paykpal.com/fr/app/app/signin.php
154.206.150.114 162 B URL User Request GET paykpal.com/fr/app/app/signin.php
IP 154.206.150.114:0
File type HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /fr/app/app/signin.php HTTP/1.1
Host: paykpal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 29 Mar 2024 07:11:00 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: http://www.paykpal.com/fr/app/app/signin.php
www.paykpal.com/fr/app/app/signin.php
154.206.150.114200 OK 14 kB URL User Request GET HTTP/1.1 www.paykpal.com/fr/app/app/signin.php
IP 154.206.150.114:80
File type JavaScript source, Non-ISO extended-ASCII text, with very long lines (2479), with CRLF, LF line terminators
Hash 50bc053ddb39b9349d18dba31da21a18
6f0229e36b545a4bbfa64555723e0ace471004ba
3de545e214d43f7de157f2857b64d23f30f93dacf1e16f27c79e59eea5afa49f
GET /fr/app/app/signin.php HTTP/1.1
Host: www.paykpal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 29 Mar 2024 07:11:02 GMT
Content-Type: text/html; charset=gbk
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: PHPSESSID=hdoa9qacc3hpq14utbq3ccnht5; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
fonts.googleapis.com/css?family=Droid+Sans%7CRoboto%7COpen+Sans:300,400,600,700,800%7CShadows+Into+Light%7COswald:400,300,700%7CCrushed
142.250.74.106200 OK 2.7 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Droid+Sans%7CRoboto%7COpen+Sans:300,400,600,700,800%7CShadows+Into+Light%7COswald:400,300,700%7CCrushed
IP 142.250.74.106:443
Requested by http://www.paykpal.com/fr/app/app/signin.php
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint04:B9:D9:E0:01:DB:5E:AB:5A:FF:F0:D9:ED:39:0F:C1:63:18:51:0B
ValidityMon, 26 Feb 2024 08:18:27 GMT - Mon, 20 May 2024 08:18:26 GMT
File type gzip compressed data, max compression
Hash a7ebcf0a9124202263847d1904799134
60d073af376418cae9a228dd03217c4b193e054c
ad59fd27e13ee52a61faa5539413ae7ba72ab6d6dbf3f42aa08cfe5d09971814
GET /css?family=Droid+Sans%7CRoboto%7COpen+Sans:300,400,600,700,800%7CShadows+Into+Light%7COswald:400,300,700%7CCrushed HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 29 Mar 2024 07:11:03 GMT
date: Fri, 29 Mar 2024 07:11:03 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.paykpal.com/Template/Theme/vendor/magnific-popup/magnific-popup.min.css
154.206.150.114200 OK 1.7 kB URL GET HTTP/1.1 www.paykpal.com/Template/Theme/vendor/magnific-popup/magnific-popup.min.css
IP 154.206.150.114:80
Requested by http://www.paykpal.com/fr/app/app/signin.php
File type ASCII text, with very long lines (5206), with no line terminators
Hash cbf9d40dc11729fcf26170b95f64fa25
b20b15a8f91492109a22fad564ba04a17747a7c0
bab264ce3dcbf5effb9f3e86fdfc1a76fe1901dbf00542918ecf1ca7c23f24f6
GET /Template/Theme/vendor/magnific-popup/magnific-popup.min.css HTTP/1.1
Host: www.paykpal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/fr/app/app/signin.php
Cookie: PHPSESSID=hdoa9qacc3hpq14utbq3ccnht5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 29 Mar 2024 07:11:03 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
www.paykpal.com/Template/Theme/vendor/owl.carousel/assets/owl.theme.default.min.css
154.206.150.114200 OK 487 B URL GET HTTP/1.1 www.paykpal.com/Template/Theme/vendor/owl.carousel/assets/owl.theme.default.min.css
IP 154.206.150.114:80
Requested by http://www.paykpal.com/fr/app/app/signin.php
File type ASCII text, with very long lines (846)
Hash ce72fcae0590c313cba6365bf976febe
cf8da6394642e419f9d015ae43aa8d48b59db507
9dff755446d0d8e13e0dace98870edf02f4065f6d049ddf8f4d7e3fbbdbda4fb
GET /Template/Theme/vendor/owl.carousel/assets/owl.theme.default.min.css HTTP/1.1
Host: www.paykpal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/fr/app/app/signin.php
Cookie: PHPSESSID=hdoa9qacc3hpq14utbq3ccnht5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 29 Mar 2024 07:11:03 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
www.paykpal.com/Template/Styles/theme-overrides.css
154.206.150.114200 OK 688 B URL GET HTTP/1.1 www.paykpal.com/Template/Styles/theme-overrides.css
IP 154.206.150.114:80
Requested by http://www.paykpal.com/fr/app/app/signin.php
File type assembler source, ASCII text
Hash 7a3977b4ac398f551b7db7d378b2c5aa
2fe7a893bdeb8e36f02629a83410d9f1d62b4493
4cac0f8978ab94ceddcd37981f0f9dab2b3661f395fb8d60d75a5ac199deb3fc
GET /Template/Styles/theme-overrides.css HTTP/1.1
Host: www.paykpal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/fr/app/app/signin.php
Cookie: PHPSESSID=hdoa9qacc3hpq14utbq3ccnht5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 29 Mar 2024 07:11:03 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
www.paykpal.com/Template/Theme/vendor/nivo-slider/default/default.css
154.206.150.114200 OK 798 B URL GET HTTP/1.1 www.paykpal.com/Template/Theme/vendor/nivo-slider/default/default.css
IP 154.206.150.114:80
Requested by http://www.paykpal.com/fr/app/app/signin.php
File type ASCII text, with CRLF line terminators
Hash 2eeae1f00d2b98d9f91c6bbcfca6ab3b
2c7d105ca9bf66a2beb2216780609897ee2760f9
e73edf6dd8e505ba70c3cda62b1651ed4a723107cbfb2a8f915dcfe80e035f2b
GET /Template/Theme/vendor/nivo-slider/default/default.css HTTP/1.1
Host: www.paykpal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/fr/app/app/signin.php
Cookie: PHPSESSID=hdoa9qacc3hpq14utbq3ccnht5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 29 Mar 2024 07:11:03 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
www.paykpal.com/Template/Theme/vendor/owl.carousel/assets/owl.carousel.min.css
154.206.150.114200 OK 997 B URL GET HTTP/1.1 www.paykpal.com/Template/Theme/vendor/owl.carousel/assets/owl.carousel.min.css
IP 154.206.150.114:80
Requested by http://www.paykpal.com/fr/app/app/signin.php
File type ASCII text, with very long lines (2649)
Hash 46a0c0909c2f51974251754aaafe796d
0b706fc46708f3fa7aeb557d48021ffe46bfe0c7
749b9f932c1e6fecc596d1552a64656c3bda380ac70cd3896e209973d554ada1
GET /Template/Theme/vendor/owl.carousel/assets/owl.carousel.min.css HTTP/1.1
Host: www.paykpal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/fr/app/app/signin.php
Cookie: PHPSESSID=hdoa9qacc3hpq14utbq3ccnht5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 29 Mar 2024 07:11:03 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
www.paykpal.com/Template/Theme/vendor/nivo-slider/nivo-slider.css
154.206.150.114200 OK 859 B URL GET HTTP/1.1 www.paykpal.com/Template/Theme/vendor/nivo-slider/nivo-slider.css
IP 154.206.150.114:80
Requested by http://www.paykpal.com/fr/app/app/signin.php
File type ASCII text, with CRLF line terminators
Hash 61d7d21807c712e96a9ac4d8fe955349
458a0cb49ee02e555178955ae3f7f8879237fba6
8821a7426941daaec923722d4d02bef6aa6a4bd42b39c408c64a279c71c5dc13
GET /Template/Theme/vendor/nivo-slider/nivo-slider.css HTTP/1.1
Host: www.paykpal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/fr/app/app/signin.php
Cookie: PHPSESSID=hdoa9qacc3hpq14utbq3ccnht5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 29 Mar 2024 07:11:03 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
www.paykpal.com/Telerik.Web.UI.WebResource.axd?d=PMrIT5dOWaVYIcpFWUE4nJ_hHpV6QajNGUvxd3GX0zGi4qTyDYxvBd4-Z6PHiMxq7aR7mrxAqGHnR9yMf6LsLH4wqUODuf0mPtqq0YY21KsA6GTv6kLh8qBrjJA3YHOV0&t=638227145199744065&compress=0&_TSM_CombinedScripts_=%3b%3bTelerik.Sitefinity.Resources%2c+Version%3d14.4.8135.0%2c+Culture%3dneutral%2c+PublicKeyToken%3db28c218413bdf563%3aen%3aaed87611-718c-43af-bad7-20fefea09a79%3a7a90d6a
154.206.150.114200 OK 572 B URL GET HTTP/1.1 www.paykpal.com/Telerik.Web.UI.WebResource.axd?d=PMrIT5dOWaVYIcpFWUE4nJ_hHpV6QajNGUvxd3GX0zGi4qTyDYxvBd4-Z6PHiMxq7aR7mrxAqGHnR9yMf6LsLH4wqUODuf0mPtqq0YY21KsA6GTv6kLh8qBrjJA3YHOV0&t=638227145199744065&compress=0&_TSM_CombinedScripts_=%3b%3bTelerik.Sitefinity.Resources%2c+Version%3d14.4.8135.0%2c+Culture%3dneutral%2c+PublicKeyToken%3db28c218413bdf563%3aen%3aaed87611-718c-43af-bad7-20fefea09a79%3a7a90d6a
IP 154.206.150.114:80
Requested by http://www.paykpal.com/fr/app/app/signin.php
File type ASCII text, with CRLF, LF line terminators
Hash 2aaeda07e60d0d2e484e46561dc044de
a9026d58967657579de2071c0a1c9b9c8b3bdb00
7baa86aee32051749f5646c30d042ee97e9590003307e2ff3f4b6bbcf0ee963d
GET /Telerik.Web.UI.WebResource.axd?d=PMrIT5dOWaVYIcpFWUE4nJ_hHpV6QajNGUvxd3GX0zGi4qTyDYxvBd4-Z6PHiMxq7aR7mrxAqGHnR9yMf6LsLH4wqUODuf0mPtqq0YY21KsA6GTv6kLh8qBrjJA3YHOV0&t=638227145199744065&compress=0&_TSM_CombinedScripts_=%3b%3bTelerik.Sitefinity.Resources%2c+Version%3d14.4.8135.0%2c+Culture%3dneutral%2c+PublicKeyToken%3db28c218413bdf563%3aen%3aaed87611-718c-43af-bad7-20fefea09a79%3a7a90d6a HTTP/1.1
Host: www.paykpal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/fr/app/app/signin.php
Cookie: PHPSESSID=hdoa9qacc3hpq14utbq3ccnht5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 29 Mar 2024 07:11:04 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
154.206.128.100/xingbake6he.js
154.206.128.100200 OK 993 B URL GET HTTP/1.1 154.206.128.100/xingbake6he.js
IP 154.206.128.100:80
Requested by http://www.paykpal.com/fr/app/app/signin.php
File type JavaScript source, ASCII text, with very long lines (457)
Hash 5e86e930dc286f60e230a4558b3e4e41
7bf5f314bb1711c81d8b85f9556e1ca2be281a74
09f51392c18afcabafd2f9d1eb816eb3ff3c43982e4ffe662a2d51bee50aa26f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /xingbake6he.js HTTP/1.1
Host: 154.206.128.100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 29 Mar 2024 07:11:04 GMT
Content-Type: application/javascript
Last-Modified: Thu, 28 Mar 2024 12:23:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"66056140-964"
Expires: Fri, 29 Mar 2024 19:11:04 GMT
Cache-Control: max-age=43200
Content-Encoding: gzip
www.paykpal.com/Template/Theme/css/theme-elements.css?vrsn=04222022
154.206.150.114200 OK 30 kB URL GET HTTP/1.1 www.paykpal.com/Template/Theme/css/theme-elements.css?vrsn=04222022
IP 154.206.150.114:80
Requested by http://www.paykpal.com/fr/app/app/signin.php
Hash 0f45460715abface16c1529a98c3480b
8cc5b0294e29066a8f53bf0142f5a17ce338b3e2
9f3d654739fb5e6f4105d639ba06681bd3da66130db9f603d61d64b677bcf863
GET /Template/Theme/css/theme-elements.css?vrsn=04222022 HTTP/1.1
Host: www.paykpal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/fr/app/app/signin.php
Cookie: PHPSESSID=hdoa9qacc3hpq14utbq3ccnht5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 29 Mar 2024 07:11:04 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
www.paykpal.com/Template/Theme/css/theme.css
154.206.150.114200 OK 19 kB URL GET HTTP/1.1 www.paykpal.com/Template/Theme/css/theme.css
IP 154.206.150.114:80
Requested by http://www.paykpal.com/fr/app/app/signin.php
File type ASCII text, with very long lines (431)
Hash a5eabc860af0b9f70cc415d6f321d203
1b4028bb0f4e029e1aefc0693b565d4a979792a0
b341d71194e1ed8191cb6123c1d60accc58677f18eb207a7291a86f097570aa3
GET /Template/Theme/css/theme.css HTTP/1.1
Host: www.paykpal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/fr/app/app/signin.php
Cookie: PHPSESSID=hdoa9qacc3hpq14utbq3ccnht5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 29 Mar 2024 07:11:04 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
www.paykpal.com/Template/Styles/custom.css?vrsn=04142022
154.206.150.114200 OK 8.9 kB URL GET HTTP/1.1 www.paykpal.com/Template/Styles/custom.css?vrsn=04142022
IP 154.206.150.114:80
Requested by http://www.paykpal.com/fr/app/app/signin.php
Hash 6a0fca20a497dadaffcc0c66050ce740
74b405b438a5abb0f7e034cbf3e3fd7a649cf958
de5e1c98e4ce05962f004dddb27150775f5326245f1e75960fda7c61bffe7c8d
GET /Template/Styles/custom.css?vrsn=04142022 HTTP/1.1
Host: www.paykpal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/fr/app/app/signin.php
Cookie: PHPSESSID=hdoa9qacc3hpq14utbq3ccnht5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 29 Mar 2024 07:11:04 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
www.paykpal.com/Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=ctl05_TSM&compress=0&_TSM_CombinedScripts_=%3b%3bTelerik.Sitefinity.Resources%3aen%3aaed87611-718c-43af-bad7-20fefea09a79%3a9ced59e7
154.206.150.114200 OK 6.3 kB URL GET HTTP/1.1 www.paykpal.com/Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=ctl05_TSM&compress=0&_TSM_CombinedScripts_=%3b%3bTelerik.Sitefinity.Resources%3aen%3aaed87611-718c-43af-bad7-20fefea09a79%3a9ced59e7
IP 154.206.150.114:80
Requested by http://www.paykpal.com/fr/app/app/signin.php
File type JavaScript source, ASCII text, with very long lines (15014), with CRLF, LF line terminators
Hash 10d211cc4a3ecb3dc57b19574a81cab6
e9acf57d4318b80928a950cef24314b2907df096
86d95647e48889bf8cae97778e7dfd05dcf761bda01e7d362950dfc72d4b0550
GET /Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=ctl05_TSM&compress=0&_TSM_CombinedScripts_=%3b%3bTelerik.Sitefinity.Resources%3aen%3aaed87611-718c-43af-bad7-20fefea09a79%3a9ced59e7 HTTP/1.1
Host: www.paykpal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/fr/app/app/signin.php
Cookie: PHPSESSID=hdoa9qacc3hpq14utbq3ccnht5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 29 Mar 2024 07:11:05 GMT
Content-Type: text/html; charset=gbk
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
www.paykpal.com/Template/Theme/vendor/nivo-slider/jquery.nivo.slider.min.js
154.206.150.114200 OK 3.4 kB URL GET HTTP/1.1 www.paykpal.com/Template/Theme/vendor/nivo-slider/jquery.nivo.slider.min.js
IP 154.206.150.114:80
Requested by http://www.paykpal.com/fr/app/app/signin.php
File type JavaScript source, ASCII text, with very long lines (11662), with CRLF, LF line terminators
Hash c84d76eb0cebe93eb0af41ae5f3e3f7c
9ea08ba4819b02d3952c4eca6bd90420ddeb9429
9e47c20b6b467f03a31a140f2c1379590329209cddad96864ca67f3c501d7c93
GET /Template/Theme/vendor/nivo-slider/jquery.nivo.slider.min.js HTTP/1.1
Host: www.paykpal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/fr/app/app/signin.php
Cookie: PHPSESSID=hdoa9qacc3hpq14utbq3ccnht5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 29 Mar 2024 07:11:05 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
www.paykpal.com/ScriptResource.axd?d=ktXPS54N4JY6vbaCTPlT9aFgmkSpHDGvmpRcBp8YuP690zIOFOsponYRy4vBLPk2AuVcxUxFBUYmwfEFzsNbgEkTty3ugPE4MpLopMaStW-gJp3zlaC-kWlGaH2dIq193bo5wxLi9dnlTOu0w2AHRvq0aw8yo-B6k01J6qkHoEWU1IpB98USxxYZAcsxiPod0&t=622c0734
154.206.150.114200 OK 35 kB URL GET HTTP/1.1 www.paykpal.com/ScriptResource.axd?d=ktXPS54N4JY6vbaCTPlT9aFgmkSpHDGvmpRcBp8YuP690zIOFOsponYRy4vBLPk2AuVcxUxFBUYmwfEFzsNbgEkTty3ugPE4MpLopMaStW-gJp3zlaC-kWlGaH2dIq193bo5wxLi9dnlTOu0w2AHRvq0aw8yo-B6k01J6qkHoEWU1IpB98USxxYZAcsxiPod0&t=622c0734
IP 154.206.150.114:80
Requested by http://www.paykpal.com/fr/app/app/signin.php
File type JavaScript source, ASCII text, with very long lines (65444), with CRLF line terminators
Hash 546e7ee7881c0ef76901963cc0648310
07e12b2d2105501f455cba1d39aee4df1a4d537c
25990dff5a272384d3526faf864042632da1ebe84a3c43fb2149d89509027835
GET /ScriptResource.axd?d=ktXPS54N4JY6vbaCTPlT9aFgmkSpHDGvmpRcBp8YuP690zIOFOsponYRy4vBLPk2AuVcxUxFBUYmwfEFzsNbgEkTty3ugPE4MpLopMaStW-gJp3zlaC-kWlGaH2dIq193bo5wxLi9dnlTOu0w2AHRvq0aw8yo-B6k01J6qkHoEWU1IpB98USxxYZAcsxiPod0&t=622c0734 HTTP/1.1
Host: www.paykpal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/fr/app/app/signin.php
Cookie: PHPSESSID=hdoa9qacc3hpq14utbq3ccnht5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 29 Mar 2024 07:11:05 GMT
Content-Type: text/html; charset=gbk
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
www.paykpal.com/Template/Theme/js/views/view.home.js
154.206.150.114200 OK 671 B URL GET HTTP/1.1 www.paykpal.com/Template/Theme/js/views/view.home.js
IP 154.206.150.114:80
Requested by http://www.paykpal.com/fr/app/app/signin.php
File type JavaScript source, ASCII text, with CRLF line terminators
Hash 9674d9330f4ed54ce5770db186c21869
f9571ee1d432dd879bc7b6da26824d9a2caa1643
f0fb21c10874a60af78e92e77af90dfe7e80ee6bcc29fc9ff8bb06b069808b77
GET /Template/Theme/js/views/view.home.js HTTP/1.1
Host: www.paykpal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/fr/app/app/signin.php
Cookie: PHPSESSID=hdoa9qacc3hpq14utbq3ccnht5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 29 Mar 2024 07:11:05 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
www.paykpal.com/Template/Styles/skin.css?vrsn=04222022
154.206.150.114200 OK 16 kB URL GET HTTP/1.1 www.paykpal.com/Template/Styles/skin.css?vrsn=04222022
IP 154.206.150.114:80
Requested by http://www.paykpal.com/fr/app/app/signin.php
Hash 9569cff7f7c6b1eb94b2c57cac0b756b
abec6ab903b038c5fea732b19b60933c02edef52
8550ff59d6fb1fadb9fb4df5adbd457a440cbb75b80f7e6caf98cb17f0a90944
GET /Template/Styles/skin.css?vrsn=04222022 HTTP/1.1
Host: www.paykpal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/fr/app/app/signin.php
Cookie: PHPSESSID=hdoa9qacc3hpq14utbq3ccnht5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 29 Mar 2024 07:11:05 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
www.paykpal.com/Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=ctl05_TSM&compress=0&_TSM_CombinedScripts_=%3b%3bSystem.Web.Extensions%2c+Version%3d4.0.0.0%2c+Culture%3dneutral%2c+PublicKeyToken%3d31bf3856ad364e35%3aen%3ab1b4952e-9da7-42da-9336-4b750b188f75%3aea597d4b
154.206.150.114200 OK 30 kB URL GET HTTP/1.1 www.paykpal.com/Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=ctl05_TSM&compress=0&_TSM_CombinedScripts_=%3b%3bSystem.Web.Extensions%2c+Version%3d4.0.0.0%2c+Culture%3dneutral%2c+PublicKeyToken%3d31bf3856ad364e35%3aen%3ab1b4952e-9da7-42da-9336-4b750b188f75%3aea597d4b
IP 154.206.150.114:80
Requested by http://www.paykpal.com/fr/app/app/signin.php
File type JavaScript source, ASCII text, with very long lines (65297), with CRLF line terminators
Hash 091380bbc5a1ee72b6eddcdb0c9a6d49
ec5a73cd0da205cfe8cc37839889ebf0dc1bd262
2154170005ddc61b4e4eb1490474aa16845224c6f441f7891b7c5808dc7be55f
GET /Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=ctl05_TSM&compress=0&_TSM_CombinedScripts_=%3b%3bSystem.Web.Extensions%2c+Version%3d4.0.0.0%2c+Culture%3dneutral%2c+PublicKeyToken%3d31bf3856ad364e35%3aen%3ab1b4952e-9da7-42da-9336-4b750b188f75%3aea597d4b HTTP/1.1
Host: www.paykpal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/fr/app/app/signin.php
Cookie: PHPSESSID=hdoa9qacc3hpq14utbq3ccnht5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 29 Mar 2024 07:11:05 GMT
Content-Type: text/html; charset=gbk
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
www.paykpal.com/Template/Theme/vendor/nivo-slider/jquery.nivo.slider.js
154.206.150.114200 OK 5.8 kB URL GET HTTP/1.1 www.paykpal.com/Template/Theme/vendor/nivo-slider/jquery.nivo.slider.js
IP 154.206.150.114:80
Requested by http://www.paykpal.com/fr/app/app/signin.php
File type JavaScript source, ASCII text, with very long lines (386), with CRLF line terminators
Hash d85af89afd474c4f12382073cae9dfdd
70718836246db423baff8092fbc672a9421ebd58
194043cb7fd57d948e75848bcf5c4dab90f8d8e806952fd4036bd34e9214f6df
GET /Template/Theme/vendor/nivo-slider/jquery.nivo.slider.js HTTP/1.1
Host: www.paykpal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/fr/app/app/signin.php
Cookie: PHPSESSID=hdoa9qacc3hpq14utbq3ccnht5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 29 Mar 2024 07:11:06 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
www.paykpal.com/Template/Theme/vendor/jquery.appear/jquery.appear.min.js
154.206.150.114200 OK 802 B URL GET HTTP/1.1 www.paykpal.com/Template/Theme/vendor/jquery.appear/jquery.appear.min.js
IP 154.206.150.114:80
Requested by http://www.paykpal.com/fr/app/app/signin.php
File type JavaScript source, ASCII text, with very long lines (1281)
Hash 8c91081c030ce006774192e8021544e0
1c0c3028cd176e8300b750d33c93584ae344a59a
4f36c476b4ef0a4b760aedea686e24cc650d4e01f1ec77b78aa36681cd14b1e0
GET /Template/Theme/vendor/jquery.appear/jquery.appear.min.js HTTP/1.1
Host: www.paykpal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/fr/app/app/signin.php
Cookie: PHPSESSID=hdoa9qacc3hpq14utbq3ccnht5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 29 Mar 2024 07:11:06 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
www.paykpal.com/Template/Theme/vendor/jquery.easing/jquery.easing.min.js
154.206.150.114200 OK 1.9 kB URL GET HTTP/1.1 www.paykpal.com/Template/Theme/vendor/jquery.easing/jquery.easing.min.js
IP 154.206.150.114:80
Requested by http://www.paykpal.com/fr/app/app/signin.php
File type Unicode text, UTF-8 text, with very long lines (3338), with CRLF, LF line terminators
Hash 515bd66a1c0ca94efb91fe0767444d87
c9c31670211c0968f508b6a314735ed6ed9d609c
33aa33e087779171bf2f7550a1f22319777d20c70dec49f6c8bbc1585205ce0a
GET /Template/Theme/vendor/jquery.easing/jquery.easing.min.js HTTP/1.1
Host: www.paykpal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/fr/app/app/signin.php
Cookie: PHPSESSID=hdoa9qacc3hpq14utbq3ccnht5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 29 Mar 2024 07:11:06 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
www.paykpal.com/Template/Theme/vendor/jquery-cookie/jquery-cookie.min.js
154.206.150.114200 OK 787 B URL GET HTTP/1.1 www.paykpal.com/Template/Theme/vendor/jquery-cookie/jquery-cookie.min.js
IP 154.206.150.114:80
Requested by http://www.paykpal.com/fr/app/app/signin.php
File type JavaScript source, ASCII text, with very long lines (1263), with CRLF, LF line terminators
Hash 92503d80f210b9aaa70d9b5fab6489d0
b8c1376303dcd7f3e0588527924670b760062461
a0069524ed5343aff5b15569a3cb40a0f36830fb7b4095e7697b6520b1acfecc
GET /Template/Theme/vendor/jquery-cookie/jquery-cookie.min.js HTTP/1.1
Host: www.paykpal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/fr/app/app/signin.php
Cookie: PHPSESSID=hdoa9qacc3hpq14utbq3ccnht5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 29 Mar 2024 07:11:06 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
www.paykpal.com/Template/Theme/vendor/owl.carousel/owl.carousel.min.js
154.206.150.114200 OK 13 kB URL GET HTTP/1.1 www.paykpal.com/Template/Theme/vendor/owl.carousel/owl.carousel.min.js
IP 154.206.150.114:80
Requested by http://www.paykpal.com/fr/app/app/signin.php
File type JavaScript source, ASCII text, with very long lines (32012)
Hash eca6c9b90851928dfc16effb89928bd9
fe458364149641cb08ac8c50c113956613811b41
d2e316abcec4ed64ad9e754c79ad4fe0409275de1bf6f25ed9ff88a549377167
GET /Template/Theme/vendor/owl.carousel/owl.carousel.min.js HTTP/1.1
Host: www.paykpal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/fr/app/app/signin.php
Cookie: PHPSESSID=hdoa9qacc3hpq14utbq3ccnht5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 29 Mar 2024 07:11:06 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
www.paykpal.com/Template/Theme/vendor/bootstrap/js/bootstrap.min.js
154.206.150.114200 OK 11 kB URL GET HTTP/1.1 www.paykpal.com/Template/Theme/vendor/bootstrap/js/bootstrap.min.js
IP 154.206.150.114:80
Requested by http://www.paykpal.com/fr/app/app/signin.php
File type JavaScript source, ASCII text, with very long lines (32033)
Hash a937ed9406428bcb590ba97cc8701cbb
e62ff4ba90e72a978397dffc1200feb353f6ce47
a12eaac378ced9140331dfafb72caee77622eb080eb7af2de8655201472bb7bf
GET /Template/Theme/vendor/bootstrap/js/bootstrap.min.js HTTP/1.1
Host: www.paykpal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/fr/app/app/signin.php
Cookie: PHPSESSID=hdoa9qacc3hpq14utbq3ccnht5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 29 Mar 2024 07:11:07 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
www.paykpal.com/Template/Theme/vendor/common/common.min.js
154.206.150.114200 OK 6.4 kB URL GET HTTP/1.1 www.paykpal.com/Template/Theme/vendor/common/common.min.js
IP 154.206.150.114:80
Requested by http://www.paykpal.com/fr/app/app/signin.php
File type JavaScript source, ASCII text, with very long lines (8700), with CRLF, LF line terminators
Hash 2daf77ac92b537866ca01a347698e16f
d7d1e9e93af75d71651791c8fd788a74ef366260
404c40c223c37eb2c47dd0ce327cc5e27838de4372a132618d5dacfbc221c507
GET /Template/Theme/vendor/common/common.min.js HTTP/1.1
Host: www.paykpal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/fr/app/app/signin.php
Cookie: PHPSESSID=hdoa9qacc3hpq14utbq3ccnht5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 29 Mar 2024 07:11:07 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
www.paykpal.com/Template/Theme/js/theme.init.js
154.206.150.114200 OK 1.1 kB URL GET HTTP/1.1 www.paykpal.com/Template/Theme/js/theme.init.js
IP 154.206.150.114:80
Requested by http://www.paykpal.com/fr/app/app/signin.php
File type JavaScript source, ASCII text, with CRLF line terminators
Hash c632ba019621e7fe358b47a90eb929bf
291b57c0d05d4f3f29c04a19026b26c60ad18137
56f818eb2c0e2abe5b020fc4c7153bf2b48c1c578fce3f732f25ec2458816c9f
GET /Template/Theme/js/theme.init.js HTTP/1.1
Host: www.paykpal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/fr/app/app/signin.php
Cookie: PHPSESSID=hdoa9qacc3hpq14utbq3ccnht5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 29 Mar 2024 07:11:07 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
www.paykpal.com/Template/Theme/js/theme.js
154.206.150.114200 OK 13 kB URL GET HTTP/1.1 www.paykpal.com/Template/Theme/js/theme.js
IP 154.206.150.114:80
Requested by http://www.paykpal.com/fr/app/app/signin.php
File type JavaScript source, ASCII text, with CRLF line terminators
Hash f749f759ece713e78a554d0c13bcb00c
9f3a370684238d09919c7452743490516dc8174a
efba06271930fe54a764b28ffac6d9455637e3920aa8249f3eb399dd3f941d78
GET /Template/Theme/js/theme.js HTTP/1.1
Host: www.paykpal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/fr/app/app/signin.php
Cookie: PHPSESSID=hdoa9qacc3hpq14utbq3ccnht5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 29 Mar 2024 07:11:08 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
www.paykpal.com/Template/Theme/vendor/modernizr/modernizr.min.js
154.206.150.114200 OK 4.8 kB URL GET HTTP/1.1 www.paykpal.com/Template/Theme/vendor/modernizr/modernizr.min.js
IP 154.206.150.114:80
Requested by http://www.paykpal.com/fr/app/app/signin.php
File type JavaScript source, ASCII text, with very long lines (10086)
Hash ef52e74aea5b2b99063c1a7a18cd72de
698eb102f651a767f9f78b2f77e29d5f45083161
6a631aedc7a674aab96f347558ec9911178f4d8492f93e33366f7ec30d45d779
GET /Template/Theme/vendor/modernizr/modernizr.min.js HTTP/1.1
Host: www.paykpal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/fr/app/app/signin.php
Cookie: PHPSESSID=hdoa9qacc3hpq14utbq3ccnht5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 29 Mar 2024 07:11:08 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
www.paykpal.com/Template/Theme/vendor/animate/animate.min.css
154.206.150.114200 OK 4.9 kB URL GET HTTP/1.1 www.paykpal.com/Template/Theme/vendor/animate/animate.min.css
IP 154.206.150.114:80
Requested by http://www.paykpal.com/fr/app/app/signin.php
File type ASCII text, with very long lines (52592), with CRLF line terminators
Hash e241e3ee1aa6b00795c9e46558280940
0f746fd97a7fd381d178fe0d3d732c82905693d6
53eaf15bae45605ea399de089e8f6e5f12eed51c718b333f01fa9b77555cc633
GET /Template/Theme/vendor/animate/animate.min.css HTTP/1.1
Host: www.paykpal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/fr/app/app/signin.php
Cookie: PHPSESSID=hdoa9qacc3hpq14utbq3ccnht5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 29 Mar 2024 07:11:08 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
www.paykpal.com/Template/Theme/vendor/font-awesome/css/font-awesome.min.css
154.206.150.114200 OK 7.8 kB URL GET HTTP/1.1 www.paykpal.com/Template/Theme/vendor/font-awesome/css/font-awesome.min.css
IP 154.206.150.114:80
Requested by http://www.paykpal.com/fr/app/app/signin.php
File type ASCII text, with very long lines (31001)
Hash 1e56fb7d24cdd70f461b8a7be006aa21
7b94083f11859b43d0274515f8885e8672ba39a3
51bb9d9fca4045f836dc356bab53fd377b06313c4c1786731851e5d0b408a590
GET /Template/Theme/vendor/font-awesome/css/font-awesome.min.css HTTP/1.1
Host: www.paykpal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/fr/app/app/signin.php
Cookie: PHPSESSID=hdoa9qacc3hpq14utbq3ccnht5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 29 Mar 2024 07:11:08 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
www.paykpal.com/ResourcePackages/Bootstrap/assets/dist/css/main.min.css
154.206.150.114200 OK 30 kB URL GET HTTP/1.1 www.paykpal.com/ResourcePackages/Bootstrap/assets/dist/css/main.min.css
IP 154.206.150.114:80
Requested by http://www.paykpal.com/fr/app/app/signin.php
File type ASCII text, with very long lines (65352)
