r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3d0727e32cd103ddd4b73f28c81758aa
197a7bf43d63723fc532c23c6dced68d5cc36652
d3f75d03561d6a47d19370292e821a86e58381466f0c69386a21175de55882ff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3F75D03561D6A47D19370292E821A86E58381466F0C69386A21175DE55882FF"
Last-Modified: Fri, 11 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8178
Expires: Sat, 12 Nov 2022 21:29:12 GMT
Date: Sat, 12 Nov 2022 19:12:54 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash de470c6bab46e7c4b7cc69f392900fe7
189e4dcc4c2b8bf1f050e06bd68bce8a99618918
86f57134ddebd23a25615dc4d59c4b1ca8919e3e0495e1f006cbe7c0f39aa27e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4091
Cache-Control: max-age=145592
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 19:12:54 GMT
Etag: "636f75f3-1d7"
Expires: Mon, 14 Nov 2022 11:39:26 GMT
Last-Modified: Sat, 12 Nov 2022 10:31:15 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5076aaa9f4ccd602540286ce0590cb9a
bbf7936a8413a564478971d9e19beb6338cbc869
00e3b967c579b0ccf709b78d497a43d95646b16eb50925fef1e2694c58f290b2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "00E3B967C579B0CCF709B78D497A43D95646B16EB50925FEF1E2694C58F290B2"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11509
Expires: Sat, 12 Nov 2022 22:24:43 GMT
Date: Sat, 12 Nov 2022 19:12:54 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4736bac84ca28f2b1e961159fb4ea098
1319612979f53896fcfeacd4215c2715d4951e4c
5e81213e111ddf68c7f884f72b4e06fc4dc95eb902c3cf0762236b2418840dba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 12 Nov 2022 18:44:03 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1731
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Rt6mVPd0TFxwrESrKsjYpUPxzco0KtB1gy0jSm3jdWtsps+zow+7F8lASXjxu1B6TKoHSGEg2023fzZrV9FydQ==
x-amz-request-id: RHQD11M61MFV638W
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 12 Nov 2022 18:50:23 GMT
age: 1351
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 19:12:54 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Cache-Control, Pragma, Retry-After, ETag, Alert, Expires, Backoff, Content-Type, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 12 Nov 2022 18:25:00 GMT
cache-control: public,max-age=3600
age: 2874
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ae51f1958554de4457c22a7d5a9ba8b6
173e90a8c6ee36b7ec569dbea47436a90d7e7c76
dc43a04e1e26243f63a8e628f2ebcb23a9527fd4bc40dc6d1d61879b0f95bb21
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4534
Cache-Control: max-age=140971
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 19:12:55 GMT
Etag: "636f622c-1d7"
Expires: Mon, 14 Nov 2022 10:22:26 GMT
Last-Modified: Sat, 12 Nov 2022 09:06:52 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
44.237.163.41101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.237.163.41:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: oTBmSXdJhEtBRUxywEScMw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 1C6bkV5UybfhxijCrN8xG/PTz1o=
cs8r76.cyou/ffd1RFFkQ14DclNCQkZ9UChmWDF0dEdbZQZOAW81MCI5ViUhbgE1H19jISECVSwtCAxyRCxeEBxyRV5zFBQ&p=pswxvb
172.67.174.112200 OK 548 B URL HTTP/1.1 cs8r76.cyou/ffd1RFFkQ14DclNCQkZ9UChmWDF0dEdbZQZOAW81MCI5ViUhbgE1H19jISECVSwtCAxyRCxeEBxyRV5zFBQ&p=pswxvb
IP 172.67.174.112:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 51022108707efb59f0d83dfdd7721269
41a25d898ac179a3dadcb6094fb4ae2067dae966
9a66fd84f47662da1773309e43a03d42dbfff223b2e40937d565b751275721f2
GET /ffd1RFFkQ14DclNCQkZ9UChmWDF0dEdbZQZOAW81MCI5ViUhbgE1H19jISECVSwtCAxyRCxeEBxyRV5zFBQ&p=pswxvb HTTP/1.1
Host: cs8r76.cyou
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 19:12:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST,GET,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,X_Requested_With,X-PINGOTHER,Content-Type
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XbY0GBorfAUr2%2Fw1Se28y7JGVAYVh7L%2BLSa3305ywItRF4Qz5UV84UAxvWDDpEUNHsgvpWw5fq%2Fse%2BIJ8Gi6TINGwXfk68OlbBB%2Bf72KzH2XFHAhVERYVen6W8fPYg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 769194f36a120b59-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/s/gts1p5/6eQuBFf6OlY
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/6eQuBFf6OlY
IP 142.250.74.3:0
Hash 79dfd78b9d8300bd9de2a1f49f26e885
156bfd9597059b0ffdaf673cd28d198aaa916f9b
c514f6365ce2a05e661d55b5379d192124ef0dcc2d3315505263ca829069bc50
POST /s/gts1p5/6eQuBFf6OlY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 19:12:55 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fb29db48daab83bcaed56b72093619cc
e0e0a09d729ffb1c41411419768896f1e1eb3346
08e24124f809f1ab7e6960355efcb419e13dd5fb6063c31caf04e11ebdb7a5cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5191
Expires: Sat, 12 Nov 2022 20:39:27 GMT
Date: Sat, 12 Nov 2022 19:12:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fb29db48daab83bcaed56b72093619cc
e0e0a09d729ffb1c41411419768896f1e1eb3346
08e24124f809f1ab7e6960355efcb419e13dd5fb6063c31caf04e11ebdb7a5cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5191
Expires: Sat, 12 Nov 2022 20:39:27 GMT
Date: Sat, 12 Nov 2022 19:12:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fb29db48daab83bcaed56b72093619cc
e0e0a09d729ffb1c41411419768896f1e1eb3346
08e24124f809f1ab7e6960355efcb419e13dd5fb6063c31caf04e11ebdb7a5cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5191
Expires: Sat, 12 Nov 2022 20:39:27 GMT
Date: Sat, 12 Nov 2022 19:12:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fb29db48daab83bcaed56b72093619cc
e0e0a09d729ffb1c41411419768896f1e1eb3346
08e24124f809f1ab7e6960355efcb419e13dd5fb6063c31caf04e11ebdb7a5cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5191
Expires: Sat, 12 Nov 2022 20:39:27 GMT
Date: Sat, 12 Nov 2022 19:12:56 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d4e929-d0bb-41b7-bdcd-0e67258b428a.webp
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d4e929-d0bb-41b7-bdcd-0e67258b428a.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 516f1bfefb1c1a737ea2441f85343b32
0cc22d7bf9092fb30f31e2ca8f242c197b891669
733824d4f6f7c5b54ce4e02ecaf152cfc1e10f3f6a801d7e2c55a02460e40087
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d4e929-d0bb-41b7-bdcd-0e67258b428a.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9012
x-amzn-requestid: 83eac9e7-5387-4e11-9769-182fa3f7fffb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdNC6FxzoAMF80w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec212-5ca277b90a5a9a4c437edc1e;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:43:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: PrJoEROPymrtc0egNlWRoOMjohiCo3zReD01qAHwByaSiXarfRS0XQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 22:00:43 GMT
age: 76333
etag: "0cc22d7bf9092fb30f31e2ca8f242c197b891669"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6f7d2f5-4807-4bbd-a3db-7a239962aca5.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6f7d2f5-4807-4bbd-a3db-7a239962aca5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 85c6f450b38f41a2fb924d6d9a9cbff8
691f59b65ca9fde4f59bbf96b37071e07351f190
c8f877488a2cf65f0d9829384fd4113847722a1b4df94b6b1d5788699689722c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6f7d2f5-4807-4bbd-a3db-7a239962aca5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5583
x-amzn-requestid: e844f42a-e87e-4e61-8c97-137c07c5ae28
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bNeQ9Ho7IAMF5_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63687739-62c44d2f7d23632e74895bd8;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 03:10:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: uHlIN1IVGCFUVl5lx5pFSux0YncseT2HQjiwFDL9eaEaBa9CdnCl8g==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 12 Nov 2022 04:50:44 GMT
age: 51732
etag: "691f59b65ca9fde4f59bbf96b37071e07351f190"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F073ec866-b693-4f96-82bf-76ba051797c9.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F073ec866-b693-4f96-82bf-76ba051797c9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash faa8e3cf2ab3c1d53a1735def5bb7476
ccc1ec5ebb5090c6255dcb1e8899e95cdd91e12f
e81a8fa312ec478871427f1d04ba7fe563573c683809153f75dec8df979d6efe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F073ec866-b693-4f96-82bf-76ba051797c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6577
x-amzn-requestid: b4587cfb-6041-453c-9e74-fa35ecd31448
