sensationalbook.cn/ypf-qs/tb.php?zp=ad1669289025874
104.21.19.201200 OK 545 B URL HTTP/1.1 sensationalbook.cn/ypf-qs/tb.php?zp=ad1669289025874
IP 104.21.19.201:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (479), with CRLF line terminators
Hash 15293482e58c8c941fc168b6db621cfc
c12bbd52b4de43d704ac98afada03fdd4c537ade
bbf9f8135a4131ab96f255c423bf3008361493b5c28396b94d29dc418b6ad98b
GET /ypf-qs/tb.php?zp=ad1669289025874 HTTP/1.1
Host: sensationalbook.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 11:25:04 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d8YtN8qbvL7UhpBIB13AFUsja9Tub3zepPbGMzjjYyj31qdqnUM6U3S8VB4MYnSqrQABj6%2Brdlwm0%2B95h2xTkzMVHqQydhxKJimy5Z1pzJE%2F1pC3VbQOcUO0LLWdrQmzD4N3FcQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f1c8276810b50c-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7c60904d097cde276e4e5632cef1b9f1
4f805026462589345d85e8df2d18eafba6237504
12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6371
Expires: Thu, 24 Nov 2022 13:11:15 GMT
Date: Thu, 24 Nov 2022 11:25:04 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 770d09773b5f304acf141fd66a4862b4
5ddc46ab75de26c858a9a6f6d1beaaec9bb181f5
c7bcc6928fa1c0bb225ce8a2f6badd6cb1bd6ea002fb808ed34e8dafbd7b3b26
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6556
Cache-Control: max-age=89728
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 11:25:04 GMT
Etag: "637df674-1d7"
Expires: Fri, 25 Nov 2022 12:20:32 GMT
Last-Modified: Wed, 23 Nov 2022 10:31:16 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 24 Nov 2022 11:17:16 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 468
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 054ff0d1a0a43f7cb1d78dbd34e27f99
3caf54f3de1d6a8c6f6454083f8b8e7dec77db54
fcdcef8306ae31f20c366489e1f88aa40b08f154d25d45f4055c4f8cdef47634
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCDCEF8306AE31F20C366489E1F88AA40B08F154D25D45F4055C4F8CDEF47634"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4133
Expires: Thu, 24 Nov 2022 12:33:57 GMT
Date: Thu, 24 Nov 2022 11:25:04 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 11:25:04 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: tOvuqAx+Ku3BogoYZ34DCQmFBxx7WH46dqpqm8Nda+/2soKQEvcSmNkcu7pQHre9c7uO71GGzGM=
x-amz-request-id: JQCVHJAMSNS79NPR
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 24 Nov 2022 10:43:22 GMT
age: 2502
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
sensationalbook.cn/favicon.ico
104.21.19.201200 OK 455 B URL HTTP/1.1 sensationalbook.cn/favicon.ico
IP 104.21.19.201:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 3c5d244b8b6b192c76a2c4331450c235
7e53f5ad871fcd67705eaf77f1ca9ff247143e1e
e0f26b6349453a86cd1f0f87cfd80559ef7edb6d88ff0af9ced7d7e413c548e3
GET /favicon.ico HTTP/1.1
Host: sensationalbook.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sensationalbook.cn/ypf-qs/tb.php?zp=ad1669289025874
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 11:25:04 GMT
Content-Type: image/x-icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 27 Dec 2016 03:54:11 GMT
ETag: W/"5861e5e3-1b0"
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 368
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IM2CkIrfX21ov9b1pbJDVxjgyLDlbROIy3YdA7gwH%2FD0I1sAO1ABqniuKCDdkXQ0OOagv%2BLiKuLYnKTzn%2Fl7uhspy88CCGVjOdEq3BZauRj2OdJiPTfQ9QRHPJI7xQeepw5xaxY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f1c82a2c19b50c-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
sensationalbook.cn/j/og2.js?_t=1669289104759
104.21.19.201200 OK 942 B URL HTTP/1.1 sensationalbook.cn/j/og2.js?_t=1669289104759
IP 104.21.19.201:0
File type ASCII text, with CRLF line terminators
Hash bad1af26351d2e87c035596233940ab0
9ac0e34dcbfd29ca3070c506c200777a8016b161
bc734ed6fc97cbcbaa0ed5236ce8aa46754596a9a79eef96684242d231d0644e
Analyzer Verdict Alert fortinet Phishing
GET /j/og2.js?_t=1669289104759 HTTP/1.1
Host: sensationalbook.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sensationalbook.cn/ypf-qs/tb.php?zp=ad1669289025874
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 11:25:05 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 20 Oct 2022 16:09:56 GMT
Vary: Accept-Encoding
ETag: W/"635172d4-850"
Expires: Thu, 24 Nov 2022 23:25:05 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HQPMGRaqhEHRweifk37DFImcs57i6UyetbuTPWWq4ZJLX0EqWJGAm4wxiOgHYoeyGLYyvWeYjQE6G04Mdg%2BjvDjnzhQ%2FF05i%2BLGXb7rECtiyC4BX%2FSWDHHY9oQIMEOBHxuGn2PA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f1c82aacc2b50c-OSL
alt-svc: h2=":443"; ma=60
sensationalbook.cn/j/og2.php?_t=1669289104884
104.21.19.201200 OK 95 B URL HTTP/1.1 sensationalbook.cn/j/og2.php?_t=1669289104884
IP 104.21.19.201:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ab9d396a2b2ea53a362797d77d2e7b08
d124f78f6a8a85600537379231ef6738c56bf21d
15a62fd8063b6c744428783a1de0ef0d6963dea5876eb55f0fd84e4c9356b87f
Analyzer Verdict Alert fortinet Phishing
POST /j/og2.php?_t=1669289104884 HTTP/1.1
Host: sensationalbook.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-type: application/x-www-form-urlencoded
Content-Length: 46
Origin: http://sensationalbook.cn
Connection: keep-alive
Referer: http://sensationalbook.cn/ypf-qs/tb.php?zp=ad1669289025874
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 11:25:05 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WxdMM8KPM0e%2F7H9wPwVoyQ8a5W5gdeliqe0xmVqUqd%2FMp4ASnwyWor6q7wjSQIQP8SU5oec61wWYN4U3o9QHH4EayB8dHYdNm%2Bo8tb8k%2B%2FDySfLs4JrA1X%2F43tlv8TAm6ax4ATg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f1c82b7dcdb50c-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3cd06761985a74b6a94b94fa0dcfec0d
7ac23dc99ecf2b1744295cc044e7b83cf7c3e7fb
60db117118dda056dc223c940dd7252201525815bdf94965a4c10ec8e068b1f0
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "60DB117118DDA056DC223C940DD7252201525815BDF94965A4C10EC8E068B1F0"
Last-Modified: Tue, 22 Nov 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9996
Expires: Thu, 24 Nov 2022 14:11:41 GMT
Date: Thu, 24 Nov 2022 11:25:05 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 24 Nov 2022 11:11:11 GMT
cache-control: public,max-age=3600
age: 834
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3cd06761985a74b6a94b94fa0dcfec0d
7ac23dc99ecf2b1744295cc044e7b83cf7c3e7fb
60db117118dda056dc223c940dd7252201525815bdf94965a4c10ec8e068b1f0
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "60DB117118DDA056DC223C940DD7252201525815BDF94965A4C10EC8E068B1F0"
Last-Modified: Tue, 22 Nov 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9996
Expires: Thu, 24 Nov 2022 14:11:41 GMT
Date: Thu, 24 Nov 2022 11:25:05 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4329
Cache-Control: max-age=168833
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 11:25:05 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 10:18:58 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash c7cc694544d363e5a1a347cd0fd2a3b7
522ac456d04c08e675cbbe8900674c7935c6e90b
5a7eb0779bd9866799deabffbc662ba5774836dabcb980abfe90b2c8066953a9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5142
Cache-Control: max-age=112074
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 11:25:05 GMT
Etag: "637e5345-117"
Expires: Fri, 25 Nov 2022 18:32:59 GMT
Last-Modified: Wed, 23 Nov 2022 17:07:17 GMT
Server: ECS (amb/6BC0)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash c7cc694544d363e5a1a347cd0fd2a3b7
522ac456d04c08e675cbbe8900674c7935c6e90b
5a7eb0779bd9866799deabffbc662ba5774836dabcb980abfe90b2c8066953a9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1041
Cache-Control: max-age=107973
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 11:25:05 GMT
Etag: "637e5345-117"
Expires: Fri, 25 Nov 2022 17:24:38 GMT
Last-Modified: Wed, 23 Nov 2022 17:07:17 GMT