Hash 5192adcfa88ed3bea57240571d3b7e3e
e06eb2fb8c589b9f4b1e0095c2b0cde77a7c715b
de8eb7ed9412295cccc39ca6831bb5908396833080a07c0933667f5e468c801e
GET /ResourcePackages/Bootstrap/assets/dist/css/main.min.css HTTP/1.1
Host: www.paykpal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/fr/app/app/signin.php
Cookie: PHPSESSID=hdoa9qacc3hpq14utbq3ccnht5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 29 Mar 2024 07:11:08 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
www.paykpal.com/Template/Theme/vendor/jquery/jquery.min.js
154.206.150.114200 OK 34 kB URL GET HTTP/1.1 www.paykpal.com/Template/Theme/vendor/jquery/jquery.min.js
IP 154.206.150.114:80
Requested by http://www.paykpal.com/fr/app/app/signin.php
File type JavaScript source, ASCII text, with very long lines (32030), with CRLF line terminators
Hash d7c47ab15b972e59412563e746dfce95
051d2a7330663b19970a9b286fa21edd2c071e08
12372edd157702e5ef510edd1a2d8e789bfab0709cb98cfd75f4be0c2456d98a
GET /Template/Theme/vendor/jquery/jquery.min.js HTTP/1.1
Host: www.paykpal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/fr/app/app/signin.php
Cookie: PHPSESSID=hdoa9qacc3hpq14utbq3ccnht5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 29 Mar 2024 07:11:08 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
www.googletagmanager.com/gtm.js?id=GTM-W5CW982
142.250.74.168200 OK 97 kB URL GET HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-W5CW982
IP 142.250.74.168:443
Requested by http://www.paykpal.com/fr/app/app/signin.php
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintDE:42:E4:CC:E5:66:70:09:F3:E6:6E:57:B7:5E:22:0A:A3:03:C2:7C
ValidityMon, 26 Feb 2024 08:03:40 GMT - Mon, 20 May 2024 08:03:39 GMT
File type JavaScript source, ASCII text, with very long lines (13002)
Hash fe86554eebe7ca659beb6c2314fdc7d9
d921f2f0b3b4f7a73dc0f1aadf5b761ff5e3092f
f497d340e4da109f9cb137b77bed5dcbc02b334ab2093240deb6a94a4b58477c
GET /gtm.js?id=GTM-W5CW982 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 29 Mar 2024 07:11:08 GMT
expires: Fri, 29 Mar 2024 07:11:08 GMT
cache-control: private, max-age=900
last-modified: Fri, 29 Mar 2024 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 96788
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.paykpal.com/Template/Theme/vendor/simple-line-icons/css/simple-line-icons.min.css
154.206.150.114200 OK 2.6 kB URL GET HTTP/1.1 www.paykpal.com/Template/Theme/vendor/simple-line-icons/css/simple-line-icons.min.css
IP 154.206.150.114:80
Requested by http://www.paykpal.com/fr/app/app/signin.php
File type ASCII text, with very long lines (11155), with no line terminators
Hash bd1ab959d41ab1b91c5ab3914734a849
1403157f9cfa23d3b5b4e530064b04aea160ec15
80d17ab8b10b76b80d04cadb2481a72d2f0609bb2c3dae6e431d161cdc1d6864
GET /Template/Theme/vendor/simple-line-icons/css/simple-line-icons.min.css HTTP/1.1
Host: www.paykpal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/fr/app/app/signin.php
Cookie: PHPSESSID=hdoa9qacc3hpq14utbq3ccnht5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 29 Mar 2024 07:11:08 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
www.googletagmanager.com/gtag/js?id=G-DKXFWS1ZVH&l=dataLayer&cx=c
142.250.74.168200 OK 98 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-DKXFWS1ZVH&l=dataLayer&cx=c
IP 142.250.74.168:443
Requested by http://www.paykpal.com/fr/app/app/signin.php
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintDE:42:E4:CC:E5:66:70:09:F3:E6:6E:57:B7:5E:22:0A:A3:03:C2:7C
ValidityMon, 26 Feb 2024 08:03:40 GMT - Mon, 20 May 2024 08:03:39 GMT
File type JavaScript source, ASCII text, with very long lines (5955)
Hash ce6c1a9af24c9b8a7c4c9b0520cf3869
2631b9ea535233bc0db492d5de81455a46b482f3
9c7878e482a3471b0a24f4828b0d287c02d8f2fde12dced2cf8d0fd174b5503a
GET /gtag/js?id=G-DKXFWS1ZVH&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 29 Mar 2024 07:11:09 GMT
expires: Fri, 29 Mar 2024 07:11:09 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 98487
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:443
Requested by http://www.paykpal.com/fr/app/app/signin.php
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF3:56:10:42:A8:3C:BF:F5:89:9C:4C:C0:F8:E3:DC:C4:1C:E9:34:9E
ValidityMon, 26 Feb 2024 08:18:21 GMT - Mon, 20 May 2024 08:18:20 GMT
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.paykpal.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 17:37:50 GMT
expires: Fri, 28 Mar 2025 17:37:50 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 48799
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 48 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:443
Requested by http://www.paykpal.com/fr/app/app/signin.php
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF3:56:10:42:A8:3C:BF:F5:89:9C:4C:C0:F8:E3:DC:C4:1C:E9:34:9E
ValidityMon, 26 Feb 2024 08:18:21 GMT - Mon, 20 May 2024 08:18:20 GMT
File type Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Hash 015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.paykpal.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 02:35:00 GMT
expires: Fri, 28 Mar 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 102969
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 48 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:443
Requested by http://www.paykpal.com/fr/app/app/signin.php
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF3:56:10:42:A8:3C:BF:F5:89:9C:4C:C0:F8:E3:DC:C4:1C:E9:34:9E
ValidityMon, 26 Feb 2024 08:18:21 GMT - Mon, 20 May 2024 08:18:20 GMT
File type Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Hash 015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.paykpal.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 02:35:00 GMT
expires: Fri, 28 Mar 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 102969
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 48 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:443
Requested by http://www.paykpal.com/fr/app/app/signin.php
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF3:56:10:42:A8:3C:BF:F5:89:9C:4C:C0:F8:E3:DC:C4:1C:E9:34:9E
ValidityMon, 26 Feb 2024 08:18:21 GMT - Mon, 20 May 2024 08:18:20 GMT
File type Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Hash 015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.paykpal.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 02:35:00 GMT
expires: Fri, 28 Mar 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 102969
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 48 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:443
Requested by http://www.paykpal.com/fr/app/app/signin.php
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF3:56:10:42:A8:3C:BF:F5:89:9C:4C:C0:F8:E3:DC:C4:1C:E9:34:9E
ValidityMon, 26 Feb 2024 08:18:21 GMT - Mon, 20 May 2024 08:18:20 GMT
File type Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Hash 015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.paykpal.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 02:35:00 GMT
expires: Fri, 28 Mar 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 102969
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.paykpal.com/images/default-source/promo/counselling.png?sfvrsn=60a32354_2
154.206.150.114302 Moved Temporarily 2 B URL GET HTTP/1.1 www.paykpal.com/images/default-source/promo/counselling.png?sfvrsn=60a32354_2
IP 154.206.150.114:80
Requested by http://www.paykpal.com/fr/app/app/signin.php
File type ASCII text, with no line terminators
Hash 23b58def11b45727d3351702515f86af
099600a10a944114aac406d136b625fb416dd779
6c179f21e6f62b629055d8ab40f454ed02e48b68563913473b857d3638e23b28
GET /images/default-source/promo/counselling.png?sfvrsn=60a32354_2 HTTP/1.1
Host: www.paykpal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/fr/app/app/signin.php
Cookie: PHPSESSID=hdoa9qacc3hpq14utbq3ccnht5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 29 Mar 2024 07:11:09 GMT
Content-Type: image/jpeg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: https://nbcc.ca/images/default-source/promo/counselling.png?sfvrsn=60a32354_2
www.paykpal.com/images/default-source/alumni/recognition-awards/alumniawards2017-(1).jpg?sfvrsn=42d44b54_0
154.206.150.114302 Moved Temporarily 2 B URL GET HTTP/1.1 www.paykpal.com/images/default-source/alumni/recognition-awards/alumniawards2017-(1).jpg?sfvrsn=42d44b54_0
IP 154.206.150.114:80
Requested by http://www.paykpal.com/fr/app/app/signin.php
File type ASCII text, with no line terminators
Hash 23b58def11b45727d3351702515f86af
099600a10a944114aac406d136b625fb416dd779
6c179f21e6f62b629055d8ab40f454ed02e48b68563913473b857d3638e23b28
GET /images/default-source/alumni/recognition-awards/alumniawards2017-(1).jpg?sfvrsn=42d44b54_0 HTTP/1.1
Host: www.paykpal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/fr/app/app/signin.php
Cookie: PHPSESSID=hdoa9qacc3hpq14utbq3ccnht5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 29 Mar 2024 07:11:09 GMT
Content-Type: image/jpeg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: https://nbcc.ca/images/default-source/alumni/recognition-awards/alumniawards2017-(1).jpg?sfvrsn=42d44b54_0
www.youtube.com/s/player/3b96d06c/player_ias.vflset/en_US/embed.js
142.250.74.78200 OK 18 kB URL GET HTTP/3 www.youtube.com/s/player/3b96d06c/player_ias.vflset/en_US/embed.js
IP 142.250.74.78:443
Requested by https://www.youtube.com/embed/PBj2l5u_u94?rel=0&showinfo=0&wmode=opaque
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint23:75:5E:3D:EA:9F:A0:42:86:8D:14:AE:43:04:F0:B2:91:0B:DA:CF
ValidityMon, 26 Feb 2024 08:03:58 GMT - Mon, 20 May 2024 08:03:57 GMT
File type JavaScript source, ASCII text, with very long lines (3391)
Hash e3685fc0ae5c2de66ba5cb675113b432
0a6d518bdc1db570e5199793e190c79b1538f5b3
35b5693698cf041486e039f50feb689494ab3d17c1acaa232dc9a9f8ee374f2f
GET /s/player/3b96d06c/player_ias.vflset/en_US/embed.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/PBj2l5u_u94?rel=0&showinfo=0&wmode=opaque
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 18041
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 17:24:35 GMT
expires: Fri, 28 Mar 2025 17:24:35 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Mar 2024 04:21:38 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 49594
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:443
Requested by https://www.youtube.com/embed/PBj2l5u_u94?rel=0&showinfo=0&wmode=opaque
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF3:56:10:42:A8:3C:BF:F5:89:9C:4C:C0:F8:E3:DC:C4:1C:E9:34:9E
ValidityMon, 26 Feb 2024 08:18:21 GMT - Mon, 20 May 2024 08:18:20 GMT
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 17:25:07 GMT
expires: Fri, 28 Mar 2025 17:25:07 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 49562
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:443
Requested by https://www.youtube.com/embed/PBj2l5u_u94?rel=0&showinfo=0&wmode=opaque
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF3:56:10:42:A8:3C:BF:F5:89:9C:4C:C0:F8:E3:DC:C4:1C:E9:34:9E
ValidityMon, 26 Feb 2024 08:18:21 GMT - Mon, 20 May 2024 08:18:20 GMT
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 02:43:03 GMT
expires: Fri, 28 Mar 2025 02:43:03 GMT
cache-control: public, max-age=31536000
age: 102486
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/s/player/3b96d06c/www-player.css
142.250.74.78200 OK 48 kB URL GET HTTP/3 www.youtube.com/s/player/3b96d06c/www-player.css
IP 142.250.74.78:443
Requested by https://www.youtube.com/embed/PBj2l5u_u94?rel=0&showinfo=0&wmode=opaque
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint23:75:5E:3D:EA:9F:A0:42:86:8D:14:AE:43:04:F0:B2:91:0B:DA:CF
ValidityMon, 26 Feb 2024 08:03:58 GMT - Mon, 20 May 2024 08:03:57 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 27f3686db6b7fb4a105c223b054dd90a
1e3d830f7acd769dc958155d27f4a01030d281fa
8a9b8d803f27b551a9041d672211a42d3cdf9b8babeb467cdd45db67fd519d1d
GET /s/player/3b96d06c/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/PBj2l5u_u94?rel=0&showinfo=0&wmode=opaque
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 48154
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 17:35:43 GMT
expires: Fri, 28 Mar 2025 17:35:43 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Mar 2024 04:21:38 GMT
content-type: text/css
vary: Accept-Encoding, Origin
age: 48926
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.youtube.com/s/player/3b96d06c/www-embed-player.vflset/www-embed-player.js
142.250.74.78200 OK 98 kB URL GET HTTP/3 www.youtube.com/s/player/3b96d06c/www-embed-player.vflset/www-embed-player.js
IP 142.250.74.78:443
Requested by https://www.youtube.com/embed/PBj2l5u_u94?rel=0&showinfo=0&wmode=opaque
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint23:75:5E:3D:EA:9F:A0:42:86:8D:14:AE:43:04:F0:B2:91:0B:DA:CF
ValidityMon, 26 Feb 2024 08:03:58 GMT - Mon, 20 May 2024 08:03:57 GMT
File type JavaScript source, ASCII text, with very long lines (682)
Hash a5f7ebaee05a51f287d0c6096982bc2b
147187288f16be85c97e7cb1f9b949e0f989c27e
046d346be8811bb89d3513d7410439c899cb38651734c93f04d956c3168d1b2d
GET /s/player/3b96d06c/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/PBj2l5u_u94?rel=0&showinfo=0&wmode=opaque
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 97455
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 17:46:47 GMT
expires: Fri, 28 Mar 2025 17:46:47 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Mar 2024 04:21:38 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 48262
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.paykpal.com/images/default-source/promo/what_to_expect.jpg?sfvrsn=da6c3554_8
154.206.150.114302 Moved Temporarily 2 B URL GET HTTP/1.1 www.paykpal.com/images/default-source/promo/what_to_expect.jpg?sfvrsn=da6c3554_8
IP 154.206.150.114:80
Requested by http://www.paykpal.com/fr/app/app/signin.php
File type ASCII text, with no line terminators
Hash 23b58def11b45727d3351702515f86af
099600a10a944114aac406d136b625fb416dd779
6c179f21e6f62b629055d8ab40f454ed02e48b68563913473b857d3638e23b28
GET /images/default-source/promo/what_to_expect.jpg?sfvrsn=da6c3554_8 HTTP/1.1
Host: www.paykpal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/fr/app/app/signin.php
Cookie: PHPSESSID=hdoa9qacc3hpq14utbq3ccnht5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 29 Mar 2024 07:11:09 GMT
Content-Type: image/jpeg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: https://nbcc.ca/images/default-source/promo/what_to_expect.jpg?sfvrsn=da6c3554_8
xn--oec8c.xn--kecly4b.xn--gecrj9c/upload/news/20231007/ce7425755d55ee244419baa1c153cb49.png
188.114.96.1200 OK 15 kB URL GET HTTP/3 xn--oec8c.xn--kecly4b.xn--gecrj9c/upload/news/20231007/ce7425755d55ee244419baa1c153cb49.png
IP 188.114.96.1:443
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerLet's Encrypt
Subjectxn--kecly4b.xn--gecrj9c
Fingerprint6B:14:20:4E:20:99:CD:2C:B0:77:3C:2F:4E:30:69:54:66:2D:7C:28
ValidityThu, 07 Mar 2024 10:16:29 GMT - Wed, 05 Jun 2024 10:16:28 GMT
File type PNG image data, 83 x 83, 8-bit/color RGBA, non-interlaced
Hash ee6687d8e6ca7503afe47f4aff25ad08
ea3454d854d332b15118f001df322f9c2c8c1095
0487bfc1d0581d9478adccc93b2ec9245df741041a658f56c72bd4d57fb3b1ff
GET /upload/news/20231007/ce7425755d55ee244419baa1c153cb49.png HTTP/1.1
Host: xn--oec8c.xn--kecly4b.xn--gecrj9c
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 07:11:09 GMT
content-type: image/png
content-length: 15404
last-modified: Wed, 20 Dec 2023 08:54:52 GMT
etag: "6582abdc-3c2c"
expires: Sat, 20 Apr 2024 20:01:21 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 644988
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uLcCHM0gNO41W2ijEjsF5kRrkIfveadPHkozA0NIuuTlcdV7QVfrkyNZDqttjtogXSPnWZ0GIbID20E003xHevt8%2Fnsy3P4yjE32iWUQyCAU5mXuHrWyVoXq4MDStt7Q78VYU7anLID51Dn44WstuR0JtjY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86be0b559f165695-OSL
alt-svc: h3=":443"; ma=86400
xn--oec8c.xn--kecly4b.xn--gecrj9c/upload/news/20231007/1096bfb812de273700d9babaf6da7bff.png
188.114.96.1200 OK 16 kB URL GET HTTP/3 xn--oec8c.xn--kecly4b.xn--gecrj9c/upload/news/20231007/1096bfb812de273700d9babaf6da7bff.png
IP 188.114.96.1:443
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerLet's Encrypt
Subjectxn--kecly4b.xn--gecrj9c
Fingerprint6B:14:20:4E:20:99:CD:2C:B0:77:3C:2F:4E:30:69:54:66:2D:7C:28
ValidityThu, 07 Mar 2024 10:16:29 GMT - Wed, 05 Jun 2024 10:16:28 GMT
File type PNG image data, 83 x 83, 8-bit/color RGBA, non-interlaced
Hash c567c85e901d11ac486f19fdad935ae9
3a33103f584cf9d9e134aa5aa2c14d3107f0dc96
297d524c5a7e58c5730adff0a8f1a64965c10f87a6255e3ce4877b3c70f1a75d
GET /upload/news/20231007/1096bfb812de273700d9babaf6da7bff.png HTTP/1.1
Host: xn--oec8c.xn--kecly4b.xn--gecrj9c
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 07:11:09 GMT
content-type: image/png
content-length: 15852
last-modified: Wed, 20 Dec 2023 08:54:52 GMT
etag: "6582abdc-3dec"
expires: Sat, 20 Apr 2024 20:01:21 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 644988
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=12C9NwKnKLvEMo0Dce1Yicpu24cIby5QEZAxQo5iAsg30m5KGU7UWkqzaZ%2B9Bko2l1XrB4QZlQbF2DHQ1hS7TnBiwd1venuaV%2ByRG%2B%2F7YPoGDpEfOreFsMX0EvVLBWwafnOPI1TJu2kpWiunbLLSNijE9YM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86be0b559f195695-OSL
alt-svc: h3=":443"; ma=86400
xn--oec8c.xn--kecly4b.xn--gecrj9c/upload/news/20231007/d19841c4ebe61d7424d9bc7c1c0cc433.png
188.114.96.1200 OK 15 kB URL GET HTTP/3 xn--oec8c.xn--kecly4b.xn--gecrj9c/upload/news/20231007/d19841c4ebe61d7424d9bc7c1c0cc433.png
IP 188.114.96.1:443
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerLet's Encrypt
Subjectxn--kecly4b.xn--gecrj9c
Fingerprint6B:14:20:4E:20:99:CD:2C:B0:77:3C:2F:4E:30:69:54:66:2D:7C:28
ValidityThu, 07 Mar 2024 10:16:29 GMT - Wed, 05 Jun 2024 10:16:28 GMT
File type PNG image data, 83 x 83, 8-bit/color RGBA, non-interlaced
Hash f2ae8af3da6d94ce9bdfdcf912338bde
1c736b1306576560d5f3cb4dd593a7e4c7e27168
d815716458ebeccc83b4be85e1f0b12744e4411a6326013fbcbe20a15df6b97c
GET /upload/news/20231007/d19841c4ebe61d7424d9bc7c1c0cc433.png HTTP/1.1
Host: xn--oec8c.xn--kecly4b.xn--gecrj9c
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 07:11:09 GMT
content-type: image/png
content-length: 15323
last-modified: Wed, 20 Dec 2023 08:54:52 GMT
etag: "6582abdc-3bdb"
expires: Thu, 25 Apr 2024 20:22:22 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 211727
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DNzHFZp7UP1qAQai%2Bj%2BqloaBA3RXyaVHu42c3vDkKzIUsLu4rDTF0depukysBrk67G0M6F30bPMiazrd8ek5I8xxQ%2F7jU1Vi7lFvvCz%2BDRGLNmopxNDgzfZ0cINK7wEVciVXKBaPup5mB3OiBgylAQtSFOg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86be0b559f1c5695-OSL
alt-svc: h3=":443"; ma=86400
xn--oec8c.xn--kecly4b.xn--gecrj9c/upload/news/20231007/21a20a2682e2b44c1aa85d3e1655bb59.png
188.114.96.1200 OK 14 kB URL GET HTTP/3 xn--oec8c.xn--kecly4b.xn--gecrj9c/upload/news/20231007/21a20a2682e2b44c1aa85d3e1655bb59.png
IP 188.114.96.1:443
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerLet's Encrypt
Subjectxn--kecly4b.xn--gecrj9c
Fingerprint6B:14:20:4E:20:99:CD:2C:B0:77:3C:2F:4E:30:69:54:66:2D:7C:28
ValidityThu, 07 Mar 2024 10:16:29 GMT - Wed, 05 Jun 2024 10:16:28 GMT
File type PNG image data, 83 x 83, 8-bit/color RGBA, non-interlaced
Hash 662a53e9a8d64b213f15dbcb799ce4e2
289ca3c5726e04cd4e006478a1e2edb898bd7651
f88ee00d50a84ba5f9e9e619a7ca071406d26447ead0a906ec60b3765d550064
GET /upload/news/20231007/21a20a2682e2b44c1aa85d3e1655bb59.png HTTP/1.1
Host: xn--oec8c.xn--kecly4b.xn--gecrj9c
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 07:11:09 GMT
content-type: image/png
content-length: 14503
last-modified: Wed, 20 Dec 2023 08:54:52 GMT
etag: "6582abdc-38a7"
expires: Sat, 20 Apr 2024 20:01:21 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 644988
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4bIMn%2BekYBe4OHgJTConQRAdjOJ17Qeo35aUxHOBri9qVtMUKGfwPJ4p7FOVRk1Uyz7MdHzbMHv8R7DYJB%2BrafHSAzi%2Bb1IOaqk6i3znfb7GoFHs%2BZA%2BoiCnA4BINbDDX2UZPl8ieB9rCMHaiunil8sHCB8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86be0b559f1d5695-OSL
alt-svc: h3=":443"; ma=86400
xn--oec8c.xn--kecly4b.xn--gecrj9c/upload/news/20231007/0304c931692dd10daa9935049af33288.png
188.114.96.1200 OK 15 kB URL GET HTTP/3 xn--oec8c.xn--kecly4b.xn--gecrj9c/upload/news/20231007/0304c931692dd10daa9935049af33288.png
IP 188.114.96.1:443
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerLet's Encrypt
Subjectxn--kecly4b.xn--gecrj9c
Fingerprint6B:14:20:4E:20:99:CD:2C:B0:77:3C:2F:4E:30:69:54:66:2D:7C:28
ValidityThu, 07 Mar 2024 10:16:29 GMT - Wed, 05 Jun 2024 10:16:28 GMT
File type PNG image data, 83 x 83, 8-bit/color RGBA, non-interlaced
Hash 9535d30c533bdc495987e1830ca67365
b6bc30bc8f380163710947341cff30d3046feedb
4329932466fedf2a9711514290dc1ba6ab064f498347bfe582e1eb62256da3a0
GET /upload/news/20231007/0304c931692dd10daa9935049af33288.png HTTP/1.1
Host: xn--oec8c.xn--kecly4b.xn--gecrj9c
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 07:11:09 GMT
content-type: image/png
content-length: 14600
last-modified: Wed, 20 Dec 2023 08:54:52 GMT
etag: "6582abdc-3908"
expires: Sat, 20 Apr 2024 20:01:24 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 644985
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ClcSiQur75zNGJS3B%2Fh2d1TIV%2FqZD7PLcpqj3OiVtXRp6qWBwZVm%2BOjvjdjJRqEqI2BHDGG4r2YZeA8pqeRwHlFY2ZwYaUtA8lVTrl1szr6W8XjQiUt%2Fys9qxOJaerqOnOE%2Bt4OeG8hlBuuOdVh2PvD6PUA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86be0b559f225695-OSL
alt-svc: h3=":443"; ma=86400
www.paykpal.com/images/default-source/promo/ad-financial-support.jpg?sfvrsn=e2cb5354_0
154.206.150.114302 Moved Temporarily 2 B URL GET HTTP/1.1 www.paykpal.com/images/default-source/promo/ad-financial-support.jpg?sfvrsn=e2cb5354_0
IP 154.206.150.114:80
Requested by http://www.paykpal.com/fr/app/app/signin.php
File type ASCII text, with no line terminators
Hash 23b58def11b45727d3351702515f86af
099600a10a944114aac406d136b625fb416dd779
6c179f21e6f62b629055d8ab40f454ed02e48b68563913473b857d3638e23b28
GET /images/default-source/promo/ad-financial-support.jpg?sfvrsn=e2cb5354_0 HTTP/1.1
Host: www.paykpal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/fr/app/app/signin.php
Cookie: PHPSESSID=hdoa9qacc3hpq14utbq3ccnht5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 29 Mar 2024 07:11:09 GMT
Content-Type: image/jpeg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: https://nbcc.ca/images/default-source/promo/ad-financial-support.jpg?sfvrsn=e2cb5354_0
xn--oec8c.xn--kecly4b.xn--gecrj9c/upload/news/20231007/1f682c283bd7ec5da0a0780db648ac62.png
188.114.96.1200 OK 13 kB URL GET HTTP/3 xn--oec8c.xn--kecly4b.xn--gecrj9c/upload/news/20231007/1f682c283bd7ec5da0a0780db648ac62.png
IP 188.114.96.1:443
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerLet's Encrypt
Subjectxn--kecly4b.xn--gecrj9c
Fingerprint6B:14:20:4E:20:99:CD:2C:B0:77:3C:2F:4E:30:69:54:66:2D:7C:28
ValidityThu, 07 Mar 2024 10:16:29 GMT - Wed, 05 Jun 2024 10:16:28 GMT
File type PNG image data, 83 x 83, 8-bit/color RGBA, non-interlaced
Hash 6e2523d7cd959c2624c141accf68e301
29cc378344d3340c6ac203d58d72281e19b3d5d9
1579cc6229bb4c03dc0afa02ff7ec760b697dccf4fd2625bf79528c9a2066f48
GET /upload/news/20231007/1f682c283bd7ec5da0a0780db648ac62.png HTTP/1.1
Host: xn--oec8c.xn--kecly4b.xn--gecrj9c
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 07:11:09 GMT
content-type: image/png
content-length: 12966
last-modified: Wed, 20 Dec 2023 08:54:52 GMT
etag: "6582abdc-32a6"
expires: Sat, 20 Apr 2024 20:01:24 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 644985
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kEoZuYyFvbGFL3jnNX6159NchqgNB3pVMz4TmWHu5RHyXNNiUFFteKDMu%2B1z57pg2U7M45OiwsiNpkdihUKBabuJexRNEWI2yX5oZ2oi%2F31ImZHzu5tgVxn%2Bn5kq7L7bieJ%2FYY%2FKBNRaG7KCBfhl2l2neos%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86be0b559f235695-OSL
alt-svc: h3=":443"; ma=86400
www.paykpal.com/Template/Images/Logos/nbcc-logo-footer.png
154.206.150.114302 Moved Temporarily 2 B URL GET HTTP/1.1 www.paykpal.com/Template/Images/Logos/nbcc-logo-footer.png
IP 154.206.150.114:80
Requested by http://www.paykpal.com/fr/app/app/signin.php
File type ASCII text, with no line terminators
Hash 23b58def11b45727d3351702515f86af
099600a10a944114aac406d136b625fb416dd779
6c179f21e6f62b629055d8ab40f454ed02e48b68563913473b857d3638e23b28
GET /Template/Images/Logos/nbcc-logo-footer.png HTTP/1.1
Host: www.paykpal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/fr/app/app/signin.php
Cookie: PHPSESSID=hdoa9qacc3hpq14utbq3ccnht5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 29 Mar 2024 07:11:09 GMT
Content-Type: image/jpeg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: https://nbcc.ca/Template/Images/Logos/nbcc-logo-footer.png
www.youtube.com/s/player/3b96d06c/player_ias.vflset/en_US/base.js
142.250.74.78200 OK 803 kB URL GET HTTP/3 www.youtube.com/s/player/3b96d06c/player_ias.vflset/en_US/base.js
IP 142.250.74.78:443
Requested by https://www.youtube.com/embed/PBj2l5u_u94?rel=0&showinfo=0&wmode=opaque
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint23:75:5E:3D:EA:9F:A0:42:86:8D:14:AE:43:04:F0:B2:91:0B:DA:CF
ValidityMon, 26 Feb 2024 08:03:58 GMT - Mon, 20 May 2024 08:03:57 GMT
File type JavaScript source, ASCII text, with very long lines (555)
Size 803 kB (803141 bytes)
Hash 96fe14bff12834ffbc0470135e3b3bc5
2cbd6b19e4bffc5d4bf6dc640e9f52c4c56c7cb8
b28d1c1d7a57c449c4e49816b2515ce2bfddc227210cabab383cf09b25d421f1
GET /s/player/3b96d06c/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/PBj2l5u_u94?rel=0&showinfo=0&wmode=opaque
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-encoding: gzip
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 803141
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 17:23:57 GMT
expires: Fri, 28 Mar 2025 17:23:57 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Mar 2024 04:21:38 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 49632
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sdk.51.la/js-sdk-pro.min.js
47.246.44.238200 OK 13 kB URL GET HTTP/2 sdk.51.la/js-sdk-pro.min.js
IP 47.246.44.238:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerGlobalSign nv-sa
Subject*.51.la
Fingerprint9E:F3:EB:9A:59:E9:6D:6E:48:13:64:78:3C:33:1D:AA:79:52:5B:79
ValidityThu, 20 Apr 2023 01:12:57 GMT - Tue, 21 May 2024 01:12:56 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (34110)
Hash 24bb520e9517f2ed3ed987b46aeaf723
846723563d7dd2bff3954f93633b11af0103adc8
d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27
GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 12846
date: Sat, 16 Mar 2024 18:22:51 GMT
vary: Accept-Encoding
x-oss-request-id: 65F5E37BAF47593833618C32
x-oss-cdn-auth: success
last-modified: Thu, 08 Jun 2023 02:24:34 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 5143829838470429443
x-oss-storage-class: Standard
content-md5: JLtSDpUX8u0+2Ye0aur3Iw==
x-oss-server-time: 3
content-encoding: gzip
ali-swift-global-savetime: 1710613371
via: cache15.l2de2[0,0,200-0,H], cache14.l2de2[1,0], ens-cache18.se2[0,0,200-0,H], ens-cache3.se2[0,0]
age: 1082898
x-cache: HIT TCP_MEM_HIT dirn:9:4976677
x-swift-savetime: Thu, 28 Mar 2024 21:17:45 GMT
x-swift-cachetime: 248706
access-control-allow-origin: *
timing-allow-origin: *
eagleid: 2ff62c9717116962698216283e
X-Firefox-Spdy: h2
www.paykpal.com/images/default-source/promo/counselling.png
154.206.150.114302 Moved Temporarily 2 B URL GET HTTP/1.1 www.paykpal.com/images/default-source/promo/counselling.png
IP 154.206.150.114:80
Requested by http://www.paykpal.com/fr/app/app/signin.php
File type ASCII text, with no line terminators
Hash 23b58def11b45727d3351702515f86af
099600a10a944114aac406d136b625fb416dd779
6c179f21e6f62b629055d8ab40f454ed02e48b68563913473b857d3638e23b28
GET /images/default-source/promo/counselling.png HTTP/1.1
Host: www.paykpal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/fr/app/app/signin.php
Cookie: PHPSESSID=hdoa9qacc3hpq14utbq3ccnht5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 29 Mar 2024 07:11:09 GMT
Content-Type: image/jpeg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: https://nbcc.ca/images/default-source/promo/counselling.png
push.zhanzhang.baidu.com/push.js
39.156.68.163200 OK 227 B URL GET HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 39.156.68.163:80
ASN #9808 China Mobile Communications Group Co., Ltd.
