r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5fe582397f3003b225cb9058e02c2190
68174a54a8f6c4de9247ccea2dcae3c9b76bdb9f
238a2ef5b61d56353d0a5e97ec3092b8f2792cde7cecf40e1a858f8c129d3a9d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "238A2EF5B61D56353D0A5E97EC3092B8F2792CDE7CECF40E1A858F8C129D3A9D"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4283
Expires: Wed, 25 Jan 2023 12:56:16 GMT
Date: Wed, 25 Jan 2023 11:44:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 04512fea22644dc0d22c3f3a665f6645
0e213646abfc6d9560ba562362fd9e9115be8354
124d9534f75506b8e8c7535ee7295ac4e6cf5a8249a0edac6940839e56043181
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "124D9534F75506B8E8C7535EE7295AC4E6CF5A8249A0EDAC6940839E56043181"
Last-Modified: Mon, 23 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12682
Expires: Wed, 25 Jan 2023 15:16:15 GMT
Date: Wed, 25 Jan 2023 11:44:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6cd4f1da1215c7473500807c185f2449
b14db0c67cf1f5faf85648ed8f94baf2dd03808b
9750518efd869da5ff74ba65a196445bd4340c909157cc1a420f62c1d07224a0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9750518EFD869DA5FF74BA65A196445BD4340C909157CC1A420F62C1D07224A0"
Last-Modified: Mon, 23 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2704
Expires: Wed, 25 Jan 2023 12:29:57 GMT
Date: Wed, 25 Jan 2023 11:44:53 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 25 Jan 2023 11:35:12 GMT
content-type: application/json
age: 581
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: JwygrvqTcd53gKI6xkTey2wYek8OlaidUkAIesQk039dTzIrCsierUUGhewe9SxuUeFaj5llt1c=
x-amz-request-id: RPY59VPCHXJX6YX9
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 25 Jan 2023 11:19:39 GMT
age: 1514
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
zbnfps.cf/
45.152.46.6301 Moved Permanently 707 B IP 45.152.46.6:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET / HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Wed, 25 Jan 2023 11:44:54 GMT
server: LiteSpeed
location: https://zbnfps.cf/
platform: hostinger
content-security-policy: upgrade-insecure-requests
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 11:44:53 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 25 Jan 2023 10:48:59 GMT
age: 3354
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1e2970e1480a4759282d63bb213051e4
ed5194d4d25dfc199821129be5d74be0ce49197d
18e19ea4c9c262cb9a94f89172eef2604222e779346589d470bf2e95ea295563
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18E19EA4C9C262CB9A94F89172EEF2604222E779346589D470BF2E95EA295563"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6343
Expires: Wed, 25 Jan 2023 13:30:36 GMT
Date: Wed, 25 Jan 2023 11:44:53 GMT
Connection: keep-alive
push.services.mozilla.com/
54.149.213.50101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.213.50:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /i41ohvZLBAZnbncYWV0ow==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: iW+x53eIH/CDxWsv7i1bmR1LH1s=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 018499275644e88f97fc499e33b74d62
534a55c53eeaffd0f14b67b15ac0049608d8870d
cb952a1354b1ecdd440a57cfa7337524ac2b86c08edf1969676c801c5ff19ad3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CB952A1354B1ECDD440A57CFA7337524AC2B86C08EDF1969676C801C5FF19AD3"
Last-Modified: Wed, 25 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18774
Expires: Wed, 25 Jan 2023 16:57:48 GMT
Date: Wed, 25 Jan 2023 11:44:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 322e909e1b70fe717f7dc2c776e19b06
991db6acf3c4b3b2e71a09552ca7dc3aca935f04
502de81b27aa1a1f022fb68f13c9ccc191f3d6f66ab320ae2373449a28f83aff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "502DE81B27AA1A1F022FB68F13C9CCC191F3D6F66AB320AE2373449A28F83AFF"
Last-Modified: Mon, 23 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18909
Expires: Wed, 25 Jan 2023 17:00:03 GMT
Date: Wed, 25 Jan 2023 11:44:54 GMT
Connection: keep-alive
www.adsmatcher.com/api/viewability.min.js?ver=6.1.1
188.165.5.107200 OK 207 B URL HTTP/2 www.adsmatcher.com/api/viewability.min.js?ver=6.1.1
IP 188.165.5.107:0
File type ASCII text, with CRLF line terminators
Hash 870afae59cf4b389d2c48054b5998db0
e3f23635da30ee919f64fe00d516d48d2121fe15
80764b262ffe1804834038dce1edf3093716c913724f67b9fd9692e0108251cf
GET /api/viewability.min.js?ver=6.1.1 HTTP/1.1
Host: www.adsmatcher.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 11:44:54 GMT
content-type: application/javascript
content-length: 207
server: Apache
last-modified: Thu, 08 Sep 2022 22:02:30 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 25 Jan 2023 11:59:54 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 307b5d25f577310a8e58f0b651abb9ba
9c62aea8238006ed25102260a6ed82c19d84a2d4
72ced714e51afd4b6c1389d095736483cb2be8c0eb6ef9ac60c452ce7f459b94
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "72CED714E51AFD4B6C1389D095736483CB2BE8C0EB6EF9AC60C452CE7F459B94"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11023
Expires: Wed, 25 Jan 2023 14:48:37 GMT
Date: Wed, 25 Jan 2023 11:44:54 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash cc2b9a26cf016c0cf9e73531f6004051
408990c14ea8af4c979a277da755c89771672356
36e955bd017c3febc7623ad388bb260757294ca612b94ae5417de6cc04073a82
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 11:44:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?render=6LfEXOQjAAAAABrzrXbC1Bq1e1Dg19kXbbzIJoOg&ver=3.0
142.250.74.164200 OK 585 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6LfEXOQjAAAAABrzrXbC1Bq1e1Dg19kXbbzIJoOg&ver=3.0
IP 142.250.74.164:0
File type ASCII text, with very long lines (884), with no line terminators
Hash 8c58e116e3195cbe6e53d22279e98405
5774c73dd092f6dcfc3868d0601e702e7675f58c
7933e98603b12c36e9a33bcf9dab15270147980df08b77145ff2f9432693dc9b
GET /recaptcha/api.js?render=6LfEXOQjAAAAABrzrXbC1Bq1e1Dg19kXbbzIJoOg&ver=3.0 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Wed, 25 Jan 2023 11:44:54 GMT
date: Wed, 25 Jan 2023 11:44:54 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 585
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 47d71bf163265666c21e2410fb568043
54a4b0f241af261f878967ce058f5885be476cc4
8b7ce4c8269941cf55ca12415b1abfd7d4ae7bf5823657f3afe5e8dd34bed80b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 11:44:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
zbnfps.cf/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=6.1.1
45.152.46.6200 OK 237 B URL HTTP/2 zbnfps.cf/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=6.1.1
IP 45.152.46.6:0
Hash c91e1bbe4e87ed37df5194bb04fe2aff
5511084b9c7101c0a77d7641f181c07202c2b19f
7d375156d026c3447eb2c3c8465cb3035317180b961b4b627cc7c6f9cf4f63c0
GET /wp-content/plugins/gtranslate/gtranslate-style24.css?ver=6.1.1 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:55 GMT
content-type: text/css
last-modified: Thu, 19 Jan 2023 02:44:29 GMT
etag: "2b5-63c8ae8d-ba555c3f79964fe4;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 237
date: Wed, 25 Jan 2023 11:44:55 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
45.152.46.6200 OK 11 kB URL HTTP/2 zbnfps.cf/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 45.152.46.6:0
File type ASCII text, with very long lines (47826)
Hash ba5eac37229008eef8a48bb9c12da241
95a3100a0d65a7bd0ebeba66a7ef01146cf96a24
60a4012feb8a3fb3b7f5d411ee9241e12c9ef0e5b33f249aea1b1ad103a71c0f
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:55 GMT
content-type: text/css
last-modified: Tue, 06 Dec 2022 06:41:15 GMT
etag: "172a9-638ee40b-cf07414d7dfacbf6;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11353
date: Wed, 25 Jan 2023 11:44:55 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/wp-includes/css/classic-themes.min.css?ver=1
45.152.46.6200 OK 217 B URL HTTP/2 zbnfps.cf/wp-includes/css/classic-themes.min.css?ver=1
IP 45.152.46.6:0
Hash 95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:55 GMT
content-type: text/css
last-modified: Tue, 06 Dec 2022 06:41:15 GMT
etag: "d9-638ee40b-71cde2b864f2b2c4;;;"
accept-ranges: bytes
content-length: 217
date: Wed, 25 Jan 2023 11:44:55 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.2
45.152.46.6200 OK 869 B URL HTTP/2 zbnfps.cf/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.2
IP 45.152.46.6:0
Hash 6288d6d52253c18598b740ee1169d4f1
dc364cb90c2b1b076bea4e347554d3bd9fd8a475
8d7330cc7b18dc516b54c96d17296a3d4d475bacc165078441d7aad844b12621
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.2 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:55 GMT
content-type: text/css
last-modified: Thu, 05 Jan 2023 06:52:27 GMT
etag: "af3-63b673ab-9b2340e32e0e31ec;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 869
date: Wed, 25 Jan 2023 11:44:55 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/wp-content/plugins/complianz-gdpr/assets/css/cookieblocker.min.css?ver=6.4.0
45.152.46.6200 OK 618 B URL HTTP/2 zbnfps.cf/wp-content/plugins/complianz-gdpr/assets/css/cookieblocker.min.css?ver=6.4.0
IP 45.152.46.6:0
File type ASCII text, with very long lines (2853), with no line terminators
Hash 7f53bca2ff9891ebe6ad5d2a69a47ec3
e83f49dd187e6f7178fec19ee510059ebd0ab1cb
f7d1ac5a034a73ab16ea8ca628ecab70360b099cfea9c6c971bfb2133aca1ac1
GET /wp-content/plugins/complianz-gdpr/assets/css/cookieblocker.min.css?ver=6.4.0 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:55 GMT
content-type: text/css
last-modified: Wed, 18 Jan 2023 17:31:07 GMT
etag: "b25-63c82cdb-cfa407fe2d2b0f64;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 618
date: Wed, 25 Jan 2023 11:44:55 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/wp-content/uploads/maxmegamenu/style.css?ver=5c98a3
45.152.46.6200 OK 7.1 kB URL HTTP/2 zbnfps.cf/wp-content/uploads/maxmegamenu/style.css?ver=5c98a3
IP 45.152.46.6:0
File type ASCII text, with very long lines (1050)
Hash 4c58571722984263892e6d532dddaf46
25b001028cdb2f609b22e0a4b67ccaea67cbe5de
b2992e8fb2df3c493f7e433653cdbf8453fa387aa0a16b63f8fbc87a4ddc1c7b
GET /wp-content/uploads/maxmegamenu/style.css?ver=5c98a3 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:55 GMT
content-type: text/css
last-modified: Wed, 25 Jan 2023 11:14:32 GMT
etag: "173ba-63d10f18-12b00d40ccfc3e39;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7146
date: Wed, 25 Jan 2023 11:44:55 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/wp-includes/css/dashicons.min.css?ver=6.1.1
45.152.46.6200 OK 35 kB URL HTTP/2 zbnfps.cf/wp-includes/css/dashicons.min.css?ver=6.1.1
IP 45.152.46.6:0
File type ASCII text, with very long lines (58981)
Hash 5e0ff4a00665a71941067cb099cfa44c
fffe235e5fb7b54bc327f32847ec762b5af61654
3bd61ee6e6c53c7f58719e64cd26a87afbf403dc68388d763701f139a82e9ad1
GET /wp-includes/css/dashicons.min.css?ver=6.1.1 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:55 GMT
content-type: text/css
last-modified: Tue, 06 Dec 2022 06:41:15 GMT
etag: "e688-638ee40b-eeb2833dcf12b711;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 35099
date: Wed, 25 Jan 2023 11:44:55 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/wp-content/plugins/megamenu-pro/icons/genericons/genericons/genericons.css?ver=2.2.4
45.152.46.6200 OK 16 kB URL HTTP/2 zbnfps.cf/wp-content/plugins/megamenu-pro/icons/genericons/genericons/genericons.css?ver=2.2.4
IP 45.152.46.6:0
File type ASCII text, with very long lines (19226)
Hash 31f8f71cb1ff9405239d38e4863c97f5
3114c8efc3fea434f99713d4fda21fc728c7931d
8fbef9dd994842f511e39962d6321e5d7e3f7f5428328c4575992bf81ebfeca9
GET /wp-content/plugins/megamenu-pro/icons/genericons/genericons/genericons.css?ver=2.2.4 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:55 GMT
content-type: text/css
last-modified: Sun, 01 Jan 2023 03:52:55 GMT
etag: "6b84-63b10397-7b79784126e5a6d8;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 16212
date: Wed, 25 Jan 2023 11:44:55 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/wp-content/plugins/megamenu-pro/icons/fontawesome/css/font-awesome.min.css?ver=2.2.4
45.152.46.6200 OK 6.6 kB URL HTTP/2 zbnfps.cf/wp-content/plugins/megamenu-pro/icons/fontawesome/css/font-awesome.min.css?ver=2.2.4
IP 45.152.46.6:0
File type ASCII text, with very long lines (30837)
Hash b8c655d76feed5e34fcacac29f060170
41590916c5f2bbd8354d5002171bc2bc0a2c5cee
a8825f3d29353514ef7f5c8e5bcf286ae4df70e248fcedc02e4e184cc6c64650
GET /wp-content/plugins/megamenu-pro/icons/fontawesome/css/font-awesome.min.css?ver=2.2.4 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:55 GMT
content-type: text/css
last-modified: Sun, 01 Jan 2023 03:52:55 GMT
etag: "7918-63b10397-9813ce3123d16482;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6628
date: Wed, 25 Jan 2023 11:44:55 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/wp-content/plugins/megamenu-pro/icons/fontawesome5/css/all.min.css?ver=2.2.4
45.152.46.6200 OK 11 kB URL HTTP/2 zbnfps.cf/wp-content/plugins/megamenu-pro/icons/fontawesome5/css/all.min.css?ver=2.2.4
IP 45.152.46.6:0
File type ASCII text, with very long lines (55139)
Hash 839c7004277f415c64b4fce794e516e3
321c98e16b593b03afa0e07fdd5de5968c8155aa
2624be2dc187b8c0349644dc0fdfd2d2752f7e2076f283f84ae16c550b8bfa8d
GET /wp-content/plugins/megamenu-pro/icons/fontawesome5/css/all.min.css?ver=2.2.4 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:55 GMT
content-type: text/css
last-modified: Sun, 01 Jan 2023 03:52:54 GMT
etag: "d81d-63b10396-196c02387eff8d7a;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11270
date: Wed, 25 Jan 2023 11:44:55 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/wp-content/themes/oceanwp/assets/css/third/simple-line-icons.min.css?ver=2.4.0
45.152.46.6200 OK 2.3 kB URL HTTP/2 zbnfps.cf/wp-content/themes/oceanwp/assets/css/third/simple-line-icons.min.css?ver=2.4.0
IP 45.152.46.6:0
File type ASCII text, with very long lines (10927), with no line terminators
Hash 49872e008158ea7eafb333619bdfd729
3b614e913175dd339ebb9f2f432bde78f1a52838
bb1aa8d0a7becbb677118efe065f7c176220675611d11e9f1d3eea44f9aad057
GET /wp-content/themes/oceanwp/assets/css/third/simple-line-icons.min.css?ver=2.4.0 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:55 GMT
content-type: text/css
last-modified: Thu, 12 Jan 2023 23:59:24 GMT
etag: "2aaf-63c09edc-1bb255322e4125e7;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2299
date: Wed, 25 Jan 2023 11:44:55 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
45.152.46.6200 OK 4.0 kB URL HTTP/2 zbnfps.cf/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 45.152.46.6:0
File type ASCII text, with very long lines (11126)
Hash 4116c2be947ecf205a0c7fc117ca55f0
0cd8efc9fe349d67a86b49d1e5582a9b21d05add
6b1970b536b88a18b0eb4fe138e677b9736294057660676507fabee57cb0462c
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:55 GMT
content-type: application/x-javascript
last-modified: Tue, 06 Dec 2022 06:41:15 GMT
etag: "2bd8-638ee40b-117d151c22c64622;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3984
date: Wed, 25 Jan 2023 11:44:55 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/wp-content/plugins/go-night-pro/public/js/go-night-pro.js?ver=1.1.0
45.152.46.6200 OK 2.5 kB URL HTTP/2 zbnfps.cf/wp-content/plugins/go-night-pro/public/js/go-night-pro.js?ver=1.1.0
IP 45.152.46.6:0
Hash b6a0fe69fb3eacc7167bb3b728fc5292
918e2e7379d2bd77225b8511f58ff0b3389d41d3
f815b203f64e29cd97a9c99945f75effe7e7028d368890125a01d04676376eb2
GET /wp-content/plugins/go-night-pro/public/js/go-night-pro.js?ver=1.1.0 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:55 GMT
content-type: application/x-javascript
last-modified: Sun, 01 Jan 2023 06:57:30 GMT
etag: "3ca3-63b12eda-4af0f5c400a1615e;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2450
date: Wed, 25 Jan 2023 11:44:55 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/wp-content/themes/oceanwp/assets/fonts/fontawesome/css/all.min.css?ver=5.15.1
45.152.46.6200 OK 12 kB URL HTTP/2 zbnfps.cf/wp-content/themes/oceanwp/assets/fonts/fontawesome/css/all.min.css?ver=5.15.1
IP 45.152.46.6:0
File type ASCII text, with very long lines (59158), with CRLF line terminators
Hash 09087f97e4fb8b6b1008983e218e1207
560c1faa9ef8c74d9fd28984abbe54495e0ae246
13bb9d1c7b0a987b60278d9f0f5c9a494dfa5b09f7f4aa84318a392a6d1e0acc
GET /wp-content/themes/oceanwp/assets/fonts/fontawesome/css/all.min.css?ver=5.15.1 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:55 GMT
content-type: text/css
last-modified: Thu, 12 Jan 2023 23:59:24 GMT
etag: "e7d4-63c09edc-16dcb1fdaea156d;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12323
date: Wed, 25 Jan 2023 11:44:55 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
45.152.46.6200 OK 4.6 kB URL HTTP/2 zbnfps.cf/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 45.152.46.6:0
File type ASCII text, with very long lines (15660)
Hash 4402e98c197d70e9bc78b1da062e658a
b1d2477c6b1dfa9283d79a0a3944098dde573f68
4e646c55a8c057d08458aed4f913f5ae713e1351aadc0bcdf947bc48fb6a73ed
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:55 GMT
content-type: application/x-javascript
last-modified: Tue, 06 Dec 2022 06:41:15 GMT
etag: "48b9-638ee40b-8cb8130dff302938;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4572
date: Wed, 25 Jan 2023 11:44:55 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/wp-content/themes/oceanwp/assets/css/style.min.css?ver=3.4.1
45.152.46.6200 OK 25 kB URL HTTP/2 zbnfps.cf/wp-content/themes/oceanwp/assets/css/style.min.css?ver=3.4.1
IP 45.152.46.6:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (65525), with no line terminators
Hash 66b69180adf2e2da1f037b9bc484791d
2876098ccff3c3d0e1c297ae07ec3226467bda91
3ff396983506fc07ca91ef32c365bf2f91abe35f0db7cc5e808432eab9b369c5
GET /wp-content/themes/oceanwp/assets/css/style.min.css?ver=3.4.1 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:55 GMT
content-type: text/css
last-modified: Thu, 12 Jan 2023 23:59:24 GMT
etag: "2b609-63c09edc-6cb4357509c4026d;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 24645
