3hvzox.cyou/6503XwNUCXN8SAlmRyQgcVN5fEQ0YH0IUVdkciAfGQcGU1NMaBldHREHHiJRHBkwHTM5OSRqFiAHAAssFWIqOlRDXHw7Qg&p=otdhvb
104.21.55.92200 OK 470 B URL HTTP/1.1 3hvzox.cyou/6503XwNUCXN8SAlmRyQgcVN5fEQ0YH0IUVdkciAfGQcGU1NMaBldHREHHiJRHBkwHTM5OSRqFiAHAAssFWIqOlRDXHw7Qg&p=otdhvb
IP 104.21.55.92:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash e340ed11b46e1e48620d36a346416ddc
94d41c906bc46da77b4bfda5c4bd23f182f1c718
c847601ea1be74a5e907051068f284e75cd84706e3e1e434d42a4bfe01677bf0
GET /6503XwNUCXN8SAlmRyQgcVN5fEQ0YH0IUVdkciAfGQcGU1NMaBldHREHHiJRHBkwHTM5OSRqFiAHAAssFWIqOlRDXHw7Qg&p=otdhvb HTTP/1.1
Host: 3hvzox.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 22:41:47 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST,GET,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,X_Requested_With,X-PINGOTHER,Content-Type
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yswsy6p1eD2s%2BK9dNOVz7gAHptVojqVzq9ExSrAUS56vBclfpyPi8hPUhahrFcVfy6vjpVi8khzcMC2EYRUJz7Z0Z5p8nRavBP995ygFVjxD%2F%2FzfKssHFqgXnN60UQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7692c6ee7db9b512-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3d0727e32cd103ddd4b73f28c81758aa
197a7bf43d63723fc532c23c6dced68d5cc36652
d3f75d03561d6a47d19370292e821a86e58381466f0c69386a21175de55882ff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3F75D03561D6A47D19370292E821A86E58381466F0C69386A21175DE55882FF"
Last-Modified: Fri, 11 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11822
Expires: Sun, 13 Nov 2022 01:58:49 GMT
Date: Sat, 12 Nov 2022 22:41:47 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash de470c6bab46e7c4b7cc69f392900fe7
189e4dcc4c2b8bf1f050e06bd68bce8a99618918
86f57134ddebd23a25615dc4d59c4b1ca8919e3e0495e1f006cbe7c0f39aa27e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6472
Cache-Control: max-age=135440
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 22:41:47 GMT
Etag: "636f75f3-1d7"
Expires: Mon, 14 Nov 2022 12:19:07 GMT
Last-Modified: Sat, 12 Nov 2022 10:31:15 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a8391107bfc5e4673e8a706f90f63768
5295ed0b1cb8bad4d3e851049acc7f0270937d12
ed5c27510100ffc4481be474ebcb020d147c645beb110604d5284eeeb8b97c02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ED5C27510100FFC4481BE474EBCB020D147C645BEB110604D5284EEEB8B97C02"
Last-Modified: Fri, 11 Nov 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7970
Expires: Sun, 13 Nov 2022 00:54:37 GMT
Date: Sat, 12 Nov 2022 22:41:47 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 12 Nov 2022 21:44:15 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3452
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 8G3Kb3jhBHgE+VvZFVJ6CMInj34MHgDxdIvnANqRXh8uKv1XRbMCrwxtbt8YZ6wINVH7eeI+g60=
x-amz-request-id: AV6XABG35JNBBGJB
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 12 Nov 2022 22:13:10 GMT
age: 1717
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 22:41:47 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
3hvzox.cyou/favicon.ico
104.21.55.92200 OK 80 B IP 104.21.55.92:0
File type ASCII text, with no line terminators
Hash 476ecd319ee68b0885b615aa8bfa6906
1d71f71b7e583a59e3d8aca0a80b1bf097723e4b
240177e6ac959ef0ddad4ce56d43b894c7b0ffb7f6c3061ce7cf7759dbf8da30
GET /favicon.ico HTTP/1.1
Host: 3hvzox.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://3hvzox.cyou/6503XwNUCXN8SAlmRyQgcVN5fEQ0YH0IUVdkciAfGQcGU1NMaBldHREHHiJRHBkwHTM5OSRqFiAHAAssFWIqOlRDXHw7Qg&p=otdhvb
HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 22:41:47 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST,GET,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,X_Requested_With,X-PINGOTHER,Content-Type
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Last-Modified: Sat, 12 Nov 2022 22:41:47 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XrAN1og9%2BoDGh1DfLF0k2KgP8pDj8y8caXSoFxWSOA9Isr3Bkq0QVf2pNZmXizodQlC2d4eVVHoDfKocYGhopJ8UREoRGorLOn7806%2BD0Cz2ryUE6Qdp%2BPQgY%2FBUUg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7692c6f0c8cab512-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9daf48451c311e0890b53a88aaf01136
6a448b83248e554c424a308610beaace34fde869
c336000c9b535e523a3192f54e8fada9804d5fb34bc21b964f388a9afc035759
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "C336000C9B535E523A3192F54E8FADA9804D5FB34BC21B964F388A9AFC035759"
Last-Modified: Fri, 11 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21567
Expires: Sun, 13 Nov 2022 04:41:14 GMT
Date: Sat, 12 Nov 2022 22:41:47 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9daf48451c311e0890b53a88aaf01136
6a448b83248e554c424a308610beaace34fde869
c336000c9b535e523a3192f54e8fada9804d5fb34bc21b964f388a9afc035759
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "C336000C9B535E523A3192F54E8FADA9804D5FB34BC21B964F388A9AFC035759"
Last-Modified: Fri, 11 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21567
Expires: Sun, 13 Nov 2022 04:41:14 GMT
Date: Sat, 12 Nov 2022 22:41:47 GMT
Connection: keep-alive
cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@6.1.1/css/all.min.css
151.101.85.229200 OK 21 kB URL HTTP/2 cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@6.1.1/css/all.min.css
IP 151.101.85.229:0
File type ASCII text, with very long lines (65317)
Hash b5ae87c0e4dd241b533e67053b0b719d
6b7b568694a95d81a94dea9ef7a85d1317d448dc
5bae5997fbca925ac6e52be8163ca897e751fcc9331552e0f77a22dd35b64521
GET /npm/@fortawesome/fontawesome-free@6.1.1/css/all.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bbaja.cn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 6.1.1
x-jsd-version-type: version
etag: W/"189ae-CRAs/GDvtDCiXul87ppqNd9t/Fk"
content-encoding: gzip
accept-ranges: bytes
date: Sat, 12 Nov 2022 22:41:48 GMT
age: 5284437
x-served-by: cache-fra19168-FRA, cache-bma1641-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 20556
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/css/select2.min.css
151.101.85.229200 OK 2.2 kB URL HTTP/2 cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/css/select2.min.css
IP 151.101.85.229:0
File type ASCII text, with very long lines (16263)
Hash bd3ea59ca12635e32402ec20cb196249
b1bfdaba4a00c2932245ff9eabea38016f9c9069
b99f8f79de257275fdbf6a8e0eb4652b0d69429552234b1f444c08ae85000341
GET /npm/select2@4.1.0-rc.0/dist/css/select2.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bbaja.cn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.1.0-rc.0
x-jsd-version-type: version
etag: W/"3f88-kT+fe5U1rseQyjzp1uNaz682mZM"
content-encoding: gzip
accept-ranges: bytes
date: Sat, 12 Nov 2022 22:41:48 GMT
age: 19713414
x-served-by: cache-fra19146-FRA, cache-bma1641-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2162
X-Firefox-Spdy: h2
cdn.jsdelivr.cc/npm/jquery@3.6.0/dist/jquery.min.js
172.67.151.125200 OK 32 kB URL HTTP/2 cdn.jsdelivr.cc/npm/jquery@3.6.0/dist/jquery.min.js
IP 172.67.151.125:0
File type ASCII text, with very long lines (65446), with CRLF line terminators
Hash 8e69a9caaeb8f51fa8072e8cdf416740
4f3501758fd92c3b5c8afe4011557c43d25dc8b5
9aad2b21eb60312da7184741693921c5621c5390c274e5a7f4697fea2e1aa0b6
GET /npm/jquery@3.6.0/dist/jquery.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bbaja.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 22:41:47 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycdujKqP4OmsICcw4by2ej4M3gF2bmp67KcND5Yd7ZkChGu92L3U7j930k4J7s5KmD98KzStiLKDZt_7_8jjTVv4
expires: Sat, 12 Nov 2022 23:05:25 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:30:17 GMT
etag: W/"3e4bb227fb55271bfe9c9d4a09147bd8"
x-goog-generation: 1647502217775195
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 89501
x-goog-hash: crc32c=JnXAUA==, md5=PkuyJ/tVJxv+nJ1KCRR72A==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 822