Requested by http://www.paykpal.com/fr/app/app/signin.php
File type ASCII text, with no line terminators
Hash 1bb5a3267c9865ad4abe8d937734b62b
b5478dd2edb3e64242eced1db2dbd945ef81f592
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Fri, 29 Mar 2024 07:11:09 GMT
Etag: "4078521116"
Expires: Sat, 29 Mar 2025 07:11:09 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=CB81BB630F1640A29273747F36593038:FG=1; max-age=31536000; expires=Sat, 29-Mar-25 07:11:09 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
sdk.51.la/js-sdk-pro.min.js
47.246.44.238200 OK 13 kB URL GET HTTP/2 sdk.51.la/js-sdk-pro.min.js
IP 47.246.44.238:443
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerGlobalSign nv-sa
Subject*.51.la
Fingerprint9E:F3:EB:9A:59:E9:6D:6E:48:13:64:78:3C:33:1D:AA:79:52:5B:79
ValidityThu, 20 Apr 2023 01:12:57 GMT - Tue, 21 May 2024 01:12:56 GMT
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (34110)
Hash 24bb520e9517f2ed3ed987b46aeaf723
846723563d7dd2bff3954f93633b11af0103adc8
d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27
GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: application/javascript
content-length: 12846
date: Sat, 16 Mar 2024 18:22:51 GMT
vary: Accept-Encoding
x-oss-request-id: 65F5E37BAF47593833618C32
x-oss-cdn-auth: success
last-modified: Thu, 08 Jun 2023 02:24:34 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 5143829838470429443
x-oss-storage-class: Standard
content-md5: JLtSDpUX8u0+2Ye0aur3Iw==
x-oss-server-time: 3
content-encoding: gzip
ali-swift-global-savetime: 1710613371
via: cache15.l2de2[0,0,200-0,H], cache14.l2de2[1,0], ens-cache18.se2[0,0,200-0,H], ens-cache3.se2[0,0]
age: 1082898
x-cache: HIT TCP_MEM_HIT dirn:9:4976677
x-swift-savetime: Thu, 28 Mar 2024 21:17:45 GMT
x-swift-cachetime: 248706
access-control-allow-origin: *
timing-allow-origin: *
eagleid: 2ff62c9717116962698906330e
X-Firefox-Spdy: h2
www.paykpal.com/Template/Theme/vendor/nivo-slider/default/loading.gif
154.206.150.114302 Moved Temporarily 2 B URL GET HTTP/1.1 www.paykpal.com/Template/Theme/vendor/nivo-slider/default/loading.gif
IP 154.206.150.114:80
Requested by http://www.paykpal.com/fr/app/app/signin.php
File type ASCII text, with no line terminators
Hash 23b58def11b45727d3351702515f86af
099600a10a944114aac406d136b625fb416dd779
6c179f21e6f62b629055d8ab40f454ed02e48b68563913473b857d3638e23b28
GET /Template/Theme/vendor/nivo-slider/default/loading.gif HTTP/1.1
Host: www.paykpal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/Template/Theme/vendor/nivo-slider/default/default.css
Cookie: PHPSESSID=hdoa9qacc3hpq14utbq3ccnht5; _gcl_au=1.1.448266348.1711696269
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 29 Mar 2024 07:11:09 GMT
Content-Type: image/jpeg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: https://nbcc.ca/Template/Theme/vendor/nivo-slider/default/loading.gif
nbcc.ca/images/default-source/promo/ad-financial-support.jpg?sfvrsn=e2cb5354_0
0.0.0.0200 OK 34 kB URL GET HTTP/2 nbcc.ca/images/default-source/promo/ad-financial-support.jpg?sfvrsn=e2cb5354_0
IP 0.0.0.0:443
Requested by http://www.paykpal.com/fr/app/app/signin.php
Certificate IssuerEntrust, Inc.
Subject*.nbcc.ca
Fingerprint2A:1C:8D:70:9B:B6:37:D3:63:0E:FD:5C:C9:C6:40:3A:DD:9A:91:70
ValidityThu, 02 Nov 2023 17:12:04 GMT - Sun, 01 Dec 2024 17:12:03 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 250x250, components 3
Hash de35394a3ac81813af6f2549d1e36939
60300046f69b944def4e8f2e5edc2bf7cb571481
bb8d1d212621879b855bab6afd3df4c4cf83a5b890f6e333d74558e2aa4a1942
GET /images/default-source/promo/ad-financial-support.jpg?sfvrsn=e2cb5354_0 HTTP/1.1
Host: nbcc.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.paykpal.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
www.paykpal.com/Template/Images/Logos/logo-horizontal-color-195x35.png?McasCtx=1
154.206.150.114302 Moved Temporarily 2 B URL GET HTTP/1.1 www.paykpal.com/Template/Images/Logos/logo-horizontal-color-195x35.png?McasCtx=1
IP 154.206.150.114:80
Requested by http://www.paykpal.com/fr/app/app/signin.php
File type ASCII text, with no line terminators
Hash 23b58def11b45727d3351702515f86af
099600a10a944114aac406d136b625fb416dd779
6c179f21e6f62b629055d8ab40f454ed02e48b68563913473b857d3638e23b28
GET /Template/Images/Logos/logo-horizontal-color-195x35.png?McasCtx=1 HTTP/1.1
Host: www.paykpal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/fr/app/app/signin.php
Cookie: PHPSESSID=hdoa9qacc3hpq14utbq3ccnht5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 29 Mar 2024 07:11:10 GMT
Content-Type: image/jpeg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: https://nbcc.ca/Template/Images/Logos/logo-horizontal-color-195x35.png?McasCtx=1
www.paykpal.com/images/default-source/promo/what_to_expect.jpg
154.206.150.114302 Moved Temporarily 2 B URL GET HTTP/1.1 www.paykpal.com/images/default-source/promo/what_to_expect.jpg
IP 154.206.150.114:80
Requested by http://www.paykpal.com/fr/app/app/signin.php
File type ASCII text, with no line terminators
Hash 23b58def11b45727d3351702515f86af
099600a10a944114aac406d136b625fb416dd779
6c179f21e6f62b629055d8ab40f454ed02e48b68563913473b857d3638e23b28
GET /images/default-source/promo/what_to_expect.jpg HTTP/1.1
Host: www.paykpal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/fr/app/app/signin.php
Cookie: PHPSESSID=hdoa9qacc3hpq14utbq3ccnht5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 29 Mar 2024 07:11:10 GMT
Content-Type: image/jpeg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: https://nbcc.ca/images/default-source/promo/what_to_expect.jpg
xn--oec8c.xn--kecly4b.xn--gecrj9c/static/index/img/logo.png
188.114.96.1200 OK 24 kB URL GET HTTP/3 xn--oec8c.xn--kecly4b.xn--gecrj9c/static/index/img/logo.png
IP 188.114.96.1:443
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerLet's Encrypt
Subjectxn--kecly4b.xn--gecrj9c
Fingerprint6B:14:20:4E:20:99:CD:2C:B0:77:3C:2F:4E:30:69:54:66:2D:7C:28
ValidityThu, 07 Mar 2024 10:16:29 GMT - Wed, 05 Jun 2024 10:16:28 GMT
File type PNG image data, 452 x 117, 8-bit/color RGBA, non-interlaced
Hash 0b0ac83f05f18dd951230ec4b082eeeb
611c76077e4240c950700fcba5cde5ca54dd920d
91fdb3e3b2a6a856b952d465cf582e39b0149f8b1657c7e3c63bf20bae5fa556
GET /static/index/img/logo.png HTTP/1.1
Host: xn--oec8c.xn--kecly4b.xn--gecrj9c
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 07:11:10 GMT
content-type: image/png
content-length: 24424
last-modified: Mon, 28 Aug 2023 02:20:48 GMT
etag: "64ec0480-5f68"
expires: Sun, 28 Apr 2024 07:11:09 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UWiA4jIdcNjw6FySJhhwnLCMYlH6IBUjUE3xjTbXxYsP94bnUQ1FFG0FXTTx1eFV%2Be3kQfTDKHYRapXELXISOwyIomevV9pSyHCUNbTL6dfq41vjAD2kd%2FockFakeYBduWMhs%2Bj9lkdWsNQXi71MTDtzD%2Fc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86be0b558f065695-OSL
alt-svc: h3=":443"; ma=86400
www.paykpal.com/images/default-source/header-images/when-you-know-campaign.jpg?sfvrsn=800a1354_3
154.206.150.114302 Moved Temporarily 2 B URL GET HTTP/1.1 www.paykpal.com/images/default-source/header-images/when-you-know-campaign.jpg?sfvrsn=800a1354_3
IP 154.206.150.114:80
Requested by http://www.paykpal.com/fr/app/app/signin.php
File type ASCII text, with no line terminators
Hash 23b58def11b45727d3351702515f86af
099600a10a944114aac406d136b625fb416dd779
6c179f21e6f62b629055d8ab40f454ed02e48b68563913473b857d3638e23b28
GET /images/default-source/header-images/when-you-know-campaign.jpg?sfvrsn=800a1354_3 HTTP/1.1
Host: www.paykpal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/fr/app/app/signin.php
Cookie: PHPSESSID=hdoa9qacc3hpq14utbq3ccnht5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 29 Mar 2024 07:11:10 GMT
Content-Type: image/jpeg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: https://nbcc.ca/images/default-source/header-images/when-you-know-campaign.jpg?sfvrsn=800a1354_3
www.paykpal.com/images/default-source/promo/when-you-know_250x250.jpg
154.206.150.114302 Moved Temporarily 2 B URL GET HTTP/1.1 www.paykpal.com/images/default-source/promo/when-you-know_250x250.jpg
IP 154.206.150.114:80
Requested by http://www.paykpal.com/fr/app/app/signin.php
File type ASCII text, with no line terminators
Hash 23b58def11b45727d3351702515f86af
099600a10a944114aac406d136b625fb416dd779
6c179f21e6f62b629055d8ab40f454ed02e48b68563913473b857d3638e23b28
GET /images/default-source/promo/when-you-know_250x250.jpg HTTP/1.1
Host: www.paykpal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/fr/app/app/signin.php
Cookie: PHPSESSID=hdoa9qacc3hpq14utbq3ccnht5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 29 Mar 2024 07:11:10 GMT
Content-Type: image/jpeg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: https://nbcc.ca/images/default-source/promo/when-you-know_250x250.jpg
xn--oec8c.xn--kecly4b.xn--gecrj9c/upload/news/20231007/d117eb56d7bb88af7f1a315d0fb648cd.png
188.114.96.1200 OK 15 kB URL GET HTTP/3 xn--oec8c.xn--kecly4b.xn--gecrj9c/upload/news/20231007/d117eb56d7bb88af7f1a315d0fb648cd.png
IP 188.114.96.1:443
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerLet's Encrypt
Subjectxn--kecly4b.xn--gecrj9c
Fingerprint6B:14:20:4E:20:99:CD:2C:B0:77:3C:2F:4E:30:69:54:66:2D:7C:28
ValidityThu, 07 Mar 2024 10:16:29 GMT - Wed, 05 Jun 2024 10:16:28 GMT
File type PNG image data, 83 x 83, 8-bit/color RGBA, non-interlaced
Hash f25fab1176311d41e40afa77f85a217d
662c9072cb9b5c444db91ff92ed95d5e2ad0d4ef
4cb220a58e4488508cf2e3737b6bb463c2ecf6c4b7323a2f4f3cdaebe6ae8f3a
GET /upload/news/20231007/d117eb56d7bb88af7f1a315d0fb648cd.png HTTP/1.1
Host: xn--oec8c.xn--kecly4b.xn--gecrj9c
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 07:11:10 GMT
content-type: image/png
content-length: 15170
last-modified: Wed, 20 Dec 2023 08:54:52 GMT
etag: "6582abdc-3b42"
expires: Sun, 28 Apr 2024 07:11:09 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zA5aAUVDZB86u2DPvvhF2xJDwBnDHX91YLOO%2BXcXyZKL%2FuxthUZJ7RwmiWBA0vhTtCbh0ku7kZY2IzfJgpP1izbbevCWze4TJSAA9laWKYyfir4CqU1eTKEEzGFhcgwwnZ4jqgUcIBhFi619bqJ4vRZot%2FA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86be0b559f1a5695-OSL
alt-svc: h3=":443"; ma=86400
xn--oec8c.xn--kecly4b.xn--gecrj9c/upload/news/20231007/a2c1ab5c3b0488a23ced1da4d4844288.png
188.114.96.1200 OK 15 kB URL GET HTTP/3 xn--oec8c.xn--kecly4b.xn--gecrj9c/upload/news/20231007/a2c1ab5c3b0488a23ced1da4d4844288.png
IP 188.114.96.1:443
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerLet's Encrypt
Subjectxn--kecly4b.xn--gecrj9c
Fingerprint6B:14:20:4E:20:99:CD:2C:B0:77:3C:2F:4E:30:69:54:66:2D:7C:28
ValidityThu, 07 Mar 2024 10:16:29 GMT - Wed, 05 Jun 2024 10:16:28 GMT
File type PNG image data, 83 x 83, 8-bit/color RGBA, non-interlaced
Hash 8562ce27d5da8273c703507fe917ea42
fdf7690091e67ee4bfa70143f24a9c01632e7bc8
d41a70f476f6399425d43b6f770a5089e5914207d590026b103e4cbb89667c58
GET /upload/news/20231007/a2c1ab5c3b0488a23ced1da4d4844288.png HTTP/1.1
Host: xn--oec8c.xn--kecly4b.xn--gecrj9c
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 07:11:10 GMT
content-type: image/png
content-length: 15057
last-modified: Wed, 20 Dec 2023 08:54:52 GMT
etag: "6582abdc-3ad1"
expires: Sun, 28 Apr 2024 07:11:09 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6KQPBiR9C1afVoTRVyd%2Bi%2FmYk3aYUeH41pLI5LRMo9x7aYuNO8FVHoI26jTzzlzz8jCcVFE1lXsvoAlD9WW3plmAe7AYbIW2Au0zWwdjNSyW%2FkBWiDWfszVmNBLKK%2FDj%2FTunrw%2FSjc0gpKS911J3KZ7CsE8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86be0b559f1b5695-OSL
alt-svc: h3=":443"; ma=86400
xn--oec8c.xn--kecly4b.xn--gecrj9c/upload/news/20231007/af2dbb9070f5fdc3067711cb71cb4a0e.png
188.114.96.1200 OK 15 kB URL GET HTTP/3 xn--oec8c.xn--kecly4b.xn--gecrj9c/upload/news/20231007/af2dbb9070f5fdc3067711cb71cb4a0e.png
IP 188.114.96.1:443
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerLet's Encrypt
Subjectxn--kecly4b.xn--gecrj9c
Fingerprint6B:14:20:4E:20:99:CD:2C:B0:77:3C:2F:4E:30:69:54:66:2D:7C:28
ValidityThu, 07 Mar 2024 10:16:29 GMT - Wed, 05 Jun 2024 10:16:28 GMT
File type PNG image data, 83 x 83, 8-bit/color RGBA, non-interlaced
Hash 2d21bb8ac84b375c18e9a783eca24c81
c03d09685335fd2b2fd8f047c66d5e7de0937f7c
fe625c66bea253491107dac67b2be1f3e4e55813d2745524f8b6a5e27a39c0bd
GET /upload/news/20231007/af2dbb9070f5fdc3067711cb71cb4a0e.png HTTP/1.1
Host: xn--oec8c.xn--kecly4b.xn--gecrj9c
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 07:11:10 GMT
content-type: image/png
content-length: 14992
last-modified: Wed, 20 Dec 2023 08:54:52 GMT
etag: "6582abdc-3a90"
expires: Sun, 28 Apr 2024 07:11:09 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TcMHJM5oMSrbGZ88OTz9aESBf5rosf1gz862PRRKudZewKTPqUZxe4k%2ByclBaznb6q3UM02CjPAs%2B74K6p2TKYW0Hbwlzej6M773WtpbUND9760XeYksXUk6xSFGsSNcDCN%2Bn%2FY9JWeDsKOlTLbQOpjfjmU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86be0b559f1e5695-OSL
alt-svc: h3=":443"; ma=86400
xn--oec8c.xn--kecly4b.xn--gecrj9c/upload/news/20231007/4393771b60aa7b12be191f2f36ec70dc.png
188.114.96.1200 OK 16 kB URL GET HTTP/3 xn--oec8c.xn--kecly4b.xn--gecrj9c/upload/news/20231007/4393771b60aa7b12be191f2f36ec70dc.png
IP 188.114.96.1:443
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerLet's Encrypt
Subjectxn--kecly4b.xn--gecrj9c
Fingerprint6B:14:20:4E:20:99:CD:2C:B0:77:3C:2F:4E:30:69:54:66:2D:7C:28
ValidityThu, 07 Mar 2024 10:16:29 GMT - Wed, 05 Jun 2024 10:16:28 GMT
File type PNG image data, 83 x 83, 8-bit/color RGBA, non-interlaced
Hash f087d84914a0f72a390fe6643e60e406
c299b401c434d3376ff29f998a827c55dabe24bd
6f3331c9e18acdad1742e161fca8fd072c103e731427f50a67e1bbd89e952a54
GET /upload/news/20231007/4393771b60aa7b12be191f2f36ec70dc.png HTTP/1.1
Host: xn--oec8c.xn--kecly4b.xn--gecrj9c
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 07:11:10 GMT
content-type: image/png
content-length: 15941
last-modified: Wed, 20 Dec 2023 08:54:52 GMT
etag: "6582abdc-3e45"
expires: Sun, 28 Apr 2024 07:11:09 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JNahxggo8PU9Sum94A%2Fm3txeGBcR%2BgaXkOHfnXcbsvSSG8v5ZAHEFdQzQq14UldBP0JxiEmTIwr3TdPYtCo%2BFNQZDG3MOoCoEIwHKWZeEbGiQMm3BC1GF%2FxKeqHg1rFDg5BeZbJduLgm1F8cHy5VoJxCWVQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86be0b559f1f5695-OSL
alt-svc: h3=":443"; ma=86400
xn--oec8c.xn--kecly4b.xn--gecrj9c/upload/news/20231007/c7b5c22c59f9275019ca360cea65843e.png
188.114.96.1200 OK 14 kB URL GET HTTP/3 xn--oec8c.xn--kecly4b.xn--gecrj9c/upload/news/20231007/c7b5c22c59f9275019ca360cea65843e.png
IP 188.114.96.1:443
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerLet's Encrypt
Subjectxn--kecly4b.xn--gecrj9c
Fingerprint6B:14:20:4E:20:99:CD:2C:B0:77:3C:2F:4E:30:69:54:66:2D:7C:28
ValidityThu, 07 Mar 2024 10:16:29 GMT - Wed, 05 Jun 2024 10:16:28 GMT
File type PNG image data, 83 x 83, 8-bit/color RGBA, non-interlaced
Hash d2f8cca24363ff76912c03ae27dcd412
6dc6b918731418488638330e13d6b3e62893542e
199e3816e5ea43edba59d520658da365bd114e602a8c7b59db51720633e2d0eb
GET /upload/news/20231007/c7b5c22c59f9275019ca360cea65843e.png HTTP/1.1
Host: xn--oec8c.xn--kecly4b.xn--gecrj9c
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 07:11:10 GMT
content-type: image/png
content-length: 14447
last-modified: Wed, 20 Dec 2023 08:54:52 GMT
etag: "6582abdc-386f"
expires: Sun, 28 Apr 2024 07:11:09 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QdcNh4ssFCOgqtxOFWrkul66HK2rwlhJMue7whHvD51df7L%2FXAuiDQJFw6%2BptvQegrlTtI8m6ecMqNPkmnv%2FG%2BSIvuA4rLbJrTtSDaxCKMDxlK6Ed2PN6YUo3BLlm4uHLFr5aWg3QAxQBho0otADqHA7bnA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86be0b55af255695-OSL
alt-svc: h3=":443"; ma=86400
www.paykpal.com/images/default-source/promo/graduation-2024_250x250.png
154.206.150.114302 Moved Temporarily 2 B URL GET HTTP/1.1 www.paykpal.com/images/default-source/promo/graduation-2024_250x250.png
IP 154.206.150.114:80
Requested by http://www.paykpal.com/fr/app/app/signin.php
File type ASCII text, with no line terminators
Hash 23b58def11b45727d3351702515f86af
099600a10a944114aac406d136b625fb416dd779
6c179f21e6f62b629055d8ab40f454ed02e48b68563913473b857d3638e23b28
GET /images/default-source/promo/graduation-2024_250x250.png HTTP/1.1
Host: www.paykpal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/fr/app/app/signin.php
Cookie: PHPSESSID=hdoa9qacc3hpq14utbq3ccnht5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 29 Mar 2024 07:11:10 GMT
Content-Type: image/jpeg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: https://nbcc.ca/images/default-source/promo/graduation-2024_250x250.png
xn--oec8c.xn--kecly4b.xn--gecrj9c/upload/news/20231007/76c1b649946c799147da911f126d42f2.png
188.114.96.1200 OK 15 kB URL GET HTTP/3 xn--oec8c.xn--kecly4b.xn--gecrj9c/upload/news/20231007/76c1b649946c799147da911f126d42f2.png
IP 188.114.96.1:443
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerLet's Encrypt
Subjectxn--kecly4b.xn--gecrj9c
Fingerprint6B:14:20:4E:20:99:CD:2C:B0:77:3C:2F:4E:30:69:54:66:2D:7C:28
ValidityThu, 07 Mar 2024 10:16:29 GMT - Wed, 05 Jun 2024 10:16:28 GMT
File type PNG image data, 83 x 83, 8-bit/color RGBA, non-interlaced
Hash d95a92f491b9e82c573339fff80c41d6
bc70c3b482699241274e08e3a0805c73633708d7
1f067479135377a32d7e94157aa8556456bcd0ac3f5c15a868fd50af62207031
GET /upload/news/20231007/76c1b649946c799147da911f126d42f2.png HTTP/1.1
Host: xn--oec8c.xn--kecly4b.xn--gecrj9c
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 07:11:10 GMT
content-type: image/png
content-length: 15041
last-modified: Wed, 20 Dec 2023 08:54:52 GMT
etag: "6582abdc-3ac1"
expires: Sun, 28 Apr 2024 07:11:09 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tyynqk%2FZv710nbbtO7sX3fkXpI1THlF38LiFdIzY2Gj9vKgH7yu3Pr34%2BdJZXXgUnYBRoMG%2BKXIGL0ptCrS0bR9NqL3jUOl7kJ6C0qte5EIMdvm5ZKUAEw7qxWfNXDx4OT72Ghccb9BEOmLLExSdvuXhaTI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86be0b55af265695-OSL
alt-svc: h3=":443"; ma=86400
xn--oec8c.xn--hdc1gpai4d.xn--gecrj9c/api/getImg.js?v=17&id=110091
188.114.96.1200 OK 73 kB URL GET HTTP/2 xn--oec8c.xn--hdc1gpai4d.xn--gecrj9c/api/getImg.js?v=17&id=110091
IP 188.114.96.1:443
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerLet's Encrypt
Subjectxn--hdc1gpai4d.xn--gecrj9c
FingerprintA1:90:75:F4:62:57:79:F3:BF:28:2B:61:7F:F4:12:85:FE:43:CE:83
ValidityTue, 19 Mar 2024 08:22:36 GMT - Mon, 17 Jun 2024 08:22:35 GMT
File type HTML document, ASCII text
Hash 2de130ebc98c96d3385f6425e828f750
476c1c30c7cdf54d85afdc44e9a012a81a595afc
efcc9c71c4529e2f3e3f053e20c83753f4b62ad445646354a85f0c8721c32fe3
GET /api/getImg.js?v=17&id=110091 HTTP/1.1
Host: xn--oec8c.xn--hdc1gpai4d.xn--gecrj9c
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 07:11:09 GMT
content-type: application/javascript
last-modified: Tue, 19 Mar 2024 07:43:42 GMT
vary: Accept-Encoding
etag: W/"65f9422e-4de"
expires: Fri, 29 Mar 2024 09:25:02 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 35167
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dxvT8w0nCO0yXa8RnZ%2FeRjMelwbuNIgw2Te6lQELu6gh3lw3Rz5bbm%2BiFgcNHZAOcA%2FnSqfV5Xkdy87K36Xq%2BMYiTqkRfSiZsA4LZw11YWOmXIMaM1ZDtuD7I%2BL%2FFPy0027Z%2FhSenvq7bzUsrLNrlk9xZe0tL70%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86be0b56cf6456c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
nbcc.ca/images/default-source/alumni/recognition-awards/alumniawards2017-(1).jpg?sfvrsn=42d44b54_0
198.164.157.202200 OK 94 kB URL GET HTTP/2 nbcc.ca/images/default-source/alumni/recognition-awards/alumniawards2017-(1).jpg?sfvrsn=42d44b54_0
IP 198.164.157.202:443
Requested by http://www.paykpal.com/fr/app/app/signin.php
Certificate IssuerEntrust, Inc.
Subject*.nbcc.ca
Fingerprint2A:1C:8D:70:9B:B6:37:D3:63:0E:FD:5C:C9:C6:40:3A:DD:9A:91:70
ValidityThu, 02 Nov 2023 17:12:04 GMT - Sun, 01 Dec 2024 17:12:03 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 504x504, components 3
Hash 3dbc1b0a39ffcea44cf25a20e04bac37
c3bd6c1b2655722378d2c4a9f523397538626262
61d79580e61b1505a2fb8f77a5e3d6609e13a1b7a15f8f411aa2ead58dbfb688
GET /images/default-source/alumni/recognition-awards/alumniawards2017-(1).jpg?sfvrsn=42d44b54_0 HTTP/1.1
Host: nbcc.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.paykpal.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: public, max-age=86400
content-length: 93758
content-type: image/jpeg
expires: Sat, 30 Mar 2024 07:11:10 GMT
last-modified: Wed, 29 Nov 2017 18:38:17 GMT
server: Microsoft-IIS/10.0
content-disposition: inline; filename=alumniawards2017-(1).jpg
x-aspnet-version: 4.0.30319
content-security-policy: default-src 'self'; script-src 'self' *.googleapis.com *.gstatic.com ajax.aspnetcdn.com https://www.youtube.com https://s.ytimg.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js *.google.com *.facebook.net *.twitter.com *.googletagmanager.com *.ads-twitter.com *.google-analytics.com *.ytimg.com web-chat.nativechat.com *.googleadservices.com *.g.doubleclick.net bot.ivy.ai widget.alongside.com https://snap.licdn.com/li.lms-analytics/insight.min.js https://tags.srv.stackadapt.com/events.js https://analytics.tiktok.com/i18n/pixel/events.js https://qvdt3feo.com/events.js https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js cdn.ampproject.org 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com platform.twitter.com/css/ *.twimg.com *.google.com widget.alongside.com https://tags.srv.stackadapt.com/sa.css 'unsafe-inline'; img-src 'self' *.gstatic.com *.googleapis.com platform.tumblr.com www.redditstatic.com *.twimg.com data: blob: *.facebook.com *.facebook.net *.linkedin.com *.ytimg.com *.twitter.com *.googletagmanager.com *.google-analytics.com web-chat.nativechat.com *.googleadservices.com *.google.com t.co *.google.ca *.ivy-cdn.com *.nbcc.ca app.careerbeacon.com//assets/images/widget_powered_by_careerbeacon.png https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: bot.ivy.ai; frame-src 'self' *.nbcc.ca *.youtube.com *.google.com *.facebook.com *.googleadservices.com *.g.doubleclick.net *.salesforce.com *.iatspayments.com *.vimeo.com *.campusebookstore.com open.spotify.com tours.smarterspaces.ca; connect-src 'self' data: accounts.google.com *.gstatic.com *.google.com *.g.doubleclick.net *.googletagmanager.com *.googlesyndication.com *.google-analytics.com https://px.ads.linkedin.com/wa/ https://tags.srv.stackadapt.com/sa.jpeg https://tags.srv.stackadapt.com/saq_pxl https://tags.srv.stackadapt.com/js_tracking https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act; media-src 'self' data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com badge.stumbleupon.com *.facebook.net *.facebook.com
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: ALLOW-FROM https://elearning.nbcc.ca
x-xss-protection: 1; mode=block
x-powered-by: ASP.NET
x-ua-compatible: IE=edge,chrome=1
date: Fri, 29 Mar 2024 07:11:10 GMT
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-DKXFWS1ZVH>m=45je43r0v879519077za200&_p=1711696268583&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=439707368.1711696269&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1711696269&sct=1&seg=0&dl=http%3A%2F%2Fwww.paykpal.com%2Ffr%2Fapp%2Fapp%2Fsignin.php&dt=%E7%8E%8B%E4%B8%AD%E7%8E%8B%E5%85%AD%E5%90%88%E5%BD%A9%E7%89%B9%E7%A0%81%20(New%20Brunswick%20Community%20College)&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=7319
216.239.34.36204 No Content 0 B URL POST HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-DKXFWS1ZVH>m=45je43r0v879519077za200&_p=1711696268583&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=439707368.1711696269&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1711696269&sct=1&seg=0&dl=http%3A%2F%2Fwww.paykpal.com%2Ffr%2Fapp%2Fapp%2Fsignin.php&dt=%E7%8E%8B%E4%B8%AD%E7%8E%8B%E5%85%AD%E5%90%88%E5%BD%A9%E7%89%B9%E7%A0%81%20(New%20Brunswick%20Community%20College)&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=7319
IP 216.239.34.36:443
Requested by http://www.paykpal.com/fr/app/app/signin.php
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintDE:42:E4:CC:E5:66:70:09:F3:E6:6E:57:B7:5E:22:0A:A3:03:C2:7C
ValidityMon, 26 Feb 2024 08:03:40 GMT - Mon, 20 May 2024 08:03:39 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-DKXFWS1ZVH>m=45je43r0v879519077za200&_p=1711696268583&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=439707368.1711696269&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1711696269&sct=1&seg=0&dl=http%3A%2F%2Fwww.paykpal.com%2Ffr%2Fapp%2Fapp%2Fsignin.php&dt=%E7%8E%8B%E4%B8%AD%E7%8E%8B%E5%85%AD%E5%90%88%E5%BD%A9%E7%89%B9%E7%A0%81%20(New%20Brunswick%20Community%20College)&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=7319 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.paykpal.com
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://www.paykpal.com
date: Fri, 29 Mar 2024 07:11:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
nbcc.ca/images/default-source/promo/what_to_expect.jpg?sfvrsn=da6c3554_8
198.164.157.202200 OK 44 kB URL GET HTTP/2 nbcc.ca/images/default-source/promo/what_to_expect.jpg?sfvrsn=da6c3554_8
IP 198.164.157.202:443
Requested by http://www.paykpal.com/fr/app/app/signin.php
Certificate IssuerEntrust, Inc.
Subject*.nbcc.ca
Fingerprint2A:1C:8D:70:9B:B6:37:D3:63:0E:FD:5C:C9:C6:40:3A:DD:9A:91:70
ValidityThu, 02 Nov 2023 17:12:04 GMT - Sun, 01 Dec 2024 17:12:03 GMT
File type JPEG image data, progressive, precision 8, 250x250, components 3
Hash 53ab159482d53bab7d097e9bfa609266
e56c7c7a77aee387fda108906663dc58cb941f6a
516c0380981fcb82030e14ac99af8f47e0d01f92af95aa8facc61151fe6b1483
GET /images/default-source/promo/what_to_expect.jpg?sfvrsn=da6c3554_8 HTTP/1.1
Host: nbcc.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.paykpal.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=86400
content-length: 44263
content-type: image/jpeg
expires: Sat, 30 Mar 2024 07:11:10 GMT
last-modified: Wed, 26 Jul 2023 12:48:07 GMT
server: Microsoft-IIS/10.0
content-disposition: inline; filename=what_to_expect.jpg
x-aspnet-version: 4.0.30319
content-security-policy: default-src 'self'; script-src 'self' *.googleapis.com *.gstatic.com ajax.aspnetcdn.com https://www.youtube.com https://s.ytimg.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js *.google.com *.facebook.net *.twitter.com *.googletagmanager.com *.ads-twitter.com *.google-analytics.com *.ytimg.com web-chat.nativechat.com *.googleadservices.com *.g.doubleclick.net bot.ivy.ai widget.alongside.com https://snap.licdn.com/li.lms-analytics/insight.min.js https://tags.srv.stackadapt.com/events.js https://analytics.tiktok.com/i18n/pixel/events.js https://qvdt3feo.com/events.js https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js cdn.ampproject.org 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com platform.twitter.com/css/ *.twimg.com *.google.com widget.alongside.com https://tags.srv.stackadapt.com/sa.css 'unsafe-inline'; img-src 'self' *.gstatic.com *.googleapis.com platform.tumblr.com www.redditstatic.com *.twimg.com data: blob: *.facebook.com *.facebook.net *.linkedin.com *.ytimg.com *.twitter.com *.googletagmanager.com *.google-analytics.com web-chat.nativechat.com *.googleadservices.com *.google.com t.co *.google.ca *.ivy-cdn.com *.nbcc.ca app.careerbeacon.com//assets/images/widget_powered_by_careerbeacon.png https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: bot.ivy.ai; frame-src 'self' *.nbcc.ca *.youtube.com *.google.com *.facebook.com *.googleadservices.com *.g.doubleclick.net *.salesforce.com *.iatspayments.com *.vimeo.com *.campusebookstore.com open.spotify.com tours.smarterspaces.ca; connect-src 'self' data: accounts.google.com *.gstatic.com *.google.com *.g.doubleclick.net *.googletagmanager.com *.googlesyndication.com *.google-analytics.com https://px.ads.linkedin.com/wa/ https://tags.srv.stackadapt.com/sa.jpeg https://tags.srv.stackadapt.com/saq_pxl https://tags.srv.stackadapt.com/js_tracking https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act; media-src 'self' data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com badge.stumbleupon.com *.facebook.net *.facebook.com
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: ALLOW-FROM https://elearning.nbcc.ca
x-xss-protection: 1; mode=block
x-powered-by: ASP.NET
x-ua-compatible: IE=edge,chrome=1
date: Fri, 29 Mar 2024 07:11:10 GMT
X-Firefox-Spdy: h2
nbcc.ca/Template/Images/Logos/nbcc-logo-footer.png
198.164.157.202200 OK 3.2 kB URL GET HTTP/2 nbcc.ca/Template/Images/Logos/nbcc-logo-footer.png
IP 198.164.157.202:443
Requested by http://www.paykpal.com/fr/app/app/signin.php
Certificate IssuerEntrust, Inc.
