdbe42bb9e023c9da18e4a8
GET /-6OjTtrMq588/YKsjbL-wmoI/AAAAAAAABhs/UuUHtZD40v4QF-PMdm29IuYEYXf1-gCCwCLcBGAsYHQ/s16000/Norway_outbox.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Norway_outbox.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 180954
x-xss-protection: 0
date: Tue, 29 Nov 2022 13:14:44 GMT
expires: Sun, 06 Nov 2022 03:02:48 GMT
cache-control: public, max-age=86400, no-transform
age: 1818
etag: "v632"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ad1ccef0136648e622ad5d29dc70518b
042b0f696ff598a7bf144fb2fb50503a3fddd134
263a42f9d956405e41437f21bce466585df4347a240756fcd033add9a73e3e8c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "263A42F9D956405E41437F21BCE466585DF4347A240756FCD033ADD9A73E3E8C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5925
Expires: Tue, 29 Nov 2022 15:23:48 GMT
Date: Tue, 29 Nov 2022 13:45:03 GMT
Connection: keep-alive
cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css
104.21.0.245200 OK 25 kB URL HTTP/2 cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css
IP 104.21.0.245:0
File type ASCII text, with very long lines (65321), with CRLF line terminators
Hash 92e0c96ea5a942905292ad9bff71a4ca
d2f3971d50e78698638708bee28119e0328d13df
ab8c62d602514ced0ad02ec802bc3518c06221ec0662baa0f7940594adb9e22c
GET /npm/bootstrap@4.6.0/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 13:45:02 GMT
content-type: text/css
x-guploader-uploadid: ADPycduCHwg6n53VPzNb_-57qJzhoPJbEBdMgpsWgTX19t4NIh3Tdte6MCXenDGQTAuiJrpSRG3G9WDZErClLNvZVXhXccOSWw
expires: Tue, 29 Nov 2022 13:58:18 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:38:12 GMT
etag: W/"feba0d0760607b9e21393156949afcd9"
x-goog-generation: 1647502692716912
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 161415
x-goog-hash: crc32c=Sb/HMQ==, md5=/roNB2Bge54hOTFWlJr82Q==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 1770
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JRryNJI1ZiVHHi7mdaGeheyuyCnHzcX46c9r73Mnoehr7ORFLq6mJDevcNHQ%2B8HneX40sveF%2BEPOofq%2FY4cPYc4oCfwfeqPm8oU1maljxRWy3nQa%2Fh5pIeLOlWGspBQAj10%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771bc810891d1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f66683185e8f7b358ea26624dc0c051c
03da00566a224f74593e61b29c355f7a081597c8
bb28dca53410e52b896b69a45db7e6e5e25c056a183db27fd062bd6c0e4dfdb0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BB28DCA53410E52B896B69A45DB7E6E5E25C056A183DB27FD062BD6C0E4DFDB0"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3400
Expires: Tue, 29 Nov 2022 14:41:43 GMT
Date: Tue, 29 Nov 2022 13:45:03 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 99c2bc3813eb029fc1fd33a329f3f1bd
43e3f4c3a663121f7d338e5f557626131d49ce86
12514e36878dfe4742b88efcfd056987ddb785de7af45daeaa4377ddd5662a07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 13:45:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f50fd635895870df33a17fe377a6a038
dd65dfbbc810b095432cfd59f971af04a9e31ab7
ebd9b6c3f67865c297d08802839c940994424000df3bf8a3f1316b8e13666e94
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 13:45:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
54.148.70.121101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.70.121:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: M+bLrhd4XtGNgb4m8gHy8w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: H2tYz7Ayw4VgK8pauG8QaTH0UXY=
cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/js/bootstrap.min.js
104.21.0.245200 OK 16 kB URL HTTP/2 cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/js/bootstrap.min.js
IP 104.21.0.245:0
File type ASCII text, with very long lines (63188), with CRLF line terminators
Hash 080c5ce3d51bc061dfc86da95bcf070a
93e3ac862694850f55ad9d290d04403faf85a61c
fa758ddba9cfd01ae4cd82c0a4d847d201fea8bb6e06d6c096dfebab18052d02
GET /npm/bootstrap@4.6.0/dist/js/bootstrap.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 13:45:02 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycdv0chj5F1Awc6K7Usaiie2qXL87Fxg5kp7mYqQH9s8HWV5Nuv0HuTqJ2hz1F5xUG9MGapUfK4P-pfLXRasYr-w
expires: Tue, 29 Nov 2022 13:34:47 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:36:54 GMT
etag: W/"c99230d2575380d7f95ff626606d2426"
x-goog-generation: 1647502614200576
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 63473
x-goog-hash: crc32c=x2l+AA==, md5=yZIw0ldTgNf5X/YmYG0kJg==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 1770
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RfzioVmCc7arENuMjBM1KytXdCdKkjlblnTjLI9HDAcziel%2BIw%2FXTiYmuH1Xeyaj%2BmRyyXoCy4UGbA8pXpWz5qcBPEM%2F8RBmjxLxNXNLtaMzzv1mgyD3P13gYqca%2Fdt%2B314%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771bc81069071c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb1a749e76521179b24e9bba640a0f9
0f4482a139249f6dc0bafca48e1a99ab1f99214e
f8282b5d8b5f5a8282895603a2a103d48987cdf9c79ad1acfb7ffba5fe09c89e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "F8282B5D8B5F5A8282895603A2A103D48987CDF9C79AD1ACFB7FFBA5FE09C89E"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15345
Expires: Tue, 29 Nov 2022 18:00:48 GMT
Date: Tue, 29 Nov 2022 13:45:03 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb1a749e76521179b24e9bba640a0f9
0f4482a139249f6dc0bafca48e1a99ab1f99214e
f8282b5d8b5f5a8282895603a2a103d48987cdf9c79ad1acfb7ffba5fe09c89e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "F8282B5D8B5F5A8282895603A2A103D48987CDF9C79AD1ACFB7FFBA5FE09C89E"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15345
Expires: Tue, 29 Nov 2022 18:00:48 GMT
Date: Tue, 29 Nov 2022 13:45:03 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb1a749e76521179b24e9bba640a0f9
0f4482a139249f6dc0bafca48e1a99ab1f99214e