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMjIGHRoAMF26g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec147-29e7ec741b0e6f6f674aef75;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hsMmHIBEt_4cL455goPqDKQVQA75u4oGFbSxsGP_e_0uG7SZmSLBhQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 22:00:57 GMT
age: 76319
etag: "ccc1ec5ebb5090c6255dcb1e8899e95cdd91e12f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5720fc8-63c5-4f5e-bb64-33809e0069fe.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5720fc8-63c5-4f5e-bb64-33809e0069fe.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f09e254cd6f2e29b3bf198cc5d58a46f
fa34520e849bf746ff43aec3d28beb9e4be44f4d
2e29eace95fd8cb5b6d77df880d2044ecab4206cba47931c3a95e77c1b4e9d9a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe5720fc8-63c5-4f5e-bb64-33809e0069fe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8953
x-amzn-requestid: 2a2d20f4-3aa5-475e-8ec2-fc569766335e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhQGAhIAMFrjw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-26dc0259793ec94814f3d41a;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: OKFzEoCVITStAPxYzhksarrlTkVeATx6AzBnEK32WLFaOeEIwLMu_Q==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:45:12 GMT
etag: "fa34520e849bf746ff43aec3d28beb9e4be44f4d"
content-type: image/jpeg
age: 77264
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbae1f7e5-4deb-446b-bef2-d4185563f449.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbae1f7e5-4deb-446b-bef2-d4185563f449.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43e4308988c320212eab6fb4d27c215e
2c2503ca7de1a0c9a4224131f9b0e4b990f7efcd
56efcb5d90ed224301384c850ec2f11317c2426fdc8ed6f88a211bbb75e6871e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbae1f7e5-4deb-446b-bef2-d4185563f449.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12578
x-amzn-requestid: 60fda47c-9518-4ab3-8f94-4e925f0b6773
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdM8iHeHoAMFQFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec1e9-62597e7b5c0f3b6b1e53bcce;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:43:05 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: FSquX2GRcCI4_Onwfi5qm_oBKl5EvL1RZJO84zJgyoEr7tPVTMy9dQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:43:47 GMT
age: 77349
etag: "2c2503ca7de1a0c9a4224131f9b0e4b990f7efcd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe8955e1-907b-43ed-a437-d4ad1f5fe742.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe8955e1-907b-43ed-a437-d4ad1f5fe742.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 38e32fc94c445ff47da5d2907e61e3a4
c76588ccaf97fdfd6e73833083200cb49a01a4af
e4e3947b2248206c9dacfd35ff5619ca3b3ae56a7bcd565d40ed048839ffa075
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe8955e1-907b-43ed-a437-d4ad1f5fe742.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5478
x-amzn-requestid: c06e47c6-da2a-4a70-af2a-c1268557b913
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdM67FEEIAMF-pA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec1df-0628d00244323ddf727e0b80;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:42:55 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3zeJU6wVmWDIbVDBlTYvTh8e78isxbmNC0GKWdKqdI5abbdERoyzpA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:45:13 GMT
age: 77263
etag: "c76588ccaf97fdfd6e73833083200cb49a01a4af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/6eQuBFf6OlY
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/6eQuBFf6OlY
IP 142.250.74.3:0
Hash 79dfd78b9d8300bd9de2a1f49f26e885
156bfd9597059b0ffdaf673cd28d198aaa916f9b
c514f6365ce2a05e661d55b5379d192124ef0dcc2d3315505263ca829069bc50
POST /s/gts1p5/6eQuBFf6OlY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 19:12:57 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.jsdelivr.cc/npm/jquery@3.6.0/dist/jquery.min.js
172.67.151.125200 OK 32 kB URL HTTP/2 cdn.jsdelivr.cc/npm/jquery@3.6.0/dist/jquery.min.js
IP 172.67.151.125:0
File type ASCII text, with very long lines (65446), with CRLF line terminators
Hash 7ec2b1bca61d32a168cb2410fc8f139b
e98d8626492e318a4e71c0a9fc0330144c9aa509
1866645e5658801b1d200eaafe91498bad315e69264d41dff89c384bead38646
GET /npm/jquery@3.6.0/dist/jquery.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://williamreed2.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 19:12:57 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycdujKqP4OmsICcw4by2ej4M3gF2bmp67KcND5Yd7ZkChGu92L3U7j930k4J7s5KmD98KzStiLKDZt_7_8jjTVv4
expires: Sat, 12 Nov 2022 19:23:50 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:30:17 GMT
etag: W/"3e4bb227fb55271bfe9c9d4a09147bd8"
x-goog-generation: 1647502217775195
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 89501
x-goog-hash: crc32c=JnXAUA==, md5=PkuyJ/tVJxv+nJ1KCRR72A==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 2738
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QJJmGF1wqe8Q%2FiI2mNPPOTnm3UlD1pyjwyAAalJpe9olxWrjhxewugIIltVT70O8N14aaEoeQuzrZDcSp2t3DozgB9PYMjjmTiIl7q%2BOGhVPG0r50pBWg0BAhHHOX%2FCAowg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76919504dd5ffab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 351a509aec6ff598291ef80400a396fc
6ef04a2e2072ec071862caaca391c67cf1a98716
757907e320788f454f433aebd6658990b78a61acf49e72ea583e42edf90a92b5
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "757907E320788F454F433AEBD6658990B78A61ACF49E72EA583E42EDF90A92B5"
Last-Modified: Fri, 11 Nov 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4345
Expires: Sat, 12 Nov 2022 20:25:22 GMT
Date: Sat, 12 Nov 2022 19:12:57 GMT
Connection: keep-alive
cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/css/select2.min.css
151.101.85.229200 OK 2.2 kB URL HTTP/2 cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/css/select2.min.css
IP 151.101.85.229:0
File type ASCII text, with very long lines (16263)
Hash bd3ea59ca12635e32402ec20cb196249
b1bfdaba4a00c2932245ff9eabea38016f9c9069
b99f8f79de257275fdbf6a8e0eb4652b0d69429552234b1f444c08ae85000341
GET /npm/select2@4.1.0-rc.0/dist/css/select2.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://williamreed2.cn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.1.0-rc.0
x-jsd-version-type: version
etag: W/"3f88-kT+fe5U1rseQyjzp1uNaz682mZM"
content-encoding: gzip
accept-ranges: bytes
date: Sat, 12 Nov 2022 19:12:57 GMT
age: 19700883
x-served-by: cache-fra19146-FRA, cache-bma1666-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2162
X-Firefox-Spdy: h2
1.bp.blogspot.com/-T_4FPQJDXos/YKsjbNLDpRI/AAAAAAAABho/lE-RXu-La9UZUtmJisWFGBB7Gyzc2-M_QCLcBGAsYHQ/s16000/Norway_inbox.png
142.250.74.161200 OK 14 kB URL HTTP/2 1.bp.blogspot.com/-T_4FPQJDXos/YKsjbNLDpRI/AAAAAAAABho/lE-RXu-La9UZUtmJisWFGBB7Gyzc2-M_QCLcBGAsYHQ/s16000/Norway_inbox.png
IP 142.250.74.161:0
File type PNG image data, 350 x 251, 8-bit colormap, non-interlaced\012- data
Hash ff055162c5d233506eece3fb69a47e74
49812e303ae6674819b6a7a6e0721d555ef64df4
7e46c8bcf219a0d6f0f3d5c5b027ed613678a0c54d637172d6495f428ff80150
GET /-T_4FPQJDXos/YKsjbNLDpRI/AAAAAAAABho/lE-RXu-La9UZUtmJisWFGBB7Gyzc2-M_QCLcBGAsYHQ/s16000/Norway_inbox.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://williamreed2.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Norway_inbox.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 13695
x-xss-protection: 0
date: Sat, 12 Nov 2022 16:25:42 GMT
expires: Sun, 06 Nov 2022 03:02:48 GMT
cache-control: public, max-age=86400, no-transform
age: 10035
etag: "v630"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash e7dc2623cb841be51d3e8857e015d8e1
cbfdb2a7b965598de893fef89d47e17763501acf
df1fc0809a603469e6abcf1f07a13d792550d68c862f80e38c00e47e9b233a5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 19:12:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@6.1.1/css/all.min.css
151.101.85.229200 OK 21 kB URL HTTP/2 cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@6.1.1/css/all.min.css
IP 151.101.85.229:0
File type ASCII text, with very long lines (65317)
Hash b5ae87c0e4dd241b533e67053b0b719d
6b7b568694a95d81a94dea9ef7a85d1317d448dc
5bae5997fbca925ac6e52be8163ca897e751fcc9331552e0f77a22dd35b64521
GET /npm/@fortawesome/fontawesome-free@6.1.1/css/all.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://williamreed2.cn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 6.1.1
x-jsd-version-type: version
etag: W/"189ae-CRAs/GDvtDCiXul87ppqNd9t/Fk"
content-encoding: gzip
accept-ranges: bytes