Subject*.nbcc.ca
Fingerprint2A:1C:8D:70:9B:B6:37:D3:63:0E:FD:5C:C9:C6:40:3A:DD:9A:91:70
ValidityThu, 02 Nov 2023 17:12:04 GMT - Sun, 01 Dec 2024 17:12:03 GMT
File type PNG image data, 165 x 30, 8-bit/color RGBA, non-interlaced
Hash 316a4df5c77906bbdfbf62542e50401f
76deed23df50f8449e922d872dd0f04d0e572ad6
7feaad110263b6420f82dbffeb67a1557d547125733fbdc8e9ed202508f76893
GET /Template/Images/Logos/nbcc-logo-footer.png HTTP/1.1
Host: nbcc.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.paykpal.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=2678400
content-type: image/png
last-modified: Mon, 07 Dec 2015 17:50:20 GMT
accept-ranges: bytes
etag: "0d646bd1731d11:0"
server: Microsoft-IIS/10.0
content-security-policy: default-src 'self'; script-src 'self' *.googleapis.com *.gstatic.com ajax.aspnetcdn.com https://www.youtube.com https://s.ytimg.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js *.google.com *.facebook.net *.twitter.com *.googletagmanager.com *.ads-twitter.com *.google-analytics.com *.ytimg.com web-chat.nativechat.com *.googleadservices.com *.g.doubleclick.net bot.ivy.ai widget.alongside.com https://snap.licdn.com/li.lms-analytics/insight.min.js https://tags.srv.stackadapt.com/events.js https://analytics.tiktok.com/i18n/pixel/events.js https://qvdt3feo.com/events.js https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js cdn.ampproject.org 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com platform.twitter.com/css/ *.twimg.com *.google.com widget.alongside.com https://tags.srv.stackadapt.com/sa.css 'unsafe-inline'; img-src 'self' *.gstatic.com *.googleapis.com platform.tumblr.com www.redditstatic.com *.twimg.com data: blob: *.facebook.com *.facebook.net *.linkedin.com *.ytimg.com *.twitter.com *.googletagmanager.com *.google-analytics.com web-chat.nativechat.com *.googleadservices.com *.google.com t.co *.google.ca *.ivy-cdn.com *.nbcc.ca app.careerbeacon.com//assets/images/widget_powered_by_careerbeacon.png https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: bot.ivy.ai; frame-src 'self' *.nbcc.ca *.youtube.com *.google.com *.facebook.com *.googleadservices.com *.g.doubleclick.net *.salesforce.com *.iatspayments.com *.vimeo.com *.campusebookstore.com open.spotify.com tours.smarterspaces.ca; connect-src 'self' data: accounts.google.com *.gstatic.com *.google.com *.g.doubleclick.net *.googletagmanager.com *.googlesyndication.com *.google-analytics.com https://px.ads.linkedin.com/wa/ https://tags.srv.stackadapt.com/sa.jpeg https://tags.srv.stackadapt.com/saq_pxl https://tags.srv.stackadapt.com/js_tracking https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act; media-src 'self' data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com badge.stumbleupon.com *.facebook.net *.facebook.com
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: ALLOW-FROM https://elearning.nbcc.ca
x-xss-protection: 1; mode=block
x-powered-by: ASP.NET
x-ua-compatible: IE=edge,chrome=1
date: Fri, 29 Mar 2024 07:11:10 GMT
content-length: 3187
X-Firefox-Spdy: h2
www.youtube.com/embed/PBj2l5u_u94?rel=0&showinfo=0&wmode=opaque
142.250.74.78200 OK 84 kB URL GET HTTP/2 www.youtube.com/embed/PBj2l5u_u94?rel=0&showinfo=0&wmode=opaque
IP 142.250.74.78:443
Requested by http://www.paykpal.com/fr/app/app/signin.php
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint23:75:5E:3D:EA:9F:A0:42:86:8D:14:AE:43:04:F0:B2:91:0B:DA:CF
ValidityMon, 26 Feb 2024 08:03:58 GMT - Mon, 20 May 2024 08:03:57 GMT
File type HTML document, Unicode text, UTF-8 text, with very long lines (58088)
Hash ec209c613822530e1011d91256beaf47
53d9626e75f3060ece37def60c30c0415e339015
259ba4768a2e88f79f0d11ab5ac3bacda6ad0d528637e88790de771ecca71a43
GET /embed/PBj2l5u_u94?rel=0&showinfo=0&wmode=opaque HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 29 Mar 2024 07:11:09 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=8XGnh2mB5d4; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=a5el2nXB8D8; Domain=.youtube.com; Expires=Wed, 25-Sep-2024 07:11:09 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_PRIVACY_METADATA=CgJOTxIIEgQSAgsMIEw%3D; Domain=.youtube.com; Expires=Wed, 25-Sep-2024 07:11:09 GMT; Path=/; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/s/player/3b96d06c/player_ias.vflset/en_US/remote.js
142.250.74.78200 OK 34 kB URL GET HTTP/3 www.youtube.com/s/player/3b96d06c/player_ias.vflset/en_US/remote.js
IP 142.250.74.78:443
Requested by https://www.youtube.com/embed/PBj2l5u_u94?rel=0&showinfo=0&wmode=opaque
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint23:75:5E:3D:EA:9F:A0:42:86:8D:14:AE:43:04:F0:B2:91:0B:DA:CF
ValidityMon, 26 Feb 2024 08:03:58 GMT - Mon, 20 May 2024 08:03:57 GMT
File type JavaScript source, ASCII text, with very long lines (538)
Hash 2928d37e9ec2722f5fde6149d459a998
9b346ac08d7fcbbefc6f434f66f3129e261d43dd
62cec467cd17f3933bac8192a61d3a020259d8b131809156addaf1270a187f45
GET /s/player/3b96d06c/player_ias.vflset/en_US/remote.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/PBj2l5u_u94?rel=0&showinfo=0&wmode=opaque
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 33829
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 17:22:49 GMT
expires: Fri, 28 Mar 2025 17:22:49 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Mar 2024 04:21:38 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 49701
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
nbcc.ca/images/default-source/promo/counselling.png
198.164.157.202200 OK 45 kB URL GET HTTP/2 nbcc.ca/images/default-source/promo/counselling.png
IP 198.164.157.202:443
Requested by http://www.paykpal.com/fr/app/app/signin.php
Certificate IssuerEntrust, Inc.
Subject*.nbcc.ca
Fingerprint2A:1C:8D:70:9B:B6:37:D3:63:0E:FD:5C:C9:C6:40:3A:DD:9A:91:70
ValidityThu, 02 Nov 2023 17:12:04 GMT - Sun, 01 Dec 2024 17:12:03 GMT
File type PNG image data, 250 x 250, 8-bit/color RGB, non-interlaced
Hash b0affdfd0854d921f83002dd794596bb
cbfcd68a601441c497555241589ac19036bd7e68
d0ecfb6b1359cefee34040343b3213aaae382994d18df4e4e897d85051d1fddd
GET /images/default-source/promo/counselling.png HTTP/1.1
Host: nbcc.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.paykpal.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=86400
content-length: 45121
content-type: image/png
expires: Sat, 30 Mar 2024 07:11:10 GMT
last-modified: Wed, 21 Jul 2021 16:57:10 GMT
server: Microsoft-IIS/10.0
content-disposition: inline; filename=counselling.png
x-aspnet-version: 4.0.30319
content-security-policy: default-src 'self'; script-src 'self' *.googleapis.com *.gstatic.com ajax.aspnetcdn.com https://www.youtube.com https://s.ytimg.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js *.google.com *.facebook.net *.twitter.com *.googletagmanager.com *.ads-twitter.com *.google-analytics.com *.ytimg.com web-chat.nativechat.com *.googleadservices.com *.g.doubleclick.net bot.ivy.ai widget.alongside.com https://snap.licdn.com/li.lms-analytics/insight.min.js https://tags.srv.stackadapt.com/events.js https://analytics.tiktok.com/i18n/pixel/events.js https://qvdt3feo.com/events.js https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js cdn.ampproject.org 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com platform.twitter.com/css/ *.twimg.com *.google.com widget.alongside.com https://tags.srv.stackadapt.com/sa.css 'unsafe-inline'; img-src 'self' *.gstatic.com *.googleapis.com platform.tumblr.com www.redditstatic.com *.twimg.com data: blob: *.facebook.com *.facebook.net *.linkedin.com *.ytimg.com *.twitter.com *.googletagmanager.com *.google-analytics.com web-chat.nativechat.com *.googleadservices.com *.google.com t.co *.google.ca *.ivy-cdn.com *.nbcc.ca app.careerbeacon.com//assets/images/widget_powered_by_careerbeacon.png https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: bot.ivy.ai; frame-src 'self' *.nbcc.ca *.youtube.com *.google.com *.facebook.com *.googleadservices.com *.g.doubleclick.net *.salesforce.com *.iatspayments.com *.vimeo.com *.campusebookstore.com open.spotify.com tours.smarterspaces.ca; connect-src 'self' data: accounts.google.com *.gstatic.com *.google.com *.g.doubleclick.net *.googletagmanager.com *.googlesyndication.com *.google-analytics.com https://px.ads.linkedin.com/wa/ https://tags.srv.stackadapt.com/sa.jpeg https://tags.srv.stackadapt.com/saq_pxl https://tags.srv.stackadapt.com/js_tracking https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act; media-src 'self' data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com badge.stumbleupon.com *.facebook.net *.facebook.com
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: ALLOW-FROM https://elearning.nbcc.ca
x-xss-protection: 1; mode=block
x-powered-by: ASP.NET
x-ua-compatible: IE=edge,chrome=1
date: Fri, 29 Mar 2024 07:11:10 GMT
X-Firefox-Spdy: h2
nbcc.ca/Template/Theme/vendor/nivo-slider/default/loading.gif
198.164.157.202200 OK 1.7 kB URL GET HTTP/2 nbcc.ca/Template/Theme/vendor/nivo-slider/default/loading.gif
IP 198.164.157.202:443
Requested by http://www.paykpal.com/fr/app/app/signin.php
Certificate IssuerEntrust, Inc.
Subject*.nbcc.ca
Fingerprint2A:1C:8D:70:9B:B6:37:D3:63:0E:FD:5C:C9:C6:40:3A:DD:9A:91:70
ValidityThu, 02 Nov 2023 17:12:04 GMT - Sun, 01 Dec 2024 17:12:03 GMT
File type GIF image data, version 89a, 16 x 16
Hash dd6b7b0bf5c3af22499abc0a9ee1e1b2
e8c0018145d616fac4deb460d9c1d9c9dd4d3302
0eddaab3b8cb0b15d81d62e5ae5960329c3e576ea78dc321b20734ab20271847
GET /Template/Theme/vendor/nivo-slider/default/loading.gif HTTP/1.1
Host: nbcc.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.paykpal.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=2678400
content-type: image/gif
last-modified: Tue, 12 Sep 2017 17:43:14 GMT
accept-ranges: bytes
etag: "025cd9bee2bd31:0"
server: Microsoft-IIS/10.0
content-security-policy: default-src 'self'; script-src 'self' *.googleapis.com *.gstatic.com ajax.aspnetcdn.com https://www.youtube.com https://s.ytimg.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js *.google.com *.facebook.net *.twitter.com *.googletagmanager.com *.ads-twitter.com *.google-analytics.com *.ytimg.com web-chat.nativechat.com *.googleadservices.com *.g.doubleclick.net bot.ivy.ai widget.alongside.com https://snap.licdn.com/li.lms-analytics/insight.min.js https://tags.srv.stackadapt.com/events.js https://analytics.tiktok.com/i18n/pixel/events.js https://qvdt3feo.com/events.js https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js cdn.ampproject.org 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com platform.twitter.com/css/ *.twimg.com *.google.com widget.alongside.com https://tags.srv.stackadapt.com/sa.css 'unsafe-inline'; img-src 'self' *.gstatic.com *.googleapis.com platform.tumblr.com www.redditstatic.com *.twimg.com data: blob: *.facebook.com *.facebook.net *.linkedin.com *.ytimg.com *.twitter.com *.googletagmanager.com *.google-analytics.com web-chat.nativechat.com *.googleadservices.com *.google.com t.co *.google.ca *.ivy-cdn.com *.nbcc.ca app.careerbeacon.com//assets/images/widget_powered_by_careerbeacon.png https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: bot.ivy.ai; frame-src 'self' *.nbcc.ca *.youtube.com *.google.com *.facebook.com *.googleadservices.com *.g.doubleclick.net *.salesforce.com *.iatspayments.com *.vimeo.com *.campusebookstore.com open.spotify.com tours.smarterspaces.ca; connect-src 'self' data: accounts.google.com *.gstatic.com *.google.com *.g.doubleclick.net *.googletagmanager.com *.googlesyndication.com *.google-analytics.com https://px.ads.linkedin.com/wa/ https://tags.srv.stackadapt.com/sa.jpeg https://tags.srv.stackadapt.com/saq_pxl https://tags.srv.stackadapt.com/js_tracking https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act; media-src 'self' data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com badge.stumbleupon.com *.facebook.net *.facebook.com
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: ALLOW-FROM https://elearning.nbcc.ca
x-xss-protection: 1; mode=block
x-powered-by: ASP.NET
x-ua-compatible: IE=edge,chrome=1
date: Fri, 29 Mar 2024 07:11:10 GMT
content-length: 1737
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.10200 OK 0 B URL POST HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.10:443
Requested by https://www.youtube.com/embed/PBj2l5u_u94?rel=0&showinfo=0&wmode=opaque
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint04:B9:D9:E0:01:DB:5E:AB:5A:FF:F0:D9:ED:39:0F:C1:63:18:51:0B
ValidityMon, 26 Feb 2024 08:18:27 GMT - Mon, 20 May 2024 08:18:26 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Fri, 29 Mar 2024 07:11:10 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
nbcc.ca/Template/Images/Logos/logo-horizontal-color-195x35.png?McasCtx=1
198.164.157.202200 OK 3.8 kB URL GET HTTP/2 nbcc.ca/Template/Images/Logos/logo-horizontal-color-195x35.png?McasCtx=1
IP 198.164.157.202:443
Requested by http://www.paykpal.com/fr/app/app/signin.php
Certificate IssuerEntrust, Inc.
Subject*.nbcc.ca
Fingerprint2A:1C:8D:70:9B:B6:37:D3:63:0E:FD:5C:C9:C6:40:3A:DD:9A:91:70
ValidityThu, 02 Nov 2023 17:12:04 GMT - Sun, 01 Dec 2024 17:12:03 GMT
File type PNG image data, 195 x 35, 8-bit/color RGBA, non-interlaced
Hash bd6bb5f92b622eda803d7481f1a72cf8
68950b8b7c1d38c7cb2ef24cc403ea1ae7cb4f13
76f466a145e0001c5eb798ad3a98169fa95453dd871556504dd5de79243b767f
GET /Template/Images/Logos/logo-horizontal-color-195x35.png?McasCtx=1 HTTP/1.1
Host: nbcc.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.paykpal.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=2678400
content-type: image/png
last-modified: Wed, 12 Jul 2017 16:16:30 GMT
accept-ranges: bytes
etag: "0435d382afbd21:0"
server: Microsoft-IIS/10.0
content-security-policy: default-src 'self'; script-src 'self' *.googleapis.com *.gstatic.com ajax.aspnetcdn.com https://www.youtube.com https://s.ytimg.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js *.google.com *.facebook.net *.twitter.com *.googletagmanager.com *.ads-twitter.com *.google-analytics.com *.ytimg.com web-chat.nativechat.com *.googleadservices.com *.g.doubleclick.net bot.ivy.ai widget.alongside.com https://snap.licdn.com/li.lms-analytics/insight.min.js https://tags.srv.stackadapt.com/events.js https://analytics.tiktok.com/i18n/pixel/events.js https://qvdt3feo.com/events.js https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js cdn.ampproject.org 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com platform.twitter.com/css/ *.twimg.com *.google.com widget.alongside.com https://tags.srv.stackadapt.com/sa.css 'unsafe-inline'; img-src 'self' *.gstatic.com *.googleapis.com platform.tumblr.com www.redditstatic.com *.twimg.com data: blob: *.facebook.com *.facebook.net *.linkedin.com *.ytimg.com *.twitter.com *.googletagmanager.com *.google-analytics.com web-chat.nativechat.com *.googleadservices.com *.google.com t.co *.google.ca *.ivy-cdn.com *.nbcc.ca app.careerbeacon.com//assets/images/widget_powered_by_careerbeacon.png https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: bot.ivy.ai; frame-src 'self' *.nbcc.ca *.youtube.com *.google.com *.facebook.com *.googleadservices.com *.g.doubleclick.net *.salesforce.com *.iatspayments.com *.vimeo.com *.campusebookstore.com open.spotify.com tours.smarterspaces.ca; connect-src 'self' data: accounts.google.com *.gstatic.com *.google.com *.g.doubleclick.net *.googletagmanager.com *.googlesyndication.com *.google-analytics.com https://px.ads.linkedin.com/wa/ https://tags.srv.stackadapt.com/sa.jpeg https://tags.srv.stackadapt.com/saq_pxl https://tags.srv.stackadapt.com/js_tracking https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act; media-src 'self' data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com badge.stumbleupon.com *.facebook.net *.facebook.com
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: ALLOW-FROM https://elearning.nbcc.ca
x-xss-protection: 1; mode=block
x-powered-by: ASP.NET
x-ua-compatible: IE=edge,chrome=1
date: Fri, 29 Mar 2024 07:11:10 GMT
content-length: 3791
X-Firefox-Spdy: h2
nbcc.ca/images/default-source/promo/what_to_expect.jpg
198.164.157.202200 OK 44 kB URL GET HTTP/2 nbcc.ca/images/default-source/promo/what_to_expect.jpg
IP 198.164.157.202:443
Requested by http://www.paykpal.com/fr/app/app/signin.php
Certificate IssuerEntrust, Inc.
Subject*.nbcc.ca
Fingerprint2A:1C:8D:70:9B:B6:37:D3:63:0E:FD:5C:C9:C6:40:3A:DD:9A:91:70
ValidityThu, 02 Nov 2023 17:12:04 GMT - Sun, 01 Dec 2024 17:12:03 GMT
File type JPEG image data, progressive, precision 8, 250x250, components 3
Hash 53ab159482d53bab7d097e9bfa609266
e56c7c7a77aee387fda108906663dc58cb941f6a
516c0380981fcb82030e14ac99af8f47e0d01f92af95aa8facc61151fe6b1483
GET /images/default-source/promo/what_to_expect.jpg HTTP/1.1
Host: nbcc.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.paykpal.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=86400
content-length: 44263
content-type: image/jpeg
expires: Sat, 30 Mar 2024 07:11:10 GMT
last-modified: Wed, 26 Jul 2023 12:48:07 GMT
server: Microsoft-IIS/10.0
content-disposition: inline; filename=what_to_expect.jpg
x-aspnet-version: 4.0.30319
content-security-policy: default-src 'self'; script-src 'self' *.googleapis.com *.gstatic.com ajax.aspnetcdn.com https://www.youtube.com https://s.ytimg.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js *.google.com *.facebook.net *.twitter.com *.googletagmanager.com *.ads-twitter.com *.google-analytics.com *.ytimg.com web-chat.nativechat.com *.googleadservices.com *.g.doubleclick.net bot.ivy.ai widget.alongside.com https://snap.licdn.com/li.lms-analytics/insight.min.js https://tags.srv.stackadapt.com/events.js https://analytics.tiktok.com/i18n/pixel/events.js https://qvdt3feo.com/events.js https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js cdn.ampproject.org 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com platform.twitter.com/css/ *.twimg.com *.google.com widget.alongside.com https://tags.srv.stackadapt.com/sa.css 'unsafe-inline'; img-src 'self' *.gstatic.com *.googleapis.com platform.tumblr.com www.redditstatic.com *.twimg.com data: blob: *.facebook.com *.facebook.net *.linkedin.com *.ytimg.com *.twitter.com *.googletagmanager.com *.google-analytics.com web-chat.nativechat.com *.googleadservices.com *.google.com t.co *.google.ca *.ivy-cdn.com *.nbcc.ca app.careerbeacon.com//assets/images/widget_powered_by_careerbeacon.png https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: bot.ivy.ai; frame-src 'self' *.nbcc.ca *.youtube.com *.google.com *.facebook.com *.googleadservices.com *.g.doubleclick.net *.salesforce.com *.iatspayments.com *.vimeo.com *.campusebookstore.com open.spotify.com tours.smarterspaces.ca; connect-src 'self' data: accounts.google.com *.gstatic.com *.google.com *.g.doubleclick.net *.googletagmanager.com *.googlesyndication.com *.google-analytics.com https://px.ads.linkedin.com/wa/ https://tags.srv.stackadapt.com/sa.jpeg https://tags.srv.stackadapt.com/saq_pxl https://tags.srv.stackadapt.com/js_tracking https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act; media-src 'self' data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com badge.stumbleupon.com *.facebook.net *.facebook.com
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: ALLOW-FROM https://elearning.nbcc.ca
x-xss-protection: 1; mode=block
x-powered-by: ASP.NET
x-ua-compatible: IE=edge,chrome=1
date: Fri, 29 Mar 2024 07:11:10 GMT
X-Firefox-Spdy: h2
www.paykpal.com/images/default-source/featured/featured-paying-for-college.jpg?McasCtx=1
154.206.150.114302 Moved Temporarily 2 B URL GET HTTP/1.1 www.paykpal.com/images/default-source/featured/featured-paying-for-college.jpg?McasCtx=1
IP 154.206.150.114:80
Requested by http://www.paykpal.com/fr/app/app/signin.php
File type ASCII text, with no line terminators
Hash 23b58def11b45727d3351702515f86af
099600a10a944114aac406d136b625fb416dd779
6c179f21e6f62b629055d8ab40f454ed02e48b68563913473b857d3638e23b28
GET /images/default-source/featured/featured-paying-for-college.jpg?McasCtx=1 HTTP/1.1
Host: www.paykpal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/fr/app/app/signin.php
Cookie: PHPSESSID=hdoa9qacc3hpq14utbq3ccnht5
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 29 Mar 2024 07:11:10 GMT
Content-Type: image/jpeg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: https://nbcc.ca/images/default-source/featured/featured-paying-for-college.jpg?McasCtx=1
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.10200 OK 42 kB URL POST HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.10:443
Requested by https://www.youtube.com/embed/PBj2l5u_u94?rel=0&showinfo=0&wmode=opaque
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint04:B9:D9:E0:01:DB:5E:AB:5A:FF:F0:D9:ED:39:0F:C1:63:18:51:0B
ValidityMon, 26 Feb 2024 08:18:27 GMT - Mon, 20 May 2024 08:18:26 GMT
Hash eaa92427e8584d37ba5e0d03d0561aea
592f03460be1c6b564f0acba03270ff9cbfb650d
8ba989964393cd6c2c78cedfdba34f3276d4495031bd8df6c6a7c83d195bc11a
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Fri, 29 Mar 2024 07:11:10 GMT
server: ESF
cache-control: private
content-length: 41532
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.paykpal.com/Template/Theme/vendor/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
154.206.150.114200 OK 77 kB URL GET HTTP/1.1 www.paykpal.com/Template/Theme/vendor/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 154.206.150.114:80
Requested by http://www.paykpal.com/fr/app/app/signin.php
Hash e2ceb9438989c6a763a03621e35268f3
5e6d501cc5a38c53af0691a6a206d925632a21e5
749db22e67a4d9709235538d077ab4629a0fb15409b9ef6ba44bb4c9a67dd9f5
GET /Template/Theme/vendor/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: www.paykpal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/Template/Theme/vendor/font-awesome/css/font-awesome.min.css
Cookie: PHPSESSID=hdoa9qacc3hpq14utbq3ccnht5; _gcl_au=1.1.448266348.1711696269
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 29 Mar 2024 07:11:10 GMT
Content-Type: text/html; charset=gbk
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
api.share.baidu.com/s.gif?l=http://www.paykpal.com/fr/app/app/signin.php
39.156.68.163200 OK 0 B URL GET HTTP/1.1 api.share.baidu.com/s.gif?l=http://www.paykpal.com/fr/app/app/signin.php
IP 39.156.68.163:80
ASN #9808 China Mobile Communications Group Co., Ltd.
Requested by http://www.paykpal.com/fr/app/app/signin.php
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://www.paykpal.com/fr/app/app/signin.php HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Fri, 29 Mar 2024 07:11:10 GMT
www.google.com/js/th/ZsUwGEaTXaXoI738hgfiAxwmtaoYIPrUg4qZn7H1-gg.js
142.250.74.164200 OK 20 kB URL GET HTTP/2 www.google.com/js/th/ZsUwGEaTXaXoI738hgfiAxwmtaoYIPrUg4qZn7H1-gg.js
IP 142.250.74.164:443
Requested by https://www.youtube.com/embed/PBj2l5u_u94?rel=0&showinfo=0&wmode=opaque
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
Fingerprint32:A3:19:7A:6B:D5:C7:5E:CA:7C:C8:08:79:14:56:FD:FC:3E:06:F0
ValidityMon, 26 Feb 2024 08:18:59 GMT - Mon, 20 May 2024 08:18:58 GMT
File type JavaScript source, ASCII text, with very long lines (51673)
Hash 699a13a50afaca0c62d136e97d0b573b
4e11ef26f79bace439e737b1c5f392c665357e69
66c5301846935da5e823bdfc8607e2031c26b5aa1820fad4838a999fb1f5fa08
GET /js/th/ZsUwGEaTXaXoI738hgfiAxwmtaoYIPrUg4qZn7H1-gg.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 20366
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 17:27:16 GMT
expires: Fri, 28 Mar 2025 17:27:16 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 19 Mar 2024 16:00:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 49434
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
i.ytimg.com/vi/PBj2l5u_u94/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-DoACuAiKAgwIABABGGUgRyhEMA8=&rs=AOn4CLB3hHni0J2TYw6wEzBCSdsXQCZk3w
142.250.74.150200 OK 79 kB URL GET HTTP/2 i.ytimg.com/vi/PBj2l5u_u94/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-DoACuAiKAgwIABABGGUgRyhEMA8=&rs=AOn4CLB3hHni0J2TYw6wEzBCSdsXQCZk3w
IP 142.250.74.150:443
Requested by https://www.youtube.com/embed/PBj2l5u_u94?rel=0&showinfo=0&wmode=opaque
Certificate IssuerGoogle Trust Services LLC
Subjectedgestatic.com
FingerprintD7:FC:10:C9:A8:81:6B:99:B6:4E:4D:B7:02:8F:80:C7:C2:F7:D8:7A
ValidityMon, 26 Feb 2024 08:03:26 GMT - Mon, 20 May 2024 08:03:25 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3
Hash 5485dc194ca13db77c866f87869d6daa
6fd5b3f15ba98c99b8dc1a8e08e47e4bd958fed3
4081920ad4e94c14b80ebc4eadb4dfe9346b0e2b0423b76fdcb25d2c9ea75c81
GET /vi/PBj2l5u_u94/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-DoACuAiKAgwIABABGGUgRyhEMA8=&rs=AOn4CLB3hHni0J2TYw6wEzBCSdsXQCZk3w HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 78859
date: Fri, 29 Mar 2024 07:11:10 GMT
expires: Fri, 29 Mar 2024 09:11:10 GMT
cache-control: public, max-age=7200
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
nbcc.ca/images/default-source/promo/when-you-know_250x250.jpg
198.164.157.202200 OK 21 kB URL GET HTTP/2 nbcc.ca/images/default-source/promo/when-you-know_250x250.jpg
IP 198.164.157.202:443
Requested by http://www.paykpal.com/fr/app/app/signin.php
Certificate IssuerEntrust, Inc.
Subject*.nbcc.ca
Fingerprint2A:1C:8D:70:9B:B6:37:D3:63:0E:FD:5C:C9:C6:40:3A:DD:9A:91:70
ValidityThu, 02 Nov 2023 17:12:04 GMT - Sun, 01 Dec 2024 17:12:03 GMT
File type JPEG image data, progressive, precision 8, 250x250, components 3
Hash 2f478cd44e5770447496706ac397d20c
9822d4db42482aab26d2b9fc1cd76babf8c0fa51
3689e8cdba8099de6d9f18d0f3e80e9e8af24f97a3005f691c79b7f546472926
GET /images/default-source/promo/when-you-know_250x250.jpg HTTP/1.1
Host: nbcc.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.paykpal.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=86400
content-length: 20741
content-type: image/jpeg
expires: Sat, 30 Mar 2024 07:11:10 GMT
last-modified: Thu, 14 Sep 2023 13:27:51 GMT
server: Microsoft-IIS/10.0
content-disposition: inline; filename=when-you-know_250x250.jpg
x-aspnet-version: 4.0.30319
content-security-policy: default-src 'self'; script-src 'self' *.googleapis.com *.gstatic.com ajax.aspnetcdn.com https://www.youtube.com https://s.ytimg.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js *.google.com *.facebook.net *.twitter.com *.googletagmanager.com *.ads-twitter.com *.google-analytics.com *.ytimg.com web-chat.nativechat.com *.googleadservices.com *.g.doubleclick.net bot.ivy.ai widget.alongside.com https://snap.licdn.com/li.lms-analytics/insight.min.js https://tags.srv.stackadapt.com/events.js https://analytics.tiktok.com/i18n/pixel/events.js https://qvdt3feo.com/events.js https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js cdn.ampproject.org 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com platform.twitter.com/css/ *.twimg.com *.google.com widget.alongside.com https://tags.srv.stackadapt.com/sa.css 'unsafe-inline'; img-src 'self' *.gstatic.com *.googleapis.com platform.tumblr.com www.redditstatic.com *.twimg.com data: blob: *.facebook.com *.facebook.net *.linkedin.com *.ytimg.com *.twitter.com *.googletagmanager.com *.google-analytics.com web-chat.nativechat.com *.googleadservices.com *.google.com t.co *.google.ca *.ivy-cdn.com *.nbcc.ca app.careerbeacon.com//assets/images/widget_powered_by_careerbeacon.png https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: bot.ivy.ai; frame-src 'self' *.nbcc.ca *.youtube.com *.google.com *.facebook.com *.googleadservices.com *.g.doubleclick.net *.salesforce.com *.iatspayments.com *.vimeo.com *.campusebookstore.com open.spotify.com tours.smarterspaces.ca; connect-src 'self' data: accounts.google.com *.gstatic.com *.google.com *.g.doubleclick.net *.googletagmanager.com *.googlesyndication.com *.google-analytics.com https://px.ads.linkedin.com/wa/ https://tags.srv.stackadapt.com/sa.jpeg https://tags.srv.stackadapt.com/saq_pxl https://tags.srv.stackadapt.com/js_tracking https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act; media-src 'self' data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com badge.stumbleupon.com *.facebook.net *.facebook.com
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: ALLOW-FROM https://elearning.nbcc.ca
x-xss-protection: 1; mode=block
x-powered-by: ASP.NET
x-ua-compatible: IE=edge,chrome=1
date: Fri, 29 Mar 2024 07:11:10 GMT
X-Firefox-Spdy: h2
nbcc.ca/images/default-source/promo/graduation-2024_250x250.png
198.164.157.202200 OK 11 kB URL GET HTTP/2 nbcc.ca/images/default-source/promo/graduation-2024_250x250.png
IP 198.164.157.202:443
Requested by http://www.paykpal.com/fr/app/app/signin.php
Certificate IssuerEntrust, Inc.
Subject*.nbcc.ca
Fingerprint2A:1C:8D:70:9B:B6:37:D3:63:0E:FD:5C:C9:C6:40:3A:DD:9A:91:70
ValidityThu, 02 Nov 2023 17:12:04 GMT - Sun, 01 Dec 2024 17:12:03 GMT
File type PNG image data, 250 x 250, 8-bit/color RGBA, non-interlaced
Hash a5d992bfbfdc4260a2c206172b2058f8
eae75092a3ed043745831dc346efaf2b632a76b4
1611b34de2f4778350d856d9a58a909b1cdb0e1647f948e39f971082e9b79439
GET /images/default-source/promo/graduation-2024_250x250.png HTTP/1.1
Host: nbcc.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.paykpal.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=86400
content-length: 11052
content-type: image/png
expires: Sat, 30 Mar 2024 07:11:10 GMT
last-modified: Thu, 15 Feb 2024 15:55:18 GMT
server: Microsoft-IIS/10.0
content-disposition: inline; filename=graduation-2024_250x250.png
x-aspnet-version: 4.0.30319
content-security-policy: default-src 'self'; script-src 'self' *.googleapis.com *.gstatic.com ajax.aspnetcdn.com https://www.youtube.com https://s.ytimg.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js *.google.com *.facebook.net *.twitter.com *.googletagmanager.com *.ads-twitter.com *.google-analytics.com *.ytimg.com web-chat.nativechat.com *.googleadservices.com *.g.doubleclick.net bot.ivy.ai widget.alongside.com https://snap.licdn.com/li.lms-analytics/insight.min.js https://tags.srv.stackadapt.com/events.js https://analytics.tiktok.com/i18n/pixel/events.js https://qvdt3feo.com/events.js https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js cdn.ampproject.org 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com platform.twitter.com/css/ *.twimg.com *.google.com widget.alongside.com https://tags.srv.stackadapt.com/sa.css 'unsafe-inline'; img-src 'self' *.gstatic.com *.googleapis.com platform.tumblr.com www.redditstatic.com *.twimg.com data: blob: *.facebook.com *.facebook.net *.linkedin.com *.ytimg.com *.twitter.com *.googletagmanager.com *.google-analytics.com web-chat.nativechat.com *.googleadservices.com *.google.com t.co *.google.ca *.ivy-cdn.com *.nbcc.ca app.careerbeacon.com//assets/images/widget_powered_by_careerbeacon.png https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: bot.ivy.ai; frame-src 'self' *.nbcc.ca *.youtube.com *.google.com *.facebook.com *.googleadservices.com *.g.doubleclick.net *.salesforce.com *.iatspayments.com *.vimeo.com *.campusebookstore.com open.spotify.com tours.smarterspaces.ca; connect-src 'self' data: accounts.google.com *.gstatic.com *.google.com *.g.doubleclick.net *.googletagmanager.com *.googlesyndication.com *.google-analytics.com https://px.ads.linkedin.com/wa/ https://tags.srv.stackadapt.com/sa.jpeg https://tags.srv.stackadapt.com/saq_pxl https://tags.srv.stackadapt.com/js_tracking https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act; media-src 'self' data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com badge.stumbleupon.com *.facebook.net *.facebook.com
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: ALLOW-FROM https://elearning.nbcc.ca
x-xss-protection: 1; mode=block
x-powered-by: ASP.NET
x-ua-compatible: IE=edge,chrome=1
date: Fri, 29 Mar 2024 07:11:10 GMT
X-Firefox-Spdy: h2
nbcc.ca/images/default-source/header-images/when-you-know-campaign.jpg?sfvrsn=800a1354_3
198.164.157.202200 OK 455 kB URL GET HTTP/2 nbcc.ca/images/default-source/header-images/when-you-know-campaign.jpg?sfvrsn=800a1354_3
IP 198.164.157.202:443
Requested by http://www.paykpal.com/fr/app/app/signin.php
Certificate IssuerEntrust, Inc.