f8282b5d8b5f5a8282895603a2a103d48987cdf9c79ad1acfb7ffba5fe09c89e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "F8282B5D8B5F5A8282895603A2A103D48987CDF9C79AD1ACFB7FFBA5FE09C89E"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15345
Expires: Tue, 29 Nov 2022 18:00:48 GMT
Date: Tue, 29 Nov 2022 13:45:03 GMT
Connection: keep-alive
www.googletagmanager.com/gtag/js?id=G-LW7434MYMN
142.250.74.168200 OK 76 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-LW7434MYMN
IP 142.250.74.168:0
File type ASCII text, with very long lines (19102)
Hash e1d5518eee7fbd2ec726c642c257408e
113193115add1e86bd370b2c7347fcf0352ff3db
1b07df495f9ea940e576c4d36bfe7ab3a86e56936e2123c52706b5567af76a27
GET /gtag/js?id=G-LW7434MYMN HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 29 Nov 2022 13:45:03 GMT
expires: Tue, 29 Nov 2022 13:45:03 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75954
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 99c2bc3813eb029fc1fd33a329f3f1bd
43e3f4c3a663121f7d338e5f557626131d49ce86
12514e36878dfe4742b88efcfd056987ddb785de7af45daeaa4377ddd5662a07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 13:45:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
263cdn.com/upload/yhyindu5.jpg
172.64.105.2200 OK 16 kB URL HTTP/2 263cdn.com/upload/yhyindu5.jpg
IP 172.64.105.2:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Hash f0e55666582522445bbd6489c6bb2734
2a4a8caa659c5218aac0e43f57848f47ceeecd13
95db2af0008e286058d56bdb942e95f0345d39254aec4363de0d3699bdc68658
GET /upload/yhyindu5.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 13:45:03 GMT
content-type: image/jpeg
content-length: 15908
x-guploader-uploadid: ADPycdtuuq6B9rI0Cw1E_CbWiS4kBzwy0ue8ZqywuBFW7g6yDlT5vxecsdwA-Bt_Cruf-QSmF-27kLe9GTB-OLKyQZYaoVQWDRiC
x-goog-generation: 1658012389858068
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 15908
x-goog-hash: crc32c=qkrYYA==, md5=8OVWZlglIkRbvWSJxrsnNA==
x-goog-storage-class: STANDARD
expires: Tue, 29 Nov 2022 14:20:03 GMT
cache-control: public, max-age=14400
last-modified: Sat, 16 Jul 2022 22:59:49 GMT
etag: "f0e55666582522445bbd6489c6bb2734"
cf-cache-status: HIT
age: 1500
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R2pQB%2B6e0BPApSXuyC0z5UgJo7Jmuw7WTBSRiolpS%2F1UfJa2s0c5k4ijZqQB6LSo55CpUAiYplNb0oPST6uk57yFzomLBD0cGC9HETdBzi3KHgRyirDedap4oARa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771bc812b9e5892a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/yinin8.jpg
172.64.105.2200 OK 9.5 kB URL HTTP/2 263cdn.com/upload/yinin8.jpg
IP 172.64.105.2:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Hash 9438fdd580f94c978f69035105e13cd3
d46d09bf3ca401c1c0d91663a08168f3297afff4
e575c73e80a1cf7134b629c99a5727a0f108c739ce21c8f06f11903276b6f0db
GET /upload/yinin8.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 13:45:03 GMT
content-type: image/jpeg
content-length: 9470
x-guploader-uploadid: ADPycduKQTA0L5apGgRSmeE6OZ3_s2kZ9A43pSMx-UuSyE8z6gXaVRHPV9S7IJ45rxbUU3B4IrguBhlSBpPESLyRNSqKlg
x-goog-generation: 1661122030922846
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 9470
x-goog-hash: crc32c=PSDQww==, md5=lDj91YD5TJePaQNRBeE80w==
x-goog-storage-class: STANDARD
expires: Tue, 29 Nov 2022 12:14:24 GMT
cache-control: public, max-age=14400
last-modified: Sun, 21 Aug 2022 22:47:10 GMT
etag: "9438fdd580f94c978f69035105e13cd3"
cf-cache-status: HIT
age: 2611
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iwP1eojHAIwcKd7Ltjzu6E15u%2BhE9OgtJDzAQXIwwAsYNYv7bi5YTePLCdOYvrfvNKwccWInhBFdG47Z07%2F3ZfkfN4%2Bkrp%2BGClVJC7HslUgXP1Dl3aJKPbCPnLc9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771bc812b9e3892a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/yhyindu1.jpg
172.64.105.2200 OK 10 kB URL HTTP/2 263cdn.com/upload/yhyindu1.jpg
IP 172.64.105.2:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Hash 7b24fb4d55463daaf498ae99f434d535
0c543b92ed2c2a1afac323d4fcbc42eca691aa6b
5907414ee9a6a851c34c17dcb6640481cd65d99526319d2fc665981c38079c16
GET /upload/yhyindu1.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 13:45:03 GMT
content-type: image/jpeg
content-length: 10511
x-guploader-uploadid: ADPycdtuXPaWu9uPnTy2Zeg6DD_NfaSsn-dkBb_bC6zYowwNxxhAzml-hrOIS10Lx18bMh6jx-QSDyF8B_59sw0VxOx28A
expires: Tue, 29 Nov 2022 13:02:40 GMT
cache-control: public, max-age=14400
last-modified: Sat, 16 Jul 2022 22:59:48 GMT
etag: "7b24fb4d55463daaf498ae99f434d535"
x-goog-generation: 1658012388645640
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 10511
x-goog-hash: crc32c=RCqyxQ==, md5=eyT7TVVGPar0mK6Z9DTVNQ==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 1307
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FI1Yyeoyik3%2BZErzvntf8HGhHv4WGp7pBf7FuL8MsCf24DaDSXh4zASWu%2BUwpZSfcMWry3XbLiHkhEdTFAZ%2BrdCdg0xhgeMNNwzZCBhoYPjm9CJ79A943eADXRrV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771bc812b9e9892a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/yhyindu2.jpg
172.64.105.2200 OK 12 kB URL HTTP/2 263cdn.com/upload/yhyindu2.jpg
IP 172.64.105.2:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Hash 5b0b1a5debe90a3d277d36f50e6ae672
c4898b15f3c780d2ce697e446ab37c4528b6e001
f275d532ec2a4da265aa8bc2e0d2c3cd336324c88809b41d1e6b4e3864dc08aa
GET /upload/yhyindu2.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 13:45:03 GMT
content-type: image/jpeg
content-length: 12136
x-guploader-uploadid: ADPycdvZy3ZVURcGR9aPZDFdZSEnP_L7tt_vMJW1IKB5c8yXsbvYiM4an8G5seGEdxq5AQDszsqoQeODpZygerrqLR7VqA
expires: Tue, 29 Nov 2022 13:12:59 GMT
cache-control: public, max-age=14400
last-modified: Sat, 16 Jul 2022 22:59:48 GMT
etag: "5b0b1a5debe90a3d277d36f50e6ae672"
x-goog-generation: 1658012388751359