date: Wed, 25 Jan 2023 11:44:55 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/wp-content/plugins/brizy/public/editor-build/251-wp/editor/css/preview.css?ver=2.4.14
45.152.46.6200 OK 29 kB URL HTTP/2 zbnfps.cf/wp-content/plugins/brizy/public/editor-build/251-wp/editor/css/preview.css?ver=2.4.14
IP 45.152.46.6:0
File type assembler source, ASCII text
Hash 0db1addefb891c575f6192aab3d0dad6
5b7050d41dbcdb442402631369430eef36a4ba8d
235c37eabc15757904741e3f0fe9ddb4bf892ff8203dc793a55e5fdaf1269d54
GET /wp-content/plugins/brizy/public/editor-build/251-wp/editor/css/preview.css?ver=2.4.14 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:55 GMT
content-type: text/css
last-modified: Sun, 01 Jan 2023 03:57:05 GMT
etag: "46c23-63b10491-c421cd359056bdf4;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 29046
date: Wed, 25 Jan 2023 11:44:55 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
45.152.46.6200 OK 30 kB URL HTTP/2 zbnfps.cf/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 45.152.46.6:0
File type ASCII text, with very long lines (65447)
Hash cdbbc979b5a5de31a3ac8296e0ef489e
b83000eb74956c3404fb58c87e95aed5bab2ed19
48a6489945365cddb4c75af60f1e6a8a15d6598a1596ef18eb1b4aaad33e96f3
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:55 GMT
content-type: application/x-javascript
last-modified: Tue, 06 Dec 2022 06:41:15 GMT
etag: "15e54-638ee40b-db20a054c2b3f09;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30075
date: Wed, 25 Jan 2023 11:44:55 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
fonts.bunny.net/overpass/files/overpass-latin-700-normal.woff2
194.242.11.186200 OK 16 kB URL HTTP/2 fonts.bunny.net/overpass/files/overpass-latin-700-normal.woff2
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type Web Open Font Format (Version 2), TrueType, length 16296, version 1.0\012- data
Hash 7377f379fe5354af4a27bbb954ce816e
e62506bd4a05a9a68b81090c14e27bd30c7cceee
5c91507ba9508c8bbe28c7f1c80b5133c51c5a12016a0cb22be98520de7fb1ae
GET /overpass/files/overpass-latin-700-normal.woff2 HTTP/1.1
Host: fonts.bunny.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://zbnfps.cf
Connection: keep-alive
Referer: https://fonts.bunny.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 11:44:55 GMT
content-type: font/woff2
content-length: 16296
server: BunnyCDN-NO1-830
cdn-pullzone: 781720
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
etag: "63aee32a-3fa8"
last-modified: Fri, 30 Dec 2022 13:10:02 GMT
cdn-storageserver: SE-344
cdn-fileserver: 344
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/09/2023 10:40:26
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 8c519565534f8d3c2f40b88d2c56ef3b
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.bunny.net/lato/files/lato-latin-400-normal.woff2
194.242.11.186200 OK 24 kB URL HTTP/2 fonts.bunny.net/lato/files/lato-latin-400-normal.woff2
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /lato/files/lato-latin-400-normal.woff2 HTTP/1.1
Host: fonts.bunny.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://zbnfps.cf
Connection: keep-alive
Referer: https://fonts.bunny.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 11:44:55 GMT
content-type: font/woff2
content-length: 23580
server: BunnyCDN-NO1-830
cdn-pullzone: 781720
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
etag: "63ae91bd-5c1c"
last-modified: Fri, 30 Dec 2022 07:22:37 GMT
cdn-storageserver: SE-344
cdn-fileserver: 318
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/09/2023 10:41:05
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 1d13c3b5eb0290d0364909cf3f0657f5
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.bunny.net/overpass/files/overpass-latin-400-normal.woff2
194.242.11.186200 OK 16 kB URL HTTP/2 fonts.bunny.net/overpass/files/overpass-latin-400-normal.woff2
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type Web Open Font Format (Version 2), TrueType, length 15792, version 1.0\012- data
Hash 2d1c9b7b1baef2dc59a31bb8736a5bce
23dd038466a38fc381896ead0a75853eee9c2437
b6f01e18196420adbd5f5f9b31461fd037f1ea92e7fa542316cf3c4cf8bddcaf
GET /overpass/files/overpass-latin-400-normal.woff2 HTTP/1.1
Host: fonts.bunny.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://zbnfps.cf
Connection: keep-alive
Referer: https://fonts.bunny.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 11:44:55 GMT
content-type: font/woff2
content-length: 15792
server: BunnyCDN-NO1-830
cdn-pullzone: 781720
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
etag: "63aee324-3db0"
last-modified: Fri, 30 Dec 2022 13:09:56 GMT
cdn-storageserver: SE-344
cdn-fileserver: 344
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/10/2023 19:36:43
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 85bb0a8b2a84ce7d9684deac05967dbe
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.bunny.net/overpass/files/overpass-latin-400-italic.woff2
194.242.11.186200 OK 16 kB URL HTTP/2 fonts.bunny.net/overpass/files/overpass-latin-400-italic.woff2
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type Web Open Font Format (Version 2), TrueType, length 16496, version 1.0\012- data
Hash 719cadd05fdc377f873e35db042bdaf6
6486ec231b0ea065d9dcdb7f788ebe0f16cf17c0
801c6b30396c2f1974b97ef3472c37ee9916401b867b51fbdbbeb282b156430d
GET /overpass/files/overpass-latin-400-italic.woff2 HTTP/1.1
Host: fonts.bunny.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://zbnfps.cf
Connection: keep-alive
Referer: https://fonts.bunny.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 11:44:55 GMT
content-type: font/woff2
content-length: 16496
server: BunnyCDN-NO1-830
cdn-pullzone: 781720
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
etag: "63aee325-4070"
last-modified: Fri, 30 Dec 2022 13:09:57 GMT
cdn-storageserver: SE-318
cdn-fileserver: 344
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/09/2023 10:45:38
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 2409308fd3cec2f8fe09b9a17ba97fd8
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fe92992ce784bcdb95a74c01034e4afc
aad627e0dba4b27165498b11a3d064f417ca55dc
046eb09a133d249fb3fe8cbd629281570cfb6fb9af1e3c65ffa9aeb3cae9fe27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "046EB09A133D249FB3FE8CBD629281570CFB6FB9AF1E3C65FFA9AEB3CAE9FE27"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17682
Expires: Wed, 25 Jan 2023 16:39:37 GMT
Date: Wed, 25 Jan 2023 11:44:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13760
Expires: Wed, 25 Jan 2023 15:34:15 GMT
Date: Wed, 25 Jan 2023 11:44:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13760
Expires: Wed, 25 Jan 2023 15:34:15 GMT
Date: Wed, 25 Jan 2023 11:44:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13760
Expires: Wed, 25 Jan 2023 15:34:15 GMT
Date: Wed, 25 Jan 2023 11:44:55 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7458f7a9b2070055df6f1d496794e43e
0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9
373097662c419eef9f4a19ce9f3bcead70f6eafbf0acf44806685eece43ce251
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12758
x-amzn-requestid: c3540562-8c62-4957-9528-7ae952daebaa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9gf1E87oAMFpsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c87acb-49fd3f78275937e24d23fca3;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 23:03:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: c5YOTqrEv9RLv_lKsrC377yost8auxYRPLubBFGjIWtnbueiGMJYGw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 05:14:35 GMT
age: 23420
etag: "0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
zbnfps.cf/
45.152.46.6200 OK 114 kB IP 45.152.46.6:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (22573)
Size 114 kB (114036 bytes)
Hash 43335aa79a6e46d40b7a13e128b85e40
e8ae074f2c7e34f7a26171131de7e2db254d1b95
4d36c97ca9eb90c187d0d91ad480150bf4c61ae13a97a1652522fb544fab41ef
GET / HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-powered-by: PHP/7.4.32
content-type: text/html; charset=UTF-8
x-ua-compatible: IE=edge
link: <https://zbnfps.cf/wp-json/>; rel="https://api.w.org/", <https://zbnfps.cf/wp-json/wp/v2/pages/15>; rel="alternate"; type="application/json", <https://zbnfps.cf/>; rel=shortlink
etag: "2135-1674647089;br"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
date: Wed, 25 Jan 2023 11:44:55 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9192d2a7-4090-4a55-b72e-388ceb1f506d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9192d2a7-4090-4a55-b72e-388ceb1f506d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1d76c1b1126a3e1b51dcca652cb6727b
b199a381ccac4628f2bfa626b44c71954713ca98
3a34f2b7f79cb925c73d2c17197418004e4acf63a6eb69e471320069978f8282
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9192d2a7-4090-4a55-b72e-388ceb1f506d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10921
x-amzn-requestid: 7b8849e6-b52d-4165-b456-b200ddbb993b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEqtkGThIAMFb7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb57f0-1ed4803112d97956419b299e;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 03:11:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: FUbNMfYy8ci6d78p6LCu0Gxs3jw824ZzVp6drAbl8HCDBpghlZFP7g==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 07:57:09 GMT
age: 13666
etag: "b199a381ccac4628f2bfa626b44c71954713ca98"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7da858f1-3099-4d35-9bf6-fae2a155404c.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7da858f1-3099-4d35-9bf6-fae2a155404c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 05ff19472d4870833d7c6b495099a86c
6ad7424d14301c62a93ea71843238d2ff0699a02
1f2c62b3be1147d1ed12d1e28caa86c97684d5c5da87ebe3a709ce01cd878abb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7da858f1-3099-4d35-9bf6-fae2a155404c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8676
x-amzn-requestid: 15ae46cb-c80e-4b94-a8d3-8e2a83be64c8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLQdAG2BoAMFbOg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cdfab9-236ebb6b3fab6b25266203ba;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 03:10:49 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Xkpv0iMm4JNzdmNMQerJZXWXjWJ6YFYJ6WbaREC0S-0GX3WHv71mFw==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 03:33:57 GMT
age: 29458
etag: "6ad7424d14301c62a93ea71843238d2ff0699a02"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5974ff5e-ff49-4276-8943-5768c589b551.png
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5974ff5e-ff49-4276-8943-5768c589b551.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8b458c619b07de23b3620f392b0f56f6
e45a3cfee589406e1ea0f1ebd6e8d321487474e1
9927c7a8e606180964b6e052e1eb2bacb007d05a46c1f04e28c48a74096d3c03
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5974ff5e-ff49-4276-8943-5768c589b551.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8736
x-amzn-requestid: 65bdef1c-0389-4d16-b5fd-931d4753d75d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fBYVuF_4oAMF0Sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ca0757-1569aec44c54b7c87663feae;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 03:15:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3fzmJ8iZrVvBDurLOdAJXB6uuvk6KHvIBuKzMKAMSjKUzWICg1cCjQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 04:41:44 GMT
age: 25391
etag: "e45a3cfee589406e1ea0f1ebd6e8d321487474e1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91b2e12a39dc4f63b9d52e8800cce1f2
42d5b4b4a091778d98c351f0002d8656449d0243
d4dbc79e3383e83f861ccf8cde3e78ba427a66cd3fa99c17e23ec935867de4ad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8308
x-amzn-requestid: 1988d3b3-5e1a-41fd-83f5-092eddb9185f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNys5GDKoAMFdbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefe52-2349fde60b7db8a34c996717;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:38:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 5_1j_Z6HZ3DSGFPAACJduM5D9eAqMQT42GgI61x8dHAmPQtUexpEYQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 21:59:15 GMT
age: 49540
etag: "42d5b4b4a091778d98c351f0002d8656449d0243"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2fd3b5487710791cafa87110d681647a
6f3de59c79cf8f93c3312d917e9bb225a8bb25f9
35c24aa8f70e97185a0a18761f04b283cefecdce3abcd2261ccc6377077730c5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35C24AA8F70E97185A0A18761F04B283CEFECDCE3ABCD2261CCC6377077730C5"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12667
Expires: Wed, 25 Jan 2023 15:16:02 GMT
Date: Wed, 25 Jan 2023 11:44:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 11de04dc61bf459876e9ea287cecfbb0
5ee792c7fdb81bf12e9b15d6d95a601c26e0bdcc
2e1f309d96dbdb8f816eb13fba0641c57f19e0e19b66283e653a1b936e909141
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2E1F309D96DBDB8F816EB13FBA0641C57F19E0E19B66283E653A1B936E909141"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7097
Expires: Wed, 25 Jan 2023 13:43:12 GMT
Date: Wed, 25 Jan 2023 11:44:55 GMT
Connection: keep-alive
my.rtmark.net/gid.js
139.45.195.8200 OK 65 B IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 8546f36eba1cce5decf0f5656eb633f0
5537e019c970675d52785c590f028601c728ff9a
ad7f392bf3477edc1510956032b65c11f2639214d9feefb79a24af4a5efc7bfb
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://zbnfps.cf
Connection: keep-alive
Referer: https://zbnfps.cf/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 11:44:55 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://zbnfps.cf
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=21c5a511ae97490b9e2c1da142212cb0; expires=Thu, 25 Jan 2024 11:44:55 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5918ee2a4ef5f02d1fa53aabf4fd4fdf
cf37e57e49e78d2a1aef4f7a726db8acfb7e5965
816ab7195e69d3227538ac599ccf5e3a3499defb95704516c0607270d9352d57
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "816AB7195E69D3227538AC599CCF5E3A3499DEFB95704516C0607270D9352D57"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11089
Expires: Wed, 25 Jan 2023 14:49:44 GMT
Date: Wed, 25 Jan 2023 11:44:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f0a4098f041b32de6aeac7e8919dfb93
d3dd3d384e3bc4454b58f48c878261b5d165c2bd
1a2e07af32d611f5b897d8f26ba1ba7008bdbb7814bc749dc3f6992167ed6d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1A2E07AF32D611F5B897D8F26BA1BA7008BDBB7814BC749DC3F6992167ED6D64"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12689
Expires: Wed, 25 Jan 2023 15:16:24 GMT
Date: Wed, 25 Jan 2023 11:44:55 GMT
Connection: keep-alive
arsnivyr.com/9?z=5673570&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fzbnfps.cf%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=21c5a511ae97490b9e2c1da142212cb0
139.45.197.242204 No Content 0 B URL HTTP/2 arsnivyr.com/9?z=5673570&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fzbnfps.cf%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=21c5a511ae97490b9e2c1da142212cb0
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /9?z=5673570&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fzbnfps.cf%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=21c5a511ae97490b9e2c1da142212cb0 HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://zbnfps.cf/
Origin: https://zbnfps.cf
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
server: nginx
date: Wed, 25 Jan 2023 11:44:55 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://zbnfps.cf
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
arsnivyr.com/11?rnd=2431867854&z=5673570&b=15811603&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=6wV9pfPQPVNIdjQWYhXfdDERcmeQCV7_YvRTZgnZ-f78OEdaqhWLLBsn8rILbEwsV0ORLYmltAp0l6NIbfOMtkfFimQY9FUHIprceqmWjNhgf7JIYmhN0YuSAWk_-bqtqnKVTw9D0F80ScnaqrT988DQp1NzWeF0VVHhZKGFQZkj03EsaxYF-x0cctqtd5pcFyd-IGzO_kfkOzBqYf30QfAmFJc7-sOeRo1eAr5plLRQiFXTPFZNFewlvl-Kuo1BKx3BVKccrZ6p_W83gM7jqw8GMg78RKeEAFKAl3QdElCX79rDLnK-m0A38Ve8f9u2_qDFX1gr7gQ13kuh_WbBt2xhcmVsFBKtEMU-J5IGV-mytUo-N1AI2KTQ5Xp2MdCG3F0a0wIxCTqhRBx5xYPiLx2OH0QiVg3XsVW82n4oUpgQr02cwNW-R21ubQVVzysG5if6Fv1ov4dfLFzDAXr9mLiHC1GvFnkaXT586QrB4mX1RCJx6M0VjxKr4k1ifentnlR8C72ZT9yrMHeEO_RXlQBer1PbIQM4w4FwSxZH-PEW2xaRd9KsjXS1dM3X-Vk2naIzkLXWvDCXHaLQO1b0aIkZMqj5_3SIL-HALvbRRC4G4EasBXkh88eRsnN0vrGugwA4i0t-ffBoxFBCYzxzPt-0tUE=&ruid=4e32d56c-a727-4d8b-b5da-35416a4046e8&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fzbnfps.cf%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=233
139.45.197.242200 OK 0 B URL HTTP/2 arsnivyr.com/11?rnd=2431867854&z=5673570&b=15811603&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=6wV9pfPQPVNIdjQWYhXfdDERcmeQCV7_YvRTZgnZ-f78OEdaqhWLLBsn8rILbEwsV0ORLYmltAp0l6NIbfOMtkfFimQY9FUHIprceqmWjNhgf7JIYmhN0YuSAWk_-bqtqnKVTw9D0F80ScnaqrT988DQp1NzWeF0VVHhZKGFQZkj03EsaxYF-x0cctqtd5pcFyd-IGzO_kfkOzBqYf30QfAmFJc7-sOeRo1eAr5plLRQiFXTPFZNFewlvl-Kuo1BKx3BVKccrZ6p_W83gM7jqw8GMg78RKeEAFKAl3QdElCX79rDLnK-m0A38Ve8f9u2_qDFX1gr7gQ13kuh_WbBt2xhcmVsFBKtEMU-J5IGV-mytUo-N1AI2KTQ5Xp2MdCG3F0a0wIxCTqhRBx5xYPiLx2OH0QiVg3XsVW82n4oUpgQr02cwNW-R21ubQVVzysG5if6Fv1ov4dfLFzDAXr9mLiHC1GvFnkaXT586QrB4mX1RCJx6M0VjxKr4k1ifentnlR8C72ZT9yrMHeEO_RXlQBer1PbIQM4w4FwSxZH-PEW2xaRd9KsjXS1dM3X-Vk2naIzkLXWvDCXHaLQO1b0aIkZMqj5_3SIL-HALvbRRC4G4EasBXkh88eRsnN0vrGugwA4i0t-ffBoxFBCYzxzPt-0tUE=&ruid=4e32d56c-a727-4d8b-b5da-35416a4046e8&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fzbnfps.cf%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=233
