firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 03 Sep 2022 04:42:50 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: WlPvE7HU4AQTprj5-TZwIqdU96J7UDSKAOJ1Z38NaLmM--5TY9w1NA==
Age: 288
fwean.org.np/
403 Forbidden 3.6 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (817)
Hash 71e70d2b78ac5447bb20cf9f127d9e31
9b53e0295f3b4f1ca2ea3b1df5733e2ababf39a5
2c8a0825efd197a98c9351006527f9367e88e6e83103d1a5c0e35c96fd15bddd
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: fwean.org.np
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 403 Forbidden
Date: Sat, 03 Sep 2022 04:47:38 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Permissions-Policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Frame-Options: SAMEORIGIN
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i31c53b3czfC%2Fs1B41nTGlKSZ%2BQTNInE%2Bkb4ts0lJJmuWHOZP79nJLVV9N5n50apT8t00lEFOHlDdpmRtGXZg1ikGa3pZVcksfQluQhJsOKel50CW%2BmxcvWMLA34xtI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 744bd939eb710b65-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bcdebf7a2bad5db595e8a0c1abb2ddcb
249dda2fa5e37b8a8f3a8c797193bf0874b6eedc
9b43ec48b16f96449208a0094c4d660806a2a2d344b5862dbff4c393bf3f9f9f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B43EC48B16F96449208A0094C4D660806A2A2D344B5862DBFF4C393BF3F9F9F"
Last-Modified: Thu, 01 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7749
Expires: Sat, 03 Sep 2022 06:56:47 GMT
Date: Sat, 03 Sep 2022 04:47:38 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 03 Sep 2022 01:15:18 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: CSR95fCnk1ta44lWtZ0xUheVu9H7sQAw2lueko1QitEpXeS3NJGUVA==
age: 12741
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Sep 2022 04:47:38 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
fwean.org.np/cdn-cgi/styles/challenges.css
200 OK 2.6 kB URL HTTP/1.1 fwean.org.np/cdn-cgi/styles/challenges.css
IP
File type ASCII text, with very long lines (6294), with no line terminators
Hash ba2d8534d208d2a5b158507e004d7150
ab81307634698ea304a68783fa38937f562009a2
63b366fdbfea7cbec639f9a5f24714a831e171570625def9462d724b5c8fdc59
GET /cdn-cgi/styles/challenges.css HTTP/1.1
Host: fwean.org.np
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fwean.org.np/
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 04:47:38 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 31 Aug 2022 13:16:33 GMT
ETag: W/"630f5f31-1896"
Server: cloudflare
CF-RAY: 744bd93bae00b4ff-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Sat, 03 Sep 2022 06:47:38 GMT
Cache-Control: max-age=7200, public
Content-Encoding: gzip
fwean.org.np/cdn-cgi/images/trace/managed/js/transparent.gif?ray=744bd939eb710b65
200 OK 42 B URL HTTP/1.1 fwean.org.np/cdn-cgi/images/trace/managed/js/transparent.gif?ray=744bd939eb710b65
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Analyzer Verdict Alert fortinet Phishing
GET /cdn-cgi/images/trace/managed/js/transparent.gif?ray=744bd939eb710b65 HTTP/1.1
Host: fwean.org.np
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fwean.org.np/
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 04:47:38 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
Last-Modified: Wed, 31 Aug 2022 13:16:33 GMT
ETag: "630f5f31-2a"
Server: cloudflare
CF-RAY: 744bd93c2e3fb4ff-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Sat, 03 Sep 2022 06:47:38 GMT
Cache-Control: max-age=7200, public
Accept-Ranges: bytes
fwean.org.np/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=744bd939eb710b65