Subject*.nbcc.ca
Fingerprint2A:1C:8D:70:9B:B6:37:D3:63:0E:FD:5C:C9:C6:40:3A:DD:9A:91:70
ValidityThu, 02 Nov 2023 17:12:04 GMT - Sun, 01 Dec 2024 17:12:03 GMT
File type JPEG image data, progressive, precision 8, 1600x450, components 3
Size 455 kB (454996 bytes)
Hash 67517213f06e1c3ffcc2e2d32a6dce48
c987034318f2bc10bb8c8542224cd50affba3004
7b80d37dc355a570578ca92c7212ed71ea3dc68af865d4d8b986952715b82e2a
GET /images/default-source/header-images/when-you-know-campaign.jpg?sfvrsn=800a1354_3 HTTP/1.1
Host: nbcc.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.paykpal.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=86400
content-length: 454996
content-type: image/jpeg
expires: Sat, 30 Mar 2024 07:11:10 GMT
last-modified: Thu, 14 Sep 2023 13:16:23 GMT
server: Microsoft-IIS/10.0
content-disposition: inline; filename=when-you-know-campaign.jpg
x-aspnet-version: 4.0.30319
content-security-policy: default-src 'self'; script-src 'self' *.googleapis.com *.gstatic.com ajax.aspnetcdn.com https://www.youtube.com https://s.ytimg.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js *.google.com *.facebook.net *.twitter.com *.googletagmanager.com *.ads-twitter.com *.google-analytics.com *.ytimg.com web-chat.nativechat.com *.googleadservices.com *.g.doubleclick.net bot.ivy.ai widget.alongside.com https://snap.licdn.com/li.lms-analytics/insight.min.js https://tags.srv.stackadapt.com/events.js https://analytics.tiktok.com/i18n/pixel/events.js https://qvdt3feo.com/events.js https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js cdn.ampproject.org 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com platform.twitter.com/css/ *.twimg.com *.google.com widget.alongside.com https://tags.srv.stackadapt.com/sa.css 'unsafe-inline'; img-src 'self' *.gstatic.com *.googleapis.com platform.tumblr.com www.redditstatic.com *.twimg.com data: blob: *.facebook.com *.facebook.net *.linkedin.com *.ytimg.com *.twitter.com *.googletagmanager.com *.google-analytics.com web-chat.nativechat.com *.googleadservices.com *.google.com t.co *.google.ca *.ivy-cdn.com *.nbcc.ca app.careerbeacon.com//assets/images/widget_powered_by_careerbeacon.png https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: bot.ivy.ai; frame-src 'self' *.nbcc.ca *.youtube.com *.google.com *.facebook.com *.googleadservices.com *.g.doubleclick.net *.salesforce.com *.iatspayments.com *.vimeo.com *.campusebookstore.com open.spotify.com tours.smarterspaces.ca; connect-src 'self' data: accounts.google.com *.gstatic.com *.google.com *.g.doubleclick.net *.googletagmanager.com *.googlesyndication.com *.google-analytics.com https://px.ads.linkedin.com/wa/ https://tags.srv.stackadapt.com/sa.jpeg https://tags.srv.stackadapt.com/saq_pxl https://tags.srv.stackadapt.com/js_tracking https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act; media-src 'self' data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com badge.stumbleupon.com *.facebook.net *.facebook.com
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: ALLOW-FROM https://elearning.nbcc.ca
x-xss-protection: 1; mode=block
x-powered-by: ASP.NET
x-ua-compatible: IE=edge,chrome=1
date: Fri, 29 Mar 2024 07:11:10 GMT
X-Firefox-Spdy: h2
xn--oec8c.xn--hdc1gpai4d.xn--gecrj9c/api/getImg.js?v=17&id=110095
188.114.96.1200 OK 1.0 kB URL GET HTTP/2 xn--oec8c.xn--hdc1gpai4d.xn--gecrj9c/api/getImg.js?v=17&id=110095
IP 188.114.96.1:443
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerLet's Encrypt
Subjectxn--hdc1gpai4d.xn--gecrj9c
FingerprintA1:90:75:F4:62:57:79:F3:BF:28:2B:61:7F:F4:12:85:FE:43:CE:83
ValidityTue, 19 Mar 2024 08:22:36 GMT - Mon, 17 Jun 2024 08:22:35 GMT
File type HTML document, ASCII text
Hash 2de130ebc98c96d3385f6425e828f750
476c1c30c7cdf54d85afdc44e9a012a81a595afc
efcc9c71c4529e2f3e3f053e20c83753f4b62ad445646354a85f0c8721c32fe3
GET /api/getImg.js?v=17&id=110095 HTTP/1.1
Host: xn--oec8c.xn--hdc1gpai4d.xn--gecrj9c
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 29 Mar 2024 07:11:10 GMT
content-type: application/javascript
last-modified: Tue, 19 Mar 2024 07:43:42 GMT
vary: Accept-Encoding
etag: W/"65f9422e-4de"
expires: Fri, 29 Mar 2024 19:11:10 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VMfu2C8tfr4xX%2F5N9cob7dsfsBBFaUnQPT9zrfOUfKsdHgxV03wMeOEZE4rbJZ86E50ohkrZDcKzfH0Je6GaXuCTSPEFFKUsogvtK5cV5Ux3YMc2ZIKLZENADg5dy%2BDlzlzg7AFoQb4TQP%2BHM%2FDbV3ZkAo44j%2FQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86be0b56cf5d56c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
xn--oec8c.xn--hdc1gpai4d.xn--gecrj9c/api/getImg.js?v=17&id=110100
188.114.96.1200 OK 21 kB URL GET HTTP/2 xn--oec8c.xn--hdc1gpai4d.xn--gecrj9c/api/getImg.js?v=17&id=110100
IP 188.114.96.1:443
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerLet's Encrypt
Subjectxn--hdc1gpai4d.xn--gecrj9c
FingerprintA1:90:75:F4:62:57:79:F3:BF:28:2B:61:7F:F4:12:85:FE:43:CE:83
ValidityTue, 19 Mar 2024 08:22:36 GMT - Mon, 17 Jun 2024 08:22:35 GMT
File type HTML document, ASCII text
Hash 2de130ebc98c96d3385f6425e828f750
476c1c30c7cdf54d85afdc44e9a012a81a595afc
efcc9c71c4529e2f3e3f053e20c83753f4b62ad445646354a85f0c8721c32fe3
GET /api/getImg.js?v=17&id=110100 HTTP/1.1
Host: xn--oec8c.xn--hdc1gpai4d.xn--gecrj9c
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 07:11:10 GMT
content-type: application/javascript
last-modified: Tue, 19 Mar 2024 07:43:42 GMT
vary: Accept-Encoding
etag: W/"65f9422e-4de"
expires: Fri, 29 Mar 2024 19:11:10 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FJXBobNJG6XGcGN4l5i2Z%2FSXe87YirFB70pdbo5gu%2F8U8bhysvJKGvj2Ro8gFBpiU7Ghw83V7KpwcGe%2Bdnye0wiiXQ6Ad5oYOzc%2FEixD2Mi%2FIdCSwZbRNazKeCigIjaGdi%2Bq%2FEvU%2BYrX9602dELeuEMX3nY7K8Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86be0b56ef7556c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
yt3.ggpht.com/WVIyAqtCM6Gz02OMgiSLKE1oBj_6VMYHVC49jonm3Uvgxfnl_TY0wW4joLBjmdn22VoWTGAl6Q=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 2.6 kB URL GET HTTP/2 yt3.ggpht.com/WVIyAqtCM6Gz02OMgiSLKE1oBj_6VMYHVC49jonm3Uvgxfnl_TY0wW4joLBjmdn22VoWTGAl6Q=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:443
Requested by https://www.youtube.com/embed/PBj2l5u_u94?rel=0&showinfo=0&wmode=opaque
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint45:D1:C0:2D:E8:A2:E4:6C:89:C5:B6:FE:AE:99:83:B1:CA:66:17:CF
ValidityMon, 26 Feb 2024 08:17:52 GMT - Mon, 20 May 2024 08:17:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3
Hash 021193e153863ffb963033a9bc7a3911
32e4b4157f3f9c9687ebbfda9a607aa72d272f83
bafffe6847cf57aaae40cf6b1eedbd3a3320b84d5d35152ccc64cd3a6bd67d3f
GET /WVIyAqtCM6Gz02OMgiSLKE1oBj_6VMYHVC49jonm3Uvgxfnl_TY0wW4joLBjmdn22VoWTGAl6Q=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
x-content-type-options: nosniff
server: fife
content-length: 2602
x-xss-protection: 0
date: Fri, 29 Mar 2024 07:11:10 GMT
expires: Sat, 30 Mar 2024 07:11:10 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1"
content-type: image/jpeg
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?554614db7db6c875f040ea091835e689
103.235.46.191200 OK 11 kB URL GET HTTP/1.1 hm.baidu.com/hm.js?554614db7db6c875f040ea091835e689
IP 103.235.46.191:443
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by http://www.paykpal.com/fr/app/app/signin.php
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type JavaScript source, ASCII text, with very long lines (616)
Hash 41ee990579418c1d5e8204ed2834e2e3
2d7706434e004d8d3845b93beade924d96f0ec51
3911780d47587f630796ab7e967b735f3f4471095b77bfa225524b96efcc5662
GET /hm.js?554614db7db6c875f040ea091835e689 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11254
Content-Type: application/javascript
Date: Fri, 29 Mar 2024 07:11:10 GMT
Etag: 0b32db5f02f900685ab436fb922556f4
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=7F08B42A3DC1A235; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
xn--oec8c.xn--hdc1gpai4d.xn--gecrj9c/api/getImg.js?v=17&id=110096
188.114.96.1200 OK 1.0 kB URL GET HTTP/2 xn--oec8c.xn--hdc1gpai4d.xn--gecrj9c/api/getImg.js?v=17&id=110096
IP 188.114.96.1:443
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerLet's Encrypt
Subjectxn--hdc1gpai4d.xn--gecrj9c
FingerprintA1:90:75:F4:62:57:79:F3:BF:28:2B:61:7F:F4:12:85:FE:43:CE:83
ValidityTue, 19 Mar 2024 08:22:36 GMT - Mon, 17 Jun 2024 08:22:35 GMT
File type HTML document, ASCII text
Hash 2de130ebc98c96d3385f6425e828f750
476c1c30c7cdf54d85afdc44e9a012a81a595afc
efcc9c71c4529e2f3e3f053e20c83753f4b62ad445646354a85f0c8721c32fe3
GET /api/getImg.js?v=17&id=110096 HTTP/1.1
Host: xn--oec8c.xn--hdc1gpai4d.xn--gecrj9c
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 29 Mar 2024 07:11:10 GMT
content-type: application/javascript
last-modified: Tue, 19 Mar 2024 07:43:42 GMT
vary: Accept-Encoding
etag: W/"65f9422e-4de"
expires: Fri, 29 Mar 2024 19:11:10 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ppO6bgKJ8GX3nG0dn2glUSINesEnXm%2Bz90h0eL2BETGgEoMygSgkVj5tUrmhs9vtX3Cj5kWWvF794Sdr%2Fh%2BCcx5nbiClOiETTAXz3HjL3sYdoUbvSdzJEZuBsqIftmUbgCAmqtkZfUG6NkQO4TKJvdd3KTjosDc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86be0b56cf6156c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
xn--oec8c.xn--hdc1gpai4d.xn--gecrj9c/api/getImg.js?v=17&id=110094
188.114.96.1200 OK 1.0 kB URL GET HTTP/2 xn--oec8c.xn--hdc1gpai4d.xn--gecrj9c/api/getImg.js?v=17&id=110094
IP 188.114.96.1:443
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerLet's Encrypt
Subjectxn--hdc1gpai4d.xn--gecrj9c
FingerprintA1:90:75:F4:62:57:79:F3:BF:28:2B:61:7F:F4:12:85:FE:43:CE:83
ValidityTue, 19 Mar 2024 08:22:36 GMT - Mon, 17 Jun 2024 08:22:35 GMT
File type HTML document, ASCII text
Hash 2de130ebc98c96d3385f6425e828f750
476c1c30c7cdf54d85afdc44e9a012a81a595afc
efcc9c71c4529e2f3e3f053e20c83753f4b62ad445646354a85f0c8721c32fe3
GET /api/getImg.js?v=17&id=110094 HTTP/1.1
Host: xn--oec8c.xn--hdc1gpai4d.xn--gecrj9c
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 29 Mar 2024 07:11:09 GMT
content-type: application/javascript
last-modified: Tue, 19 Mar 2024 07:43:42 GMT
vary: Accept-Encoding
etag: W/"65f9422e-4de"
expires: Fri, 29 Mar 2024 09:25:01 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 35168
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iTGgVXUTBqWOCEgTvLwcDco8saK%2BG4pONCLw9WZic46qiPv5aOLTglAK0kiSYwjtikZZ%2FkIhPrfStt9grCcfomcAtFLev2%2BGqp1y5KNAQF7oiwJuSd5yz3ilABEymmAPyOvevXt%2BBsahpuvQPgh8LCk3L7pqDQ4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86be0b56cf5c56c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cse.google.com/cse.js?cx=003316379678217112077:fejta030q98
142.250.74.78200 OK 3.0 kB URL GET HTTP/3 cse.google.com/cse.js?cx=003316379678217112077:fejta030q98
IP 142.250.74.78:443
Requested by http://www.paykpal.com/fr/app/app/signin.php
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint23:75:5E:3D:EA:9F:A0:42:86:8D:14:AE:43:04:F0:B2:91:0B:DA:CF
ValidityMon, 26 Feb 2024 08:03:58 GMT - Mon, 20 May 2024 08:03:57 GMT
File type JavaScript source, ASCII text, with very long lines (3170)
Hash 65f1054884084a0380cf49afb89c3bcb
97b0eeccf6a3434a8c220c94eeb400c711a109ed
0045a9e2a4da3e98a4f94110532ed41411ca2c10b5f87912956690d568bab903
GET /cse.js?cx=003316379678217112077:fejta030q98 HTTP/1.1
Host: cse.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-QJapbACuzHkeVplMHDSGBw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Fri, 29 Mar 2024 07:11:11 GMT
server: gws
content-length: 3032
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
xn--oec8c.xn--hdc1gpai4d.xn--gecrj9c/api/getImg.js?v=17&id=110101
188.114.96.1200 OK 11 kB URL GET HTTP/2 xn--oec8c.xn--hdc1gpai4d.xn--gecrj9c/api/getImg.js?v=17&id=110101
IP 188.114.96.1:443
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerLet's Encrypt
Subjectxn--hdc1gpai4d.xn--gecrj9c
FingerprintA1:90:75:F4:62:57:79:F3:BF:28:2B:61:7F:F4:12:85:FE:43:CE:83
ValidityTue, 19 Mar 2024 08:22:36 GMT - Mon, 17 Jun 2024 08:22:35 GMT
File type HTML document, ASCII text
Hash 2de130ebc98c96d3385f6425e828f750
476c1c30c7cdf54d85afdc44e9a012a81a595afc
efcc9c71c4529e2f3e3f053e20c83753f4b62ad445646354a85f0c8721c32fe3
GET /api/getImg.js?v=17&id=110101 HTTP/1.1
Host: xn--oec8c.xn--hdc1gpai4d.xn--gecrj9c
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 07:11:10 GMT
content-type: application/javascript
last-modified: Tue, 19 Mar 2024 07:43:42 GMT
vary: Accept-Encoding
etag: W/"65f9422e-4de"
expires: Fri, 29 Mar 2024 19:11:10 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IpBPpPqIaHsxkXtY1Bvt2T54u58jYa9SYWHFlBPK6Z56iinSV1H3AHk51xjcnBbkB4MtZTeb9FuX2ULoE2%2B2WSzdF6x2Ngn6WeVvPJY%2B%2FUHHTk1%2Bt1G7%2FIkTyV54S16JLSfn3zdrPGH%2FTNa3Amg%2FjhKNojxfM%2FI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86be0b56ef7156c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
6htv11.com/gallerynew/h5/picture/detail?reload=0&pictureTypeId=110091
170.33.96.7200 OK 10 kB URL GET HTTP/1.1 6htv11.com/gallerynew/h5/picture/detail?reload=0&pictureTypeId=110091
IP 170.33.96.7:443
ASN #134963 Alibaba Cloud Singapore Private Limited
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerSectigo Limited
Subject6htv11.com
Fingerprint33:02:A0:C7:EA:18:2F:40:91:8E:99:17:E8:8E:F2:5C:72:50:3B:D8
ValidityTue, 19 Sep 2023 00:00:00 GMT - Sun, 12 May 2024 23:59:59 GMT
Hash f6af13cfa8d3fd5cac9c970d690277fa
b51f265071618c8f4c1adcdfca0f76d35b0ed7af
dc636a01556104b01ea76216e9dc7dced800504e5255a02820e51435b803ea72
GET /gallerynew/h5/picture/detail?reload=0&pictureTypeId=110091 HTTP/1.1
Host: 6htv11.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Origin: https://xn--oec8c.xn--kecly4b.xn--gecrj9c
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 07:11:11 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 10431
Connection: keep-alive
Set-Cookie: aliyungf_tc=4690e1976942b4ae1feca07f9dd64d1b0788f1ced175589eae23749cd772dd60; Path=/; HttpOnly
server: Tengine/2.3.3
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-origin: *
via: 1.1 google
Strict-Transport-Security: max-age=31536000
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.10200 OK 0 B URL OPTIONS HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.10:443
Requested by https://www.youtube.com/embed/PBj2l5u_u94?rel=0&showinfo=0&wmode=opaque
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint04:B9:D9:E0:01:DB:5E:AB:5A:FF:F0:D9:ED:39:0F:C1:63:18:51:0B
ValidityMon, 26 Feb 2024 08:18:27 GMT - Mon, 20 May 2024 08:18:26 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Fri, 29 Mar 2024 07:11:11 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DKXFWS1ZVH&cid=439707368.1711696269>m=45je43r0v879519077za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=88211615
142.250.74.163200 OK 42 B URL GET HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DKXFWS1ZVH&cid=439707368.1711696269>m=45je43r0v879519077za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=88211615
IP 142.250.74.163:443
Requested by http://www.paykpal.com/fr/app/app/signin.php
Certificate IssuerGoogle Trust Services LLC
Subject*.google.no
FingerprintBD:FC:1B:6B:7D:09:A2:62:4F:C6:C8:69:25:38:B5:AC:B1:42:C8:2E
ValidityMon, 26 Feb 2024 08:21:28 GMT - Mon, 20 May 2024 08:21:27 GMT
File type GIF image data, version 89a, 1 x 1
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DKXFWS1ZVH&cid=439707368.1711696269>m=45je43r0v879519077za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=88211615 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 29 Mar 2024 07:11:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/generate_204?Zs9sNA
142.250.74.78204 No Content 0 B URL GET HTTP/3 www.youtube.com/generate_204?Zs9sNA
IP 142.250.74.78:443
Requested by https://www.youtube.com/embed/PBj2l5u_u94?rel=0&showinfo=0&wmode=opaque
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint23:75:5E:3D:EA:9F:A0:42:86:8D:14:AE:43:04:F0:B2:91:0B:DA:CF
ValidityMon, 26 Feb 2024 08:03:58 GMT - Mon, 20 May 2024 08:03:57 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /generate_204?Zs9sNA HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/PBj2l5u_u94?rel=0&showinfo=0&wmode=opaque
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-length: 0
cross-origin-resource-policy: cross-origin
date: Fri, 29 Mar 2024 07:11:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/cse/static/style/look/v4/default.css
142.250.74.164200 OK 1.3 kB URL GET HTTP/3 www.google.com/cse/static/style/look/v4/default.css
IP 142.250.74.164:443
Requested by http://www.paykpal.com/fr/app/app/signin.php
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint23:75:5E:3D:EA:9F:A0:42:86:8D:14:AE:43:04:F0:B2:91:0B:DA:CF
ValidityMon, 26 Feb 2024 08:03:58 GMT - Mon, 20 May 2024 08:03:57 GMT
Hash c14e45e189f801818b14f1315605a632
dd7e7fb9d156b343beef0155b41da1c847d69e41
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
GET /cse/static/style/look/v4/default.css HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-length: 1345
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 29 Mar 2024 07:03:28 GMT
expires: Fri, 29 Mar 2024 07:53:28 GMT
cache-control: public, max-age=3000
age: 463
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
content-type: text/css
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/cse/static/element/8435450f13508ca1/default+en.css
142.250.74.164200 OK 9.1 kB URL GET HTTP/3 www.google.com/cse/static/element/8435450f13508ca1/default+en.css
IP 142.250.74.164:443
Requested by http://www.paykpal.com/fr/app/app/signin.php
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint23:75:5E:3D:EA:9F:A0:42:86:8D:14:AE:43:04:F0:B2:91:0B:DA:CF
ValidityMon, 26 Feb 2024 08:03:58 GMT - Mon, 20 May 2024 08:03:57 GMT
Hash baccb7180fe061b63ed061ec10c3b0c8
bfb31590ba6e758eb8f25735b564d7e4a0919025
a5402de70228d4bf5379b518225b702918f6ae277e9293f9d16334c2b1fa31e3
GET /cse/static/element/8435450f13508ca1/default+en.css HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-length: 9068
date: Fri, 29 Mar 2024 07:11:11 GMT
expires: Fri, 29 Mar 2024 07:11:11 GMT
cache-control: private, max-age=31536000
last-modified: Wed, 10 Jan 2024 16:43:07 GMT
x-content-type-options: nosniff
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.10200 OK 114 B URL OPTIONS HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.10:443
Requested by https://www.youtube.com/embed/PBj2l5u_u94?rel=0&showinfo=0&wmode=opaque
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint04:B9:D9:E0:01:DB:5E:AB:5A:FF:F0:D9:ED:39:0F:C1:63:18:51:0B
ValidityMon, 26 Feb 2024 08:18:27 GMT - Mon, 20 May 2024 08:18:26 GMT
Hash 59530c8a6e80d527ce9a12e1976ed3a1
58ee62948ee2e167fe8354ca1aa26cef59629c8b
13179f7e06ba9dc8b92a6af0b0eb104a5b6c62d2a0332272828eac1ca9dd4fd1
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1298
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Fri, 29 Mar 2024 07:11:11 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.paykpal.com/favicon.ico
154.206.150.114302 Moved Temporarily 2 B URL GET HTTP/1.1 www.paykpal.com/favicon.ico
IP 154.206.150.114:80
Requested by http://www.paykpal.com/fr/app/app/signin.php
File type ASCII text, with no line terminators
Hash 23b58def11b45727d3351702515f86af
099600a10a944114aac406d136b625fb416dd779
6c179f21e6f62b629055d8ab40f454ed02e48b68563913473b857d3638e23b28
GET /favicon.ico HTTP/1.1
Host: www.paykpal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/fr/app/app/signin.php
Cookie: PHPSESSID=hdoa9qacc3hpq14utbq3ccnht5; _gcl_au=1.1.448266348.1711696269; _ga_DKXFWS1ZVH=GS1.1.1711696269.1.0.1711696269.60.0.0; _ga=GA1.1.439707368.1711696269; Hm_lvt_554614db7db6c875f040ea091835e689=1711696271; Hm_lpvt_554614db7db6c875f040ea091835e689=1711696271
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 29 Mar 2024 07:11:11 GMT
Content-Type: image/jpeg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: https://nbcc.ca/favicon.ico
6htv11.com/gallerynew/h5/picture/detail?reload=0&pictureTypeId=110090
170.33.96.7200 OK 10 kB URL GET HTTP/1.1 6htv11.com/gallerynew/h5/picture/detail?reload=0&pictureTypeId=110090
IP 170.33.96.7:443
ASN #134963 Alibaba Cloud Singapore Private Limited
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerSectigo Limited
Subject6htv11.com
Fingerprint33:02:A0:C7:EA:18:2F:40:91:8E:99:17:E8:8E:F2:5C:72:50:3B:D8
ValidityTue, 19 Sep 2023 00:00:00 GMT - Sun, 12 May 2024 23:59:59 GMT
Hash ae3d9f678e62af901c38a134d1a79d4c
415bca0c724920ae6ed406cdcb09db5044684dcb
07c445d6827c00ee8368fbe37b2b079c0e54e7ec5e82907accdffbcd354c20bd
GET /gallerynew/h5/picture/detail?reload=0&pictureTypeId=110090 HTTP/1.1
Host: 6htv11.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Origin: https://xn--oec8c.xn--kecly4b.xn--gecrj9c
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 07:11:11 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 10433
Connection: keep-alive
Set-Cookie: aliyungf_tc=2de1dab644536c9e891c0180d6fcb39bf8ee745a0554d172ccd96682e4acf5cb; Path=/; HttpOnly
server: Tengine/2.3.3
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-origin: *
via: 1.1 google
Strict-Transport-Security: max-age=31536000
www.google.com/cse/static/element/8435450f13508ca1/cse_element__en.js?usqp=CAI%3D
142.250.74.164200 OK 108 kB URL GET HTTP/3 www.google.com/cse/static/element/8435450f13508ca1/cse_element__en.js?usqp=CAI%3D
IP 142.250.74.164:443
Requested by http://www.paykpal.com/fr/app/app/signin.php
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint23:75:5E:3D:EA:9F:A0:42:86:8D:14:AE:43:04:F0:B2:91:0B:DA:CF
ValidityMon, 26 Feb 2024 08:03:58 GMT - Mon, 20 May 2024 08:03:57 GMT
File type JavaScript source, ASCII text, with very long lines (1648)
Size 108 kB (108214 bytes)
Hash 894cb0d707be015fef54157044f1e257
3301ae907d36859699c3a7f264e2888f3d0f79af
1c8cc3cef0d65c2d9912b24f27bd2f42a79d10be8e00439562a3984f90f05bdd
GET /cse/static/element/8435450f13508ca1/cse_element__en.js?usqp=CAI%3D HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-length: 108214
date: Fri, 29 Mar 2024 07:11:11 GMT
expires: Fri, 29 Mar 2024 07:11:11 GMT
cache-control: private, max-age=31536000
last-modified: Wed, 10 Jan 2024 16:43:07 GMT
x-content-type-options: nosniff
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1902686231&si=554614db7db6c875f040ea091835e689&v=1.3.0&lv=1&sn=53141&r=0&ww=1280&u=http%3A%2F%2Fwww.paykpal.com%2Ffr%2Fapp%2Fapp%2Fsignin.php&tt=%E7%8E%8B%E4%B8%AD%E7%8E%8B%E5%85%AD%E5%90%88%E5%BD%A9%E7%89%B9%E7%A0%81%20(New%20Brunswick%20Community%20College)
103.235.46.191200 OK 43 B URL GET HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1902686231&si=554614db7db6c875f040ea091835e689&v=1.3.0&lv=1&sn=53141&r=0&ww=1280&u=http%3A%2F%2Fwww.paykpal.com%2Ffr%2Fapp%2Fapp%2Fsignin.php&tt=%E7%8E%8B%E4%B8%AD%E7%8E%8B%E5%85%AD%E5%90%88%E5%BD%A9%E7%89%B9%E7%A0%81%20(New%20Brunswick%20Community%20College)
IP 103.235.46.191:443
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Requested by http://www.paykpal.com/fr/app/app/signin.php
Certificate IssuerGlobalSign nv-sa
Subjectbaidu.com
Fingerprint97:42:D5:98:27:D6:22:88:CF:59:C3:FF:75:86:8D:D5:D3:12:A0:AF
ValidityThu, 06 Jul 2023 01:51:06 GMT - Tue, 06 Aug 2024 01:51:05 GMT
File type GIF image data, version 89a, 1 x 1
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=1024&et=0&ja=0&ln=en-us&lo=0&rnd=1902686231&si=554614db7db6c875f040ea091835e689&v=1.3.0&lv=1&sn=53141&r=0&ww=1280&u=http%3A%2F%2Fwww.paykpal.com%2Ffr%2Fapp%2Fapp%2Fsignin.php&tt=%E7%8E%8B%E4%B8%AD%E7%8E%8B%E5%85%AD%E5%90%88%E5%BD%A9%E7%89%B9%E7%A0%81%20(New%20Brunswick%20Community%20College) HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 29 Mar 2024 07:11:11 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=A5363D1D165D7230; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
xn--oec8c.xn--hdc1gpai4d.xn--gecrj9c/upload/ueditor/image/20231202/1701528341859928.gif
188.114.96.1200 OK 11 kB URL GET HTTP/3 xn--oec8c.xn--hdc1gpai4d.xn--gecrj9c/upload/ueditor/image/20231202/1701528341859928.gif
IP 188.114.96.1:443
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerLet's Encrypt
Subjectxn--hdc1gpai4d.xn--gecrj9c
FingerprintA1:90:75:F4:62:57:79:F3:BF:28:2B:61:7F:F4:12:85:FE:43:CE:83
ValidityTue, 19 Mar 2024 08:22:36 GMT - Mon, 17 Jun 2024 08:22:35 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3
Hash b5df1b80916d30df067d1a675a132f67
206b9a6bfe65f9387d473cbfdb06ef5f7b0be56a
635667a05736750580a322ef66c36489041c26254d959591217b835ef00ba544
GET /upload/ueditor/image/20231202/1701528341859928.gif HTTP/1.1
Host: xn--oec8c.xn--hdc1gpai4d.xn--gecrj9c
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 07:11:10 GMT
content-type: image/gif
content-length: 217157
last-modified: Wed, 20 Dec 2023 08:54:28 GMT
etag: "6582abc4-35045"
expires: Sat, 20 Apr 2024 20:01:21 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 644989
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EMIBYM%2FjNVtLPsA2NJtKsSRb9FjQat9aEof2hZhJJiqRXKvgqEXVXyFYqZc7WF0%2FB0dZVsaD3TRhWnhQMbtr%2FflHUcPvD%2FLmrz8kOCBtbQhAozD8ujwqduvKmcSfDcFV%2FfRPPk19iyg5AwImvQruRD7P7xOI7ww%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86be0b5d9bfa0b02-OSL
alt-svc: h3=":443"; ma=86400
collect-v6.51.la/v6/collect?dt=4
203.107.86.226403 0 B URL POST HTTP/1.1 collect-v6.51.la/v6/collect?dt=4
IP 203.107.86.226:443
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerGlobalSign nv-sa
Subject*.51.la
Fingerprint9E:F3:EB:9A:59:E9:6D:6E:48:13:64:78:3C:33:1D:AA:79:52:5B:79
ValidityThu, 20 Apr 2023 01:12:57 GMT - Tue, 21 May 2024 01:12:56 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 310
Origin: https://xn--oec8c.xn--kecly4b.xn--gecrj9c
DNT: 1
Connection: keep-alive
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403
Date: Fri, 29 Mar 2024 07:11:11 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: aliyungf_tc=237e3b76646514fa8579e62c9098acd97af3d2bbeee70a40b71bc34fa7b0752d; Path=/; HttpOnly
acw_tc=ac11000117116962713193910e3173d227e1a7aa1016c256232c762d749ee8;path=/;HttpOnly;Max-Age=1800
Server: nginx
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: https://xn--oec8c.xn--kecly4b.xn--gecrj9c
Access-Control-Allow-Credentials: true
nbcc.ca/favicon.ico
198.164.157.202200 OK 1.2 kB IP 198.164.157.202:443
Requested by http://www.paykpal.com/fr/app/app/signin.php
Certificate IssuerEntrust, Inc.