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /11?rnd=2431867854&z=5673570&b=15811603&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=6wV9pfPQPVNIdjQWYhXfdDERcmeQCV7_YvRTZgnZ-f78OEdaqhWLLBsn8rILbEwsV0ORLYmltAp0l6NIbfOMtkfFimQY9FUHIprceqmWjNhgf7JIYmhN0YuSAWk_-bqtqnKVTw9D0F80ScnaqrT988DQp1NzWeF0VVHhZKGFQZkj03EsaxYF-x0cctqtd5pcFyd-IGzO_kfkOzBqYf30QfAmFJc7-sOeRo1eAr5plLRQiFXTPFZNFewlvl-Kuo1BKx3BVKccrZ6p_W83gM7jqw8GMg78RKeEAFKAl3QdElCX79rDLnK-m0A38Ve8f9u2_qDFX1gr7gQ13kuh_WbBt2xhcmVsFBKtEMU-J5IGV-mytUo-N1AI2KTQ5Xp2MdCG3F0a0wIxCTqhRBx5xYPiLx2OH0QiVg3XsVW82n4oUpgQr02cwNW-R21ubQVVzysG5if6Fv1ov4dfLFzDAXr9mLiHC1GvFnkaXT586QrB4mX1RCJx6M0VjxKr4k1ifentnlR8C72ZT9yrMHeEO_RXlQBer1PbIQM4w4FwSxZH-PEW2xaRd9KsjXS1dM3X-Vk2naIzkLXWvDCXHaLQO1b0aIkZMqj5_3SIL-HALvbRRC4G4EasBXkh88eRsnN0vrGugwA4i0t-ffBoxFBCYzxzPt-0tUE=&ruid=4e32d56c-a727-4d8b-b5da-35416a4046e8&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fzbnfps.cf%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=233 HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://zbnfps.cf
Connection: keep-alive
Referer: https://zbnfps.cf/
Cookie: scm=1; OAID=21c5a511ae97490b9e2c1da142212cb0; oaidts=1674647094
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 11:44:56 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://zbnfps.cf
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: 835544fb07e77a1e4b4e90e2864dea73
access-control-expose-headers: X-Sc
set-cookie: OAID=21c5a511ae97490b9e2c1da142212cb0; expires=Thu, 25 Jan 2024 11:44:56 GMT; secure; SameSite=None
oaidts=1674647094; expires=Thu, 25 Jan 2024 11:44:56 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
arsnivyr.com/121?rnd=2046574758&z=5673570&b=15811603&c=6345548&var=&d=https%3A%2F%2Fnya.bz%2F&cln={CELL_NUMBER}&btp=7&rb=6wV9pfPQPVNIdjQWYhXfdDERcmeQCV7_YvRTZgnZ-f78OEdaqhWLLBsn8rILbEwsV0ORLYmltAp0l6NIbfOMtkfFimQY9FUHIprceqmWjNhgf7JIYmhN0YuSAWk_-bqtqnKVTw9D0F80ScnaqrT988DQp1NzWeF0VVHhZKGFQZkj03EsaxYF-x0cctqtd5pcFyd-IGzO_kfkOzBqYf30QfAmFJc7-sOeRo1eAr5plLRQiFXTPFZNFewlvl-Kuo1BKx3BVKccrZ6p_W83gM7jqw8GMg78RKeEAFKAl3QdElCX79rDLnK-m0A38Ve8f9u2_qDFX1gr7gQ13kuh_WbBt2xhcmVsFBKtEMU-J5IGV-mytUo-N1AI2KTQ5Xp2MdCG3F0a0wIxCTqhRBx5xYPiLx2OH0QiVg3XsVW82n4oUpgQr02cwNW-R21ubQVVzysG5if6Fv1ov4dfLFzDAXr9mLiHC1GvFnkaXT586QrB4mX1RCJx6M0VjxKr4k1ifentnlR8C72ZT9yrMHeEO_RXlQBer1PbIQM4w4FwSxZH-PEW2xaRd9KsjXS1dM3X-Vk2naIzkLXWvDCXHaLQO1b0aIkZMqj5_3SIL-HALvbRRC4G4EasBXkh88eRsnN0vrGugwA4i0t-ffBoxFBCYzxzPt-0tUE=&bag=u2kafeqmSuHYn4b4E40Ojxhkb-V_PDxz&ruid=4e32d56c-a727-4d8b-b5da-35416a4046e8
139.45.197.242302 Found 0 B URL HTTP/2 arsnivyr.com/121?rnd=2046574758&z=5673570&b=15811603&c=6345548&var=&d=https%3A%2F%2Fnya.bz%2F&cln={CELL_NUMBER}&btp=7&rb=6wV9pfPQPVNIdjQWYhXfdDERcmeQCV7_YvRTZgnZ-f78OEdaqhWLLBsn8rILbEwsV0ORLYmltAp0l6NIbfOMtkfFimQY9FUHIprceqmWjNhgf7JIYmhN0YuSAWk_-bqtqnKVTw9D0F80ScnaqrT988DQp1NzWeF0VVHhZKGFQZkj03EsaxYF-x0cctqtd5pcFyd-IGzO_kfkOzBqYf30QfAmFJc7-sOeRo1eAr5plLRQiFXTPFZNFewlvl-Kuo1BKx3BVKccrZ6p_W83gM7jqw8GMg78RKeEAFKAl3QdElCX79rDLnK-m0A38Ve8f9u2_qDFX1gr7gQ13kuh_WbBt2xhcmVsFBKtEMU-J5IGV-mytUo-N1AI2KTQ5Xp2MdCG3F0a0wIxCTqhRBx5xYPiLx2OH0QiVg3XsVW82n4oUpgQr02cwNW-R21ubQVVzysG5if6Fv1ov4dfLFzDAXr9mLiHC1GvFnkaXT586QrB4mX1RCJx6M0VjxKr4k1ifentnlR8C72ZT9yrMHeEO_RXlQBer1PbIQM4w4FwSxZH-PEW2xaRd9KsjXS1dM3X-Vk2naIzkLXWvDCXHaLQO1b0aIkZMqj5_3SIL-HALvbRRC4G4EasBXkh88eRsnN0vrGugwA4i0t-ffBoxFBCYzxzPt-0tUE=&bag=u2kafeqmSuHYn4b4E40Ojxhkb-V_PDxz&ruid=4e32d56c-a727-4d8b-b5da-35416a4046e8
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /121?rnd=2046574758&z=5673570&b=15811603&c=6345548&var=&d=https%3A%2F%2Fnya.bz%2F&cln={CELL_NUMBER}&btp=7&rb=6wV9pfPQPVNIdjQWYhXfdDERcmeQCV7_YvRTZgnZ-f78OEdaqhWLLBsn8rILbEwsV0ORLYmltAp0l6NIbfOMtkfFimQY9FUHIprceqmWjNhgf7JIYmhN0YuSAWk_-bqtqnKVTw9D0F80ScnaqrT988DQp1NzWeF0VVHhZKGFQZkj03EsaxYF-x0cctqtd5pcFyd-IGzO_kfkOzBqYf30QfAmFJc7-sOeRo1eAr5plLRQiFXTPFZNFewlvl-Kuo1BKx3BVKccrZ6p_W83gM7jqw8GMg78RKeEAFKAl3QdElCX79rDLnK-m0A38Ve8f9u2_qDFX1gr7gQ13kuh_WbBt2xhcmVsFBKtEMU-J5IGV-mytUo-N1AI2KTQ5Xp2MdCG3F0a0wIxCTqhRBx5xYPiLx2OH0QiVg3XsVW82n4oUpgQr02cwNW-R21ubQVVzysG5if6Fv1ov4dfLFzDAXr9mLiHC1GvFnkaXT586QrB4mX1RCJx6M0VjxKr4k1ifentnlR8C72ZT9yrMHeEO_RXlQBer1PbIQM4w4FwSxZH-PEW2xaRd9KsjXS1dM3X-Vk2naIzkLXWvDCXHaLQO1b0aIkZMqj5_3SIL-HALvbRRC4G4EasBXkh88eRsnN0vrGugwA4i0t-ffBoxFBCYzxzPt-0tUE=&bag=u2kafeqmSuHYn4b4E40Ojxhkb-V_PDxz&ruid=4e32d56c-a727-4d8b-b5da-35416a4046e8 HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: scm=1; OAID=21c5a511ae97490b9e2c1da142212cb0; oaidts=1674647094
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 25 Jan 2023 11:44:56 GMT
content-length: 0
location: https://nya.bz/
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: 97abce4bcf5b9e20fd2081c8fc236e74
access-control-expose-headers: X-Sc
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
arsnivyr.com/11?rnd=2431867854&z=5673570&b=15811603&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=6wV9pfPQPVNIdjQWYhXfdDERcmeQCV7_YvRTZgnZ-f78OEdaqhWLLBsn8rILbEwsV0ORLYmltAp0l6NIbfOMtkfFimQY9FUHIprceqmWjNhgf7JIYmhN0YuSAWk_-bqtqnKVTw9D0F80ScnaqrT988DQp1NzWeF0VVHhZKGFQZkj03EsaxYF-x0cctqtd5pcFyd-IGzO_kfkOzBqYf30QfAmFJc7-sOeRo1eAr5plLRQiFXTPFZNFewlvl-Kuo1BKx3BVKccrZ6p_W83gM7jqw8GMg78RKeEAFKAl3QdElCX79rDLnK-m0A38Ve8f9u2_qDFX1gr7gQ13kuh_WbBt2xhcmVsFBKtEMU-J5IGV-mytUo-N1AI2KTQ5Xp2MdCG3F0a0wIxCTqhRBx5xYPiLx2OH0QiVg3XsVW82n4oUpgQr02cwNW-R21ubQVVzysG5if6Fv1ov4dfLFzDAXr9mLiHC1GvFnkaXT586QrB4mX1RCJx6M0VjxKr4k1ifentnlR8C72ZT9yrMHeEO_RXlQBer1PbIQM4w4FwSxZH-PEW2xaRd9KsjXS1dM3X-Vk2naIzkLXWvDCXHaLQO1b0aIkZMqj5_3SIL-HALvbRRC4G4EasBXkh88eRsnN0vrGugwA4i0t-ffBoxFBCYzxzPt-0tUE=&ruid=4e32d56c-a727-4d8b-b5da-35416a4046e8&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fzbnfps.cf%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
139.45.197.242200 OK 0 B URL HTTP/2 arsnivyr.com/11?rnd=2431867854&z=5673570&b=15811603&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=6wV9pfPQPVNIdjQWYhXfdDERcmeQCV7_YvRTZgnZ-f78OEdaqhWLLBsn8rILbEwsV0ORLYmltAp0l6NIbfOMtkfFimQY9FUHIprceqmWjNhgf7JIYmhN0YuSAWk_-bqtqnKVTw9D0F80ScnaqrT988DQp1NzWeF0VVHhZKGFQZkj03EsaxYF-x0cctqtd5pcFyd-IGzO_kfkOzBqYf30QfAmFJc7-sOeRo1eAr5plLRQiFXTPFZNFewlvl-Kuo1BKx3BVKccrZ6p_W83gM7jqw8GMg78RKeEAFKAl3QdElCX79rDLnK-m0A38Ve8f9u2_qDFX1gr7gQ13kuh_WbBt2xhcmVsFBKtEMU-J5IGV-mytUo-N1AI2KTQ5Xp2MdCG3F0a0wIxCTqhRBx5xYPiLx2OH0QiVg3XsVW82n4oUpgQr02cwNW-R21ubQVVzysG5if6Fv1ov4dfLFzDAXr9mLiHC1GvFnkaXT586QrB4mX1RCJx6M0VjxKr4k1ifentnlR8C72ZT9yrMHeEO_RXlQBer1PbIQM4w4FwSxZH-PEW2xaRd9KsjXS1dM3X-Vk2naIzkLXWvDCXHaLQO1b0aIkZMqj5_3SIL-HALvbRRC4G4EasBXkh88eRsnN0vrGugwA4i0t-ffBoxFBCYzxzPt-0tUE=&ruid=4e32d56c-a727-4d8b-b5da-35416a4046e8&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fzbnfps.cf%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /11?rnd=2431867854&z=5673570&b=15811603&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=6wV9pfPQPVNIdjQWYhXfdDERcmeQCV7_YvRTZgnZ-f78OEdaqhWLLBsn8rILbEwsV0ORLYmltAp0l6NIbfOMtkfFimQY9FUHIprceqmWjNhgf7JIYmhN0YuSAWk_-bqtqnKVTw9D0F80ScnaqrT988DQp1NzWeF0VVHhZKGFQZkj03EsaxYF-x0cctqtd5pcFyd-IGzO_kfkOzBqYf30QfAmFJc7-sOeRo1eAr5plLRQiFXTPFZNFewlvl-Kuo1BKx3BVKccrZ6p_W83gM7jqw8GMg78RKeEAFKAl3QdElCX79rDLnK-m0A38Ve8f9u2_qDFX1gr7gQ13kuh_WbBt2xhcmVsFBKtEMU-J5IGV-mytUo-N1AI2KTQ5Xp2MdCG3F0a0wIxCTqhRBx5xYPiLx2OH0QiVg3XsVW82n4oUpgQr02cwNW-R21ubQVVzysG5if6Fv1ov4dfLFzDAXr9mLiHC1GvFnkaXT586QrB4mX1RCJx6M0VjxKr4k1ifentnlR8C72ZT9yrMHeEO_RXlQBer1PbIQM4w4FwSxZH-PEW2xaRd9KsjXS1dM3X-Vk2naIzkLXWvDCXHaLQO1b0aIkZMqj5_3SIL-HALvbRRC4G4EasBXkh88eRsnN0vrGugwA4i0t-ffBoxFBCYzxzPt-0tUE=&ruid=4e32d56c-a727-4d8b-b5da-35416a4046e8&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fzbnfps.cf%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1 HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://zbnfps.cf
Connection: keep-alive
Referer: https://zbnfps.cf/
Cookie: scm=1; OAID=21c5a511ae97490b9e2c1da142212cb0; oaidts=1674647094
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 11:44:56 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://zbnfps.cf
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: 92c4004c4ce08ef8da10131ef139c5df
access-control-expose-headers: X-Sc
set-cookie: OAID=21c5a511ae97490b9e2c1da142212cb0; expires=Thu, 25 Jan 2024 11:44:56 GMT; secure; SameSite=None
oaidts=1674647094; expires=Thu, 25 Jan 2024 11:44:56 GMT; secure; SameSite=None
oaidvc=1; expires=Thu, 25 Jan 2024 11:44:56 GMT; secure; SameSite=None
CNT=1_v1_E0TxAAEAAAC2S2Ri; expires=Wed, 25 Jan 2023 12:44:56 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
nya.bz/
91.209.70.200200 OK 1.4 kB IP 91.209.70.200:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 5d3ef281f93c892a2e1bae1b03ce75c9
345690bac211cf82798325b63a232856519be4cc
4218e761c2da76e5eb814706a9f8214a7347b3baefff7823d536890b63b8c6c8
GET / HTTP/1.1
Host: nya.bz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-length: 1401
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Wed, 25 Jan 2023 11:44:51 GMT
content-security-policy: upgrade-insecure-requests;
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
ny4.cc/wp-content/themes/keremiya1/font/gotham/GothamPro-Black.woff2
91.209.70.200200 OK 15 kB URL HTTP/2 ny4.cc/wp-content/themes/keremiya1/font/gotham/GothamPro-Black.woff2
IP 91.209.70.200:0
File type Web Open Font Format (Version 2), TrueType, length 14660, version 1.0\012- data
Hash fcc8180f99082d9a0752698178ceddb7
027684bb643a9f2d9f8fb2153601481c00c9b9a6
f0d65cd7a3355087ac5f60e1ebada9da55eb50461037f5956f778fe5f8b0cf72
GET /wp-content/themes/keremiya1/font/gotham/GothamPro-Black.woff2 HTTP/1.1
Host: ny4.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nya.bz
Connection: keep-alive
Referer: https://nya.bz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:51 GMT
content-type: font/woff2
last-modified: Mon, 12 Jul 2021 23:25:14 GMT
accept-ranges: bytes
content-length: 14660
date: Wed, 25 Jan 2023 11:44:51 GMT
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
ny4.cc/wp-content/themes/keremiya1/font/gotham/GothamPro-Medium.woff2
91.209.70.200200 OK 15 kB URL HTTP/2 ny4.cc/wp-content/themes/keremiya1/font/gotham/GothamPro-Medium.woff2
IP 91.209.70.200:0
File type Web Open Font Format (Version 2), TrueType, length 14980, version 1.0\012- data
Hash 020e7c2824fd0401c19628131f8052ef
6a026f0eb3afc186bf78944d811f50bcbb6d63a7
8629f78474c184fb377bdc250cf316f9e3a1961c3e08b8f24f613e9749c47aa3
GET /wp-content/themes/keremiya1/font/gotham/GothamPro-Medium.woff2 HTTP/1.1
Host: ny4.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nya.bz
Connection: keep-alive
Referer: https://nya.bz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:51 GMT
content-type: font/woff2
last-modified: Mon, 12 Jul 2021 23:25:14 GMT
accept-ranges: bytes
content-length: 14980
date: Wed, 25 Jan 2023 11:44:51 GMT
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
access-control-allow-origin: *
X-Firefox-Spdy: h2
ny4.cc/wp-content/themes/keremiya1/font/icon/keremiya.woff
91.209.70.200200 OK 15 kB URL HTTP/2 ny4.cc/wp-content/themes/keremiya1/font/icon/keremiya.woff
IP 91.209.70.200:0
File type Web Open Font Format, TrueType, length 15192, version 1.0\012- data
Hash 133041967cb6c3d33d2046ed10e9ebdd
88f7416e17647b341d3d14e28682bf9eca749286
42d5bfeb71f4ed036f484d18ccaaa1e408ef36b4b81d65c9f81d8b1ae26ccd52
GET /wp-content/themes/keremiya1/font/icon/keremiya.woff HTTP/1.1
Host: ny4.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nya.bz
Connection: keep-alive
Referer: https://nya.bz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:51 GMT
content-type: font/woff
last-modified: Mon, 12 Jul 2021 23:25:14 GMT
accept-ranges: bytes
content-length: 15192
date: Wed, 25 Jan 2023 11:44:51 GMT
vary: User-Agent
content-security-policy: upgrade-insecure-requests;
access-control-allow-origin: *
X-Firefox-Spdy: h2
inklinkor.com/tag.min.js
172.67.211.29200 OK 26 kB IP 172.67.211.29:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 0c5f16f3c9ad31ea5a0911ee2218b373
ab9423395e13944ac015c8de2dfee027b953ca6d
c3b2a225a03251bc9bf6c0403efaf0ca8ca4c1af70960fd182b7c0e2d0ebff5a
GET /tag.min.js HTTP/1.1
Host: inklinkor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 11:44:55 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: 9e8f04184919ab8fe80258fbea0b0ab8
cache-control: max-age=86400
last-modified: Mon, 23 Jan 2023 15:51:55 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Thu, 26 Jan 2023 10:27:48 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 4627
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XeBAzqlou7rhAk6OSWfhloKjV7T2YDnO0kp37dX8j5ABRfF9UwF%2BNEI%2BfQUAWsyKRUA9qce8KJ9JqKyIP0c%2F%2BgwVLUnxDHzg6810epPkZr4Y8YlrE6uIZ1ZmSOQJ2Xr2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78f0c2786951b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
shown.io/metrics/R53alDAe02
52.186.64.46200 OK 872 B URL HTTP/2 shown.io/metrics/R53alDAe02
IP 52.186.64.46:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (1655)
Hash e4fbf387838aaa3dfa14daab8b25a5c7
28809392f65eeaa3c9b468bb66955b8425258d3a
50403b066f32b87ad6683786f1328115882c01af3f209a461e9a74fa37c3765d
GET /metrics/R53alDAe02 HTTP/1.1
Host: shown.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nya.bz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-headers: Upgrade-Insecure-Requests
cache-control: no-cache, private
content-encoding: gzip
content-type: application/x-javascript
date: Wed, 25 Jan 2023 11:44:56 GMT
feature-policy: none
referrer-policy: same-origin
server: Apache/2.4.52 (Ubuntu)
set-cookie: XSRF-TOKEN=eyJpdiI6IkVYM1puOWFnR29QaklxZThnUEo1ZlE9PSIsInZhbHVlIjoidkNmWnptU0NNalpKVjFjUlBVNXYxZkwrTHJjT2tEVGYxM2RhMkx3V0FxaTlqZVJpaExobEkzUUVPazVGSVJudkU4YmR0TWVPK1hsb3hOa0pQVGJCQmUybVBiNGRTcWpPMnpINWdFSVJ3SjIxVExuNXJ5czlSTkE0NG5mQVY3TlEiLCJtYWMiOiIyMjVhNDRlMWRhZjU3NjUxMDgzMGVjOTYwODk4MTliMjVhNjUyZDRlN2QxN2JlMzExZjM0NDAzNDNiMDlkMDhjIiwidGFnIjoiIn0%3D; expires=Mon, 02 Oct 2023 11:44:56 GMT; Max-Age=21600000; path=/
shown_session=eyJpdiI6IkhENUhsWkhSQTAxWjJVKzZ6N1dqOFE9PSIsInZhbHVlIjoiMWJJTXFSeUZwcjZDUk4rUGFxTDhYZ2ZZRTNHNGQxbW9neE52WWlSN3lxK0dHTGkzU1ZFQkZFUm5kTzlkRkE1SThxT1dhUlZpeXFvQncxVGpndVQ3MHdQZERtZ2daQUQwL2lleVlHcGVaZmlOY1o5TStSS01odWZIZnl5Si9vaVciLCJtYWMiOiJlYzY2ZTAyMDlhYWI3NGM1Mzg0Y2Y2MmVmNGUxM2RkZWJkMWI5ZjA3YmExNTdkMzhlZmZmYjVmMDVkMGRlNGY2IiwidGFnIjoiIn0%3D; expires=Mon, 02 Oct 2023 11:44:56 GMT; Max-Age=21600000; path=/; httponly
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-id: e8ea8d9c-c016-4c71-8b59-1732a014009f
x-xss-protection: 1; mode=block
content-length: 872
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1e4570f38af3527ee294225dc18caea7
f7e50a13107afcaed36374ec339410c396ff0ef3
1c2b19bcfedb0d7231d7c88efa7dea761e7f31ac30322f2b3aacf8145597c771
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1C2B19BCFEDB0D7231D7C88EFA7DEA761E7F31AC30322F2B3AACF8145597C771"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1838
Expires: Wed, 25 Jan 2023 12:15:34 GMT
Date: Wed, 25 Jan 2023 11:44:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1e4570f38af3527ee294225dc18caea7
f7e50a13107afcaed36374ec339410c396ff0ef3
1c2b19bcfedb0d7231d7c88efa7dea761e7f31ac30322f2b3aacf8145597c771
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1C2B19BCFEDB0D7231D7C88EFA7DEA761E7F31AC30322F2B3AACF8145597C771"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1838
Expires: Wed, 25 Jan 2023 12:15:34 GMT
Date: Wed, 25 Jan 2023 11:44:56 GMT
Connection: keep-alive
e2ertt.com/bucket
139.45.197.233204 No Content 0 B IP 139.45.197.233:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /bucket HTTP/1.1
Host: e2ertt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://zbnfps.cf/
Origin: https://zbnfps.cf
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Wed, 25 Jan 2023 11:44:56 GMT
access-control-allow-origin: https://zbnfps.cf
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
e2ertt.com/bucket
139.45.197.233200 OK 0 B IP 139.45.197.233:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /bucket HTTP/1.1
Host: e2ertt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/json
Content-Length: 594
Origin: https://zbnfps.cf
Connection: keep-alive
Referer: https://zbnfps.cf/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 11:44:56 GMT
content-length: 0
access-control-allow-origin: https://zbnfps.cf
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
www.adsmatcher.com/api/viewability.min.js?ver=6.1.1
188.165.5.107200 OK 207 B URL HTTP/2 www.adsmatcher.com/api/viewability.min.js?ver=6.1.1
IP 188.165.5.107:0
File type ASCII text, with CRLF line terminators
Hash 870afae59cf4b389d2c48054b5998db0
e3f23635da30ee919f64fe00d516d48d2121fe15
80764b262ffe1804834038dce1edf3093716c913724f67b9fd9692e0108251cf
GET /api/viewability.min.js?ver=6.1.1 HTTP/1.1
Host: www.adsmatcher.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 25 Jan 2023 11:44:57 GMT
content-type: application/javascript
content-length: 207
server: Apache
last-modified: Thu, 08 Sep 2022 22:02:30 GMT
accept-ranges: bytes
cache-control: max-age=900
expires: Wed, 25 Jan 2023 11:59:57 GMT
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?render=6LfEXOQjAAAAABrzrXbC1Bq1e1Dg19kXbbzIJoOg&ver=3.0
142.250.74.164200 OK 585 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6LfEXOQjAAAAABrzrXbC1Bq1e1Dg19kXbbzIJoOg&ver=3.0
IP 142.250.74.164:0
File type ASCII text, with very long lines (884), with no line terminators
Hash 8c58e116e3195cbe6e53d22279e98405
5774c73dd092f6dcfc3868d0601e702e7675f58c
7933e98603b12c36e9a33bcf9dab15270147980df08b77145ff2f9432693dc9b
GET /recaptcha/api.js?render=6LfEXOQjAAAAABrzrXbC1Bq1e1Dg19kXbbzIJoOg&ver=3.0 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
expires: Wed, 25 Jan 2023 11:44:57 GMT
date: Wed, 25 Jan 2023 11:44:57 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 585
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
X-Firefox-Early-Data: accepted
zbnfps.cf/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=6.1.1
45.152.46.6200 OK 237 B URL HTTP/2 zbnfps.cf/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=6.1.1
IP 45.152.46.6:0
Hash c91e1bbe4e87ed37df5194bb04fe2aff
5511084b9c7101c0a77d7641f181c07202c2b19f
7d375156d026c3447eb2c3c8465cb3035317180b961b4b627cc7c6f9cf4f63c0
GET /wp-content/plugins/gtranslate/gtranslate-style24.css?ver=6.1.1 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Cookie: gt_auto_switch=1; _lscache_vary=94e5bf7938206be54e1bc9042eabefb5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:58 GMT
content-type: text/css
last-modified: Thu, 19 Jan 2023 02:44:29 GMT