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o5LoVrf57QlyxlPxwMgiko2JMAeWzrdsSF%2BbpjQUIAHeHx6fUuG79ikc1ul8WXOq4LD86EAShcFdHrq9S47p%2FSaNHX%2BOg1eIIOThSEGEPlsRMSu0XN1kW3hbBY62DpYP%2Fk0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7692c6f2db9dfab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9a198040376a851cfc631e5e2df464f2
a891033f7804d097fe8c11656fd8c9c61d6c2807
bb792f9d51db37e90876b85f2bbfae019a7dbf23bbd7841d0eb5cd2ee91c8e70
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "BB792F9D51DB37E90876B85F2BBFAE019A7DBF23BBD7841D0EB5CD2EE91C8E70"
Last-Modified: Thu, 10 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15716
Expires: Sun, 13 Nov 2022 03:03:44 GMT
Date: Sat, 12 Nov 2022 22:41:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f62d63708f1f73a6318cb1c81a8434c1
b175dfb603b77ea32dc3b9a007b48ce90f5553e2
7650bd6c91d913099263b472c8021dbc649775dc90d6fc9ddedd9cceedb90a29
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7650BD6C91D913099263B472C8021DBC649775DC90D6FC9DDEDD9CCEEDB90A29"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15981
Expires: Sun, 13 Nov 2022 03:08:09 GMT
Date: Sat, 12 Nov 2022 22:41:48 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 1.1 kB IP 142.250.74.35:0
File type gzip compressed data, from Unix\012- data
Hash b706adb1bb32a7c62dfc2177dbb925f1
6414718802f623b655a867435196d86d324cec48
1af41ed800243789f041856ccb4ac2d20576d35fa109a8597f4b69c6d81ea6b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 22:41:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ae51f1958554de4457c22a7d5a9ba8b6
173e90a8c6ee36b7ec569dbea47436a90d7e7c76
dc43a04e1e26243f63a8e628f2ebcb23a9527fd4bc40dc6d1d61879b0f95bb21
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4821
Cache-Control: max-age=128725
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 22:41:48 GMT
Etag: "636f622c-1d7"
Expires: Mon, 14 Nov 2022 10:27:13 GMT
Last-Modified: Sat, 12 Nov 2022 09:06:52 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 53e88b46b02c3c4a5e6e0882a91709f8
e1672d6faa3af6db07a4b15b9fc251d441ec119e
088faa4b1f94d12e14a5a20f2b39fa8f6af903dd6fd05eb07e9efaef54194d5c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 22:41:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash efdbc69162f36432f51b420a9fbdc45e
1f37490dd4e24aeee9323d13a05b8f72429ac0b7
8017b416b35ff5b0a9c2c80e9f9af49bd417c298134509dc8f460871a721ae6a
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 22:41:48 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "77059079C75B46974603D29BA0567027EA50AB23"
Expires: Sun, 13 Nov 2022 09:00:00 GMT
Last-Modified: Sat, 12 Nov 2022 21:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1259
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7692c6f3fb2ab518-OSL
www.googletagmanager.com/gtag/js?id=G-YP3DQB03D8
142.250.74.168200 OK 76 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-YP3DQB03D8
IP 142.250.74.168:0
File type ASCII text, with very long lines (19102)
Hash 9150e6cee4a2cada1ce98b98835d0108
4658a796d26d9fe26c2907c90ef55bc403097649
8c1086d3feb30c3bae87eb0c615aa8ffcd86c7cb86fe53d143ee0d849da74c8c
GET /gtag/js?id=G-YP3DQB03D8 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bbaja.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 12 Nov 2022 22:41:48 GMT
expires: Sat, 12 Nov 2022 22:41:48 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75988
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
263cdn.com/upload/privatbank-right.jpg
104.21.235.73200 OK 2.7 kB URL HTTP/2 263cdn.com/upload/privatbank-right.jpg
IP 104.21.235.73:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 102x199, components 3\012- data
Hash ac2828fc1029c67ef0f92764c68bab8c
ab3faf4d8e1210069d4c57c77b7f566418b8d85f
c63cffb1d904ae086c9ff916543d11dd0886023cab6a1e58873570d51eae0be1
GET /upload/privatbank-right.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bbaja.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 22:41:48 GMT
content-type: image/jpeg
content-length: 2741
x-guploader-uploadid: ADPycdvUgDKUf5Cjoh4tyzDaH41uU6CQKvHkelynhE8IOxfa6zwLNBkaAHwsKNXZOSqIR_S_ceaRphNAQUyJD-0wR8G8snkUW1Hd
expires: Sat, 12 Nov 2022 23:25:23 GMT
cache-control: public, max-age=14400
last-modified: Sun, 14 Aug 2022 13:10:06 GMT
etag: "ac2828fc1029c67ef0f92764c68bab8c"
x-goog-generation: 1660482605969846
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 2741
x-goog-hash: crc32c=1CAvfg==, md5=rCgo/BApxn7w+SdkxourjA==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 970
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=48lLardO3D8NRyNp0IGNj3bx7cHErWr5CGmdUT%2FieXZLsvdKIdPe%2F8quWfyKyqTptuT33XW5GvOwgyYjYSz34t1nxmq28NclxlmcjijhZwuEGppCveqm%2BYiXsKn3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7692c6f3fe2c7708-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.cc/npm/sweetalert2@10.16.0/dist/sweetalert2.all.min.js
172.67.151.125200 OK 20 kB URL HTTP/2 cdn.jsdelivr.cc/npm/sweetalert2@10.16.0/dist/sweetalert2.all.min.js
IP 172.67.151.125:0
File type ASCII text, with very long lines (48058), with CRLF line terminators
Hash 6e5cf2f2a0309cb588e718c943f76da0
d877d298f2045a5de347dc7911376e255929cee5
3d06678aff24e7b8cac124cb3cff93a4c722a9cc4d000f5f561a78fdd0037f5b
GET /npm/sweetalert2@10.16.0/dist/sweetalert2.all.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bbaja.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 22:41:47 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycds_5oPtcr3KFpC_u7Lnvdlqz8VeCGxAgHcXFP3zMljDMh6Q0ifyAwrLV7e0dbEbUBwQbF9kY0g0GrHWdqicRh8
expires: Sat, 12 Nov 2022 23:01:55 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:40:39 GMT
etag: W/"80924b62e5b3ac73aa4849776b439770"
x-goog-generation: 1647502839791727
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 72765
x-goog-hash: crc32c=8ZRUYw==, md5=gJJLYuWzrHOqSEl3a0OXcA==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 822
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7kWYjzTyPzaZt5yXXuoMqtk7x8Vjf6VNSFwxWaEeHBBlczsNUR3X7%2Bqce1G5fDJ2VPx2AH8m7AuAYjz%2BT4pOQmBw1MnAl%2B0Apgh9Wd4XrwaSkp6uPhTVn44RgDS0GLUmwiw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7692c6f2eba6fab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 53e88b46b02c3c4a5e6e0882a91709f8
e1672d6faa3af6db07a4b15b9fc251d441ec119e
088faa4b1f94d12e14a5a20f2b39fa8f6af903dd6fd05eb07e9efaef54194d5c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 22:41:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
263cdn.com/upload/privatbank-show.jpg
104.21.235.73200 OK 62 kB URL HTTP/2 263cdn.com/upload/privatbank-show.jpg
IP 104.21.235.73:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 520x285, components 3\012- data
Hash d0caeb090762314425e1b924cb8477f3
1ec2c56c1f73aec8545046f4348a8f9b1683ab77
0719a5b3a318c8bfc4e93e501b82731c7676caedeb935c467398ad6cc37e41d4
GET /upload/privatbank-show.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bbaja.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 22:41:48 GMT
content-type: image/jpeg
content-length: 62340
x-guploader-uploadid: ADPycdt-CrVYhfpv-Adt81FlKnZ-wgJJOQoqPbCijNR8Yh32k_WCRYtXNf76vYj90bOM2w-VDeogdcQlml4_-v4WkC23Jp1dPw8Y
expires: Sat, 12 Nov 2022 22:47:58 GMT
cache-control: public, max-age=14400
last-modified: Sun, 14 Aug 2022 13:10:06 GMT
etag: "d0caeb090762314425e1b924cb8477f3"
x-goog-generation: 1660482606027727
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 62340
x-goog-hash: crc32c=H09Btg==, md5=0MrrCQdiMUQl4bkky4R38w==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 2787
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=88oKnHkqi75%2FBNCZ1TrWOsXjT1LTTjZKxwmC3bZrzxLcXeardhBid9NC%2BCIDgWbyAamaBef9TV4HB%2BeV5WBREb6%2FebETcpZ%2Fm1My8lUjmv%2FTB6pSArsiitDrfufm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7692c6f3fe2d7708-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/privatbank-box3.png
