pf7bg.cn Open in urlscan Pro
2606:4700:3037::ac43:bc19 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://dividebrace.top/petronas-qf/tb.php?zwikyhwh1654690175483
Effective URL:
https://pf7bg.cn/mfUJzqzm/petronas-qf/?_t=1654690363825
Submission: On June 08 via manual (June 8th 2022, 12:12:49 pm UTC) from MY — Scanned from DE

Summary HTTP 49 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 4 countries across 10 domains to perform 49 HTTP transactions. The main IP is 2606:4700:3037::ac43:bc19, located in United States and belongs to CLOUDFLARENET, US. The main domain is pf7bg.cn.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 10th 2022. Valid for: a year.

This is the only time pf7bg.cn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2606:4700:303... 2606:4700:3030::6815:3f1c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:303... 2606:4700:3037::ac43:bc19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:303... 2606:4700:3030::6815:d63	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2606:4700:303... 2606:4700:3033::ac43:bb1e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
2	185.66.201.42 185.66.201.42	201702 (SKHOSTING-EU) (SKHOSTING-EU)
2	185.66.200.220 185.66.200.220	201702 (SKHOSTING-EU) (SKHOSTING-EU)
3	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
8	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
3	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
49	10

3 2606:4700:3030::6815:3f1c (United States)

ASN13335 (CLOUDFLARENET, US)

dividebrace.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3037::ac43:bc19 (United States)

ASN13335 (CLOUDFLARENET, US)

pf7bg.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3030::6815:d63 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2606:4700:3033::ac43:bb1e (United States)

ASN13335 (CLOUDFLARENET, US)

imgdesk.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.66.201.42 (Nitra, Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: affilist.com

qoaaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.66.200.220 (Nitra, Slovakia)

ASN201702 (SKHOSTING-EU, SK)
PTR: 185.66.200.220.skhosting.eu

uprimp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	imgdesk.xyz imgdesk.xyz — Cisco Umbrella Rank: 269918	301 KB
8	baidu.com hm.baidu.com — Cisco Umbrella Rank: 8357	48 KB
6	jsdelivr.cc cdn.jsdelivr.cc — Cisco Umbrella Rank: 202519	103 KB
4	pf7bg.cn pf7bg.cn	19 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	450 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 64	206 KB
3	dividebrace.top dividebrace.top	4 KB
2	uprimp.com uprimp.com — Cisco Umbrella Rank: 183764	936 B
2	qoaaa.com qoaaa.com — Cisco Umbrella Rank: 219865	5 KB
2	blogspot.com 1.bp.blogspot.com — Cisco Umbrella Rank: 8652	58 KB
49	10

	Domain	Requested by
16	imgdesk.xyz	pf7bg.cn
8	hm.baidu.com	pf7bg.cn
6	cdn.jsdelivr.cc	pf7bg.cn
4	pf7bg.cn	dividebrace.top pf7bg.cn cdn.jsdelivr.cc
3	www.google-analytics.com	www.googletagmanager.com
3	www.googletagmanager.com	pf7bg.cn
3	dividebrace.top	dividebrace.top
2	uprimp.com	pf7bg.cn uprimp.com
2	qoaaa.com	pf7bg.cn qoaaa.com
2	1.bp.blogspot.com	pf7bg.cn
49	10

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-03-10` - `2023-03-09`	a year	crt.sh
*.imgdesk.xyz E1	`2022-05-23` - `2022-08-21`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
qoaaa.com R3	`2022-04-07` - `2022-07-06`	3 months	crt.sh
uprimp.com R3	`2022-05-15` - `2022-08-13`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
baidu.com GlobalSign Organization Validation CA - SHA256 - G2	`2022-02-21` - `2022-08-02`	5 months	crt.sh

This page contains 3 frames:

Primary Page: https://pf7bg.cn/mfUJzqzm/petronas-qf/?_t=1654690363825
Frame ID: EBF8478A4C4C3DE2184691F8E06A7715
Requests: 47 HTTP requests in this frame

Frame: https://uprimp.com/bnr_xload.php?section=General&pub=593174&format=300x50&ga=g&xt=165469036434946&xtt=7011284
Frame ID: 4DCF18CF8E3C3B08474BF493C0C9B439
Requests: 1 HTTP requests in this frame

Frame: https://qoaaa.com//4fe48aebd6/4f59451604/?placementName=Banner&randomA=0_4480&maxw=0
Frame ID: 0750D1EEFA0C424AF45BB840D932EDBA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

🎉️️🛢️💸️️PETRONAS Staatliche Subventionen!🎁🎊

Page URL History Show full URLs

http://dividebrace.top/petronas-qf/tb.php?zwikyhwh1654690175483 Page URL
https://pf7bg.cn/mfUJzqzm/petronas-qf/?_t=1654690363825 Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweetalert2(?:\.all)?(?:\.min)?\.js
/npm/sweetalert2@([\d.]+)
sweetalert2@([\d.]+)/dist/sweetalert2(?:\.all)(?:\.min)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

49
Requests

94 %
HTTPS

70 %
IPv6

10
Domains

10
Subdomains

10
IPs

4
Countries

747 kB
Transfer

1573 kB
Size

13
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://dividebrace.top/petronas-qf/tb.php?zwikyhwh1654690175483 Page URL
https://pf7bg.cn/mfUJzqzm/petronas-qf/?_t=1654690363825 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

49 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK tb.php Show response
dividebrace.top/petronas-qf/ 1 KB
1 KB 473ms
128ms Document
text/html 2606:4700:3030::6815:3f1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://dividebrace.top/petronas-qf/tb.php?zwikyhwh1654690175483
Protocol: HTTP/1.1
Server: 2606:4700:3030::6815:3f1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 575d4b78748f10525de28ae4681b4045684a7d347dd8dd365fa4ffedc08e1ab3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

CF-Cache-Status: DYNAMIC
CF-RAY: 71818992fe635c92-FRA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 08 Jun 2022 12:12:43 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S3ZnEddmHnG2DWQD6lHhQqM0p%2BZuyF5J81f21HftweJBYn01xJdaSOK7nlZtq1UhoYGO3%2FRkyvRCXWXuV9iCCUk%2FzO9ZvNL6%2FNDDjicBweM%2F2p%2BMoVjS%2BjNxJlYIah7qgvRP7egcMrXxKOkLUyY%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK og2.js Show response
dividebrace.top/j/ 2 KB
2 KB 58ms
58ms Script
application/javascript 2606:4700:3030::6815:3f1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://dividebrace.top/j/og2.js?_t=1654690363704
Requested by: Host: dividebrace.top
URL: http://dividebrace.top/petronas-qf/tb.php?zwikyhwh1654690175483
Protocol: HTTP/1.1
Server: 2606:4700:3030::6815:3f1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 306ebdef99fb6e0fa54820b0060f01804c171cef42f71b26152df4626196b181

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://dividebrace.top/petronas-qf/tb.php?zwikyhwh1654690175483
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Wed, 08 Jun 2022 12:12:43 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Last-Modified: Sun, 15 May 2022 08:44:25 GMT
Server: cloudflare
ETag: W/"6280bd69-82e"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nM804QbwDqk6%2B0QF8B4qpIK2TORVBZwvPZS%2FKSnwGgkD1Is1qIJzQaswYhLwOZWyIqLEzCFtrZCRqlMrATw5kdMepvHL5StNCV9SZVAi7Q%2B5Xj91J%2FrWnRFb%2Ffw3qM3qH3R5J6JhhDSrB%2FWrPJw%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Cache-Control: max-age=43200
CF-RAY: 718189953b9d5c92-FRA
Expires: Thu, 09 Jun 2022 00:12:43 GMT

POST
H/1.1 200
OK og2.php
dividebrace.top/j/ 72 B
744 B 58ms
58ms XHR
application/json 2606:4700:3030::6815:3f1c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://dividebrace.top/j/og2.php?_t=1654690363764
Requested by: Host: dividebrace.top
URL: http://dividebrace.top/j/og2.js?_t=1654690363704
Protocol: HTTP/1.1
Server: 2606:4700:3030::6815:3f1c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: http://dividebrace.top/petronas-qf/tb.php?zwikyhwh1654690175483
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Wed, 08 Jun 2022 12:12:43 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FR9me8ZYMg63YB8AJGEkmB%2FCKUp0EpsrzwSbdij8z6lJNBaRiNqhRx7qdPAAfR4YwXFQfyf%2Fvh5ilp8HLosZ8%2Fw5EgDZ0g02gHgMZ0Uu77yDAl0O5azCR8Xcms8u7OUwzpnhGMosvGqiP6F89C4%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/json
Connection: keep-alive
CF-RAY: 718189959c555c92-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 Primary Request / Show response
pf7bg.cn/mfUJzqzm/petronas-qf/ 90 KB
17 KB 264ms
208ms Document
text/html 2606:4700:3037::ac43:bc19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pf7bg.cn/mfUJzqzm/petronas-qf/?_t=1654690363825
Requested by: Host: dividebrace.top
URL: http://dividebrace.top/j/og2.js?_t=1654690363704
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bc19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4245d63e645d8b7717d16233f32d60f6e754aaea6627805288e521e5cac2e26

