firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 17 Sep 2022 14:11:25 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 2-ULYZxQgKibDY2tEpHH-Crn6GnllIkKS3KwXLzhDC5nrrybFykMRg==
Age: 2723
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b0d651d83075c7a68e3c6a9204226150
294785e3f3a67cdd5f1a530b83a2cbd2c2cc0665
17cbb43fd6662576ba3fe8e06cf44247c903c1313cc419053599c41e286a2442
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17CBB43FD6662576BA3FE8E06CF44247C903C1313CC419053599C41E286A2442"
Last-Modified: Thu, 15 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18614
Expires: Sat, 17 Sep 2022 20:07:02 GMT
Date: Sat, 17 Sep 2022 14:56:48 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 17 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: yYVAjM4ZtNkMHTG4Xw22HryJKNniCdF7kXr_L3KMtcHDdPEWotIe7Q==
age: 41166
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 17 Sep 2022 14:56:48 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 17 Sep 2022 14:03:22 GMT
Cache-Control: max-age=3600
Expires: Sat, 17 Sep 2022 14:41:08 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: JxBkMNYAua_JoZzFBlB9ewl0DkO1YT-ufC0hG30YNeL-IcDgywAnrQ==
Age: 3206
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bf936030bfa7ca937c95432a566b70d1
acb994f0d7e9e1c120374ba2bbfb54954e5f80be
856e47b47794d92d9567e33057a508cacdf966ba97097c7cffa1e77eb1f96654
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "856E47B47794D92D9567E33057A508CACDF966BA97097C7CFFA1E77EB1F96654"
Last-Modified: Fri, 16 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21579
Expires: Sat, 17 Sep 2022 20:56:27 GMT
Date: Sat, 17 Sep 2022 14:56:48 GMT
Connection: keep-alive
engineeringforchange.info/wp-content/xx/MadeInChinaX3D/index.html
50.87.146.45200 OK 5.8 kB URL HTTP/2 engineeringforchange.info/wp-content/xx/MadeInChinaX3D/index.html
IP 50.87.146.45:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ISO-8859 text, with very long lines (4278), with CRLF line terminators
Hash 3a21a349051115675eaa982f7fc4c059
960a0db04b6f3d70f3d7a9132398fc6ec3d24fbe
c270d59e56b7de95323e857b8934680a915c38856049372e7853096edb74d677
Analyzer Verdict Alert openphish Made-In-China
fortinet Phishing
GET /wp-content/xx/MadeInChinaX3D/index.html HTTP/1.1
Host: engineeringforchange.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sat, 17 Sep 2022 14:56:48 GMT
server: Apache
content-type: text/html
content-length: 5786
last-modified: Thu, 14 Oct 2021 04:36:30 GMT
vary: Accept-Encoding
content-encoding: gzip
x-server-cache: true
x-proxy-cache: EXPIRED
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9bf3402af9fef57aa11ffe2943728de4
a3a443aab8226d212be9698623717dd06e46c720
54987a5417af4a99d78532e502cf4685dd3372c1e9f717a8907f3d2b7c8926eb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3046
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 14:56:49 GMT
Last-Modified: Sat, 17 Sep 2022 14:06:03 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
engineeringforchange.info/wp-content/xx/MadeInChinaX3D/js/jquery-3.3.1.js
50.87.146.45200 OK 8.6 kB URL HTTP/2 engineeringforchange.info/wp-content/xx/MadeInChinaX3D/js/jquery-3.3.1.js
IP 50.87.146.45:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (11315), with CRLF line terminators
Hash f147c47f24cea57ba71b885e54d15468
2beab8e912354f4c5e0d009045fb6a46dfc2b8d2
41f563229752489979f175e323dbad4c10627af635b82fae3fb8612fd2443e6c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/xx/MadeInChinaX3D/js/jquery-3.3.1.js HTTP/1.1
Host: engineeringforchange.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://engineeringforchange.info/wp-content/xx/MadeInChinaX3D/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Aug 2021 04:13:34 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8630
content-type: application/javascript
date: Sat, 17 Sep 2022 14:56:49 GMT
server: Apache
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.81.125.88101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.81.125.88:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 5rzWKIdvl3vcF9v0bGy4SQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: pwAbCVsakXnIdvOGYTzdTwrnPCA=
engineeringforchange.info/wp-content/xx/MadeInChinaX3D/js/popper.min.js
50.87.146.45500 Internal Server Error 0 B URL HTTP/2 engineeringforchange.info/wp-content/xx/MadeInChinaX3D/js/popper.min.js
IP 50.87.146.45:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/xx/MadeInChinaX3D/js/popper.min.js HTTP/1.1
Host: engineeringforchange.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://engineeringforchange.info/wp-content/xx/MadeInChinaX3D/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 500 Internal Server Error
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 17 Sep 2022 14:56:49 GMT
server: Apache
X-Firefox-Spdy: h2
engineeringforchange.info/wp-content/xx/MadeInChinaX3D/js/jquery-3.2.1.slim.min.js
50.87.146.45500 Internal Server Error 0 B URL HTTP/2 engineeringforchange.info/wp-content/xx/MadeInChinaX3D/js/jquery-3.2.1.slim.min.js
IP 50.87.146.45:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/xx/MadeInChinaX3D/js/jquery-3.2.1.slim.min.js HTTP/1.1
Host: engineeringforchange.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://engineeringforchange.info/wp-content/xx/MadeInChinaX3D/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 500 Internal Server Error
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 17 Sep 2022 14:56:49 GMT
server: Apache
X-Firefox-Spdy: h2
engineeringforchange.info/wp-content/xx/MadeInChinaX3D/images/sign-default-buyer.jpg
50.87.146.45200 OK 59 kB URL HTTP/2 engineeringforchange.info/wp-content/xx/MadeInChinaX3D/images/sign-default-buyer.jpg
IP 50.87.146.45:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 400x400, components 3\012- data
Hash aad747a416ac43e97070741668013b7d
545d66347ffafc166225f72072fb915ae52b970e
844419cc2fe07888ab11bb6dd264a3d66225851ad62645dfc3044657e9963af3
GET /wp-content/xx/MadeInChinaX3D/images/sign-default-buyer.jpg HTTP/1.1
Host: engineeringforchange.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://engineeringforchange.info/wp-content/xx/MadeInChinaX3D/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 14 Oct 2021 01:08:20 GMT
accept-ranges: bytes
content-length: 59332
content-type: image/jpeg
date: Sat, 17 Sep 2022 14:56:49 GMT
server: Apache
X-Firefox-Spdy: h2
engineeringforchange.info/wp-content/xx/MadeInChinaX3D/js/popper.min.js