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 12136
x-goog-hash: crc32c=jJQeAg==, md5=WwsaXevpCj0nfTb1Dmrmcg==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 1868
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SdRdq6H8VFf08axH2nkYyw5VjkUfVDfD%2BojTOu06odW0vgup6mPUcXRCGi%2BMJnEAy4%2FziEkk2u7G0Nm3B03mb51kU1%2BRZ0cFTPb0F%2Fd5gT7fZ3a2oimUDOTil5O%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771bc812b9eb892a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f50fd635895870df33a17fe377a6a038
dd65dfbbc810b095432cfd59f971af04a9e31ab7
ebd9b6c3f67865c297d08802839c940994424000df3bf8a3f1316b8e13666e94
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 13:45:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
263cdn.com/upload/yinin9.jpg
172.64.105.2200 OK 11 kB URL HTTP/2 263cdn.com/upload/yinin9.jpg
IP 172.64.105.2:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Hash d89c2aa67625f8e96a26ad58b1e305ce
b0528b506c7cdb2e419d2a6da73cefdb72c2ed2c
6a07c5e915cbecd3802cb30dab35e08c084a11736b7bc7b54084b4a6bcae828b
GET /upload/yinin9.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 13:45:03 GMT
content-type: image/jpeg
content-length: 11423
x-guploader-uploadid: ADPycdu1BPKDcUnV5wI39RzOQiGQWjlcR4EveEAOlFsCLksqib6cd0iQl1n30ag__HfvMW0_9gJJZl_uNBiYWgjH5iPTlq44snP1
x-goog-generation: 1661122030898080
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 11423
x-goog-hash: crc32c=2FXwkQ==, md5=2JwqpnYl+OlqJq1YseMFzg==
x-goog-storage-class: STANDARD
expires: Tue, 29 Nov 2022 12:59:30 GMT
cache-control: public, max-age=14400
last-modified: Sun, 21 Aug 2022 22:47:10 GMT
etag: "d89c2aa67625f8e96a26ad58b1e305ce"
cf-cache-status: HIT
age: 2654
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VmmjVdYDfJ3OrQQpuRbCktDlwkM8PU3OBjM6DPrafAuvv8cCI2ZlYycLX3tQzdHLM4VpUQAN1DLS%2F0V9ZIXzF9bLS8UI8%2FNeq33QXFKnZ%2FNHhTo2MHz8RoPOTRds"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771bc8130a90892a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/yinin6.jpg
172.64.105.2200 OK 7.8 kB URL HTTP/2 263cdn.com/upload/yinin6.jpg
IP 172.64.105.2:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Hash 04c35687c4695f37e1a5f4658d356f23
ad851fa11794c089e9808d4ef884341ef82e9ccc
32988077ca75419c484ea3f154136fb61dc4983d5efb4178031d05ec210dbe45
GET /upload/yinin6.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 13:45:03 GMT
content-type: image/jpeg
content-length: 7772
x-guploader-uploadid: ADPycdthsxCjtZOrmiRFp-rCCjdYeZoB0eddNnQHSfnpWILqrvUMb9FfsNZnWokAwb0vbItEVQAIUlYU3wS9XpZUMNVWSQ
expires: Tue, 29 Nov 2022 13:31:04 GMT
cache-control: public, max-age=14400
last-modified: Sun, 21 Aug 2022 22:47:09 GMT
etag: "04c35687c4695f37e1a5f4658d356f23"
x-goog-generation: 1661122029689954
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 7772
x-goog-hash: crc32c=en2NPg==, md5=BMNWh8RpXzfhpfRljTVvIw==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 1307
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dRws5M5kt3pX2QI90rfEOA67W80gUEWJ8qVFaxt6dH4oDiUa5FoFzNn5M4Q5GnDz6slirvPK1hhpDE7HYP0s5BU4A6jWKoPmqAF8aMOgBPKlHa72XtPegk6TDKCv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771bc8131a91892a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/yinin7.jpg
172.64.105.2200 OK 9.7 kB URL HTTP/2 263cdn.com/upload/yinin7.jpg
IP 172.64.105.2:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Hash 98bf547229428fd89db85cf7eaee3f5c
28e8820afa88cb0431816eb9b9df2d6d7c37e6f2
27fc0ee79674e43ea6c89bee0b5f685e6a954dbd9b8279e93cff26e24b6224cb
GET /upload/yinin7.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 13:45:03 GMT
content-type: image/jpeg
content-length: 9701
x-guploader-uploadid: ADPycdvg1mRQemNPin__5lv1KFwZKHvwZJ4tChXrDhJ8vogKWvD3OCGnfDJb4hI5ovpXHtDxlY6f4SuC8EjpQghosSh4LvhVRoAh
x-goog-generation: 1661122030852213
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 9701
x-goog-hash: crc32c=N23pRQ==, md5=mL9UcilCj9iduFz36u4/XA==
x-goog-storage-class: STANDARD
expires: Tue, 29 Nov 2022 13:53:08 GMT
cache-control: public, max-age=14400
last-modified: Sun, 21 Aug 2022 22:47:10 GMT
etag: "98bf547229428fd89db85cf7eaee3f5c"
cf-cache-status: HIT
age: 1772
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EnnWluLDHg94R%2BRCwjVAT3xCcnHxguPekuAquEH5KstfPRU%2Bq1MBCgc%2BZpbHX2hgHk0932RLLUaEiRAZPNmrYvPVKVtPtn%2FQHIFMdB%2FZl5WjFOPSScOh0RhDCJUk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771bc8132ad2892a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/yinin10.jpg
172.64.105.2200 OK 14 kB URL HTTP/2 263cdn.com/upload/yinin10.jpg
IP 172.64.105.2:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Hash e4d604720788156badba6c24a3ae2f18
e3ac1b8a8683c93590c3c833400bb8426033617f
e06c2ce9f625b4fe7242a681f4f304295c919d2d60d1c686308aa8b937d19687
GET /upload/yinin10.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 13:45:03 GMT
content-type: image/jpeg
content-length: 13584
x-guploader-uploadid: ADPycdsg_LxHp6I1SbV3szo7Hhqxqb0Wdew9Ne_jOCl4DQfoiML8z3xU8PIe5Y5WD-HhyDTFHbl08LXdf_OAcEZZE0CLI-JtTNPr
x-goog-generation: 1661122031937437
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 13584
x-goog-hash: crc32c=W2VoYQ==, md5=5NYEcgeIFWutumwko64vGA==
x-goog-storage-class: STANDARD
expires: Tue, 29 Nov 2022 13:13:02 GMT
cache-control: public, max-age=14400
last-modified: Sun, 21 Aug 2022 22:47:11 GMT
etag: "e4d604720788156badba6c24a3ae2f18"
cf-cache-status: HIT
age: 2654
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cNuQ5YzWqBJ%2FT2yGA03iVdqR5DjOiNIfw4fTiHkg116%2FulpANjZ%2BIdDcCL%2Ff5YF3WBQVDBt0BZPQJygh1hncbOxkxJPhcVkA90oZVNsfFv8YMhhLiQA5ysR2B2jU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771bc8133aea892a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/yhyindu3.jpg