104.21.235.73200 OK 17 kB URL HTTP/2 263cdn.com/upload/privatbank-box3.png
IP 104.21.235.73:0
File type PNG image data, 300 x 216, 8-bit/color RGBA, non-interlaced\012- data
Hash 76c6d4f6cf8acca34224f5106d3b65ad
5e4c8f18d55a498b38cdb7350706f617dad6fbe8
36b3130562c1bcb0d31ab6805af71ded44634d3c6111c919bd39e83af634d6d3
GET /upload/privatbank-box3.png HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bbaja.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 22:41:48 GMT
content-type: image/png
content-length: 17188
x-guploader-uploadid: ADPycdtCxI-JFiXGOstNkqxDfTH8IEJTPOwE728qXFe26A-gbJlktGEt8zh2k-vkS4Tmtv_yoNmrJ189lruUkUvJB0PdZA
x-goog-generation: 1660482603650704
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 17188
x-goog-hash: crc32c=KF4tbA==, md5=dsbU9s+KzKNCJPUQbTtlrQ==
x-goog-storage-class: STANDARD
expires: Sat, 12 Nov 2022 23:01:44 GMT
cache-control: public, max-age=14400
last-modified: Sun, 14 Aug 2022 13:10:03 GMT
etag: "76c6d4f6cf8acca34224f5106d3b65ad"
cf-cache-status: HIT
age: 1948
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MVnKP8emp%2B4%2FpFhhY55wYuaig0vN3RdT8XXYTpjBudkC40cAaqE3Xa9PO5gh61cPyJQlE3jG%2B45uguIlqOKIQGSvSSorsWpCqECh566kkgyjR0VHTc2gCPl6NMst"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7692c6f3fe307708-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/yhde2.jpg
104.21.235.73200 OK 7.5 kB URL HTTP/2 263cdn.com/upload/yhde2.jpg
IP 104.21.235.73:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Hash 1e4cd34e22133192edbfdce16e8ba3a0
0b975b36fee9e81118378e4d7f70860edfe80bd3
8f71eadc0e6e9d3c4e20bdab6122f130199f099c47933a8f9c31856b5c5a0842
GET /upload/yhde2.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bbaja.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 22:41:48 GMT
content-type: image/jpeg
content-length: 7500
x-guploader-uploadid: ADPycdvXJA2JymEnbnIrNCBRWfSdUIbx5ZpgaHNYrAmqSAEu2EJuOpzSzuaFRF72xSuPb5BMLeC9nUJG0Y2OXwgMKyVRog
expires: Sat, 12 Nov 2022 23:07:08 GMT
cache-control: public, max-age=14400
last-modified: Mon, 11 Jul 2022 17:22:49 GMT
etag: "1e4cd34e22133192edbfdce16e8ba3a0"
x-goog-generation: 1657560169681386
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 7500
x-goog-hash: crc32c=UJX5hQ==, md5=HkzTTiITMZLtv9zhboujoA==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 1030
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zMpziiXa0wFpheJhz3g47PT526%2BMi7Mh18FkyGAjud7fw7%2F7tGyD8I7WsvrZIcn0EQuRc9CgUlT9B5DNXELKNMCbzI9i%2Bt6RZckTTLzerxrfl%2BILr4gIeZxYcXIj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7692c6f3fe337708-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/yhde8.jpg
104.21.235.73200 OK 7.9 kB URL HTTP/2 263cdn.com/upload/yhde8.jpg
IP 104.21.235.73:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Hash b8b61d66db60a707e147d51f80cd7caf
9caeead5c434baf1feb311daf7ce1aa19fa21863
a17ccb0824fbac80cc0d82f280573c2e214876756d8e597e8fa10c9b83e4e342
GET /upload/yhde8.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bbaja.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 22:41:48 GMT
content-type: image/jpeg
content-length: 7939
x-guploader-uploadid: ADPycdveBphS_-pnKVzVFrummhVL4y-rwqrwPVvaeO5NigvucM2zoaYmtGTNgXYnAF61jn0RJAVLp2v2T0qNnSyKgeMNAg
expires: Sat, 12 Nov 2022 23:05:12 GMT
cache-control: public, max-age=14400
last-modified: Mon, 11 Jul 2022 17:22:51 GMT
etag: "b8b61d66db60a707e147d51f80cd7caf"
x-goog-generation: 1657560171890012
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 7939
x-goog-hash: crc32c=VOlkAw==, md5=uLYdZttgpwfhR9UfgM18rw==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 1378
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zau0BoZ7RYKLtdb0PYCz2r%2F8xw8ephDOyh%2B4yi4Mvp2%2B6u16Svf85VU2ulb2WYkJZgYuOxWlmujScKNb95rt%2FHoNP%2Fo8DBWzzeM05p2dEd9ZxoPqeXLi5ScTBcpP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7692c6f3fe357708-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/yhde1.jpg
104.21.235.73200 OK 13 kB URL HTTP/2 263cdn.com/upload/yhde1.jpg
IP 104.21.235.73:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Hash 8bb7f41971b23f34648e6b4797df26f3
3a2732b4bd2c9e45291f66a9872ef2d780fe831b
df4dd6d2b21fd5d5bedc1259cedab7ace2eeec381c18ca487f47fb26af6792b6
GET /upload/yhde1.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bbaja.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 22:41:48 GMT
content-type: image/jpeg
content-length: 12610
x-guploader-uploadid: ADPycdtfh5DxpmIF1ZBFMdDeNUHaAcmJwZZnl8TpGufA0Lx38-eukhWrRNLsr5__EH3aiNqL13_ZnYiBtvD0zjiaeD2Cvg
expires: Sat, 12 Nov 2022 22:48:13 GMT
cache-control: public, max-age=14400
last-modified: Mon, 11 Jul 2022 17:22:49 GMT
etag: "8bb7f41971b23f34648e6b4797df26f3"
x-goog-generation: 1657560169688143
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 12610
x-goog-hash: crc32c=/laZCQ==, md5=i7f0GXGyPzRkjmtHl98m8w==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 2581
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hDV3rmfw0RSjYSmqGtr%2F%2BUIaf48SneuyIFSc3KLBwG1SYd9tclrbIkemQfNBrFLgv8tJ7evVVQb%2FRuVIdx4BVkm4g9mwMD5TR5bf10w4nDcyezICyaTngVnuYCcQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7692c6f3fe327708-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/yhde9.jpg
104.21.235.73200 OK 9.2 kB URL HTTP/2 263cdn.com/upload/yhde9.jpg
IP 104.21.235.73:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Hash 011b2ea22f52406af58b64d1665f8452
180974bd7ba0be0bea57119080b3071f9e3b19d9
0681be4c83ebd047dbea1e6df073cf020d407d75fabe8ffcc40bb57ef9a19358
GET /upload/yhde9.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bbaja.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 22:41:48 GMT
content-type: image/jpeg
content-length: 9205
x-guploader-uploadid: ADPycdvs0YK_rB9cQAHfmCT10X7f703AoIsM5_nQgNFawqca9TnO20W2aLKHwElUxq13Ol0neBD-Joho_9RA7ksxgpb7ww
expires: Sat, 12 Nov 2022 22:50:46 GMT
cache-control: public, max-age=14400
last-modified: Mon, 11 Jul 2022 17:22:52 GMT
etag: "011b2ea22f52406af58b64d1665f8452"
x-goog-generation: 1657560172678807
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 9205
x-goog-hash: crc32c=9Zk+WA==, md5=ARsuoi9SQGr1i2TRZl+EUg==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 926
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HTyJWbZFLe%2FOsi0E6QQHdVvFyinA6ykKYMoXRkcnbdbNz7oAV1quNqT6CNpoz2BBrKD8fTY0A5z6NSzC%2F2G8JJz3aznYkmnI%2FRLROR3LLb4FEno2yjy5UaTfgkW1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7692c6f3fe317708-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/yhde3.jpg
104.21.235.73200 OK 8.4 kB URL HTTP/2 263cdn.com/upload/yhde3.jpg
IP 104.21.235.73:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Hash d8f2b1db826a85b3d6a77f65c2eb8aa9
f2a5f76ea88f4f374ea2ed63a2d56262746f11b7
ec87a4f107fab84a11b07c51a0c16da260136be7e9312267e9ac53ee1faac9cb
GET /upload/yhde3.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bbaja.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 22:41:48 GMT
content-type: image/jpeg
content-length: 8391
x-guploader-uploadid: ADPycduWGHoLIReJ2xiY1GVnOQ8Sn9-KO7a6VsLLFXT22xI0vdlIYJE6iIGVGBgqPrwjPpjaqkI118qosrIiLUda8XtWAQ
expires: Sat, 12 Nov 2022 23:15:02 GMT
cache-control: public, max-age=14400
last-modified: Mon, 11 Jul 2022 17:22:50 GMT
etag: "d8f2b1db826a85b3d6a77f65c2eb8aa9"
x-goog-generation: 1657560170668162
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 8391
x-goog-hash: crc32c=ow+ZSQ==, md5=2PKx24JqhbPWp39lwuuKqQ==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 1015
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xG7sXF5vOByF1oxqARqsNDahYbnIw5npvKNJ2TOHw0su6tju4GU3D94b0pzNzA4eZFIDA7hV35%2BOk5NoT%2FecpooT181oFOJbpF9%2FvW6rm%2BWWAYI9kQpdUCUOqhh9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7692c6f3fe347708-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/yhde6.jpg