date: Sat, 12 Nov 2022 19:12:57 GMT
age: 5271906
x-served-by: cache-fra19168-FRA, cache-bma1666-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 20556
X-Firefox-Spdy: h2
cdnbun.com/upload/eluosi1.jpg
172.67.159.172200 OK 22 kB URL HTTP/2 cdnbun.com/upload/eluosi1.jpg
IP 172.67.159.172:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash d4b712a05944adf72527703b85691f23
228adf6bf4826b084719ff815ea448f2886e3212
3a23560d3cd93cff92ab857cd3669803917020b5980ef6922e85db35e59a89f1
GET /upload/eluosi1.jpg HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://williamreed2.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 19:12:57 GMT
content-type: image/jpeg
content-length: 22179
x-guploader-uploadid: ADPycdvlzPyMzgk5UI3GjsH-q9N61ElBHjl-G2PRN6vX9WXvYXddc_0iQH9qVkSU3Ley7ro7-KlXx5mB7UuxoBMTAdoEfA
expires: Sat, 12 Nov 2022 17:52:09 GMT
cache-control: public, max-age=14400
last-modified: Sun, 06 Nov 2022 15:30:32 GMT
etag: "d4b712a05944adf72527703b85691f23"
x-goog-generation: 1667748632364229
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 22179
x-goog-hash: crc32c=LWYUsQ==, md5=1LcSoFlErfclJ3A7hWkfIw==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 3359
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eyFHAziyPYyfjEb0wbfKzlW7%2FA540pzKlUux%2BPcn9Y2CjcCIoSvnk%2F9gymLtbavCAgrQzOqdgTijb1vDcNeOt2%2BNZSA1MCncp1R0MjJxEn3bPxCyYpX3%2FlbzarzF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 769195055a52b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
1.bp.blogspot.com/-6OjTtrMq588/YKsjbL-wmoI/AAAAAAAABhs/UuUHtZD40v4QF-PMdm29IuYEYXf1-gCCwCLcBGAsYHQ/s16000/Norway_outbox.png
142.250.74.161200 OK 181 kB URL HTTP/2 1.bp.blogspot.com/-6OjTtrMq588/YKsjbL-wmoI/AAAAAAAABhs/UuUHtZD40v4QF-PMdm29IuYEYXf1-gCCwCLcBGAsYHQ/s16000/Norway_outbox.png
IP 142.250.74.161:0
File type PNG image data, 497 x 308, 8-bit/color RGBA, non-interlaced\012- data
Size 181 kB (180954 bytes)
Hash fd835c1f326d3e7da0d9839550f66723
5004618bc15011d7d0f569f60f900d076b164b3d
b2286c3ed452ee4eeb15d2044a90cfc456d4789b2fdbe42bb9e023c9da18e4a8
GET /-6OjTtrMq588/YKsjbL-wmoI/AAAAAAAABhs/UuUHtZD40v4QF-PMdm29IuYEYXf1-gCCwCLcBGAsYHQ/s16000/Norway_outbox.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://williamreed2.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Norway_outbox.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 180954
x-xss-protection: 0
date: Sat, 12 Nov 2022 16:25:42 GMT
expires: Sun, 06 Nov 2022 03:02:48 GMT
cache-control: public, max-age=86400, no-transform
age: 10035
etag: "v632"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdnbun.com/upload/eluosi4.jpg
172.67.159.172200 OK 26 kB URL HTTP/2 cdnbun.com/upload/eluosi4.jpg
IP 172.67.159.172:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 298x300, components 3\012- data
Hash 22b509a922d4242b19e6ab043bd85cd7
6e713eab1efbb0e9acf2c4854a7bea65dd373da0
9880fd6bf2263d4139e90300cb3814d9bc4ee4f9fdb16fa74833663de77fd215
GET /upload/eluosi4.jpg HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://williamreed2.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 19:12:57 GMT
content-type: image/jpeg
content-length: 26011
x-guploader-uploadid: ADPycdvKIbWM8n5YtzJhlbf8WS3qk0XDVSKjlToH9KvmF9ZccilHnK9oCZ0StWzNU3g-2UxPr2qP_x7gy8HPTsEYiiO14w
expires: Sat, 12 Nov 2022 18:35:07 GMT
cache-control: public, max-age=14400
last-modified: Sun, 06 Nov 2022 15:30:33 GMT
etag: "22b509a922d4242b19e6ab043bd85cd7"
x-goog-generation: 1667748633368365
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 26011
x-goog-hash: crc32c=6z0j1g==, md5=IrUJqSLUJCsZ5qsEO9hc1w==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 3359
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=meGajPS%2BUWM1rsMwxLKFeFOzHYey1F4YKZpL8DdTm2JOdzCyLFEORey3sNYcPmR3sxuTETziLpo063RvHkDcG%2Boakf9SXgi1TTZEs7DQScDMTrJHEKKUhKcvx2Gk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 769195055a53b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnbun.com/upload/maxirs-box3.png
172.67.159.172200 OK 28 kB URL HTTP/2 cdnbun.com/upload/maxirs-box3.png
IP 172.67.159.172:0
File type PNG image data, 280 x 202, 8-bit/color RGBA, non-interlaced\012- data
Hash 488593a16b93e295cbf1b620494bdfb7
62958a134099b90a589029718d14424cc66d3bf8
7e244493059a0294b42f93b3fb6cb3912ecc6640490018d1b4a8c9e4aee90758
GET /upload/maxirs-box3.png HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://williamreed2.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 19:12:57 GMT
content-type: image/png
content-length: 28423
x-guploader-uploadid: ADPycdtqyEM4EFFMKAqKg1QYh-FMUYLh8czClClx-1ukVCohoPbbhHifAmfrz4Bjt3hGz-T2SHjSb74rblHi0PiblcTYKOvj4qlW
expires: Sat, 12 Nov 2022 17:51:37 GMT
cache-control: public, max-age=14400
last-modified: Tue, 08 Nov 2022 14:59:54 GMT
etag: "488593a16b93e295cbf1b620494bdfb7"
x-goog-generation: 1667919594654005
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 28423
x-goog-hash: crc32c=JPTXAw==, md5=SIWToWuT4pXL8bYgSUvftw==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 3359
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rqCaufUi2zJSYPEcadh6hMYmdp5TI%2FfJDOkQUAo9XdN%2F0BfIZXFRC2L8U8GqhH3EOLaZFyvecAUtPlX2V%2FW2WXdaYIhNEgYjMdUjE8wta969aCxcsVyDz1rppy%2BO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 769195055a54b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a103082c8446f50fe4fc4f6b75f7dc71
4b1f2810a0f234da388555c7f14709a61a606c95
1b454b111aa40a16c3a3432649efcfe199c3cbb33690693cae0d19ec16a9098c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1B454B111AA40A16C3A3432649EFCFE199C3CBB33690693CAE0D19EC16A9098C"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3501
Expires: Sat, 12 Nov 2022 20:11:18 GMT
Date: Sat, 12 Nov 2022 19:12:57 GMT
Connection: keep-alive
cdnbun.com/upload/eluosi6.jpg
172.67.159.172200 OK 26 kB URL HTTP/2 cdnbun.com/upload/eluosi6.jpg
IP 172.67.159.172:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 9a468a7999ba9f1335895a8229e3edff
8c93a3bab4482c52a1a76b4244ee5ab0db5f58c6
b86dc3ceddba1b7bb1c69af9e80f8a6febd04eac185e7f36a0a500a2744ab8c4
GET /upload/eluosi6.jpg HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://williamreed2.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 19:12:57 GMT
content-type: image/jpeg
content-length: 26046
x-guploader-uploadid: ADPycdsicBTKP9TfK2G6bTEAAo0aoLxv-oC6_DY_vUwum-VjvqhQ2ryZjyqUQyjafbZICqKTnD9EipMP-xMKA0DMo4aK
expires: Sat, 12 Nov 2022 19:09:03 GMT
cache-control: public, max-age=14400
last-modified: Sun, 06 Nov 2022 15:30:33 GMT
etag: "9a468a7999ba9f1335895a8229e3edff"
x-goog-generation: 1667748633393566
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 26046
x-goog-hash: crc32c=0DG5Lg==, md5=mkaKeZm6nxM1iVqCKePt/w==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 3359
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nI4LYk2NbeGwAej3J0OJHkbtbxczPkYB8ATs5D7yMQtRzSzISl%2BO8GUB2E%2Fq83IineHTO%2FaWJH1eSmyJFAA%2BiiYinAm1NW3rolipvbLSeRUdHj9rivFTqlH%2BKpN%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 769195055a55b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnbun.com/upload/maxirs-right.png
172.67.159.172200 OK 970 B URL HTTP/2 cdnbun.com/upload/maxirs-right.png
IP 172.67.159.172:0
File type PNG image data, 14 x 168, 8-bit/color RGBA, non-interlaced\012- data
Hash 3b6c0bdd528e072b52484ee56d903690
0362b2279804122f39d7fdae819304437fd15b62
57ec14424e366ab196da8d390ccdcd7bd97316dfd0e914d609c4f3187c5be600
GET /upload/maxirs-right.png HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://williamreed2.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 19:12:57 GMT
content-type: image/png
content-length: 970
x-guploader-uploadid: ADPycduszTNgtoCfpO4fBU32JbU8Itaj7Oo_ZJGyZl9QcDwWT3vnIVz5-es8H90LCT73ZJKuxVs2InKCpLt2X388XbYJyT0LhEbr
expires: Sat, 12 Nov 2022 19:11:22 GMT
cache-control: public, max-age=14400
last-modified: Tue, 08 Nov 2022 14:59:57 GMT
etag: "3b6c0bdd528e072b52484ee56d903690"
x-goog-generation: 1667919597060039
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 970
x-goog-hash: crc32c=BplN4A==, md5=O2wL3VKOBytSSE7lbZA2kA==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 3359
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tl25PqFXxNFg7lXbnqP3nVz9cFwMIA6XD0mhHFnH5qHTPcv8PlFFzQEnsSAycaRUM5vLFj7wUKogUgM3kM9ieHfMnrJsn%2Bmjb4Y8LQZ1MNDeyDa%2FkwIxx%2FnbXHU1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 769195055a5eb50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnbun.com/upload/eluosi2.jpg