Request headers

Referer: http://dividebrace.top/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 718189964ea29070-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 08 Jun 2022 12:12:44 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x4G5GgCcWcS2K5wRknhrhHrBLNSi%2BZFsSOfV5qKqaBRNGVbmH1ewww1KA7%2BRaQidzul514y6FZJgMjFYGTIYpXO68GsIlQmBNvnfI6yH%2FCsEekOWYjby7U8VAA8qnXC5UKH4XvFRfw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 jquery.min.js Show response
cdn.jsdelivr.cc/npm/jquery@3.6.0/dist/ 87 KB
32 KB 104ms
56ms Script
text/javascript 2606:4700:3030::6815:d63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jsdelivr.cc/npm/jquery@3.6.0/dist/jquery.min.js
Requested by: Host: pf7bg.cn
URL: https://pf7bg.cn/mfUJzqzm/petronas-qf/?_t=1654690363825
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:d63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pf7bg.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-goog-hash: crc32c=JnXAUA==, md5=PkuyJ/tVJxv+nJ1KCRR72A==
date: Wed, 08 Jun 2022 12:12:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2888
x-guploader-uploadid: ADPycdvCxHltiuPjHL-zbbsBVwle0-vgYS2_pOmv1wzzQZrGSBqUE4vr5WQ_17FuwcGb_O0Ved79CT2MXZTd7QgSd4c
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 17 Mar 2022 07:30:17 GMT
server: cloudflare
etag: W/"3e4bb227fb55271bfe9c9d4a09147bd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NGI3%2BV9w96bV5stPAuIMPIJsYZxOe%2BpZAXRekWsbqPmnivwiEjiEOU3Uhi6wl2RFQI%2Fa8Gvcvv2JyiYtA%2BbP6dKQeu9g0sL4UgbbvSsp%2B0j2u8Carpx3OKPo6vToe2PXtaf7o6cV1ipSASHp%2FhM%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1647502217775195
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 89501
cf-ray: 71818997f81b902e-FRA
expires: Wed, 08 Jun 2022 11:35:43 GMT

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/js/ 62 KB
16 KB 128ms
80ms Script
text/javascript 2606:4700:3030::6815:d63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/js/bootstrap.min.js
Requested by: Host: pf7bg.cn
URL: https://pf7bg.cn/mfUJzqzm/petronas-qf/?_t=1654690363825
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:d63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4555d8dee9f8adc976e84a97dfe87e6bf5794b579f49bb56f133fed85f7d709

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pf7bg.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-goog-hash: crc32c=x2l+AA==, md5=yZIw0ldTgNf5X/YmYG0kJg==
date: Wed, 08 Jun 2022 12:12:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 978
x-guploader-uploadid: ADPycdv0chj5F1Awc6K7Usaiie2qXL87Fxg5kp7mYqQH9s8HWV5Nuv0HuTqJ2hz1F5xUG9MGapUfK4P-pfLXRasYr-w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 17 Mar 2022 07:36:54 GMT
server: cloudflare
etag: W/"c99230d2575380d7f95ff626606d2426"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4syaPYBikvZjH4xyh7W35RnILVYFOtX2zu24iopgD5t4t2%2FnHkPYihWnad1FXVYrbC%2FxG2ZJywAj7YNXNokHgIqoz5nlvCFk5dXga2LtdP6RmZsJrgp9xgOlTNcnV9oyHT%2FgFrNcxoscu%2FJQw5A%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1647502614200576
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 63473
cf-ray: 71818997f81e902e-FRA
expires: Wed, 08 Jun 2022 12:20:52 GMT

GET
H2 200 sweetalert2.all.min.js Show response
cdn.jsdelivr.cc/npm/sweetalert2@10.16.0/dist/ 71 KB
20 KB 123ms
75ms Script
text/javascript 2606:4700:3030::6815:d63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jsdelivr.cc/npm/sweetalert2@10.16.0/dist/sweetalert2.all.min.js
Requested by: Host: pf7bg.cn
URL: https://pf7bg.cn/mfUJzqzm/petronas-qf/?_t=1654690363825
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:d63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b7274b0b5b7f411de46416a6c9941062f7a57aaf919fdeda367b5959f4ce8ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pf7bg.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-goog-hash: crc32c=8ZRUYw==, md5=gJJLYuWzrHOqSEl3a0OXcA==
date: Wed, 08 Jun 2022 12:12:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2506
x-guploader-uploadid: ADPycds_5oPtcr3KFpC_u7Lnvdlqz8VeCGxAgHcXFP3zMljDMh6Q0ifyAwrLV7e0dbEbUBwQbF9kY0g0GrHWdqicRh8
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 17 Mar 2022 07:40:39 GMT
server: cloudflare
etag: W/"80924b62e5b3ac73aa4849776b439770"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aQJ0Nex2mBxd%2Fi4QAYzIQlgJGL3tCbCp4KtN2wvnWMCNWt2z61KXisOZECVy8%2FjCi3HlY75b1lhGVyL29TX7l4yOcAcGAoawAVKQE1TC4NB51DkcdOR9%2BeIjZR179cLuvIOlwQf5d%2Bd2GVVSb3U%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1647502839791727
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 72765
cf-ray: 71818997f81f902e-FRA
expires: Wed, 08 Jun 2022 10:52:46 GMT

GET
H2 200 lazyload.min.js Show response
cdn.jsdelivr.cc/npm/lazyload@2.0.0-rc.2/ 5 KB
3 KB 102ms
55ms Script
text/javascript 2606:4700:3030::6815:d63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jsdelivr.cc/npm/lazyload@2.0.0-rc.2/lazyload.min.js
Requested by: Host: pf7bg.cn
URL: https://pf7bg.cn/mfUJzqzm/petronas-qf/?_t=1654690363825
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:d63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b219e4cd8f8f9216f159285019be30d6bfe475d92ca30b3561551aaa2174751d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pf7bg.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-goog-hash: crc32c=lted8w==, md5=3G3pgTxxS6mXM8pPtdOh+g==
date: Wed, 08 Jun 2022 12:12:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 501
x-guploader-uploadid: ADPycdtR3AgAIN3_QYAw_67mnc51aKbU-2aPQ-R-QSkeTj3nsSu1Jsaz2TdmBL4OvQNJlTeYbHR1kd1BX1amk8hCkho
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 17 Mar 2022 07:42:43 GMT
server: cloudflare
etag: W/"dc6de9813c714ba99733ca4fb5d3a1fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K33LeCqoD8oXhxC2Gioe1d6nBAhtgETfbdiVscvA%2BSWL88vm3x8t0uH8nVa4onyOdEai%2FPijHyCj%2FCSOrQnJP7OuOONqJaAg6EYO0lXYFRQrL3EGAq6BxbV0PJ2H2ZbvpuXKBN%2FNhMmml9Uc1L8%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1647502963816044
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 4798
cf-ray: 71818997f824902e-FRA
expires: Wed, 08 Jun 2022 12:08:36 GMT

GET
H2 200 popper.min.js Show response
cdn.jsdelivr.cc/npm/popper.js@1.16.1/dist/umd/ 21 KB
8 KB 108ms
61ms Script
text/javascript 2606:4700:3030::6815:d63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jsdelivr.cc/npm/popper.js@1.16.1/dist/umd/popper.min.js
Requested by: Host: pf7bg.cn
URL: https://pf7bg.cn/mfUJzqzm/petronas-qf/?_t=1654690363825
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:d63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e290dc4993b9ae7d34440db26be412b4bc4547a48ff635750d400164665d7fa6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pf7bg.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-goog-hash: crc32c=7cW0Gg==, md5=MciYxtLqE8MEQWV/8ZANgQ==
date: Wed, 08 Jun 2022 12:12:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1698
x-guploader-uploadid: ADPycdu1_c45kD5Yfcahhyee5k60gFdhKF0DCxZU0gsZaJj5VB2X1mJ8GPzxrK27ja8jtIuK1TM4NgHxSepdplcvatU
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 17 Mar 2022 07:44:44 GMT
server: cloudflare
etag: W/"31c898c6d2ea13c30441657ff1900d81"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OrsoBB4KkaD4xq%2FwI4FdNXxu5%2B40rXQwIJ881svj5Yhpo5NRGlSf9CfDbDTqyPjz8LII1Oi2tyNO6mfRVLH3iTkeo5u6xDqP7x%2FJdgFVXg5Hqn9B%2Bz9C5b1psOjaqIohP%2FEE9NQ%2BG1EYb34pweg%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1647503084523089
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 21236
cf-ray: 71818997f822902e-FRA
expires: Wed, 08 Jun 2022 12:35:53 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/css/ 158 KB
25 KB 116ms
69ms Stylesheet
text/css 2606:4700:3030::6815:d63
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css
Requested by: Host: pf7bg.cn
URL: https://pf7bg.cn/mfUJzqzm/petronas-qf/?_t=1654690363825
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:d63 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d7a9043f4bed303fe2974ac4e3ba10d6b214e70f7ae549786ba2d347de05f81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pf7bg.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-goog-hash: crc32c=Sb/HMQ==, md5=/roNB2Bge54hOTFWlJr82Q==
date: Wed, 08 Jun 2022 12:12:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2892
x-guploader-uploadid: ADPycduCHwg6n53VPzNb_-57qJzhoPJbEBdMgpsWgTX19t4NIh3Tdte6MCXenDGQTAuiJrpSRG3G9WDZErClLNvZVXhXccOSWw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 17 Mar 2022 07:38:12 GMT
server: cloudflare
etag: W/"feba0d0760607b9e21393156949afcd9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GRgZHXoxKUfI2YuROwiYqzjk81AyvlgPEv97kbBSfg3yCYoxqhRCFx%2FNQnmBlhatbHXtAbtLOlCtnkGBMpl4wGDSzibzkaxqedkJeCaw85p7%2F0ne60bfxeqyIRS6pTnAQQzKkQUOHmWm90fCQU0%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1647502692716912
content-type: text/css
cache-control: public, max-age=3600
x-goog-stored-content-length: 161415
cf-ray: 71818997e81a902e-FRA
expires: Wed, 08 Jun 2022 11:35:52 GMT