50.87.146.45500 Internal Server Error 0 B URL HTTP/2 engineeringforchange.info/wp-content/xx/MadeInChinaX3D/js/popper.min.js
IP 50.87.146.45:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/xx/MadeInChinaX3D/js/popper.min.js HTTP/1.1
Host: engineeringforchange.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://engineeringforchange.info/wp-content/xx/MadeInChinaX3D/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 500 Internal Server Error
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 17 Sep 2022 14:56:49 GMT
server: Apache
X-Firefox-Spdy: h2
engineeringforchange.info/wp-content/xx/MadeInChinaX3D/js/jquery.min.js
50.87.146.45200 OK 42 kB URL HTTP/2 engineeringforchange.info/wp-content/xx/MadeInChinaX3D/js/jquery.min.js
IP 50.87.146.45:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 8d42adfbeb127bb0ca94355487c4ea7a
ed5c67e6b18568503c8a2e9fa1854024ca7350aa
69860d1e2488bd3aa44a35a9cad4af7a88cd62cc6e4c537ee1afc3de871c5a64
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/xx/MadeInChinaX3D/js/jquery.min.js HTTP/1.1
Host: engineeringforchange.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://engineeringforchange.info/wp-content/xx/MadeInChinaX3D/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Aug 2021 04:13:34 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Sat, 17 Sep 2022 14:56:49 GMT
server: Apache
X-Firefox-Spdy: h2
engineeringforchange.info/wp-content/xx/MadeInChinaX3D/js/jquery-3.1.1.min.js
50.87.146.45200 OK 58 kB URL HTTP/2 engineeringforchange.info/wp-content/xx/MadeInChinaX3D/js/jquery-3.1.1.min.js
IP 50.87.146.45:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 1537b6e122cb8bb7b469953732e5dc5e
ae64a24cdf6df92987f422d8339b5cd4dc0b885c
3849f14eb0eb6a8dce7ef76b37e9718b34245d7bcf0eb1dcb5de01c90ae2dab3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/xx/MadeInChinaX3D/js/jquery-3.1.1.min.js HTTP/1.1
Host: engineeringforchange.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://engineeringforchange.info/wp-content/xx/MadeInChinaX3D/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Aug 2021 04:13:34 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Sat, 17 Sep 2022 14:56:49 GMT
server: Apache
X-Firefox-Spdy: h2
www.micstatic.com/common/font/micon/micon-2/micon_3425a96d.woff2?v=20201103
104.18.21.229200 OK 26 kB URL HTTP/2 www.micstatic.com/common/font/micon/micon-2/micon_3425a96d.woff2?v=20201103
IP 104.18.21.229:0
File type Web Open Font Format (Version 2), TrueType, length 25720, version 1.0\012- data
Hash 90c821175fe52b5e89497d4249dce3b6
0bbacc3050dcf88f37fd6042a6719f83ba6ad83a
18a097b5625eaee94db4a26223016d2f31b7b5f5529bc599ea183f551e5c13d3
GET /common/font/micon/micon-2/micon_3425a96d.woff2?v=20201103 HTTP/1.1
Host: www.micstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://engineeringforchange.info
Connection: keep-alive
Referer: https://engineeringforchange.info/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 17 Sep 2022 14:56:50 GMT
content-type: font/woff2
content-length: 25720
last-modified: Tue, 07 Jun 2022 11:17:37 GMT
etag: "629f33d1-6478"
expires: Tue, 14 Sep 2032 14:56:50 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 74c2b0d8ed37b50b-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9b19d20af774aa4c4de18c09845d54b9
cd0d41b4957edf5b2f7f66df082b7d1010acceb8
067f454a8ba17fba5f10b67b6a594edd9d9775beb5fb87cb6c98ff462a9f2fe1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 14:56:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-T39J99&r=1634120031144
142.250.74.72200 OK 81 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-T39J99&r=1634120031144
IP 142.250.74.72:0
File type Unicode text, UTF-8 text, with very long lines (38280)
Hash 2ad041584f07b60cc79c7facdc6199f8
85bc5718ec8343db181bde96c59ee24f8ba96a13
b9ac9b11b5ff06294eb4e460cab36387cc413ede5b11ad096523454a84249aa0
GET /gtm.js?id=GTM-T39J99&r=1634120031144 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://engineeringforchange.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 17 Sep 2022 14:56:50 GMT
expires: Sat, 17 Sep 2022 14:56:50 GMT
cache-control: private, max-age=900
last-modified: Sat, 17 Sep 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 80682
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pylon.micstatic.com/gb/js/assets/probe/probe.min.js?r=1634120031144
104.18.21.229200 OK 19 kB URL HTTP/2 pylon.micstatic.com/gb/js/assets/probe/probe.min.js?r=1634120031144
IP 104.18.21.229:0
Hash 96a9ab28f33fa454cfa21aa94a8b4d22
f623302de8cb93adb035a424fec570f66cf4cc1d
06013d1ede530e9e6cde3d8a73054b3c45a1b18b10a55c894c56ac94f9d9fde9
GET /gb/js/assets/probe/probe.min.js?r=1634120031144 HTTP/1.1
Host: pylon.micstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://engineeringforchange.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 17 Sep 2022 14:56:50 GMT
content-type: application/javascript
last-modified: Thu, 15 Sep 2022 10:28:40 GMT
etag: W/"6322fe58-9c39"
test: mic_test
content-encoding: gzip
cf-cache-status: HIT
age: 113985
expires: Sat, 17 Sep 2022 18:56:50 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 74c2b0d99bb6b511-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5d12cc59489773babbc650161772d674
6fa23d626e8a64d98e59984567cd4dc42c648833
f43eae2b85acffc988fbc2c97e18ae1c013217db2cbe24df14dd3b8c35d0ff27
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 14:56:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fa.micstatic.com/probe/map.gif?v=211112&t=a&d=%7Bpub%3A%7Bpuid%3A%221gd5v704bc6e%22%2Clinkid%3A%221gd5v704bc6e%22%2Curl%3A%22engineeringforchange.info%252Fwp-content%252Fxx%252FMadeInChinaX3D%252Findex.html%22%2Creferrer%3A%22%22%2Cpdr%3A%221%22%2Ctz%3A%220%22%2Clan%3A%22en-US%22%2Cbn%3A%22Firefox%22%2Cnv%3A%2296.0%22%2Con%3A%22Linux%22%2Cov%3A%22x86_64%22%7D%2Ccookies%3A%7B%7D%2Ccore%3A%7Ba%3A%22-1%22%2Cb%3A%22178%22%2Cc%3A%22494%22%2Cd%3A%220%22%2Ce%3A%22235%22%2Cf%3A%221%22%2Cst%3A%22-1%22%2Cg%3A%22869%22%2Ch%3A%221107%22%2Ci%3A%221836%22%2Cj%3A%22-1%22%2Cl%3A%2220%22%2Co%3A%220%22%2Clcp%3A%22-1%22%2Cfcp%3A%221651%22%2Cm%3A%220%22%2Ck%3A%222059%22%2Cp%3A%22333%22%2Cx%3A%7B%7D%2Cs%3A%221280*1024%7C1280*939%22%7D%7D