200 OK 23 kB URL HTTP/1.1 fwean.org.np/cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=744bd939eb710b65
IP
File type ASCII text, with very long lines (65044), with no line terminators
Hash beef77d503037dfdc40da088c1685201
f6a9c9453acb4a4a42b43ad647f73179bb73b366
79affaa7eded0404b87e679eb1ba24e28129ea785985edba6435bf01331ea56c
Analyzer Verdict Alert fortinet Phishing
GET /cdn-cgi/challenge-platform/h/g/orchestrate/managed/v1?ray=744bd939eb710b65 HTTP/1.1
Host: fwean.org.np
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fwean.org.np/?__cf_chl_rt_tk=fWWeGpcnA_EYrJIVxOaCZ8pwI19qGv2440fpl0ue3g0-1662180458-0-gaNycGzNAv0
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 04:47:38 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: max-age=0, must-revalidate
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JnYwC62L%2B1m1tn4ad6ef4TonEy3ijgbg47EbP6zwedfrExaeGH4ksdI3qgqtdxnSmfcRp5KtimtJJP6B4wZH2qOlnx9SUq%2BOqb2gekMt6pkRq6IW%2BLJxxBqX%2BTsuaxI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 744bd93c4e58b4ff-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
fwean.org.np/favicon.ico
301 Moved Permanently 707 B IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /favicon.ico HTTP/1.1
Host: fwean.org.np
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fwean.org.np/
HTTP/1.1 301 Moved Permanently
Date: Sat, 03 Sep 2022 04:47:39 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
location: https://fwean.org.np/favicon.ico
x-turbo-charged-by: LiteSpeed
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YCgACzf%2BIbeCoM1fJn0H%2Fl9SWqQQukbZbEfNOxn6x2PR38yBgCDmXYB70zNb12U8thJ3XjyFG1Y%2B5p3VleQP2oKpYYcgXvCoXWOvNe%2B7MJHsS4SzTAIH0TDXndCdzV8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 744bd93bbb11b4f3-OSL
alt-svc: h2=":443"; ma=60
fwean.org.np/cdn-cgi/challenge-platform/h/g/flow/ov1/0.5334127092194976:1662177952:vGUEIajROG1qCsXvX3yZSTcqDmJGv6YDUoOgzAIcys8/744bd939eb710b65/4ed877671f7bb64
200 OK 49 kB URL HTTP/1.1 fwean.org.np/cdn-cgi/challenge-platform/h/g/flow/ov1/0.5334127092194976:1662177952:vGUEIajROG1qCsXvX3yZSTcqDmJGv6YDUoOgzAIcys8/744bd939eb710b65/4ed877671f7bb64
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 2ceded1839291b6456fc35182771a5e4
35e54795058e989d7f63dc3d1e61dfd2e2880b67
8245b01dc51e15f57f8e865a51c46d552f1f8ffdc4db6295b37733637d9e341a
Analyzer Verdict Alert fortinet Phishing
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/0.5334127092194976:1662177952:vGUEIajROG1qCsXvX3yZSTcqDmJGv6YDUoOgzAIcys8/744bd939eb710b65/4ed877671f7bb64 HTTP/1.1
Host: fwean.org.np
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-type: application/x-www-form-urlencoded
CF-Challenge: 4ed877671f7bb64
Content-Length: 1658
Origin: http://fwean.org.np
Connection: keep-alive
Referer: http://fwean.org.np/
Cookie: cf_chl_prog=e
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 04:47:39 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
set-cookie: cf_chl_seq_4ed877671f7bb64=bHV45LxLfHOQ5e5;SameSite=Strict;HttpOnly
cf_chl_gen: EyutuZym+Ut0Hm0X52dQDHBykTyQwRrtun2Sp3LFJpL2dfgTrV67j0dQ8uJWyg/TmMvoGkyDqDNnO1b0k5tfz2QUv+XxsiwLno42+pWo6PQNKrj4FJksRPk4NGo0DA3wd2fhCSloRCP9Q1MeZTqCnQ4WvYsT7Ty/qYLGcPxlj0+K93ZMakQolYBeZdYM3FPSNCnqrEN82YMUWoOHpRrkkZahcpJy1X43MZH9yPtiRrPk2EtqIV2TZUzbPb00izUkvW/TFrzJAAnm1gBdCMCEAQ==$UIbrB0jVt9ewemus/3bmjA==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aYTYo70AzOM0XsgnYu1GT9i1iQ6aPTWo%2Fk7LKmZCD%2Ffzi6tG%2B5aRLtOaBDMFNKZ2pYMhCJsAxjMyxmM3ik29s8Hq2JCjI1HLnyE%2FC15jsZWCRL9KFGDxMSurIDnGEEo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 744bd93e5ff6b4ff-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sat, 03 Sep 2022 04:38:16 GMT