GET
H2 200 petronas-my.hea.jpg
imgdesk.xyz/upload/ 13 KB
13 KB 205ms
154ms Image
image/jpeg 2606:4700:3033::ac43:bb1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgdesk.xyz/upload/petronas-my.hea.jpg
Requested by: Host: pf7bg.cn
URL: https://pf7bg.cn/mfUJzqzm/petronas-qf/?_t=1654690363825
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:bb1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e2990a5f502499fe4d941dba2f4520937d10b422f39ae8f1535e6ec9e077c00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pf7bg.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-goog-hash: crc32c=bY+1hA==, md5=4n2fVN9Qn6bywsSgIGvqOA==
date: Wed, 08 Jun 2022 12:12:44 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycdvdCNCF7EXHVuE-LL1B9FzgQGgiwRU7LvdAkv5zDwaBdP0bdG6dV5v5Aw-tXO9YrRSgMtxzlb1UwQZQgC98IylRDnOqpKiT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12827
last-modified: Mon, 23 May 2022 08:31:13 GMT
server: cloudflare
etag: "e27d9f54df509fa6f2c2c4a0206bea38"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1s5PlBic%2BQ5o1R5e4zBysInxvVlGoGGYqecgBiJzAcQk2kyDt%2BaVv%2F%2BstiPavP7b3cV0UcUYpWkucTAyLFuK%2FKs5lt5dZsEjNKf2Brp8caxBEk0j7bZuxltOzU4PGG5NwMtTl3Q7pZaKDg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1653294673642849
content-type: image/jpeg
cache-control: public, max-age=14400
x-goog-stored-content-length: 12827
accept-ranges: bytes
cf-ray: 71818998ff83699f-FRA
expires: Wed, 08 Jun 2022 13:12:44 GMT

GET
H2 200 petronas-my.heb.jpg
imgdesk.xyz/upload/ 3 KB
4 KB 211ms
161ms Image
image/jpeg 2606:4700:3033::ac43:bb1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgdesk.xyz/upload/petronas-my.heb.jpg
Requested by: Host: pf7bg.cn
URL: https://pf7bg.cn/mfUJzqzm/petronas-qf/?_t=1654690363825
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:bb1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12f7fb5ac8a7ac6d35a623bccf55beef64de060a1aafbf2537f081338791dd9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pf7bg.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-goog-hash: crc32c=xCY0eg==, md5=goNR4073/wwtX5Br06hU4Q==
date: Wed, 08 Jun 2022 12:12:44 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycdtH1ihrm2ab1cbbYpDgtw8qT1S0UGTRXk4RPxYCYPlzSfERhlx54fZhENbwwAyZVdXIadw2UA3JEgcB7ce99_MX09JAOnYq
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3320
last-modified: Mon, 23 May 2022 08:31:13 GMT
server: cloudflare
etag: "828351e34ef7ff0c2d5f906bd3a854e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s1dJuQ8szhC01LeAxTX7F%2F33tbtfOVVBF0lO2A0LIlByHxEX1Z351TlkJuRV0in0llQRwZLYiVf4gldjc9Sopt6T4jw1%2BLjpVFGfOjdoQZ8ck4gS02xqHcbvfilZA56iIJrU81aQHf091g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1653294673683159
content-type: image/jpeg
cache-control: public, max-age=14400
x-goog-stored-content-length: 3320
accept-ranges: bytes
cf-ray: 71818998ff87699f-FRA
expires: Wed, 08 Jun 2022 13:12:44 GMT

GET
H2 200 petronas-my.img.jpg
imgdesk.xyz/upload/ 61 KB
61 KB 207ms
157ms Image
image/jpeg 2606:4700:3033::ac43:bb1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgdesk.xyz/upload/petronas-my.img.jpg
Requested by: Host: pf7bg.cn
URL: https://pf7bg.cn/mfUJzqzm/petronas-qf/?_t=1654690363825
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:bb1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c53515afea906737f5ee414da288a7a264c000ca099fdbadc9bbf12031452ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pf7bg.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-goog-hash: crc32c=SXrUcg==, md5=+QjJ6cQF/71BRi5w6am9Tg==
date: Wed, 08 Jun 2022 12:12:44 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycdsSfpd0Ck5H1b88czE_tIIuFJvcFP_C2Cxr5g7BsDkSaMjwucMjMcoMT3eBVunE49Xc7lrFLn5VaCy1HFswvauzAUX3yZD7
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 62232
last-modified: Mon, 23 May 2022 08:31:13 GMT
server: cloudflare
etag: "f908c9e9c405ffbd41462e70e9a9bd4e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2wYk9J5QEiDQcvOB05Dz%2BpAMZuS172%2BWep1587xkWDpUFQml0DjOY6NVNsmbLS9ZaQ2n0DZvGLHcayQZ%2BGXFid6koOxeQrzS1bdre65c7%2BiYHwKYjrWrhgLydOeUaj9g0O0Gdw1JioK5WQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1653294673840657
content-type: image/jpeg
cache-control: public, max-age=14400
x-goog-stored-content-length: 62232
accept-ranges: bytes
cf-ray: 71818998ff88699f-FRA
expires: Wed, 08 Jun 2022 13:12:44 GMT

GET
H2 200 Germany_outbox.png
1.bp.blogspot.com/-mhFwYo28B2Q/YKppmIsu7ZI/AAAAAAAABgQ/c7DWa0Yxwm49LJDcNEkzDr503wyn4hLtACLcBGAsYHQ/s16000/ 44 KB
44 KB 78ms
25ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-mhFwYo28B2Q/YKppmIsu7ZI/AAAAAAAABgQ/c7DWa0Yxwm49LJDcNEkzDr503wyn4hLtACLcBGAsYHQ/s16000/Germany_outbox.png

Requested by

Host: pf7bg.cn
URL: https://pf7bg.cn/mfUJzqzm/petronas-qf/?_t=1654690363825

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9b7f1ddc36af29778df73a309d2861822456de3eb416e6921a5c44e68435a42f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pf7bg.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 11:10:12 GMT
x-content-type-options: nosniff
age: 3752
content-disposition: inline;filename="Germany_outbox.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44729
x-xss-protection: 0
server: fife
etag: "v605"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 18 Nov 2021 09:39:41 GMT

GET
H2 200 petronas-my.bix1.png
imgdesk.xyz/upload/ 36 KB
36 KB 229ms
179ms Image
image/png 2606:4700:3033::ac43:bb1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgdesk.xyz/upload/petronas-my.bix1.png
Requested by: Host: pf7bg.cn
URL: https://pf7bg.cn/mfUJzqzm/petronas-qf/?_t=1654690363825
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:bb1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb2f6f6bf833adefce1a1e41d36d3484ae0cba3d6251465c23bc2402df5bd949

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pf7bg.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-goog-hash: crc32c=AxsyWQ==, md5=WTNRiVi0VMZ/I7Ewyy7oEQ==
date: Wed, 08 Jun 2022 12:12:44 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycduOMqP-XzW-p8EEdBTHp7Cs3a2YZWGkuoaybJEiIOs3om3VsnWCbOTnCjBCBD0PmJ5JCdzHy0zCCFzxehM3W9huHA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36686
last-modified: Mon, 23 May 2022 08:31:13 GMT
server: cloudflare
etag: "5933518958b454c67f23b130cb2ee811"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ewD3jAW5qBwON9uXyB%2BVlkBEC6WnFy5qcG0x1DsPbUh6pMAxv4xOfQb0Yql%2Bt25c69PMK8ACQr7XursynJnhGu40%2Byj%2FwYjiXlz1tvyeOntS6EKiVtxBwfcw8uRcxlhoGHH2pusdDOZurA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1653294673292303
content-type: image/png
cache-control: public, max-age=14400
x-goog-stored-content-length: 36686
accept-ranges: bytes
cf-ray: 71818998ff89699f-FRA
expires: Wed, 08 Jun 2022 13:12:44 GMT