104.18.24.206200 OK 35 B URL HTTP/2 fa.micstatic.com/probe/map.gif?v=211112&t=a&d=%7Bpub%3A%7Bpuid%3A%221gd5v704bc6e%22%2Clinkid%3A%221gd5v704bc6e%22%2Curl%3A%22engineeringforchange.info%252Fwp-content%252Fxx%252FMadeInChinaX3D%252Findex.html%22%2Creferrer%3A%22%22%2Cpdr%3A%221%22%2Ctz%3A%220%22%2Clan%3A%22en-US%22%2Cbn%3A%22Firefox%22%2Cnv%3A%2296.0%22%2Con%3A%22Linux%22%2Cov%3A%22x86_64%22%7D%2Ccookies%3A%7B%7D%2Ccore%3A%7Ba%3A%22-1%22%2Cb%3A%22178%22%2Cc%3A%22494%22%2Cd%3A%220%22%2Ce%3A%22235%22%2Cf%3A%221%22%2Cst%3A%22-1%22%2Cg%3A%22869%22%2Ch%3A%221107%22%2Ci%3A%221836%22%2Cj%3A%22-1%22%2Cl%3A%2220%22%2Co%3A%220%22%2Clcp%3A%22-1%22%2Cfcp%3A%221651%22%2Cm%3A%220%22%2Ck%3A%222059%22%2Cp%3A%22333%22%2Cx%3A%7B%7D%2Cs%3A%221280*1024%7C1280*939%22%7D%7D
IP 104.18.24.206:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /probe/map.gif?v=211112&t=a&d=%7Bpub%3A%7Bpuid%3A%221gd5v704bc6e%22%2Clinkid%3A%221gd5v704bc6e%22%2Curl%3A%22engineeringforchange.info%252Fwp-content%252Fxx%252FMadeInChinaX3D%252Findex.html%22%2Creferrer%3A%22%22%2Cpdr%3A%221%22%2Ctz%3A%220%22%2Clan%3A%22en-US%22%2Cbn%3A%22Firefox%22%2Cnv%3A%2296.0%22%2Con%3A%22Linux%22%2Cov%3A%22x86_64%22%7D%2Ccookies%3A%7B%7D%2Ccore%3A%7Ba%3A%22-1%22%2Cb%3A%22178%22%2Cc%3A%22494%22%2Cd%3A%220%22%2Ce%3A%22235%22%2Cf%3A%221%22%2Cst%3A%22-1%22%2Cg%3A%22869%22%2Ch%3A%221107%22%2Ci%3A%221836%22%2Cj%3A%22-1%22%2Cl%3A%2220%22%2Co%3A%220%22%2Clcp%3A%22-1%22%2Cfcp%3A%221651%22%2Cm%3A%220%22%2Ck%3A%222059%22%2Cp%3A%22333%22%2Cx%3A%7B%7D%2Cs%3A%221280*1024%7C1280*939%22%7D%7D HTTP/1.1
Host: fa.micstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://engineeringforchange.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 17 Sep 2022 14:56:50 GMT
content-type: image/gif
content-length: 35
last-modified: Thu, 15 Sep 2022 10:28:40 GMT
etag: "6322fe58-23"
accept-ranges: bytes
timing-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74c2b0dadd20b4f7-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4abe181b1d086cd7e122d7de32f63fb6
e3482d4df0d59c247109ff7fb97f20ec6f142c4d
63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10869
Expires: Sat, 17 Sep 2022 17:57:59 GMT
Date: Sat, 17 Sep 2022 14:56:50 GMT
Connection: keep-alive
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
104.18.11.207200 OK 15 kB URL HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
IP 104.18.11.207:0
File type ASCII text, with very long lines (50758)
Hash 86f8a9b1d1a56da7e6b0cfdafd5252fe
acd98a37b42f911a00a8493f69c587c35bc7510c
74af17f41dd2241e0227497f1824760acaa37acd306afb969cc69f3f12d4b82c
GET /bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://engineeringforchange.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 17 Sep 2022 14:56:49 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-cachedat: 11/15/2021 23:30:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: a35b0179a28ed953258d0fb41376a09c
cdn-cache: HIT
cf-cache-status: HIT
age: 6470457
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74c2b0d3fb50b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4abe181b1d086cd7e122d7de32f63fb6
e3482d4df0d59c247109ff7fb97f20ec6f142c4d
63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10869
Expires: Sat, 17 Sep 2022 17:57:59 GMT
Date: Sat, 17 Sep 2022 14:56:50 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9ba7347-38d8-40e3-9b29-41a380f99ed5.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9ba7347-38d8-40e3-9b29-41a380f99ed5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c35b7f5f8e1b0b24570a41b7d18533a
c5b82c9d77851820b8d206573d5c03cd36d27a20
bb2456b31c48e6ebc9595c2bb9972b74531e93dd02ec4571d5af614f2d116ec7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9ba7347-38d8-40e3-9b29-41a380f99ed5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6109
x-amzn-requestid: 271b006e-9d17-46ba-9eed-22fd638c4e9e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ2AhHZgIAMFlSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d039c-444e7d6b22f2a08f7215a986;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:37:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CIWYkrbRUTWVmy3JC5GbpBN1i30fwtYqGDyoA9ehbPANY7gw7al9ow==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 00:42:42 GMT
age: 51248
etag: "c5b82c9d77851820b8d206573d5c03cd36d27a20"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0b772c6-a258-481b-9f13-545de0b247e7.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0b772c6-a258-481b-9f13-545de0b247e7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 571f174a66e87ea77b36542c6c7a29a4
5dc0ef56244f8a5ddbb7823e25c61312860b2d0f
e624e35cc734b8cacc2a8eaa80c81175a879c1195d7a4c65cdcd769836b96a1b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe0b772c6-a258-481b-9f13-545de0b247e7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9280
x-amzn-requestid: acc18b78-3596-4d7d-9124-8bdb422171f5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YU5qsHsVoAMFm0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ea311-460db789669ecf5f1ad4d3c4;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 03:10:09 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3FqpHvXOa57CepJAzZ7IMViWsC5WSwTEjIqDCC58cFFewd6-xr4moA==
via: 1.1 bb568be725e8f0bfefe1fb7412e5804a.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 23:32:58 GMT
age: 55432
etag: "5dc0ef56244f8a5ddbb7823e25c61312860b2d0f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd5675c7-5120-4f61-bd91-8c4d9af84130.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd5675c7-5120-4f61-bd91-8c4d9af84130.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7a22ab7dcdf50f4a297b8e117d336eae
e139a0974317212f094fdbe59e26ca5cf6b9e56d
9b4c23c1bb2e4fcd140ce34bf83f315f09b45202c569cb74113c2e65c4031dcd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd5675c7-5120-4f61-bd91-8c4d9af84130.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7788
x-amzn-requestid: 2cb48f87-8b72-4ff7-b041-a6e704b854a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YIP2-HFHoAMFssA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6319935f-693e2f2e5a0bcd9f690f21fa;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 07:01:51 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 65YRttsQYzjUMMZXrtAFPdgTPNQuRGnLFliXrcoc24iQgrdBCHolNQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 22:31:11 GMT
age: 59139
etag: "e139a0974317212f094fdbe59e26ca5cf6b9e56d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e43d1ff-79bc-430f-826f-2af5ae602556.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e43d1ff-79bc-430f-826f-2af5ae602556.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d46a910081eb782408f1a2fa3c6aabba
28ac45ef155c66dd79a306f14d3b38f597b6a32e