172.67.159.172200 OK 29 kB URL HTTP/2 cdnbun.com/upload/eluosi2.jpg
IP 172.67.159.172:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 79be95930beb6bc1de0d4ca13cc8c06d
53f32d4ea68a76b38a0118cd91474448d55383e7
a780cc1be971597620f9d7bded468c2db853695580c31ae09bc8af955fe1eb69
GET /upload/eluosi2.jpg HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://williamreed2.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 19:12:57 GMT
content-type: image/jpeg
content-length: 29087
x-guploader-uploadid: ADPycduMuemTXVQipIMeQBcVzZODRlUHyzgAq4RhU_qs_53TyJqaiQKui-HpZjFF0h2oJ5dJVY3J7fh2f2WLwnIcoU1D9Q
expires: Sat, 12 Nov 2022 18:38:56 GMT
cache-control: public, max-age=14400
last-modified: Sun, 06 Nov 2022 15:30:32 GMT
etag: "79be95930beb6bc1de0d4ca13cc8c06d"
x-goog-generation: 1667748632288054
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 29087
x-goog-hash: crc32c=epJt0Q==, md5=eb6Vkwvra8HeDUyhPMjAbQ==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 3359
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kqYJUeu82Ys85OfORBiPlPwdmK1k%2BJftuipYio2QuTbtw6UeZUsr0%2BX4vXn4qNY30ckXmKapcvt0lj56PtdI0psvX1hGjYoFWJTzmiSX1V4tQVwlcX4iRlYk09Qr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 769195055a5db50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
williamreed2.cn/JHEWxHvv/maxi-mrs/?_t=1668280374959pswxvb
172.67.214.16200 OK 46 kB URL HTTP/2 williamreed2.cn/JHEWxHvv/maxi-mrs/?_t=1668280374959pswxvb
IP 172.67.214.16:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (439), with CRLF line terminators
Hash b250b1fc9f2b0e78e38268aca20e53f4
48c40fc76057195518d17a74d0d220edc7d56f03
1454fe970078a787993a3c544c9329e39ec8692796904fd22ba6851fb6828248
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /JHEWxHvv/maxi-mrs/?_t=1668280374959pswxvb HTTP/1.1
Host: williamreed2.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cs8r76.cyou/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 19:12:56 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: pType=mo; expires=Sat, 12-Nov-2022 19:24:56 GMT; Max-Age=720; path=/; domain=williamreed2.cn
maxi-mrs-tthh1=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.williamreed2.cn
maxi-mrs-tthh2=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.williamreed2.cn
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HNZWf05Brw1Njf34Ef%2FOpAZGVNYKsJm%2FTTeeFCNfzR%2Fmv8rdCSW9V9H0uYmEQZ751p4SqiTEILz3aCiwjDujyxUaVd30LjzwTJv6EWlAqVGpdDktUrwOQpd4TxwUVOVd7%2Fs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 769194fbedfe0af6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnbun.com/upload/eluosi8.jpg
172.67.159.172200 OK 27 kB URL HTTP/2 cdnbun.com/upload/eluosi8.jpg
IP 172.67.159.172:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 294x300, components 3\012- data
Hash 353ad34d8c27f649b51ac04915c60575
7819776382f73acf9bd7e8d424c8d8e8088b0954
db69c86b1d3b504599baa330f83d4d764b939cabea44ebbe67058a563230068f
GET /upload/eluosi8.jpg HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://williamreed2.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 19:12:57 GMT
content-type: image/jpeg
content-length: 26993
x-guploader-uploadid: ADPycds_i79VxJVFGkrFCatKpYgAYJXzo6VG3C2tC2t90j5PzRZ_ZCrdGdY2Zgmi5qRITlW6AWsKtxuAZylMav-NmpLS
expires: Sat, 12 Nov 2022 18:25:16 GMT
cache-control: public, max-age=14400
last-modified: Sun, 06 Nov 2022 15:30:34 GMT
etag: "353ad34d8c27f649b51ac04915c60575"
x-goog-generation: 1667748634308187
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 26993
x-goog-hash: crc32c=cfoaBA==, md5=NTrTTYwn9km1GsBJFcYFdQ==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 3359
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mEiM9OJeFgBJmOM5YbZ%2FJzSbdlsMRGactr81tsCLnOJR8uHP3k2L5VWlmrBBgccZEdzeWpARGVvGjx4z%2BO7nMkINAT6NBDUodWLYSd4yJMXGvNZuYP2NjiRiGCJs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 769195055a5bb50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnbun.com/upload/maxirs-left.png
172.67.159.172200 OK 970 B URL HTTP/2 cdnbun.com/upload/maxirs-left.png
IP 172.67.159.172:0
File type PNG image data, 14 x 168, 8-bit/color RGBA, non-interlaced\012- data
Hash 7afbc54b28323565272e342a7426285b
2393318061100a7a21d91220290618fd865b95cf
950ac8cc62e82c6e35bc2ed30cf1555c38c098b50eda8a2c1d0f8f905f23ce6d
GET /upload/maxirs-left.png HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://williamreed2.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 19:12:57 GMT
content-type: image/png
content-length: 970
x-guploader-uploadid: ADPycdvdIkdfTZA3oeL4C11zJU9BDg7glgYJLxtMa4joF12p2Igtg6lIf8UODwPAOR_JzQlkETMD9ztOE_Sk8ZsITKSGMQuIQ_kj
expires: Sat, 12 Nov 2022 17:51:56 GMT
cache-control: public, max-age=14400
last-modified: Tue, 08 Nov 2022 14:59:55 GMT
etag: "7afbc54b28323565272e342a7426285b"
x-goog-generation: 1667919595899346
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 970
x-goog-hash: crc32c=KCcvyg==, md5=evvFSygyNWUnLjQqdCYoWw==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 3359
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BsR6%2BdnuOu8bed%2B0UZlku3H%2FPA8FqhICeE460SnOME%2BbSbdOJQ3WjePoZMyvozj0iN%2FrvSAFJbiU%2BNn5nS7DQOgUgJhLY708PV%2BMw3KUGVlRgJ1E1wYHPoBiJ8xL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 769195055a62b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnbun.com/upload/maxirs-box2.png
172.67.159.172200 OK 3.5 kB URL HTTP/2 cdnbun.com/upload/maxirs-box2.png
IP 172.67.159.172:0
File type PNG image data, 280 x 202, 8-bit/color RGBA, non-interlaced\012- data
Hash f64d3d38ba71d8b510a7c0901b5ec67d
252b6ee1280907ce8e15c72a78288f333e6453cd
d95cb5b42d435543bf930101ee9c5ea08ca13c8418367ae5ed8415b23ecbb420
GET /upload/maxirs-box2.png HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://williamreed2.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 19:12:57 GMT
content-type: image/png
content-length: 3503
x-guploader-uploadid: ADPycdurKtZsdIY1HmIT8vt2J_I69yZ7-4Mp4WZTxiVu0-pdMliloLbdU1VaK5Uqji7FJ3CUglNCAFOhPUKAu2azBwI_Al-J3bnd
expires: Sat, 12 Nov 2022 18:16:30 GMT
cache-control: public, max-age=14400
last-modified: Tue, 08 Nov 2022 14:59:54 GMT
etag: "f64d3d38ba71d8b510a7c0901b5ec67d"
x-goog-generation: 1667919594746002
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 3503
x-goog-hash: crc32c=LdzWqQ==, md5=9k09OLpx2LUQp8CQG17GfQ==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 3359
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MwIGLXTo9AEY9Z%2Bx0vdYZSe5m015e6mXe7WMuvFfRKyRYQuYVCAdqEI1ph0KGlbYv0TzHzIn3wak2fy8HBLnACU6ChE%2Fi3uS0KBGkeBY%2BfVXnUV4C3UnkWN7MmxK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 769195055a57b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnbun.com/upload/maxirs-m.png
172.67.159.172200 OK 10 kB URL HTTP/2 cdnbun.com/upload/maxirs-m.png
IP 172.67.159.172:0
File type PNG image data, 246 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 2e4a86341b11e4f6f1ab4f14462ce54c
c078bd852df10d2c35964fd40a4cee0d155f89b4
7028fe1e0a1be8764f8b1c5cbd671a87f919fa9ec790420e666b465931192f8d
GET /upload/maxirs-m.png HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://williamreed2.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 19:12:57 GMT
content-type: image/png
content-length: 10399
x-guploader-uploadid: ADPycdu4lUjCyiH3xJKCrwI8RmACrMwdDQmQm5m46qlJXqXCIPq6SDXi6WgBROibGb6EisKGy21hicKA77l4gdwzfy7MK16r8VKE
x-goog-generation: 1667919595922647
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 10399
x-goog-hash: crc32c=kdDB7A==, md5=LkqGNBsR5Pbxq08URizlTA==
x-goog-storage-class: STANDARD
expires: Sat, 12 Nov 2022 18:17:48 GMT
cache-control: public, max-age=14400
last-modified: Tue, 08 Nov 2022 14:59:55 GMT
etag: "2e4a86341b11e4f6f1ab4f14462ce54c"
cf-cache-status: HIT
age: 3359
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rne3ZJuQfYYjVZ8xKANJZgy5pKsemAAW7xxjvRollArNizjZmaMzWZ4ANOQFrY6gtzTpl3MWgq9k76YWaIiT5BahZ%2FLQik3hFbUDRSNTMwVIn3dpemGiq0ioXajH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 769195055a5ab50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnbun.com/upload/eluosi7.jpg
172.67.159.172200 OK 44 kB URL HTTP/2 cdnbun.com/upload/eluosi7.jpg
IP 172.67.159.172:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 20c2f0d2bd9bacf3e9501caa39cb6afa
1545ff103685bbee77523671489fde07316a9528
0555d158de2282c34e0152b3c098a71e232e55e22dc2372195b4a07c339cb219
GET /upload/eluosi7.jpg HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://williamreed2.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 19:12:57 GMT
