adclick.g.doubleclick.net/aclk?sa=l&ai=CWNEeFslcZYzoApSYvcAP4fW58AKSivvTb-y43YaLD9vZHhABIIHZ_iFgx92AjoQmoAGDltucKMgBCakCS3F1VgMzbT6oAwHIA8sEqgTLAU_QJupuo6v47Gsnl9wSNwyIzN6vxKB9brFkKlIuprAT_lSL-CGiMwRr7ZzTpz3p6Qssl5TOg-n9cyJlGjaghiRT7rPiA8Ww8js67S5rxLqUQ3hm11CfdIXK0mgez_JZn37_qN49W9AVLSQtVdkKmO0hitL2_UAkOxAZAwkXrl8STytI4QY3ovSV1uIpj0aBlH4sZeVr28fOer-24CYBcILpWEBQzt0njoQFugIC87OmZAYPkL7NccnH1NGmilHyiSN1vkkWaBvt0WzAwATN5uKd7wOIBeD79aI8oAYugAeDzqv8AqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgfMgKKAjoCgEBIvf3BOrEJ9kerr26YtL2ACgGYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CWkHIDQG4E-QD2BMKiBQN0BUB-BYBgBcB&ae=1&gclid=EAIaIQobChMIjMvS2rDVggMVFEwPAh3heg4uEAEYASAAEgLtdvD_BwE&num=1&cid=CAQSLQDICaaNhZQK7mg2mzzYXOJhkT2rNIIO1ZUYUnXk0ZeD3j2SBMfz0xQ94LvAfhgB&sig=AOD64_3OL0Fb3-AgNN4rO1yivGIB-xw8Og&client=ca-pub-9816945270938969&rf=1&nb=9&adurl=https://jobthikana.com/,/Fwnfd/am9obm1AaHdsLmNvbS5oaw==
142.250.74.130 0 B URL adclick.g.doubleclick.net/aclk?sa=l&ai=CWNEeFslcZYzoApSYvcAP4fW58AKSivvTb-y43YaLD9vZHhABIIHZ_iFgx92AjoQmoAGDltucKMgBCakCS3F1VgMzbT6oAwHIA8sEqgTLAU_QJupuo6v47Gsnl9wSNwyIzN6vxKB9brFkKlIuprAT_lSL-CGiMwRr7ZzTpz3p6Qssl5TOg-n9cyJlGjaghiRT7rPiA8Ww8js67S5rxLqUQ3hm11CfdIXK0mgez_JZn37_qN49W9AVLSQtVdkKmO0hitL2_UAkOxAZAwkXrl8STytI4QY3ovSV1uIpj0aBlH4sZeVr28fOer-24CYBcILpWEBQzt0njoQFugIC87OmZAYPkL7NccnH1NGmilHyiSN1vkkWaBvt0WzAwATN5uKd7wOIBeD79aI8oAYugAeDzqv8AqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgfMgKKAjoCgEBIvf3BOrEJ9kerr26YtL2ACgGYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CWkHIDQG4E-QD2BMKiBQN0BUB-BYBgBcB&ae=1&gclid=EAIaIQobChMIjMvS2rDVggMVFEwPAh3heg4uEAEYASAAEgLtdvD_BwE&num=1&cid=CAQSLQDICaaNhZQK7mg2mzzYXOJhkT2rNIIO1ZUYUnXk0ZeD3j2SBMfz0xQ94LvAfhgB&sig=AOD64_3OL0Fb3-AgNN4rO1yivGIB-xw8Og&client=ca-pub-9816945270938969&rf=1&nb=9&adurl=https://jobthikana.com/,/Fwnfd/am9obm1AaHdsLmNvbS5oaw==
IP 142.250.74.130:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /aclk?sa=l&ai=CWNEeFslcZYzoApSYvcAP4fW58AKSivvTb-y43YaLD9vZHhABIIHZ_iFgx92AjoQmoAGDltucKMgBCakCS3F1VgMzbT6oAwHIA8sEqgTLAU_QJupuo6v47Gsnl9wSNwyIzN6vxKB9brFkKlIuprAT_lSL-CGiMwRr7ZzTpz3p6Qssl5TOg-n9cyJlGjaghiRT7rPiA8Ww8js67S5rxLqUQ3hm11CfdIXK0mgez_JZn37_qN49W9AVLSQtVdkKmO0hitL2_UAkOxAZAwkXrl8STytI4QY3ovSV1uIpj0aBlH4sZeVr28fOer-24CYBcILpWEBQzt0njoQFugIC87OmZAYPkL7NccnH1NGmilHyiSN1vkkWaBvt0WzAwATN5uKd7wOIBeD79aI8oAYugAeDzqv8AqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgfMgKKAjoCgEBIvf3BOrEJ9kerr26YtL2ACgGYCwHICwGADAGiDBAqDgoM5LSxAu61sQK1uLECqg0CWkHIDQG4E-QD2BMKiBQN0BUB-BYBgBcB&ae=1&gclid=EAIaIQobChMIjMvS2rDVggMVFEwPAh3heg4uEAEYASAAEgLtdvD_BwE&num=1&cid=CAQSLQDICaaNhZQK7mg2mzzYXOJhkT2rNIIO1ZUYUnXk0ZeD3j2SBMfz0xQ94LvAfhgB&sig=AOD64_3OL0Fb3-AgNN4rO1yivGIB-xw8Og&client=ca-pub-9816945270938969&rf=1&nb=9&adurl=https://jobthikana.com/,/Fwnfd/am9obm1AaHdsLmNvbS5oaw== HTTP/1.1
Host: adclick.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