104.21.235.73200 OK 9.0 kB URL HTTP/2 263cdn.com/upload/yhde6.jpg
IP 104.21.235.73:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Hash ee5371e6976fe9bb8b6d46278279f89d
c246da7df163264acac382d4a83ba162b08637a8
ad1533c7cdb68e5cb8b5123a6775d6d5e67836e7187b46e27d5009a70a251ad4
GET /upload/yhde6.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bbaja.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 22:41:48 GMT
content-type: image/jpeg
content-length: 8953
x-guploader-uploadid: ADPycdv6aTAfGE_NNJ9LFMmqbTa7I8ZlS9xuzrxDxFnnDrRAPB3FeIvsSoqVxdk6Y3JIm-lo7Hn4uloAWkqaHAckwDe3LQ
expires: Sat, 12 Nov 2022 23:04:29 GMT
cache-control: public, max-age=14400
last-modified: Mon, 11 Jul 2022 17:22:51 GMT
etag: "ee5371e6976fe9bb8b6d46278279f89d"
x-goog-generation: 1657560171630757
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 8953
x-goog-hash: crc32c=YDJ99Q==, md5=7lNx5pdv6buLbUYngnn4nQ==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 1355
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pobedaj1qd8cqh%2BKfnCYKtpyCygZ1jmQNxrxrKORTqA6BQR5%2F%2Bl9A%2F9WrbCC1fsdoUadB4bFPLML5Q2LVLd2loCAZarWFOWLb7nh%2FHkQHPQcW41vMXldfvkfTYtV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7692c6f40e547708-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/yhde.jpg
104.21.235.73200 OK 12 kB URL HTTP/2 263cdn.com/upload/yhde.jpg
IP 104.21.235.73:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Hash c7401cbdc82cca5689669a88a41608fb
366e93242c88d9fdd3d58f5f3b46a1db75ed8d47
94508fbf165fff7477c232e0a1069f2aa87316b71b0499b1d687021c24142ae0
GET /upload/yhde.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bbaja.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 22:41:48 GMT
content-type: image/jpeg
content-length: 11716
x-guploader-uploadid: ADPycdtrCXUu3d-5kC44p7A_3XhywiwvgDNsU_Q1PPvqjzgPe0-OYLPaHoUmfmxxPatrrmj8ze8_uDbLlZO_RiFdhRXQ7g
expires: Sat, 12 Nov 2022 23:34:50 GMT
cache-control: public, max-age=14400
last-modified: Mon, 11 Jul 2022 17:22:49 GMT
etag: "c7401cbdc82cca5689669a88a41608fb"
x-goog-generation: 1657560169763046
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 11716
x-goog-hash: crc32c=Vi3taA==, md5=x0AcvcgsylaJZpqIpBYI+w==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 243
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8x3FPT03%2FmmpyorLXKh1uZR4vfQdzSfX3TNMqNBQcNvtcmncUohXl5I8INVSwR9JAL5lZBquUESNo7s7uR%2FhVL%2BgUd6UyNcZWxnb8nLXbTFZ9UPUHsKcdB2mpleV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7692c6f40e557708-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/privatbank-left.jpg
104.21.235.73200 OK 18 kB URL HTTP/2 263cdn.com/upload/privatbank-left.jpg
IP 104.21.235.73:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 388x90, components 3\012- data
Hash 59505dd21fb53a3c2ce2c9c47b82499f
3d2231bb02e16f8dbb47038e7fd9d3e644854532
0c36608152852710baee3e064be73233bb657fda99c4a7ad23c49b626ecdabb9
GET /upload/privatbank-left.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bbaja.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 22:41:48 GMT
content-type: image/jpeg
content-length: 18252
x-guploader-uploadid: ADPycduovxp5BjoKL-RklnhuxKi0Z69_rkFLEUL3HnDuvKYzozCocXsS7cHdwXeamJn2TrjL6stcsd7vKG_k8E4PBdSf5A
expires: Sat, 12 Nov 2022 22:41:12 GMT
cache-control: public, max-age=14400
last-modified: Sun, 14 Aug 2022 13:10:04 GMT
etag: "59505dd21fb53a3c2ce2c9c47b82499f"
x-goog-generation: 1660482604639109
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 18252
x-goog-hash: crc32c=vI8jbw==, md5=WVBd0h+1Ojws4snEe4JJnw==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 2421
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2F7v4yCEJyn8%2BJ6X4Qbaein1vt65QQaVcncv3YH0VAlq7fMizfWw9QvbjiSUfcBepyIx2rB4FtVkmbIrlBcqj08%2Frl4MCJ%2Bmq%2BYhBOl53DVCu8WpoXAAZsua2UWM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7692c6f40e597708-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/yhde4.jpg
104.21.235.73200 OK 8.5 kB URL HTTP/2 263cdn.com/upload/yhde4.jpg
IP 104.21.235.73:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Hash 97c0fcc47524398cecf7d89e8854a01c
bef604fbc4381f689b97ae2216acf1ea260f09e1
bb56e2ea161221ac5e4c671d3d124cf5b1e50f64a412960baf51523679f37444
GET /upload/yhde4.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bbaja.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 22:41:48 GMT
content-type: image/jpeg
content-length: 8521
x-guploader-uploadid: ADPycdt_ozSjN2fKESi70osKTi-xq17s39b1KvmqNz3lSLY3gqfENQAIAVIaSnMyExLv7NICF_ANlViyvScq_yeG_JGsUA
expires: Sat, 12 Nov 2022 22:40:23 GMT
cache-control: public, max-age=14400
last-modified: Mon, 11 Jul 2022 17:22:50 GMT
etag: "97c0fcc47524398cecf7d89e8854a01c"
x-goog-generation: 1657560170770744
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 8521
x-goog-hash: crc32c=NqkxVw==, md5=l8D8xHUkOYzs99ieiFSgHA==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 2858
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=11QuW5IjiD9lE8Ay%2BsUmdZxdiWEMkQzXovFugCvafp4ppdt3c332i9ZuMz1tSQ6QGKWE1Jb27LVE7hoixiXK0rFQ1nX7cV5EzWD0dzZM94yaYXv33gUeQOabdHbR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7692c6f40e567708-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
1.bp.blogspot.com/-6OjTtrMq588/YKsjbL-wmoI/AAAAAAAABhs/UuUHtZD40v4QF-PMdm29IuYEYXf1-gCCwCLcBGAsYHQ/s16000/Norway_outbox.png
142.250.74.161200 OK 181 kB URL HTTP/2 1.bp.blogspot.com/-6OjTtrMq588/YKsjbL-wmoI/AAAAAAAABhs/UuUHtZD40v4QF-PMdm29IuYEYXf1-gCCwCLcBGAsYHQ/s16000/Norway_outbox.png
IP 142.250.74.161:0
File type PNG image data, 497 x 308, 8-bit/color RGBA, non-interlaced\012- data
Size 181 kB (180954 bytes)
Hash fd835c1f326d3e7da0d9839550f66723
5004618bc15011d7d0f569f60f900d076b164b3d
b2286c3ed452ee4eeb15d2044a90cfc456d4789b2fdbe42bb9e023c9da18e4a8
GET /-6OjTtrMq588/YKsjbL-wmoI/AAAAAAAABhs/UuUHtZD40v4QF-PMdm29IuYEYXf1-gCCwCLcBGAsYHQ/s16000/Norway_outbox.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bbaja.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Norway_outbox.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 180954
x-xss-protection: 0
date: Sat, 12 Nov 2022 20:28:25 GMT
expires: Sun, 06 Nov 2022 03:02:48 GMT
cache-control: public, max-age=86400, no-transform
age: 8003
etag: "v632"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
263cdn.com/upload/privatbank-box1.png
104.21.235.73200 OK 41 kB URL HTTP/2 263cdn.com/upload/privatbank-box1.png
IP 104.21.235.73:0
File type PNG image data, 300 x 216, 8-bit/color RGBA, non-interlaced\012- data
Hash 1979704972c0987645553f6e5312342a
eab4e6180e4799d4af618294b2f9d5e6354b0043
cf76c8194e2e583cf75add79b81f1e02226031f9ea07e9003b0e45815ced96aa
GET /upload/privatbank-box1.png HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bbaja.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 22:41:48 GMT
content-type: image/png
content-length: 40677
x-guploader-uploadid: ADPycdvJVrSVwTJrlugwthj0UBjKcJTWp4uWoSSXT819an1gu6uFpQCW-Q5t8ShrYFka2NG7tJkANoeiyHROYrGnORg2AzB_Adsa
expires: Sat, 12 Nov 2022 23:03:03 GMT
cache-control: public, max-age=14400
last-modified: Sun, 14 Aug 2022 13:10:03 GMT
etag: "1979704972c0987645553f6e5312342a"
x-goog-generation: 1660482603462724
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 40677
x-goog-hash: crc32c=F0797Q==, md5=GXlwSXLAmHZFVT9uUxI0Kg==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 2325
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EI7xz9uxbWdhbkkjDg%2B4WHGWj86i6RbYJUKHqTMc1I9Vpfqf8%2FwL0inkrfE9Mvt5%2FPGs3SrD3DnJ5%2B3Nb1hNGDnE2zwM6CHy5Ih%2BDZ5AnfWAiKpOFmlgs2L%2B%2F7qJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7692c6f40e577708-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
1.bp.blogspot.com/-T_4FPQJDXos/YKsjbNLDpRI/AAAAAAAABho/lE-RXu-La9UZUtmJisWFGBB7Gyzc2-M_QCLcBGAsYHQ/s16000/Norway_inbox.png