Server: ECS (amb/6BB6)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash c7cc694544d363e5a1a347cd0fd2a3b7
522ac456d04c08e675cbbe8900674c7935c6e90b
5a7eb0779bd9866799deabffbc662ba5774836dabcb980abfe90b2c8066953a9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4469
Cache-Control: max-age=111401
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 11:25:05 GMT
Etag: "637e5345-117"
Expires: Fri, 25 Nov 2022 18:21:46 GMT
Last-Modified: Wed, 23 Nov 2022 17:07:17 GMT
Server: ECS (amb/6BB4)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash c7cc694544d363e5a1a347cd0fd2a3b7
522ac456d04c08e675cbbe8900674c7935c6e90b
5a7eb0779bd9866799deabffbc662ba5774836dabcb980abfe90b2c8066953a9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5017
Cache-Control: max-age=111949
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 11:25:05 GMT
Etag: "637e5345-117"
Expires: Fri, 25 Nov 2022 18:30:54 GMT
Last-Modified: Wed, 23 Nov 2022 17:07:17 GMT
Server: ECS (amb/6B9E)
X-Cache: HIT
Content-Length: 279
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a14c39e12eacccdbbb937c00404f2968
28a80da17e53039930e1bca4a533b3a44ca55d04
418a129e51326ba816088794f96ced02b30050d9f123429d7ff8de1dba0a8111
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "418A129E51326BA816088794F96CED02B30050D9F123429D7FF8DE1DBA0A8111"
Last-Modified: Mon, 21 Nov 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8884
Expires: Thu, 24 Nov 2022 13:53:09 GMT
Date: Thu, 24 Nov 2022 11:25:05 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a14c39e12eacccdbbb937c00404f2968
28a80da17e53039930e1bca4a533b3a44ca55d04
418a129e51326ba816088794f96ced02b30050d9f123429d7ff8de1dba0a8111
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "418A129E51326BA816088794F96CED02B30050D9F123429D7FF8DE1DBA0A8111"
Last-Modified: Mon, 21 Nov 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8884
Expires: Thu, 24 Nov 2022 13:53:09 GMT
Date: Thu, 24 Nov 2022 11:25:05 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 11:25:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 11:25:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 11:25:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-0C230YDF7G
142.250.74.168200 OK 76 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-0C230YDF7G
IP 142.250.74.168:0
File type ASCII text, with very long lines (19102)
Hash 7b2af320682c666467b93c98e49f5b0c
e1170a314804892309c758d2bdbbc035d97c86e2
11812550b2276aea77b9fd0b217960a0db89466d87d54ff42003c062c55dd2a4
GET /gtag/js?id=G-0C230YDF7G HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 24 Nov 2022 11:25:05 GMT
expires: Thu, 24 Nov 2022 11:25:05 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76003
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash c7cc694544d363e5a1a347cd0fd2a3b7
522ac456d04c08e675cbbe8900674c7935c6e90b
5a7eb0779bd9866799deabffbc662ba5774836dabcb980abfe90b2c8066953a9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1041
Cache-Control: max-age=107973
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 11:25:05 GMT
Etag: "637e5345-117"
Expires: Fri, 25 Nov 2022 17:24:38 GMT
Last-Modified: Wed, 23 Nov 2022 17:07:17 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
www.googletagmanager.com/gtag/js?id=G-LW7434MYMN
142.250.74.168200 OK 76 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-LW7434MYMN
IP 142.250.74.168:0
File type ASCII text, with very long lines (19102)
Hash 797cea21d2ca0f2d4fbd8b5100ee74d8
1cef1d841d55f53d5471903489f4b89d85054ba0
4244b376ee030b77b999819413c16a1625c0d96f74afc68470dc0b6fbf5a176e
GET /gtag/js?id=G-LW7434MYMN HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 24 Nov 2022 11:25:05 GMT
expires: Thu, 24 Nov 2022 11:25:05 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75957
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-TL7ZZFZFHR
142.250.74.168200 OK 79 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-TL7ZZFZFHR
IP 142.250.74.168:0
File type ASCII text, with very long lines (25492)
Hash 684222126dd5175d136ccba4fd342a0f
e9a2de9f1a4cc3727807fec007354037c7107100
908cb9b03fa80a037f94b3543055d07354374dc5b20b7c025b841d1f674be37c
GET /gtag/js?id=G-TL7ZZFZFHR HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 24 Nov 2022 11:25:05 GMT
expires: Thu, 24 Nov 2022 11:25:05 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 78673
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f15ce85b6ba41c6f786938ce7ae2dbb6
1177416fbf960e5ad94f721d95ad3f1fbaa45980
300ddea36797da50252ce0b1ec326eefed1b109664dd10e37498ab27bc6e582b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "300DDEA36797DA50252CE0B1EC326EEFED1B109664DD10E37498AB27BC6E582B"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2419
Expires: Thu, 24 Nov 2022 12:05:24 GMT
Date: Thu, 24 Nov 2022 11:25:05 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash abb1b60a7e8402cd993b59f5dc0acb8b
fa7075ee2886decdced34792298576483263fb9e
25f1fd69f774fb8da4d6812797f82246ac5433572c01a7c8538c651b1e1a4a2c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "25F1FD69F774FB8DA4D6812797F82246AC5433572C01A7C8538C651B1E1A4A2C"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2066
Expires: Thu, 24 Nov 2022 11:59:31 GMT
Date: Thu, 24 Nov 2022 11:25:05 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 6670d72d487e9659c04c74563b60a962
47d621aed97253a6023c4f22a34260a831c406c1
f1bafc7a8db870f25ddb3b368e7b86196d1fffabfcae65a4c04c224a667890cb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 11:25:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8126ceb99660a3daa7da4685f9287088
eb0a0bdf9fe4d63266318bbd597a4e947e50f949
43c295fa582c07fce45470d5675854385092a962031770b2fb0b52e4d7f80838
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "43C295FA582C07FCE45470D5675854385092A962031770B2FB0B52E4D7F80838"
Last-Modified: Mon, 21 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11434
Expires: Thu, 24 Nov 2022 14:35:39 GMT
Date: Thu, 24 Nov 2022 11:25:05 GMT
Connection: keep-alive
1.bp.blogspot.com/-T_4FPQJDXos/YKsjbNLDpRI/AAAAAAAABho/lE-RXu-La9UZUtmJisWFGBB7Gyzc2-M_QCLcBGAsYHQ/s16000/Norway_inbox.png
142.250.74.161200 OK 14 kB URL HTTP/2 1.bp.blogspot.com/-T_4FPQJDXos/YKsjbNLDpRI/AAAAAAAABho/lE-RXu-La9UZUtmJisWFGBB7Gyzc2-M_QCLcBGAsYHQ/s16000/Norway_inbox.png
IP 142.250.74.161:0
File type PNG image data, 350 x 251, 8-bit colormap, non-interlaced\012- data
Hash ff055162c5d233506eece3fb69a47e74
49812e303ae6674819b6a7a6e0721d555ef64df4
7e46c8bcf219a0d6f0f3d5c5b027ed613678a0c54d637172d6495f428ff80150
GET /-T_4FPQJDXos/YKsjbNLDpRI/AAAAAAAABho/lE-RXu-La9UZUtmJisWFGBB7Gyzc2-M_QCLcBGAsYHQ/s16000/Norway_inbox.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Norway_inbox.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 13695
x-xss-protection: 0
date: Thu, 24 Nov 2022 07:46:39 GMT
expires: Sun, 06 Nov 2022 03:02:48 GMT
cache-control: public, max-age=86400, no-transform
age: 13106
etag: "v630"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash abb1b60a7e8402cd993b59f5dc0acb8b
fa7075ee2886decdced34792298576483263fb9e
25f1fd69f774fb8da4d6812797f82246ac5433572c01a7c8538c651b1e1a4a2c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "25F1FD69F774FB8DA4D6812797F82246AC5433572C01A7C8538C651B1E1A4A2C"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2066
Expires: Thu, 24 Nov 2022 11:59:31 GMT
Date: Thu, 24 Nov 2022 11:25:05 GMT
Connection: keep-alive
push.services.mozilla.com/
35.163.114.208101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.163.114.208:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: wb3kS9ipvEOrDgXH0gjOFA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: oyKZblwVzjG1U2ZxqjNMGL6ggZ0=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 6670d72d487e9659c04c74563b60a962
47d621aed97253a6023c4f22a34260a831c406c1