p3p: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 27 Nov 2023 07:25:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
location: https://www.googleadservices.com/pagead/aclk?sa=L&ai=CmeR3FslcZYzoApSYvcAP4fW58AKSivvTb-y43YaLD9vZHhABIIHZ_iFgx92AjoQmoAGDltucKMgBCakCS3F1VgMzbT6oAwHIA8sEqgTLAU_QJupuo6v47Gsnl9wSNwyIzN6vxKB9brFkKlIuprAT_lSL-CGiMwRr7ZzTpz3p6Qssl5TOg-n9cyJlGjaghiRT7rPiA8Ww8js67S5rxLqUQ3hm11CfdIXK0mgez_JZn37_qN49W9AVLSQtVdkKmO0hitL2_UAkOxAZAwkXrl8STytI4QY3ovSV1uIpj0aBlH4sZeVr28fOer-24CYBcILpWEBQzt0njoQFugIC87OmZAYPkL7NccnH1NGmilHyiSN1vkkWaBvt0WzAwATN5uKd7wOIBeD79aI8oAYugAeDzqv8AqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgfMgKKAjoCgEBIvf3BOpoJN2h0dHBzOi8vam9idGhpa2FuYS5jb20vLC9Gd25mZC9hbTlvYm0xQWFIZHNMbU52YlM1b2F3PT2xCfZHq69umLS9gAoBmAsByAsBgAwBogwQKg4KDOS0sQLutbECtbixAqoNAlpByA0BuBPkA9gTCogUDdAVAfgWAYAXAQ&ae=1&gclid=EAIaIQobChMIjMvS2rDVggMVFEwPAh3heg4uEAEYASAAEgLtdvD_BwE&num=1&cid=CAQSLQDICaaNhZQK7mg2mzzYXOJhkT2rNIIO1ZUYUnXk0ZeD3j2SBMfz0xQ94LvAfhgB&client=ca-pub-9816945270938969&rf=1&nb=9&dblrd=1&sig=AOD64_2bSzwYwTC9jXOve_xNXH0eUjIeLA&adurl=https://jobthikana.com/,/Fwnfd/am9obm1AaHdsLmNvbS5oaw%3D%3D
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: adclick_server
content-length: 0
x-xss-protection: 0
set-cookie: IDE=AHWqTUldmueyLnJ3JLEhHdaqkmIm8V4xf0VJl9Wr6Mj6td3uqkwUyCIi7fNQoBlp; expires=Wed, 26-Nov-2025 07:25:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googleadservices.com/pagead/aclk?sa=L&ai=CmeR3FslcZYzoApSYvcAP4fW58AKSivvTb-y43YaLD9vZHhABIIHZ_iFgx92AjoQmoAGDltucKMgBCakCS3F1VgMzbT6oAwHIA8sEqgTLAU_QJupuo6v47Gsnl9wSNwyIzN6vxKB9brFkKlIuprAT_lSL-CGiMwRr7ZzTpz3p6Qssl5TOg-n9cyJlGjaghiRT7rPiA8Ww8js67S5rxLqUQ3hm11CfdIXK0mgez_JZn37_qN49W9AVLSQtVdkKmO0hitL2_UAkOxAZAwkXrl8STytI4QY3ovSV1uIpj0aBlH4sZeVr28fOer-24CYBcILpWEBQzt0njoQFugIC87OmZAYPkL7NccnH1NGmilHyiSN1vkkWaBvt0WzAwATN5uKd7wOIBeD79aI8oAYugAeDzqv8AqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgfMgKKAjoCgEBIvf3BOpoJN2h0dHBzOi8vam9idGhpa2FuYS5jb20vLC9Gd25mZC9hbTlvYm0xQWFIZHNMbU52YlM1b2F3PT2xCfZHq69umLS9gAoBmAsByAsBgAwBogwQKg4KDOS0sQLutbECtbixAqoNAlpByA0BuBPkA9gTCogUDdAVAfgWAYAXAQ&ae=1&gclid=EAIaIQobChMIjMvS2rDVggMVFEwPAh3heg4uEAEYASAAEgLtdvD_BwE&num=1&cid=CAQSLQDICaaNhZQK7mg2mzzYXOJhkT2rNIIO1ZUYUnXk0ZeD3j2SBMfz0xQ94LvAfhgB&client=ca-pub-9816945270938969&rf=1&nb=9&dblrd=1&sig=AOD64_2bSzwYwTC9jXOve_xNXH0eUjIeLA&adurl=https://jobthikana.com/,/Fwnfd/am9obm1AaHdsLmNvbS5oaw%3D%3D
216.58.207.226 0 B URL