172.64.105.2200 OK 10 kB URL HTTP/2 263cdn.com/upload/yhyindu3.jpg
IP 172.64.105.2:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Hash 390c5e6fc8954a86a99bab6ecbd6f568
b3fa57b0133216f52d1f20ff3562fe78fb71ee9b
4d798e5fb6086e8ea192e3c7c242dd067fd56b9f2b26fc2a54820db57a07a7c0
GET /upload/yhyindu3.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 13:45:03 GMT
content-type: image/jpeg
content-length: 10484
x-guploader-uploadid: ADPycdtCGEkBDrYx9HFHMeDfE0mgdDpvCcRscQR0j9is_zn_n5k7z_bwAkML5NU_Q08VVteqMGUIBmkM68DfTqP9UyVUjQ
x-goog-generation: 1658012388724948
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 10484
x-goog-hash: crc32c=7xTvOg==, md5=OQxeb8iVSoapm6tuy9b1aA==
x-goog-storage-class: STANDARD
expires: Tue, 29 Nov 2022 13:34:29 GMT
cache-control: public, max-age=14400
last-modified: Sat, 16 Jul 2022 22:59:48 GMT
etag: "390c5e6fc8954a86a99bab6ecbd6f568"
cf-cache-status: HIT
age: 1500
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uilnIp6GNpaLIMPYJIkyIpNPYeVymk5BwLFCaFrZwfP%2FYtzkLj6YXW4N3IKclDeX6%2FgZEywSCrhkH1wvde%2FsvCQpd%2BrPNYt6XPqC9XRg4zr67a%2FOBTlB6k0ZKHQp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771bc8133af4892a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb1a749e76521179b24e9bba640a0f9
0f4482a139249f6dc0bafca48e1a99ab1f99214e
f8282b5d8b5f5a8282895603a2a103d48987cdf9c79ad1acfb7ffba5fe09c89e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "F8282B5D8B5F5A8282895603A2A103D48987CDF9C79AD1ACFB7FFBA5FE09C89E"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15345
Expires: Tue, 29 Nov 2022 18:00:48 GMT
Date: Tue, 29 Nov 2022 13:45:03 GMT
Connection: keep-alive
region1.google-analytics.com/g/collect?v=2&tid=G-2T6GB3S68P>m=2oeb90&_p=70817491&cid=392933949.1669729502&ul=en-us&sr=1280x1024&_s=1&sid=1669729502&sct=1&seg=0&dl=https%3A%2F%2Finfcjal.cn%2F6tt7f6Fm%2Fiocl4in%2F%3F_t%3D1669729501338&dr=http%3A%2F%2Fdepriveprototype.cn%2F&dt=%F0%9F%8E%89%E2%9B%BD%F0%9F%92%B5%EF%B8%8F%EF%B8%8FIndian%20Oil%2065th%20Anniversary%20Fuel%20Subsidy!%F0%9F%8E%81%F0%9F%8E%8A&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-2T6GB3S68P>m=2oeb90&_p=70817491&cid=392933949.1669729502&ul=en-us&sr=1280x1024&_s=1&sid=1669729502&sct=1&seg=0&dl=https%3A%2F%2Finfcjal.cn%2F6tt7f6Fm%2Fiocl4in%2F%3F_t%3D1669729501338&dr=http%3A%2F%2Fdepriveprototype.cn%2F&dt=%F0%9F%8E%89%E2%9B%BD%F0%9F%92%B5%EF%B8%8F%EF%B8%8FIndian%20Oil%2065th%20Anniversary%20Fuel%20Subsidy!%F0%9F%8E%81%F0%9F%8E%8A&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-2T6GB3S68P>m=2oeb90&_p=70817491&cid=392933949.1669729502&ul=en-us&sr=1280x1024&_s=1&sid=1669729502&sct=1&seg=0&dl=https%3A%2F%2Finfcjal.cn%2F6tt7f6Fm%2Fiocl4in%2F%3F_t%3D1669729501338&dr=http%3A%2F%2Fdepriveprototype.cn%2F&dt=%F0%9F%8E%89%E2%9B%BD%F0%9F%92%B5%EF%B8%8F%EF%B8%8FIndian%20Oil%2065th%20Anniversary%20Fuel%20Subsidy!%F0%9F%8E%81%F0%9F%8E%8A&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://infcjal.cn
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://infcjal.cn
date: Tue, 29 Nov 2022 13:45:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.jsdelivr.cc/npm/popper.js@1.16.1/dist/umd/popper.min.js
104.21.0.245200 OK 7.7 kB URL HTTP/2 cdn.jsdelivr.cc/npm/popper.js@1.16.1/dist/umd/popper.min.js
IP 104.21.0.245:0
File type ASCII text, with very long lines (21060), with CRLF line terminators
Hash 8ba7cbcd5faa88fb4f4323db960bb7fd
24bbaaefbea828d541b5af89acc81251cb06037e
df70486291a87038ce31b9e79b99a20caf40d15248c5f905541541ae2731f666
GET /npm/popper.js@1.16.1/dist/umd/popper.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 13:45:02 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycdt8iAiFUD-J6NleyhXb8_vV8-wAPh_5tba_l2ugugXdkSJbrWiN1EsoSHZyahG4iSEJB_zV100HdRQRWXjd72Q
expires: Tue, 29 Nov 2022 13:58:20 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:44:44 GMT
etag: W/"31c898c6d2ea13c30441657ff1900d81"
x-goog-generation: 1647503084523089
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 21236
x-goog-hash: crc32c=7cW0Gg==, md5=MciYxtLqE8MEQWV/8ZANgQ==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 1770
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w8QYDt3PexkuyZOtrMc51XXIWw3yYRK5o4I2H0fz%2BLJ80w2lzrKXiUJizlKyIHybRlezMPRagQDGVJ2uxeFYg1yXaL7gbaWFvC6Rc%2FwsCtU%2F2gKZ5wxgtq7M3BjZJ48u4Mc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771bc81069051c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-0C230YDF7G>m=2oeb90&_p=70817491&cid=392933949.1669729502&ul=en-us&sr=1280x1024&_s=1&sid=1669729502&sct=1&seg=0&dl=https%3A%2F%2Finfcjal.cn%2F6tt7f6Fm%2Fiocl4in%2F%3F_t%3D1669729501338&dr=http%3A%2F%2Fdepriveprototype.cn%2F&dt=%F0%9F%8E%89%E2%9B%BD%F0%9F%92%B5%EF%B8%8F%EF%B8%8FIndian%20Oil%2065th%20Anniversary%20Fuel%20Subsidy!%F0%9F%8E%81%F0%9F%8E%8A&en=page_view&_fv=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-0C230YDF7G>m=2oeb90&_p=70817491&cid=392933949.1669729502&ul=en-us&sr=1280x1024&_s=1&sid=1669729502&sct=1&seg=0&dl=https%3A%2F%2Finfcjal.cn%2F6tt7f6Fm%2Fiocl4in%2F%3F_t%3D1669729501338&dr=http%3A%2F%2Fdepriveprototype.cn%2F&dt=%F0%9F%8E%89%E2%9B%BD%F0%9F%92%B5%EF%B8%8F%EF%B8%8FIndian%20Oil%2065th%20Anniversary%20Fuel%20Subsidy!%F0%9F%8E%81%F0%9F%8E%8A&en=page_view&_fv=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-0C230YDF7G>m=2oeb90&_p=70817491&cid=392933949.1669729502&ul=en-us&sr=1280x1024&_s=1&sid=1669729502&sct=1&seg=0&dl=https%3A%2F%2Finfcjal.cn%2F6tt7f6Fm%2Fiocl4in%2F%3F_t%3D1669729501338&dr=http%3A%2F%2Fdepriveprototype.cn%2F&dt=%F0%9F%8E%89%E2%9B%BD%F0%9F%92%B5%EF%B8%8F%EF%B8%8FIndian%20Oil%2065th%20Anniversary%20Fuel%20Subsidy!%F0%9F%8E%81%F0%9F%8E%8A&en=page_view&_fv=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://infcjal.cn