f1bafc7a8db870f25ddb3b368e7b86196d1fffabfcae65a4c04c224a667890cb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 11:25:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 11:25:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
263cdn.com/upload/br5.jpg
104.21.235.74200 OK 9.2 kB URL HTTP/2 263cdn.com/upload/br5.jpg
IP 104.21.235.74:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Hash 7f635454c838bd3ccfa7f9550dfbd91b
a7872ff6f626bab2ec04c3ee05fb4e00586e5444
542a9cbe8f09d55dbab27b9357dabc18ad34fd1713aab9247ebe91d7ce188d7e
GET /upload/br5.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 11:25:05 GMT
content-type: image/jpeg
content-length: 9198
x-guploader-uploadid: ADPycdsz4y3v7tU9CUju8aGqWi9dai8Aoydyu5kTHXYA1rbaKODS7ydqa8NjaFcSXJWSb98T-4cE5LPiJN7Vh0yr1SRnmA
x-goog-generation: 1655329826310264
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 9198
x-goog-hash: crc32c=k6EtFA==, md5=f2NUVMg4vTzPp/lVDfvZGw==
x-goog-storage-class: STANDARD
expires: Thu, 24 Nov 2022 12:20:37 GMT
cache-control: public, max-age=14400
last-modified: Wed, 15 Jun 2022 21:50:26 GMT
etag: "7f635454c838bd3ccfa7f9550dfbd91b"
cf-cache-status: HIT
age: 268
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YrZ01jxjgBWGj5X83xG%2FqPfc6ZHcoBOg%2BDNvycVr9CqnrQeBNqtr2w4HN08vGbHKHlZF00lLV4eoFqHpqjUPR7%2FBvg%2FLtwXN1nQR0oB0iT%2FfW2Yb8uGzijNPOZz%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f1c82fbf6f7315-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/br4.jpg
104.21.235.74200 OK 14 kB URL HTTP/2 263cdn.com/upload/br4.jpg
IP 104.21.235.74:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Hash a4a4c0d4a70735b72b417784f0b70f53
eb8ab5c4f709d800fc43f2c1969b830b785cbd87
76f67ceb044c404c2f95482e5d69275692989060e8612f57c4d2ca5ec6137b96
GET /upload/br4.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 11:25:05 GMT
content-type: image/jpeg
content-length: 13791
x-guploader-uploadid: ADPycdtbvH25e1ZSCgbPBLhQUjfrhnaKNaLzdwxkML4iMGMfpl52oNW1ajtHdR32C8vQA8rr5c5Vrecq3TQRmzij6blqQQ
expires: Thu, 24 Nov 2022 11:22:31 GMT
cache-control: public, max-age=14400
last-modified: Wed, 15 Jun 2022 21:50:26 GMT
etag: "a4a4c0d4a70735b72b417784f0b70f53"
x-goog-generation: 1655329826227801
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 13791
x-goog-hash: crc32c=vRJnew==, md5=pKTA1KcHNbcrQXeE8LcPUw==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 2380
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uKg3OQ5cd5Oe7rFovF%2BhoTkaskWi3c8cc2dabXEED8hiB9S6rvPZMKGlLKxwrPWXhyKB4N5sS5vikWPPxMaqzT6tcxYqhDkYyPiQc%2FGaV7VWqH0i9f8jT2ovN4G9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f1c82fbf6e7315-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/br8.jpg
104.21.235.74200 OK 11 kB URL HTTP/2 263cdn.com/upload/br8.jpg
IP 104.21.235.74:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Hash cde75f5893c6a09c97962401bff1f651
42c491819e3011dab6cb1644f4e3ad16fcbdcf63
7fa0e99909ddb658f9d01b276d3280f209c1cbf0530ee26b8602a9b63ddc2a1f
GET /upload/br8.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 11:25:05 GMT
content-type: image/jpeg
content-length: 10919
x-guploader-uploadid: ADPycdskwtr8HN6QeGpAslRezE9EXHj1ndYrdIbEdyBW9px9mQqy44Zdi3pmrma94f3uw5mVEwDRu0S5DQQy4X00v3m1izH1IP_g
expires: Thu, 24 Nov 2022 10:44:08 GMT
cache-control: public, max-age=14400
last-modified: Wed, 15 Jun 2022 21:50:26 GMT
etag: "cde75f5893c6a09c97962401bff1f651"
x-goog-generation: 1655329826503145
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 10919
x-goog-hash: crc32c=I0QPWg==, md5=zedfWJPGoJyXliQBv/H2UQ==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 3577
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=74DfApw1LVmNOxaBOq7Jy%2B52R07v%2BdvmeWw1Q3GqTKTMfXuz7DI1hOmxyQe%2FJm%2BsLvwFYyC7hKRsUB84mp4Ce1VClZWZGuEICoE%2FQkPMCIqettapjVSDpFUZHYE6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f1c82fbf667315-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnbun.com/upload/agtsy-zuo.png
172.67.159.172200 OK 1.6 kB URL HTTP/2 cdnbun.com/upload/agtsy-zuo.png
IP 172.67.159.172:0
File type PNG image data, 69 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 2cb551769e47fab1f7377bba4a81ecba
ab2bb70a9b6cef30c2232819a32f62c38d954622
8a4a8d1dab9904d863fd67c876c12f8b236ca29d79a75bf0bd6cf9d5b68dc524
GET /upload/agtsy-zuo.png HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 11:25:05 GMT
content-type: image/png
content-length: 1638
x-guploader-uploadid: ADPycdvaJPl1Gty_oWp5YxH6JTSZfHDE0O3pIs92c-kqZfdukVZGW-FKYI6_I-FuVCLkj77O15rpqT9Qd3rcj4zeGXbdFA
expires: Thu, 24 Nov 2022 12:25:05 GMT
cache-control: public, max-age=14400
last-modified: Wed, 02 Nov 2022 17:36:34 GMT
etag: "2cb551769e47fab1f7377bba4a81ecba"
x-goog-generation: 1667410594551364
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1638
x-goog-hash: crc32c=wSylhg==, md5=LLVRdp5H+rH3N3u6SoHsug==
x-goog-storage-class: STANDARD
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eWctwtPR6cl5DK40RWgyC6MvEdM4lar7fhF6QPSS%2FacgqaMMBbHJDLfUCKpfBTjj1bzvTGMzCpAEhOMa1G4iucCnWXf%2B4MGKFgufJCEUsw6J%2FjsLEc%2BLA4y69VEb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f1c82eb9aa0b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/br7.jpg
104.21.235.74200 OK 7.1 kB URL HTTP/2 263cdn.com/upload/br7.jpg
IP 104.21.235.74:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Hash 348a1fc1775375a2041c4f46c1e857f1
8f4f78aceafbc18f26e413b8adbddbbbdfb1a5e9
ba98581166a1948bd0b688755e4c3b11d5279345cb73a1c4372ada9f31b0cb54
GET /upload/br7.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 11:25:05 GMT
content-type: image/jpeg
content-length: 7121
x-guploader-uploadid: ADPycdsyZvYakIoFgkSod7mubxDzpRiVKN7ZXL1axeka2U5XhelhnWVRtieVHFDe26A8B_wHjIa_NGAgJ7yMsCB2Vbeu67B04_D-
expires: Thu, 24 Nov 2022 12:04:55 GMT
cache-control: public, max-age=14400
last-modified: Wed, 15 Jun 2022 21:50:26 GMT
etag: "348a1fc1775375a2041c4f46c1e857f1"
x-goog-generation: 1655329826514326
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 7121
x-goog-hash: crc32c=Z1w3fg==, md5=NIofwXdTdaIEHE9GwehX8Q==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 853
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VnRloYWbk3oUNuDNY5npydfhKcSGRP4rek8888qIdJOd%2Fec81g1OczL4tnPYDIPPG3Zd2EoH9YLxPaFq9zIMnM4kWz4ZAMpQVLRcpd3pWlz9VPm2R2w80shE%2BQYH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f1c82fbf6b7315-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnbun.com/upload/petropargov.box1.png
172.67.159.172200 OK 8.4 kB URL HTTP/2 cdnbun.com/upload/petropargov.box1.png
IP 172.67.159.172:0
File type PNG image data, 350 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 2b2da5ac46210fccbe09d0802516d833
32b4775faa5ab6ba6d2603a8cdf75af0994ed206
7269799413853af43da297f5dd0a9a959c106c6864e33a338f2a0041220fd0a4
GET /upload/petropargov.box1.png HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 11:25:05 GMT
content-type: image/png
content-length: 8376
x-guploader-uploadid: ADPycdun8VXyCm9Eh0iQczP4g9n64xKkcTFgEZYwqM51FRoudhl7_hE7L4DskbhLSseysqaDx7CnFKFgdrwaf4ruKFNMSA
expires: Thu, 24 Nov 2022 12:25:05 GMT
cache-control: public, max-age=14400
last-modified: Wed, 02 Nov 2022 18:14:32 GMT
etag: "2b2da5ac46210fccbe09d0802516d833"
x-goog-generation: 1667412872857532
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 8376
x-goog-hash: crc32c=/1XhBA==, md5=Ky2lrEYhD8y+CdCAJRbYMw==
x-goog-storage-class: STANDARD
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mkhWST8XTae4G42cZnY%2FWyNczshUHEyBRIHlshEleyxmzzltGh0hLOBnXNMyyqlZBgw0SVX74BCyVV%2FJByn%2BmTUz6JRPu%2Bl%2BplrHlA8tLZLuaufpItM4FxqGkQuG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f1c82eb9a00b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
1.bp.blogspot.com/-6OjTtrMq588/YKsjbL-wmoI/AAAAAAAABhs/UuUHtZD40v4QF-PMdm29IuYEYXf1-gCCwCLcBGAsYHQ/s16000/Norway_outbox.png