etag: "2b5-63c8ae8d-ba555c3f79964fe4;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 237
date: Wed, 25 Jan 2023 11:44:58 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
45.152.46.6200 OK 11 kB URL HTTP/2 zbnfps.cf/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 45.152.46.6:0
File type ASCII text, with very long lines (47826)
Hash ba5eac37229008eef8a48bb9c12da241
95a3100a0d65a7bd0ebeba66a7ef01146cf96a24
60a4012feb8a3fb3b7f5d411ee9241e12c9ef0e5b33f249aea1b1ad103a71c0f
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Cookie: gt_auto_switch=1; _lscache_vary=94e5bf7938206be54e1bc9042eabefb5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:58 GMT
content-type: text/css
last-modified: Tue, 06 Dec 2022 06:41:15 GMT
etag: "172a9-638ee40b-cf07414d7dfacbf6;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11353
date: Wed, 25 Jan 2023 11:44:58 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/wp-includes/css/classic-themes.min.css?ver=1
45.152.46.6200 OK 217 B URL HTTP/2 zbnfps.cf/wp-includes/css/classic-themes.min.css?ver=1
IP 45.152.46.6:0
Hash 95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Cookie: gt_auto_switch=1; _lscache_vary=94e5bf7938206be54e1bc9042eabefb5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:58 GMT
content-type: text/css
last-modified: Tue, 06 Dec 2022 06:41:15 GMT
etag: "d9-638ee40b-71cde2b864f2b2c4;;;"
accept-ranges: bytes
content-length: 217
date: Wed, 25 Jan 2023 11:44:58 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.2
45.152.46.6200 OK 869 B URL HTTP/2 zbnfps.cf/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.2
IP 45.152.46.6:0
Hash 6288d6d52253c18598b740ee1169d4f1
dc364cb90c2b1b076bea4e347554d3bd9fd8a475
8d7330cc7b18dc516b54c96d17296a3d4d475bacc165078441d7aad844b12621
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.2 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Cookie: gt_auto_switch=1; _lscache_vary=94e5bf7938206be54e1bc9042eabefb5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:58 GMT
content-type: text/css
last-modified: Thu, 05 Jan 2023 06:52:27 GMT
etag: "af3-63b673ab-9b2340e32e0e31ec;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 869
date: Wed, 25 Jan 2023 11:44:58 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/wp-content/plugins/complianz-gdpr/assets/css/cookieblocker.min.css?ver=6.4.0
45.152.46.6200 OK 618 B URL HTTP/2 zbnfps.cf/wp-content/plugins/complianz-gdpr/assets/css/cookieblocker.min.css?ver=6.4.0
IP 45.152.46.6:0
File type ASCII text, with very long lines (2853), with no line terminators
Hash 7f53bca2ff9891ebe6ad5d2a69a47ec3
e83f49dd187e6f7178fec19ee510059ebd0ab1cb
f7d1ac5a034a73ab16ea8ca628ecab70360b099cfea9c6c971bfb2133aca1ac1
GET /wp-content/plugins/complianz-gdpr/assets/css/cookieblocker.min.css?ver=6.4.0 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Cookie: gt_auto_switch=1; _lscache_vary=94e5bf7938206be54e1bc9042eabefb5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:58 GMT
content-type: text/css
last-modified: Wed, 18 Jan 2023 17:31:07 GMT
etag: "b25-63c82cdb-cfa407fe2d2b0f64;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 618
date: Wed, 25 Jan 2023 11:44:58 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/wp-content/uploads/maxmegamenu/style.css?ver=5c98a3
45.152.46.6200 OK 7.1 kB URL HTTP/2 zbnfps.cf/wp-content/uploads/maxmegamenu/style.css?ver=5c98a3
IP 45.152.46.6:0
File type ASCII text, with very long lines (1050)
Hash 4c58571722984263892e6d532dddaf46
25b001028cdb2f609b22e0a4b67ccaea67cbe5de
b2992e8fb2df3c493f7e433653cdbf8453fa387aa0a16b63f8fbc87a4ddc1c7b
GET /wp-content/uploads/maxmegamenu/style.css?ver=5c98a3 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Cookie: gt_auto_switch=1; _lscache_vary=94e5bf7938206be54e1bc9042eabefb5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:58 GMT
content-type: text/css
last-modified: Wed, 25 Jan 2023 11:14:32 GMT
etag: "173ba-63d10f18-12b00d40ccfc3e39;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7146
date: Wed, 25 Jan 2023 11:44:58 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/wp-includes/css/dashicons.min.css?ver=6.1.1
45.152.46.6200 OK 35 kB URL HTTP/2 zbnfps.cf/wp-includes/css/dashicons.min.css?ver=6.1.1
IP 45.152.46.6:0
File type ASCII text, with very long lines (58981)
Hash 5e0ff4a00665a71941067cb099cfa44c
fffe235e5fb7b54bc327f32847ec762b5af61654
3bd61ee6e6c53c7f58719e64cd26a87afbf403dc68388d763701f139a82e9ad1
GET /wp-includes/css/dashicons.min.css?ver=6.1.1 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Cookie: gt_auto_switch=1; _lscache_vary=94e5bf7938206be54e1bc9042eabefb5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:58 GMT
content-type: text/css
last-modified: Tue, 06 Dec 2022 06:41:15 GMT
etag: "e688-638ee40b-eeb2833dcf12b711;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 35099
date: Wed, 25 Jan 2023 11:44:58 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/wp-content/plugins/megamenu-pro/icons/genericons/genericons/genericons.css?ver=2.2.4
45.152.46.6200 OK 16 kB URL HTTP/2 zbnfps.cf/wp-content/plugins/megamenu-pro/icons/genericons/genericons/genericons.css?ver=2.2.4
IP 45.152.46.6:0
File type ASCII text, with very long lines (19226)
Hash 31f8f71cb1ff9405239d38e4863c97f5
3114c8efc3fea434f99713d4fda21fc728c7931d
8fbef9dd994842f511e39962d6321e5d7e3f7f5428328c4575992bf81ebfeca9
GET /wp-content/plugins/megamenu-pro/icons/genericons/genericons/genericons.css?ver=2.2.4 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Cookie: gt_auto_switch=1; _lscache_vary=94e5bf7938206be54e1bc9042eabefb5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:58 GMT
content-type: text/css
last-modified: Sun, 01 Jan 2023 03:52:55 GMT
etag: "6b84-63b10397-7b79784126e5a6d8;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 16212
date: Wed, 25 Jan 2023 11:44:58 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/wp-content/plugins/megamenu-pro/icons/fontawesome/css/font-awesome.min.css?ver=2.2.4
45.152.46.6200 OK 6.6 kB URL HTTP/2 zbnfps.cf/wp-content/plugins/megamenu-pro/icons/fontawesome/css/font-awesome.min.css?ver=2.2.4
IP 45.152.46.6:0
File type ASCII text, with very long lines (30837)
Hash b8c655d76feed5e34fcacac29f060170
41590916c5f2bbd8354d5002171bc2bc0a2c5cee
a8825f3d29353514ef7f5c8e5bcf286ae4df70e248fcedc02e4e184cc6c64650
GET /wp-content/plugins/megamenu-pro/icons/fontawesome/css/font-awesome.min.css?ver=2.2.4 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Cookie: gt_auto_switch=1; _lscache_vary=94e5bf7938206be54e1bc9042eabefb5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:58 GMT
content-type: text/css
last-modified: Sun, 01 Jan 2023 03:52:55 GMT
etag: "7918-63b10397-9813ce3123d16482;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6628
date: Wed, 25 Jan 2023 11:44:58 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/wp-content/plugins/megamenu-pro/icons/fontawesome5/css/all.min.css?ver=2.2.4
45.152.46.6200 OK 11 kB URL HTTP/2 zbnfps.cf/wp-content/plugins/megamenu-pro/icons/fontawesome5/css/all.min.css?ver=2.2.4
IP 45.152.46.6:0
File type ASCII text, with very long lines (55139)
Hash 839c7004277f415c64b4fce794e516e3
321c98e16b593b03afa0e07fdd5de5968c8155aa
2624be2dc187b8c0349644dc0fdfd2d2752f7e2076f283f84ae16c550b8bfa8d
GET /wp-content/plugins/megamenu-pro/icons/fontawesome5/css/all.min.css?ver=2.2.4 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Cookie: gt_auto_switch=1; _lscache_vary=94e5bf7938206be54e1bc9042eabefb5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:58 GMT
content-type: text/css
last-modified: Sun, 01 Jan 2023 03:52:54 GMT
etag: "d81d-63b10396-196c02387eff8d7a;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11270
date: Wed, 25 Jan 2023 11:44:58 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/wp-content/themes/oceanwp/assets/css/third/simple-line-icons.min.css?ver=2.4.0
45.152.46.6200 OK 2.3 kB URL HTTP/2 zbnfps.cf/wp-content/themes/oceanwp/assets/css/third/simple-line-icons.min.css?ver=2.4.0
IP 45.152.46.6:0
File type ASCII text, with very long lines (10927), with no line terminators
Hash 49872e008158ea7eafb333619bdfd729
3b614e913175dd339ebb9f2f432bde78f1a52838
bb1aa8d0a7becbb677118efe065f7c176220675611d11e9f1d3eea44f9aad057
GET /wp-content/themes/oceanwp/assets/css/third/simple-line-icons.min.css?ver=2.4.0 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Cookie: gt_auto_switch=1; _lscache_vary=94e5bf7938206be54e1bc9042eabefb5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:58 GMT
content-type: text/css
last-modified: Thu, 12 Jan 2023 23:59:24 GMT
etag: "2aaf-63c09edc-1bb255322e4125e7;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2299
date: Wed, 25 Jan 2023 11:44:58 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
45.152.46.6200 OK 4.0 kB URL HTTP/2 zbnfps.cf/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 45.152.46.6:0
File type ASCII text, with very long lines (11126)
Hash 4116c2be947ecf205a0c7fc117ca55f0
0cd8efc9fe349d67a86b49d1e5582a9b21d05add
6b1970b536b88a18b0eb4fe138e677b9736294057660676507fabee57cb0462c
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Cookie: gt_auto_switch=1; _lscache_vary=94e5bf7938206be54e1bc9042eabefb5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:58 GMT
content-type: application/x-javascript
last-modified: Tue, 06 Dec 2022 06:41:15 GMT
etag: "2bd8-638ee40b-117d151c22c64622;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3984
date: Wed, 25 Jan 2023 11:44:58 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/wp-content/plugins/go-night-pro/public/js/go-night-pro.js?ver=1.1.0
45.152.46.6200 OK 2.5 kB URL HTTP/2 zbnfps.cf/wp-content/plugins/go-night-pro/public/js/go-night-pro.js?ver=1.1.0
IP 45.152.46.6:0
Hash b6a0fe69fb3eacc7167bb3b728fc5292
918e2e7379d2bd77225b8511f58ff0b3389d41d3
f815b203f64e29cd97a9c99945f75effe7e7028d368890125a01d04676376eb2
GET /wp-content/plugins/go-night-pro/public/js/go-night-pro.js?ver=1.1.0 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Cookie: gt_auto_switch=1; _lscache_vary=94e5bf7938206be54e1bc9042eabefb5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:58 GMT
content-type: application/x-javascript
last-modified: Sun, 01 Jan 2023 06:57:30 GMT
etag: "3ca3-63b12eda-4af0f5c400a1615e;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2450
date: Wed, 25 Jan 2023 11:44:58 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/wp-content/themes/oceanwp/assets/fonts/fontawesome/css/all.min.css?ver=5.15.1
45.152.46.6200 OK 12 kB URL HTTP/2 zbnfps.cf/wp-content/themes/oceanwp/assets/fonts/fontawesome/css/all.min.css?ver=5.15.1
IP 45.152.46.6:0
File type ASCII text, with very long lines (59158), with CRLF line terminators
Hash 09087f97e4fb8b6b1008983e218e1207
560c1faa9ef8c74d9fd28984abbe54495e0ae246
13bb9d1c7b0a987b60278d9f0f5c9a494dfa5b09f7f4aa84318a392a6d1e0acc
GET /wp-content/themes/oceanwp/assets/fonts/fontawesome/css/all.min.css?ver=5.15.1 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Cookie: gt_auto_switch=1; _lscache_vary=94e5bf7938206be54e1bc9042eabefb5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:58 GMT
content-type: text/css
last-modified: Thu, 12 Jan 2023 23:59:24 GMT
etag: "e7d4-63c09edc-16dcb1fdaea156d;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12323
date: Wed, 25 Jan 2023 11:44:58 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
45.152.46.6200 OK 4.6 kB URL HTTP/2 zbnfps.cf/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 45.152.46.6:0
File type ASCII text, with very long lines (15660)
Hash 4402e98c197d70e9bc78b1da062e658a
b1d2477c6b1dfa9283d79a0a3944098dde573f68
4e646c55a8c057d08458aed4f913f5ae713e1351aadc0bcdf947bc48fb6a73ed
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Cookie: gt_auto_switch=1; _lscache_vary=94e5bf7938206be54e1bc9042eabefb5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:58 GMT
content-type: application/x-javascript
last-modified: Tue, 06 Dec 2022 06:41:15 GMT
etag: "48b9-638ee40b-8cb8130dff302938;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4572
date: Wed, 25 Jan 2023 11:44:58 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/wp-content/themes/oceanwp/assets/css/style.min.css?ver=3.4.1
45.152.46.6200 OK 25 kB URL HTTP/2 zbnfps.cf/wp-content/themes/oceanwp/assets/css/style.min.css?ver=3.4.1
IP 45.152.46.6:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (65525), with no line terminators
Hash 66b69180adf2e2da1f037b9bc484791d
2876098ccff3c3d0e1c297ae07ec3226467bda91
3ff396983506fc07ca91ef32c365bf2f91abe35f0db7cc5e808432eab9b369c5
GET /wp-content/themes/oceanwp/assets/css/style.min.css?ver=3.4.1 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Cookie: gt_auto_switch=1; _lscache_vary=94e5bf7938206be54e1bc9042eabefb5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:58 GMT
content-type: text/css
last-modified: Thu, 12 Jan 2023 23:59:24 GMT
etag: "2b609-63c09edc-6cb4357509c4026d;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 24645
date: Wed, 25 Jan 2023 11:44:58 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/wp-content/plugins/brizy/public/editor-build/251-wp/editor/css/preview.css?ver=2.4.14
45.152.46.6200 OK 29 kB URL HTTP/2 zbnfps.cf/wp-content/plugins/brizy/public/editor-build/251-wp/editor/css/preview.css?ver=2.4.14
IP 45.152.46.6:0
File type assembler source, ASCII text
Hash 0db1addefb891c575f6192aab3d0dad6
5b7050d41dbcdb442402631369430eef36a4ba8d
235c37eabc15757904741e3f0fe9ddb4bf892ff8203dc793a55e5fdaf1269d54
GET /wp-content/plugins/brizy/public/editor-build/251-wp/editor/css/preview.css?ver=2.4.14 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Cookie: gt_auto_switch=1; _lscache_vary=94e5bf7938206be54e1bc9042eabefb5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:58 GMT
content-type: text/css
last-modified: Sun, 01 Jan 2023 03:57:05 GMT
etag: "46c23-63b10491-c421cd359056bdf4;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 29046
date: Wed, 25 Jan 2023 11:44:58 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
45.152.46.6200 OK 30 kB URL HTTP/2 zbnfps.cf/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 45.152.46.6:0
File type ASCII text, with very long lines (65447)
Hash cdbbc979b5a5de31a3ac8296e0ef489e
b83000eb74956c3404fb58c87e95aed5bab2ed19
48a6489945365cddb4c75af60f1e6a8a15d6598a1596ef18eb1b4aaad33e96f3
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Cookie: gt_auto_switch=1; _lscache_vary=94e5bf7938206be54e1bc9042eabefb5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:58 GMT
content-type: application/x-javascript
last-modified: Tue, 06 Dec 2022 06:41:15 GMT
etag: "15e54-638ee40b-db20a054c2b3f09;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30075
date: Wed, 25 Jan 2023 11:44:58 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/wp-content/plugins/adsmatcher-anti-adblock/src/style.css?ver=1.0
45.152.46.6200 OK 131 B URL HTTP/2 zbnfps.cf/wp-content/plugins/adsmatcher-anti-adblock/src/style.css?ver=1.0
IP 45.152.46.6:0
File type ASCII text, with CRLF line terminators
Hash 46e64b760660515269253dc3f4dc9d41
33fada1fddcdbe4e35975024df67fc8aea1500ee
46630d086122b583c7ab0a607697e8fee87e360d47efe0e24e44fd2714064840
GET /wp-content/plugins/adsmatcher-anti-adblock/src/style.css?ver=1.0 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Cookie: gt_auto_switch=1; _lscache_vary=94e5bf7938206be54e1bc9042eabefb5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:58 GMT
content-type: text/css
last-modified: Sun, 01 Jan 2023 07:45:46 GMT
etag: "181-63b13a2a-5d5596f1ec2284d;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 131
date: Wed, 25 Jan 2023 11:44:58 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
fonts.bunny.net/css?family=Overpass%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C700%2C700italic%2C900%2C900italic&subset=arabic%2Cbengali%2Ccyrillic%2Ccyrillic-ext%2Cdevanagari%2Cgreek%2Cgreek-ext%2Cgujarati%2Chebrew%2Ckhmer%2Ckorean%2Clatin-ext%2Ctamil%2Ctelugu%2Cthai%2Cvietnamese&display=swap&ver=2.4.14
194.242.11.186200 OK 4.4 kB URL HTTP/2 fonts.bunny.net/css?family=Overpass%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C700%2C700italic%2C900%2C900italic&subset=arabic%2Cbengali%2Ccyrillic%2Ccyrillic-ext%2Cdevanagari%2Cgreek%2Cgreek-ext%2Cgujarati%2Chebrew%2Ckhmer%2Ckorean%2Clatin-ext%2Ctamil%2Ctelugu%2Cthai%2Cvietnamese&display=swap&ver=2.4.14
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
Hash 29e1f7531d9c0647eb0bdc471c4c51bd
a514d490abcbd21fd60192dfc6419dd4ca61e901
614389acfb24bdd8dc447e68fb25d0e095f5f6eac632764296a5f26a1f5d1dce
GET /css?family=Overpass%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C700%2C700italic%2C900%2C900italic&subset=arabic%2Cbengali%2Ccyrillic%2Ccyrillic-ext%2Cdevanagari%2Cgreek%2Cgreek-ext%2Cgujarati%2Chebrew%2Ckhmer%2Ckorean%2Clatin-ext%2Ctamil%2Ctelugu%2Cthai%2Cvietnamese&display=swap&ver=2.4.14 HTTP/1.1
Host: fonts.bunny.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 25 Jan 2023 11:44:57 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
server: BunnyCDN-NO1-830
cdn-pullzone: 781720
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
last-modified: Mon, 09 Jan 2023 10:45:37 GMT
x-do-app-origin: 1fb91846-e6b7-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/09/2023 10:45:37
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 2d862e2c2b040ad911221e43ea60b773
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
zbnfps.cf/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2
45.152.46.6200 OK 3.8 kB URL HTTP/2 zbnfps.cf/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2
IP 45.152.46.6:0
File type HTML document, ASCII text, with very long lines (12652), with no line terminators
Hash cd0eced22a64629c058f64561017e982
26e5dbbc20363b23f616b2a80a4f6b65d83d9df7
0e0e6912cb42930a5802fd0fc9b37f93d1f55bbb18b9e482e11a1808bdc0328b
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.2 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Cookie: gt_auto_switch=1; _lscache_vary=94e5bf7938206be54e1bc9042eabefb5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:58 GMT