142.250.74.161200 OK 14 kB URL HTTP/2 1.bp.blogspot.com/-T_4FPQJDXos/YKsjbNLDpRI/AAAAAAAABho/lE-RXu-La9UZUtmJisWFGBB7Gyzc2-M_QCLcBGAsYHQ/s16000/Norway_inbox.png
IP 142.250.74.161:0
File type PNG image data, 350 x 251, 8-bit colormap, non-interlaced\012- data
Hash ff055162c5d233506eece3fb69a47e74
49812e303ae6674819b6a7a6e0721d555ef64df4
7e46c8bcf219a0d6f0f3d5c5b027ed613678a0c54d637172d6495f428ff80150
GET /-T_4FPQJDXos/YKsjbNLDpRI/AAAAAAAABho/lE-RXu-La9UZUtmJisWFGBB7Gyzc2-M_QCLcBGAsYHQ/s16000/Norway_inbox.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bbaja.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Norway_inbox.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 13695
x-xss-protection: 0
date: Sat, 12 Nov 2022 20:28:25 GMT
expires: Sun, 06 Nov 2022 03:02:48 GMT
cache-control: public, max-age=86400, no-transform
age: 8003
etag: "v630"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
263cdn.com/upload/privatbank-box2.png
104.21.235.73200 OK 8.9 kB URL HTTP/2 263cdn.com/upload/privatbank-box2.png
IP 104.21.235.73:0
File type PNG image data, 300 x 216, 8-bit/color RGBA, non-interlaced\012- data
Hash 1d108db7d5227240c912910153929261
c823580ac707d7913ac0f5d12b50c5398cbd0229
749273582e6df977f7db0522f7f938f30b19f6e4e77e4b671bd3cefabd631612
GET /upload/privatbank-box2.png HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bbaja.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 22:41:48 GMT
content-type: image/png
content-length: 8947
x-guploader-uploadid: ADPycduKFEbhwkvCQHWd0s8Sy6tkyEgJf5x19h9CSxw4rfU24GCA0D88j_qQx1BR3O8iX20xzsacyJvKJ0Up1iZJB-xybs-67g4v
expires: Sat, 12 Nov 2022 23:03:43 GMT
cache-control: public, max-age=14400
last-modified: Sun, 14 Aug 2022 13:10:03 GMT
etag: "1d108db7d5227240c912910153929261"
x-goog-generation: 1660482603482686
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 8947
x-goog-hash: crc32c=jvWx4Q==, md5=HRCNt9UickDJEpEBU5KSYQ==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 2285
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F5EClRJM2sG%2FzVyd4N7Tiz0zGVgwL9i2WRb76DGzyE6EG1NA9Lidh8sT3wRFFyMhZwb%2F%2FWS89cg9dayed1j1bRDM2lQTsbeIlkFhV87nfWz6IL9CC4GDMc1AjBjB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7692c6f46ec97708-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
263cdn.com/upload/yhde7.jpg
104.21.235.73200 OK 7.2 kB URL HTTP/2 263cdn.com/upload/yhde7.jpg
IP 104.21.235.73:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Hash e6973ef8b9321ae09803ede73ca9047d
7b93053d922fa89065796614f7183c7baefcb558
7593afdd1a987ff5a18338787f1e75f403739752cf357c4d4f3b32205d9606ac
GET /upload/yhde7.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bbaja.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 22:41:48 GMT
content-type: image/jpeg
content-length: 7197
x-guploader-uploadid: ADPycdus7Kc4sKChII0BY1iUPjmFEANxkpPzE04pv5Nq__GnTS69Fx58wcfHW23_NNibZmKQ6ivYL_VyW1I8Y7dH-YO1uQ
expires: Sat, 12 Nov 2022 21:39:06 GMT
cache-control: public, max-age=14400
last-modified: Mon, 11 Jul 2022 17:22:51 GMT
etag: "e6973ef8b9321ae09803ede73ca9047d"
x-goog-generation: 1657560171874943
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 7197
x-goog-hash: crc32c=LD3HAg==, md5=5pc++LkyGuCYA+3nPKkEfQ==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 3433
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xg8CYkM2h4r6vhkCGEhZdeFT7wh9PlQKdf7W7dv7Z5TW1Sz7itMhf2OEH9Pi3gAjbEdG6sN83vMXL0LDqjbQsbLmC8Rczrl9zWcsZtVJ%2BAH9f1wbdFFXltJ%2FBESJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7692c6f47ee97708-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash e7dc2623cb841be51d3e8857e015d8e1
cbfdb2a7b965598de893fef89d47e17763501acf
df1fc0809a603469e6abcf1f07a13d792550d68c862f80e38c00e47e9b233a5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 22:41:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
263cdn.com/upload/yhde5.jpg
104.21.235.73200 OK 8.0 kB URL HTTP/2 263cdn.com/upload/yhde5.jpg
IP 104.21.235.73:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 290x300, components 3\012- data
Hash bf26d0b78d013f526a5f8eb153f9fd56
5cb71ae75ad4a45e482570a02cf919bbc65fa135
c0e0b2ed3e4352d31c1672785a0df72fa809063ac9383643ebb78f0e1486535f
GET /upload/yhde5.jpg HTTP/1.1
Host: 263cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bbaja.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 22:41:48 GMT
content-type: image/jpeg
content-length: 7984
x-guploader-uploadid: ADPycdsO76VvlM8T5G7yyGeeeZE0FFx81WJOyJ3Q1uQXLaJ_40Ur--VU-EQGpPXvFsjofO0raK2LbtOe1o4E8QMQZMwAwA
expires: Sat, 12 Nov 2022 23:07:10 GMT
cache-control: public, max-age=14400
last-modified: Mon, 11 Jul 2022 17:22:50 GMT
etag: "bf26d0b78d013f526a5f8eb153f9fd56"
x-goog-generation: 1657560170814014
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 7984
x-goog-hash: crc32c=2hDYJw==, md5=vybQt40BP1JqX46xU/n9Vg==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 909
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ay4iCM55ixn%2BVadMD1EB%2FSZXmpw09%2FbgH3yZUV9ntHJjDg57DOc9gp7K3Xvnsa4f%2By3JMTVmvGF%2BVEVoz3spIRcuDlrwrfFZUmJT%2FH2yg01Y0QPr3O9XHBDzVgD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7692c6f4af3b7708-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 53e88b46b02c3c4a5e6e0882a91709f8
e1672d6faa3af6db07a4b15b9fc251d441ec119e
088faa4b1f94d12e14a5a20f2b39fa8f6af903dd6fd05eb07e9efaef54194d5c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 22:41:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9a198040376a851cfc631e5e2df464f2
a891033f7804d097fe8c11656fd8c9c61d6c2807
bb792f9d51db37e90876b85f2bbfae019a7dbf23bbd7841d0eb5cd2ee91c8e70
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "BB792F9D51DB37E90876B85F2BBFAE019A7DBF23BBD7841D0EB5CD2EE91C8E70"
Last-Modified: Thu, 10 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15716
Expires: Sun, 13 Nov 2022 03:03:44 GMT
Date: Sat, 12 Nov 2022 22:41:48 GMT
Connection: keep-alive
push.services.mozilla.com/
44.242.41.15101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.242.41.15:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: E9w1YCIPh4q0BFuSjCKbqA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: puD24BGP/3pe5XUHtlouRsPMJWw=
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 06fcd6f4b393b29db70f011dada9c8a5
f8000ea1c157dc000a775a5b567a8fa91433ddb4
0a3b87d347ec2565feebf14789a009f9b15ea82ce8ad13463572968c84d382ea
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 22:41:48 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 16 Nov 2022 19:58:43 GMT
ETag: "f8000ea1c157dc000a775a5b567a8fa91433ddb4"
Last-Modified: Sat, 12 Nov 2022 19:58:44 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2899
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7692c6f8996ab518-OSL
region1.google-analytics.com/g/collect?v=2&tid=G-YP3DQB03D8>m=2oeb90&_p=283384379&cid=804649321.1668292908&ul=en-us&sr=1280x1024&_s=1&sid=1668292907&sct=1&seg=0&dl=https%3A%2F%2Fbbaja.cn%2FzMwhMUgP%2Fnovaposhtmv-vixh%2F%3F_t%3D1668292907338otdhvb&dr=http%3A%2F%2F3hvzox.cyou%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-YP3DQB03D8>m=2oeb90&_p=283384379&cid=804649321.1668292908&ul=en-us&sr=1280x1024&_s=1&sid=1668292907&sct=1&seg=0&dl=https%3A%2F%2Fbbaja.cn%2FzMwhMUgP%2Fnovaposhtmv-vixh%2F%3F_t%3D1668292907338otdhvb&dr=http%3A%2F%2F3hvzox.cyou%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-YP3DQB03D8>m=2oeb90&_p=283384379&cid=804649321.1668292908&ul=en-us&sr=1280x1024&_s=1&sid=1668292907&sct=1&seg=0&dl=https%3A%2F%2Fbbaja.cn%2FzMwhMUgP%2Fnovaposhtmv-vixh%2F%3F_t%3D1668292907338otdhvb&dr=http%3A%2F%2F3hvzox.cyou%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bbaja.cn
Connection: keep-alive
Referer: https://bbaja.cn/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://bbaja.cn
date: Sat, 12 Nov 2022 22:41:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?0f9e9495a2979df675689eb3f7c60d17