142.250.74.161200 OK 181 kB URL HTTP/2 1.bp.blogspot.com/-6OjTtrMq588/YKsjbL-wmoI/AAAAAAAABhs/UuUHtZD40v4QF-PMdm29IuYEYXf1-gCCwCLcBGAsYHQ/s16000/Norway_outbox.png
IP 142.250.74.161:0
File type PNG image data, 497 x 308, 8-bit/color RGBA, non-interlaced\012- data
Size 181 kB (180954 bytes)
Hash fd835c1f326d3e7da0d9839550f66723
5004618bc15011d7d0f569f60f900d076b164b3d
b2286c3ed452ee4eeb15d2044a90cfc456d4789b2fdbe42bb9e023c9da18e4a8
GET /-6OjTtrMq588/YKsjbL-wmoI/AAAAAAAABhs/UuUHtZD40v4QF-PMdm29IuYEYXf1-gCCwCLcBGAsYHQ/s16000/Norway_outbox.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Norway_outbox.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 180954
x-xss-protection: 0
date: Thu, 24 Nov 2022 07:46:39 GMT
expires: Sun, 06 Nov 2022 03:02:48 GMT
cache-control: public, max-age=86400, no-transform
age: 13106
etag: "v632"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdnbun.com/upload/agtsy-you.png
172.67.159.172200 OK 329 B URL HTTP/2 cdnbun.com/upload/agtsy-you.png
IP 172.67.159.172:0
File type PNG image data, 46 x 29, 8-bit/color RGBA, non-interlaced\012- data
Hash af7d340d921da2e90844058a86e78da3
3b20b3398c00ffb81f60c7ee2cb2cff61b4f9542
9536c4aee44dce0aa08fe54aefde8ed24927f4aaad64343f09f0449f0406d08e
GET /upload/agtsy-you.png HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 11:25:05 GMT
content-type: image/png
content-length: 329
x-guploader-uploadid: ADPycdtb3eN15_7NiH6QvnedkF-B1W2kLqB-aXaV-Q6_-t9gGbMU4rdmBp_n0ELVZ8S_9wR0pUN2cSBlLePmCvElBPzz47t3HKNS
expires: Thu, 24 Nov 2022 12:25:05 GMT
cache-control: public, max-age=14400
last-modified: Wed, 02 Nov 2022 17:36:35 GMT
etag: "af7d340d921da2e90844058a86e78da3"
x-goog-generation: 1667410595135623
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 329
x-goog-hash: crc32c=BG1utQ==, md5=r300DZIdoukIRAWKhueNow==
x-goog-storage-class: STANDARD
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eFvOZXNC3qg7v8VYcZioKpE%2Bv%2B7LkJx4O9YEWZ4D6dqdangG%2BK5rGOkkq0Zxacymvf4SxQneyBN7j81rzuvj5Es2YUrwlGvWD71jLEwXB%2FJTd5TAVaxipqIMCn6M"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f1c82eb9a90b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 6670d72d487e9659c04c74563b60a962
47d621aed97253a6023c4f22a34260a831c406c1
f1bafc7a8db870f25ddb3b368e7b86196d1fffabfcae65a4c04c224a667890cb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 11:25:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
263cdn.com/upload/br2.jpg
104.21.235.74200 OK 14 kB URL HTTP/2 263cdn.com/upload/br2.jpg
IP 104.21.235.74:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Hash 32983c2f4b03d1249fb67313e66137c3
78e522f9e90dd0b492c569da47c60e2b430997e2
fecb1d9535690acb0adf0f834ff111a15285118107eaff6ee479b54aec2dddb0
GET /upload/br2.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 11:25:05 GMT
content-type: image/jpeg
content-length: 14395
x-guploader-uploadid: ADPycdt7S319oEaz2QfIhqmI9DmcOPTTGMbHvQtYFTzC2JkOhJkGDbEqRbVshsHitnzsm8cpHzWo2ZB9_g7lEeboOy42vKUcJHVx
expires: Thu, 24 Nov 2022 11:46:41 GMT
cache-control: public, max-age=14400
last-modified: Wed, 15 Jun 2022 21:50:26 GMT
etag: "32983c2f4b03d1249fb67313e66137c3"
x-goog-generation: 1655329826154693
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 14395
x-goog-hash: crc32c=u9T/jw==, md5=Mpg8L0sD0SSftnMT5mE3ww==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 2255
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9uFRHcF3udrN2QqHCVsCwUSn0acc13%2Fjl7uDDWkn8cHIOrTVnwhBMKnL4XcDVa97esmz3dW8GuoZrKF2K37WYRMfg5dXRyFTK3hgVmWuvNWyy3im1LYrsodMtWmw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f1c82fdfb57315-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/br6.jpg
104.21.235.74200 OK 13 kB URL HTTP/2 263cdn.com/upload/br6.jpg
IP 104.21.235.74:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Hash 5aaba2df99467b22c9aba3b73f4d7716
05bbaa23e54f06f28d9f79dabb6184480edd924d
835cbfb92c8564b94e00760d85fa2d4839729e48d9085bbdb150b5bae8a5ab8f
GET /upload/br6.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 11:25:05 GMT
content-type: image/jpeg
content-length: 13307
x-guploader-uploadid: ADPycdsigQgvLSa9yrJk1GyUsyOvGHgkcQhTkdCAQjYDnycrmqQmIpT8NjQtyFJcGLJ5hIymnDNqr5rUcknpFw3ktV2RNSGOAICy
x-goog-generation: 1655329826365830
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 13307
x-goog-hash: crc32c=mUw5og==, md5=Wqui35lGeyLJq6O3P013Fg==
x-goog-storage-class: STANDARD
expires: Thu, 24 Nov 2022 11:37:34 GMT
cache-control: public, max-age=14400
last-modified: Wed, 15 Jun 2022 21:50:26 GMT
etag: "5aaba2df99467b22c9aba3b73f4d7716"
cf-cache-status: HIT
age: 2255
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3n6RCQFy0i1LCYaFmcpMrM6PQiIp%2Bv0FGiZmg%2FIwwZdWcwnRZgFoR9w%2Fk%2FaIh6mkNWd2MUfNmSoshvl6xMLkEJlz0cThRZHK9dxpZqk4LuqHwh8DotmPiqxFQj%2BT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f1c82fbf6c7315-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/br10.jpg
104.21.235.74200 OK 9.2 kB URL HTTP/2 263cdn.com/upload/br10.jpg
IP 104.21.235.74:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Hash 6a36efd6781ff0769c3cd9fd8cd07d60
c4ce25b82fd7555f88da9d04b8498389166d6450
838a9dcc32e1009417bf460b730de6febc3c77c3f98977f9a25e58d9e760b754
GET /upload/br10.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 11:25:05 GMT
content-type: image/jpeg
content-length: 9192
x-guploader-uploadid: ADPycdvUlrmK7ZZc_Vpu4gCfhnuiq-T9YR3SkuWKdzmTYOXmfaI-Ttz7WjrQhqzg4vDs-GjGnN2b804INC9qXu3bHtHC_ni4s8Fq
x-goog-generation: 1655329825994897
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 9192
x-goog-hash: crc32c=VkzUBQ==, md5=ajbv1ngf8HacPNn9jNB9YA==
x-goog-storage-class: STANDARD
expires: Thu, 24 Nov 2022 11:52:12 GMT
cache-control: public, max-age=14400
last-modified: Wed, 15 Jun 2022 21:50:26 GMT
etag: "6a36efd6781ff0769c3cd9fd8cd07d60"
cf-cache-status: HIT
age: 1973
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cITTW87moNDMkjQA8g9eaBrhpBmnDgqawlPF4J1S%2FeIESlUA5Hae9Q3%2BDfBsoS8uhd33U11okTEFJsWd7sjWka%2BpogMMqehsYmz4m15VcZW%2FbCW09oIYtpoiCoG2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f1c82fbf6a7315-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/br9.jpg
104.21.235.74200 OK 11 kB URL HTTP/2 263cdn.com/upload/br9.jpg
IP 104.21.235.74:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Hash f13809c2eef4af36e6221e0c321cc639
ace9af813be3c79f27b39fbf110ac3152b804947
addcc62106b16e6f000ee0879b54eb595000e0b6626268b7a08d3d2ce2f33330
GET /upload/br9.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 11:25:05 GMT
content-type: image/jpeg
content-length: 10562
x-guploader-uploadid: ADPycdsG3aEo9px90q-tT-p3XK6DRCUIqCO1bFl24luJ8tXGbrKwX-D6RF7m7e0u9kk5MsUwicQRz4-v04_mu_K-uucpXA
expires: Thu, 24 Nov 2022 11:09:48 GMT
cache-control: public, max-age=14400
last-modified: Wed, 15 Jun 2022 21:50:26 GMT
etag: "f13809c2eef4af36e6221e0c321cc639"
x-goog-generation: 1655329826660494
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 10562
x-goog-hash: crc32c=IaTdpw==, md5=8TgJwu70rzbmIh4MMhzGOQ==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 1653
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2BWPdqLbS4zRmL1WlnhYsJF8rKEeiFrmhpsqsRsEoXs0pCqrzTuf1IFK1clIpa0u1lOaeb9DGYRe3IHfN72T%2B6eHHPmm%2BBpu1HLheGdyc5wNpw6dgwlMkK5xoiOl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f1c82fefee7315-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/br3.jpg
104.21.235.74200 OK 9.1 kB URL HTTP/2 263cdn.com/upload/br3.jpg
IP 104.21.235.74:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Hash 66d7cd417bfbda2bd276b3347dfc3da7
048d03dd0b91984e67c78dfdbc01eae1d1e5c4f2
df9e448f6762948a2da6faeefc36400eedbb93836eba6139970120c622c30182
GET /upload/br3.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 11:25:05 GMT
content-type: image/jpeg
content-length: 9121
x-guploader-uploadid: ADPycduzvFSuvG9kfWCqm3cg3HcvLxQlOckaLccQ6_PO5bmb4Q_i4wZ6fwlwO0LdJirMj2tb-9N5ZunNdRukNcmYhTx46g