content-type: application/x-javascript
last-modified: Thu, 05 Jan 2023 06:52:27 GMT
etag: "316c-63b673ab-e1bf1d7e21b62819;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3819
date: Wed, 25 Jan 2023 11:44:58 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/wp-includes/js/imagesloaded.min.js?ver=4.1.4
45.152.46.6200 OK 1.7 kB URL HTTP/2 zbnfps.cf/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP 45.152.46.6:0
File type ASCII text, with very long lines (5477)
Hash 93959a5158be6c97592ece6ddbcd8e0d
673b0f242cb57dabc937e3087f07b819eef894cb
069b47444242f525c2bc284f96b24126f92068bcc7d278d5787641dfa20c0fdf
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Cookie: gt_auto_switch=1; _lscache_vary=94e5bf7938206be54e1bc9042eabefb5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:58 GMT
content-type: application/x-javascript
last-modified: Tue, 06 Dec 2022 06:41:15 GMT
etag: "15fd-638ee40b-c0325116be9ff97;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1721
date: Wed, 25 Jan 2023 11:44:58 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/wp-content/themes/oceanwp/assets/js/theme.min.js?ver=3.4.1
45.152.46.6200 OK 4.0 kB URL HTTP/2 zbnfps.cf/wp-content/themes/oceanwp/assets/js/theme.min.js?ver=3.4.1
IP 45.152.46.6:0
File type ASCII text, with very long lines (19789), with no line terminators
Hash f78d52bad39a2228ffd3345083722861
4eb230a210f8e0f17c4a21e3b36cfdad2c52bd63
3ef63dcef86f0d478f355fc51dd344cb7bc7b4189fce2462416bd37c03030043
GET /wp-content/themes/oceanwp/assets/js/theme.min.js?ver=3.4.1 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Cookie: gt_auto_switch=1; _lscache_vary=94e5bf7938206be54e1bc9042eabefb5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:58 GMT
content-type: application/x-javascript
last-modified: Thu, 12 Jan 2023 23:59:24 GMT
etag: "4d4d-63c09edc-932adf006c416e2f;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4007
date: Wed, 25 Jan 2023 11:44:58 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/wp-content/themes/oceanwp/assets/js/drop-down-mobile-menu.min.js?ver=3.4.1
45.152.46.6200 OK 3.4 kB URL HTTP/2 zbnfps.cf/wp-content/themes/oceanwp/assets/js/drop-down-mobile-menu.min.js?ver=3.4.1
IP 45.152.46.6:0
File type ASCII text, with very long lines (14087), with no line terminators
Hash b48a0ab4c87779b421c9455f2150e3a5
f2b4db173287170d872e7cc9947db18d8397e0a7
205f866c71f224b538b874308c2392e9405907cffa58079a6d064a3fa99aa6d9
GET /wp-content/themes/oceanwp/assets/js/drop-down-mobile-menu.min.js?ver=3.4.1 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Cookie: gt_auto_switch=1; _lscache_vary=94e5bf7938206be54e1bc9042eabefb5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:58 GMT
content-type: application/x-javascript
last-modified: Thu, 12 Jan 2023 23:59:24 GMT
etag: "3707-63c09edc-be4bf2330075cd0f;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3385
date: Wed, 25 Jan 2023 11:44:58 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/wp-content/themes/oceanwp/assets/js/drop-down-search.min.js?ver=3.4.1
45.152.46.6200 OK 1.9 kB URL HTTP/2 zbnfps.cf/wp-content/themes/oceanwp/assets/js/drop-down-search.min.js?ver=3.4.1
IP 45.152.46.6:0
File type ASCII text, with very long lines (7540), with no line terminators
Hash 1dbeb6501d9b4a481ccf0416c9ea1679
e1db7634f3e638b70d10d481446fe17cc5065dbb
76b7ae4babacb6a26917254430f526a14df68f108c994f518510cf88ee7d8dc5
GET /wp-content/themes/oceanwp/assets/js/drop-down-search.min.js?ver=3.4.1 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Cookie: gt_auto_switch=1; _lscache_vary=94e5bf7938206be54e1bc9042eabefb5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:58 GMT
content-type: application/x-javascript
last-modified: Thu, 12 Jan 2023 23:59:24 GMT
etag: "1d74-63c09edc-204c57ccccf6ea2f;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1933
date: Wed, 25 Jan 2023 11:44:58 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/wp-content/themes/oceanwp/assets/js/vendors/magnific-popup.min.js?ver=3.4.1
45.152.46.6200 OK 7.0 kB URL HTTP/2 zbnfps.cf/wp-content/themes/oceanwp/assets/js/vendors/magnific-popup.min.js?ver=3.4.1
IP 45.152.46.6:0
File type ASCII text, with very long lines (20087), with CRLF line terminators
Hash d2aac2f268aeca5fd099843ce92635c8
631c135ebeb6203a98b5b87c92600fbc0b6d15cf
cfd523fe2e5f0f32a9cafe1b11e59b2e5c4ee95ebddb33707f0703f75519b3fd
GET /wp-content/themes/oceanwp/assets/js/vendors/magnific-popup.min.js?ver=3.4.1 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Cookie: gt_auto_switch=1; _lscache_vary=94e5bf7938206be54e1bc9042eabefb5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:58 GMT
content-type: application/x-javascript
last-modified: Thu, 12 Jan 2023 23:59:24 GMT
etag: "4efb-63c09edc-1f604f68d2a4364b;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7034
date: Wed, 25 Jan 2023 11:44:58 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
fonts.bunny.net/css?family=Overpass%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C700%2C700italic%2C900%2C900italic&subset=arabic%2Cbengali%2Ccyrillic%2Ccyrillic-ext%2Cdevanagari%2Cgreek%2Cgreek-ext%2Cgujarati%2Chebrew%2Ckhmer%2Ckorean%2Clatin-ext%2Ctamil%2Ctelugu%2Cthai%2Cvietnamese&display=swap&ver=2.4.14
194.242.11.186200 OK 2.8 kB URL HTTP/2 fonts.bunny.net/css?family=Overpass%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C700%2C700italic%2C900%2C900italic&subset=arabic%2Cbengali%2Ccyrillic%2Ccyrillic-ext%2Cdevanagari%2Cgreek%2Cgreek-ext%2Cgujarati%2Chebrew%2Ckhmer%2Ckorean%2Clatin-ext%2Ctamil%2Ctelugu%2Cthai%2Cvietnamese&display=swap&ver=2.4.14
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
Hash 5b80ced62c5893f78eab01fed7312c0e
b489652f97666df5edc6b90e3fea2edb35967a00
b1a2ed26cd36fbae0fd635d8cede3bba0345d2330185be7560053735a48ccc6d
GET /css?family=Overpass%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C300%2C300italic%2Cregular%2Citalic%2C700%2C700italic%2C900%2C900italic&subset=arabic%2Cbengali%2Ccyrillic%2Ccyrillic-ext%2Cdevanagari%2Cgreek%2Cgreek-ext%2Cgujarati%2Chebrew%2Ckhmer%2Ckorean%2Clatin-ext%2Ctamil%2Ctelugu%2Cthai%2Cvietnamese&display=swap&ver=2.4.14 HTTP/1.1
Host: fonts.bunny.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 11:44:54 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
server: BunnyCDN-NO1-830
cdn-pullzone: 781720
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
last-modified: Mon, 09 Jan 2023 10:45:37 GMT
x-do-app-origin: 1fb91846-e6b7-11ec-b1dc-0c42a19a82a7
x-do-orig-status: 200
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/09/2023 10:45:37
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: f582e2b4b40e81a4e84f6d910c974649
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
arsnivyr.com/1?z=5673570
139.45.197.242200 OK 20 kB IP 139.45.197.242:0
Hash 25234ee748ba628aab60f1b459df1166
2c38332ea0bcd142b134a493875df5a13138226c
9b2a5336abcb92bf5f8ccebda8995a04fafa4119027314efeaaa485181675b17
GET /1?z=5673570 HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 11:44:54 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: ab6c2cb8c0ab601c078cf50197c218b5
access-control-expose-headers: X-Sc
x-sc: w_RCgZVBXDE2OlrswjZzM7hfYxtcdjzeYmwcpEbnb9F7DJC-8FIPRdF2imm1h6dwmvZ_5PtFy7O-0x2U97RZzuwhNME=
set-cookie: scm=1; expires=Thu, 25 Jan 2024 11:44:54 GMT; secure; SameSite=None
OAID=4521fc1787354b4285ad4572fb508ba9; expires=Thu, 25 Jan 2024 11:44:54 GMT; secure; SameSite=None
oaidts=1674647094; expires=Thu, 25 Jan 2024 11:44:54 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
zbnfps.cf/wp-content/themes/oceanwp/assets/js/ow-slider.min.js?ver=3.4.1
45.152.46.6200 OK 813 B URL HTTP/2 zbnfps.cf/wp-content/themes/oceanwp/assets/js/ow-slider.min.js?ver=3.4.1
IP 45.152.46.6:0
File type ASCII text, with very long lines (2002), with no line terminators
Hash 0ce36fe5419f25e4cc98a9fcd810f16a
4678f65d08f9fd70a3648e548c6e365c242bfc14
53839153c2189711942a59093a6e2dd127638807d1b4d32e641d898fa0595c02
GET /wp-content/themes/oceanwp/assets/js/ow-slider.min.js?ver=3.4.1 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Cookie: gt_auto_switch=1; _lscache_vary=94e5bf7938206be54e1bc9042eabefb5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:58 GMT
content-type: application/x-javascript
last-modified: Thu, 12 Jan 2023 23:59:24 GMT
etag: "7d2-63c09edc-6baabccb52c2a4b7;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 813
date: Wed, 25 Jan 2023 11:44:58 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/wp-content/themes/oceanwp/assets/js/scroll-effect.min.js?ver=3.4.1
45.152.46.6200 OK 2.9 kB URL HTTP/2 zbnfps.cf/wp-content/themes/oceanwp/assets/js/scroll-effect.min.js?ver=3.4.1
IP 45.152.46.6:0
File type ASCII text, with very long lines (11887), with no line terminators
Hash 836931547dda4faf8ff4928f938401c5
95a67c5cd02e39a78d093169fbc3ff943a6b6f4b
52f7c074c6feb817aba9b4988c32e1d44d6fdff04b3753307db04ca4f7e0a2ba
GET /wp-content/themes/oceanwp/assets/js/scroll-effect.min.js?ver=3.4.1 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Cookie: gt_auto_switch=1; _lscache_vary=94e5bf7938206be54e1bc9042eabefb5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:58 GMT
content-type: application/x-javascript
last-modified: Thu, 12 Jan 2023 23:59:24 GMT
etag: "2e6f-63c09edc-8c916c8c33c9d2de;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2910
date: Wed, 25 Jan 2023 11:44:58 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/wp-content/themes/oceanwp/assets/js/scroll-top.min.js?ver=3.4.1
45.152.46.6200 OK 2.1 kB URL HTTP/2 zbnfps.cf/wp-content/themes/oceanwp/assets/js/scroll-top.min.js?ver=3.4.1
IP 45.152.46.6:0
File type ASCII text, with very long lines (8989), with no line terminators
Hash aec9e4911835756bd7b27fa2da403a9d
6372ca69f4e4db83c23e8539698edc0136429cd0
4e28365afc9861e70f454cc6cef50dc03b3acc43b8a09f4367fcfe5d2d8134ee
GET /wp-content/themes/oceanwp/assets/js/scroll-top.min.js?ver=3.4.1 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Cookie: gt_auto_switch=1; _lscache_vary=94e5bf7938206be54e1bc9042eabefb5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:58 GMT
content-type: application/x-javascript
last-modified: Thu, 12 Jan 2023 23:59:24 GMT
etag: "231d-63c09edc-b74e3045dad5855;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2145
date: Wed, 25 Jan 2023 11:44:58 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/wp-content/themes/oceanwp/assets/js/select.min.js?ver=3.4.1
45.152.46.6200 OK 1.4 kB URL HTTP/2 zbnfps.cf/wp-content/themes/oceanwp/assets/js/select.min.js?ver=3.4.1
IP 45.152.46.6:0
File type ASCII text, with very long lines (5181), with no line terminators
Hash 3de88d73132e582689b7c0649a6e2f04
1e267c67d59f1057f7487c33ee7b6e82c9b86218
194da2ac36a05e73f1520e80309e212ad135bce9abbdfff936512239f9fb16a7
GET /wp-content/themes/oceanwp/assets/js/select.min.js?ver=3.4.1 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Cookie: gt_auto_switch=1; _lscache_vary=94e5bf7938206be54e1bc9042eabefb5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:58 GMT
content-type: application/x-javascript
last-modified: Thu, 12 Jan 2023 23:59:24 GMT
etag: "143d-63c09edc-fec6ceea8690baae;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1389
date: Wed, 25 Jan 2023 11:44:58 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
45.152.46.6200 OK 2.3 kB URL HTTP/2 zbnfps.cf/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 45.152.46.6:0
File type ASCII text, with very long lines (6475), with no line terminators
Hash 80abfa68756de384aa21eb4bfa1abe6a
02c7125e1cce1a8bdb729e99bf2c19d74b65efea
e012a513b2e1c1ba041be3618086803d20629c5fd54a6fd1f13e8268cd326e17
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Cookie: gt_auto_switch=1; _lscache_vary=94e5bf7938206be54e1bc9042eabefb5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:58 GMT
content-type: application/x-javascript
last-modified: Tue, 06 Dec 2022 06:41:15 GMT
etag: "194b-638ee40b-f7934f66cb0221a7;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2349
date: Wed, 25 Jan 2023 11:44:58 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.7.2
45.152.46.6200 OK 439 B URL HTTP/2 zbnfps.cf/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.7.2
IP 45.152.46.6:0
File type ASCII text, with very long lines (999), with no line terminators
Hash 48557ae2759e292179c3f387b0ae4030
35fbacc402929aaa2ac835f268275fc01848e463
b2d66eafabc104a1b628f391e4f0b17804ce7e2bf1c96d732c6bfce50a6170f5
GET /wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.7.2 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Cookie: gt_auto_switch=1; _lscache_vary=94e5bf7938206be54e1bc9042eabefb5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:58 GMT
content-type: application/x-javascript
last-modified: Thu, 05 Jan 2023 06:52:27 GMT
etag: "3e7-63b673ab-6bf04b7fbfec3dcc;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 439
date: Wed, 25 Jan 2023 11:44:58 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/wp-includes/js/hoverIntent.min.js?ver=1.10.2
45.152.46.6200 OK 667 B URL HTTP/2 zbnfps.cf/wp-includes/js/hoverIntent.min.js?ver=1.10.2
IP 45.152.46.6:0
File type ASCII text, with very long lines (1464)
Hash f8111997dc7316758b3f6493ae575ab2
babe709de65ba4be6896404b49b353634002ab77
a1247c7a8290dd2e997827f0971758928e25b760759f79738be9eee8c18872cd
GET /wp-includes/js/hoverIntent.min.js?ver=1.10.2 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Cookie: gt_auto_switch=1; _lscache_vary=94e5bf7938206be54e1bc9042eabefb5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:58 GMT
content-type: application/x-javascript
last-modified: Tue, 06 Dec 2022 06:41:15 GMT
etag: "5db-638ee40b-c6bd83f361c07813;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 667
date: Wed, 25 Jan 2023 11:44:58 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/wp-content/plugins/megamenu/js/maxmegamenu.js?ver=3.1
45.152.46.6200 OK 4.6 kB URL HTTP/2 zbnfps.cf/wp-content/plugins/megamenu/js/maxmegamenu.js?ver=3.1
IP 45.152.46.6:0
File type ASCII text, with very long lines (315)
Hash 67f81f632004a8ebd5ef8939e2b1a7f6
3f6ab100d406c9c620db6d5364ece7a76c550474
bc3e0a0e265dbd61ae0791ec499fcc6aa33a1b3d40eb286d57d2fa0fc9baebf1
GET /wp-content/plugins/megamenu/js/maxmegamenu.js?ver=3.1 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Cookie: gt_auto_switch=1; _lscache_vary=94e5bf7938206be54e1bc9042eabefb5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:58 GMT
content-type: application/x-javascript
last-modified: Mon, 09 Jan 2023 17:20:27 GMT
etag: "79dd-63bc4cdb-a42fe98ac4298d85;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4580
date: Wed, 25 Jan 2023 11:44:58 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/wp-content/plugins/megamenu-pro/assets/public.js?ver=2.2.4
45.152.46.6200 OK 3.8 kB URL HTTP/2 zbnfps.cf/wp-content/plugins/megamenu-pro/assets/public.js?ver=2.2.4
IP 45.152.46.6:0
Hash e241ca212389a55015bd8c0bcd780202
4c8270d61c5a9b88697d4f74a3002a344611ed69
3cf9f04c16f5c8641b4d8e2ba20cad95d14e9a006e81afde50bb843d32accf14
GET /wp-content/plugins/megamenu-pro/assets/public.js?ver=2.2.4 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Cookie: gt_auto_switch=1; _lscache_vary=94e5bf7938206be54e1bc9042eabefb5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:58 GMT
content-type: application/x-javascript
last-modified: Sun, 01 Jan 2023 03:52:55 GMT
etag: "5e89-63b10397-b229ba3f206fbe2d;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3778
date: Wed, 25 Jan 2023 11:44:58 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/wp-content/plugins/brizy/public/editor-build/251-wp/editor/js/group-jq.js?ver=2.4.14
45.152.46.6200 OK 3.7 kB URL HTTP/2 zbnfps.cf/wp-content/plugins/brizy/public/editor-build/251-wp/editor/js/group-jq.js?ver=2.4.14
IP 45.152.46.6:0
File type Unicode text, UTF-8 text, with very long lines (10618), with no line terminators
Hash 9d72be4574bb95f6f26094fdd7d124cc
98f79cd07bc7318a00e056414252de56beb03553
03d46fd9160423905a0192e9d5e0a7a9812d5c7728e6c85d8cd90476f58e0b45
GET /wp-content/plugins/brizy/public/editor-build/251-wp/editor/js/group-jq.js?ver=2.4.14 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Cookie: gt_auto_switch=1; _lscache_vary=94e5bf7938206be54e1bc9042eabefb5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:58 GMT
content-type: application/x-javascript
last-modified: Sun, 01 Jan 2023 03:57:05 GMT
etag: "297b-63b10491-b9861581949d9694;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3740
date: Wed, 25 Jan 2023 11:44:58 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/wp-content/plugins/complianz-gdpr/cookiebanner/js/complianz.min.js?ver=6.4.0
45.152.46.6200 OK 9.7 kB URL HTTP/2 zbnfps.cf/wp-content/plugins/complianz-gdpr/cookiebanner/js/complianz.min.js?ver=6.4.0
IP 45.152.46.6:0
File type ASCII text, with very long lines (38801), with no line terminators
Hash 0ea35b2b9920a630ef80eda406f34e77
7496d3f2f7265e094c87b1aff2e6db2a770db6be
90889192c2a990f5ff5e28eaeffdf1a6102ba9f8e0e6795db9cfa2df22cd3a6e
GET /wp-content/plugins/complianz-gdpr/cookiebanner/js/complianz.min.js?ver=6.4.0 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Cookie: gt_auto_switch=1; _lscache_vary=94e5bf7938206be54e1bc9042eabefb5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:58 GMT
content-type: application/x-javascript
last-modified: Wed, 18 Jan 2023 17:31:07 GMT
etag: "9791-63c82cdb-ff0a786cd90c4aa9;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9651
date: Wed, 25 Jan 2023 11:44:58 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/wp-content/plugins/brizy/public/editor-build/251-wp/editor/js/preview.js?ver=2.4.14
45.152.46.6200 OK 74 kB URL HTTP/2 zbnfps.cf/wp-content/plugins/brizy/public/editor-build/251-wp/editor/js/preview.js?ver=2.4.14
IP 45.152.46.6:0
File type Unicode text, UTF-8 text, with very long lines (38637), with NEL line terminators
Hash 0c815b61a6ea2217e3adaee0cd43e573