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?0f9e9495a2979df675689eb3f7c60d17
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (671)
Hash 23546018b9f648d0bc1291ca7e919b91
406497194233f463a19764676e5a5e51f0b83e7e
ca510b1a14265612e08d85cb154af94534c86ace6d5323b89c1855ffcab5bf4e
GET /hm.js?0f9e9495a2979df675689eb3f7c60d17 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bbaja.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11384
Content-Type: application/javascript
Date: Sat, 12 Nov 2022 22:41:49 GMT
Etag: ce40f0904d550d6c5fcd3d65907085d6
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=7BD3F710C43ED281; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?56e88f4811e3805467cb732ab652fc8a
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?56e88f4811e3805467cb732ab652fc8a
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (622)
Hash 40ab0a675de368b89a725dc7e3fba9dd
de02ad584f5e3982bd96cde865e89841a8323dae
3fbbe23c52b640ea70bee6ff70280c6806a2189b69adb334d48ed32062f7a4b0
GET /hm.js?56e88f4811e3805467cb732ab652fc8a HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bbaja.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11335
Content-Type: application/javascript
Date: Sat, 12 Nov 2022 22:41:49 GMT
Etag: 11c01633266ff03ff62b0596ac808784
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=533A8B5DC0E140D6; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?957de4d70bf7b7be33bc859d43ad70c6
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?957de4d70bf7b7be33bc859d43ad70c6
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (625)
Hash 454d8672a119e5023a4b0a8be8014519
c1877f72fdd14e45065bc7b2f170dec38c994e15
7964366dca04effdd3371ade1a43207f03dbfd63b5d3467672346b32705596cb
GET /hm.js?957de4d70bf7b7be33bc859d43ad70c6 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bbaja.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11338
Content-Type: application/javascript
Date: Sat, 12 Nov 2022 22:41:49 GMT
Etag: e663fab9f516cebd2f9f614627e55238
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=FD03D1908CC8AD55; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5823b629e86542b63f4355ec5e67a126
97cbdbbb6b03e6ef7f3f45449245470ad8bd8292
96d8e39efb6eebd1413a4bc0fa6800781f636e70dc0ccadf6a546f26fa022755
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96D8E39EFB6EEBD1413A4BC0FA6800781F636E70DC0CCADF6A546F26FA022755"
Last-Modified: Thu, 10 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2848
Expires: Sat, 12 Nov 2022 23:29:17 GMT
Date: Sat, 12 Nov 2022 22:41:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5823b629e86542b63f4355ec5e67a126
97cbdbbb6b03e6ef7f3f45449245470ad8bd8292
96d8e39efb6eebd1413a4bc0fa6800781f636e70dc0ccadf6a546f26fa022755
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96D8E39EFB6EEBD1413A4BC0FA6800781F636E70DC0CCADF6A546F26FA022755"
Last-Modified: Thu, 10 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2848
Expires: Sat, 12 Nov 2022 23:29:17 GMT
Date: Sat, 12 Nov 2022 22:41:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5823b629e86542b63f4355ec5e67a126
97cbdbbb6b03e6ef7f3f45449245470ad8bd8292
96d8e39efb6eebd1413a4bc0fa6800781f636e70dc0ccadf6a546f26fa022755
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96D8E39EFB6EEBD1413A4BC0FA6800781F636E70DC0CCADF6A546F26FA022755"
Last-Modified: Thu, 10 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2848
Expires: Sat, 12 Nov 2022 23:29:17 GMT
Date: Sat, 12 Nov 2022 22:41:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5823b629e86542b63f4355ec5e67a126
97cbdbbb6b03e6ef7f3f45449245470ad8bd8292
96d8e39efb6eebd1413a4bc0fa6800781f636e70dc0ccadf6a546f26fa022755
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96D8E39EFB6EEBD1413A4BC0FA6800781F636E70DC0CCADF6A546F26FA022755"
Last-Modified: Thu, 10 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2848
Expires: Sat, 12 Nov 2022 23:29:17 GMT
Date: Sat, 12 Nov 2022 22:41:49 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcda76b4a-e2cf-4a4f-903b-a939ac862b71.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcda76b4a-e2cf-4a4f-903b-a939ac862b71.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3fd9f2cf5d5cbda75b55b310034f8294
58ebbd459c47d5f773da1da77f370286e006ae30
6b04a734b7e10e329df43e107462906f1690c95783cad69d56a412955b88d66e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcda76b4a-e2cf-4a4f-903b-a939ac862b71.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11388
x-amzn-requestid: 476bbb49-4bd4-408f-b82f-3dfd52dcf7ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bgfNdEYsoAMF0HA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63701255-06630c41353045dc5e5d58b8;Sampled=0
x-amzn-remapped-date: Sat, 12 Nov 2022 21:38:29 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -wI4Gprap42Eewd0DwppPQcSN4Bj5LX-PDAGk-eo-UCk8TuX_Dd9_A==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 12 Nov 2022 21:54:29 GMT
age: 2840
etag: "58ebbd459c47d5f773da1da77f370286e006ae30"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0f558ca-3fcd-40ca-bb1c-ef126918959d.jpeg
34.120.237.76200 OK 4.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0f558ca-3fcd-40ca-bb1c-ef126918959d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 69f064e6ea676998a7371ceb25a310ed
91e8debd93ce098249d973807859993bd19bff62
2b12427099bccbdfaeb01104ce99185f91846f7112a4cf201481a300e1851e8a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0f558ca-3fcd-40ca-bb1c-ef126918959d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4122
x-amzn-requestid: 9340162b-fc1e-4f3d-a45e-8ebd9a4875e2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bgfLqHqxoAMFzfQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6370124a-25a4e62a6f8e87d103e35953;Sampled=0
x-amzn-remapped-date: Sat, 12 Nov 2022 21:38:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: hmlaoE2J_B_cu-dW_vYP1UWAgnGKgjOtzdNsNfydANBkuc5q4L6_HA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 12 Nov 2022 22:04:43 GMT
age: 2226
etag: "91e8debd93ce098249d973807859993bd19bff62"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13f1630e-d21f-4f16-8990-798920b90e02.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13f1630e-d21f-4f16-8990-798920b90e02.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 963e34ce83d464bdc36f27599567a6b2
2ec4f95fcc2f343613d6bb659f6b58b541f426e6
027d57074d662088658af176b9f5cbd017b5f8f3606fcb8cea2f143cd7736b7e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13f1630e-d21f-4f16-8990-798920b90e02.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5018
x-amzn-requestid: 9e8e1034-478d-46da-9bf9-b5a4798ff09a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: benOQHszIAMFhZw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636f525b-3c5a78755099e8465a89d6c3;Sampled=0
x-amzn-remapped-date: Sat, 12 Nov 2022 07:59:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: sqoUAlONIsPhyLsjkzLlFfGejRvKAM4MaILN2KIf-q3Amlf6I4IB0w==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 12 Nov 2022 21:54:29 GMT
age: 2840
etag: "2ec4f95fcc2f343613d6bb659f6b58b541f426e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80441337-327d-4d34-9fe8-53269c39ac18.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80441337-327d-4d34-9fe8-53269c39ac18.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 26249508ef18eac51cf62cf6e90339a4
a9922959c532dd26f21bda4f74ee1fa8496e862e
25075ef6337bae8e60412cdca98afbae6aca61d889aadce4cbad4a8522f4c4b1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80441337-327d-4d34-9fe8-53269c39ac18.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7867
x-amzn-requestid: e05d4978-6f46-4395-8121-4d969a222328
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bgfLqFWIoAMF01A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6370124a-4033150d0180e56e2965e26e;Sampled=0