Subject*.nbcc.ca
Fingerprint2A:1C:8D:70:9B:B6:37:D3:63:0E:FD:5C:C9:C6:40:3A:DD:9A:91:70
ValidityThu, 02 Nov 2023 17:12:04 GMT - Sun, 01 Dec 2024 17:12:03 GMT
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Hash a49b1ae365847baae7be9d862fe60ead
57a44d40d0fc16074dd8198f0027bc18b95fd302
9910201a612854cc839b35286493a480b5c358cac2218ee15deb821e7495c50a
GET /favicon.ico HTTP/1.1
Host: nbcc.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.paykpal.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: max-age=2678400
content-type: image/x-icon
last-modified: Wed, 12 Feb 2014 20:14:50 GMT
accept-ranges: bytes
etag: "0991f152f28cf1:0"
server: Microsoft-IIS/10.0
content-security-policy: default-src 'self'; script-src 'self' *.googleapis.com *.gstatic.com ajax.aspnetcdn.com https://www.youtube.com https://s.ytimg.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js *.google.com *.facebook.net *.twitter.com *.googletagmanager.com *.ads-twitter.com *.google-analytics.com *.ytimg.com web-chat.nativechat.com *.googleadservices.com *.g.doubleclick.net bot.ivy.ai widget.alongside.com https://snap.licdn.com/li.lms-analytics/insight.min.js https://tags.srv.stackadapt.com/events.js https://analytics.tiktok.com/i18n/pixel/events.js https://qvdt3feo.com/events.js https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js cdn.ampproject.org 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com platform.twitter.com/css/ *.twimg.com *.google.com widget.alongside.com https://tags.srv.stackadapt.com/sa.css 'unsafe-inline'; img-src 'self' *.gstatic.com *.googleapis.com platform.tumblr.com www.redditstatic.com *.twimg.com data: blob: *.facebook.com *.facebook.net *.linkedin.com *.ytimg.com *.twitter.com *.googletagmanager.com *.google-analytics.com web-chat.nativechat.com *.googleadservices.com *.google.com t.co *.google.ca *.ivy-cdn.com *.nbcc.ca app.careerbeacon.com//assets/images/widget_powered_by_careerbeacon.png https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: bot.ivy.ai; frame-src 'self' *.nbcc.ca *.youtube.com *.google.com *.facebook.com *.googleadservices.com *.g.doubleclick.net *.salesforce.com *.iatspayments.com *.vimeo.com *.campusebookstore.com open.spotify.com tours.smarterspaces.ca; connect-src 'self' data: accounts.google.com *.gstatic.com *.google.com *.g.doubleclick.net *.googletagmanager.com *.googlesyndication.com *.google-analytics.com https://px.ads.linkedin.com/wa/ https://tags.srv.stackadapt.com/sa.jpeg https://tags.srv.stackadapt.com/saq_pxl https://tags.srv.stackadapt.com/js_tracking https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act; media-src 'self' data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com badge.stumbleupon.com *.facebook.net *.facebook.com
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: ALLOW-FROM https://elearning.nbcc.ca
x-xss-protection: 1; mode=block
x-powered-by: ASP.NET
x-ua-compatible: IE=edge,chrome=1
date: Fri, 29 Mar 2024 07:11:11 GMT
content-length: 1150
X-Firefox-Spdy: h2
www.google.com/cse/static/images/1x/en/branding.png
142.250.74.164200 OK 1.6 kB URL GET HTTP/3 www.google.com/cse/static/images/1x/en/branding.png
IP 142.250.74.164:443
Requested by http://www.paykpal.com/fr/app/app/signin.php
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint23:75:5E:3D:EA:9F:A0:42:86:8D:14:AE:43:04:F0:B2:91:0B:DA:CF
ValidityMon, 26 Feb 2024 08:03:58 GMT - Mon, 20 May 2024 08:03:57 GMT
File type PNG image data, 123 x 15, 8-bit/color RGBA, non-interlaced
Hash 9a63187ccc27d018cedb3a932f5aa9aa
5a59b006635e93492bfd06a5c26f8b6e4181dc71
6ca8050d203fbcb8613c5b13d0bf8cfccb60e97f82334702edd7a48d09489d68
GET /cse/static/images/1x/en/branding.png HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-length: 1556
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 02:33:10 GMT
expires: Fri, 28 Mar 2025 02:33:10 GMT
cache-control: public, max-age=31536000
age: 103081
last-modified: Thu, 07 Dec 2023 21:00:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
clients1.google.com/generate_204
142.250.74.174204 No Content 0 B URL GET HTTP/1.1 clients1.google.com/generate_204
IP 142.250.74.174:80
Requested by http://www.paykpal.com/fr/app/app/signin.php
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /generate_204 HTTP/1.1
Host: clients1.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Content-Length: 0
Cross-Origin-Resource-Policy: cross-origin
Date: Fri, 29 Mar 2024 07:11:11 GMT
cse.google.com/adsense/search/async-ads.js
142.250.74.174200 OK 52 kB URL GET HTTP/1.1 cse.google.com/adsense/search/async-ads.js
IP 142.250.74.174:80
Requested by http://www.paykpal.com/fr/app/app/signin.php
File type JavaScript source, ASCII text, with very long lines (2283)
Hash 61ba8cc51da80d04f2c6d4da347293d3
5ae89f710906981c0269949c053cb8c2a930ff7e
0230e1dc744e32038c762e6d5dc69a56a96f120cb7154504b04b69cde09ca35d
GET /adsense/search/async-ads.js HTTP/1.1
Host: cse.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Date: Fri, 29 Mar 2024 07:11:11 GMT
Expires: Fri, 29 Mar 2024 07:11:11 GMT
Cache-Control: private, max-age=3600
ETag: "5169669198097389587"
X-Content-Type-Options: nosniff
Link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: sffe
X-XSS-Protection: 0
6htv11.com/gallerynew/h5/picture/detail?reload=0&pictureTypeId=110098
170.33.96.7200 OK 10 kB URL GET HTTP/1.1 6htv11.com/gallerynew/h5/picture/detail?reload=0&pictureTypeId=110098
IP 170.33.96.7:443
ASN #134963 Alibaba Cloud Singapore Private Limited
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerSectigo Limited
Subject6htv11.com
Fingerprint33:02:A0:C7:EA:18:2F:40:91:8E:99:17:E8:8E:F2:5C:72:50:3B:D8
ValidityTue, 19 Sep 2023 00:00:00 GMT - Sun, 12 May 2024 23:59:59 GMT
Hash 8715eb9d8fe07fe8a56126ef30f7077a
d23c80756434f19c1964a3043862ad1da69cd0b0
3f3eddae9143b41e671fb1e72efaff69bef8687823cb0820cad90734a26a2712
GET /gallerynew/h5/picture/detail?reload=0&pictureTypeId=110098 HTTP/1.1
Host: 6htv11.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Origin: https://xn--oec8c.xn--kecly4b.xn--gecrj9c
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 07:11:12 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 10431
Connection: keep-alive
Set-Cookie: aliyungf_tc=6c3992cbfec9287aa8562c42a8a8250ae49639c56d58c818953fd5ea0c7cfb06; Path=/; HttpOnly
server: Tengine/2.3.3
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-origin: *
via: 1.1 google
Strict-Transport-Security: max-age=31536000
6htv11.com/gallerynew/h5/picture/detail?reload=0&pictureTypeId=110101
170.33.96.7200 OK 10 kB URL GET HTTP/1.1 6htv11.com/gallerynew/h5/picture/detail?reload=0&pictureTypeId=110101
IP 170.33.96.7:443
ASN #134963 Alibaba Cloud Singapore Private Limited
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerSectigo Limited
Subject6htv11.com
Fingerprint33:02:A0:C7:EA:18:2F:40:91:8E:99:17:E8:8E:F2:5C:72:50:3B:D8
ValidityTue, 19 Sep 2023 00:00:00 GMT - Sun, 12 May 2024 23:59:59 GMT
Hash 6a721737ff3d91bc241dcb071a55542a
d8bf22e6b970147091228292519eb33c7a3d694c
4080a163eace431908edcdb526c1e6dde0d97f0afe7c1bea1b8176a76fd7f5be
GET /gallerynew/h5/picture/detail?reload=0&pictureTypeId=110101 HTTP/1.1
Host: 6htv11.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Origin: https://xn--oec8c.xn--kecly4b.xn--gecrj9c
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 07:11:12 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 10429
Connection: keep-alive
Set-Cookie: aliyungf_tc=ccbf26920ab6319489d9a3e8e82513309418ed4d45e51d44dd4426d3875eb10d; Path=/; HttpOnly
server: Tengine/2.3.3
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-origin: *
via: 1.1 google
Strict-Transport-Security: max-age=31536000
www.paykpal.com/Template/Theme/vendor/font-awesome/fonts/fontawesome-webfont.woff?v=4.7.0
154.206.150.114200 OK 98 kB URL GET HTTP/1.1 www.paykpal.com/Template/Theme/vendor/font-awesome/fonts/fontawesome-webfont.woff?v=4.7.0
IP 154.206.150.114:80
Requested by http://www.paykpal.com/fr/app/app/signin.php
Hash df91cc94e3586dbbc40d029c5f7b8922
48df5519a3d4dc22a5cdc3ed87f997e69a603355
d33c152dd3dfa030d8f8176bdac86c138bb53e09227ea555409fd3c7aebbc96c
GET /Template/Theme/vendor/font-awesome/fonts/fontawesome-webfont.woff?v=4.7.0 HTTP/1.1
Host: www.paykpal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/Template/Theme/vendor/font-awesome/css/font-awesome.min.css
Cookie: PHPSESSID=hdoa9qacc3hpq14utbq3ccnht5; _gcl_au=1.1.448266348.1711696269; _ga_DKXFWS1ZVH=GS1.1.1711696269.1.0.1711696269.60.0.0; _ga=GA1.1.439707368.1711696269
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 29 Mar 2024 07:11:11 GMT
Content-Type: text/html; charset=gbk
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
6htv11.com/gallerynew/h5/picture/detail?reload=0&pictureTypeId=110099
170.33.96.7200 OK 10 kB URL GET HTTP/1.1 6htv11.com/gallerynew/h5/picture/detail?reload=0&pictureTypeId=110099
IP 170.33.96.7:443
ASN #134963 Alibaba Cloud Singapore Private Limited
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerSectigo Limited
Subject6htv11.com
Fingerprint33:02:A0:C7:EA:18:2F:40:91:8E:99:17:E8:8E:F2:5C:72:50:3B:D8
ValidityTue, 19 Sep 2023 00:00:00 GMT - Sun, 12 May 2024 23:59:59 GMT
Hash 06fa448759123b3ff5ec9d6179c8329e
22c1e4d4a7daaaf1f622fbe02d592779e7d8ee04
8d5b33e9580cde7aa3d4516d97a0a64a8861ce10fa6b09d7ea9a45d3036b800e
GET /gallerynew/h5/picture/detail?reload=0&pictureTypeId=110099 HTTP/1.1
Host: 6htv11.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Origin: https://xn--oec8c.xn--kecly4b.xn--gecrj9c
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 07:11:12 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 10431
Connection: keep-alive
Set-Cookie: aliyungf_tc=5d8909b5e67df6b66ee6c0cb39013dfdc44d04d8fa377ccca72d8995ec7162ba; Path=/; HttpOnly
server: Tengine/2.3.3
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-origin: *
via: 1.1 google
Strict-Transport-Security: max-age=31536000
6htv11.com/gallerynew/h5/picture/detail?reload=0&pictureTypeId=110092
170.33.96.7200 OK 10 kB URL GET HTTP/1.1 6htv11.com/gallerynew/h5/picture/detail?reload=0&pictureTypeId=110092
IP 170.33.96.7:443
ASN #134963 Alibaba Cloud Singapore Private Limited
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerSectigo Limited
Subject6htv11.com
Fingerprint33:02:A0:C7:EA:18:2F:40:91:8E:99:17:E8:8E:F2:5C:72:50:3B:D8
ValidityTue, 19 Sep 2023 00:00:00 GMT - Sun, 12 May 2024 23:59:59 GMT
Hash 26a91bfa3062860e3d9c68083dd8f1d0
bfa54b3a1e018b75b040382d50b116282309fa0d
e6d52c784b88a50f0c26d71bf9ac8a1fdea898621521966f09fec36780794ce1
GET /gallerynew/h5/picture/detail?reload=0&pictureTypeId=110092 HTTP/1.1
Host: 6htv11.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Origin: https://xn--oec8c.xn--kecly4b.xn--gecrj9c
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 07:11:12 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 10429
Connection: keep-alive
Set-Cookie: aliyungf_tc=2b545478b4279db89d3128a8a9a081fcbff341a8f0d9b349db2afedefabb8959; Path=/; HttpOnly
server: Tengine/2.3.3
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-origin: *
via: 1.1 google
Strict-Transport-Security: max-age=31536000
6htv11.com/gallerynew/h5/picture/detail?reload=0&pictureTypeId=110093
170.33.96.7200 OK 10 kB URL GET HTTP/1.1 6htv11.com/gallerynew/h5/picture/detail?reload=0&pictureTypeId=110093
IP 170.33.96.7:443
ASN #134963 Alibaba Cloud Singapore Private Limited
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerSectigo Limited
Subject6htv11.com
Fingerprint33:02:A0:C7:EA:18:2F:40:91:8E:99:17:E8:8E:F2:5C:72:50:3B:D8
ValidityTue, 19 Sep 2023 00:00:00 GMT - Sun, 12 May 2024 23:59:59 GMT
Hash 75935850296ccb6e31de1fe1796036f0
2ec43bbec963676ddff17b6abbe86e9b75fe4c97
2d5dfa6886970d22fa943af0ea1e1f230ccca0f847e43b00cc5e8ff117041ef0
GET /gallerynew/h5/picture/detail?reload=0&pictureTypeId=110093 HTTP/1.1
Host: 6htv11.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Origin: https://xn--oec8c.xn--kecly4b.xn--gecrj9c
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 07:11:12 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 10433
Connection: keep-alive
Set-Cookie: aliyungf_tc=74bf000acd955fa5b23a0869a24db594aee1bb6afc1f6f0f30070ab378aad224; Path=/; HttpOnly
server: Tengine/2.3.3
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-origin: *
via: 1.1 google
Strict-Transport-Security: max-age=31536000
6htv11.com/gallerynew/h5/picture/detail?reload=0&pictureTypeId=110095
170.33.96.7200 OK 10 kB URL GET HTTP/1.1 6htv11.com/gallerynew/h5/picture/detail?reload=0&pictureTypeId=110095
IP 170.33.96.7:443
ASN #134963 Alibaba Cloud Singapore Private Limited
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerSectigo Limited
Subject6htv11.com
Fingerprint33:02:A0:C7:EA:18:2F:40:91:8E:99:17:E8:8E:F2:5C:72:50:3B:D8
ValidityTue, 19 Sep 2023 00:00:00 GMT - Sun, 12 May 2024 23:59:59 GMT
Hash 85c941f45ca7631311712a96e6d3550b
2737b896bc2a20eaa7f352141ab0df1b4d2e992f
3d3872cea5d8e2b88e547e1ab4b04bbf12ed0e6eb71234766c0198866c5b96c3
GET /gallerynew/h5/picture/detail?reload=0&pictureTypeId=110095 HTTP/1.1
Host: 6htv11.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Origin: https://xn--oec8c.xn--kecly4b.xn--gecrj9c
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 07:11:12 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 10429
Connection: keep-alive
Set-Cookie: aliyungf_tc=f49720c2d8260a644129ae8ffbdf79dc8f7ba3fa7b1160174b42c7d37a28cc58; Path=/; HttpOnly
server: Tengine/2.3.3
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-origin: *
via: 1.1 google
Strict-Transport-Security: max-age=31536000
xn--oec8c.xn--kecly4b.xn--gecrj9c/static/index/css/reset.css
188.114.96.1200 OK 1.7 kB URL GET HTTP/3 xn--oec8c.xn--kecly4b.xn--gecrj9c/static/index/css/reset.css
IP 188.114.96.1:443
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerLet's Encrypt
Subjectxn--kecly4b.xn--gecrj9c
Fingerprint6B:14:20:4E:20:99:CD:2C:B0:77:3C:2F:4E:30:69:54:66:2D:7C:28
ValidityThu, 07 Mar 2024 10:16:29 GMT - Wed, 05 Jun 2024 10:16:28 GMT
File type ASCII text, with CRLF, LF line terminators
Hash 09aff16fed82bb3b4dec95ed2a5ce383
4ea007f52a88226e04007e8c3bfc986b58ca3a8d
80ffa7afb48b8b71b982bdf4325e916b4377200c804117cc2db23fb3cc9663a4
GET /static/index/css/reset.css HTTP/1.1
Host: xn--oec8c.xn--kecly4b.xn--gecrj9c
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 07:11:10 GMT
content-type: text/css
last-modified: Mon, 28 Aug 2023 02:28:02 GMT
vary: Accept-Encoding
etag: W/"64ec0632-1232"
expires: Fri, 29 Mar 2024 19:11:09 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xEwwo%2F3AKGcgrW5WZNmoMMHFYxZlHYXhsrOTaena0GJTHwNp0put%2F6wRaSdUVOcaIRMewJS1VU0FYTP4dUFUXDhmmD%2BdXXrapb4yFt1p1HhtmntjMXoN44suqkcD%2B7VTb%2F1hG9ZNMQCMDyjaKT3ezf4JqKs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86be0b558f035695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
6htv11.com/gallerynew/h5/picture/detail?reload=0&pictureTypeId=110094
170.33.96.7200 OK 10 kB URL GET HTTP/1.1 6htv11.com/gallerynew/h5/picture/detail?reload=0&pictureTypeId=110094
IP 170.33.96.7:443
ASN #134963 Alibaba Cloud Singapore Private Limited
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerSectigo Limited
Subject6htv11.com
Fingerprint33:02:A0:C7:EA:18:2F:40:91:8E:99:17:E8:8E:F2:5C:72:50:3B:D8
ValidityTue, 19 Sep 2023 00:00:00 GMT - Sun, 12 May 2024 23:59:59 GMT
Hash b8b6a803ade4030306db637ab94e8230
94a58e3c7435b4181bd57d1de14814829a3b31df
5ec08f03ae814607972172b9c6fccbd52d285d343dc966ada168d49356e01f6c
GET /gallerynew/h5/picture/detail?reload=0&pictureTypeId=110094 HTTP/1.1
Host: 6htv11.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Origin: https://xn--oec8c.xn--kecly4b.xn--gecrj9c
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 07:11:12 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 10431
Connection: keep-alive
Set-Cookie: aliyungf_tc=d2fa2266b0750889e59a0f3bf765cb4483b0a9001cf4ac8069f95b27bf5a272c; Path=/; HttpOnly
server: Tengine/2.3.3
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-origin: *
via: 1.1 google
Strict-Transport-Security: max-age=31536000
www.cnzz-api.com/?ie=utf-8&src=hao_360so_a1004&shb=1&hsid=048b594d7f421380&q=sss
172.67.137.80200 OK 1.9 kB URL GET HTTP/2 www.cnzz-api.com/?ie=utf-8&src=hao_360so_a1004&shb=1&hsid=048b594d7f421380&q=sss
IP 172.67.137.80:443
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerLet's Encrypt
Subjectcnzz-api.com
Fingerprint4B:0F:D3:FF:69:55:8C:DF:91:CA:4D:7F:E6:60:33:CC:76:C2:8B:80
ValidityWed, 31 Jan 2024 16:52:05 GMT - Tue, 30 Apr 2024 16:52:04 GMT
File type very short file (no magic)
Hash 7215ee9c7d9dc229d2921a40e899ec5f
b858cb282617fb0956d960215c8e84d1ccf909c6
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
GET /?ie=utf-8&src=hao_360so_a1004&shb=1&hsid=048b594d7f421380&q=sss HTTP/1.1
Host: www.cnzz-api.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 07:11:11 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/5.6.40
set-cookie: ci_session=345603603f71062d97041c6a48d579dfcf91d5fb; expires=Fri, 29-Mar-2024 09:11:10 GMT; Max-Age=7200; path=/; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o2CHNsTOPpIOFL7y6XJ141jsjUgnzVRJIgThEkV%2BgHduC3nwl1xP9e3v1BBY9gveXOSeIRpecovSq8fzS2pakafKuW9QFYi3IGTC0yY140mKkCtpbkVzfXN1GmPJjJ7NtLKM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86be0b5b6ec0b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
49kj1818.com/static/js/kj2.js
103.24.53.50200 OK 1.8 kB URL GET HTTP/1.1 49kj1818.com/static/js/kj2.js
IP 103.24.53.50:443
ASN #7483 Skycloud Computing co., Ltd.
Certificate IssuerSectigo Limited
Subject49kj1818.com
Fingerprint5F:E2:93:AE:EF:56:E5:E9:7F:0A:4D:60:0D:8A:47:47:99:4D:4E:BD
ValidityThu, 05 Oct 2023 00:00:00 GMT - Sat, 05 Oct 2024 23:59:59 GMT
File type JavaScript source, Unicode text, UTF-8 text
Hash 6ae822ddba740d418ea8b85e57c6d964
76a9dc2abff062ecb9f1e37d0e4c56e5bb455f08
2ac9173b9aecde63d62660c6ddfe155a9e8dae5a00b178807d1a837cd1013978
GET /static/js/kj2.js HTTP/1.1
Host: 49kj1818.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://49kj1818.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
ETag: W/"657f379a-13ea"
Server: Tengine/2.3.3
Date: Fri, 01 Mar 2024 14:33:32 GMT
Content-Type: application/javascript; charset=utf-8,gbk
Last-Modified: Sun, 17 Dec 2023 18:02:02 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Cache: HIT from ty8z2-cdnb53-040
Content-Length: 1814
6htv11.com/gallerynew/h5/picture/detail?reload=0&pictureTypeId=110096
170.33.96.7200 OK 10 kB URL GET HTTP/1.1 6htv11.com/gallerynew/h5/picture/detail?reload=0&pictureTypeId=110096
IP 170.33.96.7:443
ASN #134963 Alibaba Cloud Singapore Private Limited
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerSectigo Limited
Subject6htv11.com
Fingerprint33:02:A0:C7:EA:18:2F:40:91:8E:99:17:E8:8E:F2:5C:72:50:3B:D8
ValidityTue, 19 Sep 2023 00:00:00 GMT - Sun, 12 May 2024 23:59:59 GMT
Hash 8de983d3058a4d98cad27ab3103d8a53
6d7a1490d7582b4c615dfdd6ebf6bed2bbfc949d
00dcc4e0607da590c5a09678a07e50c905ef7fe82c11f79d26f6b8e4f14fa474
GET /gallerynew/h5/picture/detail?reload=0&pictureTypeId=110096 HTTP/1.1
Host: 6htv11.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Origin: https://xn--oec8c.xn--kecly4b.xn--gecrj9c
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 07:11:13 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 10431
Connection: keep-alive
Set-Cookie: aliyungf_tc=6570a14d26d87151dbe05148781d3052979a3da08530a93a21d0928bd44fbdf2; Path=/; HttpOnly
server: Tengine/2.3.3
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-origin: *
via: 1.1 google
Strict-Transport-Security: max-age=31536000
xn--oec8c.xn--hdc1gpai4d.xn--gecrj9c/api/getImg.js?v=17&id=110099
188.114.96.1200 OK 11 kB URL GET HTTP/2 xn--oec8c.xn--hdc1gpai4d.xn--gecrj9c/api/getImg.js?v=17&id=110099
IP 188.114.96.1:443
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerLet's Encrypt
Subjectxn--hdc1gpai4d.xn--gecrj9c
FingerprintA1:90:75:F4:62:57:79:F3:BF:28:2B:61:7F:F4:12:85:FE:43:CE:83
ValidityTue, 19 Mar 2024 08:22:36 GMT - Mon, 17 Jun 2024 08:22:35 GMT
File type HTML document, ASCII text
Hash 2de130ebc98c96d3385f6425e828f750
476c1c30c7cdf54d85afdc44e9a012a81a595afc
efcc9c71c4529e2f3e3f053e20c83753f4b62ad445646354a85f0c8721c32fe3
GET /api/getImg.js?v=17&id=110099 HTTP/1.1
Host: xn--oec8c.xn--hdc1gpai4d.xn--gecrj9c
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 07:11:10 GMT
content-type: application/javascript
last-modified: Tue, 19 Mar 2024 07:43:42 GMT
vary: Accept-Encoding
etag: W/"65f9422e-4de"
expires: Fri, 29 Mar 2024 19:11:10 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uPm12rj7dRQ%2BWoCqytYjJ5KeQmsuDKzTfIOWfqFl0lWmysIMkPPu3uiURBevbuZpmJWpVh0xMckv5svrtpahqxizCRUGFaMLQZ%2F3Mv7wzhwV%2Fmf9Azv8EVWtX62mFyCIk%2BQREEQC9gG02fz4Dh81Xd0g8v916RE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86be0b56ef7756c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
49kj1818.com/amkj.html
103.24.53.50200 OK 1.7 kB IP 103.24.53.50:443
ASN #7483 Skycloud Computing co., Ltd.
Certificate IssuerSectigo Limited
Subject49kj1818.com
Fingerprint5F:E2:93:AE:EF:56:E5:E9:7F:0A:4D:60:0D:8A:47:47:99:4D:4E:BD
ValidityThu, 05 Oct 2023 00:00:00 GMT - Sat, 05 Oct 2024 23:59:59 GMT
File type HTML document, ASCII text
Hash bbff1b0bcd0bd8a1d610a25875276f74
cdc1cbef170785f5cd6be661a4d20f09229e11e7
af13b35f15f1af92e9ad5158baf46697b3c2c02431909278fe66ad0676036c96
GET /amkj.html HTTP/1.1
Host: 49kj1818.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://49kj1818.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
ETag: W/"651ea821-173b"
Server: Tengine/2.3.3
Date: Fri, 01 Mar 2024 14:32:57 GMT
Content-Type: text/html; charset=utf-8,gbk
Last-Modified: Thu, 05 Oct 2023 12:12:17 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Cache: HIT from ty8z2-cdnb53-040
Content-Length: 1726
49kj1818.com/static/imgs/a-ac.png
103.24.53.50200 OK 732 B URL GET HTTP/1.1 49kj1818.com/static/imgs/a-ac.png
IP 103.24.53.50:443
ASN #7483 Skycloud Computing co., Ltd.
Certificate IssuerSectigo Limited
Subject49kj1818.com
Fingerprint5F:E2:93:AE:EF:56:E5:E9:7F:0A:4D:60:0D:8A:47:47:99:4D:4E:BD
ValidityThu, 05 Oct 2023 00:00:00 GMT - Sat, 05 Oct 2024 23:59:59 GMT
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced
Hash a0f2ed036963e4586587ad3ea587bcff
109dae709a2914d0c883ac7b293a202a16a7b0b8
c2ea066bb48f647a764d9cb9681b96dfbc5f14db9c247407c9491b578067e982
GET /static/imgs/a-ac.png HTTP/1.1
Host: 49kj1818.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://49kj1818.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
ETag: "651d4ba2-2dc"
Server: Tengine/2.3.3
Date: Fri, 01 Mar 2024 14:33:33 GMT
Content-Type: image/png
Last-Modified: Wed, 04 Oct 2023 11:25:22 GMT
Accept-Ranges: bytes
X-Cache: HIT from ty8z2-cdnb53-040
Content-Length: 732
www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
142.250.74.78200 OK 31 B URL POST HTTP/3 www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
IP 142.250.74.78:443
Requested by https://www.youtube.com/embed/PBj2l5u_u94?rel=0&showinfo=0&wmode=opaque
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint23:75:5E:3D:EA:9F:A0:42:86:8D:14:AE:43:04:F0:B2:91:0B:DA:CF
ValidityMon, 26 Feb 2024 08:03:58 GMT - Mon, 20 May 2024 08:03:57 GMT
Hash 5e1fa6fd9abd549a576f3f24b1d3c8d4
d5335d7f7d33be6a0b663f03b2df4df2521c4a87
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Request-Time: 1711696273667
Content-Type: application/json
X-Goog-Visitor-Id: CgthNWVsMm5YQjhEOCiN05mwBjIOCgJOTxIIEgQSAgsMIEw%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20240326.01.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1711696270378&flash=0&frm=2&u_tz&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C750%2C422&vis=1&wgl=true&ca_type=image
Content-Length: 11510
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/PBj2l5u_u94?rel=0&showinfo=0&wmode=opaque
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Fri, 29 Mar 2024 07:11:13 GMT
server: scaffolding on HTTPServer2
content-length: 31
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
49kj1818.com/static/imgs/tc.png
103.24.53.50200 OK 800 B URL GET HTTP/1.1 49kj1818.com/static/imgs/tc.png
IP 103.24.53.50:443
ASN #7483 Skycloud Computing co., Ltd.
Certificate IssuerSectigo Limited
Subject49kj1818.com
Fingerprint5F:E2:93:AE:EF:56:E5:E9:7F:0A:4D:60:0D:8A:47:47:99:4D:4E:BD
ValidityThu, 05 Oct 2023 00:00:00 GMT - Sat, 05 Oct 2024 23:59:59 GMT
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced
Hash 303c12d1fc6bd4a3dcc8689b8d3aea16
048539547d2929ab23a7473ee509c99b1150e2ba
0ec16b4b7564c64bdd725d0548d5f1460d0edcc11680e0b5d0ca5e5752f027b6
GET /static/imgs/tc.png HTTP/1.1
Host: 49kj1818.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://49kj1818.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
ETag: "651d4ba2-320"
Server: Tengine/2.3.3
Date: Fri, 01 Mar 2024 14:32:59 GMT
Content-Type: image/png
Last-Modified: Wed, 04 Oct 2023 11:25:22 GMT
Accept-Ranges: bytes
X-Cache: HIT from ty8z2-cdnb53-040
Content-Length: 800
49kj1818.com/static/imgs/ac.png
103.24.53.50200 OK 955 B URL GET HTTP/1.1 49kj1818.com/static/imgs/ac.png
IP 103.24.53.50:443
ASN #7483 Skycloud Computing co., Ltd.
Certificate IssuerSectigo Limited
Subject49kj1818.com
Fingerprint5F:E2:93:AE:EF:56:E5:E9:7F:0A:4D:60:0D:8A:47:47:99:4D:4E:BD
ValidityThu, 05 Oct 2023 00:00:00 GMT - Sat, 05 Oct 2024 23:59:59 GMT
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced
Hash 889c4d159fb57d9f44f9065136b2d2e6
e6e16c186aee0b41f219d8b4a80f0fee642ae373
2007222c57862f18fa3c1ba8075f64546b59a9789c30d2adff0fe3756a9262eb
GET /static/imgs/ac.png HTTP/1.1
Host: 49kj1818.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://49kj1818.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
ETag: "651d4ba2-3bb"
Server: Tengine/2.3.3
Date: Fri, 01 Mar 2024 14:33:34 GMT
Content-Type: image/png
Last-Modified: Wed, 04 Oct 2023 11:25:22 GMT
Accept-Ranges: bytes
X-Cache: HIT from ty8z2-cdnb53-040
Content-Length: 955
49kj1818.com/static/js/amkj.js
103.24.53.50200 OK 2.4 kB URL GET HTTP/1.1 49kj1818.com/static/js/amkj.js
IP 103.24.53.50:443
ASN #7483 Skycloud Computing co., Ltd.
Requested by https://49kj1818.com/amkj.html
Certificate IssuerSectigo Limited
Subject49kj1818.com
Fingerprint5F:E2:93:AE:EF:56:E5:E9:7F:0A:4D:60:0D:8A:47:47:99:4D:4E:BD
ValidityThu, 05 Oct 2023 00:00:00 GMT - Sat, 05 Oct 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (363)
Hash 7f3021a2101a41dcd87810431bcce2a0
ab30d8efae59d4e88e7346dcd02d2505ef83f7f8
f1fec5e2bb3411f7c5293234b6e42363f074100dc2af3c39ae88e650ab703789
GET /static/js/amkj.js HTTP/1.1
Host: 49kj1818.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://49kj1818.com/amkj.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
ETag: W/"65cde8f8-17db"
Server: Tengine/2.3.3
Date: Fri, 01 Mar 2024 14:32:58 GMT
Content-Type: application/javascript; charset=utf-8,gbk
Last-Modified: Thu, 15 Feb 2024 10:35:36 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Cache: HIT from ty8z2-cdnb53-040
Content-Length: 2366
49kj1818.com/static/imgs/gc.png
103.24.53.50200 OK 803 B URL GET HTTP/1.1 49kj1818.com/static/imgs/gc.png
IP 103.24.53.50:443
ASN #7483 Skycloud Computing co., Ltd.
Certificate IssuerSectigo Limited
Subject49kj1818.com
Fingerprint5F:E2:93:AE:EF:56:E5:E9:7F:0A:4D:60:0D:8A:47:47:99:4D:4E:BD
ValidityThu, 05 Oct 2023 00:00:00 GMT - Sat, 05 Oct 2024 23:59:59 GMT
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced
Hash f82145985f71ef7aeb9969651e0dafaa
be518cbbee4397064badee5970eca5fd95aef825
ce241ed94a4fd5025572b56601c9b92640dd2954a09d5a8244aba95c51c4331c
GET /static/imgs/gc.png HTTP/1.1
Host: 49kj1818.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://49kj1818.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
ETag: "651d4ba2-323"
Server: Tengine/2.3.3
Date: Fri, 01 Mar 2024 14:32:57 GMT
Content-Type: image/png
Last-Modified: Wed, 04 Oct 2023 11:25:22 GMT
Accept-Ranges: bytes
X-Cache: HIT from ty8z2-cdnb53-040
Content-Length: 803
49kj1818.com/static/js/jquery.min.js
103.24.53.50200 OK 38 kB URL GET HTTP/1.1 49kj1818.com/static/js/jquery.min.js
IP 103.24.53.50:443
ASN #7483 Skycloud Computing co., Ltd.
Requested by https://49kj1818.com/amkj.html
Certificate IssuerSectigo Limited
Subject49kj1818.com
Fingerprint5F:E2:93:AE:EF:56:E5:E9:7F:0A:4D:60:0D:8A:47:47:99:4D:4E:BD
ValidityThu, 05 Oct 2023 00:00:00 GMT - Sat, 05 Oct 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (32072)
Hash e0e0559014b222245deb26b6ae8bd940
e2f3603e23711f6446f278a411d905623d65201e
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
GET /static/js/jquery.min.js HTTP/1.1
Host: 49kj1818.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://49kj1818.com/amkj.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
ETag: W/"651d4ba2-16bac"
Server: Tengine/2.3.3
Date: Fri, 01 Mar 2024 14:33:34 GMT
Content-Type: application/javascript; charset=utf-8,gbk
Last-Modified: Wed, 04 Oct 2023 11:25:22 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Cache: HIT from ty8z2-cdnb53-040
Content-Length: 38142
49kj1818.com/static/js/util.js
103.24.53.50200 OK 1.9 kB URL GET HTTP/1.1 49kj1818.com/static/js/util.js
IP 103.24.53.50:443
ASN #7483 Skycloud Computing co., Ltd.