a4dd2f357730319798ed6ce4c8ff47e11a2181d1
b158976643cfd385bc33b1c66b468631e08c27099b332db865c9552642b7bb72
GET /wp-content/plugins/brizy/public/editor-build/251-wp/editor/js/preview.js?ver=2.4.14 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Cookie: gt_auto_switch=1; _lscache_vary=94e5bf7938206be54e1bc9042eabefb5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:58 GMT
content-type: application/x-javascript
last-modified: Sun, 01 Jan 2023 03:57:06 GMT
etag: "3ca89-63b10492-380d87b816c83b28;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 74136
date: Wed, 25 Jan 2023 11:44:58 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
fonts.bunny.net/overpass/files/overpass-latin-700-normal.woff2
194.242.11.186200 OK 16 kB URL HTTP/2 fonts.bunny.net/overpass/files/overpass-latin-700-normal.woff2
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type Web Open Font Format (Version 2), TrueType, length 16296, version 1.0\012- data
Hash 7377f379fe5354af4a27bbb954ce816e
e62506bd4a05a9a68b81090c14e27bd30c7cceee
5c91507ba9508c8bbe28c7f1c80b5133c51c5a12016a0cb22be98520de7fb1ae
GET /overpass/files/overpass-latin-700-normal.woff2 HTTP/1.1
Host: fonts.bunny.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://zbnfps.cf
Connection: keep-alive
Referer: https://fonts.bunny.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 25 Jan 2023 11:44:58 GMT
content-type: font/woff2
content-length: 16296
server: BunnyCDN-NO1-830
cdn-pullzone: 781720
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
etag: "63aee32a-3fa8"
last-modified: Fri, 30 Dec 2022 13:10:02 GMT
cdn-storageserver: SE-344
cdn-fileserver: 344
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/09/2023 10:40:26
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: d6930e4062bb14e1a328aff3d4eeda7c
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
inklinkor.com/tag.min.js
172.67.211.29200 OK 41 kB IP 172.67.211.29:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash e66423b6f4b1a89fbabdb5633707c826
cc756082c1ca2ca326b6a555f4e851ed95db5c63
cb1b6769f93ca2c6ee82d30c88595df15dbebf6c12abe1b5d70abf12e5f93b0c
GET /tag.min.js HTTP/1.1
Host: inklinkor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 25 Jan 2023 11:44:57 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: 9e8f04184919ab8fe80258fbea0b0ab8
cache-control: max-age=86400
last-modified: Mon, 23 Jan 2023 15:51:55 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Thu, 26 Jan 2023 10:27:48 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 4629
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8hLnURaBybrX4Uiq17zUhlFasu4jzkLGu5pgqp1WWqJxN2l9F7EpXNkvXMSTnIVmJ%2BEP98Ex0dBc6Wgv892CKUakva5R6914NdkmhLhWg8ThyllNJPhFUeAFzxPwnu9N"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78f0c28a3b21b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.bunny.net/overpass/files/overpass-latin-400-italic.woff2
194.242.11.186200 OK 16 kB URL HTTP/2 fonts.bunny.net/overpass/files/overpass-latin-400-italic.woff2
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type Web Open Font Format (Version 2), TrueType, length 16496, version 1.0\012- data
Hash 719cadd05fdc377f873e35db042bdaf6
6486ec231b0ea065d9dcdb7f788ebe0f16cf17c0
801c6b30396c2f1974b97ef3472c37ee9916401b867b51fbdbbeb282b156430d
GET /overpass/files/overpass-latin-400-italic.woff2 HTTP/1.1
Host: fonts.bunny.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://zbnfps.cf
Connection: keep-alive
Referer: https://fonts.bunny.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 11:44:58 GMT
content-type: font/woff2
content-length: 16496
server: BunnyCDN-NO1-830
cdn-pullzone: 781720
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
etag: "63aee325-4070"
last-modified: Fri, 30 Dec 2022 13:09:57 GMT
cdn-storageserver: SE-318
cdn-fileserver: 344
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/09/2023 10:45:38
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: b501297940d22bfab24dba0a19a7cc59
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.bunny.net/lato/files/lato-latin-400-normal.woff2
194.242.11.186200 OK 24 kB URL HTTP/2 fonts.bunny.net/lato/files/lato-latin-400-normal.woff2
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /lato/files/lato-latin-400-normal.woff2 HTTP/1.1
Host: fonts.bunny.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://zbnfps.cf
Connection: keep-alive
Referer: https://fonts.bunny.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 11:44:58 GMT
content-type: font/woff2
content-length: 23580
server: BunnyCDN-NO1-830
cdn-pullzone: 781720
cdn-uid: 3a60ca70-b89d-4cd5-a4b5-34a3468d7e0f
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
etag: "63ae91bd-5c1c"
last-modified: Fri, 30 Dec 2022 07:22:37 GMT
cdn-storageserver: SE-344
cdn-fileserver: 318
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/09/2023 10:41:05
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 172d08f555892595810262495b802c70
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
zbnfps.cf/wp-content/plugins/gtranslate/flags/24/pt.png
45.152.46.6200 OK 1.1 kB URL HTTP/2 zbnfps.cf/wp-content/plugins/gtranslate/flags/24/pt.png
IP 45.152.46.6:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash bb3cb490b63a8f51283c686b916cf4ff
f325c9d27acb1d3e03a3481eb2c240368ae8460f
f06d3def1549dd1b0a108ddc645d2e8906fb631e5812df19cdcbd887f3700bd8
GET /wp-content/plugins/gtranslate/flags/24/pt.png HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Cookie: gt_auto_switch=1; _lscache_vary=94e5bf7938206be54e1bc9042eabefb5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:59 GMT
content-type: image/png
last-modified: Thu, 19 Jan 2023 02:44:29 GMT
etag: "434-63c8ae8d-2a22cedf9f912b59;;;"
accept-ranges: bytes
content-length: 1076
date: Wed, 25 Jan 2023 11:44:59 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/wp-content/uploads/2022/12/cropped-cropped-zkkBoost-1.png
45.152.46.6200 OK 20 kB URL HTTP/2 zbnfps.cf/wp-content/uploads/2022/12/cropped-cropped-zkkBoost-1.png
IP 45.152.46.6:0
File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Hash 3e4dbac9714c0131bce1172bdf69f038
5841a7587221a280fbc2ec812a7705f7224e14d3
f0acce7f415855c171f2d7c6f652b8b5aa083020c53998d8551620e03dbd9022
GET /wp-content/uploads/2022/12/cropped-cropped-zkkBoost-1.png HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Cookie: gt_auto_switch=1; _lscache_vary=94e5bf7938206be54e1bc9042eabefb5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:59 GMT
content-type: image/png
last-modified: Sun, 01 Jan 2023 05:01:14 GMT
etag: "4e28-63b1139a-7ce8bbf7312307d9;;;"
accept-ranges: bytes
content-length: 20008
date: Wed, 25 Jan 2023 11:44:59 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/wp-content/uploads/2022/12/cropped-zkkBoost-1-35x35.png
45.152.46.6200 OK 1.3 kB URL HTTP/2 zbnfps.cf/wp-content/uploads/2022/12/cropped-zkkBoost-1-35x35.png
IP 45.152.46.6:0
File type PNG image data, 35 x 35, 8-bit/color RGBA, non-interlaced\012- data
Hash 4032dfa63ed305aeda70a4ee3fff7524
56bc04f1a8e423da2348c25db8951b28a34f50d4
9a9aa7c7ce0d33402d92a4b0a597078b3bf714ad9dc2a490c98a4aef217ca47a
GET /wp-content/uploads/2022/12/cropped-zkkBoost-1-35x35.png HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/wp-content/uploads/maxmegamenu/style.css?ver=5c98a3
Cookie: gt_auto_switch=1; _lscache_vary=94e5bf7938206be54e1bc9042eabefb5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:59 GMT
content-type: image/png
last-modified: Mon, 16 Jan 2023 13:07:03 GMT
etag: "513-63c54bf7-bdee18dedeff2192;;;"
accept-ranges: bytes
content-length: 1299
date: Wed, 25 Jan 2023 11:44:59 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/wp-content/themes/oceanwp/assets/fonts/simple-line-icons/Simple-Line-Icons.woff2?v=2.4.0
45.152.46.6200 OK 30 kB URL HTTP/2 zbnfps.cf/wp-content/themes/oceanwp/assets/fonts/simple-line-icons/Simple-Line-Icons.woff2?v=2.4.0
IP 45.152.46.6:0
File type Web Open Font Format (Version 2), TrueType, length 30064, version 1.0\012- data
Hash 0cb0b9c589c0624c9c78dd3d83e946f6
5da603104d4d6e362824ec9e7db32eb2d617949a
104673f4859604362a18fc6294197d8fffb8cb24ad3211e92eb04f655e18cf4a
GET /wp-content/themes/oceanwp/assets/fonts/simple-line-icons/Simple-Line-Icons.woff2?v=2.4.0 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://zbnfps.cf/wp-content/themes/oceanwp/assets/css/third/simple-line-icons.min.css?ver=2.4.0
Cookie: gt_auto_switch=1; _lscache_vary=94e5bf7938206be54e1bc9042eabefb5
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:59 GMT
content-type: font/woff2
last-modified: Thu, 12 Jan 2023 23:59:24 GMT
etag: "7570-63c09edc-978eaef5dbc29027;;;"
accept-ranges: bytes
content-length: 30064
date: Wed, 25 Jan 2023 11:44:59 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/wp-content/uploads/complianz/css/banner-1-optin.css?v=24
45.152.46.6200 OK 2.3 kB URL HTTP/2 zbnfps.cf/wp-content/uploads/complianz/css/banner-1-optin.css?v=24
IP 45.152.46.6:0
File type ASCII text, with very long lines (13789), with no line terminators
Hash c118caf1d8ba2161ab77272150a40529
5ec52e45e3a7a7c54f81ebaae6dd248c39e3302a
179c4bb66662819f1b6357e5368cd4011d26d8387465a1dc247d7d1bec9343fe
GET /wp-content/uploads/complianz/css/banner-1-optin.css?v=24 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Cookie: gt_auto_switch=1; _lscache_vary=94e5bf7938206be54e1bc9042eabefb5
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:59 GMT
content-type: text/css
last-modified: Wed, 25 Jan 2023 11:33:14 GMT
etag: "35dd-63d1137a-1b01714b1eb1abe8;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2346
date: Wed, 25 Jan 2023 11:44:59 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
arsnivyr.com/11?rnd=1911643225&z=5673570&b=15763363&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=446pmrS-ubwiQQbVchYOFTTF6anhaMbQmGvWpquZxGTzdQW_-UfZ7dNjl0I6OI4_DoU3ancwuSN9Kw1YQxQLtKrNISPLvxIoqrtyJ2fDnhAiOoP1DqE0kIcdw-q17rrO3_Hb40MsBLvsCHRm9qWLFk_7ip_PomIkuPHF2I2p5rvtTs31o7bCix455O0EfIJ2PXH7pHB2mmIyIKKy8bQePn2Ati5UQAxMzd7GDzBZxghSFJYLsCvmecnL7m_7dlACe3B0bB7LboGvfFgNdmshxYOZwfIyUX0H-IeMNsgik78ILzgLl9VYAa-XC-9lO41Xl2igTNKAtymhbYJv2CFZpzNl3zST3Vf1Fk8J8oRq1d2dYAZIf-sfVSmsxVjs0hC_-ZLFUpaTXKkuaKnLZu0vGiH9al9z3CSy4OL96AQwFOHq6ru2z3cOwHB0_K5WeTS18_oUNXLM_sd42-YE2k_VnLLG-PDYx6BTddE829Qz_MjqXvZHq2oZmRKUCqRwtGx-R5EPX9UwcIIa_o_I1c5v_w-QCuUAeNKdHOZlkD3dN4aa6GPnLp54bwM2GU_crMkBeQjh9NkZEEsJ4E6QqdXlg9mv7ge4_0A8iSzgGagfOihfc6x4QHgp4JO7ej_1LKNZadWD--WBj8AirIzWTVLFv4to3BRosiIXMdUhK4n3Q6-EeQILDbt5uvkmCFcOLo0Hn9OfN3GbyWHF8JWGBEJjScS4krSosxJ8oUmfo002AeIorqzwbfWQsDn8OgW3J4_ty1hlTMvY-WWGrv4AY4z4A_1FCia-heAw7zrEEfRp6NMLTSQuhhUmFdWo6qGkW629WmIuvZ-4IU-uBRydUyZ1poH14SeeGX5qPrK6ISSOJY6l1ogMkWqmnlNSWO6AqiRsgCYAKdn-dUA=&ruid=9f5f4443-b2cd-4845-ac43-ad49cf619fd0&subid=642079073482313728&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fzbnfps.cf%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=195
139.45.197.242200 OK 0 B URL HTTP/2 arsnivyr.com/11?rnd=1911643225&z=5673570&b=15763363&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=446pmrS-ubwiQQbVchYOFTTF6anhaMbQmGvWpquZxGTzdQW_-UfZ7dNjl0I6OI4_DoU3ancwuSN9Kw1YQxQLtKrNISPLvxIoqrtyJ2fDnhAiOoP1DqE0kIcdw-q17rrO3_Hb40MsBLvsCHRm9qWLFk_7ip_PomIkuPHF2I2p5rvtTs31o7bCix455O0EfIJ2PXH7pHB2mmIyIKKy8bQePn2Ati5UQAxMzd7GDzBZxghSFJYLsCvmecnL7m_7dlACe3B0bB7LboGvfFgNdmshxYOZwfIyUX0H-IeMNsgik78ILzgLl9VYAa-XC-9lO41Xl2igTNKAtymhbYJv2CFZpzNl3zST3Vf1Fk8J8oRq1d2dYAZIf-sfVSmsxVjs0hC_-ZLFUpaTXKkuaKnLZu0vGiH9al9z3CSy4OL96AQwFOHq6ru2z3cOwHB0_K5WeTS18_oUNXLM_sd42-YE2k_VnLLG-PDYx6BTddE829Qz_MjqXvZHq2oZmRKUCqRwtGx-R5EPX9UwcIIa_o_I1c5v_w-QCuUAeNKdHOZlkD3dN4aa6GPnLp54bwM2GU_crMkBeQjh9NkZEEsJ4E6QqdXlg9mv7ge4_0A8iSzgGagfOihfc6x4QHgp4JO7ej_1LKNZadWD--WBj8AirIzWTVLFv4to3BRosiIXMdUhK4n3Q6-EeQILDbt5uvkmCFcOLo0Hn9OfN3GbyWHF8JWGBEJjScS4krSosxJ8oUmfo002AeIorqzwbfWQsDn8OgW3J4_ty1hlTMvY-WWGrv4AY4z4A_1FCia-heAw7zrEEfRp6NMLTSQuhhUmFdWo6qGkW629WmIuvZ-4IU-uBRydUyZ1poH14SeeGX5qPrK6ISSOJY6l1ogMkWqmnlNSWO6AqiRsgCYAKdn-dUA=&ruid=9f5f4443-b2cd-4845-ac43-ad49cf619fd0&subid=642079073482313728&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fzbnfps.cf%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=195
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /11?rnd=1911643225&z=5673570&b=15763363&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=446pmrS-ubwiQQbVchYOFTTF6anhaMbQmGvWpquZxGTzdQW_-UfZ7dNjl0I6OI4_DoU3ancwuSN9Kw1YQxQLtKrNISPLvxIoqrtyJ2fDnhAiOoP1DqE0kIcdw-q17rrO3_Hb40MsBLvsCHRm9qWLFk_7ip_PomIkuPHF2I2p5rvtTs31o7bCix455O0EfIJ2PXH7pHB2mmIyIKKy8bQePn2Ati5UQAxMzd7GDzBZxghSFJYLsCvmecnL7m_7dlACe3B0bB7LboGvfFgNdmshxYOZwfIyUX0H-IeMNsgik78ILzgLl9VYAa-XC-9lO41Xl2igTNKAtymhbYJv2CFZpzNl3zST3Vf1Fk8J8oRq1d2dYAZIf-sfVSmsxVjs0hC_-ZLFUpaTXKkuaKnLZu0vGiH9al9z3CSy4OL96AQwFOHq6ru2z3cOwHB0_K5WeTS18_oUNXLM_sd42-YE2k_VnLLG-PDYx6BTddE829Qz_MjqXvZHq2oZmRKUCqRwtGx-R5EPX9UwcIIa_o_I1c5v_w-QCuUAeNKdHOZlkD3dN4aa6GPnLp54bwM2GU_crMkBeQjh9NkZEEsJ4E6QqdXlg9mv7ge4_0A8iSzgGagfOihfc6x4QHgp4JO7ej_1LKNZadWD--WBj8AirIzWTVLFv4to3BRosiIXMdUhK4n3Q6-EeQILDbt5uvkmCFcOLo0Hn9OfN3GbyWHF8JWGBEJjScS4krSosxJ8oUmfo002AeIorqzwbfWQsDn8OgW3J4_ty1hlTMvY-WWGrv4AY4z4A_1FCia-heAw7zrEEfRp6NMLTSQuhhUmFdWo6qGkW629WmIuvZ-4IU-uBRydUyZ1poH14SeeGX5qPrK6ISSOJY6l1ogMkWqmnlNSWO6AqiRsgCYAKdn-dUA=&ruid=9f5f4443-b2cd-4845-ac43-ad49cf619fd0&subid=642079073482313728&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fzbnfps.cf%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=195 HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://zbnfps.cf
Connection: keep-alive
Referer: https://zbnfps.cf/
Cookie: scm=1; OAID=21c5a511ae97490b9e2c1da142212cb0; oaidts=1674647094; oaidvc=1; CNT=1_v1_E0TxAAEAAAC2S2Ri
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 11:44:58 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://zbnfps.cf
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: dfdf5c85e290e98136d02b37e2e255bf
access-control-expose-headers: X-Sc
set-cookie: OAID=21c5a511ae97490b9e2c1da142212cb0; expires=Thu, 25 Jan 2024 11:44:58 GMT; secure; SameSite=None
oaidts=1674647094; expires=Thu, 25 Jan 2024 11:44:58 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
arsnivyr.com/121?rnd=3253507233&z=5673570&b=15763363&c=6332999&var=&d=https%3A%2F%2Fwww.nbfcs.org%2F%23signUp%3D642079073482313728&cln={CELL_NUMBER}&btp=7&rb=446pmrS-ubwiQQbVchYOFTTF6anhaMbQmGvWpquZxGTzdQW_-UfZ7dNjl0I6OI4_DoU3ancwuSN9Kw1YQxQLtKrNISPLvxIoqrtyJ2fDnhAiOoP1DqE0kIcdw-q17rrO3_Hb40MsBLvsCHRm9qWLFk_7ip_PomIkuPHF2I2p5rvtTs31o7bCix455O0EfIJ2PXH7pHB2mmIyIKKy8bQePn2Ati5UQAxMzd7GDzBZxghSFJYLsCvmecnL7m_7dlACe3B0bB7LboGvfFgNdmshxYOZwfIyUX0H-IeMNsgik78ILzgLl9VYAa-XC-9lO41Xl2igTNKAtymhbYJv2CFZpzNl3zST3Vf1Fk8J8oRq1d2dYAZIf-sfVSmsxVjs0hC_-ZLFUpaTXKkuaKnLZu0vGiH9al9z3CSy4OL96AQwFOHq6ru2z3cOwHB0_K5WeTS18_oUNXLM_sd42-YE2k_VnLLG-PDYx6BTddE829Qz_MjqXvZHq2oZmRKUCqRwtGx-R5EPX9UwcIIa_o_I1c5v_w-QCuUAeNKdHOZlkD3dN4aa6GPnLp54bwM2GU_crMkBeQjh9NkZEEsJ4E6QqdXlg9mv7ge4_0A8iSzgGagfOihfc6x4QHgp4JO7ej_1LKNZadWD--WBj8AirIzWTVLFv4to3BRosiIXMdUhK4n3Q6-EeQILDbt5uvkmCFcOLo0Hn9OfN3GbyWHF8JWGBEJjScS4krSosxJ8oUmfo002AeIorqzwbfWQsDn8OgW3J4_ty1hlTMvY-WWGrv4AY4z4A_1FCia-heAw7zrEEfRp6NMLTSQuhhUmFdWo6qGkW629WmIuvZ-4IU-uBRydUyZ1poH14SeeGX5qPrK6ISSOJY6l1ogMkWqmnlNSWO6AqiRsgCYAKdn-dUA=&bag=8nsw8B7QCj_3EqNry8yQn0HRKQdoaP9w&ruid=9f5f4443-b2cd-4845-ac43-ad49cf619fd0&subid=642079073482313728
139.45.197.242302 Found 0 B URL HTTP/2 arsnivyr.com/121?rnd=3253507233&z=5673570&b=15763363&c=6332999&var=&d=https%3A%2F%2Fwww.nbfcs.org%2F%23signUp%3D642079073482313728&cln={CELL_NUMBER}&btp=7&rb=446pmrS-ubwiQQbVchYOFTTF6anhaMbQmGvWpquZxGTzdQW_-UfZ7dNjl0I6OI4_DoU3ancwuSN9Kw1YQxQLtKrNISPLvxIoqrtyJ2fDnhAiOoP1DqE0kIcdw-q17rrO3_Hb40MsBLvsCHRm9qWLFk_7ip_PomIkuPHF2I2p5rvtTs31o7bCix455O0EfIJ2PXH7pHB2mmIyIKKy8bQePn2Ati5UQAxMzd7GDzBZxghSFJYLsCvmecnL7m_7dlACe3B0bB7LboGvfFgNdmshxYOZwfIyUX0H-IeMNsgik78ILzgLl9VYAa-XC-9lO41Xl2igTNKAtymhbYJv2CFZpzNl3zST3Vf1Fk8J8oRq1d2dYAZIf-sfVSmsxVjs0hC_-ZLFUpaTXKkuaKnLZu0vGiH9al9z3CSy4OL96AQwFOHq6ru2z3cOwHB0_K5WeTS18_oUNXLM_sd42-YE2k_VnLLG-PDYx6BTddE829Qz_MjqXvZHq2oZmRKUCqRwtGx-R5EPX9UwcIIa_o_I1c5v_w-QCuUAeNKdHOZlkD3dN4aa6GPnLp54bwM2GU_crMkBeQjh9NkZEEsJ4E6QqdXlg9mv7ge4_0A8iSzgGagfOihfc6x4QHgp4JO7ej_1LKNZadWD--WBj8AirIzWTVLFv4to3BRosiIXMdUhK4n3Q6-EeQILDbt5uvkmCFcOLo0Hn9OfN3GbyWHF8JWGBEJjScS4krSosxJ8oUmfo002AeIorqzwbfWQsDn8OgW3J4_ty1hlTMvY-WWGrv4AY4z4A_1FCia-heAw7zrEEfRp6NMLTSQuhhUmFdWo6qGkW629WmIuvZ-4IU-uBRydUyZ1poH14SeeGX5qPrK6ISSOJY6l1ogMkWqmnlNSWO6AqiRsgCYAKdn-dUA=&bag=8nsw8B7QCj_3EqNry8yQn0HRKQdoaP9w&ruid=9f5f4443-b2cd-4845-ac43-ad49cf619fd0&subid=642079073482313728
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /121?rnd=3253507233&z=5673570&b=15763363&c=6332999&var=&d=https%3A%2F%2Fwww.nbfcs.org%2F%23signUp%3D642079073482313728&cln={CELL_NUMBER}&btp=7&rb=446pmrS-ubwiQQbVchYOFTTF6anhaMbQmGvWpquZxGTzdQW_-UfZ7dNjl0I6OI4_DoU3ancwuSN9Kw1YQxQLtKrNISPLvxIoqrtyJ2fDnhAiOoP1DqE0kIcdw-q17rrO3_Hb40MsBLvsCHRm9qWLFk_7ip_PomIkuPHF2I2p5rvtTs31o7bCix455O0EfIJ2PXH7pHB2mmIyIKKy8bQePn2Ati5UQAxMzd7GDzBZxghSFJYLsCvmecnL7m_7dlACe3B0bB7LboGvfFgNdmshxYOZwfIyUX0H-IeMNsgik78ILzgLl9VYAa-XC-9lO41Xl2igTNKAtymhbYJv2CFZpzNl3zST3Vf1Fk8J8oRq1d2dYAZIf-sfVSmsxVjs0hC_-ZLFUpaTXKkuaKnLZu0vGiH9al9z3CSy4OL96AQwFOHq6ru2z3cOwHB0_K5WeTS18_oUNXLM_sd42-YE2k_VnLLG-PDYx6BTddE829Qz_MjqXvZHq2oZmRKUCqRwtGx-R5EPX9UwcIIa_o_I1c5v_w-QCuUAeNKdHOZlkD3dN4aa6GPnLp54bwM2GU_crMkBeQjh9NkZEEsJ4E6QqdXlg9mv7ge4_0A8iSzgGagfOihfc6x4QHgp4JO7ej_1LKNZadWD--WBj8AirIzWTVLFv4to3BRosiIXMdUhK4n3Q6-EeQILDbt5uvkmCFcOLo0Hn9OfN3GbyWHF8JWGBEJjScS4krSosxJ8oUmfo002AeIorqzwbfWQsDn8OgW3J4_ty1hlTMvY-WWGrv4AY4z4A_1FCia-heAw7zrEEfRp6NMLTSQuhhUmFdWo6qGkW629WmIuvZ-4IU-uBRydUyZ1poH14SeeGX5qPrK6ISSOJY6l1ogMkWqmnlNSWO6AqiRsgCYAKdn-dUA=&bag=8nsw8B7QCj_3EqNry8yQn0HRKQdoaP9w&ruid=9f5f4443-b2cd-4845-ac43-ad49cf619fd0&subid=642079073482313728 HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: scm=1; OAID=21c5a511ae97490b9e2c1da142212cb0; oaidts=1674647094; oaidvc=1; CNT=1_v1_E0TxAAEAAAC2S2Ri
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 25 Jan 2023 11:44:58 GMT
content-length: 0
location: https://www.nbfcs.org/#signUp=642079073482313728