www.googleadservices.com/pagead/aclk?sa=L&ai=CmeR3FslcZYzoApSYvcAP4fW58AKSivvTb-y43YaLD9vZHhABIIHZ_iFgx92AjoQmoAGDltucKMgBCakCS3F1VgMzbT6oAwHIA8sEqgTLAU_QJupuo6v47Gsnl9wSNwyIzN6vxKB9brFkKlIuprAT_lSL-CGiMwRr7ZzTpz3p6Qssl5TOg-n9cyJlGjaghiRT7rPiA8Ww8js67S5rxLqUQ3hm11CfdIXK0mgez_JZn37_qN49W9AVLSQtVdkKmO0hitL2_UAkOxAZAwkXrl8STytI4QY3ovSV1uIpj0aBlH4sZeVr28fOer-24CYBcILpWEBQzt0njoQFugIC87OmZAYPkL7NccnH1NGmilHyiSN1vkkWaBvt0WzAwATN5uKd7wOIBeD79aI8oAYugAeDzqv8AqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgfMgKKAjoCgEBIvf3BOpoJN2h0dHBzOi8vam9idGhpa2FuYS5jb20vLC9Gd25mZC9hbTlvYm0xQWFIZHNMbU52YlM1b2F3PT2xCfZHq69umLS9gAoBmAsByAsBgAwBogwQKg4KDOS0sQLutbECtbixAqoNAlpByA0BuBPkA9gTCogUDdAVAfgWAYAXAQ&ae=1&gclid=EAIaIQobChMIjMvS2rDVggMVFEwPAh3heg4uEAEYASAAEgLtdvD_BwE&num=1&cid=CAQSLQDICaaNhZQK7mg2mzzYXOJhkT2rNIIO1ZUYUnXk0ZeD3j2SBMfz0xQ94LvAfhgB&client=ca-pub-9816945270938969&rf=1&nb=9&dblrd=1&sig=AOD64_2bSzwYwTC9jXOve_xNXH0eUjIeLA&adurl=https://jobthikana.com/,/Fwnfd/am9obm1AaHdsLmNvbS5oaw%3D%3D
IP 216.58.207.226:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/aclk?sa=L&ai=CmeR3FslcZYzoApSYvcAP4fW58AKSivvTb-y43YaLD9vZHhABIIHZ_iFgx92AjoQmoAGDltucKMgBCakCS3F1VgMzbT6oAwHIA8sEqgTLAU_QJupuo6v47Gsnl9wSNwyIzN6vxKB9brFkKlIuprAT_lSL-CGiMwRr7ZzTpz3p6Qssl5TOg-n9cyJlGjaghiRT7rPiA8Ww8js67S5rxLqUQ3hm11CfdIXK0mgez_JZn37_qN49W9AVLSQtVdkKmO0hitL2_UAkOxAZAwkXrl8STytI4QY3ovSV1uIpj0aBlH4sZeVr28fOer-24CYBcILpWEBQzt0njoQFugIC87OmZAYPkL7NccnH1NGmilHyiSN1vkkWaBvt0WzAwATN5uKd7wOIBeD79aI8oAYugAeDzqv8AqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgfMgKKAjoCgEBIvf3BOpoJN2h0dHBzOi8vam9idGhpa2FuYS5jb20vLC9Gd25mZC9hbTlvYm0xQWFIZHNMbU52YlM1b2F3PT2xCfZHq69umLS9gAoBmAsByAsBgAwBogwQKg4KDOS0sQLutbECtbixAqoNAlpByA0BuBPkA9gTCogUDdAVAfgWAYAXAQ&ae=1&gclid=EAIaIQobChMIjMvS2rDVggMVFEwPAh3heg4uEAEYASAAEgLtdvD_BwE&num=1&cid=CAQSLQDICaaNhZQK7mg2mzzYXOJhkT2rNIIO1ZUYUnXk0ZeD3j2SBMfz0xQ94LvAfhgB&client=ca-pub-9816945270938969&rf=1&nb=9&dblrd=1&sig=AOD64_2bSzwYwTC9jXOve_xNXH0eUjIeLA&adurl=https://jobthikana.com/,/Fwnfd/am9obm1AaHdsLmNvbS5oaw%3D%3D HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
p3p: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Mon, 27 Nov 2023 07:25:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
location: https://jobthikana.com/,/Fwnfd/am9obm1AaHdsLmNvbS5oaw==?gclid=EAIaIQobChMIjMvS2rDVggMVFEwPAh3heg4uEAEYASAAEgLtdvD_BwE
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: adclick_server
content-length: 0
x-xss-protection: 0
set-cookie: Conversion=EgwIABUAAAAAHQAAAAAYASCF_uag5sTP3C9IAWo3RUFJYUlRb2JDaE1Jak12UzJyRFZnZ01WRkV3UEFoM2hlZzR1RUFFWUFTQUFFZ0x0ZHZEX0J3RXCpre6j0-OCA5AB7LjdhosPmAEB; expires=Sun, 25-Feb-2024 07:25:22 GMT; path=/pagead/conversion/10797632259/; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
emudhra.ocsp.sectigo.com/
172.64.149.23 471 B URL emudhra.ocsp.sectigo.com/
IP 172.64.149.23:0
Hash 882fd489f09bc03ce515bbecf66819da
4e23754ffc536b3e612530c4b0cd1c83628665cb
53abb665c80d06f1c1869ad0263b0912bbe6b92bea46fd2a844b48e0c481cb5c
POST / HTTP/1.1
Host: emudhra.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 27 Nov 2023 07:25:28 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 27 Nov 2023 03:02:11 GMT
Expires: Mon, 04 Dec 2023 03:02:10 GMT
Etag: "4e23754ffc536b3e612530c4b0cd1c83628665cb"