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://infcjal.cn
date: Tue, 29 Nov 2022 13:45:04 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4511
Expires: Tue, 29 Nov 2022 15:00:15 GMT
Date: Tue, 29 Nov 2022 13:45:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4511
Expires: Tue, 29 Nov 2022 15:00:15 GMT
Date: Tue, 29 Nov 2022 13:45:04 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg
34.120.237.76200 OK 3.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 22e7d3e11e78242383e452adb9299016
035a1b4a2a7889787532ec2637d5c21e06daf672
990f18423bafc9cc3daaa1bd1290313b6cb3d3a391f642d01fd6797ad4fc9ca8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3004
x-amzn-requestid: 1e6e228a-fb73-4ed3-881b-6b0e5c8297c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrFRXoAMFUJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-45059338501b45d943d7e08c;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rmBhEB-x2sOvI7XfEpZQ0-lXEDWZ4los77q017Im-Lwb32ZLA0Zvcg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 04:45:15 GMT
age: 32389
etag: "035a1b4a2a7889787532ec2637d5c21e06daf672"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
uprimp.com/bnr.php?section=General&pub=593174&format=300x50&ga=g
185.66.200.220200 OK 4.8 kB URL HTTP/2 uprimp.com/bnr.php?section=General&pub=593174&format=300x50&ga=g
IP 185.66.200.220:0
ASN #201702 skHosting.eu s.r.o.
Hash 37ed0a07a03de2507def51aec3bf2513
6ce01866b6aa98b41dd0fb39fcce2b388f1ef044
23144b0a95b8870cd8ca9aadac0619b8f487812d8bd379e2cacfb9c26305fc73
GET /bnr.php?section=General&pub=593174&format=300x50&ga=g HTTP/1.1
Host: uprimp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:45:03 GMT
content-type: application/javascript
expires: Tue, 29 Nov 2022 13:45:03 GMT
last-modified: Tue, 29 Nov 2022 13:45:03 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
X-Firefox-Spdy: h2
cdn.jsdelivr.cc/npm/lazyload@2.0.0-rc.2/lazyload.min.js
104.21.0.245200 OK 12 kB URL HTTP/2 cdn.jsdelivr.cc/npm/lazyload@2.0.0-rc.2/lazyload.min.js
IP 104.21.0.245:0
File type ASCII text, with very long lines (4720), with CRLF line terminators
Hash 6bfb00b1165467ac96e46b2018932099
132036b2ad2943d92dc10c5afceaebff0720d8e1
1738b185715d22243be27992e8f6e1cce6a5d0c7876ae8d7201bfe656378f75f
GET /npm/lazyload@2.0.0-rc.2/lazyload.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 13:45:02 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycdsQwI6S5jC2ZwwNbaEnMvjelWJ3GXYdnwkp6yGGRsWcMv2CGKN45430-s2v57JOsXldQJq3rMwQOTmm_DkHtW4
x-goog-generation: 1647502963816044
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 4798
x-goog-hash: crc32c=lted8w==, md5=3G3pgTxxS6mXM8pPtdOh+g==
x-goog-storage-class: STANDARD
expires: Tue, 29 Nov 2022 13:58:18 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:42:43 GMT
etag: W/"dc6de9813c714ba99733ca4fb5d3a1fa"
cf-cache-status: HIT
age: 1770
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xgpdc098dNhegAOtuAi5mgJWBp%2FVN6O%2BkZw7NJ3btW9XVc8FkMkuhXzgo5cCo9xbPhsbgsTD8S%2BvewJ7qJTa0%2FqzpllIYTPDHGoI4bkhgiO3Tjl%2Fe94O01ipk5VK2XOpSfY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771bc81068fe1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8d05305-0dee-4dad-a256-3b4083be8394.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8d05305-0dee-4dad-a256-3b4083be8394.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 73001f7390ae3a80bbbaa9d9bacbe488
f0410522b6dad8ebcbc2a64ff2193bafcfdc862e
49c02723bab596584abe2dd3dcb11c660538516587911ee033dd0e6e8ea5889f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8d05305-0dee-4dad-a256-3b4083be8394.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6716
x-amzn-requestid: 51e9f59e-558e-4bb4-8db5-741e0272f1fc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cV3cHHwqIAMFvoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63856c4d-48ecac9a4da2995b41abec49;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 02:19:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1qxn5KqRfOJpUJWSblkCo1wwwAkdJrW1JJ8unESfiuDCs-EZlwRKeg==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 02:25:43 GMT
age: 40761
etag: "f0410522b6dad8ebcbc2a64ff2193bafcfdc862e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 03014221d7f49b50ffc2d1b0a0e75457
772d86ad983042a728ee3490630a9cf1134ad0dd
81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10176
x-amzn-requestid: c2231955-5c78-4073-8399-b8b90f1add78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMo3oHpSoAMF5Qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bb63-55a1cb004ac73c8b02f2fb8d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:08:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uGocx-Lv8ieJVvICjnTGQZyzaQzjVdICX2RZaNyBTQvUKeIcNxaCJQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 04:49:50 GMT
age: 32114
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 83c1fedec73299637cc7dc47c48af758
2e3f7326aeea6be8a34bf2c39b34862c07bfdc41
1fea143e23bb0156062f4c06569824900a67ed83cb99fd635d4c4ab968dc65e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4916
x-amzn-requestid: b8c80a6c-e3f1-4f20-beb8-27b0af760692
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrELFoAMFaeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-155cfb365525173c0ede8adb;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Twtw6dO3pjTB9OLi0HliKKCDgCuHRqgtx4PFTczrZQ9f8JztgXZoSg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 03:18:11 GMT
age: 37613
etag: "2e3f7326aeea6be8a34bf2c39b34862c07bfdc41"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash fc986322d1bc7febf73cda332007702e
9773fd752792149e8dcb9bd7304d596e600911b1
58c172a3416da43b638bc4a93de426cdf883fd84d6b1fdb3b379b0b92c799e92