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: 534b15cc63f1b89c0f030c8ee7880be3
access-control-expose-headers: X-Sc
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
bedrapiona.com/5/5673552/?oo=1&js_build=iclick-v1.473.0
139.45.197.234200 OK 1.4 kB URL HTTP/2 bedrapiona.com/5/5673552/?oo=1&js_build=iclick-v1.473.0
IP 139.45.197.234:0
File type JSON data\012- , ASCII text, with very long lines (2905), with no line terminators
Hash 1f5743a8222ed6518b18a83767fd9a0e
4914e685474c94fb1d3b3fb92eb70d4327fde0d3
9276646a9f87da165efbd60bddd0b4995055705a69b17dba1a1b35fc00ec77d6
GET /5/5673552/?oo=1&js_build=iclick-v1.473.0 HTTP/1.1
Host: bedrapiona.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://zbnfps.cf
Connection: keep-alive
Referer: https://zbnfps.cf/
Cookie: OAID=8509edea9eb943cf80ec2eee439cbd57; oaidts=1674647095
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 11:44:58 GMT
content-type: application/json
x-trace-id: 6827e10c6ab9940d06efa5e3c0a2067d
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://zbnfps.cf
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=8509edea9eb943cf80ec2eee439cbd57; expires=Thu, 25 Jan 2024 11:44:58 GMT; path=/; secure; SameSite=None
oaidts=1674647095; expires=Thu, 25 Jan 2024 11:44:58 GMT; path=/; secure; SameSite=None
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e93510af7fbb01ec576cd6667de4decc
bc8ccb22159c837a232324bb3169513be7eb6386
bcfbebd3c569daceed83a680b9e1b76fb3e367426b4baad8bfe3973cd3b39410
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BCFBEBD3C569DACEED83A680B9E1B76FB3E367426B4BAAD8BFE3973CD3B39410"
Last-Modified: Mon, 23 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1221
Expires: Wed, 25 Jan 2023 12:05:19 GMT
Date: Wed, 25 Jan 2023 11:44:58 GMT
Connection: keep-alive
nanouwho.com/1?z=5673550
139.45.197.242200 OK 7.2 kB IP 139.45.197.242:0
Hash deb7e1626113a9f789a70bf43072df7b
628a75456af402275d289ed94f29ee997d86866f
5c042fd73827223fee6ebebdbaf2f438e3c7e079d816d6ff6d4cf9145ef09db1
Analyzer Verdict Alert quad9 Sinkholed
GET /1?z=5673550 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 11:44:58 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: 91f216d4fe6364b23bd5b9037155d597
access-control-expose-headers: X-Sc
x-sc: 9bCjVH4OmKqcKga_CoJyGcplLqQd-_XqQNMFb3vqJIZ0OySulrus0SGT4I7L2otgR4RkgcVKeH2moql8PkFz8JwzGi4=
set-cookie: scm=1; expires=Thu, 25 Jan 2024 11:44:58 GMT; secure; SameSite=None
OAID=b40537e26055473b8b2bcc227ce9999f; expires=Thu, 25 Jan 2024 11:44:58 GMT; secure; SameSite=None
oaidts=1674647098; expires=Thu, 25 Jan 2024 11:44:58 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
nanouwho.com/9?z=5673550&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fzbnfps.cf%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=21c5a511ae97490b9e2c1da142212cb0
139.45.197.242204 No Content 0 B URL HTTP/2 nanouwho.com/9?z=5673550&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fzbnfps.cf%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=21c5a511ae97490b9e2c1da142212cb0
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /9?z=5673550&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fzbnfps.cf%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=21c5a511ae97490b9e2c1da142212cb0 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://zbnfps.cf/
Origin: https://zbnfps.cf
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
server: nginx
date: Wed, 25 Jan 2023 11:44:58 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://zbnfps.cf
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/x-QEV4IR2x0
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/x-QEV4IR2x0
IP 142.250.74.131:0
Hash 07208ef6356bca44bde2c3acdd03a4bb
cb9c589dccb28bb1e0739a4e5e0d5d48ea43fff9
3f0c1ea3b6ea0203b439077ab495c5fce415d640da8839a67789268bf3286d98
POST /s/gts1p5/x-QEV4IR2x0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 11:44:58 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/x-QEV4IR2x0
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/x-QEV4IR2x0
IP 142.250.74.131:0
Hash 07208ef6356bca44bde2c3acdd03a4bb
cb9c589dccb28bb1e0739a4e5e0d5d48ea43fff9
3f0c1ea3b6ea0203b439077ab495c5fce415d640da8839a67789268bf3286d98
POST /s/gts1p5/x-QEV4IR2x0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 11:44:58 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
nanouwho.com/9?z=5673550&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fzbnfps.cf%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=21c5a511ae97490b9e2c1da142212cb0
139.45.197.242200 OK 2.6 kB URL HTTP/2 nanouwho.com/9?z=5673550&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fzbnfps.cf%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=21c5a511ae97490b9e2c1da142212cb0
IP 139.45.197.242:0
File type JSON data\012- , ASCII text, with very long lines (6284), with no line terminators
Hash 3d4ce4dd316dc332f702a8966de298da
d3971923df16397700c59dc4944e5a77910190c4
1e71a05386a8206d3180c0b7b021da08daa5c4b77ff878cca4c1b2548f2e7276
Analyzer Verdict Alert quad9 Sinkholed
POST /9?z=5673550&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fzbnfps.cf%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=21c5a511ae97490b9e2c1da142212cb0 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 82
Origin: https://zbnfps.cf
Connection: keep-alive
Referer: https://zbnfps.cf/
Cookie: scm=1; OAID=b40537e26055473b8b2bcc227ce9999f; oaidts=1674647098
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 11:44:58 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://zbnfps.cf
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: f9255d4837c572602cf42cb3b5cc865b
access-control-expose-headers: X-Sc
set-cookie: OAID=21c5a511ae97490b9e2c1da142212cb0; expires=Thu, 25 Jan 2024 11:44:58 GMT; secure; SameSite=None
oaidts=1674647098; expires=Thu, 25 Jan 2024 11:44:58 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
ibrapush.com/event
139.45.197.250200 OK 0 B IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /event HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://zbnfps.cf/
Origin: https://zbnfps.cf
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 11:44:58 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://zbnfps.cf
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
ibrapush.com/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zbnfps.cf/
Content-Type: application/json
Origin: https://zbnfps.cf
Content-Length: 302
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 11:44:58 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 58cc8d15da19a4d193db3aedb30f1c7d
access-control-allow-origin: https://zbnfps.cf
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ibrapush.com/event
139.45.197.250200 OK 94 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 9206f3176b5847b4eb01bd388d5c6cc2
b45063748dbf779ed92d7a633bec0bfd28aedc06
b2f1657934bd360d946fbb9040a7ca507cba08fcb012cb13fe76d19bc5909d2d
POST /event HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zbnfps.cf/
Content-Type: application/json
Origin: https://zbnfps.cf
Content-Length: 1105
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 11:44:58 GMT
content-type: application/json; charset=utf-8
content-length: 94
x-trace-id: 62df9961967a4ab6302dc15768502a9a
access-control-allow-origin: https://zbnfps.cf
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
nanouwho.com/11?rnd=1075263292&z=5673550&b=15901695&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=wyTstibK2kf5dsA_nN43ET22EsHKLVi00ZKKp3TJ25I0_dwaJLEsk7_MzXCs75ccp5Etw9Q4z8iDRhCwENRwFC5DD50ysMIqG1ScZ61Gsru-xwA3UF8BLNrM-mxN42c51CTUbF-8S5hi_e5J1JwLHnvq5qImmJ3HcS1_s4qroT7fnOqGtj3qsxmJh4brUrbnflTm4hS384o5sd7lw-Mw1kgkCyL2IwdQSic06GMlR2wmc8eGbd5Im1-yOcSQuvfKLcHAA0z0ncKCMeIkDfllOb-fZmfH8BMB5EGJ7bSwcLmYjxXtdjXdfpfvuze9NtcjjXhigtknSGMUUhberPcq2Aso4V91Wbusbo6HRIQ-OvKWP_T9I8ERzF1LDYPDCSGSTndEUsIXkLXqt0YvIyUAaFuiNIxJ_vg6RvAkbq81IeBVHkNsFpN2K9yy_mSV_LNtRtKtvffL2jupZYyxjTexpB2MlslG9c7OeUN4U-cGoIIcM7zoyBXm3wzjRwo18si_4A7BVcvj5qrahsi1ihaRw0Aw00W6FAHj8CRmkcw3AmsX_VS_8ugSrhF7aLs-LAB8MNFdS9QwLukVqQ-mLx3UmOwUz7n_2lfrrNRXp7-pNCX2-7TMAGUKP9DG51zsu2S-cN9cGXr0KXjcfLxcEWaMrg==&ruid=2106e094-3e56-4f5b-a1da-f85ea96c62c7&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fzbnfps.cf%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=327
139.45.197.242200 OK 0 B URL HTTP/2 nanouwho.com/11?rnd=1075263292&z=5673550&b=15901695&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=wyTstibK2kf5dsA_nN43ET22EsHKLVi00ZKKp3TJ25I0_dwaJLEsk7_MzXCs75ccp5Etw9Q4z8iDRhCwENRwFC5DD50ysMIqG1ScZ61Gsru-xwA3UF8BLNrM-mxN42c51CTUbF-8S5hi_e5J1JwLHnvq5qImmJ3HcS1_s4qroT7fnOqGtj3qsxmJh4brUrbnflTm4hS384o5sd7lw-Mw1kgkCyL2IwdQSic06GMlR2wmc8eGbd5Im1-yOcSQuvfKLcHAA0z0ncKCMeIkDfllOb-fZmfH8BMB5EGJ7bSwcLmYjxXtdjXdfpfvuze9NtcjjXhigtknSGMUUhberPcq2Aso4V91Wbusbo6HRIQ-OvKWP_T9I8ERzF1LDYPDCSGSTndEUsIXkLXqt0YvIyUAaFuiNIxJ_vg6RvAkbq81IeBVHkNsFpN2K9yy_mSV_LNtRtKtvffL2jupZYyxjTexpB2MlslG9c7OeUN4U-cGoIIcM7zoyBXm3wzjRwo18si_4A7BVcvj5qrahsi1ihaRw0Aw00W6FAHj8CRmkcw3AmsX_VS_8ugSrhF7aLs-LAB8MNFdS9QwLukVqQ-mLx3UmOwUz7n_2lfrrNRXp7-pNCX2-7TMAGUKP9DG51zsu2S-cN9cGXr0KXjcfLxcEWaMrg==&ruid=2106e094-3e56-4f5b-a1da-f85ea96c62c7&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fzbnfps.cf%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=327
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /11?rnd=1075263292&z=5673550&b=15901695&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=wyTstibK2kf5dsA_nN43ET22EsHKLVi00ZKKp3TJ25I0_dwaJLEsk7_MzXCs75ccp5Etw9Q4z8iDRhCwENRwFC5DD50ysMIqG1ScZ61Gsru-xwA3UF8BLNrM-mxN42c51CTUbF-8S5hi_e5J1JwLHnvq5qImmJ3HcS1_s4qroT7fnOqGtj3qsxmJh4brUrbnflTm4hS384o5sd7lw-Mw1kgkCyL2IwdQSic06GMlR2wmc8eGbd5Im1-yOcSQuvfKLcHAA0z0ncKCMeIkDfllOb-fZmfH8BMB5EGJ7bSwcLmYjxXtdjXdfpfvuze9NtcjjXhigtknSGMUUhberPcq2Aso4V91Wbusbo6HRIQ-OvKWP_T9I8ERzF1LDYPDCSGSTndEUsIXkLXqt0YvIyUAaFuiNIxJ_vg6RvAkbq81IeBVHkNsFpN2K9yy_mSV_LNtRtKtvffL2jupZYyxjTexpB2MlslG9c7OeUN4U-cGoIIcM7zoyBXm3wzjRwo18si_4A7BVcvj5qrahsi1ihaRw0Aw00W6FAHj8CRmkcw3AmsX_VS_8ugSrhF7aLs-LAB8MNFdS9QwLukVqQ-mLx3UmOwUz7n_2lfrrNRXp7-pNCX2-7TMAGUKP9DG51zsu2S-cN9cGXr0KXjcfLxcEWaMrg==&ruid=2106e094-3e56-4f5b-a1da-f85ea96c62c7&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fzbnfps.cf%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=327 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://zbnfps.cf
Connection: keep-alive
Referer: https://zbnfps.cf/
Cookie: scm=1; OAID=21c5a511ae97490b9e2c1da142212cb0; oaidts=1674647098
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 11:44:59 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://zbnfps.cf
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: c481892e670373688f9dcf9e569ad413
access-control-expose-headers: X-Sc
set-cookie: OAID=21c5a511ae97490b9e2c1da142212cb0; expires=Thu, 25 Jan 2024 11:44:59 GMT; secure; SameSite=None
oaidts=1674647098; expires=Thu, 25 Jan 2024 11:44:59 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e8f1a03b5b269e29eb6dd983583acd5f
2c2dfdd086b51641cca2b9bf38cd9d1d81dc7794
c757caca0367f08dae489f6d45332f78d184271fd004cb0c47008dcd6943d16e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C757CACA0367F08DAE489F6D45332F78D184271FD004CB0C47008DCD6943D16E"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5396
Expires: Wed, 25 Jan 2023 13:14:55 GMT
Date: Wed, 25 Jan 2023 11:44:59 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash dc4ecda5368b52c2e2e0f855c3069d54
094d4c4753e9411e78bba8e036dfe4d578a3136e
6543817b84fb50bf50d47656d95e228b120961571cde07e3aae7f5f60b788920
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 11:44:59 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 22 Jan 2023 03:49:36 GMT
Expires: Sun, 29 Jan 2023 03:49:35 GMT
Etag: "094d4c4753e9411e78bba8e036dfe4d578a3136e"
Cache-Control: max-age=316475,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78f0c290fe7eb4fa-OSL
onmarshtompor.com/?rb=C3wpg1TAP4l94DhNRfFbsAVhQeDe3H2da6F3tlwKSmusUFvuMskcSWOQjQ0R6ef_n1xYYmzESwDeiQAyjz-qja7ZVVYdjlobXnav4-g5l1z_nNQofWNg_35KkM8AsxQSVP02nqiztUwyLun49ia7dniGV2woKNqIG-pzZ9dLM-6Gpmr9FmLi6YarrSu65h2jML5PO_SJSF2bGIbLlIMhfxMxanpSS1Hw&request_ab2=0&zoneid=5673552&js_build=iclick-v1.473.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fzbnfps.cf%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.473.0&bs=461994f4-c585-4363-a418-a6a187b56438&userId=21c5a511ae97490b9e2c1da142212cb0&m=link
139.45.197.243200 OK 6.5 kB URL HTTP/2 onmarshtompor.com/?rb=C3wpg1TAP4l94DhNRfFbsAVhQeDe3H2da6F3tlwKSmusUFvuMskcSWOQjQ0R6ef_n1xYYmzESwDeiQAyjz-qja7ZVVYdjlobXnav4-g5l1z_nNQofWNg_35KkM8AsxQSVP02nqiztUwyLun49ia7dniGV2woKNqIG-pzZ9dLM-6Gpmr9FmLi6YarrSu65h2jML5PO_SJSF2bGIbLlIMhfxMxanpSS1Hw&request_ab2=0&zoneid=5673552&js_build=iclick-v1.473.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fzbnfps.cf%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.473.0&bs=461994f4-c585-4363-a418-a6a187b56438&userId=21c5a511ae97490b9e2c1da142212cb0&m=link
IP 139.45.197.243:0
Hash e8ef4f571f775941e5b36cdc7e1e7f2a
06c730058ad581a3d202e79f331bfe6c162481c2
c97c13d8054cba97930149230adea507fc398f4214524547a21c7a89e3019718
GET /?rb=C3wpg1TAP4l94DhNRfFbsAVhQeDe3H2da6F3tlwKSmusUFvuMskcSWOQjQ0R6ef_n1xYYmzESwDeiQAyjz-qja7ZVVYdjlobXnav4-g5l1z_nNQofWNg_35KkM8AsxQSVP02nqiztUwyLun49ia7dniGV2woKNqIG-pzZ9dLM-6Gpmr9FmLi6YarrSu65h2jML5PO_SJSF2bGIbLlIMhfxMxanpSS1Hw&request_ab2=0&zoneid=5673552&js_build=iclick-v1.473.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fzbnfps.cf%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.473.0&bs=461994f4-c585-4363-a418-a6a187b56438&userId=21c5a511ae97490b9e2c1da142212cb0&m=link HTTP/1.1
Host: onmarshtompor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zbnfps.cf/
Origin: https://zbnfps.cf
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 11:44:58 GMT
content-type: application/json
x-trace-id: c571ab159f7339ab544bac485c22419f
access-control-allow-origin: https://zbnfps.cf
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=21c5a511ae97490b9e2c1da142212cb0; expires=Thu, 25 Jan 2024 11:44:58 GMT; path=/; secure; SameSite=None
oaidts=1674647098; expires=Thu, 25 Jan 2024 11:44:58 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Wed, 01 Feb 2023 11:44:58 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
betotodilea.com/500/5673549?excludes=&oaid=21c5a511ae97490b9e2c1da142212cb0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fzbnfps.cf%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL HTTP/2 betotodilea.com/500/5673549?excludes=&oaid=21c5a511ae97490b9e2c1da142212cb0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fzbnfps.cf%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /500/5673549?excludes=&oaid=21c5a511ae97490b9e2c1da142212cb0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fzbnfps.cf%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://zbnfps.cf/
Origin: https://zbnfps.cf
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 11:44:59 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://zbnfps.cf
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8b757146d77134f1065dc3196bbbb7a5
e72aa31a330651debe8752672a78539d5dad540a
37911dbd959cefe93246aa17a8d941ddd54c6c98390a70c9c294ef286c12920a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "37911DBD959CEFE93246AA17A8D941DDD54C6C98390A70C9C294EF286C12920A"
Last-Modified: Wed, 25 Jan 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21514
Expires: Wed, 25 Jan 2023 17:43:33 GMT
Date: Wed, 25 Jan 2023 11:44:59 GMT
Connection: keep-alive
interstitial-07.com/contents/s/50/da/0f/5fb955b021768e45f755f3c1db/01057113345053.png
139.45.197.153200 OK 16 kB URL HTTP/2 interstitial-07.com/contents/s/50/da/0f/5fb955b021768e45f755f3c1db/01057113345053.png
IP 139.45.197.153:0
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash 50da0f5fb955b021768e45f755f3c1db
8a9a208aba5928923a8ba1555b7e59ce6122d894
6ca878bbfd79a882d118d75a1bd152b14bb45997d69c2bca43548ccd8bd4ac9d
GET /contents/s/50/da/0f/5fb955b021768e45f755f3c1db/01057113345053.png HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=UwklZTCC7U4f8LU&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D1560225293%26z%3D5673550%26b%3D15901695%26c%3D6368614%26var%3D%26d%3Dhttps%253A%252F%252Fwww.youtube.com%252Fwatch%253Fv%253DkFOvybLfhVI%2526t%253D6s%26cln%3D1%26btp%3D7%26rb%3DwyTstibK2kf5dsA_nN43ET22EsHKLVi00ZKKp3TJ25I0_dwaJLEsk7_MzXCs75ccp5Etw9Q4z8iDRhCwENRwFC5DD50ysMIqG1ScZ61Gsru-xwA3UF8BLNrM-mxN42c51CTUbF-8S5hi_e5J1JwLHnvq5qImmJ3HcS1_s4qroT7fnOqGtj3qsxmJh4brUrbnflTm4hS384o5sd7lw-Mw1kgkCyL2IwdQSic06GMlR2wmc8eGbd5Im1-yOcSQuvfKLcHAA0z0ncKCMeIkDfllOb-fZmfH8BMB5EGJ7bSwcLmYjxXtdjXdfpfvuze9NtcjjXhigtknSGMUUhberPcq2Aso4V91Wbusbo6HRIQ-OvKWP_T9I8ERzF1LDYPDCSGSTndEUsIXkLXqt0YvIyUAaFuiNIxJ_vg6RvAkbq81IeBVHkNsFpN2K9yy_mSV_LNtRtKtvffL2jupZYyxjTexpB2MlslG9c7OeUN4U-cGoIIcM7zoyBXm3wzjRwo18si_4A7BVcvj5qrahsi1ihaRw0Aw00W6FAHj8CRmkcw3AmsX_VS_8ugSrhF7aLs-LAB8MNFdS9QwLukVqQ-mLx3UmOwUz7n_2lfrrNRXp7-pNCX2-7TMAGUKP9DG51zsu2S-cN9cGXr0KXjcfLxcEWaMrg%3D%3D%26bag%3DFWuOy7mVj9dFk3oo3jPRgA%3D%3D%26ruid%3D2106e094-3e56-4f5b-a1da-f85ea96c62c7%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fzbnfps.cf%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 11:44:59 GMT
content-type: image/png
content-length: 16240
last-modified: Mon, 28 Nov 2022 18:30:04 GMT
vary: Accept-Encoding
etag: "6384fe2c-3f70"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
www.nbfcs.org/
23.254.229.241200 OK 6.0 kB IP 23.254.229.241:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (21931), with no line terminators
Hash b188c8c1e871126605db9abf4f02adb0
6810b1b9a2fb2f320bf419944b5af0173a36cad0
fa4fa31da9bd9592ca5e7434ff24b4a741212fc88bdbf3a19e09806cfffa9576
GET / HTTP/1.1
Host: www.nbfcs.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 11:44:59 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Next.js
ETag: "qn3uzg48fpgx7"
Vary: Accept-Encoding
Content-Encoding: gzip
interstitial-07.com/contents/s/48/ba/e5/e161e3384a866a93d6d3d760fc/0433175055728.png