GET
H2 200 petronas-my.bix2.png
imgdesk.xyz/upload/ 5 KB
5 KB 221ms
171ms Image
image/png 2606:4700:3033::ac43:bb1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgdesk.xyz/upload/petronas-my.bix2.png
Requested by: Host: pf7bg.cn
URL: https://pf7bg.cn/mfUJzqzm/petronas-qf/?_t=1654690363825
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:bb1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e8c0cd2e58387e7d8290f17387c6ace3655f13674b27e4968f1b1951eea6298

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pf7bg.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-goog-hash: crc32c=P/xFnA==, md5=xqaSBbQ/ZNkWcUAELXKTaQ==
date: Wed, 08 Jun 2022 12:12:44 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycdu-z3pGiI0QtkQDQ3j46_26EqFi9fXo4BLkUNN0TFpvPMzmB7ujpsE1cJ6WhmkxOd0_XOgDt9tScNASy-eusaMZ-1gmyeL-
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4953
last-modified: Mon, 23 May 2022 08:31:13 GMT
server: cloudflare
etag: "c6a69205b43f64d9167140042d729369"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HE1lTsZgR7AVKbgdy7vKNFUMRgVsLyUkF4%2B3wurLNSb%2Bjn95RXxgJ5C4BbxIwbRKiraKHTN2UFvACz4KdSc385NbgADzeB9TqrUd%2FYJUpWEQVkF6h92J3azBOLHmOeU7kVhE5tQRNd15Ng%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1653294673419013
content-type: image/png
cache-control: public, max-age=14400
x-goog-stored-content-length: 4953
accept-ranges: bytes
cf-ray: 71818998ff8b699f-FRA
expires: Wed, 08 Jun 2022 13:12:44 GMT

GET
H2 200 Germany_inbox.png
1.bp.blogspot.com/-rJwuzcnw3VI/YKppmA0KHEI/AAAAAAAABgM/g534cHj8oxsuYau_w-e69RyO0APgsmLlwCLcBGAsYHQ/s16000/ 14 KB
14 KB 72ms
19ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-rJwuzcnw3VI/YKppmA0KHEI/AAAAAAAABgM/g534cHj8oxsuYau_w-e69RyO0APgsmLlwCLcBGAsYHQ/s16000/Germany_inbox.png

Requested by

Host: pf7bg.cn
URL: https://pf7bg.cn/mfUJzqzm/petronas-qf/?_t=1654690363825

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

32bc695a4583118b2adca0fe87d1f4844905692f48f5f2a0eece23f205536e60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pf7bg.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 11:10:12 GMT
x-content-type-options: nosniff
age: 3752
content-disposition: inline;filename="Germany_inbox.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14208
x-xss-protection: 0
server: fife
etag: "v605"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 13 Nov 2021 04:28:47 GMT

GET
H2 200 petronas-my.bix3.png
imgdesk.xyz/upload/ 55 KB
56 KB 223ms
174ms Image
image/png 2606:4700:3033::ac43:bb1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgdesk.xyz/upload/petronas-my.bix3.png
Requested by: Host: pf7bg.cn
URL: https://pf7bg.cn/mfUJzqzm/petronas-qf/?_t=1654690363825
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:bb1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e98f059b37e6dcae6c470d59f995eb3ce534b9564d9f05b655e5fd6a2c3c933

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pf7bg.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-goog-hash: crc32c=F43iFA==, md5=NNsGxOAuNZM8WWVeVQvx8A==
date: Wed, 08 Jun 2022 12:12:44 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycdvNuh6k1AHS3_xvCzz2f3aSG6NpbCQKGlObJ9NE-QVuCsP3jF7XPSqvUDteCoICUKBO0AB461r1BcAnKEX_ukKwXIdfCd3I
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56558
last-modified: Mon, 23 May 2022 08:31:13 GMT
server: cloudflare
etag: "34db06c4e02e35933c59655e550bf1f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gCYMOuLP1dIH7hcQSC4%2Fj927sDYdC95oZp%2BNWVSbBgyXEhJ47PjbpgRrUw6mySY2sQyRPqTqMvyK6uMzDu4g2Tq%2BbpjK8vNIvM4GSV%2FVwV5KnBRfWgTDZhkmVuYLl%2BkUIRhv5q7dP9hEgg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1653294673493699
content-type: image/png
cache-control: public, max-age=14400
x-goog-stored-content-length: 56558
accept-ranges: bytes
cf-ray: 71818998ff8e699f-FRA
expires: Wed, 08 Jun 2022 13:12:44 GMT

GET
H2 200 responsive.js Show response
qoaaa.com/js/ 3 KB
1013 B 204ms
35ms Script
application/javascript 185.66.201.42
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://qoaaa.com/js/responsive.js
Requested by: Host: pf7bg.cn
URL: https://pf7bg.cn/mfUJzqzm/petronas-qf/?_t=1654690363825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.201.42 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: affilist.com
Software: nginx /
Resource Hash: 4987d5f43ecfeeb96384876eb9247b9653c4cb66628a594cfe87e922ab0a18b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pf7bg.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 12:12:44 GMT
content-encoding: br
last-modified: Tue, 21 Dec 2021 14:23:16 GMT
server: nginx
etag: W/"61c1e354-b1d"
content-type: application/javascript

GET
H2 200 bnr.php Show response
uprimp.com/ 427 B
681 B 124ms
40ms Script
application/javascript 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://uprimp.com/bnr.php?section=General&pub=593174&format=300x50&ga=g
Requested by: Host: pf7bg.cn
URL: https://pf7bg.cn/mfUJzqzm/petronas-qf/?_t=1654690363825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: 36dc56c8af9941ca8b3edb77122dd73c7bdefb35d788fbc73f1c26ba7adac520

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pf7bg.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 12:12:44 GMT
last-modified: Wed, 08 Jun 2022 12:12:44 GMT
server: nginx
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-robots-tag: noindex, nofollow, noarchive, nosnippet
expires: Wed, 08 Jun 2022 12:12:44 GMT

GET
H2 200 feilv1.jpg
imgdesk.xyz/upload/ 18 KB
18 KB 33ms
31ms Image
image/jpeg 2606:4700:3033::ac43:bb1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgdesk.xyz/upload/feilv1.jpg
Requested by: Host: pf7bg.cn
URL: https://pf7bg.cn/mfUJzqzm/petronas-qf/?_t=1654690363825
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:bb1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56d8625a78195c7c68b992a43707098b1185590428b45bf4e9d0e671be936dc7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pf7bg.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-goog-hash: crc32c=eDII5w==, md5=TOToWwm8IdOKTIxcua3TYA==
date: Wed, 08 Jun 2022 12:12:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2883
x-guploader-uploadid: ADPycdvSBfvRakWp_BCZPc6cwTi-vfzq7ciS8bPCmjQ6hsslYQ9i6X7zym36eRHLt06iXgqhBXQa3NWwTSHhlm-Pt_3F9vfEsRUn
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17928
last-modified: Mon, 23 May 2022 08:26:31 GMT
server: cloudflare
etag: "4ce4e85b09bc21d38a4c8c5cb9add360"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dBMHcIvW35Dksoq5Ml80oVxEc0VRi1RJWPYzlThHEMNd%2Ft0dBL8hdrm8NyPj70H8Bv22BJr7g%2FbncZZVy3U4nJdFADl0%2BRt%2B2pm5j5fVgnqmrSvFLvRrIUlr%2FaAYhOPsFL72uwcujrJqSw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1653294391899878
content-type: image/jpeg
cache-control: public, max-age=14400
x-goog-stored-content-length: 17928
accept-ranges: bytes
cf-ray: 718189992ff5699f-FRA
expires: Wed, 08 Jun 2022 12:24:41 GMT

GET
H2 200 feilv2.jpg
imgdesk.xyz/upload/ 17 KB
17 KB 35ms
34ms Image
image/jpeg 2606:4700:3033::ac43:bb1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgdesk.xyz/upload/feilv2.jpg
Requested by: Host: pf7bg.cn
URL: https://pf7bg.cn/mfUJzqzm/petronas-qf/?_t=1654690363825
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:bb1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe4ae29389381f4a70f2747f5faa0a2d180f998c9d8cc8151246594b34da7518