x-goog-generation: 1655329826245518
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 9121
x-goog-hash: crc32c=+D69SQ==, md5=ZtfNQXv72ivSdrM0ffw9pw==
x-goog-storage-class: STANDARD
expires: Thu, 24 Nov 2022 11:53:53 GMT
cache-control: public, max-age=14400
last-modified: Wed, 15 Jun 2022 21:50:26 GMT
etag: "66d7cd417bfbda2bd276b3347dfc3da7"
cf-cache-status: HIT
age: 1058
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hJKAMaEMVRXsh8GPZrq4px565WA9Gy1ZwyYBCpVYpXNd9Vj4k%2FDpLZerVqy9qg0tnA4J9vg6k1Z9K1Jb4g8oK7GUWckjdPz70LLbuY%2FhosO%2Bls%2BIx0KiO2uQxsSV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f1c82ff8117315-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/br1.jpg
104.21.235.74200 OK 13 kB URL HTTP/2 263cdn.com/upload/br1.jpg
IP 104.21.235.74:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Hash bc47b6cdd393ad728b28819a6e55c2e7
e0874c0e94f333fc246097f34a9f2a83c522ad12
094b0e993e6af7f549a6d0fd128cfd6697e865b1866580ec12debbdbf2548565
GET /upload/br1.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 11:25:05 GMT
content-type: image/jpeg
content-length: 13420
x-guploader-uploadid: ADPycdsL0w3XiYEERd0nKqfL5A_2i8Nf4oRQgZSCrcDIOosfoLTY4SmJwE_Ovo7yg5F3uSWmH3Da2MWnScLIh0Rz5UF-1A
x-goog-generation: 1655329825934733
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 13420
x-goog-hash: crc32c=mWHaiQ==, md5=vEe2zdOTrXKLKIGablXC5w==
x-goog-storage-class: STANDARD
expires: Thu, 24 Nov 2022 11:06:42 GMT
cache-control: public, max-age=14400
last-modified: Wed, 15 Jun 2022 21:50:25 GMT
etag: "bc47b6cdd393ad728b28819a6e55c2e7"
cf-cache-status: HIT
age: 1504
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tPxqzMLnWYQB30eqvbq3nSPLbHNz9n1X2Upc9T5buBl%2BxiwnmKW4FFBDAxkKQ2yPsFeD83TQgX%2BrG5uN6QrjJOIqkvMCLDZEQxvaiKk5mWQFt%2BOqIh5kW4ScpkIT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f1c82ff8187315-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnbun.com/upload/agtsy-img.jpg
172.67.159.172200 OK 86 kB URL HTTP/2 cdnbun.com/upload/agtsy-img.jpg
IP 172.67.159.172:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 512x288, components 3\012- data
Hash 3ad3019d5c86791d30c0f5e00b126a3e
7231c4ffbf716457f81892e1ca2def81db595e6a
c6dc3a583d35112b6132af8554898aec77e322a59b314b2567cc6383cc1efa0a
GET /upload/agtsy-img.jpg HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 11:25:05 GMT
content-type: image/jpeg
content-length: 86168
x-guploader-uploadid: ADPycdv_ilebzIbfUSwcR9LOOyRYuouqw_QnrU1tHYHOtOx6gtFMifQBfWXVXqPPak2rzFJceSa7PPY64aYbK80FYP9vgA
expires: Thu, 24 Nov 2022 12:25:05 GMT
cache-control: public, max-age=14400
last-modified: Wed, 02 Nov 2022 17:36:35 GMT
etag: "3ad3019d5c86791d30c0f5e00b126a3e"
x-goog-generation: 1667410595043829
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 86168
x-goog-hash: crc32c=1L6vHA==, md5=OtMBnVyGeR0wwPXgCxJqPg==
x-goog-storage-class: STANDARD
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nYomxkEVV9sjhYwVpzHXv2xrCCkFP%2B3b6PAhJDaZRm10S400uskrQ7aX36IszvJF1GK6tR%2FzztPH6sC%2FqyrImCl3eMbVJyby2Pzvh4m%2FsghGaARVvfsNAh6N%2BUrh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f1c82eb9a60b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6ebe80d74559b38b2d6bdf238639dd52
b92b9c26d44171c5fe3cff7bdbe37e785efc5e7b
5bace7ef5a265c7dbb1c3004ea6d033d2eb6848aba1ec8719e412c02626c6cc9
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "5BACE7EF5A265C7DBB1C3004EA6D033D2EB6848ABA1EC8719E412C02626C6CC9"
Last-Modified: Mon, 21 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2639
Expires: Thu, 24 Nov 2022 12:09:05 GMT
Date: Thu, 24 Nov 2022 11:25:06 GMT
Connection: keep-alive
cdn.jsdelivr.cc/npm/jquery@3.6.0/dist/jquery.min.js
172.67.151.125200 OK 33 kB URL HTTP/2 cdn.jsdelivr.cc/npm/jquery@3.6.0/dist/jquery.min.js
IP 172.67.151.125:0
File type ASCII text, with very long lines (65446), with CRLF line terminators
Hash 701050dbbed41938523e4ae8bc67938a
671d0e11009dd93f6345fbd8fbc7dda76479d963
8c45b09884767829653279da68a011efef689e58fe987fe9671864f5055f8420
GET /npm/jquery@3.6.0/dist/jquery.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 11:25:05 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycdujKqP4OmsICcw4by2ej4M3gF2bmp67KcND5Yd7ZkChGu92L3U7j930k4J7s5KmD98KzStiLKDZt_7_8jjTVv4
expires: Thu, 24 Nov 2022 10:57:15 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:30:17 GMT
etag: W/"3e4bb227fb55271bfe9c9d4a09147bd8"
x-goog-generation: 1647502217775195
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 89501
x-goog-hash: crc32c=JnXAUA==, md5=PkuyJ/tVJxv+nJ1KCRR72A==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 2302
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YDc0oHk3qUWUXwzR%2F7wK9raQgqS3K3yxVOyfdm853iaBnV%2Bhtf5wclWUojRVGG2xE%2B%2F0KqvvfcczFaHUhNpN7SLPJ0WX7cz4pO07EwN9BK%2FMXwpJRmhk0%2BHOYLwBq%2BwRdRw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f1c82e39d00b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 842388fbd8580e2923da1fae384b0708
960aceb3808674654a275ab232423f6dc13c0bbc
4ae69c9e81d55b8a1bb12c73edc63980e7b2c7d28d371b31fd29eb5a18d2db51
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 11:25:06 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Mon, 28 Nov 2022 09:07:58 GMT
ETag: "960aceb3808674654a275ab232423f6dc13c0bbc"
Last-Modified: Thu, 24 Nov 2022 09:07:59 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 465
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f1c833cbffb4eb-OSL
cdn.jsdelivr.cc/npm/sweetalert2@10.16.0/dist/sweetalert2.all.min.js
172.67.151.125200 OK 21 kB URL HTTP/2 cdn.jsdelivr.cc/npm/sweetalert2@10.16.0/dist/sweetalert2.all.min.js
IP 172.67.151.125:0
File type ASCII text, with very long lines (48058), with CRLF line terminators
Hash 0674990244c51bfb005c854c6acec118
d1f6b98febc42d473e0398605a9181d22670ee3b
9015c758d121dd44393505190b9655b4e0b148cd2d333807edcff34308e6fe0c
GET /npm/sweetalert2@10.16.0/dist/sweetalert2.all.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 11:25:05 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycds_5oPtcr3KFpC_u7Lnvdlqz8VeCGxAgHcXFP3zMljDMh6Q0ifyAwrLV7e0dbEbUBwQbF9kY0g0GrHWdqicRh8
expires: Thu, 24 Nov 2022 10:45:27 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:40:39 GMT
etag: W/"80924b62e5b3ac73aa4849776b439770"
x-goog-generation: 1647502839791727
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 72765
x-goog-hash: crc32c=8ZRUYw==, md5=gJJLYuWzrHOqSEl3a0OXcA==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 1616
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ZZ8kC3fkucybNX7Yaxls1Jz723Mt6PLpdnbfxGrl63Mvb8mTxjqr%2B%2FMH7nZMFrkQCXStbYHrJsZdOWfyT6Nr1yXkZxVFnSAiKBagB9wRdefaXbaPkqjNrbxqcfPJldBz2Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f1c82eaa3b0b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.cc/npm/lazyload@2.0.0-rc.2/lazyload.min.js
172.67.151.125200 OK 3.5 kB URL HTTP/2 cdn.jsdelivr.cc/npm/lazyload@2.0.0-rc.2/lazyload.min.js
IP 172.67.151.125:0
File type ASCII text, with very long lines (4720), with CRLF line terminators
Hash eec81448efde634ccab27c11aa2cc663
15b4fcfd2cbb6597becc720e20099afc05f6d5dc
e8647aefed435475d9284d1373f5909ef508e5d28d44fdb121702790d7837b34
GET /npm/lazyload@2.0.0-rc.2/lazyload.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 11:25:05 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycdsQwI6S5jC2ZwwNbaEnMvjelWJ3GXYdnwkp6yGGRsWcMv2CGKN45430-s2v57JOsXldQJq3rMwQOTmm_DkHtW4
x-goog-generation: 1647502963816044
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 4798
x-goog-hash: crc32c=lted8w==, md5=3G3pgTxxS6mXM8pPtdOh+g==
x-goog-storage-class: STANDARD
expires: Thu, 24 Nov 2022 11:12:57 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:42:43 GMT
etag: W/"dc6de9813c714ba99733ca4fb5d3a1fa"
cf-cache-status: HIT
age: 1616