Expires: Sat, 03 Sep 2022 05:38:16 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: fM3eiN1kcMYJs6-NMsbyoV6qJhDB5FE4C7yy8EGPzS7CeUIxGZQQ3A==
Age: 563
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash bd3fc5af363903fec5971d708953fb5c
a55697803c9713d067504432bc2d9f11529b0c56
a3f809eb9c816f18b1152f0cb1c53db696d7647bce72be408a8367fbd291a63f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "A3F809EB9C816F18B1152F0CB1C53DB696D7647BCE72BE408A8367FBD291A63F"
Last-Modified: Thu, 01 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 03 Sep 2022 10:47:39 GMT
Date: Sat, 03 Sep 2022 04:47:39 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 21daf45cdda2eb462873226bb5c1f0fb
4d4621bbf1461f35f7e536c1dbd9de71978ffa23
8164c742d013bdc2836cac1167acfe482547347ab6a1daefa15475f694dae057
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4928
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Sep 2022 04:47:39 GMT
Last-Modified: Sat, 03 Sep 2022 03:25:31 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
fwean.org.np/cdn-cgi/challenge-platform/h/g/img/744bd939eb710b65/1662180459266/XfOQzeaaC43mrUZ
200 OK 61 B URL HTTP/1.1 fwean.org.np/cdn-cgi/challenge-platform/h/g/img/744bd939eb710b65/1662180459266/XfOQzeaaC43mrUZ
IP
File type PNG image data, 17 x 60, 8-bit/color RGB, non-interlaced\012- data
Hash 0f22c37bafd6cd1d1911ff7434eb84f5
890a7b503aa4c00ed33fbc0473df793daad03be7
0a479d86d5c253c79626107ff4df197e0706827f0f729de0f1a3af6c699f6a63
Analyzer Verdict Alert fortinet Phishing
GET /cdn-cgi/challenge-platform/h/g/img/744bd939eb710b65/1662180459266/XfOQzeaaC43mrUZ HTTP/1.1
Host: fwean.org.np
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fwean.org.np/
Cookie: cf_chl_prog=e
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 04:47:39 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XTS2aMOSxa0W5qerj4PfNmJECUPPNBTuxZQ1P78uINsEZicK177lsZol7ATagxq4H1y2wRgLs0%2FCYL5pTsjWFspQOOjHcPoW1qSd3J7mfYC%2FiR6FKKBzXNvXrPWGWx4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 744bd9416a79b4ff-OSL
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7xaz/7rp6ZoeQ/eeOWlIng==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: JekpXQF9mvisdfvQufSnS4ffrFM=
fwean.org.np/cdn-cgi/challenge-platform/h/g/flow/ov1/0.5334127092194976:1662177952:vGUEIajROG1qCsXvX3yZSTcqDmJGv6YDUoOgzAIcys8/744bd939eb710b65/4ed877671f7bb64
200 OK 3.9 kB URL HTTP/1.1 fwean.org.np/cdn-cgi/challenge-platform/h/g/flow/ov1/0.5334127092194976:1662177952:vGUEIajROG1qCsXvX3yZSTcqDmJGv6YDUoOgzAIcys8/744bd939eb710b65/4ed877671f7bb64
IP
File type ASCII text, with very long lines (5240), with no line terminators
Hash 456785156445023a4bf7bf982e39e59c
ebf58424f44b533948a1125bef16086313ce9172
d87e62637cc5cd2b263e7c306aff2b8361382735c6fc0facf24b50a5ad9308c0
Analyzer Verdict Alert fortinet Phishing
POST /cdn-cgi/challenge-platform/h/g/flow/ov1/0.5334127092194976:1662177952:vGUEIajROG1qCsXvX3yZSTcqDmJGv6YDUoOgzAIcys8/744bd939eb710b65/4ed877671f7bb64 HTTP/1.1
Host: fwean.org.np
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-type: application/x-www-form-urlencoded
CF-Challenge: 4ed877671f7bb64
Content-Length: 14975
Origin: http://fwean.org.np
Connection: keep-alive
Referer: http://fwean.org.np/
Cookie: cf_chl_seq_4ed877671f7bb64=bHV45LxLfHOQ5e5; cf_chl_prog=e
HTTP/1.1 200 OK
Date: Sat, 03 Sep 2022 04:47:39 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