x-amzn-remapped-date: Sat, 12 Nov 2022 21:38:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: YDkJ7OIcS3FiDPufRTj5VtL5CMxbNN2o2Zq50QQ9UNeDw4uE4j3jrw==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Sat, 12 Nov 2022 21:54:29 GMT
age: 2840
etag: "a9922959c532dd26f21bda4f74ee1fa8496e862e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2942789-3784-432b-a380-73951d12767a.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2942789-3784-432b-a380-73951d12767a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 93d4c9b75e8e21151056247b8a76e1d5
98eebc284e7a7817cc3397a40defaf7f2cc2f9af
621a65a13db5f93806e90094ca71a82eb586f383950278a0cbed3dba2a8fb9f6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc2942789-3784-432b-a380-73951d12767a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8582
x-amzn-requestid: e82ca80b-e945-4c56-a8f8-0c139aae8e86
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bgfLqEh8IAMFeSw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6370124a-400c01252ab480d9366a9410;Sampled=0
x-amzn-remapped-date: Sat, 12 Nov 2022 21:38:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: XhzX6HVmgnoesOaTa40kRgxZziVaT8odcVPIPfVT9Fa7zj0DoG5XBQ==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Sat, 12 Nov 2022 21:58:03 GMT
age: 2626
etag: "98eebc284e7a7817cc3397a40defaf7f2cc2f9af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56802217-f3db-4036-987b-8614bd4098ef.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56802217-f3db-4036-987b-8614bd4098ef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 271563e0590df14c6116ae1925628b82
ef661c6f2999fe153d92a1c51208f08289236df6
fc6c3a8ac5268b1f646fc397e0d8630bb16df39a6c8a19e952417723062dbb51
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56802217-f3db-4036-987b-8614bd4098ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9089
x-amzn-requestid: 6abc1d88-e1db-4bd3-add1-89bf9e31c836
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bgfLrHNpoAMFyYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6370124a-7c19aafb547d2f1c0f861f2c;Sampled=0
x-amzn-remapped-date: Sat, 12 Nov 2022 21:38:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 1s6DaqcGwm6NJQpHHDlRqK2kVgPY7-wfh8ltzXzrnrdAbq_wAOEcWg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sat, 12 Nov 2022 21:54:29 GMT
age: 2840
etag: "ef661c6f2999fe153d92a1c51208f08289236df6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?e580d24a0af01241d534439cfcc0c10c
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?e580d24a0af01241d534439cfcc0c10c
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (623)
Hash 415ee6989458367fd9e35c136fc731c9
cd0c9af99f4540c5e5c943ed43935ce8e771c308
482c110bd7730b22bcd3020c77f64d9d644562c0b0f2fa07b2b7ec0cab7afe11
GET /hm.js?e580d24a0af01241d534439cfcc0c10c HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bbaja.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11336
Content-Type: application/javascript
Date: Sat, 12 Nov 2022 22:41:49 GMT
Etag: 2a987a90bb2488235ec9ff8af119bb0e
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=CCB0ED24BF24FE20; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1107527484&si=0f9e9495a2979df675689eb3f7c60d17&su=http%3A%2F%2F3hvzox.cyou%2F&v=1.2.97&lv=1&sn=33949&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fbbaja.cn%2FzMwhMUgP%2Fnovaposhtmv-vixh%2F%3F_t%3D1668292907338otdhvb%231668292907940
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1107527484&si=0f9e9495a2979df675689eb3f7c60d17&su=http%3A%2F%2F3hvzox.cyou%2F&v=1.2.97&lv=1&sn=33949&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fbbaja.cn%2FzMwhMUgP%2Fnovaposhtmv-vixh%2F%3F_t%3D1668292907338otdhvb%231668292907940
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1107527484&si=0f9e9495a2979df675689eb3f7c60d17&su=http%3A%2F%2F3hvzox.cyou%2F&v=1.2.97&lv=1&sn=33949&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fbbaja.cn%2FzMwhMUgP%2Fnovaposhtmv-vixh%2F%3F_t%3D1668292907338otdhvb%231668292907940 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bbaja.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 12 Nov 2022 22:41:49 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=1586A23DD9846AC8; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=56525288&si=56e88f4811e3805467cb732ab652fc8a&su=http%3A%2F%2F3hvzox.cyou%2F&v=1.2.97&lv=1&sn=33949&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fbbaja.cn%2FzMwhMUgP%2Fnovaposhtmv-vixh%2F%3F_t%3D1668292907338otdhvb%231668292907940
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=56525288&si=56e88f4811e3805467cb732ab652fc8a&su=http%3A%2F%2F3hvzox.cyou%2F&v=1.2.97&lv=1&sn=33949&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fbbaja.cn%2FzMwhMUgP%2Fnovaposhtmv-vixh%2F%3F_t%3D1668292907338otdhvb%231668292907940
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=56525288&si=56e88f4811e3805467cb732ab652fc8a&su=http%3A%2F%2F3hvzox.cyou%2F&v=1.2.97&lv=1&sn=33949&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fbbaja.cn%2FzMwhMUgP%2Fnovaposhtmv-vixh%2F%3F_t%3D1668292907338otdhvb%231668292907940 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bbaja.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 12 Nov 2022 22:41:50 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=222D0F806CADE919; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1796189227&si=957de4d70bf7b7be33bc859d43ad70c6&su=http%3A%2F%2F3hvzox.cyou%2F&v=1.2.97&lv=1&sn=33949&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fbbaja.cn%2FzMwhMUgP%2Fnovaposhtmv-vixh%2F%3F_t%3D1668292907338otdhvb%231668292907940
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1796189227&si=957de4d70bf7b7be33bc859d43ad70c6&su=http%3A%2F%2F3hvzox.cyou%2F&v=1.2.97&lv=1&sn=33949&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fbbaja.cn%2FzMwhMUgP%2Fnovaposhtmv-vixh%2F%3F_t%3D1668292907338otdhvb%231668292907940
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1796189227&si=957de4d70bf7b7be33bc859d43ad70c6&su=http%3A%2F%2F3hvzox.cyou%2F&v=1.2.97&lv=1&sn=33949&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fbbaja.cn%2FzMwhMUgP%2Fnovaposhtmv-vixh%2F%3F_t%3D1668292907338otdhvb%231668292907940 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bbaja.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 12 Nov 2022 22:41:50 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=10F5C6E33360CBF6; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1164056513&si=e580d24a0af01241d534439cfcc0c10c&su=http%3A%2F%2F3hvzox.cyou%2F&v=1.2.97&lv=1&sn=33949&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fbbaja.cn%2FzMwhMUgP%2Fnovaposhtmv-vixh%2F%3F_t%3D1668292907338otdhvb%231668292907940
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1164056513&si=e580d24a0af01241d534439cfcc0c10c&su=http%3A%2F%2F3hvzox.cyou%2F&v=1.2.97&lv=1&sn=33949&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fbbaja.cn%2FzMwhMUgP%2Fnovaposhtmv-vixh%2F%3F_t%3D1668292907338otdhvb%231668292907940
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1164056513&si=e580d24a0af01241d534439cfcc0c10c&su=http%3A%2F%2F3hvzox.cyou%2F&v=1.2.97&lv=1&sn=33949&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fbbaja.cn%2FzMwhMUgP%2Fnovaposhtmv-vixh%2F%3F_t%3D1668292907338otdhvb%231668292907940 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bbaja.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 12 Nov 2022 22:41:50 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=EB9410D58C48B8D9; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
bonepa.com/4fe48aebd6/4f59451604/?placementName=Tab&is_first=true&randomA=0_6691&maxw=0
185.66.201.42200 OK 0 B URL HTTP/2 bonepa.com/4fe48aebd6/4f59451604/?placementName=Tab&is_first=true&randomA=0_6691&maxw=0
IP 185.66.201.42:0
ASN #201702 skHosting.eu s.r.o.