d5787a6a12d275555c627e3245b37d4e751148345a09d5671b343cfebe7173b4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e43d1ff-79bc-430f-826f-2af5ae602556.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8500
x-amzn-requestid: e1ca6cef-c033-4887-80cf-2014ab8e620c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Ykn5cEnLIAMFrzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6324ed09-3afc16cf66fef0e62dd6f3cc;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 21:39:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BaRpWB_XOMxTJPufnSjd4KSfecRwLe9U5W7uEoXy7pgAa4KSC0n7eg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 22:03:28 GMT
age: 60802
etag: "28ac45ef155c66dd79a306f14d3b38f597b6a32e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F269c619b-7793-4ef9-ae9d-9464582f4b56.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F269c619b-7793-4ef9-ae9d-9464582f4b56.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1f1583c126dab43886a89cda3f82d760
5740a5507f21449319597ef49dbb456cbf7372b5
3b8ea2490bd6d777ec64358a84a07bdb1ccd4a6dfa30969feed45cfa7725745f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F269c619b-7793-4ef9-ae9d-9464582f4b56.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12221
x-amzn-requestid: ede87d50-8626-40bf-bb1a-d3f95e252f87
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YknUrGuqIAMF7tA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6324ec1d-2952b2ba7271a5b516295a55;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 21:35:25 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: YYSEIw0DmOePLbviwIigaNWxlKzqTFrurV_maW5JaW7Ahij-HtioaA==
via: 1.1 d1d67b07408bba8c682597d8303642e2.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 21:54:30 GMT
age: 61340
etag: "5740a5507f21449319597ef49dbb456cbf7372b5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcaf888ee-3a5f-426b-9b83-8ea161780db3.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcaf888ee-3a5f-426b-9b83-8ea161780db3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9c807387d303abb2bca1ef14b14c9e26
428fe80d3f35758433a6b2cf25e6bcb5f63a6a63
277a74204dc8bec8a227ca43cdb840b5dda71f74e8aec56606e862e70a5ba19c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcaf888ee-3a5f-426b-9b83-8ea161780db3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5234
x-amzn-requestid: 55e23e9a-f85c-42f2-87b6-aff3646bf1fc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yknn_EFzoAMF2Ag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6324ec99-62f023426230c7b46116d4b7;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 21:37:29 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: fb2wN0gTI9OKgDghf1u4DKwrADkYcS5_7LIxaLxmbo0OciwezGh_LA==
via: 1.1 95785220a566cd050f3ad80928463374.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 21:41:22 GMT
etag: "428fe80d3f35758433a6b2cf25e6bcb5f63a6a63"
content-type: image/jpeg
age: 62128
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fa.micstatic.com/sc/sa.gif?project=MICEN&data=eyJkaXN0aW5jdF9pZCI6IjE4MzRiZjM4MGMyMTg0LTAxMmUxYmFlYjk4YmRlLTMwNmQ0NjRhLTEzMTA3MjAtMTgzNGJmMzgwYzM1YzMiLCJsaWIiOnsiJGxpYiI6ImpzIiwiJGxpYl9tZXRob2QiOiJjb2RlIiwiJGxpYl92ZXJzaW9uIjoiMS4xNS4xMyJ9LCJwcm9wZXJ0aWVzIjp7IiRmaXJzdF92aXNpdF90aW1lIjoiMjAyMi0wOS0xNyAxNDo1NjozMi45NjkiLCIkZmlyc3RfcmVmZXJyZXIiOiIiLCIkZmlyc3RfYnJvd3Nlcl9sYW5ndWFnZSI6ImVuLVVTIiwiJGZpcnN0X2Jyb3dzZXJfY2hhcnNldCI6IkdCSyIsIiRmaXJzdF90cmFmZmljX3NvdXJjZV90eXBlIjoi6ZCp5a2Y5bi05ai05L6A5Zm6IiwiJGZpcnN0X3NlYXJjaF9rZXl3b3JkIjoi6Y%2BI7oGE5b2H6Y2S5p2%2F4oKs57Ot6ZCp5a2Y5bi06Y615pKz57SRIn0sImFub255bW91c19pZCI6IjE4MzRiZjM4MGMyMTg0LTAxMmUxYmFlYjk4YmRlLTMwNmQ0NjRhLTEzMTA3MjAtMTgzNGJmMzgwYzM1YzMiLCJ0eXBlIjoicHJvZmlsZV9zZXRfb25jZSIsIl90cmFja19pZCI6ODgyMzUyOTcwfQ%3D%3D&ext=crc%3D1775617575
104.18.24.206200 OK 43 B URL HTTP/2 fa.micstatic.com/sc/sa.gif?project=MICEN&data=eyJkaXN0aW5jdF9pZCI6IjE4MzRiZjM4MGMyMTg0LTAxMmUxYmFlYjk4YmRlLTMwNmQ0NjRhLTEzMTA3MjAtMTgzNGJmMzgwYzM1YzMiLCJsaWIiOnsiJGxpYiI6ImpzIiwiJGxpYl9tZXRob2QiOiJjb2RlIiwiJGxpYl92ZXJzaW9uIjoiMS4xNS4xMyJ9LCJwcm9wZXJ0aWVzIjp7IiRmaXJzdF92aXNpdF90aW1lIjoiMjAyMi0wOS0xNyAxNDo1NjozMi45NjkiLCIkZmlyc3RfcmVmZXJyZXIiOiIiLCIkZmlyc3RfYnJvd3Nlcl9sYW5ndWFnZSI6ImVuLVVTIiwiJGZpcnN0X2Jyb3dzZXJfY2hhcnNldCI6IkdCSyIsIiRmaXJzdF90cmFmZmljX3NvdXJjZV90eXBlIjoi6ZCp5a2Y5bi05ai05L6A5Zm6IiwiJGZpcnN0X3NlYXJjaF9rZXl3b3JkIjoi6Y%2BI7oGE5b2H6Y2S5p2%2F4oKs57Ot6ZCp5a2Y5bi06Y615pKz57SRIn0sImFub255bW91c19pZCI6IjE4MzRiZjM4MGMyMTg0LTAxMmUxYmFlYjk4YmRlLTMwNmQ0NjRhLTEzMTA3MjAtMTgzNGJmMzgwYzM1YzMiLCJ0eXBlIjoicHJvZmlsZV9zZXRfb25jZSIsIl90cmFja19pZCI6ODgyMzUyOTcwfQ%3D%3D&ext=crc%3D1775617575
IP 104.18.24.206:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /sc/sa.gif?project=MICEN&data=eyJkaXN0aW5jdF9pZCI6IjE4MzRiZjM4MGMyMTg0LTAxMmUxYmFlYjk4YmRlLTMwNmQ0NjRhLTEzMTA3MjAtMTgzNGJmMzgwYzM1YzMiLCJsaWIiOnsiJGxpYiI6ImpzIiwiJGxpYl9tZXRob2QiOiJjb2RlIiwiJGxpYl92ZXJzaW9uIjoiMS4xNS4xMyJ9LCJwcm9wZXJ0aWVzIjp7IiRmaXJzdF92aXNpdF90aW1lIjoiMjAyMi0wOS0xNyAxNDo1NjozMi45NjkiLCIkZmlyc3RfcmVmZXJyZXIiOiIiLCIkZmlyc3RfYnJvd3Nlcl9sYW5ndWFnZSI6ImVuLVVTIiwiJGZpcnN0X2Jyb3dzZXJfY2hhcnNldCI6IkdCSyIsIiRmaXJzdF90cmFmZmljX3NvdXJjZV90eXBlIjoi6ZCp5a2Y5bi05ai05L6A5Zm6IiwiJGZpcnN0X3NlYXJjaF9rZXl3b3JkIjoi6Y%2BI7oGE5b2H6Y2S5p2%2F4oKs57Ot6ZCp5a2Y5bi06Y615pKz57SRIn0sImFub255bW91c19pZCI6IjE4MzRiZjM4MGMyMTg0LTAxMmUxYmFlYjk4YmRlLTMwNmQ0NjRhLTEzMTA3MjAtMTgzNGJmMzgwYzM1YzMiLCJ0eXBlIjoicHJvZmlsZV9zZXRfb25jZSIsIl90cmFja19pZCI6ODgyMzUyOTcwfQ%3D%3D&ext=crc%3D1775617575 HTTP/1.1
Host: fa.micstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://engineeringforchange.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 17 Sep 2022 14:56:50 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: Mon, 28 Sep 1970 05:00:00 GMT
timing-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74c2b0dadd25b4f7-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3154e09c924dc77116733b3584ae892c
07ab7a6d08a4d5990fa82c505aae54c94b34bc1d
d404c4d40d3d759739d4ac0a7573f43f4e8111805d1d46302f72e35ea265e873
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3382
Cache-Control: max-age=168115
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 14:56:50 GMT
Etag: "6325c0af-1d7"
Expires: Mon, 19 Sep 2022 13:38:45 GMT
Last-Modified: Sat, 17 Sep 2022 12:42:23 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