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 13:45:04 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 03 Dec 2022 11:54:28 GMT
ETag: "9773fd752792149e8dcb9bd7304d596e600911b1"
Last-Modified: Tue, 29 Nov 2022 11:54:29 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3385
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771bc81babd9b505-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash fc986322d1bc7febf73cda332007702e
9773fd752792149e8dcb9bd7304d596e600911b1
58c172a3416da43b638bc4a93de426cdf883fd84d6b1fdb3b379b0b92c799e92
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 13:45:04 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 03 Dec 2022 11:54:28 GMT
ETag: "9773fd752792149e8dcb9bd7304d596e600911b1"
Last-Modified: Tue, 29 Nov 2022 11:54:29 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3385
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771bc81baaf7fac0-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash fc986322d1bc7febf73cda332007702e
9773fd752792149e8dcb9bd7304d596e600911b1
58c172a3416da43b638bc4a93de426cdf883fd84d6b1fdb3b379b0b92c799e92
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 13:45:04 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 03 Dec 2022 11:54:28 GMT
ETag: "9773fd752792149e8dcb9bd7304d596e600911b1"
Last-Modified: Tue, 29 Nov 2022 11:54:29 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3385
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771bc81baefeb503-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash fc986322d1bc7febf73cda332007702e
9773fd752792149e8dcb9bd7304d596e600911b1
58c172a3416da43b638bc4a93de426cdf883fd84d6b1fdb3b379b0b92c799e92
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 13:45:04 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Sat, 03 Dec 2022 11:54:28 GMT
ETag: "9773fd752792149e8dcb9bd7304d596e600911b1"
Last-Modified: Tue, 29 Nov 2022 11:54:29 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3385
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771bc81bac3db4ff-OSL
hm.baidu.com/hm.js?8b68846a3ac1709b0ec7199084ee5ea8
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?8b68846a3ac1709b0ec7199084ee5ea8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (620)
Hash 9157c25e371f644830232ab2a84ad57a
1170933bc2e311dbfc18750d4a502c96090e0f91
7eed8ded58da901aacff9af95555059dfb35f9809a7c4f7e032915f1b58ed7cc
GET /hm.js?8b68846a3ac1709b0ec7199084ee5ea8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11258
Content-Type: application/javascript
Date: Tue, 29 Nov 2022 13:45:04 GMT
Etag: f8e3cf028de037b7d8a2f7489cfda88f
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=D7D0F127D6536A4D; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?ba99808308e7272d58c43367a11d1204
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?ba99808308e7272d58c43367a11d1204
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (629)
Hash 9aac99d1241581c04c8db1d990acfa17
e4adc516903c596565e85c2febe436d9cb6f6fa1
3283e86dccd5eaa1b7d3f004a16e226d2ab82607c19091d7d9298b85f38c567c
GET /hm.js?ba99808308e7272d58c43367a11d1204 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11267
Content-Type: application/javascript
Date: Tue, 29 Nov 2022 13:45:04 GMT
Etag: 8ce3ff78c198192fad0f049c75bfdea1
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=5695A88CE5FD92DD; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?bbb3e86814c9ceef66d180a6c15fa17d
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?bbb3e86814c9ceef66d180a6c15fa17d
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (665)
Hash 08cdc612a883a96385951d94becbb769
296e351e7825ce0eac71b1a3adafb90c4a49b079
76ad585f5c4c0d5ee094a3239dac72efd37fc5632fab6158318e0c822bb85daf
GET /hm.js?bbb3e86814c9ceef66d180a6c15fa17d HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11303
Content-Type: application/javascript
Date: Tue, 29 Nov 2022 13:45:05 GMT
Etag: 387aebaa166a0f17aeb1ec25c8ea5278
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=A6F9184043237088; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?50b38c97288c83155c79630a45512f4e
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?50b38c97288c83155c79630a45512f4e
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (662)
Hash 8ac702403d53ec46f82fbd53aa166168
753994aad21384f5541622d1c378bc74e39bb4fb
0053e53ac44d1309c1febdd9b32d17e212e472d900a8eb2112844715c0aaa1f9
GET /hm.js?50b38c97288c83155c79630a45512f4e HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11300
Content-Type: application/javascript
Date: Tue, 29 Nov 2022 13:45:04 GMT
Etag: 73dc9de245e0bb16b5dc3f749d8cc2f6
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=40861A0D4110B897; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1297431668&si=8b68846a3ac1709b0ec7199084ee5ea8&su=http%3A%2F%2Fdepriveprototype.cn%2F&v=1.3.0&lv=1&sn=28774&r=0&ww=1280&u=https%3A%2F%2Finfcjal.cn%2F6tt7f6Fm%2Fiocl4in%2F%3F_t%3D1669729501338%231669729502790&tt=%F0%9F%8E%89%E2%9B%BD%F0%9F%92%B5%EF%B8%8F%EF%B8%8FIndian%20Oil%2065th%20Anniversary%20Fuel%20Subsidy!%F0%9F%8E%81%F0%9F%8E%8A
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1297431668&si=8b68846a3ac1709b0ec7199084ee5ea8&su=http%3A%2F%2Fdepriveprototype.cn%2F&v=1.3.0&lv=1&sn=28774&r=0&ww=1280&u=https%3A%2F%2Finfcjal.cn%2F6tt7f6Fm%2Fiocl4in%2F%3F_t%3D1669729501338%231669729502790&tt=%F0%9F%8E%89%E2%9B%BD%F0%9F%92%B5%EF%B8%8F%EF%B8%8FIndian%20Oil%2065th%20Anniversary%20Fuel%20Subsidy!%F0%9F%8E%81%F0%9F%8E%8A