content-type: image/jpeg
content-length: 43680
x-guploader-uploadid: ADPycdvvsXqgRHmW7DRNDFBg-HhjuN4WyoYO0cdNSppEtSBk38g3yB4JLFloTZSuZN_-fmyiLBKLJ_GSlx-LxaR8tuZh
expires: Sat, 12 Nov 2022 18:43:42 GMT
cache-control: public, max-age=14400
last-modified: Sun, 06 Nov 2022 15:30:34 GMT
etag: "20c2f0d2bd9bacf3e9501caa39cb6afa"
x-goog-generation: 1667748634373494
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43680
x-goog-hash: crc32c=OWN0ZQ==, md5=IMLw0r2brPPpUByqOctq+g==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 3359
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1WDn%2F0K521QnI3o0ulK9oUIJr%2FM%2Fd%2FjOH6C3A%2BGq2hm%2F8E38QiIW%2B8UIwr72gblOZ2rwnAt08%2FApYTrBPWrqaAxN%2FlcwfP7j%2FNnxpr0GoO5nQlruUSQlTssCdJDF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 769195055a5cb50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e421ad56e3964a31c4d3fa98e9ed2a42
a54bb98ae66b64acbc77cbe34d56399eed20725f
e476388b5f70a4287cd72edd3bc523ac7c759969e52ebd01873bef0d3ad5fb42
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "E476388B5F70A4287CD72EDD3BC523AC7C759969E52EBD01873BEF0D3AD5FB42"
Last-Modified: Thu, 10 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=386
Expires: Sat, 12 Nov 2022 19:19:23 GMT
Date: Sat, 12 Nov 2022 19:12:57 GMT
Connection: keep-alive
cdnbun.com/upload/maxirs-show3.jpg
172.67.159.172200 OK 56 kB URL HTTP/2 cdnbun.com/upload/maxirs-show3.jpg
IP 172.67.159.172:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 520x304, components 3\012- data
Hash 679c314d4e3a1374bf0d7e85ba5b20d9
6567692480fcb71636d1d0a9d22f59123ff4a6b3
fe20ae9f578a0ace1fdea3653b0ff5d94722b628721449810437f105a7675fbe
GET /upload/maxirs-show3.jpg HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://williamreed2.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 19:12:57 GMT
content-type: image/jpeg
content-length: 55739
x-guploader-uploadid: ADPycds1TdNyElPL9ck4Y6QVVopyGdPaZH311mkJ0g9hPs03C8yExY2AUiknDiUIU_1xQVBADqhjVTDhVtuOy8C17dIXowXQAOFX
expires: Sat, 12 Nov 2022 18:20:10 GMT
cache-control: public, max-age=14400
last-modified: Tue, 08 Nov 2022 15:00:07 GMT
etag: "679c314d4e3a1374bf0d7e85ba5b20d9"
x-goog-generation: 1667919607279605
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 55739
x-goog-hash: crc32c=sfQBrw==, md5=Z5wxTU46E3S/DX6Fulsg2Q==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 3359
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Miji853GqlyreJh7IBGvBC9HTU2itmAs1Uyp2MG9uEVKnjmqyPhkqmxqkgOXPizuyJkINdg75C0rrSV%2BFizybPpOqZqFExp2Q5QSF%2BWRv7pN7DnFx%2FKlO8APPtAx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 769195055a5fb50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnbun.com/upload/eluosi3.jpg
172.67.159.172200 OK 38 kB URL HTTP/2 cdnbun.com/upload/eluosi3.jpg
IP 172.67.159.172:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 298x300, components 3\012- data
Hash 7db0eb8ceaed837f0ca84259666d772c
5827b535ebe361c9e67d3018dba43af2aec23d9c
0002d9a7e17e7055745fc33e10f59964b0a7c02d97f97d5a7164b6b8d8690ab3
GET /upload/eluosi3.jpg HTTP/1.1
Host: cdnbun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://williamreed2.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 19:12:57 GMT
content-type: image/jpeg
content-length: 37782
x-guploader-uploadid: ADPycds0gfZbaltsk37HJjeUTJxNef8eI8KQaDZGKG2AYjLEr5TUm7I6FXlpQN-Y5EVyI6T6fc7EYZYvUvxD7i5NmaMUZA
expires: Sat, 12 Nov 2022 18:45:37 GMT
cache-control: public, max-age=14400
last-modified: Sun, 06 Nov 2022 15:30:32 GMT
etag: "7db0eb8ceaed837f0ca84259666d772c"
x-goog-generation: 1667748632386510
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 37782
x-goog-hash: crc32c=DWxDLA==, md5=fbDrjOrtg38MqEJZZm13LA==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 3359
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3cv8M8Yn%2BmZU5b4d2%2FuM7Px176%2BDeshOyVSSmTQnsidUyL%2FTVohAosyN8eI7cECR0mVQ8d5eQsWv3b3nygS5lIdCKSxrKw8k6Zk3bjPwU9ElKfdRJlZjeNmzjVl4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 769195055a61b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 1.2 kB IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
File type gzip compressed data, from Unix\012- data
Hash 42479f5a2c1bf5640afd0cab275213a8
dd6f1fe541f568acd18e0d34cd8469d0f59ef03a
e44ec458e6c3f4a6a8fe2bf8ed9eef4d8fdabe43b5a7860f72e6b7fb3aedf854
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E6BD66EFEC55156B6A78A740EF11DE8EBAA28FD96DB347E6726533D27B5C7F57"
Last-Modified: Thu, 10 Nov 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7863
Expires: Sat, 12 Nov 2022 21:24:00 GMT
Date: Sat, 12 Nov 2022 19:12:57 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e421ad56e3964a31c4d3fa98e9ed2a42
a54bb98ae66b64acbc77cbe34d56399eed20725f
e476388b5f70a4287cd72edd3bc523ac7c759969e52ebd01873bef0d3ad5fb42
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "E476388B5F70A4287CD72EDD3BC523AC7C759969E52EBD01873BEF0D3AD5FB42"
Last-Modified: Thu, 10 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7600
Expires: Sat, 12 Nov 2022 21:19:37 GMT
Date: Sat, 12 Nov 2022 19:12:57 GMT
Connection: keep-alive
cdnkey.net/upload/L%C3%A9a%20Fenet.jpg
172.67.198.109200 OK 38 kB URL HTTP/2 cdnkey.net/upload/L%C3%A9a%20Fenet.jpg
IP 172.67.198.109:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 6a0ee2d82e9e2e4a63af4bd8ec9df5a5
414f34e24d67e585298128249813d2cb54e6ed5d
4da5f51a7c92309a3b29ebf422e5460dc307e5d75e2cf83b486d8703abb2b97a
GET /upload/L%C3%A9a%20Fenet.jpg HTTP/1.1
Host: cdnkey.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://williamreed2.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 19:12:57 GMT
content-type: image/jpeg
content-length: 38178
x-guploader-uploadid: ADPycdu-TOMquUxM8Xr9a6kM_Nw2xW2v0ZMtU7g-Tl529PFV226_2d9meqEpuiWT2f46uCx21u_QzOeHu0LZGVlx8AEJvmBovCck
expires: Sat, 12 Nov 2022 19:06:47 GMT
cache-control: public, max-age=14400
last-modified: Mon, 05 Sep 2022 11:50:38 GMT
etag: "6a0ee2d82e9e2e4a63af4bd8ec9df5a5"
x-goog-generation: 1662378638779924
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 38178
x-goog-hash: crc32c=qUuqiw==, md5=ag7i2C6eLkpjr0vY7J31pQ==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 532
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rUa69nd9Cw5nADFgW3w%2Flrbyo%2FBNkJ51CbyuoQ5aziaAWGt%2F578OM5JjbdGE9e7G5oImCYfuNrbZaS9HbUZTWxuRccNK3CkDbfw3zO1%2FtQZqqt%2FiLY85QgQQQo3r"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76919505deb90b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-YP3DQB03D8
142.250.74.168200 OK 76 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-YP3DQB03D8
IP 142.250.74.168:0
File type ASCII text, with very long lines (19102)
Hash c91b0b9b36ed33ebccd6a6b02f8bfdf9
ce6c95029ae2ecec1c481ef42c2b7e46bf12f146
6daedfce5ef07e3118efb35086b900929ef9de45f5cb80cd086f9891d7dff734
GET /gtag/js?id=G-YP3DQB03D8 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://williamreed2.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 12 Nov 2022 19:12:57 GMT
expires: Sat, 12 Nov 2022 19:12:57 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75983
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdnkey.net/upload/Lisa%20Medina.jpg
172.67.198.109200 OK 36 kB URL HTTP/2 cdnkey.net/upload/Lisa%20Medina.jpg
IP 172.67.198.109:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 4bd77e3ff3ee8b51b5629f1e8c1ff918
39f72588e628585e791661fa931d8b189af3cbf1
6d208d57ec5b3d4262efceeaf20f828d825d62b2a1fd10b8ab2302887432062d
GET /upload/Lisa%20Medina.jpg HTTP/1.1
Host: cdnkey.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://williamreed2.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 19:12:57 GMT
content-type: image/jpeg
content-length: 35911
x-guploader-uploadid: ADPycdvl2KECsVdwiMoD0AtIE3Om0QZSxAlN_UpI-h7oXC7Y0yrgSd5sUrdllFGlFxABZDZOg-AlvhU-L24tEm7oozkqDIU8LTvu
expires: Sat, 12 Nov 2022 19:02:15 GMT
cache-control: public, max-age=14400
last-modified: Mon, 05 Sep 2022 11:50:39 GMT
etag: "4bd77e3ff3ee8b51b5629f1e8c1ff918"
x-goog-generation: 1662378639908000
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 35911
x-goog-hash: crc32c=f5osLQ==, md5=S9d+P/Pui1G1Yp8ejB/5GA==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 532
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KLOJPQnW8vyi8cA3NNWunY0ry8FLbGOdj41ouKY1DDlUVoZvyQgocu6zsumAJDKrKmt1kTgYhL%2BdTkk171BYJkzHMq%2BdwLDNbgPx6pVYTam8g2z1cPY7cNrDrm1n"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76919505deb80b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 351a509aec6ff598291ef80400a396fc