Cache-Control: max-age=588401,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 82c8a3298fcd5689-OSL
jobthikana.com/,/Fwnfd/am9obm1AaHdsLmNvbS5oaw==?gclid=EAIaIQobChMIjMvS2rDVggMVFEwPAh3heg4uEAEYASAAEgLtdvD_BwE
160.153.247.100 0 B URL jobthikana.com/,/Fwnfd/am9obm1AaHdsLmNvbS5oaw==?gclid=EAIaIQobChMIjMvS2rDVggMVFEwPAh3heg4uEAEYASAAEgLtdvD_BwE
IP 160.153.247.100:0
ASN #21501 Host Europe GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft Outlook
GET /,/Fwnfd/am9obm1AaHdsLmNvbS5oaw==?gclid=EAIaIQobChMIjMvS2rDVggMVFEwPAh3heg4uEAEYASAAEgLtdvD_BwE HTTP/1.1
Host: jobthikana.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Nov 2023 07:25:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
refresh: 0;url=https://cors-app.com/BA/#johnm@hwl.com.hk
cors-app.com/BA/js/jquery.min.js
91.194.91.202200 OK 86 kB URL GET HTTP/2 cors-app.com/BA/js/jquery.min.js
IP 91.194.91.202:443
Requested by https://cors-app.com/BA/#johnm@hwl.com.hk
Certificate IssuerLet's Encrypt
Subjectcors-app.com
Fingerprint44:5F:BA:F8:BD:6C:5B:A1:CC:A2:67:73:2C:6D:62:05:95:23:BE:D1
ValidityFri, 10 Nov 2023 01:29:48 GMT - Thu, 08 Feb 2024 01:29:47 GMT
File type ASCII text, with very long lines (32065), with CRLF line terminators
Hash adb784ef9dc257b32965a5da7ee82a8b
7a41c488d820ea08231d1d393e5f4daed4d25041
8e09aa31f396ea41d698f437dc5fc7125e931d400eb2873f5b68ef78c1e6f3a6
GET /BA/js/jquery.min.js HTTP/1.1
Host: cors-app.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cors-app.com/BA/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jun 2022 06:01:58 GMT
accept-ranges: bytes
content-length: 85580
content-type: application/javascript
date: Mon, 27 Nov 2023 07:25:29 GMT
server: Apache
X-Firefox-Spdy: h2
cors-app.com/BA/js/jquery-3.1.1.min.js
91.194.91.202200 OK 87 kB URL GET HTTP/2 cors-app.com/BA/js/jquery-3.1.1.min.js
IP 91.194.91.202:443
Requested by https://cors-app.com/BA/#johnm@hwl.com.hk
Certificate IssuerLet's Encrypt
Subjectcors-app.com
Fingerprint44:5F:BA:F8:BD:6C:5B:A1:CC:A2:67:73:2C:6D:62:05:95:23:BE:D1
ValidityFri, 10 Nov 2023 01:29:48 GMT - Thu, 08 Feb 2024 01:29:47 GMT
File type ASCII text, with very long lines (32030), with CRLF line terminators
Hash 81ed7a494e1943be2844e95f9770844c
b063d0aa57f0c50d9bfb9895b76a9467155df7f1
70dae469f94f214b589d53521b903830a08b4fb589d47a4c269a83c79116886a
GET /BA/js/jquery-3.1.1.min.js HTTP/1.1
Host: cors-app.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cors-app.com/BA/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jun 2022 06:01:58 GMT
accept-ranges: bytes
content-length: 86711
content-type: application/javascript
date: Mon, 27 Nov 2023 07:25:29 GMT
server: Apache
X-Firefox-Spdy: h2
cors-app.com/BA/js/popper.min.js
91.194.91.202200 OK 19 kB URL GET HTTP/2 cors-app.com/BA/js/popper.min.js
IP 91.194.91.202:443
Requested by https://cors-app.com/BA/#johnm@hwl.com.hk
Certificate IssuerLet's Encrypt
Subjectcors-app.com