GET /4fe48aebd6/4f59451604/?placementName=Tab&is_first=true&randomA=0_6691&maxw=0 HTTP/1.1
Host: bonepa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bbaja.cn/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 22:41:50 GMT
content-type: text/html; charset=UTF-8
set-cookie: shown1=0; expires=Sun, 13-Nov-2022 22:41:50 GMT; Max-Age=86400; secure; SameSite=None
used_ad2633131=1; expires=Sun, 13-Nov-2022 04:59:59 GMT; Max-Age=22689; path=/; secure; SameSite=None
total_impressions=1; expires=Sun, 13-Nov-2022 04:59:59 GMT; Max-Age=22689; secure; SameSite=None
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
cdn.jsdelivr.cc/npm/popper.js@1.16.1/dist/umd/popper.min.js
172.67.151.125200 OK 0 B URL HTTP/2 cdn.jsdelivr.cc/npm/popper.js@1.16.1/dist/umd/popper.min.js
IP 172.67.151.125:0
GET /npm/popper.js@1.16.1/dist/umd/popper.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bbaja.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 22:41:48 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycdt8iAiFUD-J6NleyhXb8_vV8-wAPh_5tba_l2ugugXdkSJbrWiN1EsoSHZyahG4iSEJB_zV100HdRQRWXjd72Q
expires: Sat, 12 Nov 2022 22:29:15 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:44:44 GMT
etag: W/"31c898c6d2ea13c30441657ff1900d81"
x-goog-generation: 1647503084523089
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 21236
x-goog-hash: crc32c=7cW0Gg==, md5=MciYxtLqE8MEQWV/8ZANgQ==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 823
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T80936zYKx2NFIzxOTeej3XjVyTGqXZ1CWIXdSZyQLsqjIX9%2BsDcKriN667XpvH1vl%2BEwfpEb0GrP0ErPwHuoEhv%2BXvJgFybi2q93GUJGmb8uZ9gbuO7wk%2B%2FutkYK%2BsZCJw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7692c6f2fbbefab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
uprimp.com/bnr_xload.php?section=General&pub=593174&format=300x50&ga=g&xt=166829290872075&xtt=472020
185.66.200.220200 OK 0 B URL HTTP/2 uprimp.com/bnr_xload.php?section=General&pub=593174&format=300x50&ga=g&xt=166829290872075&xtt=472020
IP 185.66.200.220:0
ASN #201702 skHosting.eu s.r.o.
GET /bnr_xload.php?section=General&pub=593174&format=300x50&ga=g&xt=166829290872075&xtt=472020 HTTP/1.1
Host: uprimp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bbaja.cn/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 22:41:48 GMT
content-type: text/html; charset=UTF-8
expires: Sat, 12 Nov 2022 22:41:48 GMT
last-modified: Sat, 12 Nov 2022 22:41:48 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
X-Firefox-Spdy: h2
cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/js/bootstrap.min.js
172.67.151.125200 OK 0 B URL HTTP/2 cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/js/bootstrap.min.js
IP 172.67.151.125:0
GET /npm/bootstrap@4.6.0/dist/js/bootstrap.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bbaja.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 22:41:47 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycdv0chj5F1Awc6K7Usaiie2qXL87Fxg5kp7mYqQH9s8HWV5Nuv0HuTqJ2hz1F5xUG9MGapUfK4P-pfLXRasYr-w
expires: Sat, 12 Nov 2022 22:33:57 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:36:54 GMT
etag: W/"c99230d2575380d7f95ff626606d2426"
x-goog-generation: 1647502614200576
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 63473
x-goog-hash: crc32c=x2l+AA==, md5=yZIw0ldTgNf5X/YmYG0kJg==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 822
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gj4rPRwCQGx0anxi8oX6Uuj%2Bjt2kAU%2BiYKstLAp7qdICbronpMAka6fWweiSjmIxIZu0NWXqp6XcR%2BfPYsRcDGpq4K2nlbYdR%2FBkMY80elBMNr5OTCNqKSj5%2BuYDSo2s7pU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7692c6f2eba3fab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
uprimp.com/bnr.php?section=General&pub=593174&format=300x50&ga=g
185.66.200.220200 OK 0 B URL HTTP/2 uprimp.com/bnr.php?section=General&pub=593174&format=300x50&ga=g
IP 185.66.200.220:0
ASN #201702 skHosting.eu s.r.o.
GET /bnr.php?section=General&pub=593174&format=300x50&ga=g HTTP/1.1
Host: uprimp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bbaja.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 22:41:48 GMT
content-type: application/javascript
expires: Sat, 12 Nov 2022 22:41:48 GMT
last-modified: Sat, 12 Nov 2022 22:41:48 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
X-Firefox-Spdy: h2
bbaja.cn/zMwhMUgP/novaposhtmv-vixh/?_t=1668292907338otdhvb
172.67.144.73200 OK 0 B URL HTTP/2 bbaja.cn/zMwhMUgP/novaposhtmv-vixh/?_t=1668292907338otdhvb
IP 172.67.144.73:0
Analyzer Verdict Alert quad9 Sinkholed
GET /zMwhMUgP/novaposhtmv-vixh/?_t=1668292907338otdhvb HTTP/1.1
Host: bbaja.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://3hvzox.cyou/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 22:41:47 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: pType=mo; expires=Sat, 12-Nov-2022 22:53:47 GMT; Max-Age=720; path=/; domain=bbaja.cn
novaposhtmv-vixh-tthh1=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.bbaja.cn
novaposhtmv-vixh-tthh2=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.bbaja.cn
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ihT7G7fG4%2Bcb8TbhEcgye5Swbsh7amMQKZpZBWtw5GX3RmC%2BAPdFOpL5%2FqR1sCZTzpn2Mu0Q0GEUx6VTgd6eF6aX7OO7l4G2Fnp23z8DlmJC1q8pgFfA4klS4g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7692c6f17c63b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css
172.67.151.125200 OK 0 B URL HTTP/2 cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css
IP 172.67.151.125:0
GET /npm/bootstrap@4.6.0/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bbaja.cn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 22:41:47 GMT
content-type: text/css
x-guploader-uploadid: ADPycduCHwg6n53VPzNb_-57qJzhoPJbEBdMgpsWgTX19t4NIh3Tdte6MCXenDGQTAuiJrpSRG3G9WDZErClLNvZVXhXccOSWw
expires: Sat, 12 Nov 2022 23:13:35 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:38:12 GMT
etag: W/"feba0d0760607b9e21393156949afcd9"
x-goog-generation: 1647502692716912
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 161415
x-goog-hash: crc32c=Sb/HMQ==, md5=/roNB2Bge54hOTFWlJr82Q==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 822
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rwel6iFR%2BwF1syJMcknlIfpVwpMh8sVcIzvbFRTU%2F1eHmSulkbT4SGRAdvez8wr610jN86R9DoPtlq%2BFKqlMUMHlLVMoB6CN%2B%2FjRfsK8V5fIBDW%2FawxrMj4c7rFd%2F1FTHT4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7692c6f2db9afab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bonepa.com/js/responsive.js
185.66.201.42200 OK 0 B URL HTTP/2 bonepa.com/js/responsive.js
IP 185.66.201.42:0
ASN #201702 skHosting.eu s.r.o.
Analyzer Verdict Alert fortinet Phishing
GET /js/responsive.js HTTP/1.1
Host: bonepa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bbaja.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 22:41:48 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 13:52:39 GMT
etag: W/"63627627-e32"
content-encoding: br
X-Firefox-Spdy: h2