6ef04a2e2072ec071862caaca391c67cf1a98716
757907e320788f454f433aebd6658990b78a61acf49e72ea583e42edf90a92b5
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "757907E320788F454F433AEBD6658990B78A61ACF49E72EA583E42EDF90A92B5"
Last-Modified: Fri, 11 Nov 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4345
Expires: Sat, 12 Nov 2022 20:25:22 GMT
Date: Sat, 12 Nov 2022 19:12:57 GMT
Connection: keep-alive
cdnkey.net/upload/Sarah%20Belli.jpg
172.67.198.109200 OK 16 kB URL HTTP/2 cdnkey.net/upload/Sarah%20Belli.jpg
IP 172.67.198.109:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash a0a0a8e5df2a3013b2a9c46045f4d1e5
5de61b171986a6739fc18ff2dbc159ef14b716ed
4f5fdc4238663f38e62a441654ba94baeb21a0f5145a2dadb4d89c80afe12732
GET /upload/Sarah%20Belli.jpg HTTP/1.1
Host: cdnkey.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://williamreed2.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 19:12:57 GMT
content-type: image/jpeg
content-length: 16424
x-guploader-uploadid: ADPycduPz-YAsOFiWEGKrYe6Wjz0crei4cAesqLCjMpwYMwgG9XW0pWGAp17VVlVZWy-W31em3tC1dkOrYpL_6KNwPNp3Zh2b7bT
expires: Sat, 12 Nov 2022 18:52:20 GMT
cache-control: public, max-age=14400
last-modified: Mon, 05 Sep 2022 11:50:40 GMT
etag: "a0a0a8e5df2a3013b2a9c46045f4d1e5"
x-goog-generation: 1662378640959698
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 16424
x-goog-hash: crc32c=g7EkQA==, md5=oKCo5d8qMBOyqcRgRfTR5Q==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 532
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nAbvCCGSeb95ZJy2bOpgjqCK2sLeOgXrrUNE1XCdo5ZRthqO7oeXlQ%2B5zvhCw2XwHdTNC8735tjTlXY9TXROHNOO7Inquf2dPfBWNX0606%2F5UMncGtf8Sg%2B04Wq7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 769195060ee10b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash c775d596b0fedd03953a6cef2534585c
ad8df70569da8c5dcdf6efcf89593769c5f709c7
26d627979d9bb65935cc1ccf62d326d413933f2836d6a5b5a54397a5ff0166d2
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 19:12:57 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "03F559D6C804819ED40CF2D035014358F874AFE9"
Expires: Sun, 13 Nov 2022 05:00:00 GMT
Last-Modified: Sat, 12 Nov 2022 17:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3140
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76919505fb2fb50f-OSL
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 53e88b46b02c3c4a5e6e0882a91709f8
e1672d6faa3af6db07a4b15b9fc251d441ec119e
088faa4b1f94d12e14a5a20f2b39fa8f6af903dd6fd05eb07e9efaef54194d5c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 19:12:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e421ad56e3964a31c4d3fa98e9ed2a42
a54bb98ae66b64acbc77cbe34d56399eed20725f
e476388b5f70a4287cd72edd3bc523ac7c759969e52ebd01873bef0d3ad5fb42
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "E476388B5F70A4287CD72EDD3BC523AC7C759969E52EBD01873BEF0D3AD5FB42"
Last-Modified: Thu, 10 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7600
Expires: Sat, 12 Nov 2022 21:19:37 GMT
Date: Sat, 12 Nov 2022 19:12:57 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash e7dc2623cb841be51d3e8857e015d8e1
cbfdb2a7b965598de893fef89d47e17763501acf
df1fc0809a603469e6abcf1f07a13d792550d68c862f80e38c00e47e9b233a5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 19:12:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.google-analytics.com/g/collect?v=2&tid=G-YP3DQB03D8>m=2oeb90&_p=1199708650&cid=1161696405.1668280377&ul=en-us&sr=1280x1024&_s=1&sid=1668280376&sct=1&seg=0&dl=https%3A%2F%2Fwilliamreed2.cn%2FJHEWxHvv%2Fmaxi-mrs%2F%3F_t%3D1668280374959pswxvb&dr=http%3A%2F%2Fcs8r76.cyou%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-YP3DQB03D8>m=2oeb90&_p=1199708650&cid=1161696405.1668280377&ul=en-us&sr=1280x1024&_s=1&sid=1668280376&sct=1&seg=0&dl=https%3A%2F%2Fwilliamreed2.cn%2FJHEWxHvv%2Fmaxi-mrs%2F%3F_t%3D1668280374959pswxvb&dr=http%3A%2F%2Fcs8r76.cyou%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-YP3DQB03D8>m=2oeb90&_p=1199708650&cid=1161696405.1668280377&ul=en-us&sr=1280x1024&_s=1&sid=1668280376&sct=1&seg=0&dl=https%3A%2F%2Fwilliamreed2.cn%2FJHEWxHvv%2Fmaxi-mrs%2F%3F_t%3D1668280374959pswxvb&dr=http%3A%2F%2Fcs8r76.cyou%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://williamreed2.cn
Connection: keep-alive
Referer: https://williamreed2.cn/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://williamreed2.cn
date: Sat, 12 Nov 2022 19:12:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 18e32b075862830813f86c7c43be3686
58026069311b7eb1de8ffdeff485312f56cf07e9
61ee6f5bc5ac9e1831e71cdcf93d6c612b4b5f8fce910ba608d02d9ccd2697ab
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 19:12:58 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 16 Nov 2022 18:01:55 GMT
ETag: "58026069311b7eb1de8ffdeff485312f56cf07e9"
Last-Modified: Sat, 12 Nov 2022 18:01:56 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1202
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7691950b6b38b50f-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash 18e32b075862830813f86c7c43be3686
58026069311b7eb1de8ffdeff485312f56cf07e9
61ee6f5bc5ac9e1831e71cdcf93d6c612b4b5f8fce910ba608d02d9ccd2697ab
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 19:12:58 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 16 Nov 2022 18:01:55 GMT
ETag: "58026069311b7eb1de8ffdeff485312f56cf07e9"
Last-Modified: Sat, 12 Nov 2022 18:01:56 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1202
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7691950b696bb4ff-OSL
cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css
172.67.151.125200 OK 25 kB URL HTTP/2 cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css
IP 172.67.151.125:0
File type ASCII text, with very long lines (65321), with CRLF line terminators
Hash 92a1fdd3ffacb9d6b6f22fa56c533748
c32e8b43a54abd86655c94c04225ca0a18b9d343
70887e8b1faf6d8891c081f92bdb1a6896f48539bdcec98cb334c9e927cea1bc
GET /npm/bootstrap@4.6.0/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://williamreed2.cn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 19:12:57 GMT
content-type: text/css
x-guploader-uploadid: ADPycduCHwg6n53VPzNb_-57qJzhoPJbEBdMgpsWgTX19t4NIh3Tdte6MCXenDGQTAuiJrpSRG3G9WDZErClLNvZVXhXccOSWw
expires: Sat, 12 Nov 2022 19:12:50 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:38:12 GMT
etag: W/"feba0d0760607b9e21393156949afcd9"
x-goog-generation: 1647502692716912
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 161415
x-goog-hash: crc32c=Sb/HMQ==, md5=/roNB2Bge54hOTFWlJr82Q==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 2738
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HqUhG7uVBBHVi1IFyHA9nDXRziUMKJ6HPZmNk8V8hWjKqiag367%2FInLxBPtsLByYWDrFaXYCCTKKuCLGPi%2BUmMUeoZbGZvdb7PWqH9Qd5QgM0VwT3gP1oy9yTsebEmFAe84%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76919504dd60fab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?e580d24a0af01241d534439cfcc0c10c
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?e580d24a0af01241d534439cfcc0c10c
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (623)
Hash d58ae1e88a95198ddff5c6ae1ea7cf2a
9a9f8ee5b70b095f727efbec75c19270252b3e4b
bf240a0841d8cbe690d450f1c7330dcbaaac78ac53bdff22c2bbb82a8756d703
GET /hm.js?e580d24a0af01241d534439cfcc0c10c HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://williamreed2.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11336
Content-Type: application/javascript
Date: Sat, 12 Nov 2022 19:12:58 GMT
Etag: 4c22336f2b8b204397997b5d604b20a9
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=158E0DF50641202A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?b521817f22507716e364b3fe28644f8b
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?b521817f22507716e364b3fe28644f8b
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (657)
Hash 680177b117634ddec6e03952ffbc4dcc
f7ad557083d553253d21e01d747735beeef3fd4b
29b5e5cce40bdccbc3a9389eb954c81492b92390627615b93390dd2848fb647d
GET /hm.js?b521817f22507716e364b3fe28644f8b HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://williamreed2.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11370
Content-Type: application/javascript
Date: Sat, 12 Nov 2022 19:12:58 GMT
Etag: 4c0ec09d4fd44745c7c1ddf5e19132c0
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=7C6C401E0EC0F56A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?56e88f4811e3805467cb732ab652fc8a