fa.micstatic.com/sc/sa.gif?project=MICEN&data=eyJkaXN0aW5jdF9pZCI6IjE4MzRiZjM4MGMyMTg0LTAxMmUxYmFlYjk4YmRlLTMwNmQ0NjRhLTEzMTA3MjAtMTgzNGJmMzgwYzM1YzMiLCJsaWIiOnsiJGxpYiI6ImpzIiwiJGxpYl9tZXRob2QiOiJjb2RlIiwiJGxpYl92ZXJzaW9uIjoiMS4xNS4xMyJ9LCJwcm9wZXJ0aWVzIjp7IiR0aW1lem9uZV9vZmZzZXQiOjAsIiRzY3JlZW5faGVpZ2h0IjoxMDI0LCIkc2NyZWVuX3dpZHRoIjoxMjgwLCIkbGliIjoianMiLCIkbGliX3ZlcnNpb24iOiIxLjE1LjEzIiwiJGxhdGVzdF90cmFmZmljX3NvdXJjZV90eXBlIjoi6ZCp5a2Y5bi05ai05L6A5Zm6IiwiJGxhdGVzdF9zZWFyY2hfa2V5d29yZCI6IumPiO6BhOW9h%2BmNkuadv%2BKCrOezremQqeWtmOW4tOmOteaSs%2Be0kSIsIiRsYXRlc3RfcmVmZXJyZXIiOiIiLCJwdl9pZCI6IjFnZDV2NzAwZTEzYiIsInBsYXRmb3JtX3R5cGUiOiIxIiwibGFuZ3VhZ2UiOiIxIiwibG9naW5faWQiOiIiLCIkcmVmZXJyZXIiOiIiLCIkdXJsIjoiaHR0cHM6Ly9lbmdpbmVlcmluZ2ZvcmNoYW5nZS5pbmZvL3dwLWNvbnRlbnQveHgvTWFkZUluQ2hpbmFYM0QvaW5kZXguaHRtbCIsIiR1cmxfcGF0aCI6Ii93cC1jb250ZW50L3h4L01hZGVJbkNoaW5hWDNEL2luZGV4Lmh0bWwiLCIkdGl0bGUiOiJNZXNzYWdlcyB8IE1hZGUgbG4gQ2hsbmEiLCIkaXNfZmlyc3RfZGF5Ijp0cnVlLCIkaXNfZmlyc3RfdGltZSI6dHJ1ZSwiJHJlZmVycmVyX2hvc3QiOiIiLCIkbGF0ZXN0X3JlZmVycmVyX2hvc3QiOiIifSwiYW5vbnltb3VzX2lkIjoiMTgzNGJmMzgwYzIxODQtMDEyZTFiYWViOThiZGUtMzA2ZDQ2NGEtMTMxMDcyMC0xODM0YmYzODBjMzVjMyIsInR5cGUiOiJ0cmFjayIsImV2ZW50IjoiJHBhZ2V2aWV3IiwiX3RyYWNrX2lkIjoxNDI2NTI5NzJ9&ext=crc%3D-1392052807
104.18.24.206200 OK 43 B URL HTTP/2 fa.micstatic.com/sc/sa.gif?project=MICEN&data=eyJkaXN0aW5jdF9pZCI6IjE4MzRiZjM4MGMyMTg0LTAxMmUxYmFlYjk4YmRlLTMwNmQ0NjRhLTEzMTA3MjAtMTgzNGJmMzgwYzM1YzMiLCJsaWIiOnsiJGxpYiI6ImpzIiwiJGxpYl9tZXRob2QiOiJjb2RlIiwiJGxpYl92ZXJzaW9uIjoiMS4xNS4xMyJ9LCJwcm9wZXJ0aWVzIjp7IiR0aW1lem9uZV9vZmZzZXQiOjAsIiRzY3JlZW5faGVpZ2h0IjoxMDI0LCIkc2NyZWVuX3dpZHRoIjoxMjgwLCIkbGliIjoianMiLCIkbGliX3ZlcnNpb24iOiIxLjE1LjEzIiwiJGxhdGVzdF90cmFmZmljX3NvdXJjZV90eXBlIjoi6ZCp5a2Y5bi05ai05L6A5Zm6IiwiJGxhdGVzdF9zZWFyY2hfa2V5d29yZCI6IumPiO6BhOW9h%2BmNkuadv%2BKCrOezremQqeWtmOW4tOmOteaSs%2Be0kSIsIiRsYXRlc3RfcmVmZXJyZXIiOiIiLCJwdl9pZCI6IjFnZDV2NzAwZTEzYiIsInBsYXRmb3JtX3R5cGUiOiIxIiwibGFuZ3VhZ2UiOiIxIiwibG9naW5faWQiOiIiLCIkcmVmZXJyZXIiOiIiLCIkdXJsIjoiaHR0cHM6Ly9lbmdpbmVlcmluZ2ZvcmNoYW5nZS5pbmZvL3dwLWNvbnRlbnQveHgvTWFkZUluQ2hpbmFYM0QvaW5kZXguaHRtbCIsIiR1cmxfcGF0aCI6Ii93cC1jb250ZW50L3h4L01hZGVJbkNoaW5hWDNEL2luZGV4Lmh0bWwiLCIkdGl0bGUiOiJNZXNzYWdlcyB8IE1hZGUgbG4gQ2hsbmEiLCIkaXNfZmlyc3RfZGF5Ijp0cnVlLCIkaXNfZmlyc3RfdGltZSI6dHJ1ZSwiJHJlZmVycmVyX2hvc3QiOiIiLCIkbGF0ZXN0X3JlZmVycmVyX2hvc3QiOiIifSwiYW5vbnltb3VzX2lkIjoiMTgzNGJmMzgwYzIxODQtMDEyZTFiYWViOThiZGUtMzA2ZDQ2NGEtMTMxMDcyMC0xODM0YmYzODBjMzVjMyIsInR5cGUiOiJ0cmFjayIsImV2ZW50IjoiJHBhZ2V2aWV3IiwiX3RyYWNrX2lkIjoxNDI2NTI5NzJ9&ext=crc%3D-1392052807
IP 104.18.24.206:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /sc/sa.gif?project=MICEN&data=eyJkaXN0aW5jdF9pZCI6IjE4MzRiZjM4MGMyMTg0LTAxMmUxYmFlYjk4YmRlLTMwNmQ0NjRhLTEzMTA3MjAtMTgzNGJmMzgwYzM1YzMiLCJsaWIiOnsiJGxpYiI6ImpzIiwiJGxpYl9tZXRob2QiOiJjb2RlIiwiJGxpYl92ZXJzaW9uIjoiMS4xNS4xMyJ9LCJwcm9wZXJ0aWVzIjp7IiR0aW1lem9uZV9vZmZzZXQiOjAsIiRzY3JlZW5faGVpZ2h0IjoxMDI0LCIkc2NyZWVuX3dpZHRoIjoxMjgwLCIkbGliIjoianMiLCIkbGliX3ZlcnNpb24iOiIxLjE1LjEzIiwiJGxhdGVzdF90cmFmZmljX3NvdXJjZV90eXBlIjoi6ZCp5a2Y5bi05ai05L6A5Zm6IiwiJGxhdGVzdF9zZWFyY2hfa2V5d29yZCI6IumPiO6BhOW9h%2BmNkuadv%2BKCrOezremQqeWtmOW4tOmOteaSs%2Be0kSIsIiRsYXRlc3RfcmVmZXJyZXIiOiIiLCJwdl9pZCI6IjFnZDV2NzAwZTEzYiIsInBsYXRmb3JtX3R5cGUiOiIxIiwibGFuZ3VhZ2UiOiIxIiwibG9naW5faWQiOiIiLCIkcmVmZXJyZXIiOiIiLCIkdXJsIjoiaHR0cHM6Ly9lbmdpbmVlcmluZ2ZvcmNoYW5nZS5pbmZvL3dwLWNvbnRlbnQveHgvTWFkZUluQ2hpbmFYM0QvaW5kZXguaHRtbCIsIiR1cmxfcGF0aCI6Ii93cC1jb250ZW50L3h4L01hZGVJbkNoaW5hWDNEL2luZGV4Lmh0bWwiLCIkdGl0bGUiOiJNZXNzYWdlcyB8IE1hZGUgbG4gQ2hsbmEiLCIkaXNfZmlyc3RfZGF5Ijp0cnVlLCIkaXNfZmlyc3RfdGltZSI6dHJ1ZSwiJHJlZmVycmVyX2hvc3QiOiIiLCIkbGF0ZXN0X3JlZmVycmVyX2hvc3QiOiIifSwiYW5vbnltb3VzX2lkIjoiMTgzNGJmMzgwYzIxODQtMDEyZTFiYWViOThiZGUtMzA2ZDQ2NGEtMTMxMDcyMC0xODM0YmYzODBjMzVjMyIsInR5cGUiOiJ0cmFjayIsImV2ZW50IjoiJHBhZ2V2aWV3IiwiX3RyYWNrX2lkIjoxNDI2NTI5NzJ9&ext=crc%3D-1392052807 HTTP/1.1
Host: fa.micstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://engineeringforchange.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 17 Sep 2022 14:56:50 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: Mon, 28 Sep 1970 05:00:00 GMT
timing-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74c2b0dc3f26b4f7-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b4a24f9aebdfdb06d10cd53e92a70bb8
c4532479dbd9636d8f5206faa085c520651eb5f2
1d330af2b423e351355f710f14cb771fa9918e8b6638c5076aba7bcda6c30936
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 14:56:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://engineeringforchange.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Sat, 17 Sep 2022 14:41:12 GMT
expires: Sat, 17 Sep 2022 16:41:12 GMT
cache-control: public, max-age=7200
age: 938
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 9ecd89752214ef749272eef344b9089a
70a58a49c08934265ee34c74efb01d6b3124095d
f76c51487e348977288fcaf83984cd8fe4e73758cc352402774d9eb94680d528
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://engineeringforchange.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: LUqz3XUlgfMw++uUlNvIeXnqiIxJcke8n2Q0xFcbTSI+aOMZ2T+2EDTYmp9UwQHd5j3yYGrSjsPkGJIrACg9dA==
priority: u=3,i
content-length: 26839
x-fb-trip-id: 1904183273
date: Sat, 17 Sep 2022 14:56:50 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bat.bing.com/bat.js
13.107.21.200200 OK 11 kB IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (38826), with no line terminators
Hash 293ae3e0fc8b0d5c143fdf9d8490228d
3976c659b908e70818a3a1ac71860b497fe2d1a9
04a840d967ae836e14179bde574cabf14a1fc871182ca0f8193e7a0b06c727ab
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://engineeringforchange.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11367
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ranges: bytes
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
set-cookie: MUID=28CA05354D1F65DB04DB17174CEA649B; domain=.bing.com; expires=Thu, 12-Oct-2023 14:56:50 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E7B0765811AC41FEA83B61B0A37911D6 Ref B: OSL30EDGE0208 Ref C: 2022-09-17T14:56:50Z
date: Sat, 17 Sep 2022 14:56:50 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 13fec77b59dae4bb9410a06357423a2f
086b7b536283f0a18742c3e43397762f78cdccf8
66b85a264ec591ece4c49e1f6a5da676436319845540139888e0b5e4906c5f16
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 14:56:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/conversion_async.js
142.250.74.164200 OK 16 kB URL HTTP/2 www.google.com/pagead/conversion_async.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (1654)
Hash 890f716858b5f72587e47c5eca121cb5
91871a0acd9a0ab644d51036bb5ca0c3bdc5e687
7a3629e375468328b3fb25e1a6cc5749604f09099e8d2109f366e7e0226aee4a
GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://engineeringforchange.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 17 Sep 2022 14:56:50 GMT
expires: Sat, 17 Sep 2022 14:56:50 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 3080337328058561381
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 15693
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3154e09c924dc77116733b3584ae892c
07ab7a6d08a4d5990fa82c505aae54c94b34bc1d
d404c4d40d3d759739d4ac0a7573f43f4e8111805d1d46302f72e35ea265e873
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3382
Cache-Control: max-age=168115
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 14:56:50 GMT
Etag: "6325c0af-1d7"
Expires: Mon, 19 Sep 2022 13:38:45 GMT
Last-Modified: Sat, 17 Sep 2022 12:42:23 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VEFCZRQMG4&cid=1326226577.1663426593>m=2oe9e0&aip=1&z=46882159
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VEFCZRQMG4&cid=1326226577.1663426593>m=2oe9e0&aip=1&z=46882159
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VEFCZRQMG4&cid=1326226577.1663426593>m=2oe9e0&aip=1&z=46882159 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://engineeringforchange.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 17 Sep 2022 14:56:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 9730b7d7d5f0481f65712991a899f4b8
facb4df5e4a4ac98b9bdd126c7dbb531cf0fe1e7
15d7d8acbcd94d9ca8579cc31a9ec621e76408663bc4b047e5e127acb14334a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 14:56:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 13fec77b59dae4bb9410a06357423a2f
086b7b536283f0a18742c3e43397762f78cdccf8
66b85a264ec591ece4c49e1f6a5da676436319845540139888e0b5e4906c5f16
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 14:56:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/action/0?ti=13001299&tm=gtm002&Ver=2&mid=9b550a56-9bc0-4a25-9aba-1c57ca5ac2ef&sid=ebc4fb60369811edac9adb0c1d4a058c&vid=ebc4f080369811ed92067bfa35cd7ee3&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Messages%20%7C%20Made%20ln%20Chlna&p=https%3A%2F%2Fengineeringforchange.info%2Fwp-content%2Fxx%2FMadeInChinaX3D%2Findex.html&r=<=2061&evt=pageLoad&sv=1&rn=202081
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=13001299&tm=gtm002&Ver=2&mid=9b550a56-9bc0-4a25-9aba-1c57ca5ac2ef&sid=ebc4fb60369811edac9adb0c1d4a058c&vid=ebc4f080369811ed92067bfa35cd7ee3&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Messages%20%7C%20Made%20ln%20Chlna&p=https%3A%2F%2Fengineeringforchange.info%2Fwp-content%2Fxx%2FMadeInChinaX3D%2Findex.html&r=<=2061&evt=pageLoad&sv=1&rn=202081
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=13001299&tm=gtm002&Ver=2&mid=9b550a56-9bc0-4a25-9aba-1c57ca5ac2ef&sid=ebc4fb60369811edac9adb0c1d4a058c&vid=ebc4f080369811ed92067bfa35cd7ee3&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Messages%20%7C%20Made%20ln%20Chlna&p=https%3A%2F%2Fengineeringforchange.info%2Fwp-content%2Fxx%2FMadeInChinaX3D%2Findex.html&r=<=2061&evt=pageLoad&sv=1&rn=202081 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://engineeringforchange.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=2DFE519CE2EA6B10067D43BEE31F6A28; domain=.bing.com; expires=Thu, 12-Oct-2023 14:56:51 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A31C8A4C6CF74217BCF13FC03745B9DF Ref B: OSL30EDGE0208 Ref C: 2022-09-17T14:56:51Z
date: Sat, 17 Sep 2022 14:56:50 GMT
X-Firefox-Spdy: h2
bat.bing.com/p/action/13001299.js
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/13001299.js
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/13001299.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://engineeringforchange.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=2281C64A50FE6C3A13DCD468510B6D5A; domain=.bing.com; expires=Thu, 12-Oct-2023 14:56:51 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 22E2B38C135C44A695330CDE846E884E Ref B: OSL30EDGE0208 Ref C: 2022-09-17T14:56:51Z
date: Sat, 17 Sep 2022 14:56:50 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c2900cacb3e6b33190e657a697ca589b
102eb3b32fc710cef2b7053100454c30d097bab3
d5bad2878173240c5dbcef360dd701c4f13de4576ba5dedbe882745ae7ea2fb0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 14:56:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/731984560/?random=1663426593700&cv=9&fst=1663426593700&num=1&label=v7ktCOKJmaMBELDlhN0C&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9e0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fengineeringforchange.info%2Fwp-content%2Fxx%2FMadeInChinaX3D%2Findex.html&tiba=Messages%20%7C%20Made%20ln%20Chlna&hn=www.google.com&async=1&rfmt=3&fmt=4
142.250.74.98200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/731984560/?random=1663426593700&cv=9&fst=1663426593700&num=1&label=v7ktCOKJmaMBELDlhN0C&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9e0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fengineeringforchange.info%2Fwp-content%2Fxx%2FMadeInChinaX3D%2Findex.html&tiba=Messages%20%7C%20Made%20ln%20Chlna&hn=www.google.com&async=1&rfmt=3&fmt=4
IP 142.250.74.98:0
File type ASCII text, with very long lines (2405), with no line terminators
Hash 36b68fe60f5a04abc9eeb80385b7921e
3d313edb7debeae9df302d6d93d3a4a97a2d061a
d50aa46ae343a966c776f3e256524d428a58cc8b536a436f220d38ab41bd23bd
GET /pagead/viewthroughconversion/731984560/?random=1663426593700&cv=9&fst=1663426593700&num=1&label=v7ktCOKJmaMBELDlhN0C&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9e0&sendb=1&ig=0&frm=0&url=https%3A%2F%2Fengineeringforchange.info%2Fwp-content%2Fxx%2FMadeInChinaX3D%2Findex.html&tiba=Messages%20%7C%20Made%20ln%20Chlna&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://engineeringforchange.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 17 Sep 2022 14:56:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1111
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 17-Sep-2022 15:11:51 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-37452587-1&cid=1326226577.1663426593&jid=811163697&gjid=1735157469&_gid=10956548.1663426594&_u=YADAAEAAAAAAAC~&z=232804006
142.251.1.155200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-37452587-1&cid=1326226577.1663426593&jid=811163697&gjid=1735157469&_gid=10956548.1663426594&_u=YADAAEAAAAAAAC~&z=232804006
IP 142.251.1.155:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-37452587-1&cid=1326226577.1663426593&jid=811163697&gjid=1735157469&_gid=10956548.1663426594&_u=YADAAEAAAAAAAC~&z=232804006 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://engineeringforchange.info