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yOjM5dDRJ3IBk5QsT2a4L2cBrPhgGCyJwlFkKTPweAfqdgyrxwDJfRuKgLAs4CeuChJKfbOPsMqBTD6ZE%2By9Zzyxo%2B8E6I7So2h0HCVITuVZAkIAu0VgoZuxyRrvvePwsuc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f1c82eaa3a0b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-TL7ZZFZFHR>m=2oeb90&_p=516355753&cid=1217033823.1669289106&ul=en-us&sr=1280x1024&_s=1&sid=1669289105&sct=1&seg=0&dl=https%3A%2F%2Finfcjal.cn%2FWDLCLyyT%2Fypf-qs%2F%3F_t%3D1669289104968&dr=http%3A%2F%2Fsensationalbook.cn%2F&dt=%F0%9F%8E%89%EF%B8%8F%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FYPF%20fuel%20resource%20subsidy!%F0%9F%92%95%F0%9F%8E%81%F0%9F%8E%8A&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-TL7ZZFZFHR>m=2oeb90&_p=516355753&cid=1217033823.1669289106&ul=en-us&sr=1280x1024&_s=1&sid=1669289105&sct=1&seg=0&dl=https%3A%2F%2Finfcjal.cn%2FWDLCLyyT%2Fypf-qs%2F%3F_t%3D1669289104968&dr=http%3A%2F%2Fsensationalbook.cn%2F&dt=%F0%9F%8E%89%EF%B8%8F%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FYPF%20fuel%20resource%20subsidy!%F0%9F%92%95%F0%9F%8E%81%F0%9F%8E%8A&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-TL7ZZFZFHR>m=2oeb90&_p=516355753&cid=1217033823.1669289106&ul=en-us&sr=1280x1024&_s=1&sid=1669289105&sct=1&seg=0&dl=https%3A%2F%2Finfcjal.cn%2FWDLCLyyT%2Fypf-qs%2F%3F_t%3D1669289104968&dr=http%3A%2F%2Fsensationalbook.cn%2F&dt=%F0%9F%8E%89%EF%B8%8F%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FYPF%20fuel%20resource%20subsidy!%F0%9F%92%95%F0%9F%8E%81%F0%9F%8E%8A&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://infcjal.cn
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://infcjal.cn
date: Thu, 24 Nov 2022 11:25:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7391
Expires: Thu, 24 Nov 2022 13:28:18 GMT
Date: Thu, 24 Nov 2022 11:25:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7391
Expires: Thu, 24 Nov 2022 13:28:18 GMT
Date: Thu, 24 Nov 2022 11:25:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7391
Expires: Thu, 24 Nov 2022 13:28:18 GMT
Date: Thu, 24 Nov 2022 11:25:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7391
Expires: Thu, 24 Nov 2022 13:28:18 GMT
Date: Thu, 24 Nov 2022 11:25:07 GMT
Connection: keep-alive
bonepa.com/js/responsive.js
185.66.201.42200 OK 1.5 kB URL HTTP/2 bonepa.com/js/responsive.js
IP 185.66.201.42:0
ASN #201702 skHosting.eu s.r.o.
Hash 1bd0d10082f057895658823907debccb
3ea522f46db08c0ac0725e1ed3e0ba149db7af97
fd74a7cf03160b7cb41cd5e9344e48b1c262628214216d02e2091e18ec86e3c8
Analyzer Verdict Alert fortinet Phishing
GET /js/responsive.js HTTP/1.1
Host: bonepa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 11:25:05 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 13:52:39 GMT
etag: W/"63627627-e32"
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92c78302bcce1568eb6a5563100b932c
43d1dec7fc06879988c9c3cadd800cc8145df988
0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7YSXUV-LZpsI7vciFhuqt1EVr6YRkhxcOgMg8z8bxLcOE01_baf6Gg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:47:06 GMT
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
content-type: image/jpeg
age: 49081
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff189dcee-7158-4549-abef-95dc2b7f7ca4.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff189dcee-7158-4549-abef-95dc2b7f7ca4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 037c0f19435a955d7ed58f65911e8f21
51a54b639617e113bb941d28b59c2571c0ca2e63
c2b15ed9257f220ed83845e1d0b343d21b7df9104c21162ea76b889609b8a404
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff189dcee-7158-4549-abef-95dc2b7f7ca4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9992
x-amzn-requestid: a16f614c-5a5b-4f8b-97cb-c248e0b50753
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvcYEa0IAMFm_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e92b5-3b65b1b17c2a20b44a31aa9f;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:37:57 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: OC0uEwrEKZ6UEEg_mpvYcoVBEUSEA_qTttmyRp1xptCRD4Vi4pFbCg==
via: 1.1 946b9edb2009c5508a0fbbd636f95014.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:57:23 GMT
etag: "51a54b639617e113bb941d28b59c2571c0ca2e63"
content-type: image/jpeg
age: 48464
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F004aa6ae-7a76-4671-acda-0f0a01e41292.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F004aa6ae-7a76-4671-acda-0f0a01e41292.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cfb61d1d2a4d3e62e410c926cfa4a1ab
5c3f269cd16e9dd6bbb2e32efd46a4b2599ca436
4297b6c45e7dca6f841ae56da1040e1287f2e70c98e5f7fc674a674b59ebc7a2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F004aa6ae-7a76-4671-acda-0f0a01e41292.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8702
x-amzn-requestid: 9687d5fa-c9f8-4afc-8278-0f0c12b28329
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvx9FQ4oAMFWmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e933f-397fca41442c0d7309395e4b;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:40:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4cgRxjx6TQRxl4FIKsjrBPDZmhoDgbG72UAMRUnxZBUqV7yCfj3PyQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:44:50 GMT
age: 49217
etag: "5c3f269cd16e9dd6bbb2e32efd46a4b2599ca436"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d9d93b2a6875d446c3467eb49767eef5
303c571b13b05fcf27ee1159d8fdf6369aaef0a2
2a2345a925e0187979930a7f2de8548957ad9f2baae77364dcb157286e2b3fcf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6789
x-amzn-requestid: 4d94ce1b-d18f-43b8-bb4d-e7093f9bea42
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvd2G9UIAMFrEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5f2-64a570135be59b83031811da;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:04:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JygkDI7XSvlgurUTot874ZAXlOIqnv4cntMQ55IvHVqw93JBcksZjQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:15:22 GMT
age: 14985
etag: "303c571b13b05fcf27ee1159d8fdf6369aaef0a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08efdc1b-e7ef-4a2f-b199-9a633b00cef5.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08efdc1b-e7ef-4a2f-b199-9a633b00cef5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 28381329eca6c426a8b05fcdef4aafcc
a1fbb6da386cf2eef8b76a65438cf9c6bd741f7a
4fc8414d39bbaacb1e6575924bd0bbb9373d78b177022f7d3c6457829abffd06
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08efdc1b-e7ef-4a2f-b199-9a633b00cef5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8748
x-amzn-requestid: 864da50a-44bb-4d20-b499-08c2a140871e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCtENmoAMFqKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-2705cc956f2c2aa5535533b0;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: xT0IorkRpXysoYMnugcrV40YaAxoRPjLmkPcv1ElteP_-rNZ1c6fog==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:57:20 GMT
etag: "a1fbb6da386cf2eef8b76a65438cf9c6bd741f7a"
content-type: image/jpeg
age: 48467
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:14:07 GMT
age: 15060
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?fb5c0efbaa67712d369184d9298dc644
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?fb5c0efbaa67712d369184d9298dc644
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (661)
Hash c9a9a38ebd2cdaba7f0f36f72b5427de
6fcdf243b30186abf884118a257e6af3ae7e30e2
8437d8a0ccd5b1b88f2983c79521b66e25f47fe97067be16b39d9110b802d836
GET /hm.js?fb5c0efbaa67712d369184d9298dc644 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11299
Content-Type: application/javascript
Date: Thu, 24 Nov 2022 11:25:06 GMT
Etag: 9abea54f394ff71d0efcbb7e5e1e00c7
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=93C65D2A61541A67; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?9e84975b629767c58a8becc81600bb23