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?56e88f4811e3805467cb732ab652fc8a
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (622)
Hash d3c9c90d4ab6b4915cd3c3cada378207
15b64f2a0ce49e42b1d2ea5e2872bf5249028fd2
727722fd69749cb08338437bf4f92efe393373bc3560c8afc5631abadcd1f539
GET /hm.js?56e88f4811e3805467cb732ab652fc8a HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://williamreed2.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11335
Content-Type: application/javascript
Date: Sat, 12 Nov 2022 19:12:58 GMT
Etag: 1023a69846e873467150e5eebf9fd8ff
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=1B715C5CAE54E702; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?ea2ee73301e76b2a5eba19eacb2eea69
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?ea2ee73301e76b2a5eba19eacb2eea69
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (663)
Hash 50ec61b74ceb4bbb086b0bbf37c3bfb5
5e5b25d65f96b2271c52eae97885dacc8c3e44a2
aea5763f779de22771efa5dbee4e55ebfa7a916679030900d22380f473a6cd33
GET /hm.js?ea2ee73301e76b2a5eba19eacb2eea69 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://williamreed2.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11376
Content-Type: application/javascript
Date: Sat, 12 Nov 2022 19:12:58 GMT
Etag: fafaf0c6dd3c3ca0fb953533a34b9432
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=26A407E40EC6C711; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=902899544&si=e580d24a0af01241d534439cfcc0c10c&su=http%3A%2F%2Fcs8r76.cyou%2F&v=1.2.97&lv=1&sn=21418&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwilliamreed2.cn%2FJHEWxHvv%2Fmaxi-mrs%2F%3F_t%3D1668280374959pswxvb%231668280377033
103.235.46.191200 OK 691 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=902899544&si=e580d24a0af01241d534439cfcc0c10c&su=http%3A%2F%2Fcs8r76.cyou%2F&v=1.2.97&lv=1&sn=21418&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwilliamreed2.cn%2FJHEWxHvv%2Fmaxi-mrs%2F%3F_t%3D1668280374959pswxvb%231668280377033
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash 3fef6700c9051946b5bf63f75c4a7635
699cf3be8ddd7c383bdd80e0a3aed1a5735c7aa1
ec665fce2f6b30458aec41bff6cffc9c016ff47f0b8153e32ec39a54cb9cbdf1
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=902899544&si=e580d24a0af01241d534439cfcc0c10c&su=http%3A%2F%2Fcs8r76.cyou%2F&v=1.2.97&lv=1&sn=21418&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwilliamreed2.cn%2FJHEWxHvv%2Fmaxi-mrs%2F%3F_t%3D1668280374959pswxvb%231668280377033 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://williamreed2.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 12 Nov 2022 19:12:59 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=08C67EC4101393E4; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=84158900&si=b521817f22507716e364b3fe28644f8b&su=http%3A%2F%2Fcs8r76.cyou%2F&v=1.2.97&lv=1&sn=21418&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwilliamreed2.cn%2FJHEWxHvv%2Fmaxi-mrs%2F%3F_t%3D1668280374959pswxvb%231668280377033
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=84158900&si=b521817f22507716e364b3fe28644f8b&su=http%3A%2F%2Fcs8r76.cyou%2F&v=1.2.97&lv=1&sn=21418&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwilliamreed2.cn%2FJHEWxHvv%2Fmaxi-mrs%2F%3F_t%3D1668280374959pswxvb%231668280377033
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=84158900&si=b521817f22507716e364b3fe28644f8b&su=http%3A%2F%2Fcs8r76.cyou%2F&v=1.2.97&lv=1&sn=21418&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwilliamreed2.cn%2FJHEWxHvv%2Fmaxi-mrs%2F%3F_t%3D1668280374959pswxvb%231668280377033 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://williamreed2.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 12 Nov 2022 19:12:59 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=6F67FF646F7DDAF8; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1932475763&si=56e88f4811e3805467cb732ab652fc8a&su=http%3A%2F%2Fcs8r76.cyou%2F&v=1.2.97&lv=1&sn=21418&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwilliamreed2.cn%2FJHEWxHvv%2Fmaxi-mrs%2F%3F_t%3D1668280374959pswxvb%231668280377033
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1932475763&si=56e88f4811e3805467cb732ab652fc8a&su=http%3A%2F%2Fcs8r76.cyou%2F&v=1.2.97&lv=1&sn=21418&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwilliamreed2.cn%2FJHEWxHvv%2Fmaxi-mrs%2F%3F_t%3D1668280374959pswxvb%231668280377033
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1932475763&si=56e88f4811e3805467cb732ab652fc8a&su=http%3A%2F%2Fcs8r76.cyou%2F&v=1.2.97&lv=1&sn=21418&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwilliamreed2.cn%2FJHEWxHvv%2Fmaxi-mrs%2F%3F_t%3D1668280374959pswxvb%231668280377033 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://williamreed2.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 12 Nov 2022 19:12:59 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=6AA637072FECE51B; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2034801434&si=ea2ee73301e76b2a5eba19eacb2eea69&su=http%3A%2F%2Fcs8r76.cyou%2F&v=1.2.97&lv=1&sn=21419&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwilliamreed2.cn%2FJHEWxHvv%2Fmaxi-mrs%2F%3F_t%3D1668280374959pswxvb%231668280377033
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2034801434&si=ea2ee73301e76b2a5eba19eacb2eea69&su=http%3A%2F%2Fcs8r76.cyou%2F&v=1.2.97&lv=1&sn=21419&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwilliamreed2.cn%2FJHEWxHvv%2Fmaxi-mrs%2F%3F_t%3D1668280374959pswxvb%231668280377033
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=2034801434&si=ea2ee73301e76b2a5eba19eacb2eea69&su=http%3A%2F%2Fcs8r76.cyou%2F&v=1.2.97&lv=1&sn=21419&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fwilliamreed2.cn%2FJHEWxHvv%2Fmaxi-mrs%2F%3F_t%3D1668280374959pswxvb%231668280377033 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://williamreed2.cn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Sat, 12 Nov 2022 19:12:59 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=7801ED618DF83C13; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9f88d70-47ed-4a86-9b90-ea63f189df00.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9f88d70-47ed-4a86-9b90-ea63f189df00.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 94a390953f36bf9902cb9f04007c36c1
13535f16f207d4c19c1b6019757f6739a4531eeb
37d73300955a979e5b9d3dabc6e924c4e9734c6c63d92c42c709f8cb0d5aeabb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9f88d70-47ed-4a86-9b90-ea63f189df00.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5902
x-amzn-requestid: 9c8be25c-9c96-4861-89c8-8b7bf06ffc16
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdNBrH2DoAMFqbg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec20a-6c770a86581d1f7f4599684f;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:43:38 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ncUYc6gH2CYjxAwoVCC4MEj8Va5GGn1ZAg-gBmFtm5gzYIe898Ittg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:45:12 GMT
age: 77271
etag: "13535f16f207d4c19c1b6019757f6739a4531eeb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/js/bootstrap.min.js
172.67.151.125200 OK 0 B URL HTTP/2 cdn.jsdelivr.cc/npm/bootstrap@4.6.0/dist/js/bootstrap.min.js
IP 172.67.151.125:0
GET /npm/bootstrap@4.6.0/dist/js/bootstrap.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://williamreed2.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 19:12:57 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycdv0chj5F1Awc6K7Usaiie2qXL87Fxg5kp7mYqQH9s8HWV5Nuv0HuTqJ2hz1F5xUG9MGapUfK4P-pfLXRasYr-w
expires: Sat, 12 Nov 2022 18:33:09 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:36:54 GMT
etag: W/"c99230d2575380d7f95ff626606d2426"
x-goog-generation: 1647502614200576
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 63473
x-goog-hash: crc32c=x2l+AA==, md5=yZIw0ldTgNf5X/YmYG0kJg==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 2738
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wBjNHiDuGAIZkUTaZlS%2F1zxKjjMg%2BRk4Og7kUUIRiHO54uHxXEvu0z5ge3r62tFhEaVxOdpG9cbIIDdzw44UkAD5LRFZGzs4Aj9U2pjOaSY7AKW7IIeMfgzos3mR88m8%2BCE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76919504dd5dfab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
uprimp.com/bnr.php?section=General&pub=593174&format=300x50&ga=g
185.66.200.220200 OK 0 B URL HTTP/2 uprimp.com/bnr.php?section=General&pub=593174&format=300x50&ga=g
IP 185.66.200.220:0
ASN #201702 skHosting.eu s.r.o.