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1297431668&si=8b68846a3ac1709b0ec7199084ee5ea8&su=http%3A%2F%2Fdepriveprototype.cn%2F&v=1.3.0&lv=1&sn=28774&r=0&ww=1280&u=https%3A%2F%2Finfcjal.cn%2F6tt7f6Fm%2Fiocl4in%2F%3F_t%3D1669729501338%231669729502790&tt=%F0%9F%8E%89%E2%9B%BD%F0%9F%92%B5%EF%B8%8F%EF%B8%8FIndian%20Oil%2065th%20Anniversary%20Fuel%20Subsidy!%F0%9F%8E%81%F0%9F%8E%8A HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 29 Nov 2022 13:45:05 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=4EB06FD737DA5510; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1663726277&si=ba99808308e7272d58c43367a11d1204&su=http%3A%2F%2Fdepriveprototype.cn%2F&v=1.3.0&lv=1&sn=28775&r=0&ww=1280&u=https%3A%2F%2Finfcjal.cn%2F6tt7f6Fm%2Fiocl4in%2F%3F_t%3D1669729501338%231669729502790&tt=%F0%9F%8E%89%E2%9B%BD%F0%9F%92%B5%EF%B8%8F%EF%B8%8FIndian%20Oil%2065th%20Anniversary%20Fuel%20Subsidy!%F0%9F%8E%81%F0%9F%8E%8A
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1663726277&si=ba99808308e7272d58c43367a11d1204&su=http%3A%2F%2Fdepriveprototype.cn%2F&v=1.3.0&lv=1&sn=28775&r=0&ww=1280&u=https%3A%2F%2Finfcjal.cn%2F6tt7f6Fm%2Fiocl4in%2F%3F_t%3D1669729501338%231669729502790&tt=%F0%9F%8E%89%E2%9B%BD%F0%9F%92%B5%EF%B8%8F%EF%B8%8FIndian%20Oil%2065th%20Anniversary%20Fuel%20Subsidy!%F0%9F%8E%81%F0%9F%8E%8A
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1663726277&si=ba99808308e7272d58c43367a11d1204&su=http%3A%2F%2Fdepriveprototype.cn%2F&v=1.3.0&lv=1&sn=28775&r=0&ww=1280&u=https%3A%2F%2Finfcjal.cn%2F6tt7f6Fm%2Fiocl4in%2F%3F_t%3D1669729501338%231669729502790&tt=%F0%9F%8E%89%E2%9B%BD%F0%9F%92%B5%EF%B8%8F%EF%B8%8FIndian%20Oil%2065th%20Anniversary%20Fuel%20Subsidy!%F0%9F%8E%81%F0%9F%8E%8A HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 29 Nov 2022 13:45:05 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=22EE6816A67FFEA2; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=560389608&si=bbb3e86814c9ceef66d180a6c15fa17d&su=http%3A%2F%2Fdepriveprototype.cn%2F&v=1.3.0&lv=1&sn=28775&r=0&ww=1280&u=https%3A%2F%2Finfcjal.cn%2F6tt7f6Fm%2Fiocl4in%2F%3F_t%3D1669729501338%231669729502790&tt=%F0%9F%8E%89%E2%9B%BD%F0%9F%92%B5%EF%B8%8F%EF%B8%8FIndian%20Oil%2065th%20Anniversary%20Fuel%20Subsidy!%F0%9F%8E%81%F0%9F%8E%8A
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=560389608&si=bbb3e86814c9ceef66d180a6c15fa17d&su=http%3A%2F%2Fdepriveprototype.cn%2F&v=1.3.0&lv=1&sn=28775&r=0&ww=1280&u=https%3A%2F%2Finfcjal.cn%2F6tt7f6Fm%2Fiocl4in%2F%3F_t%3D1669729501338%231669729502790&tt=%F0%9F%8E%89%E2%9B%BD%F0%9F%92%B5%EF%B8%8F%EF%B8%8FIndian%20Oil%2065th%20Anniversary%20Fuel%20Subsidy!%F0%9F%8E%81%F0%9F%8E%8A
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=560389608&si=bbb3e86814c9ceef66d180a6c15fa17d&su=http%3A%2F%2Fdepriveprototype.cn%2F&v=1.3.0&lv=1&sn=28775&r=0&ww=1280&u=https%3A%2F%2Finfcjal.cn%2F6tt7f6Fm%2Fiocl4in%2F%3F_t%3D1669729501338%231669729502790&tt=%F0%9F%8E%89%E2%9B%BD%F0%9F%92%B5%EF%B8%8F%EF%B8%8FIndian%20Oil%2065th%20Anniversary%20Fuel%20Subsidy!%F0%9F%8E%81%F0%9F%8E%8A HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 29 Nov 2022 13:45:05 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=8365EDFB9C00CE02; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2138816045&si=50b38c97288c83155c79630a45512f4e&su=http%3A%2F%2Fdepriveprototype.cn%2F&v=1.3.0&lv=1&sn=28775&r=0&ww=1280&u=https%3A%2F%2Finfcjal.cn%2F6tt7f6Fm%2Fiocl4in%2F%3F_t%3D1669729501338%231669729502790&tt=%F0%9F%8E%89%E2%9B%BD%F0%9F%92%B5%EF%B8%8F%EF%B8%8FIndian%20Oil%2065th%20Anniversary%20Fuel%20Subsidy!%F0%9F%8E%81%F0%9F%8E%8A
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2138816045&si=50b38c97288c83155c79630a45512f4e&su=http%3A%2F%2Fdepriveprototype.cn%2F&v=1.3.0&lv=1&sn=28775&r=0&ww=1280&u=https%3A%2F%2Finfcjal.cn%2F6tt7f6Fm%2Fiocl4in%2F%3F_t%3D1669729501338%231669729502790&tt=%F0%9F%8E%89%E2%9B%BD%F0%9F%92%B5%EF%B8%8F%EF%B8%8FIndian%20Oil%2065th%20Anniversary%20Fuel%20Subsidy!%F0%9F%8E%81%F0%9F%8E%8A
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2138816045&si=50b38c97288c83155c79630a45512f4e&su=http%3A%2F%2Fdepriveprototype.cn%2F&v=1.3.0&lv=1&sn=28775&r=0&ww=1280&u=https%3A%2F%2Finfcjal.cn%2F6tt7f6Fm%2Fiocl4in%2F%3F_t%3D1669729501338%231669729502790&tt=%F0%9F%8E%89%E2%9B%BD%F0%9F%92%B5%EF%B8%8F%EF%B8%8FIndian%20Oil%2065th%20Anniversary%20Fuel%20Subsidy!%F0%9F%8E%81%F0%9F%8E%8A HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Tue, 29 Nov 2022 13:45:05 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=20634D03760EBD90; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
cdn.jsdelivr.cc/npm/sweetalert2@10.16.0/dist/sweetalert2.all.min.js
104.21.0.245200 OK 0 B URL HTTP/2 cdn.jsdelivr.cc/npm/sweetalert2@10.16.0/dist/sweetalert2.all.min.js
IP 104.21.0.245:0
GET /npm/sweetalert2@10.16.0/dist/sweetalert2.all.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 13:45:02 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycds_5oPtcr3KFpC_u7Lnvdlqz8VeCGxAgHcXFP3zMljDMh6Q0ifyAwrLV7e0dbEbUBwQbF9kY0g0GrHWdqicRh8
expires: Tue, 29 Nov 2022 13:35:07 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:40:39 GMT
etag: W/"80924b62e5b3ac73aa4849776b439770"
x-goog-generation: 1647502839791727
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 72765
x-goog-hash: crc32c=8ZRUYw==, md5=gJJLYuWzrHOqSEl3a0OXcA==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 1770
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vR3RbrqabAnd%2FWb%2BmRKSznC4dOu1kReKblF7ERsMuRjZlAMHmDEryLyvIMTcHohz%2BwcIbvqdg8ihZ0l%2BxWzAij2CM0JKL%2BzHmmqGZwILnCigM6lgT7OWYPxrZ9rsmiMrZh8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771bc81069081c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
uprimp.com/bnr_xload.php?section=General&pub=593174&format=300x50&ga=g&xt=166972950334264&xtt=5111148
185.66.200.220200 OK 0 B URL HTTP/2 uprimp.com/bnr_xload.php?section=General&pub=593174&format=300x50&ga=g&xt=166972950334264&xtt=5111148
IP 185.66.200.220:0
ASN #201702 skHosting.eu s.r.o.