Connection: keep-alive
Referer: https://engineeringforchange.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://engineeringforchange.info
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 17 Sep 2022 14:56:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/g/collect?v=2&tid=G-VEFCZRQMG4&cid=1326226577.1663426593>m=2oe9e0&aip=1
142.251.1.155204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-VEFCZRQMG4&cid=1326226577.1663426593>m=2oe9e0&aip=1
IP 142.251.1.155:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-VEFCZRQMG4&cid=1326226577.1663426593>m=2oe9e0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://engineeringforchange.info
Connection: keep-alive
Referer: https://engineeringforchange.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: https://engineeringforchange.info
date: Sat, 17 Sep 2022 14:56:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-VEFCZRQMG4>m=2oe9e0&_p=171374120&_gaz=1&cid=1326226577.1663426593&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663426593&sct=1&seg=0&dl=https%3A%2F%2Fengineeringforchange.info%2Fwp-content%2Fxx%2FMadeInChinaX3D%2Findex.html&dt=Messages%20%7C%20Made%20ln%20Chlna&en=page_view&_fv=1&_nsi=1&_ss=1&ep.Page_Hostname=engineeringforchange.info
216.239.32.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-VEFCZRQMG4>m=2oe9e0&_p=171374120&_gaz=1&cid=1326226577.1663426593&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663426593&sct=1&seg=0&dl=https%3A%2F%2Fengineeringforchange.info%2Fwp-content%2Fxx%2FMadeInChinaX3D%2Findex.html&dt=Messages%20%7C%20Made%20ln%20Chlna&en=page_view&_fv=1&_nsi=1&_ss=1&ep.Page_Hostname=engineeringforchange.info
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-VEFCZRQMG4>m=2oe9e0&_p=171374120&_gaz=1&cid=1326226577.1663426593&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663426593&sct=1&seg=0&dl=https%3A%2F%2Fengineeringforchange.info%2Fwp-content%2Fxx%2FMadeInChinaX3D%2Findex.html&dt=Messages%20%7C%20Made%20ln%20Chlna&en=page_view&_fv=1&_nsi=1&_ss=1&ep.Page_Hostname=engineeringforchange.info HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://engineeringforchange.info
Connection: keep-alive
Referer: https://engineeringforchange.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://engineeringforchange.info
date: Sat, 17 Sep 2022 14:56:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fa.micstatic.com/sc/sa.gif?project=MICEN&data=eyJkaXN0aW5jdF9pZCI6IjE4MzRiZjM4MGMyMTg0LTAxMmUxYmFlYjk4YmRlLTMwNmQ0NjRhLTEzMTA3MjAtMTgzNGJmMzgwYzM1YzMiLCJsaWIiOnsiJGxpYiI6ImpzIiwiJGxpYl9tZXRob2QiOiJjb2RlIiwiJGxpYl92ZXJzaW9uIjoiMS4xNS4xMyJ9LCJwcm9wZXJ0aWVzIjp7IiR0aW1lem9uZV9vZmZzZXQiOjAsIiRzY3JlZW5faGVpZ2h0IjoxMDI0LCIkc2NyZWVuX3dpZHRoIjoxMjgwLCIkbGliIjoianMiLCIkbGliX3ZlcnNpb24iOiIxLjE1LjEzIiwiJGxhdGVzdF90cmFmZmljX3NvdXJjZV90eXBlIjoi6ZCp5a2Y5bi05ai05L6A5Zm6IiwiJGxhdGVzdF9zZWFyY2hfa2V5d29yZCI6IumPiO6BhOW9h%2BmNkuadv%2BKCrOezremQqeWtmOW4tOmOteaSs%2Be0kSIsIiRsYXRlc3RfcmVmZXJyZXIiOiIiLCJwdl9pZCI6IjFnZDV2NzAwZTEzYiIsInBsYXRmb3JtX3R5cGUiOiIxIiwibGFuZ3VhZ2UiOiIxIiwibG9naW5faWQiOiIiLCIkaXNfZmlyc3RfZGF5Ijp0cnVlLCIkbGF0ZXN0X3JlZmVycmVyX2hvc3QiOiIiLCIkdXJsIjoiaHR0cHM6Ly9lbmdpbmVlcmluZ2ZvcmNoYW5nZS5pbmZvL3dwLWNvbnRlbnQveHgvTWFkZUluQ2hpbmFYM0QvaW5kZXguaHRtbCJ9LCJhbm9ueW1vdXNfaWQiOiIxODM0YmYzODBjMjE4NC0wMTJlMWJhZWI5OGJkZS0zMDZkNDY0YS0xMzEwNzIwLTE4MzRiZjM4MGMzNWMzIiwidHlwZSI6InRyYWNrIiwiZXZlbnQiOiJmb3JtQWN0aW9uIiwiX3RyYWNrX2lkIjo5OTY3NjI5ODB9&ext=crc%3D-81241987
104.18.24.206200 OK 43 B URL HTTP/2 fa.micstatic.com/sc/sa.gif?project=MICEN&data=eyJkaXN0aW5jdF9pZCI6IjE4MzRiZjM4MGMyMTg0LTAxMmUxYmFlYjk4YmRlLTMwNmQ0NjRhLTEzMTA3MjAtMTgzNGJmMzgwYzM1YzMiLCJsaWIiOnsiJGxpYiI6ImpzIiwiJGxpYl9tZXRob2QiOiJjb2RlIiwiJGxpYl92ZXJzaW9uIjoiMS4xNS4xMyJ9LCJwcm9wZXJ0aWVzIjp7IiR0aW1lem9uZV9vZmZzZXQiOjAsIiRzY3JlZW5faGVpZ2h0IjoxMDI0LCIkc2NyZWVuX3dpZHRoIjoxMjgwLCIkbGliIjoianMiLCIkbGliX3ZlcnNpb24iOiIxLjE1LjEzIiwiJGxhdGVzdF90cmFmZmljX3NvdXJjZV90eXBlIjoi6ZCp5a2Y5bi05ai05L6A5Zm6IiwiJGxhdGVzdF9zZWFyY2hfa2V5d29yZCI6IumPiO6BhOW9h%2BmNkuadv%2BKCrOezremQqeWtmOW4tOmOteaSs%2Be0kSIsIiRsYXRlc3RfcmVmZXJyZXIiOiIiLCJwdl9pZCI6IjFnZDV2NzAwZTEzYiIsInBsYXRmb3JtX3R5cGUiOiIxIiwibGFuZ3VhZ2UiOiIxIiwibG9naW5faWQiOiIiLCIkaXNfZmlyc3RfZGF5Ijp0cnVlLCIkbGF0ZXN0X3JlZmVycmVyX2hvc3QiOiIiLCIkdXJsIjoiaHR0cHM6Ly9lbmdpbmVlcmluZ2ZvcmNoYW5nZS5pbmZvL3dwLWNvbnRlbnQveHgvTWFkZUluQ2hpbmFYM0QvaW5kZXguaHRtbCJ9LCJhbm9ueW1vdXNfaWQiOiIxODM0YmYzODBjMjE4NC0wMTJlMWJhZWI5OGJkZS0zMDZkNDY0YS0xMzEwNzIwLTE4MzRiZjM4MGMzNWMzIiwidHlwZSI6InRyYWNrIiwiZXZlbnQiOiJmb3JtQWN0aW9uIiwiX3RyYWNrX2lkIjo5OTY3NjI5ODB9&ext=crc%3D-81241987
IP 104.18.24.206:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /sc/sa.gif?project=MICEN&data=eyJkaXN0aW5jdF9pZCI6IjE4MzRiZjM4MGMyMTg0LTAxMmUxYmFlYjk4YmRlLTMwNmQ0NjRhLTEzMTA3MjAtMTgzNGJmMzgwYzM1YzMiLCJsaWIiOnsiJGxpYiI6ImpzIiwiJGxpYl9tZXRob2QiOiJjb2RlIiwiJGxpYl92ZXJzaW9uIjoiMS4xNS4xMyJ9LCJwcm9wZXJ0aWVzIjp7IiR0aW1lem9uZV9vZmZzZXQiOjAsIiRzY3JlZW5faGVpZ2h0IjoxMDI0LCIkc2NyZWVuX3dpZHRoIjoxMjgwLCIkbGliIjoianMiLCIkbGliX3ZlcnNpb24iOiIxLjE1LjEzIiwiJGxhdGVzdF90cmFmZmljX3NvdXJjZV90eXBlIjoi6ZCp5a2Y5bi05ai05L6A5Zm6IiwiJGxhdGVzdF9zZWFyY2hfa2V5d29yZCI6IumPiO6BhOW9h%2BmNkuadv%2BKCrOezremQqeWtmOW4tOmOteaSs%2Be0kSIsIiRsYXRlc3RfcmVmZXJyZXIiOiIiLCJwdl9pZCI6IjFnZDV2NzAwZTEzYiIsInBsYXRmb3JtX3R5cGUiOiIxIiwibGFuZ3VhZ2UiOiIxIiwibG9naW5faWQiOiIiLCIkaXNfZmlyc3RfZGF5Ijp0cnVlLCIkbGF0ZXN0X3JlZmVycmVyX2hvc3QiOiIiLCIkdXJsIjoiaHR0cHM6Ly9lbmdpbmVlcmluZ2ZvcmNoYW5nZS5pbmZvL3dwLWNvbnRlbnQveHgvTWFkZUluQ2hpbmFYM0QvaW5kZXguaHRtbCJ9LCJhbm9ueW1vdXNfaWQiOiIxODM0YmYzODBjMjE4NC0wMTJlMWJhZWI5OGJkZS0zMDZkNDY0YS0xMzEwNzIwLTE4MzRiZjM4MGMzNWMzIiwidHlwZSI6InRyYWNrIiwiZXZlbnQiOiJmb3JtQWN0aW9uIiwiX3RyYWNrX2lkIjo5OTY3NjI5ODB9&ext=crc%3D-81241987 HTTP/1.1
Host: fa.micstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://engineeringforchange.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 17 Sep 2022 14:56:51 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: Mon, 28 Sep 1970 05:00:00 GMT
timing-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74c2b0de1949b4f7-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fa86a62c870c1ce23fd85f73e99d7964
81af6fd2507bb58c6b040fd5f494de01d22e7102
76bc6fffeb8593064820e909edc5e4991cb4a5c1b609916a6021974665b5286f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 14:56:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fa86a62c870c1ce23fd85f73e99d7964
81af6fd2507bb58c6b040fd5f494de01d22e7102