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?9e84975b629767c58a8becc81600bb23
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (669)
Hash ad94d6c6b5a41fabce01083b45e56d5d
1b3ecd543778862249055b2d3ab560dd16d0b505
951802cdc388980d751186b1f26ad3696fca9ff43beaf0314bfd2b4d42ea1f97
GET /hm.js?9e84975b629767c58a8becc81600bb23 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11382
Content-Type: application/javascript
Date: Thu, 24 Nov 2022 11:25:06 GMT
Etag: d0e7a81017383a2538756995b7c9902b
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=0B25388A5CF9D927; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?ba99808308e7272d58c43367a11d1204
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?ba99808308e7272d58c43367a11d1204
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (629)
Hash 1f7e34350de428caa6ad381c10095550
fea28a9c4304a5f524b60a61cd73d4fbf2968874
72b82dc446eb7c15f00d9a0ee4ae7c4f5d6ea943549b29a567aa11f15c961736
GET /hm.js?ba99808308e7272d58c43367a11d1204 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11342
Content-Type: application/javascript
Date: Thu, 24 Nov 2022 11:25:06 GMT
Etag: 985de06e9cfbdcd0a426607fd0829f39
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=4F2C43F52AAFA5D5; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?8b68846a3ac1709b0ec7199084ee5ea8
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?8b68846a3ac1709b0ec7199084ee5ea8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (620)
Hash 878db6e38924bfd54f350e28880ccd6f
4650da066e2d368f380e2c8014c9389597040faa
5f3c5bca47269304c622714f923afab176a2f3df5cde3a4f672aaa241ad57fa1
GET /hm.js?8b68846a3ac1709b0ec7199084ee5ea8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11258
Content-Type: application/javascript
Date: Thu, 24 Nov 2022 11:25:06 GMT
Etag: 8d52da67bc5b872829ff3ca29f2958c2
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=9F79E08DCDAC714C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=636301990&si=fb5c0efbaa67712d369184d9298dc644&su=http%3A%2F%2Fsensationalbook.cn%2F&v=1.3.0&lv=1&sn=47122&r=0&ww=1280&u=https%3A%2F%2Finfcjal.cn%2FWDLCLyyT%2Fypf-qs%2F%3F_t%3D1669289104968%231669289106175&tt=%F0%9F%8E%89%EF%B8%8F%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FYPF%20fuel%20resource%20subsidy!%F0%9F%92%95%F0%9F%8E%81%F0%9F%8E%8A
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=636301990&si=fb5c0efbaa67712d369184d9298dc644&su=http%3A%2F%2Fsensationalbook.cn%2F&v=1.3.0&lv=1&sn=47122&r=0&ww=1280&u=https%3A%2F%2Finfcjal.cn%2FWDLCLyyT%2Fypf-qs%2F%3F_t%3D1669289104968%231669289106175&tt=%F0%9F%8E%89%EF%B8%8F%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FYPF%20fuel%20resource%20subsidy!%F0%9F%92%95%F0%9F%8E%81%F0%9F%8E%8A
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=636301990&si=fb5c0efbaa67712d369184d9298dc644&su=http%3A%2F%2Fsensationalbook.cn%2F&v=1.3.0&lv=1&sn=47122&r=0&ww=1280&u=https%3A%2F%2Finfcjal.cn%2FWDLCLyyT%2Fypf-qs%2F%3F_t%3D1669289104968%231669289106175&tt=%F0%9F%8E%89%EF%B8%8F%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FYPF%20fuel%20resource%20subsidy!%F0%9F%92%95%F0%9F%8E%81%F0%9F%8E%8A HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 24 Nov 2022 11:25:07 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=6CB3AD458CB2603C; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=527356179&si=9e84975b629767c58a8becc81600bb23&su=http%3A%2F%2Fsensationalbook.cn%2F&v=1.2.97&lv=1&sn=47122&r=0&ww=1280&ct=!!&u=https%3A%2F%2Finfcjal.cn%2FWDLCLyyT%2Fypf-qs%2F%3F_t%3D1669289104968%231669289106175&tt=%F0%9F%8E%89%EF%B8%8F%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FYPF%20fuel%20resource%20subsidy!%F0%9F%92%95%F0%9F%8E%81%F0%9F%8E%8A
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=527356179&si=9e84975b629767c58a8becc81600bb23&su=http%3A%2F%2Fsensationalbook.cn%2F&v=1.2.97&lv=1&sn=47122&r=0&ww=1280&ct=!!&u=https%3A%2F%2Finfcjal.cn%2FWDLCLyyT%2Fypf-qs%2F%3F_t%3D1669289104968%231669289106175&tt=%F0%9F%8E%89%EF%B8%8F%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FYPF%20fuel%20resource%20subsidy!%F0%9F%92%95%F0%9F%8E%81%F0%9F%8E%8A
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=527356179&si=9e84975b629767c58a8becc81600bb23&su=http%3A%2F%2Fsensationalbook.cn%2F&v=1.2.97&lv=1&sn=47122&r=0&ww=1280&ct=!!&u=https%3A%2F%2Finfcjal.cn%2FWDLCLyyT%2Fypf-qs%2F%3F_t%3D1669289104968%231669289106175&tt=%F0%9F%8E%89%EF%B8%8F%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FYPF%20fuel%20resource%20subsidy!%F0%9F%92%95%F0%9F%8E%81%F0%9F%8E%8A HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 24 Nov 2022 11:25:07 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=0D2A5393EF491D28; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=974778912&si=8b68846a3ac1709b0ec7199084ee5ea8&su=http%3A%2F%2Fsensationalbook.cn%2F&v=1.3.0&lv=1&sn=47122&r=0&ww=1280&u=https%3A%2F%2Finfcjal.cn%2FWDLCLyyT%2Fypf-qs%2F%3F_t%3D1669289104968%231669289106175&tt=%F0%9F%8E%89%EF%B8%8F%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FYPF%20fuel%20resource%20subsidy!%F0%9F%92%95%F0%9F%8E%81%F0%9F%8E%8A
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=974778912&si=8b68846a3ac1709b0ec7199084ee5ea8&su=http%3A%2F%2Fsensationalbook.cn%2F&v=1.3.0&lv=1&sn=47122&r=0&ww=1280&u=https%3A%2F%2Finfcjal.cn%2FWDLCLyyT%2Fypf-qs%2F%3F_t%3D1669289104968%231669289106175&tt=%F0%9F%8E%89%EF%B8%8F%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FYPF%20fuel%20resource%20subsidy!%F0%9F%92%95%F0%9F%8E%81%F0%9F%8E%8A
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=974778912&si=8b68846a3ac1709b0ec7199084ee5ea8&su=http%3A%2F%2Fsensationalbook.cn%2F&v=1.3.0&lv=1&sn=47122&r=0&ww=1280&u=https%3A%2F%2Finfcjal.cn%2FWDLCLyyT%2Fypf-qs%2F%3F_t%3D1669289104968%231669289106175&tt=%F0%9F%8E%89%EF%B8%8F%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FYPF%20fuel%20resource%20subsidy!%F0%9F%92%95%F0%9F%8E%81%F0%9F%8E%8A HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 24 Nov 2022 11:25:07 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=F87FF90E26E58B74; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=415042485&si=ba99808308e7272d58c43367a11d1204&su=http%3A%2F%2Fsensationalbook.cn%2F&v=1.2.97&lv=1&sn=47122&r=0&ww=1280&ct=!!&u=https%3A%2F%2Finfcjal.cn%2FWDLCLyyT%2Fypf-qs%2F%3F_t%3D1669289104968%231669289106175&tt=%F0%9F%8E%89%EF%B8%8F%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FYPF%20fuel%20resource%20subsidy!%F0%9F%92%95%F0%9F%8E%81%F0%9F%8E%8A
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=415042485&si=ba99808308e7272d58c43367a11d1204&su=http%3A%2F%2Fsensationalbook.cn%2F&v=1.2.97&lv=1&sn=47122&r=0&ww=1280&ct=!!&u=https%3A%2F%2Finfcjal.cn%2FWDLCLyyT%2Fypf-qs%2F%3F_t%3D1669289104968%231669289106175&tt=%F0%9F%8E%89%EF%B8%8F%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FYPF%20fuel%20resource%20subsidy!%F0%9F%92%95%F0%9F%8E%81%F0%9F%8E%8A
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=415042485&si=ba99808308e7272d58c43367a11d1204&su=http%3A%2F%2Fsensationalbook.cn%2F&v=1.2.97&lv=1&sn=47122&r=0&ww=1280&ct=!!&u=https%3A%2F%2Finfcjal.cn%2FWDLCLyyT%2Fypf-qs%2F%3F_t%3D1669289104968%231669289106175&tt=%F0%9F%8E%89%EF%B8%8F%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FYPF%20fuel%20resource%20subsidy!%F0%9F%92%95%F0%9F%8E%81%F0%9F%8E%8A HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Thu, 24 Nov 2022 11:25:07 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=FF2915E7B497C693; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
bonepa.com/4fe48aebd6/4f59451604/?placementName=Banner&is_first=true&randomA=0_2973&maxw=0
185.66.201.42200 OK 0 B URL HTTP/2 bonepa.com/4fe48aebd6/4f59451604/?placementName=Banner&is_first=true&randomA=0_2973&maxw=0
IP 185.66.201.42:0
ASN #201702 skHosting.eu s.r.o.