GET /bnr.php?section=General&pub=593174&format=300x50&ga=g HTTP/1.1
Host: uprimp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://williamreed2.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 19:12:57 GMT
content-type: application/javascript
expires: Sat, 12 Nov 2022 19:12:57 GMT
last-modified: Sat, 12 Nov 2022 19:12:57 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
X-Firefox-Spdy: h2
bonepa.com/js/responsive.js
185.66.201.42200 OK 0 B URL HTTP/2 bonepa.com/js/responsive.js
IP 185.66.201.42:0
ASN #201702 skHosting.eu s.r.o.
Analyzer Verdict Alert fortinet Phishing
GET /js/responsive.js HTTP/1.1
Host: bonepa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://williamreed2.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 19:12:57 GMT
content-type: application/javascript
last-modified: Wed, 02 Nov 2022 13:52:39 GMT
etag: W/"63627627-e32"
content-encoding: br
X-Firefox-Spdy: h2
bonepa.com/4fe48aebd6/4f59451604/?placementName=Pop&is_first=true&randomA=0_9338&maxw=0
185.66.201.42200 OK 0 B URL HTTP/2 bonepa.com/4fe48aebd6/4f59451604/?placementName=Pop&is_first=true&randomA=0_9338&maxw=0
IP 185.66.201.42:0
ASN #201702 skHosting.eu s.r.o.
GET /4fe48aebd6/4f59451604/?placementName=Pop&is_first=true&randomA=0_9338&maxw=0 HTTP/1.1
Host: bonepa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://williamreed2.cn/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 19:12:59 GMT
content-type: text/html; charset=UTF-8
set-cookie: shown1=0; expires=Sun, 13-Nov-2022 19:12:59 GMT; Max-Age=86400; secure; SameSite=None
used_ad2633257=1; expires=Sun, 13-Nov-2022 04:59:59 GMT; Max-Age=35220; path=/; secure; SameSite=None
total_impressions=1; expires=Sun, 13-Nov-2022 04:59:59 GMT; Max-Age=35220; secure; SameSite=None
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
uprimp.com/bnr_xload.php?section=General&pub=593174&format=300x50&ga=g&xt=166828037786384&xtt=809029
185.66.200.220200 OK 0 B URL HTTP/2 uprimp.com/bnr_xload.php?section=General&pub=593174&format=300x50&ga=g&xt=166828037786384&xtt=809029
IP 185.66.200.220:0
ASN #201702 skHosting.eu s.r.o.
GET /bnr_xload.php?section=General&pub=593174&format=300x50&ga=g&xt=166828037786384&xtt=809029 HTTP/1.1
Host: uprimp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://williamreed2.cn/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 19:12:57 GMT
content-type: text/html; charset=UTF-8
expires: Sat, 12 Nov 2022 19:12:57 GMT
last-modified: Sat, 12 Nov 2022 19:12:57 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
X-Firefox-Spdy: h2
cdn.jsdelivr.cc/npm/popper.js@1.16.1/dist/umd/popper.min.js
172.67.151.125200 OK 0 B URL HTTP/2 cdn.jsdelivr.cc/npm/popper.js@1.16.1/dist/umd/popper.min.js
IP 172.67.151.125:0
GET /npm/popper.js@1.16.1/dist/umd/popper.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://williamreed2.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 19:12:57 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycdt8iAiFUD-J6NleyhXb8_vV8-wAPh_5tba_l2ugugXdkSJbrWiN1EsoSHZyahG4iSEJB_zV100HdRQRWXjd72Q
expires: Sat, 12 Nov 2022 18:28:33 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:44:44 GMT
etag: W/"31c898c6d2ea13c30441657ff1900d81"
x-goog-generation: 1647503084523089
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 21236
x-goog-hash: crc32c=7cW0Gg==, md5=MciYxtLqE8MEQWV/8ZANgQ==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 2738
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qlz8dK31wObb4n56YG4d8rNUSbJpF1fBNw6Ph3eSDjArMS8KsZZgxjNXwWcjvP5hVRLqELa6jE1qEXAI6u9hSxhlkzKzMWtrMKtabUL2kJpq82m%2FRcF2MEBlITECIEndPQw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 769195050d79fab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.cc/npm/lazyload@2.0.0-rc.2/lazyload.min.js
172.67.151.125200 OK 0 B URL HTTP/2 cdn.jsdelivr.cc/npm/lazyload@2.0.0-rc.2/lazyload.min.js
IP 172.67.151.125:0
GET /npm/lazyload@2.0.0-rc.2/lazyload.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://williamreed2.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 19:12:57 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycdsQwI6S5jC2ZwwNbaEnMvjelWJ3GXYdnwkp6yGGRsWcMv2CGKN45430-s2v57JOsXldQJq3rMwQOTmm_DkHtW4
x-goog-generation: 1647502963816044
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 4798
x-goog-hash: crc32c=lted8w==, md5=3G3pgTxxS6mXM8pPtdOh+g==
x-goog-storage-class: STANDARD
expires: Sat, 12 Nov 2022 19:12:24 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:42:43 GMT
etag: W/"dc6de9813c714ba99733ca4fb5d3a1fa"
cf-cache-status: HIT
age: 2738
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p1uWgSUV3ox%2FnN7%2FrDZxhxlJMgPNheS30IYlq0wjULCtc3nK%2FCpOz%2FEZWZRWLMmYKsyLgtIfi1pA%2BUHaWncJ%2BAqzRWglFhiS0qirzkHBP%2BC13mGdK2y47Wf43gyE1hCymjs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 769195051d86fab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.cc/npm/sweetalert2@10.16.0/dist/sweetalert2.all.min.js
172.67.151.125200 OK 0 B URL HTTP/2 cdn.jsdelivr.cc/npm/sweetalert2@10.16.0/dist/sweetalert2.all.min.js
IP 172.67.151.125:0
GET /npm/sweetalert2@10.16.0/dist/sweetalert2.all.min.js HTTP/1.1
Host: cdn.jsdelivr.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://williamreed2.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 19:12:57 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycds_5oPtcr3KFpC_u7Lnvdlqz8VeCGxAgHcXFP3zMljDMh6Q0ifyAwrLV7e0dbEbUBwQbF9kY0g0GrHWdqicRh8
expires: Sat, 12 Nov 2022 19:14:58 GMT
cache-control: public, max-age=3600
last-modified: Thu, 17 Mar 2022 07:40:39 GMT
etag: W/"80924b62e5b3ac73aa4849776b439770"
x-goog-generation: 1647502839791727
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 72765
x-goog-hash: crc32c=8ZRUYw==, md5=gJJLYuWzrHOqSEl3a0OXcA==
x-goog-storage-class: STANDARD
cf-cache-status: HIT
age: 2738
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cEeITO2pZDCKh6sso9q%2BtltyuWj7we8VetAq6E5NEK0oTlFmMRa0NeSVuKzPia5c8DlLDwdSq8iwD%2FEBhjnxi%2BZgYDra12GoYJMjzqyoyn%2B40vd6APDRoJLKEGULd%2FKrH1Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76919504cd56fab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2