76bc6fffeb8593064820e909edc5e4991cb4a5c1b609916a6021974665b5286f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 17 Sep 2022 14:56:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.facebook.com/tr/?id=2037053586588160&ev=PageView&dl=https%3A%2F%2Fengineeringforchange.info%2Fwp-content%2Fxx%2FMadeInChinaX3D%2Findex.html&rl=&if=false&ts=1663426593901&sw=1280&sh=1024&v=2.9.83&r=stable&ec=0&o=30&fbp=fb.1.1663426593900.1071545838&it=1663426593691&coo=false&rqm=GET
31.13.72.36200 OK 44 B URL HTTP/2 www.facebook.com/tr/?id=2037053586588160&ev=PageView&dl=https%3A%2F%2Fengineeringforchange.info%2Fwp-content%2Fxx%2FMadeInChinaX3D%2Findex.html&rl=&if=false&ts=1663426593901&sw=1280&sh=1024&v=2.9.83&r=stable&ec=0&o=30&fbp=fb.1.1663426593900.1071545838&it=1663426593691&coo=false&rqm=GET
IP 31.13.72.36:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b798f4ce7359fd815df4bdf76503b295
f8cc6addf1707ad236ad9970b0a48f9733d07da5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
GET /tr/?id=2037053586588160&ev=PageView&dl=https%3A%2F%2Fengineeringforchange.info%2Fwp-content%2Fxx%2FMadeInChinaX3D%2Findex.html&rl=&if=false&ts=1663426593901&sw=1280&sh=1024&v=2.9.83&r=stable&ec=0&o=30&fbp=fb.1.1663426593900.1071545838&it=1663426593691&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://engineeringforchange.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
date: Sat, 17 Sep 2022 14:56:51 GMT
expires: Sat, 17 Sep 2022 14:56:51 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie:
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fa.micstatic.com/probe/map.gif?v=211112&t=w&d=%7Bpub%3A%7Bpuid%3A%221gd5v704bc6e%22%2Clinkid%3A%221gd5v704bc6e%22%2Curl%3A%22engineeringforchange.info%252Fwp-content%252Fxx%252FMadeInChinaX3D%252Findex.html%22%2Creferrer%3A%22%22%2Cpdr%3A%221%22%2Ctz%3A%220%22%2Clan%3A%22en-US%22%7D%2Ccore%3A%7Bw%3A%229064%22%2Crobot%3A%220%22%2Clcp%3A%22-1%22%7D%7D
104.18.24.206200 OK 35 B URL HTTP/2 fa.micstatic.com/probe/map.gif?v=211112&t=w&d=%7Bpub%3A%7Bpuid%3A%221gd5v704bc6e%22%2Clinkid%3A%221gd5v704bc6e%22%2Curl%3A%22engineeringforchange.info%252Fwp-content%252Fxx%252FMadeInChinaX3D%252Findex.html%22%2Creferrer%3A%22%22%2Cpdr%3A%221%22%2Ctz%3A%220%22%2Clan%3A%22en-US%22%7D%2Ccore%3A%7Bw%3A%229064%22%2Crobot%3A%220%22%2Clcp%3A%22-1%22%7D%7D
IP 104.18.24.206:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /probe/map.gif?v=211112&t=w&d=%7Bpub%3A%7Bpuid%3A%221gd5v704bc6e%22%2Clinkid%3A%221gd5v704bc6e%22%2Curl%3A%22engineeringforchange.info%252Fwp-content%252Fxx%252FMadeInChinaX3D%252Findex.html%22%2Creferrer%3A%22%22%2Cpdr%3A%221%22%2Ctz%3A%220%22%2Clan%3A%22en-US%22%7D%2Ccore%3A%7Bw%3A%229064%22%2Crobot%3A%220%22%2Clcp%3A%22-1%22%7D%7D HTTP/1.1
Host: fa.micstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://engineeringforchange.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 17 Sep 2022 14:56:57 GMT
content-type: image/gif
content-length: 35
last-modified: Thu, 15 Sep 2022 10:28:40 GMT
etag: "6322fe58-23"
accept-ranges: bytes
timing-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74c2b1061b5db4f7-OSL
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
104.18.10.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
IP 104.18.10.207:0
GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://engineeringforchange.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 17 Sep 2022 14:56:49 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 08/04/2021 00:04:37
cdn-edgestorageid: 601
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-proxyver: 1.0
cdn-status: 200
cdn-requestid: 1a094ec5f566140ad8ed25d8ea736316
cdn-cache: HIT
cf-cache-status: HIT
age: 6470356
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74c2b0d3fbf6b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.micstatic.com/common/js/business/global/sensors_track.js?r=1634120031144&r=1634120031144
104.18.21.229200 OK 0 B URL HTTP/2 www.micstatic.com/common/js/business/global/sensors_track.js?r=1634120031144&r=1634120031144
IP 104.18.21.229:0
GET /common/js/business/global/sensors_track.js?r=1634120031144&r=1634120031144 HTTP/1.1
Host: www.micstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://engineeringforchange.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 17 Sep 2022 14:56:50 GMT
content-type: application/javascript
last-modified: Fri, 19 Nov 2021 07:38:32 GMT
etag: W/"61975478-a860"
expires: Tue, 14 Sep 2032 14:56:50 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 74c2b0db2daeb511-OSL
X-Firefox-Spdy: h2
www.micstatic.com/common/js/libs/faw/faw.1.0.0.js?r=1634120031144
104.18.21.229200 OK 0 B URL HTTP/2 www.micstatic.com/common/js/libs/faw/faw.1.0.0.js?r=1634120031144
IP 104.18.21.229:0
GET /common/js/libs/faw/faw.1.0.0.js?r=1634120031144 HTTP/1.1
Host: www.micstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://engineeringforchange.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 17 Sep 2022 14:56:50 GMT
content-type: application/javascript
last-modified: Fri, 10 Sep 2021 13:44:55 GMT
etag: W/"613b6157-3042"
expires: Tue, 14 Sep 2032 14:56:50 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 74c2b0d8caf2b511-OSL
X-Firefox-Spdy: h2
www.made-in-china.com/faw-store.html
104.18.30.240200 OK 0 B URL HTTP/2 www.made-in-china.com/faw-store.html
IP 104.18.30.240:0
GET /faw-store.html HTTP/1.1
Host: www.made-in-china.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://engineeringforchange.info/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 17 Sep 2022 14:56:50 GMT
content-type: text/html
last-modified: Thu, 28 Oct 2021 09:16:24 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 12337
expires: Sat, 17 Sep 2022 18:56:50 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 74c2b0d9ab7c0b4d-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
engineeringforchange.info/wp-content/xx/MadeInChinaX3D/css/logon_40922b23.css
50.87.146.45200 OK 0 B URL HTTP/2 engineeringforchange.info/wp-content/xx/MadeInChinaX3D/css/logon_40922b23.css
IP 50.87.146.45:0
ASN #46606 UNIFIEDLAYER-AS-1
GET /wp-content/xx/MadeInChinaX3D/css/logon_40922b23.css HTTP/1.1
Host: engineeringforchange.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://engineeringforchange.info/wp-content/xx/MadeInChinaX3D/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 14 Oct 2021 01:12:08 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Sat, 17 Sep 2022 14:56:49 GMT
server: Apache
X-Firefox-Spdy: h2