Fingerprint44:5F:BA:F8:BD:6C:5B:A1:CC:A2:67:73:2C:6D:62:05:95:23:BE:D1
ValidityFri, 10 Nov 2023 01:29:48 GMT - Thu, 08 Feb 2024 01:29:47 GMT
File type ASCII text, with very long lines (19015)
Hash 124bf4d1a7db31dd60d4642dce268035
d3745247363d9cb016aaef057bbf2a363796cc01
5614d21225b2e012e3765c1b32fba0b8762bcecd8863c8705c1bcc0d03ec19de
GET /BA/js/popper.min.js HTTP/1.1
Host: cors-app.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cors-app.com/BA/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jun 2022 06:01:58 GMT
accept-ranges: bytes
content-length: 19187
content-type: application/javascript
date: Mon, 27 Nov 2023 07:25:29 GMT
server: Apache
X-Firefox-Spdy: h2
cors-app.com/BA/js/jquery-3.3.1.js
91.194.91.202404 Not Found 315 B URL GET HTTP/2 cors-app.com/BA/js/jquery-3.3.1.js
IP 91.194.91.202:443
Requested by https://cors-app.com/BA/#johnm@hwl.com.hk
Certificate IssuerLet's Encrypt
Subjectcors-app.com
Fingerprint44:5F:BA:F8:BD:6C:5B:A1:CC:A2:67:73:2C:6D:62:05:95:23:BE:D1
ValidityFri, 10 Nov 2023 01:29:48 GMT - Thu, 08 Feb 2024 01:29:47 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
GET /BA/js/jquery-3.3.1.js HTTP/1.1
Host: cors-app.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cors-app.com/BA/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
content-length: 315
content-type: text/html; charset=iso-8859-1
date: Mon, 27 Nov 2023 07:25:29 GMT
server: Apache
X-Firefox-Spdy: h2
cors-app.com/BA/js/jquery-3.2.1.slim.min.js
91.194.91.202200 OK 70 kB URL GET HTTP/2 cors-app.com/BA/js/jquery-3.2.1.slim.min.js
IP 91.194.91.202:443
Requested by https://cors-app.com/BA/#johnm@hwl.com.hk
Certificate IssuerLet's Encrypt
Subjectcors-app.com
Fingerprint44:5F:BA:F8:BD:6C:5B:A1:CC:A2:67:73:2C:6D:62:05:95:23:BE:D1
ValidityFri, 10 Nov 2023 01:29:48 GMT - Thu, 08 Feb 2024 01:29:47 GMT
File type ASCII text, with very long lines (32012)
Hash e4f60e36fb624b3b4dd616ce75a0bf3c
8856754bdf9b102d046b16f91feb203c606b32bd
91a04a5dfe501d54af8a59b942495bd7ab26bb811ab34f460115fc0267f825f1
GET /BA/js/jquery-3.2.1.slim.min.js HTTP/1.1
Host: cors-app.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cors-app.com/BA/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jun 2022 06:01:58 GMT
accept-ranges: bytes
content-length: 69596
content-type: application/javascript
date: Mon, 27 Nov 2023 07:25:29 GMT
server: Apache
X-Firefox-Spdy: h2
cors-app.com/BA/images/bg.png
91.194.91.202200 OK 663 kB URL GET HTTP/2 cors-app.com/BA/images/bg.png
IP 91.194.91.202:443
Requested by https://cors-app.com/BA/#johnm@hwl.com.hk
Certificate IssuerLet's Encrypt
Subjectcors-app.com
Fingerprint44:5F:BA:F8:BD:6C:5B:A1:CC:A2:67:73:2C:6D:62:05:95:23:BE:D1
ValidityFri, 10 Nov 2023 01:29:48 GMT - Thu, 08 Feb 2024 01:29:47 GMT
File type PNG image data, 1920 x 890, 8-bit/color RGBA, non-interlaced\012- data
Size 663 kB (662884 bytes)
Hash 178a2b750c2062ce92489e80baaad437