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pf7bg.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-goog-hash: crc32c=POQnZA==, md5=WV/g1M4DLePoJ43037szNg==
date: Wed, 08 Jun 2022 12:12:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3364
x-guploader-uploadid: ADPycdsY2tGOUXPqSgzvtY_PqzdE4pMJz5VFa9h7iG6mbjRIC_MuAhcSztcjLurdXIF5agschmuPC0cyhsif8MsnuNcbEoVkTUmn
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17000
last-modified: Mon, 23 May 2022 08:26:32 GMT
server: cloudflare
etag: "595fe0d4ce032de3e8278df4dfbb3336"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fICRQpFBCxHLrZNkldCQ5DfhD3ujeIl%2BiDIJfsm9l8VMn5nRbB1Hlb%2BXM6e%2F204dexEr8GlsylMIXpmx4LJ2cmxSecKqZzF%2Bf7Trws4XYohnU4vy48F8A9V9zK0Z3cbaeTR7CXXnFxiKUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1653294391999141
content-type: image/jpeg
cache-control: public, max-age=14400
x-goog-stored-content-length: 17000
accept-ranges: bytes
cf-ray: 718189992ffb699f-FRA
expires: Wed, 08 Jun 2022 12:16:40 GMT

GET
H2 200 feilv3.jpg
imgdesk.xyz/upload/ 10 KB
10 KB 36ms
35ms Image
image/jpeg 2606:4700:3033::ac43:bb1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgdesk.xyz/upload/feilv3.jpg
Requested by: Host: pf7bg.cn
URL: https://pf7bg.cn/mfUJzqzm/petronas-qf/?_t=1654690363825
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:bb1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c990b3560ab445c50685b6d7256857675b3397dc65e01b269b560ed8fffea9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pf7bg.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-goog-hash: crc32c=zUQx4Q==, md5=6AD9wtDUqGnYPt3yc1z7Mg==
date: Wed, 08 Jun 2022 12:12:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3364
x-guploader-uploadid: ADPycdt3iGy9exExM5yLfHOPGkmxvrPIgbzGLObD4peH4-A3znCS9Zv2UFVtkwPzdKLO7ytKTEbWVmniu9MmhgmU-D32wTlNiPPw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10220
last-modified: Mon, 23 May 2022 08:26:32 GMT
server: cloudflare
etag: "e800fdc2d0d4a869d83eddf2735cfb32"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P6eBAVfyPVnuazAV3NM%2BGJIslFPkbJwL2prdjr%2FsmNXMlbdSFSDmTFWAKRek%2BtGu68f3CrDBoN8FaRzez5vPZEcj3oZRU0oIRgDOk5CCF4E8UMuSi5qAgc9aQ%2BxkQpZ%2F8Zr6%2BIDFhVZwpg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1653294392080620
content-type: image/jpeg
cache-control: public, max-age=14400
x-goog-stored-content-length: 10220
accept-ranges: bytes
cf-ray: 718189992ffc699f-FRA
expires: Wed, 08 Jun 2022 12:16:40 GMT

GET
H2 200 feilv4.jpg
imgdesk.xyz/upload/ 8 KB
9 KB 34ms
33ms Image
image/jpeg 2606:4700:3033::ac43:bb1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgdesk.xyz/upload/feilv4.jpg
Requested by: Host: pf7bg.cn
URL: https://pf7bg.cn/mfUJzqzm/petronas-qf/?_t=1654690363825
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:bb1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce20444f826609eb29be434e77d29882fbe0a766dadefe8765cbc1013be529bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pf7bg.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-goog-hash: crc32c=RxQzKw==, md5=66hZGw+urbD2KmwSfuf2qA==
date: Wed, 08 Jun 2022 12:12:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3364
x-guploader-uploadid: ADPycdt3d5rhbn212LAlwJXIc356dwpL4TNf6rJVzQggV4_8-EC6MB_tX3h9CsDy-lG3hRcpCEkdHHS4TEAY2NcujbNkTRfVYpX_
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8464
last-modified: Mon, 23 May 2022 08:26:32 GMT
server: cloudflare
etag: "eba8591b0faeadb0f62a6c127ee7f6a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jME9Bm7nIlcV%2F%2FWdG%2F28fLpOxIZdA1457uHXlxOHySwAjC6b3TJVKoi1pTUI0Rz%2B1AxO5%2BpuLZ14EYBS3FkhSzez8KGbOrTOPvqrBQcMBMxuw0mcizv9H%2BWa2L%2BtpGEOZ0NSsz3sNvbWhw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1653294392127177
content-type: image/jpeg
cache-control: public, max-age=14400
x-goog-stored-content-length: 8464
accept-ranges: bytes
cf-ray: 718189992ffe699f-FRA
expires: Wed, 08 Jun 2022 12:16:40 GMT

GET
H2 200 feilv5.jpg
imgdesk.xyz/upload/ 9 KB
10 KB 53ms
51ms Image
image/jpeg 2606:4700:3033::ac43:bb1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgdesk.xyz/upload/feilv5.jpg
Requested by: Host: pf7bg.cn
URL: https://pf7bg.cn/mfUJzqzm/petronas-qf/?_t=1654690363825
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:bb1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f69bce59f2d86201eeea3faee82c141956eca2b03a04a4a45539a25b5640d9ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pf7bg.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-goog-hash: crc32c=KPy8Kg==, md5=osDTCBDalpV6XxQcRKEu+w==
date: Wed, 08 Jun 2022 12:12:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3466
x-guploader-uploadid: ADPycdta5cKNav4oHRPYG8hezLDGCfJZHFMJuariZC1GBHSpvQm6CaLTZqUj71z9eeA8T6WgotL1WyT5PgEex-Z9fdpeUl8-6gu3
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9256
last-modified: Mon, 23 May 2022 08:26:32 GMT
server: cloudflare
etag: "a2c0d30810da96957a5f141c44a12efb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qWRyTma9wid%2B8FtAoVWn%2FGlK4NfJXzkLhd8dWR0bblonc3ImhOh5BphNfyjFNCn3B35fj0HrCf07tGM9tPsmAnnUWzVmm1fFb4Y8YGTzNOxmA7kuTdNZtsQ41zKDLuJNAyi%2F0K8obl2V8A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1653294392280336
content-type: image/jpeg
cache-control: public, max-age=14400
x-goog-stored-content-length: 9256
accept-ranges: bytes
cf-ray: 718189992801699f-FRA
expires: Wed, 08 Jun 2022 12:14:58 GMT

GET
H2 200 feilv6.jpg
imgdesk.xyz/upload/ 14 KB
15 KB 37ms
36ms Image
image/jpeg 2606:4700:3033::ac43:bb1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgdesk.xyz/upload/feilv6.jpg
Requested by: Host: pf7bg.cn
URL: https://pf7bg.cn/mfUJzqzm/petronas-qf/?_t=1654690363825
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:bb1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98afa398447cf98137ab7fee8e6e38ca8713b612acd5bea6b34a532717bbf965

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pf7bg.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-goog-hash: crc32c=k8hSVQ==, md5=iPGZ8+xy32bekHDtjk/RmA==
date: Wed, 08 Jun 2022 12:12:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1770
x-guploader-uploadid: ADPycdvQC8UW8gTzFyZ9rtHlLzGmxOwXZX4kWplViyIK0JrfI3sgxqgjI9cjk39dTMbIVMAfiajph_d80GRN_WtILevO_L0xjnh8
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14449
last-modified: Mon, 23 May 2022 08:26:32 GMT
server: cloudflare
etag: "88f199f3ec72df66de9070ed8e4fd198"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qfac5GVwXJDpVs%2F9%2FbJuk4jzY0ywnebck%2FPnGIc37kTS%2F6zNHGQlL8fWkZtDikhf5vb%2FgGFnnchpRgNA4dzWY6ONiRfgx%2BNdaK8XzpJjDvJd5JgdtFjtzqMM9Wpv9a3O2HvbkltAKKCFkg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1653294392293252
content-type: image/jpeg
cache-control: public, max-age=14400
x-goog-stored-content-length: 14449
accept-ranges: bytes
cf-ray: 718189992802699f-FRA
expires: Wed, 08 Jun 2022 11:47:12 GMT

GET
H2 200 feilv7.jpg
imgdesk.xyz/upload/ 10 KB
10 KB 156ms
155ms Image
image/jpeg 2606:4700:3033::ac43:bb1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgdesk.xyz/upload/feilv7.jpg
Requested by: Host: pf7bg.cn
URL: https://pf7bg.cn/mfUJzqzm/petronas-qf/?_t=1654690363825
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:bb1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43bb84fb78398029be01bce704400ddd47a1a44c97095c4bce2c7db2d848d612

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pf7bg.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-goog-hash: crc32c=u6py2A==, md5=hRhxMGYQrH64Wqc1ucfhVA==
date: Wed, 08 Jun 2022 12:12:44 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycds2q-_ywDo_6SDYk6cl-Db5BtCoNWxk6ic0G7IpAwP-lhH3T_2CNi_6XW_fbnCWjNBco5lH7ciNH_6P3cxcZAC8XxquMvVG
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9879
last-modified: Mon, 23 May 2022 08:26:32 GMT
server: cloudflare
etag: "851871306610ac7eb85aa735b9c7e154"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BQWUMrkXKOHsUcj3kj9VGNMG7vVJCkHItSaT0L2VxR9bh%2FP7YH%2FUozlk5iERblRzWBfVPkVG5491eiHmXiCGAPq2efyebzOjDRVdIe1%2FaaB0lgrS%2FdEnPxJ0UnBZsWv%2BiQmteNoqpjYfiA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1653294392668285
content-type: image/jpeg
cache-control: public, max-age=14400
x-goog-stored-content-length: 9879
accept-ranges: bytes
cf-ray: 718189992804699f-FRA
expires: Wed, 08 Jun 2022 13:12:44 GMT