GET /4fe48aebd6/4f59451604/?placementName=Banner&is_first=true&randomA=0_2973&maxw=0 HTTP/1.1
Host: bonepa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 11:25:08 GMT
content-type: text/html; charset=UTF-8
set-cookie: shown1=0; expires=Fri, 25-Nov-2022 11:25:08 GMT; Max-Age=86400; secure; SameSite=None
used_ad2633173=1; expires=Fri, 25-Nov-2022 04:59:59 GMT; Max-Age=63291; path=/; secure; SameSite=None
total_impressions=1; expires=Fri, 25-Nov-2022 04:59:59 GMT; Max-Age=63291; secure; SameSite=None
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css
172.67.151.125200 OK 0 B URL HTTP/2 cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css
IP 172.67.151.125:0
GET /npm/bootstrap@4.6.0/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 11:25:05 GMT
content-type: text/css
x-guploader-uploadid: ADPycduCHwg6n53VPzNb_-57qJzhoPJbEBdMgpsWgTX19t4NIh3Tdte6MCXenDGQTAuiJrpSRG3G9WDZErClLNvZVXhXccOSWw
expires: Thu, 24 Nov 2022 11:20:25 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:38:12 GMT
etag: W/"feba0d0760607b9e21393156949afcd9"
x-goog-generation: 1647502692716912
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 161415
x-goog-hash: crc32c=Sb/HMQ==, md5=/roNB2Bge54hOTFWlJr82Q==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 519
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9hr2KqE6x5nPkVbjN2RwMOf7sZnwCmAXYxEBLzS3H3JZy6JUj00p58ZAHLKlD4jRt2sq%2B5ul12C01icXdErVGUU0PIZZC00Z4EEphhOJ525867EhYjmW3cl0mc1qPu9Y3YA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f1c82e59f00b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
uprimp.com/bnr_xload.php?section=General&pub=593174&format=300x50&ga=g&xt=166928910559459&xtt=4926907
185.66.200.220200 OK 0 B URL HTTP/2 uprimp.com/bnr_xload.php?section=General&pub=593174&format=300x50&ga=g&xt=166928910559459&xtt=4926907
IP 185.66.200.220:0
ASN #201702 skHosting.eu s.r.o.
GET /bnr_xload.php?section=General&pub=593174&format=300x50&ga=g&xt=166928910559459&xtt=4926907 HTTP/1.1
Host: uprimp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 11:25:05 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 24 Nov 2022 11:25:05 GMT
last-modified: Thu, 24 Nov 2022 11:25:05 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
X-Firefox-Spdy: h2
cdn.jsdelivr.cc/npm/popper.js@1.16.1/dist/umd/popper.min.js
172.67.151.125200 OK 0 B URL HTTP/2 cdn.jsdelivr.cc/npm/popper.js@1.16.1/dist/umd/popper.min.js
IP 172.67.151.125:0
GET /npm/popper.js@1.16.1/dist/umd/popper.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 11:25:05 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycdt8iAiFUD-J6NleyhXb8_vV8-wAPh_5tba_l2ugugXdkSJbrWiN1EsoSHZyahG4iSEJB_zV100HdRQRWXjd72Q
expires: Thu, 24 Nov 2022 11:23:38 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:44:44 GMT
etag: W/"31c898c6d2ea13c30441657ff1900d81"
x-goog-generation: 1647503084523089
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 21236
x-goog-hash: crc32c=7cW0Gg==, md5=MciYxtLqE8MEQWV/8ZANgQ==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 339
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RVeA%2BTbh5shUoAhV09AvgsXbNfaWoSjlWekmMTHG5xiOiFOAZcInMf3O%2FHS4lJUTbqFQxpeOUUjWnTqSyGh9qF3nblreRf4xFLfKqcijhogiqi33N2SvsJPmlvcGU%2B%2FD%2ByM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f1c82e49ea0b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/js/bootstrap.min.js
172.67.151.125200 OK 0 B URL HTTP/2 cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/js/bootstrap.min.js
IP 172.67.151.125:0
GET /npm/bootstrap@4.6.0/dist/js/bootstrap.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 11:25:05 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycdv0chj5F1Awc6K7Usaiie2qXL87Fxg5kp7mYqQH9s8HWV5Nuv0HuTqJ2hz1F5xUG9MGapUfK4P-pfLXRasYr-w
expires: Thu, 24 Nov 2022 11:19:47 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:36:54 GMT
etag: W/"c99230d2575380d7f95ff626606d2426"
x-goog-generation: 1647502614200576
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 63473
x-goog-hash: crc32c=x2l+AA==, md5=yZIw0ldTgNf5X/YmYG0kJg==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 519
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PFhEfEyn%2FPPoJhYEHVkZL6eCjzM%2FtyNa1%2BtQBARfRlEv2JIRBwqGJAwv3ahjNy6QpucfsIoLFdeQm1ny8uWGe5tPrbWo9xJtxgWPc2TKjv4Qt4n4SR%2FbFzRjWswelphEdpo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f1c82eaa3d0b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
infcjal.cn/WDLCLyyT/ypf-qs/?_t=1669289104968
172.67.198.191200 OK 0 B URL HTTP/2 infcjal.cn/WDLCLyyT/ypf-qs/?_t=1669289104968
IP 172.67.198.191:0
Analyzer Verdict Alert fortinet Phishing
GET /WDLCLyyT/ypf-qs/?_t=1669289104968 HTTP/1.1
Host: infcjal.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sensationalbook.cn/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 11:25:05 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: ypf-qs-tthh1=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.infcjal.cn
ypf-qs-tthh2=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.infcjal.cn
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C6kf5fTfByRP71b47eVlerlH6XFmCZB55ebD26yKoCYd8CZHLGPsn17diqILAQtjWSGyovqvFinQnd9uOgpt29%2BcwXXjxqgEogyvm4ih%2FWnjx0HWo8Z%2FQmDj9maS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f1c82c1ad61c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
uprimp.com/bnr.php?section=General&pub=593174&format=300x50&ga=g
185.66.200.220200 OK 0 B URL HTTP/2 uprimp.com/bnr.php?section=General&pub=593174&format=300x50&ga=g
IP 185.66.200.220:0
ASN #201702 skHosting.eu s.r.o.
GET /bnr.php?section=General&pub=593174&format=300x50&ga=g HTTP/1.1
Host: uprimp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infcjal.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 11:25:05 GMT
content-type: application/javascript
expires: Thu, 24 Nov 2022 11:25:05 GMT
last-modified: Thu, 24 Nov 2022 11:25:05 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
X-Firefox-Spdy: h2