62b372067d74ed102aa9062189a2ab335db55513
8b9a3e8d66e153b960241ff900b69c2126a803f98abf2cab5967983cbdb90b7f
GET /BA/images/bg.png HTTP/1.1
Host: cors-app.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cors-app.com/BA/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jun 2022 09:29:30 GMT
accept-ranges: bytes
content-length: 662884
content-type: image/png
date: Mon, 27 Nov 2023 07:25:29 GMT
server: Apache
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=585b051251
172.64.204.20200 OK 90 kB URL GET HTTP/2 ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=585b051251
IP 172.64.204.20:443
Requested by https://cors-app.com/BA/#johnm@hwl.com.hk
Certificate IssuerGoogle Trust Services LLC
Subjectka-f.fontawesome.com
FingerprintBC:9B:12:21:8D:67:FE:B5:D3:76:65:FC:D3:F7:91:AE:B4:65:CA:81
ValidityWed, 08 Nov 2023 07:11:36 GMT - Tue, 06 Feb 2024 07:11:35 GMT
File type ASCII text, with very long lines (26500)
Hash 76f34b71fc9fb641507ff6a822cc07f5
73ed2f8f21cd40fb496e61306acbb5849d4dbff4
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
GET /releases/v5.15.4/css/free-v4-shims.min.css?token=585b051251 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cors-app.com/
Origin: https://cors-app.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 27 Nov 2023 07:25:30 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 76cca2ef798b9dc955bb151bf3bff218.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: iUG1MtbOHAgWBPzyIg0JaCev04wrCoOeh0aDwIWwN5RmIEbOyMDBwA==
age: 9409
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e7h2siVc6Ea%2Bh7x6h46nFj1%2B591DsvYVcCm718klIseC2GplaP8erwyjlOy0vK6sSrqU%2BveJtrAUAvfLeXtlK6VtzX5Y23%2FYnEm1jGt%2BADsZbOoahSgCq1uICv1tSSt6gPdrK8mnuw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82c8a336ce026556-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cors-app.com/BA/images/lin.ico
91.194.91.202200 OK 1.4 kB URL GET HTTP/2 cors-app.com/BA/images/lin.ico
IP 91.194.91.202:443
Requested by https://cors-app.com/BA/#johnm@hwl.com.hk
Certificate IssuerLet's Encrypt
Subjectcors-app.com
Fingerprint44:5F:BA:F8:BD:6C:5B:A1:CC:A2:67:73:2C:6D:62:05:95:23:BE:D1
ValidityFri, 10 Nov 2023 01:29:48 GMT - Thu, 08 Feb 2024 01:29:47 GMT
File type MS Windows icon resource - 1 icon, 16x16, 8 bits/pixel\012- data
Hash 7b7ce9977e05d1236f1997397a679c93
4ffbef9b6044c62cd6c8b1ee0913ba93e6e80072
12a8e74153c9331dfb091e086a88a20f8b417399d86adf5d18202b095e4d15b5
GET /BA/images/lin.ico HTTP/1.1
Host: cors-app.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cors-app.com/BA/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 28 Jun 2022 09:31:56 GMT
accept-ranges: bytes
content-length: 1406
content-type: image/x-icon
date: Mon, 27 Nov 2023 07:25:30 GMT
server: Apache
X-Firefox-Spdy: h2
91.194.91.202200 OK 7.8 kB URL User Request GET HTTP/2 IP 91.194.91.202:443
Certificate IssuerLet's Encrypt