GET /bnr_xload.php?section=General&pub=593174&format=300x50&ga=g&xt=166972950334264&xtt=5111148 HTTP/1.1
Host: uprimp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:45:03 GMT
content-type: text/html; charset=UTF-8
expires: Tue, 29 Nov 2022 13:45:03 GMT
last-modified: Tue, 29 Nov 2022 13:45:03 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
X-Firefox-Spdy: h2
bonepa.com/js/responsive.js
185.66.201.42200 OK 0 B URL HTTP/2 bonepa.com/js/responsive.js
IP 185.66.201.42:0
ASN #201702 skHosting.eu s.r.o.
Analyzer Verdict Alert fortinet Phishing
GET /js/responsive.js HTTP/1.1
Host: bonepa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:45:03 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 13:52:39 GMT
etag: W/"63627627-e32"
content-encoding: br
X-Firefox-Spdy: h2
cdnbun.com/upload/ioclin..png
172.67.159.172404 Not Found 0 B URL HTTP/2 cdnbun.com/upload/ioclin..png
IP 172.67.159.172:0
GET /upload/ioclin..png HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
date: Tue, 29 Nov 2022 13:45:03 GMT
content-type: application/xml; charset=UTF-8
x-guploader-uploadid: ADPycdu_bJOC983KFQRh5JfwOAkJbX6fdhQHYi3Y9kJfOIQGr7gl_zH4yGyM9GouVHxDoXmrQea248bnP5dOYAWtw20ccCmgZHeY
expires: Tue, 29 Nov 2022 13:45:03 GMT
cache-control: private, max-age=0
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hquDjGmmXZA1HO2TxZcyzY6YDjn8wFz95C1BC35Q0MHxVmrRRkwTK8vZSmnIbwQSKNxpP7YxrjDKO0E32GW0iyOBojITlZGdRudqKlzq5RLrIp27j7rn32IfCA9Z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771bc810fd14b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
infcjal.cn/6tt7f6Fm/iocl4in/?_t=1669729501338
104.21.36.189200 OK 0 B URL HTTP/2 infcjal.cn/6tt7f6Fm/iocl4in/?_t=1669729501338
IP 104.21.36.189:0
Analyzer Verdict Alert fortinet Phishing
GET /6tt7f6Fm/iocl4in/?_t=1669729501338 HTTP/1.1
Host: infcjal.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://depriveprototype.cn/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 13:45:02 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: iocl4in-tthh1=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.infcjal.cn
iocl4in-tthh2=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.infcjal.cn
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cNVu5CrMdHokPEqJfO9QKbRSRrvibekyv9%2FmZrSBCUS8L4ybHfM4%2BplO%2BhgY6b8m9XiYUrZiu7KNDjJ%2FIFBF80V9sL4G0LnS%2FtEX0FZwMGmEmoWpdcHJsRpujZSN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771bc80e4af2b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bonepa.com/4fe48aebd6/4f59451604/?placementName=Flow&is_first=true&randomA=0_1487&maxw=0
185.66.201.42200 OK 0 B URL HTTP/2 bonepa.com/4fe48aebd6/4f59451604/?placementName=Flow&is_first=true&randomA=0_1487&maxw=0
IP 185.66.201.42:0
ASN #201702 skHosting.eu s.r.o.
GET /4fe48aebd6/4f59451604/?placementName=Flow&is_first=true&randomA=0_1487&maxw=0 HTTP/1.1
Host: bonepa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 13:45:06 GMT
content-type: text/html; charset=UTF-8
set-cookie: shown1=0; expires=Wed, 30-Nov-2022 13:45:06 GMT; Max-Age=86400; secure; SameSite=None
used_ad2633299=1; expires=Wed, 30-Nov-2022 04:59:59 GMT; Max-Age=54893; path=/; secure; SameSite=None
total_impressions=1; expires=Wed, 30-Nov-2022 04:59:59 GMT; Max-Age=54893; secure; SameSite=None
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
cdn.jsdelivr.cc/npm/jquery@3.6.0/dist/jquery.min.js
104.21.0.245200 OK 0 B URL HTTP/2 cdn.jsdelivr.cc/npm/jquery@3.6.0/dist/jquery.min.js
IP 104.21.0.245:0
GET /npm/jquery@3.6.0/dist/jquery.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 13:45:02 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycdujKqP4OmsICcw4by2ej4M3gF2bmp67KcND5Yd7ZkChGu92L3U7j930k4J7s5KmD98KzStiLKDZt_7_8jjTVv4
expires: Tue, 29 Nov 2022 12:41:34 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:30:17 GMT
etag: W/"3e4bb227fb55271bfe9c9d4a09147bd8"
x-goog-generation: 1647502217775195
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 89501
x-goog-hash: crc32c=JnXAUA==, md5=PkuyJ/tVJxv+nJ1KCRR72A==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 3085
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vut5IDzPnmdZJe82ZZvDBl6S1kZfLhShfToL%2F8gHYoeqakQ3k02kfDbBLSqk0vrhcqXwxw4YexpfmB8LEOayJaoKO5dmZyO30NUSoYhEI1mNsy6K%2Ffb0Q8k8SCtHLmEeIe8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771bc810790c1c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2