GET
H2 200 feilv8.jpg
imgdesk.xyz/upload/ 7 KB
8 KB 161ms
159ms Image
image/jpeg 2606:4700:3033::ac43:bb1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgdesk.xyz/upload/feilv8.jpg
Requested by: Host: pf7bg.cn
URL: https://pf7bg.cn/mfUJzqzm/petronas-qf/?_t=1654690363825
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:bb1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c846e5def41f0037d8a22dcd2c618f9d97bb1454889cba8441dda46dbfe6a94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pf7bg.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-goog-hash: crc32c=tpfN3w==, md5=m5zfZEkULQJoyI2Ciz9f+A==
date: Wed, 08 Jun 2022 12:12:44 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycdulNpn1sH6rb5c5VnuDkMd8q1tSLiLAkEienC49SvtQjPENxBMl92KecNZVoWuiwrR4NzXbdKmtKUVKJdEWfdCKrdetYn2P
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7586
last-modified: Mon, 23 May 2022 08:26:32 GMT
server: cloudflare
etag: "9b9cdf6449142d0268c88d828b3f5ff8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C9ci6T625pFIkozJGTYq9IkFQrpfT4NnXywNTRzK7Ir2Yncxf5wG%2BA32FsEd1RZGDHxlfNS5jCrYlUxPHB%2FBYZhbIF7y2jHonE6qonXduf4jtm1VaEgsVHENtGVo7POi2qd6HcXy%2FDqTFg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1653294392704370
content-type: image/jpeg
cache-control: public, max-age=14400
x-goog-stored-content-length: 7586
accept-ranges: bytes
cf-ray: 718189992805699f-FRA
expires: Wed, 08 Jun 2022 13:12:44 GMT

GET
H2 200 feilv9.jpg
imgdesk.xyz/upload/ 20 KB
20 KB 198ms
197ms Image
image/jpeg 2606:4700:3033::ac43:bb1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgdesk.xyz/upload/feilv9.jpg
Requested by: Host: pf7bg.cn
URL: https://pf7bg.cn/mfUJzqzm/petronas-qf/?_t=1654690363825
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:bb1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 412f76b4d7c0ab322f043dcd3046d58f18b84e756993b3d1e86882c3928c2dd8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pf7bg.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-goog-hash: crc32c=C+qsAQ==, md5=w2cZGK5nmtWbE8JKgzW7Xw==
date: Wed, 08 Jun 2022 12:12:44 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycdvaZcHNHMBxRdB9P-48HU4iOgZoaPbWWi7fBuBxhiIOddZEPh_m1aJ4Abo6jKksvo1CsVJh7iKfxttKMXXQTuE7ScmUhb36
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19980
last-modified: Mon, 23 May 2022 08:26:32 GMT
server: cloudflare
etag: "c3671918ae679ad59b13c24a8335bb5f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l1A4RrnGBcRUw4DgOcyUADv%2FScZQIsEE2tHafceTjEcYDNpqyqVS3xjiNHCYMp4nPZvXqUbKWywqv4WTShAxlQXkz0CPAZq0FZNYf4b%2BqT%2FIuldmz4U2gQG8ZkaSQGlOKVLlmc7Do0IX7w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1653294392692637
content-type: image/jpeg
cache-control: public, max-age=14400
x-goog-stored-content-length: 19980
accept-ranges: bytes
cf-ray: 718189992806699f-FRA
expires: Wed, 08 Jun 2022 13:12:44 GMT

GET
H2 200 feilv10.jpg
imgdesk.xyz/upload/ 8 KB
8 KB 217ms
216ms Image
image/jpeg 2606:4700:3033::ac43:bb1e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgdesk.xyz/upload/feilv10.jpg
Requested by: Host: pf7bg.cn
URL: https://pf7bg.cn/mfUJzqzm/petronas-qf/?_t=1654690363825
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:bb1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f6c6bc343e110abc81935b76c63da2f75a9a17a7f50d1c4c0c14f29282bbdbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pf7bg.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-goog-hash: crc32c=uDDfSw==, md5=uB6ZmU4z5lPt7Q0+EZe6aQ==
date: Wed, 08 Jun 2022 12:12:44 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycduIUdv2gTovB34jUsWP2DRcNoR1K4WhNPiLTt7s88askccMpV7GmRo301TU_fSsXMgRaEbyxrrVQu-5ek5fXzLCaWefb1R4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7812
last-modified: Mon, 23 May 2022 08:26:32 GMT
server: cloudflare
etag: "b81e99994e33e653eded0d3e1197ba69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dMZ%2FHOUELdY0Wm3I7dUTR6abJBjFPat8gnQm27w%2F7ZAeWPzWA72YU6iiQYhIS84reMpEoQejAtmT7o%2Bj3W7Rbz0V8ng%2BP5FJiMKvSHn3DP4H%2Bvnu77zAYkUAUog%2F8sTglNutO5InGqK49A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1653294391958194
content-type: image/jpeg
cache-control: public, max-age=14400
x-goog-stored-content-length: 7812
accept-ranges: bytes
cf-ray: 718189992808699f-FRA
expires: Wed, 08 Jun 2022 13:12:44 GMT

GET
H2 200 email-decode.min.js Show response
pf7bg.cn/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 24ms
23ms Script
application/javascript 2606:4700:3037::ac43:bc19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pf7bg.cn/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: pf7bg.cn
URL: https://pf7bg.cn/mfUJzqzm/petronas-qf/?_t=1654690363825

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:bc19 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pf7bg.cn/mfUJzqzm/petronas-qf/?_t=1654690363825
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 12:12:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 01 Jun 2022 16:41:14 GMT
server: cloudflare
etag: W/"629796aa-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FE%2B8v2eTY7W5NmeqLGZ5Or9vO4eicNcFZpNn3usn32G3WBmoncAFC0l0xuXnWz6J6qaaAAkQZDdaJwgjCMilOcuoINHufk49ueI5LUtrppGH2IdeA632OR8iv6trNJgBtDhL6lMaGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 718189988b739070-FRA
vary: Accept-Encoding
expires: Fri, 10 Jun 2022 12:12:44 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 194 KB
69 KB 139ms
90ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5VM01M01NV

Requested by

Host: pf7bg.cn
URL: https://pf7bg.cn/mfUJzqzm/petronas-qf/?_t=1654690363825

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cd6e8165cd8b08d2aa571161928f0218a5ba66ae30601c9916a06198964ccca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pf7bg.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 12:12:44 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70644
x-xss-protection: 0
expires: Wed, 08 Jun 2022 12:12:44 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 191 KB
68 KB 96ms
47ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LW7434MYMN

Requested by

Host: pf7bg.cn
URL: https://pf7bg.cn/mfUJzqzm/petronas-qf/?_t=1654690363825

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ae30626f14e6b7446ee2e52e8161bcd557aebf49f6df1ae14002681cc8c1cf7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pf7bg.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 12:12:44 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70003
x-xss-protection: 0
expires: Wed, 08 Jun 2022 12:12:44 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 191 KB
69 KB 77ms
28ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0C230YDF7G

Requested by

Host: pf7bg.cn
URL: https://pf7bg.cn/mfUJzqzm/petronas-qf/?_t=1654690363825

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

11d9bc42daf84df70d68b759996c857a57b3daccf36e87704048d63bf5e3f14b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pf7bg.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 12:12:44 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70018
x-xss-protection: 0
expires: Wed, 08 Jun 2022 12:12:44 GMT

GET
H2 200 bnr_xload.php Show response
uprimp.com/ Frame 4DCF 0
255 B 42ms
42ms Document
text/html 185.66.200.220
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://uprimp.com/bnr_xload.php?section=General&pub=593174&format=300x50&ga=g&xt=165469036434946&xtt=7011284
Requested by: Host: uprimp.com
URL: https://uprimp.com/bnr.php?section=General&pub=593174&format=300x50&ga=g
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.200.220 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: 185.66.200.220.skhosting.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pf7bg.cn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-type: text/html; charset=UTF-8
date: Wed, 08 Jun 2022 12:12:44 GMT
expires: Wed, 08 Jun 2022 12:12:44 GMT
last-modified: Wed, 08 Jun 2022 12:12:44 GMT
pragma: no-cache
server: nginx
x-robots-tag: noindex, nofollow, noarchive, nosnippet