Certificate IssuerSectigo Limited
Subject49kj1818.com
Fingerprint5F:E2:93:AE:EF:56:E5:E9:7F:0A:4D:60:0D:8A:47:47:99:4D:4E:BD
ValidityThu, 05 Oct 2023 00:00:00 GMT - Sat, 05 Oct 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (4710)
Hash 5e76b73d7e09033967aec5d2ac781268
dfdff2d2faf342a54efc5001696a0334235b3362
48f6026e613d1a102fef3c673a717b1d2d22f998e3d4e8e2b0b21b6388fbe4b8
GET /static/js/util.js HTTP/1.1
Host: 49kj1818.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://49kj1818.com/amkj.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
ETag: W/"651d4ba2-15a1"
Server: Tengine/2.3.3
Date: Fri, 01 Mar 2024 14:32:56 GMT
Content-Type: application/javascript; charset=utf-8,gbk
Last-Modified: Wed, 04 Oct 2023 11:25:22 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Cache: HIT from ty8z2-cdnb53-040
Content-Length: 1873
region1.analytics.google.com/g/collect?v=2&tid=G-DKXFWS1ZVH>m=45je43r0v879519077za200&_p=1711696268583&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=439707368.1711696269&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AEA&_s=2&sid=1711696269&sct=1&seg=0&dl=http%3A%2F%2Fwww.paykpal.com%2Ffr%2Fapp%2Fapp%2Fsignin.php&dt=%E7%8E%8B%E4%B8%AD%E7%8E%8B%E5%85%AD%E5%90%88%E5%BD%A9%E7%89%B9%E7%A0%81%20(New%20Brunswick%20Community%20College)&en=scroll&epn.percent_scrolled=90&tfd=12387
216.239.34.36204 No Content 0 B URL POST HTTP/3 region1.analytics.google.com/g/collect?v=2&tid=G-DKXFWS1ZVH>m=45je43r0v879519077za200&_p=1711696268583&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=439707368.1711696269&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AEA&_s=2&sid=1711696269&sct=1&seg=0&dl=http%3A%2F%2Fwww.paykpal.com%2Ffr%2Fapp%2Fapp%2Fsignin.php&dt=%E7%8E%8B%E4%B8%AD%E7%8E%8B%E5%85%AD%E5%90%88%E5%BD%A9%E7%89%B9%E7%A0%81%20(New%20Brunswick%20Community%20College)&en=scroll&epn.percent_scrolled=90&tfd=12387
IP 216.239.34.36:443
Requested by http://www.paykpal.com/fr/app/app/signin.php
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintDE:42:E4:CC:E5:66:70:09:F3:E6:6E:57:B7:5E:22:0A:A3:03:C2:7C
ValidityMon, 26 Feb 2024 08:03:40 GMT - Mon, 20 May 2024 08:03:39 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-DKXFWS1ZVH>m=45je43r0v879519077za200&_p=1711696268583&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=439707368.1711696269&ul=en-us&sr=1280x1024&pscdl=noapi&_eu=AEA&_s=2&sid=1711696269&sct=1&seg=0&dl=http%3A%2F%2Fwww.paykpal.com%2Ffr%2Fapp%2Fapp%2Fsignin.php&dt=%E7%8E%8B%E4%B8%AD%E7%8E%8B%E5%85%AD%E5%90%88%E5%BD%A9%E7%89%B9%E7%A0%81%20(New%20Brunswick%20Community%20College)&en=scroll&epn.percent_scrolled=90&tfd=12387 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.paykpal.com
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/3 204 No Content
access-control-allow-origin: http://www.paykpal.com
date: Fri, 29 Mar 2024 07:11:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
imges.lhpictapi.com:8443/galleryfiles/system/amlhc/col/2024/89/amjibt.jpg?t=1711633878000
1.0.0.9200 OK 211 kB URL GET HTTP/2 imges.lhpictapi.com:8443/galleryfiles/system/amlhc/col/2024/89/amjibt.jpg?t=1711633878000
IP 1.0.0.9:8443
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerLet's Encrypt
Subjectimges.lhpictapi.com
FingerprintEE:50:B3:03:3A:A4:36:E2:8B:45:FE:89:BE:7A:49:5D:D4:AF:02:D1
ValidityFri, 02 Feb 2024 20:00:31 GMT - Thu, 02 May 2024 20:00:30 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=800, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=800], baseline, precision 8, 800x800, components 3
Size 211 kB (210621 bytes)
Hash 9b8d42c6998c174f3bf605245187d82d
69d3f208693d356e4cb54a92328fff3606e28db5
71b4c7199cc770c7a5c9d08bfda3c75f82cdcbcc58e6742952e6726fb0fe6c0a
GET /galleryfiles/system/amlhc/col/2024/89/amjibt.jpg?t=1711633878000 HTTP/1.1
Host: imges.lhpictapi.com:8443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 29 Mar 2024 07:11:15 GMT
content-type: image/jpeg
content-length: 210621
cf-ray: 86be0b6ffaddb52d-OSL
cf-cache-status: MISS
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=86400
etag: "660575b8-336bd"
expires: Sat, 30 Mar 2024 07:11:14 GMT
last-modified: Thu, 28 Mar 2024 13:50:48 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BsYv%2BTbSJEEtKHZPT8VPwHjvC%2FNCrt2XTAv0G%2B7STKhJ%2FXk3wkeLa9r125TB8FUs%2FvktSbuKNvI1%2F3T1DD77qoPp3LBImW%2Fg%2FYQhsNgsOAyiIbl%2FNLpOVFRG1UBh6hZKG2MPxXr5Ksqf27k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":8443"; ma=86400
X-Firefox-Spdy: h2
imges.lhpictapi.com:8443/galleryfiles/system/amlhc/col/2024/89/ammabt.jpg?t=1711633875000
1.0.0.9200 OK 203 kB URL GET HTTP/2 imges.lhpictapi.com:8443/galleryfiles/system/amlhc/col/2024/89/ammabt.jpg?t=1711633875000
IP 1.0.0.9:8443
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerLet's Encrypt
Subjectimges.lhpictapi.com
FingerprintEE:50:B3:03:3A:A4:36:E2:8B:45:FE:89:BE:7A:49:5D:D4:AF:02:D1
ValidityFri, 02 Feb 2024 20:00:31 GMT - Thu, 02 May 2024 20:00:30 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=800, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=800], baseline, precision 8, 800x800, components 3
Size 203 kB (203030 bytes)
Hash 933030b739480dbdb73c51a61ea849cf
ffde22cd4a2b5515249933dc1bddf3598cbfdaa9
2b101fc121e0d602f2b1cdbf7278bd9110279a3bd4e510fde3ee528c595c43a4
GET /galleryfiles/system/amlhc/col/2024/89/ammabt.jpg?t=1711633875000 HTTP/1.1
Host: imges.lhpictapi.com:8443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 07:11:15 GMT
content-type: image/jpeg
content-length: 203030
cf-ray: 86be0b6ffae4b52d-OSL
cf-cache-status: MISS
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=86400
etag: "660575b0-31916"
expires: Sat, 30 Mar 2024 07:11:14 GMT
last-modified: Thu, 28 Mar 2024 13:50:40 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MLNHxQMXA%2FXfFv9LmWjKONeG79G%2BHuO7Gow8hVZjB94JRlCJeeLcZgdChKuQKaQpjemfy%2B4EF2bVCDWhKwWjUueQSg%2BjGLAdug0VVszciLg87LhQ6nqG%2BVP1ZbnI1fZy7iqcSZgzocwlx%2Fc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":8443"; ma=86400
X-Firefox-Spdy: h2
a6tkapi3.com/gallerynew/h5/index/lastLotteryRecord?lotteryType=2&lotteryPage=1
74.48.96.3200 OK 768 B URL GET HTTP/1.1 a6tkapi3.com/gallerynew/h5/index/lastLotteryRecord?lotteryType=2&lotteryPage=1
IP 74.48.96.3:443
Requested by https://49kj1818.com/amkj.html
Certificate IssuerLet's Encrypt
Subjecta6tkapi3.com
FingerprintD6:37:E5:BF:62:C5:95:77:85:51:D7:CF:B9:9F:03:93:49:F5:7B:A7
ValiditySat, 09 Mar 2024 16:30:31 GMT - Fri, 07 Jun 2024 16:30:30 GMT
Hash 9202df60651dbc8adaeda8bdf9cdf614
9ecc1835fa2048eb5c8a59b2e0a4ebac9d13b90c
c1cb926af6bd1795f4b2b18c5faee67c3d7911abe57673ecc012a484d71a7918
GET /gallerynew/h5/index/lastLotteryRecord?lotteryType=2&lotteryPage=1 HTTP/1.1
Host: a6tkapi3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://49kj1818.com
DNT: 1
Connection: keep-alive
Referer: https://49kj1818.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 07:11:14 GMT
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding, Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-origin: *
via: 1.1 google
Server: Bot CDN
Content-Encoding: gzip
imges.lhpictapi.com:8443/galleryfiles/system/amlhc/col/2024/89/amshubt.jpg?t=1711633876000
1.0.0.9200 OK 188 kB URL GET HTTP/2 imges.lhpictapi.com:8443/galleryfiles/system/amlhc/col/2024/89/amshubt.jpg?t=1711633876000
IP 1.0.0.9:8443
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerLet's Encrypt
Subjectimges.lhpictapi.com
FingerprintEE:50:B3:03:3A:A4:36:E2:8B:45:FE:89:BE:7A:49:5D:D4:AF:02:D1
ValidityFri, 02 Feb 2024 20:00:31 GMT - Thu, 02 May 2024 20:00:30 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=800, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=800], baseline, precision 8, 800x800, components 3
Size 188 kB (187967 bytes)
Hash 5a661de428b8e959ab2a5ae3b7e950f1
4976e75cbf4ce175a6513efb8389837b87d8f4fd
b9a6153dbebd897a2768789812bd2aa3ebc4c5c8c75fe9a14b394cdf3311f4cd
GET /galleryfiles/system/amlhc/col/2024/89/amshubt.jpg?t=1711633876000 HTTP/1.1
Host: imges.lhpictapi.com:8443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 07:11:15 GMT
content-type: image/jpeg
content-length: 187967
cf-ray: 86be0b701af0b52d-OSL
cf-cache-status: MISS
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=86400
etag: "660575b1-2de3f"
expires: Sat, 30 Mar 2024 07:11:14 GMT
last-modified: Thu, 28 Mar 2024 13:50:41 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ha5D%2FS9pD3A0EWXOXY3atSMMZLX2DYobX26sJB6EKWM5S6iVzGxVYkhMMpZoyPT7bJhQD7TZuTYCVFitwhDCidjSB7FdJWbZi8MIkz6SlvBA%2FnjmAud9OLwNI51WpoluiPXJyHCcQXoVefM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":8443"; ma=86400
X-Firefox-Spdy: h2
imges.lhpictapi.com:8443/galleryfiles/system/amlhc/col/2024/89/amtubt.jpg?t=1711633935000
1.0.0.9200 OK 220 kB URL GET HTTP/2 imges.lhpictapi.com:8443/galleryfiles/system/amlhc/col/2024/89/amtubt.jpg?t=1711633935000
IP 1.0.0.9:8443
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerLet's Encrypt
Subjectimges.lhpictapi.com
FingerprintEE:50:B3:03:3A:A4:36:E2:8B:45:FE:89:BE:7A:49:5D:D4:AF:02:D1
ValidityFri, 02 Feb 2024 20:00:31 GMT - Thu, 02 May 2024 20:00:30 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=800, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=800], baseline, precision 8, 800x800, components 3
Size 220 kB (219842 bytes)
Hash 4d7ea7178892d014fcbd4340a5c5fe54
e995245f298553bfae527a415895b9f35cdd5737
71a19cee6a73f3dd8068e29d806f86b439dedd7458d2a7b1da309cf971b1b761
GET /galleryfiles/system/amlhc/col/2024/89/amtubt.jpg?t=1711633935000 HTTP/1.1
Host: imges.lhpictapi.com:8443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 29 Mar 2024 07:11:15 GMT
content-type: image/jpeg
content-length: 219842
cf-ray: 86be0b6ffadbb52d-OSL
cf-cache-status: MISS
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=86400
etag: "660575e7-35ac2"
expires: Sat, 30 Mar 2024 07:11:14 GMT
last-modified: Thu, 28 Mar 2024 13:51:35 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IYfqT%2BiWbZCbzDYtfxnqoJq75UGa6w%2FO1kTCSXDe58bYrJfyHaMZOg3vdrIUfVyxDPExGTBWu63ooWOXZJIqcWbtQick2ezsdi%2BnKyNTv84pCPMTK5ZTExx5wiTFuQr9oRB5BHCx571IDE4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":8443"; ma=86400
X-Firefox-Spdy: h2
imges.lhpictapi.com:8443/galleryfiles/system/amlhc/col/2024/89/amlongbt.jpg?t=1711633874000
1.0.0.9200 OK 211 kB URL GET HTTP/2 imges.lhpictapi.com:8443/galleryfiles/system/amlhc/col/2024/89/amlongbt.jpg?t=1711633874000
IP 1.0.0.9:8443
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerLet's Encrypt
Subjectimges.lhpictapi.com
FingerprintEE:50:B3:03:3A:A4:36:E2:8B:45:FE:89:BE:7A:49:5D:D4:AF:02:D1
ValidityFri, 02 Feb 2024 20:00:31 GMT - Thu, 02 May 2024 20:00:30 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=800, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=800], baseline, precision 8, 800x800, components 3
Size 211 kB (210860 bytes)
Hash 22f4830d1306f991a463f38b9a2f26c3
0423e602ed9e028996ab057e8900e2bfae52b1fa
cd66abfdd859d7335de71545870fbae001cb00b15e81e8b8508a92b0ebdd69a1
GET /galleryfiles/system/amlhc/col/2024/89/amlongbt.jpg?t=1711633874000 HTTP/1.1
Host: imges.lhpictapi.com:8443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 07:11:15 GMT
content-type: image/jpeg
content-length: 210860
cf-ray: 86be0b6fead7b52d-OSL
cf-cache-status: MISS
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=86400
etag: "660575b0-337ac"
expires: Sat, 30 Mar 2024 07:11:14 GMT
last-modified: Thu, 28 Mar 2024 13:50:40 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=armqvJqmEXdmHP%2FV9BEUtk0vPaLqgeEvw1POOxTGlFTtsTHeMYrAwULGiC76xVYtOS9pwreYdIYVVcBz5qPH9rJ5NuSUycMPqeYs2JzPvD%2FyQOWqKdwrS6yFJU3Gz%2BW5AzHKpQ16xqsdSSw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":8443"; ma=86400
X-Firefox-Spdy: h2
imges.lhpictapi.com:8443/galleryfiles/system/amlhc/col/2024/89/amshebt.jpg?t=1711633925000
1.0.0.9200 OK 220 kB URL GET HTTP/2 imges.lhpictapi.com:8443/galleryfiles/system/amlhc/col/2024/89/amshebt.jpg?t=1711633925000
IP 1.0.0.9:8443
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerLet's Encrypt
Subjectimges.lhpictapi.com
FingerprintEE:50:B3:03:3A:A4:36:E2:8B:45:FE:89:BE:7A:49:5D:D4:AF:02:D1
ValidityFri, 02 Feb 2024 20:00:31 GMT - Thu, 02 May 2024 20:00:30 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=800, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=800], baseline, precision 8, 800x800, components 3
Size 220 kB (219489 bytes)
Hash 244165b4c07e119f4adc1466d948f680
2ef03350c44415b915b111650a6a5bca3a2034d0
c3de3179dd996a9149ffcaa1fc73f254a45473a436ce1c00e99027f3b19cdb20
GET /galleryfiles/system/amlhc/col/2024/89/amshebt.jpg?t=1711633925000 HTTP/1.1
Host: imges.lhpictapi.com:8443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 07:11:15 GMT
content-type: image/jpeg
content-length: 219489
cf-ray: 86be0b700ae7b52d-OSL
cf-cache-status: MISS
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=86400
etag: "660575d6-35961"
expires: Sat, 30 Mar 2024 07:11:14 GMT
last-modified: Thu, 28 Mar 2024 13:51:18 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uGz6XctbYLhDqEWA%2FId9Du6addqYLhnfjGwrpV%2BC6LlxczXypD1Ot5bf6SrheRhK5E8jyQatjv1synnXp5HaJ317wZWWOY7NcrM9%2FJPY8eHhgBc3DO%2FxO5e3iYB3TBmM6Cf5LEqNOOrTUeE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":8443"; ma=86400
X-Firefox-Spdy: h2
imges.lhpictapi.com:8443/galleryfiles/system/amlhc/col/2024/89/amniubt.jpg?t=1711633922000
1.0.0.9200 OK 203 kB URL GET HTTP/2 imges.lhpictapi.com:8443/galleryfiles/system/amlhc/col/2024/89/amniubt.jpg?t=1711633922000
IP 1.0.0.9:8443
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerLet's Encrypt
Subjectimges.lhpictapi.com
FingerprintEE:50:B3:03:3A:A4:36:E2:8B:45:FE:89:BE:7A:49:5D:D4:AF:02:D1
ValidityFri, 02 Feb 2024 20:00:31 GMT - Thu, 02 May 2024 20:00:30 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=800, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=800], baseline, precision 8, 800x800, components 3
Size 203 kB (202596 bytes)
Hash 3cc74a4f8ef3085ace38d6add2ef9c22
bcf56adb9d558678fb671a6fca6a18c8a5d3361b
25b23397008ee5f5e33164679359875a13f2af0e20f57019a5a53abac7d6d45b
GET /galleryfiles/system/amlhc/col/2024/89/amniubt.jpg?t=1711633922000 HTTP/1.1
Host: imges.lhpictapi.com:8443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 29 Mar 2024 07:11:15 GMT
content-type: image/jpeg
content-length: 202596
cf-ray: 86be0b6ffadcb52d-OSL
cf-cache-status: MISS
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=86400
etag: "660575d5-31764"
expires: Sat, 30 Mar 2024 07:11:14 GMT
last-modified: Thu, 28 Mar 2024 13:51:17 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a0sMtds6ZxMn3DTQQEllR1KKcp1ylIcXytV06Z7L955tyLWc6zzD%2FOOH%2BfOVs6PNk51hL6KRRm3hLsxy7zO3be7Yu%2BT%2BGkCPRitelTxS8ZLOl6SDppM1H59QU0VFRMUZM2TEaYSWLMfRnh0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":8443"; ma=86400
X-Firefox-Spdy: h2
imges.lhpictapi.com:8443/galleryfiles/system/amlhc/col/2024/89/amhoubt.jpg?t=1711633889000
1.0.0.9200 OK 211 kB URL GET HTTP/2 imges.lhpictapi.com:8443/galleryfiles/system/amlhc/col/2024/89/amhoubt.jpg?t=1711633889000
IP 1.0.0.9:8443
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerLet's Encrypt
Subjectimges.lhpictapi.com
FingerprintEE:50:B3:03:3A:A4:36:E2:8B:45:FE:89:BE:7A:49:5D:D4:AF:02:D1
ValidityFri, 02 Feb 2024 20:00:31 GMT - Thu, 02 May 2024 20:00:30 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=800, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=800], baseline, precision 8, 800x800, components 3
Size 211 kB (210779 bytes)
Hash 9baabd5527bfbf075c5998c5df65d5ff
e3b0559e14d94a5595ac263a7c37db1bfc367d85
231ddf7bf09c17bc430649b1abfcd03859bb6af9107e2920b8e400947b14a6b5
GET /galleryfiles/system/amlhc/col/2024/89/amhoubt.jpg?t=1711633889000 HTTP/1.1
Host: imges.lhpictapi.com:8443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 29 Mar 2024 07:11:15 GMT
content-type: image/jpeg
content-length: 210779
cf-ray: 86be0b6ffadeb52d-OSL
cf-cache-status: MISS
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=86400
etag: "660575cb-3375b"
expires: Sat, 30 Mar 2024 07:11:14 GMT
last-modified: Thu, 28 Mar 2024 13:51:07 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yObQ4E5UYF8f2O4KOjF3%2FUI8x7ORG9z4nd5dK%2FnvoZTYUu94sEGlzfoRUvTHGtrjazrUbxCseHjpJCjmrn13xhJLBMLU48BHqa7gEyb63iqvxFHUYXzE22951o74xt7MzTX2XkZrHAHoaPU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":8443"; ma=86400
X-Firefox-Spdy: h2
imges.lhpictapi.com:8443/galleryfiles/system/amlhc/col/2024/89/amyangbt.jpg?t=1711633871000
1.0.0.9200 OK 212 kB URL GET HTTP/2 imges.lhpictapi.com:8443/galleryfiles/system/amlhc/col/2024/89/amyangbt.jpg?t=1711633871000
IP 1.0.0.9:8443
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerLet's Encrypt
Subjectimges.lhpictapi.com
FingerprintEE:50:B3:03:3A:A4:36:E2:8B:45:FE:89:BE:7A:49:5D:D4:AF:02:D1
ValidityFri, 02 Feb 2024 20:00:31 GMT - Thu, 02 May 2024 20:00:30 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=800, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=800], baseline, precision 8, 800x800, components 3
Size 212 kB (211483 bytes)
Hash 0c178dadbe1103f3e96f1215c6ee67c7
12210ba34180ec2d90701e0f49a6099da991f61e
c37f3e13d84ad1a7a0119f94a0f79a6c108b6ef7186e60d16e205a71ad51a1ff
GET /galleryfiles/system/amlhc/col/2024/89/amyangbt.jpg?t=1711633871000 HTTP/1.1
Host: imges.lhpictapi.com:8443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 07:11:15 GMT
content-type: image/jpeg
content-length: 211483
cf-ray: 86be0b700aeab52d-OSL
cf-cache-status: MISS
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=86400
etag: "660575aa-33a1b"
expires: Sat, 30 Mar 2024 07:11:14 GMT
last-modified: Thu, 28 Mar 2024 13:50:34 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FT47OvKC3OaCjhszAWTLj6AsymYlkUw%2B1RuAX7XzWgSYnwrNvS3NW8JpJedzhmEiQS0gY6kDMwyA72swJOYtFZv%2Fy4wAK0Rd02KqNZKtQUOcCRuitl78NBDTixTJWWCl6IUhFdcwXFjq6K8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":8443"; ma=86400
X-Firefox-Spdy: h2
imges.lhpictapi.com:8443/galleryfiles/system/amlhc/col/2024/89/amgoubt.jpg?t=1711633930000
1.0.0.9200 OK 194 kB URL GET HTTP/2 imges.lhpictapi.com:8443/galleryfiles/system/amlhc/col/2024/89/amgoubt.jpg?t=1711633930000
IP 1.0.0.9:8443
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerLet's Encrypt
Subjectimges.lhpictapi.com
FingerprintEE:50:B3:03:3A:A4:36:E2:8B:45:FE:89:BE:7A:49:5D:D4:AF:02:D1
ValidityFri, 02 Feb 2024 20:00:31 GMT - Thu, 02 May 2024 20:00:30 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=800, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=800], baseline, precision 8, 800x800, components 3
Size 194 kB (194362 bytes)
Hash 5d37aca8527eb56e0ae38fefea05d8bd
253155d6c10b710176a71240abddf874363211f4
e1d555c664fb8abedc324a60c47ef23eeea147bed57e9944d8855246f29e8cfd
GET /galleryfiles/system/amlhc/col/2024/89/amgoubt.jpg?t=1711633930000 HTTP/1.1
Host: imges.lhpictapi.com:8443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 29 Mar 2024 07:11:15 GMT
content-type: image/jpeg
content-length: 194362
cf-ray: 86be0b6ffae1b52d-OSL
cf-cache-status: MISS
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=86400
etag: "660575de-2f73a"
expires: Sat, 30 Mar 2024 07:11:14 GMT
last-modified: Thu, 28 Mar 2024 13:51:26 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iaiA1IevouSV2r6wP91BNH6nTT8AY%2FxNWT1vfJtVFBI2wQtUHm%2BZ4U89%2BwGZ47B1V%2BF6cEVOi1lV94dpmBQf7Bozyy%2FXyG7QgESP1bIGFDaJ6GnK4UTsKjXz7JqkYClSmTyNClSZ5Y%2BADuU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":8443"; ma=86400
X-Firefox-Spdy: h2
49kj1818.com/static/imgs/ac.png
103.24.53.50200 OK 955 B URL GET HTTP/1.1 49kj1818.com/static/imgs/ac.png
IP 103.24.53.50:443
ASN #7483 Skycloud Computing co., Ltd.
Certificate IssuerSectigo Limited
Subject49kj1818.com
Fingerprint5F:E2:93:AE:EF:56:E5:E9:7F:0A:4D:60:0D:8A:47:47:99:4D:4E:BD
ValidityThu, 05 Oct 2023 00:00:00 GMT - Sat, 05 Oct 2024 23:59:59 GMT
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced
Hash 889c4d159fb57d9f44f9065136b2d2e6
e6e16c186aee0b41f219d8b4a80f0fee642ae373
2007222c57862f18fa3c1ba8075f64546b59a9789c30d2adff0fe3756a9262eb
GET /static/imgs/ac.png HTTP/1.1
Host: 49kj1818.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://49kj1818.com/amkj.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
ETag: "651d4ba2-3bb"
Server: Tengine/2.3.3
Date: Fri, 01 Mar 2024 14:33:34 GMT
Content-Type: image/png
Last-Modified: Wed, 04 Oct 2023 11:25:22 GMT
Accept-Ranges: bytes
X-Cache: HIT from ty8z2-cdnb53-040
Content-Length: 955
49kj1818.com/static/imgs/blue.png
103.24.53.50200 OK 3.0 kB URL GET HTTP/1.1 49kj1818.com/static/imgs/blue.png
IP 103.24.53.50:443
ASN #7483 Skycloud Computing co., Ltd.
Requested by https://49kj1818.com/amkj.html
Certificate IssuerSectigo Limited
Subject49kj1818.com
Fingerprint5F:E2:93:AE:EF:56:E5:E9:7F:0A:4D:60:0D:8A:47:47:99:4D:4E:BD
ValidityThu, 05 Oct 2023 00:00:00 GMT - Sat, 05 Oct 2024 23:59:59 GMT
File type PNG image data, 56 x 56, 8-bit/color RGBA, non-interlaced
Hash 72a82bb6fd522638d1b89671ab64afee
8baec390ebfcf52a28b38b9db3100184d1ce1a50
acf2af1022d6681599a86fd79abe6e9ba1dc526b0d2df269a20049a1d534bba6
GET /static/imgs/blue.png HTTP/1.1
Host: 49kj1818.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://49kj1818.com/amkj.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
ETag: "651d4ba2-bd0"
Server: Tengine/2.3.3
Date: Fri, 01 Mar 2024 14:33:07 GMT
Content-Type: image/png
Last-Modified: Wed, 04 Oct 2023 11:25:22 GMT
Accept-Ranges: bytes
X-Cache: HIT from ty8z2-cdnb53-040
Content-Length: 3024
49kj1818.com/static/imgs/red.png
103.24.53.50200 OK 3.2 kB URL GET HTTP/1.1 49kj1818.com/static/imgs/red.png
IP 103.24.53.50:443
ASN #7483 Skycloud Computing co., Ltd.
Requested by https://49kj1818.com/amkj.html
Certificate IssuerSectigo Limited
Subject49kj1818.com
Fingerprint5F:E2:93:AE:EF:56:E5:E9:7F:0A:4D:60:0D:8A:47:47:99:4D:4E:BD
ValidityThu, 05 Oct 2023 00:00:00 GMT - Sat, 05 Oct 2024 23:59:59 GMT
File type PNG image data, 56 x 56, 8-bit/color RGBA, non-interlaced
Hash 8d6579d9bbbf815b4dc85489b130b630
cdcebcce45f00ae152119155db00b7c85f311e3d
b42aa4a79fc8413187fa820a37c6c21693cf107d038dd79721f370eb38cc3c2c
GET /static/imgs/red.png HTTP/1.1
Host: 49kj1818.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://49kj1818.com/amkj.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
ETag: "651d4ba2-c85"
Server: Tengine/2.3.3
Date: Fri, 01 Mar 2024 14:34:14 GMT
Content-Type: image/png
Last-Modified: Wed, 04 Oct 2023 11:25:22 GMT
Accept-Ranges: bytes
X-Cache: HIT from ty8z2-cdnb53-040
Content-Length: 3205
imges.lhpictapi.com:8443/galleryfiles/system/amlhc/col/2024/89/amzhubt.jpg?t=1711633880000
1.0.0.9200 OK 195 kB URL GET HTTP/2 imges.lhpictapi.com:8443/galleryfiles/system/amlhc/col/2024/89/amzhubt.jpg?t=1711633880000
IP 1.0.0.9:8443
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerLet's Encrypt
Subjectimges.lhpictapi.com
FingerprintEE:50:B3:03:3A:A4:36:E2:8B:45:FE:89:BE:7A:49:5D:D4:AF:02:D1
ValidityFri, 02 Feb 2024 20:00:31 GMT - Thu, 02 May 2024 20:00:30 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=800, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=800], baseline, precision 8, 800x800, components 3
Size 195 kB (195266 bytes)
Hash ae77db52fe2abf753c7d292b10171376
6d03c3dc5932f945847b47901f8c166e2cea0903
42f113c6c8ccadd6a33194498b82de32a3fd6862836159c0f8f1c6104df4316b
GET /galleryfiles/system/amlhc/col/2024/89/amzhubt.jpg?t=1711633880000 HTTP/1.1
Host: imges.lhpictapi.com:8443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 29 Mar 2024 07:11:15 GMT
content-type: image/jpeg
content-length: 195266
cf-ray: 86be0b6ffae2b52d-OSL
cf-cache-status: MISS
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=86400
etag: "660575b9-2fac2"
expires: Sat, 30 Mar 2024 07:11:14 GMT
last-modified: Thu, 28 Mar 2024 13:50:49 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J%2FXSWHdhMxaFsjnjUEHqy2yTA3BfaTSgL22J7tKP8sGUO1I2CGu%2BSwf0HxhTEbcHIDYkmRIJQJtKayMTsc1GYS18Pz7QGCPWsjUsgh3zBQuEX8Z%2BhrVGQkjztSVLBXT%2FI%2FMN9Maw%2BnrBm0U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":8443"; ma=86400
X-Firefox-Spdy: h2
49kj1818.com/static/imgs/green.png
103.24.53.50200 OK 3.2 kB URL GET HTTP/1.1 49kj1818.com/static/imgs/green.png
IP 103.24.53.50:443
ASN #7483 Skycloud Computing co., Ltd.