set-cookie: cf_chl_seq_4ed877671f7bb64=HEGbjbjpKHU0mo3;SameSite=Strict;HttpOnly
cf_chl_gen: 5Tm0C2rIoz/EzsKP8nulqUorg8W0GVbNX/6g3Dri5oY=$6pYs2i/WYtaeVlgl39BvZg==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dI0N0l8uiEKXIzVWHW77vhslM%2BqAJFCPqKCT8CHLQsWw%2FrlAkdgIGCqMKlprHDJp%2B2QoYTfLxHn%2F6yPRzv7UjKHZVNU%2FYkO6I8c8zW2rjwc4tpWNMgLIOlfH77SRxhU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 744bd9426b75b4ff-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 55b7693f9af9c7164f955d69dd043417
db0ba6a6c35d93a8f390daa0f755a7aada35a34f
28450277d3868d672c71a025db3fffb734a6c914f929053ead856ac1c019d296
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "28450277D3868D672C71A025DB3FFFB734A6C914F929053EAD856AC1C019D296"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19848
Expires: Sat, 03 Sep 2022 10:18:28 GMT
Date: Sat, 03 Sep 2022 04:47:40 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 55b7693f9af9c7164f955d69dd043417
db0ba6a6c35d93a8f390daa0f755a7aada35a34f
28450277d3868d672c71a025db3fffb734a6c914f929053ead856ac1c019d296
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "28450277D3868D672C71A025DB3FFFB734A6C914F929053EAD856AC1C019D296"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19848
Expires: Sat, 03 Sep 2022 10:18:28 GMT
Date: Sat, 03 Sep 2022 04:47:40 GMT
Connection: keep-alive
cloudflare.hcaptcha.com/checksiteconfig?v=1f7dc62&host=fwean.org.np&sitekey=f9630567-8bfa-4fc9-8ee5-9c91c6276dff&sc=1&swa=1
200 OK 479 kB URL HTTP/2 cloudflare.hcaptcha.com/checksiteconfig?v=1f7dc62&host=fwean.org.np&sitekey=f9630567-8bfa-4fc9-8ee5-9c91c6276dff&sc=1&swa=1
IP
Size 479 kB (479130 bytes)
Hash d1cd9fdbece4b16a88f9bfc56d8ba1b2
65fddbcc0d923e5d4d29fce376b85e45472a6e2c
eac7024a31fc4944315c777d64eeff42655079ad6abbe96ae20970b81fd8151f
POST /checksiteconfig?v=1f7dc62&host=fwean.org.np&sitekey=f9630567-8bfa-4fc9-8ee5-9c91c6276dff&sc=1&swa=1 HTTP/1.1
Host: cloudflare.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://cf-assets.hcaptcha.com
Connection: keep-alive
Referer: https://cf-assets.hcaptcha.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 04:47:40 GMT
content-type: application/json
access-control-allow-origin: https://cf-assets.hcaptcha.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
access-control-allow-methods: GET, HEAD, POST, OPTIONS
cf-chl-bypass: 2
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 744bd9454b240b31-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2498
Expires: Sat, 03 Sep 2022 05:29:19 GMT
Date: Sat, 03 Sep 2022 04:47:41 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2498
Expires: Sat, 03 Sep 2022 05:29:19 GMT
Date: Sat, 03 Sep 2022 04:47:41 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2498
Expires: Sat, 03 Sep 2022 05:29:19 GMT
Date: Sat, 03 Sep 2022 04:47:41 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2498
Expires: Sat, 03 Sep 2022 05:29:19 GMT
Date: Sat, 03 Sep 2022 04:47:41 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2498
Expires: Sat, 03 Sep 2022 05:29:19 GMT
Date: Sat, 03 Sep 2022 04:47:41 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf445006-1014-4737-ad3b-0047d0183dd8.jpeg
200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf445006-1014-4737-ad3b-0047d0183dd8.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0bde418da52c5b733e4edeb10173974e
75555a00ea68f94d83233ca3dcb7ffa60ba9da5d
67bb1775a03b6b17b05181738c8196a9ed8087dc75927e649c28c084f31c0160
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf445006-1014-4737-ad3b-0047d0183dd8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8614