Subjectcors-app.com
Fingerprint44:5F:BA:F8:BD:6C:5B:A1:CC:A2:67:73:2C:6D:62:05:95:23:BE:D1
ValidityFri, 10 Nov 2023 01:29:48 GMT - Thu, 08 Feb 2024 01:29:47 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8099), with no line terminators
Hash 4a8d1f419b89062e1207c673b433f7db
d51a58c4ea26a2a7b20f53c4c61a388883646eaa
b3ba655bdb9fc7464b82e305a3530133dc515fabd4f33e08324c7b74f3255be5
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft Outlook
GET /BA/ HTTP/1.1
Host: cors-app.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Mon, 27 Nov 2023 07:25:29 GMT
server: Apache
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
104.18.10.207200 OK 49 kB URL GET HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
IP 104.18.10.207:443
Requested by https://cors-app.com/BA/#johnm@hwl.com.hk
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (48664)
Hash 14d449eb8876fa55e1ef3c2cc52b0c17
a9545831803b1359cfeed47e3b4d6bae68e40e99
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cors-app.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 27 Nov 2023 07:25:29 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: US
cdn-edgestorageid: 617, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 2021-06-08 14:29:21
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 395e10f82368220a7b7579d8f1c28956
cdn-cache: HIT
cf-cache-status: HIT
age: 444262
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 82c8a333b9f10b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=585b051251
172.64.204.20200 OK 60 kB URL GET HTTP/2 ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=585b051251
IP 172.64.204.20:443
Requested by https://cors-app.com/BA/#johnm@hwl.com.hk
Certificate IssuerGoogle Trust Services LLC
Subjectka-f.fontawesome.com
FingerprintBC:9B:12:21:8D:67:FE:B5:D3:76:65:FC:D3:F7:91:AE:B4:65:CA:81
ValidityWed, 08 Nov 2023 07:11:36 GMT - Tue, 06 Feb 2024 07:11:35 GMT
File type ASCII text, with very long lines (60130)
Hash a12ec7ebe75a4d59a5dd6b79e2ba2e16
28f5dcc595ee6d4163481ef64170180502c8629b
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda
GET /releases/v5.15.4/css/free.min.css?token=585b051251 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cors-app.com/
Origin: https://cors-app.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 27 Nov 2023 07:25:30 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 24639548230786af4bba1a9e26c6080e.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: N4xDB2ijn_EBknTSxKH5FOqLtmMWboDiO0ymUxgOZKybvyXXRi9Gqg==
age: 34007
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8hpDUhmndcFw7Y7ijBYD%2FbNwz6RvFb0YSMnvM%2Bh1jk9gaixCuZ4LIqqO2TIi25lVmb7j40WVE7AvO15dqVpu8sAHq%2F5%2BOs59jI2YC4Blk8wtPyFk8avbqW4cZMRKlze%2FbcMP7RwUdw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82c8a336cdff6556-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