GET
H3 200 yuming.js Show response
pf7bg.cn/mfUJzqzm/petronas-qf/ 268 B
770 B 347ms
346ms XHR
application/javascript 2606:4700:3037::ac43:bc19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pf7bg.cn/mfUJzqzm/petronas-qf/yuming.js?1654690364358&_=1654690364214
Requested by: Host: cdn.jsdelivr.cc
URL: https://cdn.jsdelivr.cc/npm/jquery@3.6.0/dist/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:bc19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bda45e4d33945806bf64cd6897f2a01c0d4587a6634905f0762925f8666765d

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://pf7bg.cn/mfUJzqzm/petronas-qf/?_t=1654690363825
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 12:12:44 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 20 Apr 2022 15:06:24 GMT
server: cloudflare
etag: W/"62602170-10c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fzso2tO8QPhzcPSPS6NpT58aTnk0RHdgcnTDiJ85RvZbQxaSy09n99B42Izf%2FpMsKST%2FsxVYzZ5kDh5OYL0P6TlhFnyR8XlO009eTBbvslgGkCVYKOx%2F4FIoI6vqDFEaVOZNkPfq7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 718189995cdf9279-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 09 Jun 2022 00:12:44 GMT

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 30 KB
12 KB 1189ms
428ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?9e84975b629767c58a8becc81600bb23

Requested by

Host: pf7bg.cn
URL: https://pf7bg.cn/mfUJzqzm/petronas-qf/?_t=1654690363825

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

ba6b4e149403abba71a93b1467331eaf4910bfd0b727c246a6ed0afbe32bfc23

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pf7bg.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Wed, 08 Jun 2022 12:12:45 GMT
Content-Encoding: gzip
Server: apache
Etag: cf429afc4eeb95df468bc0ba86affde5
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 11344

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 30 KB
12 KB 1164ms
400ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?9268deda13d291f708a5b46f001cba84

Requested by

Host: pf7bg.cn
URL: https://pf7bg.cn/mfUJzqzm/petronas-qf/?_t=1654690363825

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

1f0412f262b87b8375057d69834de1a31222ecdac24e872da52495b9c323f002

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pf7bg.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Wed, 08 Jun 2022 12:12:45 GMT
Content-Encoding: gzip
Server: apache
Etag: e636a935ef24fc665b47d0bf5eb1ffe4
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 11341

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 30 KB
12 KB 1202ms
429ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?8b68846a3ac1709b0ec7199084ee5ea8

Requested by

Host: pf7bg.cn
URL: https://pf7bg.cn/mfUJzqzm/petronas-qf/?_t=1654690363825

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

b12d5e18422cef8e4ddf85105a99d8d512d6c0830aaefc00d485797c0f0ea9b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pf7bg.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Wed, 08 Jun 2022 12:12:45 GMT
Content-Encoding: gzip
Server: apache
Etag: a20acc4647a719bf4a23d4f36a0fad2d
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 11295

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 30 KB
12 KB 1096ms
411ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?e8430a361305901aaf21019d086a2e3f

Requested by

Host: pf7bg.cn
URL: https://pf7bg.cn/mfUJzqzm/petronas-qf/?_t=1654690363825

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

e934235a66a809a35d613af1ec2effd563a313fc63694c052df9ea4a671bc26c

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pf7bg.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Wed, 08 Jun 2022 12:12:45 GMT
Content-Encoding: gzip
Server: apache
Etag: 99a1b2145aa46e2e72eb6e2b6678ab13
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 11302

POST
H2 204 collect
www.google-analytics.com/g/ 0
342 B 79ms
26ms Ping
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-5VM01M01NV&gtm=2oe660&_p=766610367&_z=ccd.tdB&cid=579136062.1654690365&ul=en-us&sr=1600x1200&_s=1&sid=1654690364&sct=1&seg=0&dl=https%3A%2F%2Fpf7bg.cn%2FmfUJzqzm%2Fpetronas-qf%2F%3F_t%3D1654690363825&dr=http%3A%2F%2Fdividebrace.top%2F&dt=%F0%9F%8E%89%EF%B8%8F%EF%B8%8F%F0%9F%9B%A2%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FPETRONAS%20Staatliche%20Subventionen!%F0%9F%8E%81%F0%9F%8E%8A&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5VM01M01NV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pf7bg.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 12:12:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pf7bg.cn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 73ms
27ms Ping
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-LW7434MYMN&gtm=2oe660&_p=766610367&_z=ccd.tdB&cid=579136062.1654690365&ul=en-us&sr=1600x1200&_s=1&sid=1654690364&sct=1&seg=0&dl=https%3A%2F%2Fpf7bg.cn%2FmfUJzqzm%2Fpetronas-qf%2F%3F_t%3D1654690363825&dr=http%3A%2F%2Fdividebrace.top%2F&dt=%F0%9F%8E%89%EF%B8%8F%EF%B8%8F%F0%9F%9B%A2%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FPETRONAS%20Staatliche%20Subventionen!%F0%9F%8E%81%F0%9F%8E%8A&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LW7434MYMN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pf7bg.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 12:12:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pf7bg.cn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 61ms
27ms Ping
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-0C230YDF7G&gtm=2oe660&_p=766610367&_z=ccd.tdB&cid=579136062.1654690365&ul=en-us&sr=1600x1200&_s=1&sid=1654690364&sct=1&seg=0&dl=https%3A%2F%2Fpf7bg.cn%2FmfUJzqzm%2Fpetronas-qf%2F%3F_t%3D1654690363825&dr=http%3A%2F%2Fdividebrace.top%2F&dt=%F0%9F%8E%89%EF%B8%8F%EF%B8%8F%F0%9F%9B%A2%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FPETRONAS%20Staatliche%20Subventionen!%F0%9F%8E%81%F0%9F%8E%8A&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0C230YDF7G
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pf7bg.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Jun 2022 12:12:44 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pf7bg.cn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 tb2.php Show response
pf7bg.cn/mfUJzqzm/j/ 240 B
589 B 187ms
186ms XHR
text/html 2606:4700:3037::ac43:bc19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pf7bg.cn/mfUJzqzm/j/tb2.php?c=petronas-qf&np=taoluming&_=1654690364215
Requested by: Host: cdn.jsdelivr.cc
URL: https://cdn.jsdelivr.cc/npm/jquery@3.6.0/dist/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:bc19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8eeca49197dab148e47a3b9a5d7013f92c359f2cb225c1d54ad75362c66c160b

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://pf7bg.cn/mfUJzqzm/petronas-qf/?_t=1654690363825
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 12:12:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cDvQB2crOUJuoBGRBNc58zJKG8DNK82J7m2D75YC8in8Y89wXX6saG756jMSWV6YDOCk461g4WJ06FQSL27LJlwMospNHfhFe1bkio2K00R6Dc93XjrCj9LfzEBpLT0AqI5LQ1x9Lg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 7181899b89329279-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 395ms
394ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=320244024&si=9268deda13d291f708a5b46f001cba84&su=http%3A%2F%2Fdividebrace.top%2F&v=1.2.94&lv=1&sn=62686&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fpf7bg.cn%2FmfUJzqzm%2Fpetronas-qf%2F%3F_t%3D1654690363825%231654690364869&tt=%F0%9F%8E%89%EF%B8%8F%EF%B8%8F%F0%9F%9B%A2%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FPETRONAS%20Staatliche%20Subventionen!%F0%9F%8E%81%F0%9F%8E%8A

Requested by

Host: pf7bg.cn
URL: https://pf7bg.cn/mfUJzqzm/petronas-qf/?_t=1654690363825

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pf7bg.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Jun 2022 12:12:46 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 391ms
391ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=205443485&si=9e84975b629767c58a8becc81600bb23&su=http%3A%2F%2Fdividebrace.top%2F&v=1.2.94&lv=1&sn=62686&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fpf7bg.cn%2FmfUJzqzm%2Fpetronas-qf%2F%3F_t%3D1654690363825%231654690364869&tt=%F0%9F%8E%89%EF%B8%8F%EF%B8%8F%F0%9F%9B%A2%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FPETRONAS%20Staatliche%20Subventionen!%F0%9F%8E%81%F0%9F%8E%8A

Requested by

Host: pf7bg.cn
URL: https://pf7bg.cn/mfUJzqzm/petronas-qf/?_t=1654690363825

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pf7bg.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Jun 2022 12:12:46 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 414ms
414ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=504099195&si=e8430a361305901aaf21019d086a2e3f&su=http%3A%2F%2Fdividebrace.top%2F&v=1.2.94&lv=1&sn=62686&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fpf7bg.cn%2FmfUJzqzm%2Fpetronas-qf%2F%3F_t%3D1654690363825%231654690364869&tt=%F0%9F%8E%89%EF%B8%8F%EF%B8%8F%F0%9F%9B%A2%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FPETRONAS%20Staatliche%20Subventionen!%F0%9F%8E%81%F0%9F%8E%8A