x-amzn-requestid: a941656b-92dd-4948-a24e-1437469def78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X2emWFBMIAMFq4w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631277c2-5336706371034d98547bafbd;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 21:38:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 2v3yN2UAH_DeMis8_-Br4uvD4SK-sluX1aFEM391ZhV4_G2lloBHQg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 21:49:44 GMT
age: 25077
etag: "75555a00ea68f94d83233ca3dcb7ffa60ba9da5d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e53e5b7-d429-4f33-bd77-ce946421df55.jpeg
200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e53e5b7-d429-4f33-bd77-ce946421df55.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 60769237af4f32c663d494d91a672d08
31305131f340191799484f212e15513bd1204e88
6df36e459f3a2d0271732b645009b116e6671363f6c3050d22bbfe2d911a77bd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7e53e5b7-d429-4f33-bd77-ce946421df55.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4994
x-amzn-requestid: de39357f-d378-4bb8-b4d9-7dd4f82fbb58
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xgj-kEHvoAMFyBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6309b390-119fa01e254e89cb39a1b794;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 06:02:56 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: V6_bFwCNNOb2sZgOQJ8NekZD0pbYwclTg17YlQjCIdKFKGuzfDR0nQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Sep 2022 03:42:03 GMT
age: 3938
etag: "31305131f340191799484f212e15513bd1204e88"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56dd6e3d-ca6e-4286-b0eb-3fd27d1623d2.jpeg
200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56dd6e3d-ca6e-4286-b0eb-3fd27d1623d2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f297f917b3352765d98f769daca00e70
bb2fbd1fbca9cdccded24d7dbefe16e3e6fc51c2
2b7dcf2d87e0aaa60777d951c0bf324eb01a6cd498a4947ef0db11d05d3f25d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56dd6e3d-ca6e-4286-b0eb-3fd27d1623d2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6387
x-amzn-requestid: 4fc12e7f-2c21-4413-8d5e-39b64e25457e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XdakSFtEIAMFa8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6308714e-330dc2e870f679a0199c22d0;Sampled=0
x-amzn-remapped-date: Fri, 26 Aug 2022 07:07:58 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: WCh6_uZMOpc2Fm6DT-WmxZNWT5sZhKVM-5rK2zO7PJTGdE2tGn72Gw==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 21:52:04 GMT
age: 24937
etag: "bb2fbd1fbca9cdccded24d7dbefe16e3e6fc51c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc564d2b6-daa1-414e-bb63-5116a4d51382.jpeg
200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc564d2b6-daa1-414e-bb63-5116a4d51382.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 06ffb5110d8bf50e601e91531f179e62
bb41e58777f4c3ed776a29e0e074f5fbcea5b814
59947d967e6f441c28fd42be2a834b7ba3eb52ab4a01579dab17c9e6fa5d8ed9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc564d2b6-daa1-414e-bb63-5116a4d51382.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8613
x-amzn-requestid: 4944a86f-87d8-434e-ba61-46e5029b0045
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XiVJ0F25IAMFh7A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630a68a5-64ff3e0556b9b1535084fda0;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 18:55:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: y5UDLDpHFHQxmQqce_1Rqs3-qntS0wwJYDMCOUNW5or9-BizyFbnrg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 05:12:10 GMT