104.18.10.207200 OK 145 kB URL GET HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
IP 104.18.10.207:443
Requested by https://cors-app.com/BA/#johnm@hwl.com.hk
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (65325)
Size 145 kB (144877 bytes)
Hash 450fc463b8b1a349df717056fbb3e078
895125a4522a3b10ee7ada06ee6503587cbf95c5
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
GET /bootstrap/4.0.0/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cors-app.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 27 Nov 2023 07:25:29 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"450fc463b8b1a349df717056fbb3e078"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 10/31/2023 18:48:44
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 6f2d14e9436097e66447b103aa0360de
cdn-cache: HIT
cf-cache-status: HIT
age: 180252
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 82c8a333b9ef0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
kit.fontawesome.com/585b051251.js
104.18.40.68200 OK 12 kB URL GET HTTP/2 kit.fontawesome.com/585b051251.js
IP 104.18.40.68:443
Requested by https://cors-app.com/BA/#johnm@hwl.com.hk
Certificate IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E
ValidityTue, 22 Nov 2022 00:00:00 GMT - Sat, 23 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (11213)
Hash 4ec685b1e2c1ca5fd6d56e2f4cb0569d
a41e1f45db2fbc59562390ba8567ec3373d69510
cac5a0bd86eba50bf4a83d4dc43fe38b759ed39cc8397fdbbaa7ea68b9c63cfa
GET /585b051251.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cors-app.com
DNT: 1
Connection: keep-alive
Referer: https://cors-app.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 27 Nov 2023 07:25:29 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, stale-while-revalidate=30
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: F5tOA9tx479_1saQtFMC
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 82c8a334191656a5-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
104.18.10.207200 OK 51 kB URL GET HTTP/3 stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
IP 104.18.10.207:443
Requested by https://cors-app.com/BA/#johnm@hwl.com.hk
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (50758)
Hash 67176c242e1bdc20603c878dee836df3
27a71b00383d61ef3c489326b3564d698fc1227c
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
GET /bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cors-app.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 27 Nov 2023 07:25:29 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: US
cdn-edgestorageid: 674, 718, 718
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-cachedat: 2021-06-08 05:11:08
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: d57b249fbc897a386cb949167a1340aa
cdn-cache: HIT
cf-cache-status: HIT
age: 1708770
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 82c8a333ec2256c7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400