Requested by

Host: pf7bg.cn
URL: https://pf7bg.cn/mfUJzqzm/petronas-qf/?_t=1654690363825

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pf7bg.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Jun 2022 12:12:46 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 427ms
427ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1794374483&si=8b68846a3ac1709b0ec7199084ee5ea8&su=http%3A%2F%2Fdividebrace.top%2F&v=1.2.94&lv=1&sn=62686&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fpf7bg.cn%2FmfUJzqzm%2Fpetronas-qf%2F%3F_t%3D1654690363825%231654690364869&tt=%F0%9F%8E%89%EF%B8%8F%EF%B8%8F%F0%9F%9B%A2%EF%B8%8F%F0%9F%92%B8%EF%B8%8F%EF%B8%8FPETRONAS%20Staatliche%20Subventionen!%F0%9F%8E%81%F0%9F%8E%8A

Requested by

Host: pf7bg.cn
URL: https://pf7bg.cn/mfUJzqzm/petronas-qf/?_t=1654690363825

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pf7bg.cn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Jun 2022 12:12:46 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H2 200 / Show response
qoaaa.com//4fe48aebd6/4f59451604/ Frame 0750 28 KB
4 KB 90ms
90ms Document
text/html 185.66.201.42
SKHOSTING-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://qoaaa.com//4fe48aebd6/4f59451604/?placementName=Banner&randomA=0_4480&maxw=0
Requested by: Host: qoaaa.com
URL: https://qoaaa.com/js/responsive.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.66.201.42 Nitra, Slovakia, ASN201702 (SKHOSTING-EU, SK),
Reverse DNS: affilist.com
Software: nginx /
Resource Hash: 4d45028585205646bfbc1087f9b565c7d83fca1686652d9837337514f85885f3

Request headers

Referer: https://pf7bg.cn/mfUJzqzm/petronas-qf/?_t=1654690363825
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate post-check=0, pre-check=0
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 08 Jun 2022 12:12:46 GMT
expires: Sun, 01 Jan 2014 00:00:00 GMT
pragma: no-cache
server: nginx
x-robots-tag: noindex,nofollow

Verdicts & Comments Add Verdict or Comment

115 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pf7bg.cn/	1970-01-20 21:09:22	Name: _ga_5VM01M01NV Value: GS1.1.1654690364.1.0.1654690364.0
.pf7bg.cn/	1970-01-20 21:09:22	Name: _ga Value: GA1.1.579136062.1654690365
.pf7bg.cn/	1970-01-20 21:09:22	Name: _ga_LW7434MYMN Value: GS1.1.1654690364.1.0.1654690364.0
.pf7bg.cn/	1970-01-20 21:09:22	Name: _ga_0C230YDF7G Value: GS1.1.1654690364.1.0.1654690364.0
.hm.baidu.com/	1970-01-25 20:29:45	Name: HMACCOUNT_BFESS Value: 55F679E859557965
.pf7bg.cn/	1970-01-20 12:23:46	Name: Hm_lvt_9268deda13d291f708a5b46f001cba84 Value: 1654690366
.pf7bg.cn/	1969-12-31 23:59:59	Name: Hm_lpvt_9268deda13d291f708a5b46f001cba84 Value: 1654690366
.pf7bg.cn/	1970-01-20 12:23:46	Name: Hm_lvt_9e84975b629767c58a8becc81600bb23 Value: 1654690366
.pf7bg.cn/	1969-12-31 23:59:59	Name: Hm_lpvt_9e84975b629767c58a8becc81600bb23 Value: 1654690366
.pf7bg.cn/	1970-01-20 12:23:46	Name: Hm_lvt_e8430a361305901aaf21019d086a2e3f Value: 1654690366
.pf7bg.cn/	1969-12-31 23:59:59	Name: Hm_lpvt_e8430a361305901aaf21019d086a2e3f Value: 1654690366
.pf7bg.cn/	1970-01-20 12:23:46	Name: Hm_lvt_8b68846a3ac1709b0ec7199084ee5ea8 Value: 1654690366
.pf7bg.cn/	1969-12-31 23:59:59	Name: Hm_lpvt_8b68846a3ac1709b0ec7199084ee5ea8 Value: 1654690366

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
cdn.jsdelivr.cc
dividebrace.top
hm.baidu.com
imgdesk.xyz
pf7bg.cn
qoaaa.com
uprimp.com
www.google-analytics.com
www.googletagmanager.com
103.235.46.191
185.66.200.220
185.66.201.42
2606:4700:3030::6815:3f1c
2606:4700:3030::6815:d63
2606:4700:3033::ac43:bb1e
2606:4700:3037::ac43:bc19
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2008
2a00:1450:4001:811::200e
0b7274b0b5b7f411de46416a6c9941062f7a57aaf919fdeda367b5959f4ce8ef
0c990b3560ab445c50685b6d7256857675b3397dc65e01b269b560ed8fffea9b
0e2990a5f502499fe4d941dba2f4520937d10b422f39ae8f1535e6ec9e077c00
0e8c0cd2e58387e7d8290f17387c6ace3655f13674b27e4968f1b1951eea6298
11d9bc42daf84df70d68b759996c857a57b3daccf36e87704048d63bf5e3f14b
12f7fb5ac8a7ac6d35a623bccf55beef64de060a1aafbf2537f081338791dd9c
1f0412f262b87b8375057d69834de1a31222ecdac24e872da52495b9c323f002
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
306ebdef99fb6e0fa54820b0060f01804c171cef42f71b26152df4626196b181
32bc695a4583118b2adca0fe87d1f4844905692f48f5f2a0eece23f205536e60
36dc56c8af9941ca8b3edb77122dd73c7bdefb35d788fbc73f1c26ba7adac520
412f76b4d7c0ab322f043dcd3046d58f18b84e756993b3d1e86882c3928c2dd8
43bb84fb78398029be01bce704400ddd47a1a44c97095c4bce2c7db2d848d612
4987d5f43ecfeeb96384876eb9247b9653c4cb66628a594cfe87e922ab0a18b5
4d45028585205646bfbc1087f9b565c7d83fca1686652d9837337514f85885f3
56d8625a78195c7c68b992a43707098b1185590428b45bf4e9d0e671be936dc7
575d4b78748f10525de28ae4681b4045684a7d347dd8dd365fa4ffedc08e1ab3
5bda45e4d33945806bf64cd6897f2a01c0d4587a6634905f0762925f8666765d
5c846e5def41f0037d8a22dcd2c618f9d97bb1454889cba8441dda46dbfe6a94
6c53515afea906737f5ee414da288a7a264c000ca099fdbadc9bbf12031452ec
7d7a9043f4bed303fe2974ac4e3ba10d6b214e70f7ae549786ba2d347de05f81
7e98f059b37e6dcae6c470d59f995eb3ce534b9564d9f05b655e5fd6a2c3c933
8eeca49197dab148e47a3b9a5d7013f92c359f2cb225c1d54ad75362c66c160b
8f6c6bc343e110abc81935b76c63da2f75a9a17a7f50d1c4c0c14f29282bbdbe
98afa398447cf98137ab7fee8e6e38ca8713b612acd5bea6b34a532717bbf965
9b7f1ddc36af29778df73a309d2861822456de3eb416e6921a5c44e68435a42f
a4555d8dee9f8adc976e84a97dfe87e6bf5794b579f49bb56f133fed85f7d709
ae30626f14e6b7446ee2e52e8161bcd557aebf49f6df1ae14002681cc8c1cf7e
b12d5e18422cef8e4ddf85105a99d8d512d6c0830aaefc00d485797c0f0ea9b2
b219e4cd8f8f9216f159285019be30d6bfe475d92ca30b3561551aaa2174751d
ba6b4e149403abba71a93b1467331eaf4910bfd0b727c246a6ed0afbe32bfc23
cd6e8165cd8b08d2aa571161928f0218a5ba66ae30601c9916a06198964ccca5
ce20444f826609eb29be434e77d29882fbe0a766dadefe8765cbc1013be529bd
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e290dc4993b9ae7d34440db26be412b4bc4547a48ff635750d400164665d7fa6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4245d63e645d8b7717d16233f32d60f6e754aaea6627805288e521e5cac2e26
e934235a66a809a35d613af1ec2effd563a313fc63694c052df9ea4a671bc26c
eb2f6f6bf833adefce1a1e41d36d3484ae0cba3d6251465c23bc2402df5bd949
ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127
f69bce59f2d86201eeea3faee82c141956eca2b03a04a4a45539a25b5640d9ca
fe4ae29389381f4a70f2747f5faa0a2d180f998c9d8cc8151246594b34da7518

pf7bg.cn Open in urlscan Pro 2606:4700:3037::ac43:bc19 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

49 Requests

94 %HTTPS

70 %IPv6

10 Domains

10 Subdomains

10 IPs

4 Countries

747 kBTransfer

1573 kBSize

13 Cookies

0 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

pf7bg.cn Open in urlscan Pro
2606:4700:3037::ac43:bc19 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

94 %
HTTPS

70 %
IPv6

10
Domains

10
Subdomains

10
IPs

4
Countries

747 kB
Transfer

1573 kB
Size

13
Cookies

49 HTTP transactions
0 data transactions