age: 84931
etag: "bb41e58777f4c3ed776a29e0e074f5fbcea5b814"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e7beff9-947d-413f-a36c-3dc74d9e7e15.jpeg
200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e7beff9-947d-413f-a36c-3dc74d9e7e15.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0de9027ed264cacf67433af503eb3d24
7a63830b43a8bc9d0ca570b7ef7886e0b1e32a97
cd8af5bd5ac0371755bb944e0b6eb8f7265079aa8bebd39a030b6633c91abf27
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e7beff9-947d-413f-a36c-3dc74d9e7e15.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5457
x-amzn-requestid: 5c03bf43-e084-4669-b092-2d167a74306c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XtgFEFdZIAMF-VQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630ee086-084a524b4fbc9029198ddea5;Sampled=0
x-amzn-remapped-date: Wed, 31 Aug 2022 04:16:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: I8xPKgVUoLMZwMdmXaierFYFKOlq8lbUwfkAHHqK3jg25XndJRNFHw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 06:01:40 GMT
age: 81961
etag: "7a63830b43a8bc9d0ca570b7ef7886e0b1e32a97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7d7b349-4711-4e66-bc42-888934e385a2.jpeg
200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7d7b349-4711-4e66-bc42-888934e385a2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 23b580e2b673257d24b9c2e80c4c48ce
f3a3d835a37f9b23e7458f9b7bc721bc415b61cc
c0e3559fde3dd08cdbd360f39dddcc98dd7c1b3aebd0861cc07105872a116d11
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7d7b349-4711-4e66-bc42-888934e385a2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7501
x-amzn-requestid: bf297fc4-9164-45ee-bfab-06761a52e3ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X2eMJEP1IAMFdpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312771a-6b3e6416133d67a83d8a1469;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 21:35:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: datd5eYK6nOAUdEpy_y4gcqsVmCqjP4qhzTnlJ9pSrquoYk2PPugTA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 21:49:54 GMT
age: 25067
etag: "f3a3d835a37f9b23e7458f9b7bc721bc415b61cc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash bd3fc5af363903fec5971d708953fb5c
a55697803c9713d067504432bc2d9f11529b0c56
a3f809eb9c816f18b1152f0cb1c53db696d7647bce72be408a8367fbd291a63f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "A3F809EB9C816F18B1152F0CB1C53DB696D7647BCE72BE408A8367FBD291A63F"
Last-Modified: Thu, 01 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21598
Expires: Sat, 03 Sep 2022 10:47:39 GMT
Date: Sat, 03 Sep 2022 04:47:41 GMT
Connection: keep-alive
cloudflare.hcaptcha.com/1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload
200 OK 0 B URL HTTP/2 cloudflare.hcaptcha.com/1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload
IP
GET /1/api.js?endpoint=https%3A%2F%2Fcloudflare.hcaptcha.com&assethost=https%3A%2F%2Fcf-assets.hcaptcha.com&imghost=https%3A%2F%2Fcf-imgs.hcaptcha.com&render=explicit&recaptchacompat=off&onload=_cf_chl_hload HTTP/1.1
Host: cloudflare.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fwean.org.np/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Sep 2022 04:47:39 GMT
content-type: application/javascript
cf-ray: 744bd93dbe740b31-OSL
access-control-allow-origin: *
age: 0
cache-control: max-age=120
etag: W/"84729783ded6e9166650d2e40d1556b2"
last-modified: Thu, 11 Aug 2022 21:59:15 GMT
strict-transport-security: max-age=0