Requested by https://49kj1818.com/amkj.html
Certificate IssuerSectigo Limited
Subject49kj1818.com
Fingerprint5F:E2:93:AE:EF:56:E5:E9:7F:0A:4D:60:0D:8A:47:47:99:4D:4E:BD
ValidityThu, 05 Oct 2023 00:00:00 GMT - Sat, 05 Oct 2024 23:59:59 GMT
File type PNG image data, 56 x 56, 8-bit/color RGBA, non-interlaced
Hash e6f6a8b1ac2342378a18f25497bebba7
2655090585bea90b0c5efb414211df61334f79c6
fc31dff23b7f9f401131a99e3f9d095a934b82147cf275a5221567c121be1ffa
GET /static/imgs/green.png HTTP/1.1
Host: 49kj1818.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://49kj1818.com/amkj.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
ETag: "651d4ba2-cab"
Server: Tengine/2.3.3
Date: Fri, 01 Mar 2024 14:33:06 GMT
Content-Type: image/png
Last-Modified: Wed, 04 Oct 2023 11:25:22 GMT
Accept-Ranges: bytes
X-Cache: HIT from ty8z2-cdnb53-040
Content-Length: 3243
imges.lhpictapi.com:8443/galleryfiles/system/amlhc/col/2024/89/amhubt.jpg?t=1711633883000
1.0.0.9200 OK 221 kB URL GET HTTP/2 imges.lhpictapi.com:8443/galleryfiles/system/amlhc/col/2024/89/amhubt.jpg?t=1711633883000
IP 1.0.0.9:8443
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerLet's Encrypt
Subjectimges.lhpictapi.com
FingerprintEE:50:B3:03:3A:A4:36:E2:8B:45:FE:89:BE:7A:49:5D:D4:AF:02:D1
ValidityFri, 02 Feb 2024 20:00:31 GMT - Thu, 02 May 2024 20:00:30 GMT
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=800, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=800], baseline, precision 8, 800x800, components 3
Size 221 kB (220744 bytes)
Hash 4d619df23a5eeeae30f361801321f7c1
6cf5be3431a8a9eaf00704b9a6e62db4ab4bc000
041b93ba26284eea418f0ed209f0a437f6278f48eb97f27a1c8ebd5f6a33a95a
GET /galleryfiles/system/amlhc/col/2024/89/amhubt.jpg?t=1711633883000 HTTP/1.1
Host: imges.lhpictapi.com:8443
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 07:11:15 GMT
content-type: image/jpeg
content-length: 220744
cf-ray: 86be0b701aefb52d-OSL
cf-cache-status: MISS
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=86400
etag: "660575c1-35e48"
expires: Sat, 30 Mar 2024 07:11:14 GMT
last-modified: Thu, 28 Mar 2024 13:50:57 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fRKi9YQqhBYFtPms91G9%2BwOOIUlTkVAV%2BtCpYmxQwA62GzJZ2dMyWf7ZqzOvBLGfab5wIzSBjsRQu74EtUNL0EjAvfePGtewVgMd3HOKSDZA6EkGpTp875jV7iE9sSPHk1z%2Fmim7p13IV%2Bc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":8443"; ma=86400
X-Firefox-Spdy: h2
www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
142.250.74.78200 OK 31 B URL POST HTTP/3 www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
IP 142.250.74.78:443
Requested by https://www.youtube.com/embed/PBj2l5u_u94?rel=0&showinfo=0&wmode=opaque
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint23:75:5E:3D:EA:9F:A0:42:86:8D:14:AE:43:04:F0:B2:91:0B:DA:CF
ValidityMon, 26 Feb 2024 08:03:58 GMT - Mon, 20 May 2024 08:03:57 GMT
Hash 5e1fa6fd9abd549a576f3f24b1d3c8d4
d5335d7f7d33be6a0b663f03b2df4df2521c4a87
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Request-Time: 1711696293818
Content-Type: application/json
X-Goog-Visitor-Id: CgthNWVsMm5YQjhEOCiN05mwBjIOCgJOTxIIEgQSAgsMIEw%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20240326.01.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1711696269789&flash=0&frm=2&u_tz&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C750%2C422&vis=1&wgl=true&ca_type=image
Content-Length: 927
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/PBj2l5u_u94?rel=0&showinfo=0&wmode=opaque
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Fri, 29 Mar 2024 07:11:33 GMT
server: scaffolding on HTTPServer2
content-length: 31
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
xn--oec8c.xn--hdc1gpai4d.xn--gecrj9c/api/getImg.js?v=17&id=110093
188.114.96.1200 OK 1.2 kB URL GET HTTP/2 xn--oec8c.xn--hdc1gpai4d.xn--gecrj9c/api/getImg.js?v=17&id=110093
IP 188.114.96.1:443
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerLet's Encrypt
Subjectxn--hdc1gpai4d.xn--gecrj9c
FingerprintA1:90:75:F4:62:57:79:F3:BF:28:2B:61:7F:F4:12:85:FE:43:CE:83
ValidityTue, 19 Mar 2024 08:22:36 GMT - Mon, 17 Jun 2024 08:22:35 GMT
File type HTML document, ASCII text, with very long lines (1302), with no line terminators
Hash f91df81c63843067de63d423d88e8fef
b2433238de6d59091a00d8bc9e2aabbaf3b32f95
386812a5ea0fa1ef98477822f68885ab6ac73330ad31a9337eed9a275095964a
GET /api/getImg.js?v=17&id=110093 HTTP/1.1
Host: xn--oec8c.xn--hdc1gpai4d.xn--gecrj9c
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 07:11:10 GMT
content-type: application/javascript
last-modified: Tue, 19 Mar 2024 07:43:42 GMT
vary: Accept-Encoding
etag: W/"65f9422e-4de"
expires: Fri, 29 Mar 2024 19:11:10 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zwZH9jvFf%2FeIr6dGtCF2LKHbDX3C07aGoap5f33wbiIwVlENRPnN1cibR1LFk8hRiBkS6Xh25eK2hFriEq3vycRZib%2BBcyiIVEPMmH4ibxec5JexJr9o6muGdjDJMjJWjvJ%2BzAWrTE2kgMlzSCij6fxD14QiPFs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86be0b56cf5b56c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
6htv11.com/gallerynew/h5/picture/detail?reload=0&pictureTypeId=110100
170.33.96.7200 OK 10 kB URL GET HTTP/1.1 6htv11.com/gallerynew/h5/picture/detail?reload=0&pictureTypeId=110100
IP 170.33.96.7:443
ASN #134963 Alibaba Cloud Singapore Private Limited
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerSectigo Limited
Subject6htv11.com
Fingerprint33:02:A0:C7:EA:18:2F:40:91:8E:99:17:E8:8E:F2:5C:72:50:3B:D8
ValidityTue, 19 Sep 2023 00:00:00 GMT - Sun, 12 May 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (13950), with no line terminators
Hash 763de6ef7a89d0cf42eea24daec83aeb
98e78ffb0f41e2f1fd6ff1a23a925ec59285bbcb
b010c45e164b03b8dff8c9d4f7e146fa9e9aa868ac63a5d3a379fc5ef176a5b7
GET /gallerynew/h5/picture/detail?reload=0&pictureTypeId=110100 HTTP/1.1
Host: 6htv11.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Origin: https://xn--oec8c.xn--kecly4b.xn--gecrj9c
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 07:11:11 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 10429
Connection: keep-alive
Set-Cookie: aliyungf_tc=563c4076569df3937e479fb7f730c3a0f2e2df291b73b9e31f631e3d8b80d5ee; Path=/; HttpOnly
server: Tengine/2.3.3
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-origin: *
via: 1.1 google
Strict-Transport-Security: max-age=31536000
xn--oec8c.xn--kecly4b.xn--gecrj9c/static/index/img/headbg.jpg
188.114.96.1200 OK 72 kB URL GET HTTP/3 xn--oec8c.xn--kecly4b.xn--gecrj9c/static/index/img/headbg.jpg
IP 188.114.96.1:443
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerLet's Encrypt
Subjectxn--kecly4b.xn--gecrj9c
Fingerprint6B:14:20:4E:20:99:CD:2C:B0:77:3C:2F:4E:30:69:54:66:2D:7C:28
ValidityThu, 07 Mar 2024 10:16:29 GMT - Wed, 05 Jun 2024 10:16:28 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 750x536, components 3
Hash d026acbdbffcfb6d99b9170fd7f7d1a6
46f95367aac460b31a072cc6fe7062a3e68e40f9
2c18c45c6e7e2be05d96351ceed515c691ccd76cab4bcc980507c9ffa88b4d7f
GET /static/index/img/headbg.jpg HTTP/1.1
Host: xn--oec8c.xn--kecly4b.xn--gecrj9c
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/static/index/css/app.css?v=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 29 Mar 2024 07:11:10 GMT
content-type: image/jpeg
content-length: 72422
last-modified: Mon, 28 Aug 2023 02:20:46 GMT
etag: "64ec047e-11ae6"
expires: Sat, 20 Apr 2024 20:01:21 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 644989
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xT5i%2BaqH6XAZj4Gmlec30oY50nLiHDULiiSVY1go4%2Bt2HYNImGRb2vB3SnlR9gZlTxGiKLY8tgAPlHmqfhYqggqjvIaK2B2I4ntMvMjRIw5I1nG9NmqzI8%2FZskZxyT%2Fuj96O26DD6WdoD%2FLasHQ6iAGGBQg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86be0b59da265695-OSL
alt-svc: h3=":443"; ma=86400
xn--oec8c.xn--hdc1gpai4d.xn--gecrj9c/api/getImg.js?v=17&id=110098
188.114.96.1200 OK 1.2 kB URL GET HTTP/2 xn--oec8c.xn--hdc1gpai4d.xn--gecrj9c/api/getImg.js?v=17&id=110098
IP 188.114.96.1:443
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerLet's Encrypt
Subjectxn--hdc1gpai4d.xn--gecrj9c
FingerprintA1:90:75:F4:62:57:79:F3:BF:28:2B:61:7F:F4:12:85:FE:43:CE:83
ValidityTue, 19 Mar 2024 08:22:36 GMT - Mon, 17 Jun 2024 08:22:35 GMT
File type HTML document, ASCII text, with very long lines (1302), with no line terminators
Hash f91df81c63843067de63d423d88e8fef
b2433238de6d59091a00d8bc9e2aabbaf3b32f95
386812a5ea0fa1ef98477822f68885ab6ac73330ad31a9337eed9a275095964a
GET /api/getImg.js?v=17&id=110098 HTTP/1.1
Host: xn--oec8c.xn--hdc1gpai4d.xn--gecrj9c
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 07:11:10 GMT
content-type: application/javascript
last-modified: Tue, 19 Mar 2024 07:43:42 GMT
vary: Accept-Encoding
etag: W/"65f9422e-4de"
expires: Fri, 29 Mar 2024 19:11:10 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PLYGWzGixu%2FzZmn16LpAZs8oavHzAW9e8spcOt4mm%2BDEekMLVbCHvoDmDT4jrncON7Wj414POStikkiRyAy3Qa9cnc%2FJe21mnK%2FDo63RCjhyb5h099iiRrOAoO1Ax1SRBLJ38go%2BfPBY1CSGjhiRv4QuN72O0eA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86be0b56ff8256c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
xn--oec8c.xn--kecly4b.xn--gecrj9c/static/index/css/app.css?v=1
188.114.96.1200 OK 4.7 kB URL GET HTTP/3 xn--oec8c.xn--kecly4b.xn--gecrj9c/static/index/css/app.css?v=1
IP 188.114.96.1:443
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerLet's Encrypt
Subjectxn--kecly4b.xn--gecrj9c
Fingerprint6B:14:20:4E:20:99:CD:2C:B0:77:3C:2F:4E:30:69:54:66:2D:7C:28
ValidityThu, 07 Mar 2024 10:16:29 GMT - Wed, 05 Jun 2024 10:16:28 GMT
File type ASCII text, with very long lines (5024), with no line terminators
Hash 37e25f023739f223122d3b1200e69a55
6a10a615e2b3376568ab6314f2d28ab3e616ea0a
a8f95716aafb56147e8a5edeb40df710ed747f2cf2e35972a31576250fa067e4
GET /static/index/css/app.css?v=1 HTTP/1.1
Host: xn--oec8c.xn--kecly4b.xn--gecrj9c
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 29 Mar 2024 07:11:10 GMT
content-type: text/css
last-modified: Wed, 01 Nov 2023 09:10:16 GMT
vary: Accept-Encoding
etag: W/"654215f8-1280"
expires: Fri, 29 Mar 2024 19:11:09 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ztqalefK4mcIcIRjHlALwc%2FuNyaHjEOoSvkV30s9z1Queqm8J%2Bwqci9n7dNNqS4%2B1Br5m2nHXuToZpQMdtWnG7MV%2BFRGXYqzChlAOyScoZUcXu6BCV0z6oMxDTxRKl35aRDrzbL4%2BjEpYdZJr50t%2F5ZMhkw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86be0b558f045695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
xn--oec8c.xn--hdc1gpai4d.xn--gecrj9c/api/getImg.js?v=17&id=110092
188.114.96.1200 OK 1.2 kB URL GET HTTP/2 xn--oec8c.xn--hdc1gpai4d.xn--gecrj9c/api/getImg.js?v=17&id=110092
IP 188.114.96.1:443
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerLet's Encrypt
Subjectxn--hdc1gpai4d.xn--gecrj9c
FingerprintA1:90:75:F4:62:57:79:F3:BF:28:2B:61:7F:F4:12:85:FE:43:CE:83
ValidityTue, 19 Mar 2024 08:22:36 GMT - Mon, 17 Jun 2024 08:22:35 GMT
File type HTML document, ASCII text, with very long lines (1302), with no line terminators
Hash f91df81c63843067de63d423d88e8fef
b2433238de6d59091a00d8bc9e2aabbaf3b32f95
386812a5ea0fa1ef98477822f68885ab6ac73330ad31a9337eed9a275095964a
GET /api/getImg.js?v=17&id=110092 HTTP/1.1
Host: xn--oec8c.xn--hdc1gpai4d.xn--gecrj9c
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 07:11:10 GMT
content-type: application/javascript
last-modified: Tue, 19 Mar 2024 07:43:42 GMT
vary: Accept-Encoding
etag: W/"65f9422e-4de"
expires: Fri, 29 Mar 2024 19:11:10 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r2FM4Or1PQ3mP%2Fi8%2BaTklLg8KZ6Y1AyVf%2FwQ53qKa06J3NfL1OTFVN8UALiaEFNy0WqV72jXpsd44cwG%2FXNtLK%2BCHIU1RH3oYu4dxgKdUCb8UL1AnUT5qYr2%2Bzivg0cWMk7LRU4wlP0lh0JXvHbs%2FryoH2bbERs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86be0b56cf5956c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
nbcc.ca/images/default-source/featured/featured-paying-for-college.jpg?McasCtx=1
198.164.157.202200 OK 20 kB URL GET HTTP/2 nbcc.ca/images/default-source/featured/featured-paying-for-college.jpg?McasCtx=1
IP 198.164.157.202:443
Requested by http://www.paykpal.com/fr/app/app/signin.php
Certificate IssuerEntrust, Inc.
Subject*.nbcc.ca
Fingerprint2A:1C:8D:70:9B:B6:37:D3:63:0E:FD:5C:C9:C6:40:3A:DD:9A:91:70
ValidityThu, 02 Nov 2023 17:12:04 GMT - Sun, 01 Dec 2024 17:12:03 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 600x600, components 3
Hash d8c85d0bfd7031b0886b7ed7a884cb90
44d130a68ced974a8301a1fa50c92ec740dd2de5
818aff3593572303fb88ccaeedf9a2703fc954155734ba51a8d7ef1d1a4a839a
GET /images/default-source/featured/featured-paying-for-college.jpg?McasCtx=1 HTTP/1.1
Host: nbcc.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.paykpal.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: public, max-age=86400
content-length: 20228
content-type: image/jpeg
expires: Sat, 30 Mar 2024 07:11:10 GMT
last-modified: Wed, 29 Nov 2017 18:38:04 GMT
server: Microsoft-IIS/10.0
content-disposition: inline; filename=featured-paying-for-college.jpg
x-aspnet-version: 4.0.30319
content-security-policy: default-src 'self'; script-src 'self' *.googleapis.com *.gstatic.com ajax.aspnetcdn.com https://www.youtube.com https://s.ytimg.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js *.google.com *.facebook.net *.twitter.com *.googletagmanager.com *.ads-twitter.com *.google-analytics.com *.ytimg.com web-chat.nativechat.com *.googleadservices.com *.g.doubleclick.net bot.ivy.ai widget.alongside.com https://snap.licdn.com/li.lms-analytics/insight.min.js https://tags.srv.stackadapt.com/events.js https://analytics.tiktok.com/i18n/pixel/events.js https://qvdt3feo.com/events.js https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js cdn.ampproject.org 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com platform.twitter.com/css/ *.twimg.com *.google.com widget.alongside.com https://tags.srv.stackadapt.com/sa.css 'unsafe-inline'; img-src 'self' *.gstatic.com *.googleapis.com platform.tumblr.com www.redditstatic.com *.twimg.com data: blob: *.facebook.com *.facebook.net *.linkedin.com *.ytimg.com *.twitter.com *.googletagmanager.com *.google-analytics.com web-chat.nativechat.com *.googleadservices.com *.google.com t.co *.google.ca *.ivy-cdn.com *.nbcc.ca app.careerbeacon.com//assets/images/widget_powered_by_careerbeacon.png https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: bot.ivy.ai; frame-src 'self' *.nbcc.ca *.youtube.com *.google.com *.facebook.com *.googleadservices.com *.g.doubleclick.net *.salesforce.com *.iatspayments.com *.vimeo.com *.campusebookstore.com open.spotify.com tours.smarterspaces.ca; connect-src 'self' data: accounts.google.com *.gstatic.com *.google.com *.g.doubleclick.net *.googletagmanager.com *.googlesyndication.com *.google-analytics.com https://px.ads.linkedin.com/wa/ https://tags.srv.stackadapt.com/sa.jpeg https://tags.srv.stackadapt.com/saq_pxl https://tags.srv.stackadapt.com/js_tracking https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act; media-src 'self' data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com badge.stumbleupon.com *.facebook.net *.facebook.com
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: ALLOW-FROM https://elearning.nbcc.ca
x-xss-protection: 1; mode=block
x-powered-by: ASP.NET
x-ua-compatible: IE=edge,chrome=1
date: Fri, 29 Mar 2024 07:11:10 GMT
X-Firefox-Spdy: h2
xn--oec8c.xn--hdc1gpai4d.xn--gecrj9c/api/getDesc.php?id=149
188.114.96.1200 OK 197 B URL GET HTTP/3 xn--oec8c.xn--hdc1gpai4d.xn--gecrj9c/api/getDesc.php?id=149
IP 188.114.96.1:443
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerLet's Encrypt
Subjectxn--hdc1gpai4d.xn--gecrj9c
FingerprintA1:90:75:F4:62:57:79:F3:BF:28:2B:61:7F:F4:12:85:FE:43:CE:83
ValidityTue, 19 Mar 2024 08:22:36 GMT - Mon, 17 Jun 2024 08:22:35 GMT
File type HTML document, ASCII text, with no line terminators
Hash f00dc46e04edb452d0e5c06cd05b1bf9
a9cbbc112c24e69c49814ab959f009033a85d3fb
4c69ae36b2032508c4deeb1b382eb634f557ee12ef42afd058ef4246a5e583e4
GET /api/getDesc.php?id=149 HTTP/1.1
Host: xn--oec8c.xn--hdc1gpai4d.xn--gecrj9c
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xn--oec8c.xn--kecly4b.xn--gecrj9c
DNT: 1
Connection: keep-alive
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 29 Mar 2024 07:11:10 GMT
content-type: text/html;charset=Utf8
vary: Accept-Encoding
access-control-allow-origin: *
set-cookie: PHPSESSID=2mitvmeqlkonvvdfhkd4itorj8; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=loiJiZFSrqioC3GA5TtdCEhYIhGFf2c7bwNZgeAcqnmfCzZ23lw6bV%2BhqWAWOqwGPSw%2BTAm5NjJWqBKSBIchUMRlLI%2FK6HhgYu%2B1593mUKIkJ8VnstDTdQt%2FCydsjU8hVHdWSJY1IK7yoVZ%2FkBkY%2BMrODt%2BI2xY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86be0b5a3f7b56a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
xn--oec8c.xn--kecly4b.xn--gecrj9c/
188.114.96.1200 OK 19 kB URL GET HTTP/2 xn--oec8c.xn--kecly4b.xn--gecrj9c/
IP 188.114.96.1:443
Requested by http://www.paykpal.com/fr/app/app/signin.php
Certificate IssuerLet's Encrypt
Subjectxn--kecly4b.xn--gecrj9c
Fingerprint6B:14:20:4E:20:99:CD:2C:B0:77:3C:2F:4E:30:69:54:66:2D:7C:28
ValidityThu, 07 Mar 2024 10:16:29 GMT - Wed, 05 Jun 2024 10:16:28 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: xn--oec8c.xn--kecly4b.xn--gecrj9c
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 07:11:09 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vcqqwba4%2FGtxqIp706VxIAowIJrZ4TECRDO2Rdbaj6smdOjEXlyaOqhJUCxblqQlMMKrPIRV1jOauAjkcTelz5eAyIuXViqExQPQ5gT6R0j%2B89zJuL5k4hytNHsFIYwDf8RJLXd3OFcb6JvQHlNQPwhMc7Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86be0b51daae0b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
xn--oec8c.xn--hdc1gpai4d.xn--gecrj9c/api/getImg.js?v=17&id=110090
188.114.96.1200 OK 1.2 kB URL GET HTTP/2 xn--oec8c.xn--hdc1gpai4d.xn--gecrj9c/api/getImg.js?v=17&id=110090
IP 188.114.96.1:443
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerLet's Encrypt
Subjectxn--hdc1gpai4d.xn--gecrj9c
FingerprintA1:90:75:F4:62:57:79:F3:BF:28:2B:61:7F:F4:12:85:FE:43:CE:83
ValidityTue, 19 Mar 2024 08:22:36 GMT - Mon, 17 Jun 2024 08:22:35 GMT
File type HTML document, ASCII text, with very long lines (1302), with no line terminators
Hash f91df81c63843067de63d423d88e8fef
b2433238de6d59091a00d8bc9e2aabbaf3b32f95
386812a5ea0fa1ef98477822f68885ab6ac73330ad31a9337eed9a275095964a
GET /api/getImg.js?v=17&id=110090 HTTP/1.1
Host: xn--oec8c.xn--hdc1gpai4d.xn--gecrj9c
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 07:11:10 GMT
content-type: application/javascript
last-modified: Tue, 19 Mar 2024 07:43:42 GMT
vary: Accept-Encoding
etag: W/"65f9422e-4de"
expires: Fri, 29 Mar 2024 19:11:10 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mEVz5Lk4Y7FvJwkdvNNK06TL6uM7lGIvXzzjpshsBVh%2B8cNx66zEBe7Bsu4b%2Fn5%2FU%2BuoTjpQmQyzGj9NpZYX17vipeJZH1n2Hu7dr8gCeIS0Y%2F9N7FJS%2B4En7INWBq6wRa3cMQ46lA7G4JmSbXIBCg8xYzkxPuo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86be0b56bf5856c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
6htv11.com/gallerynew/h5/picture/detail?reload=0&pictureTypeId=110097
170.33.96.7200 OK 10 kB URL GET HTTP/1.1 6htv11.com/gallerynew/h5/picture/detail?reload=0&pictureTypeId=110097
IP 170.33.96.7:443
ASN #134963 Alibaba Cloud Singapore Private Limited
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerSectigo Limited
Subject6htv11.com
Fingerprint33:02:A0:C7:EA:18:2F:40:91:8E:99:17:E8:8E:F2:5C:72:50:3B:D8
ValidityTue, 19 Sep 2023 00:00:00 GMT - Sun, 12 May 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (13952), with no line terminators
Hash 74db717c6416ff3654ad50b0ec02e6f1
e2d30a6ab6ec9beca7aba7f04f0df023884687fe
dcbdcad72f0bd162ed8dc82f2e9bfa9311123f2a04e9fb47c5722f298b847021
GET /gallerynew/h5/picture/detail?reload=0&pictureTypeId=110097 HTTP/1.1
Host: 6htv11.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Origin: https://xn--oec8c.xn--kecly4b.xn--gecrj9c
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 07:11:13 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 10431
Connection: keep-alive
Set-Cookie: aliyungf_tc=b90c6893a21d00dc4562e4d729e8559de01ee2e0ad46df9c395065b3b8210109; Path=/; HttpOnly
server: Tengine/2.3.3
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-origin: *
via: 1.1 google
Strict-Transport-Security: max-age=31536000
xn--oec8c.xn--kecly4b.xn--gecrj9c/static/index/js/tanchu.js
188.114.96.1200 OK 3.4 kB URL GET HTTP/3 xn--oec8c.xn--kecly4b.xn--gecrj9c/static/index/js/tanchu.js
IP 188.114.96.1:443
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerLet's Encrypt
Subjectxn--kecly4b.xn--gecrj9c
Fingerprint6B:14:20:4E:20:99:CD:2C:B0:77:3C:2F:4E:30:69:54:66:2D:7C:28
ValidityThu, 07 Mar 2024 10:16:29 GMT - Wed, 05 Jun 2024 10:16:28 GMT
File type HTML document, Unicode text, UTF-8 text, with very long lines (3541), with no line terminators
Hash 718b0ec46c8cdc6aa760d5382088adf7
b6f2f14f3ef154b0138aa4b2634ce033a8723033
bacdabeb867a81702635bfd767163821ca430df6f5002fdb7d90f9c67edaa53d
GET /static/index/js/tanchu.js HTTP/1.1
Host: xn--oec8c.xn--kecly4b.xn--gecrj9c
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 29 Mar 2024 07:11:10 GMT
content-type: application/javascript
last-modified: Thu, 23 Nov 2023 07:48:20 GMT
vary: Accept-Encoding
etag: W/"655f03c4-d6b"
expires: Fri, 29 Mar 2024 19:11:10 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TcwUORfe88SQyX7dhNeXPhttj39uW2pzaUEc4aHjgU%2BYDtuUXAeA6vRWqgu5C0p%2FNJYEgbStOLrgUZiefEPP31S01wIA4rE1FFMbAVefRDsFEqlMYwFtpo5VqXJ1wo6ZvW0vdzXYalcsof79XndnwZ6GC6g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86be0b560f935695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
xn--oec8c.xn--kecly4b.xn--gecrj9c/static/index/js/jquery-1.11.2.min.js
188.114.96.1200 OK 102 kB URL GET HTTP/3 xn--oec8c.xn--kecly4b.xn--gecrj9c/static/index/js/jquery-1.11.2.min.js
IP 188.114.96.1:443
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerLet's Encrypt
Subjectxn--kecly4b.xn--gecrj9c
Fingerprint6B:14:20:4E:20:99:CD:2C:B0:77:3C:2F:4E:30:69:54:66:2D:7C:28
ValidityThu, 07 Mar 2024 10:16:29 GMT - Wed, 05 Jun 2024 10:16:28 GMT
File type JavaScript source, ASCII text, with very long lines (34754)
Size 102 kB (101942 bytes)
Hash f7b7c908a6479e39fcd5ee10665aa4b9
0ef1a7a6c2085e8282842cad5ab06576892a6ee0
da15395517f4d8c141c20892047a9a5234ef2425853fd8f3eb731bd09a6703f9
GET /static/index/js/jquery-1.11.2.min.js HTTP/1.1
Host: xn--oec8c.xn--kecly4b.xn--gecrj9c
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 29 Mar 2024 07:11:10 GMT
content-type: application/javascript
last-modified: Thu, 23 Nov 2023 07:48:20 GMT
vary: Accept-Encoding
etag: W/"655f03c4-18e36"
expires: Fri, 29 Mar 2024 19:11:10 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VJ9nttDII5o%2FnPKf1HgO%2F%2B3A3%2F6oFoQOhTaaVDsfKZ2muHQOLJ5nS0u5icpW6HdG5oMUPyjTChKKej9Ml4v%2FpMnGAncrcjHZjvfTBE1kf8%2BiUtdYAJOOwaYi%2F044IbWl%2FnvqEVL8ZSPJfwK%2FKhfiePebNTg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86be0b560f915695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
xn--oec8c.xn--hdc1gpai4d.xn--gecrj9c/api/getImg.js?v=17&id=110097
188.114.96.1200 OK 1.2 kB URL GET HTTP/2 xn--oec8c.xn--hdc1gpai4d.xn--gecrj9c/api/getImg.js?v=17&id=110097
IP 188.114.96.1:443
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerLet's Encrypt
Subjectxn--hdc1gpai4d.xn--gecrj9c
FingerprintA1:90:75:F4:62:57:79:F3:BF:28:2B:61:7F:F4:12:85:FE:43:CE:83
ValidityTue, 19 Mar 2024 08:22:36 GMT - Mon, 17 Jun 2024 08:22:35 GMT
File type HTML document, ASCII text, with very long lines (1302), with no line terminators
Hash f91df81c63843067de63d423d88e8fef
b2433238de6d59091a00d8bc9e2aabbaf3b32f95
386812a5ea0fa1ef98477822f68885ab6ac73330ad31a9337eed9a275095964a
GET /api/getImg.js?v=17&id=110097 HTTP/1.1
Host: xn--oec8c.xn--hdc1gpai4d.xn--gecrj9c
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 07:11:10 GMT
content-type: application/javascript
last-modified: Tue, 19 Mar 2024 07:43:42 GMT
vary: Accept-Encoding
etag: W/"65f9422e-4de"
expires: Fri, 29 Mar 2024 19:11:10 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0nq2TPeZQF7RZI%2B5qLEPn6ja7NPs8DHYSCm5pua0MCNq1YcIIiOkPhCc0hIbiXPeYCs5DeIamxlpv%2F6rRESxy4XUy0sAel64TVEGXeASiGrRAwLIPOig8CmJJrTRI5pFlTZzlDDEhRtWQc7w3AWsAz5v%2BOXT9RY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86be0b56cf6256c0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.paykpal.com/Template/Theme/vendor/font-awesome/fonts/fontawesome-webfont.ttf?v=4.7.0
0.0.0.0 0 B URL GET www.paykpal.com/Template/Theme/vendor/font-awesome/fonts/fontawesome-webfont.ttf?v=4.7.0
IP 0.0.0.0:0
Requested by http://www.paykpal.com/fr/app/app/signin.php
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Template/Theme/vendor/font-awesome/fonts/fontawesome-webfont.ttf?v=4.7.0 HTTP/1.1
Host: www.paykpal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://www.paykpal.com/Template/Theme/vendor/font-awesome/css/font-awesome.min.css
Cookie: PHPSESSID=hdoa9qacc3hpq14utbq3ccnht5; _gcl_au=1.1.448266348.1711696269; _ga_DKXFWS1ZVH=GS1.1.1711696269.1.0.1711696269.60.0.0; _ga=GA1.1.439707368.1711696269; Hm_lvt_554614db7db6c875f040ea091835e689=1711696271; Hm_lpvt_554614db7db6c875f040ea091835e689=1711696271
Pragma: no-cache
Cache-Control: no-cache
49kj1818.com/
103.24.53.50200 OK 403 B IP 103.24.53.50:443
ASN #7483 Skycloud Computing co., Ltd.
Requested by https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Certificate IssuerSectigo Limited
Subject49kj1818.com
Fingerprint5F:E2:93:AE:EF:56:E5:E9:7F:0A:4D:60:0D:8A:47:47:99:4D:4E:BD
ValidityThu, 05 Oct 2023 00:00:00 GMT - Sat, 05 Oct 2024 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (456), with no line terminators
Hash 297334cf627dcc2257680e61dabfdadd
3692e7194adb3dd24f0c4ea1affa21b96355112a
2a4e9a48f3fcc65f1dfe6657b14d7e7f00a8732e429c00a101483ba9285bacc2
GET / HTTP/1.1
Host: 49kj1818.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://xn--oec8c.xn--kecly4b.xn--gecrj9c/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: max-age=172800
ETag: "651d4ba2-193"
Server: Tengine/2.3.3
Date: Thu, 28 Mar 2024 22:58:43 GMT
Content-Type: text/html; charset=utf-8,gbk
Last-Modified: Wed, 04 Oct 2023 11:25:22 GMT
Accept-Ranges: bytes
X-Cache: HIT from ty8z2-cdnb53-040
Content-Length: 403
nbcc.ca/images/default-source/promo/counselling.png?sfvrsn=60a32354_2
198.164.157.202200 OK 45 kB URL GET HTTP/2 nbcc.ca/images/default-source/promo/counselling.png?sfvrsn=60a32354_2
IP 198.164.157.202:443
Requested by http://www.paykpal.com/fr/app/app/signin.php
Certificate IssuerEntrust, Inc.
Subject*.nbcc.ca
Fingerprint2A:1C:8D:70:9B:B6:37:D3:63:0E:FD:5C:C9:C6:40:3A:DD:9A:91:70
ValidityThu, 02 Nov 2023 17:12:04 GMT - Sun, 01 Dec 2024 17:12:03 GMT
File type PNG image data, 250 x 250, 8-bit/color RGB, non-interlaced
Hash b0affdfd0854d921f83002dd794596bb
cbfcd68a601441c497555241589ac19036bd7e68
d0ecfb6b1359cefee34040343b3213aaae382994d18df4e4e897d85051d1fddd
GET /images/default-source/promo/counselling.png?sfvrsn=60a32354_2 HTTP/1.1
Host: nbcc.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.paykpal.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: public, max-age=86400
content-length: 45121
content-type: image/png
expires: Sat, 30 Mar 2024 07:11:10 GMT
last-modified: Wed, 21 Jul 2021 16:57:10 GMT
server: Microsoft-IIS/10.0
content-disposition: inline; filename=counselling.png
x-aspnet-version: 4.0.30319
content-security-policy: default-src 'self'; script-src 'self' *.googleapis.com *.gstatic.com ajax.aspnetcdn.com https://www.youtube.com https://s.ytimg.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js *.google.com *.facebook.net *.twitter.com *.googletagmanager.com *.ads-twitter.com *.google-analytics.com *.ytimg.com web-chat.nativechat.com *.googleadservices.com *.g.doubleclick.net bot.ivy.ai widget.alongside.com https://snap.licdn.com/li.lms-analytics/insight.min.js https://tags.srv.stackadapt.com/events.js https://analytics.tiktok.com/i18n/pixel/events.js https://qvdt3feo.com/events.js https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js cdn.ampproject.org 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com platform.twitter.com/css/ *.twimg.com *.google.com widget.alongside.com https://tags.srv.stackadapt.com/sa.css 'unsafe-inline'; img-src 'self' *.gstatic.com *.googleapis.com platform.tumblr.com www.redditstatic.com *.twimg.com data: blob: *.facebook.com *.facebook.net *.linkedin.com *.ytimg.com *.twitter.com *.googletagmanager.com *.google-analytics.com web-chat.nativechat.com *.googleadservices.com *.google.com t.co *.google.ca *.ivy-cdn.com *.nbcc.ca app.careerbeacon.com//assets/images/widget_powered_by_careerbeacon.png https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: bot.ivy.ai; frame-src 'self' *.nbcc.ca *.youtube.com *.google.com *.facebook.com *.googleadservices.com *.g.doubleclick.net *.salesforce.com *.iatspayments.com *.vimeo.com *.campusebookstore.com open.spotify.com tours.smarterspaces.ca; connect-src 'self' data: accounts.google.com *.gstatic.com *.google.com *.g.doubleclick.net *.googletagmanager.com *.googlesyndication.com *.google-analytics.com https://px.ads.linkedin.com/wa/ https://tags.srv.stackadapt.com/sa.jpeg https://tags.srv.stackadapt.com/saq_pxl https://tags.srv.stackadapt.com/js_tracking https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act; media-src 'self' data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com badge.stumbleupon.com *.facebook.net *.facebook.com
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: ALLOW-FROM https://elearning.nbcc.ca
x-xss-protection: 1; mode=block
x-powered-by: ASP.NET
x-ua-compatible: IE=edge,chrome=1
date: Fri, 29 Mar 2024 07:11:10 GMT
X-Firefox-Spdy: h2