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-id: 10g5RVqLpYkU0aa-3kxGh5TDyliupy3A-DXslF07tUxdkEnx8Zz81g==
x-amz-cf-pop: OSL50-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2
cf-assets.hcaptcha.com/captcha/v1/1f7dc62/static/hcaptcha.html
200 OK 0 B URL HTTP/2 cf-assets.hcaptcha.com/captcha/v1/1f7dc62/static/hcaptcha.html
IP
GET /captcha/v1/1f7dc62/static/hcaptcha.html HTTP/1.1
Host: cf-assets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fwean.org.np/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 04:47:40 GMT
content-type: text/html
cf-ray: 744bd943ad84fac8-OSL
access-control-allow-origin: *
age: 1028482
cache-control: max-age=1209600
last-modified: Thu, 11 Aug 2022 21:59:15 GMT
strict-transport-security: max-age=0
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-id: BdXSxBUU293KtfWo5P420mqOHm1tKQbfGCpdAv7ExwWwoiAJ_KpY8Q==
x-amz-cf-pop: OSL50-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
set-cookie: __cf_bm=r5EK2NfGPYhM.ETfTQPWmqV_SQ0Bn9dmUaSGWlSEyGc-1662180460-0-ASgH5kd42xFx4Kcn/pAzv5POgfglGX7Tzu8h6hSmwLf1Uj0RYbOzXglfY5425CGuXXGyWB1xT+pAhV3AbG2KYb4=; path=/; expires=Sat, 03-Sep-22 05:17:40 GMT; domain=.cf-assets.hcaptcha.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2
cf-assets.hcaptcha.com/captcha/v1/1f7dc62/hcaptcha.js
200 OK 0 B URL HTTP/2 cf-assets.hcaptcha.com/captcha/v1/1f7dc62/hcaptcha.js
IP
GET /captcha/v1/1f7dc62/hcaptcha.js HTTP/1.1
Host: cf-assets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cf-assets.hcaptcha.com/captcha/v1/1f7dc62/static/hcaptcha.html
Cookie: __cf_bm=QELZivg1l2cztzsxaa0qOsee4whwrp6WWkKp0Xl4GfI-1662180460-0-AeaJMF65BL3i3DvOmhFP8ib9ocRCJz5buh2h0it2NLnvcd7OaXQQExAZ7omvGnUsUsIn+NnQiFGoem3o2/HsyOg=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 04:47:40 GMT
content-type: application/javascript
cf-ray: 744bd943bd8afac8-OSL
access-control-allow-origin: *
age: 1028482
cache-control: max-age=1209600
etag: W/"84729783ded6e9166650d2e40d1556b2"
last-modified: Thu, 11 Aug 2022 21:59:15 GMT
strict-transport-security: max-age=0
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-id: 10g5RVqLpYkU0aa-3kxGh5TDyliupy3A-DXslF07tUxdkEnx8Zz81g==
x-amz-cf-pop: OSL50-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2
fwean.org.np/favicon.ico
404 Not Found 0 B IP
GET /favicon.ico HTTP/1.1
Host: fwean.org.np
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fwean.org.np/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Sat, 03 Sep 2022 04:47:41 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
referrer-policy: same-origin
vary: Accept-Encoding,User-Agent
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IJILveKhQzrDi9kFkwBZBJv5V2K9JwzvZBSjpzMr9cctg0%2FmXGsVth%2BvZdBEFZYDdVQw67uGvzl%2Fju9pb7SnOvL8nxi5UyWwIGjkOCTgH2CsfDLNmIajQt9F14FLasw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 744bd93ff96cb521-OSL
content-encoding: br
X-Firefox-Spdy: h2
cf-assets.hcaptcha.com/captcha/v1/1f7dc62/static/hcaptcha.html
200 OK 0 B URL HTTP/2 cf-assets.hcaptcha.com/captcha/v1/1f7dc62/static/hcaptcha.html
IP
GET /captcha/v1/1f7dc62/static/hcaptcha.html HTTP/1.1
Host: cf-assets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fwean.org.np/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Sep 2022 04:47:40 GMT
content-type: text/html
cf-ray: 744bd9437d6afac8-OSL
access-control-allow-origin: *
age: 1028482
cache-control: max-age=1209600
last-modified: Thu, 11 Aug 2022 21:59:15 GMT
strict-transport-security: max-age=0
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-id: BdXSxBUU293KtfWo5P420mqOHm1tKQbfGCpdAv7ExwWwoiAJ_KpY8Q==
x-amz-cf-pop: OSL50-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
set-cookie: __cf_bm=982il2S20slqYfbq1oL5.lH1C0Vbn0NEwBw29ypRC74-1662180460-0-AVlbQUap6UmNT+0nS8pHOEoO7vwog3VORYDQ8SvRWZw7OEPXFDZyCTRkraNUYj8L1COGqSvHlISsQUOaxyXWaBc=; path=/; expires=Sat, 03-Sep-22 05:17:40 GMT; domain=.cf-assets.hcaptcha.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2
cf-assets.hcaptcha.com/captcha/v1/1f7dc62/static/hcaptcha.html
200 OK 0 B URL HTTP/2 cf-assets.hcaptcha.com/captcha/v1/1f7dc62/static/hcaptcha.html
IP
GET /captcha/v1/1f7dc62/static/hcaptcha.html HTTP/1.1
Host: cf-assets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fwean.org.np/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 04:47:40 GMT
content-type: text/html
cf-ray: 744bd943ad83fac8-OSL
access-control-allow-origin: *
age: 1028482
cache-control: max-age=1209600
last-modified: Thu, 11 Aug 2022 21:59:15 GMT
strict-transport-security: max-age=0
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-id: BdXSxBUU293KtfWo5P420mqOHm1tKQbfGCpdAv7ExwWwoiAJ_KpY8Q==
x-amz-cf-pop: OSL50-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
set-cookie: __cf_bm=fNNYnWyQd8BJMaO8KsqZkBtN2vdXRoUPRkiwi.d5fvw-1662180460-0-ATqX6+BfMQgLhRAIIfbcsgl8s4YtD4C8fln4aXfFhqn+a6A4k7ZjBcYnkroP0Rq0CNOe/fjErRsJjbJcxTZrKw8=; path=/; expires=Sat, 03-Sep-22 05:17:40 GMT; domain=.cf-assets.hcaptcha.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2
cf-assets.hcaptcha.com/captcha/v1/1f7dc62/static/hcaptcha.html
200 OK 0 B URL HTTP/2 cf-assets.hcaptcha.com/captcha/v1/1f7dc62/static/hcaptcha.html
IP
GET /captcha/v1/1f7dc62/static/hcaptcha.html HTTP/1.1
Host: cf-assets.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fwean.org.np/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 04:47:40 GMT
content-type: text/html
cf-ray: 744bd943ad85fac8-OSL
access-control-allow-origin: *
age: 1028482
cache-control: max-age=1209600
last-modified: Thu, 11 Aug 2022 21:59:15 GMT
strict-transport-security: max-age=0
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-id: BdXSxBUU293KtfWo5P420mqOHm1tKQbfGCpdAv7ExwWwoiAJ_KpY8Q==
x-amz-cf-pop: OSL50-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
set-cookie: __cf_bm=QELZivg1l2cztzsxaa0qOsee4whwrp6WWkKp0Xl4GfI-1662180460-0-AeaJMF65BL3i3DvOmhFP8ib9ocRCJz5buh2h0it2NLnvcd7OaXQQExAZ7omvGnUsUsIn+NnQiFGoem3o2/HsyOg=; path=/; expires=Sat, 03-Sep-22 05:17:40 GMT; domain=.cf-assets.hcaptcha.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2
cloudflare.hcaptcha.com/checksiteconfig?v=1f7dc62&host=fwean.org.np&sitekey=f9630567-8bfa-4fc9-8ee5-9c91c6276dff&sc=1&swa=1
200 OK 0 B URL HTTP/2 cloudflare.hcaptcha.com/checksiteconfig?v=1f7dc62&host=fwean.org.np&sitekey=f9630567-8bfa-4fc9-8ee5-9c91c6276dff&sc=1&swa=1
IP
POST /checksiteconfig?v=1f7dc62&host=fwean.org.np&sitekey=f9630567-8bfa-4fc9-8ee5-9c91c6276dff&sc=1&swa=1 HTTP/1.1
Host: cloudflare.hcaptcha.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Origin: https://cf-assets.hcaptcha.com
Connection: keep-alive
Referer: https://cf-assets.hcaptcha.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Sep 2022 04:47:40 GMT
content-type: application/json
access-control-allow-origin: https://cf-assets.hcaptcha.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
access-control-allow-methods: GET, HEAD, POST, OPTIONS
cf-chl-bypass: 2
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 744bd9454b220b31-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
104.21.88.199
143.204.55.115
23.36.77.32
104.18.18.132
93.184.220.29