139.45.197.153200 OK 30 kB URL HTTP/2 interstitial-07.com/contents/s/48/ba/e5/e161e3384a866a93d6d3d760fc/0433175055728.png
IP 139.45.197.153:0
File type PNG image data, 900 x 600, 8-bit/color RGBA, non-interlaced\012- data
Hash 48bae5e161e3384a866a93d6d3d760fc
d0076af2c67d882cd36549f6fa601a983d43eadf
507807204424d96c858e93d7bfef4e280ee5252a68be636c062d7844a1a9d022
GET /contents/s/48/ba/e5/e161e3384a866a93d6d3d760fc/0433175055728.png HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=UwklZTCC7U4f8LU&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D1560225293%26z%3D5673550%26b%3D15901695%26c%3D6368614%26var%3D%26d%3Dhttps%253A%252F%252Fwww.youtube.com%252Fwatch%253Fv%253DkFOvybLfhVI%2526t%253D6s%26cln%3D1%26btp%3D7%26rb%3DwyTstibK2kf5dsA_nN43ET22EsHKLVi00ZKKp3TJ25I0_dwaJLEsk7_MzXCs75ccp5Etw9Q4z8iDRhCwENRwFC5DD50ysMIqG1ScZ61Gsru-xwA3UF8BLNrM-mxN42c51CTUbF-8S5hi_e5J1JwLHnvq5qImmJ3HcS1_s4qroT7fnOqGtj3qsxmJh4brUrbnflTm4hS384o5sd7lw-Mw1kgkCyL2IwdQSic06GMlR2wmc8eGbd5Im1-yOcSQuvfKLcHAA0z0ncKCMeIkDfllOb-fZmfH8BMB5EGJ7bSwcLmYjxXtdjXdfpfvuze9NtcjjXhigtknSGMUUhberPcq2Aso4V91Wbusbo6HRIQ-OvKWP_T9I8ERzF1LDYPDCSGSTndEUsIXkLXqt0YvIyUAaFuiNIxJ_vg6RvAkbq81IeBVHkNsFpN2K9yy_mSV_LNtRtKtvffL2jupZYyxjTexpB2MlslG9c7OeUN4U-cGoIIcM7zoyBXm3wzjRwo18si_4A7BVcvj5qrahsi1ihaRw0Aw00W6FAHj8CRmkcw3AmsX_VS_8ugSrhF7aLs-LAB8MNFdS9QwLukVqQ-mLx3UmOwUz7n_2lfrrNRXp7-pNCX2-7TMAGUKP9DG51zsu2S-cN9cGXr0KXjcfLxcEWaMrg%3D%3D%26bag%3DFWuOy7mVj9dFk3oo3jPRgA%3D%3D%26ruid%3D2106e094-3e56-4f5b-a1da-f85ea96c62c7%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fzbnfps.cf%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 11:44:59 GMT
content-type: image/png
content-length: 29777
last-modified: Mon, 28 Nov 2022 18:29:58 GMT
vary: Accept-Encoding
etag: "6384fe26-7451"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dc657ca11062c12e6a82fe26f0bd49ec
22f46ad26de558c130630e331e890f2d99fbd73f
c5b94400964e1279c9ac8a67018aaa1fb05c1cfe9b0b5e54dd1ea78511b472de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5B94400964E1279C9AC8A67018AAA1FB05C1CFE9B0B5E54DD1EA78511B472DE"
Last-Modified: Mon, 23 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20328
Expires: Wed, 25 Jan 2023 17:23:47 GMT
Date: Wed, 25 Jan 2023 11:44:59 GMT
Connection: keep-alive
www.nbfcs.org/_next/static/css/684b39f62cded0db.css
23.254.229.241200 OK 6.4 kB URL HTTP/1.1 www.nbfcs.org/_next/static/css/684b39f62cded0db.css
IP 23.254.229.241:0
File type ASCII text, with very long lines (27619), with CRLF line terminators
Hash 8f6f8eb3b0994d1acbfa31c204f97cb0
c7f5a98f4889e4ebf3ef7fca1084ebf9c60eab96
31c04ae070593e8623484bbde04e4b844c9d0f96140a00dade6ac4ccf43935a6
GET /_next/static/css/684b39f62cded0db.css HTTP/1.1
Host: www.nbfcs.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nbfcs.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 11:44:59 GMT
Content-Type: text/css; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=31536000, immutable
Accept-Ranges: bytes
Last-Modified: Wed, 18 Jan 2023 14:04:26 GMT
ETag: W/"6c23-185c531fe87"
Vary: Accept-Encoding
Content-Encoding: gzip
www.nbfcs.org/_next/static/chunks/webpack-eeb1e4a6befe36e1.js
23.254.229.241200 OK 1.1 kB URL HTTP/1.1 www.nbfcs.org/_next/static/chunks/webpack-eeb1e4a6befe36e1.js
IP 23.254.229.241:0
File type ASCII text, with very long lines (2294), with no line terminators
Hash 7cfbabf34c73cf6212b4a24cd18e99ed
75f97eac124cf440762aca188bc7ae55d89b360d
ea54e1f54320f35ca88d4b844b40b303defdd4b28dfe7eacf0a48f43887c4a32
GET /_next/static/chunks/webpack-eeb1e4a6befe36e1.js HTTP/1.1
Host: www.nbfcs.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nbfcs.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 11:44:59 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=31536000, immutable
Accept-Ranges: bytes
Last-Modified: Wed, 18 Jan 2023 14:04:26 GMT
ETag: W/"8f6-185c531fe9b"
Vary: Accept-Encoding
Content-Encoding: gzip
arsnivyr.com/1?z=5673570
139.45.197.242200 OK 7.5 kB IP 139.45.197.242:0
Hash bf0b6dbc0e5e4afe67040bc1f26147e0
eca84627e94a297b5d9d4670cc439ed59087a9c3
d6096f07d8e7631f3025b3e62cc13ec42f78c98545d1f26d29f714d4a4d72702
GET /1?z=5673570 HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Cookie: scm=1; OAID=21c5a511ae97490b9e2c1da142212cb0; oaidts=1674647094; oaidvc=1; CNT=1_v1_E0TxAAEAAAC2S2Ri
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 11:44:57 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: cdad27bf6d998fffbb47bcf2c3d70566
access-control-expose-headers: X-Sc
set-cookie: OAID=21c5a511ae97490b9e2c1da142212cb0; expires=Thu, 25 Jan 2024 11:44:57 GMT; secure; SameSite=None
oaidts=1674647094; expires=Thu, 25 Jan 2024 11:44:57 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
unphionetor.com/vctx?t=72747
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vctx?t=72747
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /vctx?t=72747 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 25 Jan 2023 11:44:59 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: bfeded388c4ceb3f4b5a2db7fc2b2e14
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
www.nbfcs.org/_next/static/chunks/554-8e154f641094aae5.js
23.254.229.241200 OK 6.4 kB URL HTTP/1.1 www.nbfcs.org/_next/static/chunks/554-8e154f641094aae5.js
IP 23.254.229.241:0
File type ASCII text, with very long lines (28773), with no line terminators
Hash 59e24887f5a60c851516e207eb0c1248
4acefb4c45a8056f4d9f1ebdfda39f92e9d56009
ea4099e28e9846da0dddfcd1704e90f0cefa2ac31d4519463d5a6485a3330b0a
GET /_next/static/chunks/554-8e154f641094aae5.js HTTP/1.1
Host: www.nbfcs.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nbfcs.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 11:44:59 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=31536000, immutable
Accept-Ranges: bytes
Last-Modified: Wed, 18 Jan 2023 14:04:26 GMT
ETag: W/"7065-185c531fea7"
Vary: Accept-Encoding
Content-Encoding: gzip
www.nbfcs.org/_next/static/chunks/510-95033bf0c5e8ae7d.js
23.254.229.241200 OK 9.1 kB URL HTTP/1.1 www.nbfcs.org/_next/static/chunks/510-95033bf0c5e8ae7d.js
IP 23.254.229.241:0
File type ASCII text, with very long lines (24507), with no line terminators
Hash c9afdcc5726812a6e53924c2cc3dd308
8dc7e80ae881c27e629a5964ada697f1d50a21e1
556d4c3ca6ce59f3c07aa84b6a1a89dc7cae412d8e91cd61107bf6d42aadc645
GET /_next/static/chunks/510-95033bf0c5e8ae7d.js HTTP/1.1
Host: www.nbfcs.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nbfcs.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 11:44:59 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=31536000, immutable
Accept-Ranges: bytes
Last-Modified: Wed, 18 Jan 2023 14:04:26 GMT
ETag: W/"5fbb-185c531fea3"
Vary: Accept-Encoding
Content-Encoding: gzip
www.nbfcs.org/_next/static/chunks/675-b73f41980c39ec6a.js
23.254.229.241200 OK 4.0 kB URL HTTP/1.1 www.nbfcs.org/_next/static/chunks/675-b73f41980c39ec6a.js
IP 23.254.229.241:0
File type ASCII text, with very long lines (9695), with no line terminators
Hash b3c02e1fad26ce52b2c668a7a4d28cee
569685ce3b8247f5129b1c919c3a053c6ddc5dd9
c29babbe1453bd1bc3dc66e5d57024e097bf3826119f6e7347af63503907cfe2
GET /_next/static/chunks/675-b73f41980c39ec6a.js HTTP/1.1
Host: www.nbfcs.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nbfcs.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 11:44:59 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=31536000, immutable
Accept-Ranges: bytes
Last-Modified: Wed, 18 Jan 2023 14:04:26 GMT
ETag: W/"25df-185c531fea3"
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 91a583b63b5d4f57de87198ee87ff542
13f349404ffebaa2c9058c4358954b44b386ca96
cdee7be7510ecb8ef783be3da3cc2ed2cc3f7cf8c95aa190179fed3ae9b2a415
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2961
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 11:44:59 GMT
Last-Modified: Wed, 25 Jan 2023 10:55:38 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 279
www.nbfcs.org/_next/static/chunks/main-9bf4c2cf7c353ef0.js
23.254.229.241200 OK 35 kB URL HTTP/1.1 www.nbfcs.org/_next/static/chunks/main-9bf4c2cf7c353ef0.js
IP 23.254.229.241:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash ec75f4a553ad6ba12bd1a09ccb06fe0f
72ea52608d3768bf396189607b7a374a60992a84
9180ad39779c801c05be91b1df046e8712b6325e1404fa691e9053ddfbfcb883
GET /_next/static/chunks/main-9bf4c2cf7c353ef0.js HTTP/1.1
Host: www.nbfcs.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nbfcs.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 11:44:59 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=31536000, immutable
Accept-Ranges: bytes
Last-Modified: Wed, 18 Jan 2023 14:04:26 GMT
ETag: W/"1ce12-185c531fe87"
Vary: Accept-Encoding
Content-Encoding: gzip
www.nbfcs.org/_next/static/chunks/142-4eeb76513e56b47d.js
23.254.229.241200 OK 4.1 kB URL HTTP/1.1 www.nbfcs.org/_next/static/chunks/142-4eeb76513e56b47d.js
IP 23.254.229.241:0
File type ASCII text, with very long lines (11209), with no line terminators
Hash a6de8a29c8a2d58309f2b9f5636a74d4
f47d921080dc687019f6d7e7ea9468312fc4dd43
b32c259c08e464c37a1d8ceb19eebbd748469d1d201e2f23e3b70ca3bcb40ee4
GET /_next/static/chunks/142-4eeb76513e56b47d.js HTTP/1.1
Host: www.nbfcs.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nbfcs.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 11:44:59 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=31536000, immutable
Accept-Ranges: bytes
Last-Modified: Wed, 18 Jan 2023 14:04:26 GMT
ETag: W/"2bc9-185c531fea7"
Vary: Accept-Encoding
Content-Encoding: gzip
www.nbfcs.org/_next/static/chunks/pages/index-e03b0d8901133460.js
23.254.229.241200 OK 18 kB URL HTTP/1.1 www.nbfcs.org/_next/static/chunks/pages/index-e03b0d8901133460.js
IP 23.254.229.241:0
File type ASCII text, with very long lines (57773), with no line terminators
Hash 44ff1bd1b591e18f765a264e3618f9e5
e3860182c7414d526b639488bce4edaa2bd12ed2
43739d3da7f302b20db71871400a638d0ef2a1bf894c8b500b51b3fa4b41ffd5
GET /_next/static/chunks/pages/index-e03b0d8901133460.js HTTP/1.1
Host: www.nbfcs.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nbfcs.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 11:44:59 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=31536000, immutable
Accept-Ranges: bytes
Last-Modified: Wed, 18 Jan 2023 14:04:26 GMT
ETag: W/"e1ad-185c531fe97"
Vary: Accept-Encoding
Content-Encoding: gzip
www.nbfcs.org/_next/static/ruFHP-tIocITkF9tBZwCv/_buildManifest.js
23.254.229.241200 OK 929 B URL HTTP/1.1 www.nbfcs.org/_next/static/ruFHP-tIocITkF9tBZwCv/_buildManifest.js
IP 23.254.229.241:0
File type ASCII text, with very long lines (2576), with no line terminators
Hash 3a1c18269615bccdc2509eb5ed38bb9c
174f2072a54bdbebb43e11427d0fcfeea88f577f
d836a0d2017500a8671a435a13382679482118a77618ab7ebf278c6146ec300b
GET /_next/static/ruFHP-tIocITkF9tBZwCv/_buildManifest.js HTTP/1.1
Host: www.nbfcs.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nbfcs.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 11:44:59 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=31536000, immutable
Accept-Ranges: bytes
Last-Modified: Wed, 18 Jan 2023 14:04:26 GMT
ETag: W/"a10-185c531fe87"
Vary: Accept-Encoding
Content-Encoding: gzip
www.nbfcs.org/_next/static/chunks/framework-4556c45dd113b893.js
23.254.229.241200 OK 45 kB URL HTTP/1.1 www.nbfcs.org/_next/static/chunks/framework-4556c45dd113b893.js
IP 23.254.229.241:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 828d2085295ecc1a26daac2042176dd3
1321a70d7499f927489b164a3a7ba3d49c5ef066
5347335eb87a340da6f347359ca03c7bfc9e2135448556ac64e17c83c051ba13
GET /_next/static/chunks/framework-4556c45dd113b893.js HTTP/1.1
Host: www.nbfcs.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nbfcs.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 11:44:59 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=31536000, immutable
Accept-Ranges: bytes
Last-Modified: Wed, 18 Jan 2023 14:04:26 GMT
ETag: W/"22682-185c531fe9f"
Vary: Accept-Encoding
Content-Encoding: gzip
tzegilo.com/stattag.js
172.67.141.224200 OK 30 kB IP 172.67.141.224:0
File type ASCII text, with very long lines (13121), with no line terminators
Hash ff7b6ed24412f0fc6762e1595920d5f2
3fe673321b4b4517d27d0e3aa80b6b9f04dde1df
f9a5a74ce6af6182b1c2bb0e0d98a383b35bd40a5a2b4f615f634516fd6c7a82
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 25 Jan 2023 11:44:58 GMT
content-type: application/javascript
last-modified: Thu, 29 Dec 2022 16:01:28 GMT
etag: W/"63adb9d8-3341"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 1073
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=87yu%2BAersQ3Jveh1hQ10aiBlAG%2F1ZIXPon%2BtjBd4acaisogD0kTl6SHDdnMRxMvK6mOaEZtY3l7NV3JHWP8ki5MipQFXOQCjUHsu2LW0xiPJfV7DLBzo4V6d%2FKw8%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78f0c28fbd5db4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1005c9e99dc8d4390861d6730c7a403b
0e3858ae26a1c01e0160e3b60e400bea202ebd05
4ff7ceb81a3dad4fefd3a15ece4ce13898624c01bf5a0cb4fdd90958978ed6b9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 11:44:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.nbfcs.org/_next/static/ruFHP-tIocITkF9tBZwCv/_ssgManifest.js
23.254.229.241200 OK 77 B URL HTTP/1.1 www.nbfcs.org/_next/static/ruFHP-tIocITkF9tBZwCv/_ssgManifest.js
IP 23.254.229.241:0
File type ASCII text, with no line terminators
Hash b6652df95db52feb4daf4eca35380933
65451d110137761b318c82d9071c042db80c4036
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
GET /_next/static/ruFHP-tIocITkF9tBZwCv/_ssgManifest.js HTTP/1.1
Host: www.nbfcs.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nbfcs.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 11:44:59 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 77
Connection: keep-alive
Cache-Control: public, max-age=31536000, immutable
Accept-Ranges: bytes
Last-Modified: Wed, 18 Jan 2023 14:04:26 GMT
ETag: W/"4d-185c531fe83"
Vary: Accept-Encoding
www.nbfcs.org/_next/static/chunks/pages/_app-5a5c4413a32c48e1.js
23.254.229.241200 OK 112 kB URL HTTP/1.1 www.nbfcs.org/_next/static/chunks/pages/_app-5a5c4413a32c48e1.js
IP 23.254.229.241:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 112 kB (111515 bytes)
Hash 16a366f3cabd55655b6cc380c6c461c0
a1905119c10a3971af21adbfe2ab7fd0a352aa7d
b2d437222fca7c9ef3420dccf373def971d64dbcf6dcec25a55653f2d222ed54
GET /_next/static/chunks/pages/_app-5a5c4413a32c48e1.js HTTP/1.1
Host: www.nbfcs.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nbfcs.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 11:44:59 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=31536000, immutable
Accept-Ranges: bytes
Last-Modified: Wed, 18 Jan 2023 14:04:26 GMT
ETag: W/"59123-185c531fe87"
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 47d71bf163265666c21e2410fb568043
54a4b0f241af261f878967ce058f5885be476cc4
8b7ce4c8269941cf55ca12415b1abfd7d4ae7bf5823657f3afe5e8dd34bed80b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 11:44:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3e7fdf1ab4be9ee80518d0400683f0d3
dd2ec6511ba05e7fb89d32a1ad407db5eaa1520b
eb789178a0b528aad87a5bf0d05aecd45e7623ebaf198820f9310887757e1d5f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 11:44:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__en.js
142.250.74.35200 OK 164 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__en.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (636)
Size 164 kB (163892 bytes)
Hash f2995e9cc3eedf3359420fb8d714b2ca
bdc68875ff161b35dbe9d8d85241e41c862ec8e3
fbe663b4f0f239aca19a5a2720c2b494ac58a53e0d68288155eb772ae04935c1
GET /recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://zbnfps.cf
Connection: keep-alive
Referer: https://zbnfps.cf/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163892
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 15:41:18 GMT
expires: Wed, 24 Jan 2024 15:41:18 GMT
cache-control: public, max-age=31536000
age: 72221
last-modified: Mon, 16 Jan 2023 01:02:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.nbfcs.org/api/authUser
23.254.229.241200 OK 2 B URL HTTP/1.1 www.nbfcs.org/api/authUser
IP 23.254.229.241:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
GET /api/authUser HTTP/1.1
Host: www.nbfcs.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nbfcs.org/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 11:44:59 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 2
Connection: keep-alive
X-Powered-By: Express
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3e7fdf1ab4be9ee80518d0400683f0d3
dd2ec6511ba05e7fb89d32a1ad407db5eaa1520b
eb789178a0b528aad87a5bf0d05aecd45e7623ebaf198820f9310887757e1d5f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 11:44:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
translate.googleapis.com/translate_static/css/translateelement.css
142.250.74.138200 OK 3.6 kB URL HTTP/2 translate.googleapis.com/translate_static/css/translateelement.css
IP 142.250.74.138:0
File type ASCII text, with very long lines (22967)
Hash f7bf2121608909b56672e6398ac2335c
864ef3bac46b08ab6609fad23f00d5f09815647d
b9d3a8600d9b6edf9c71b793c42782282ecfb01e2026e0128608b949e91e152c
GET /translate_static/css/translateelement.css HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3632
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 10:57:38 GMT
expires: Wed, 25 Jan 2023 11:57:38 GMT
cache-control: public, max-age=3600
age: 2841
last-modified: Mon, 09 Jan 2023 20:58:00 GMT
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/anchor?ar=1&k=6LfEXOQjAAAAABrzrXbC1Bq1e1Dg19kXbbzIJoOg&co=aHR0cHM6Ly96Ym5mcHMuY2Y6NDQz&hl=en&v=Gg72x2_SHmxi8X0BLo33HMpr&size=invisible&cb=cws5fms1l0bl
142.250.74.164200 OK 23 kB URL HTTP/2 www.google.com/recaptcha/api2/anchor?ar=1&k=6LfEXOQjAAAAABrzrXbC1Bq1e1Dg19kXbbzIJoOg&co=aHR0cHM6Ly96Ym5mcHMuY2Y6NDQz&hl=en&v=Gg72x2_SHmxi8X0BLo33HMpr&size=invisible&cb=cws5fms1l0bl
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (35097)
Hash 09c65b67fbc2ffbdb77fe08b9aa79577
188e66370c64d5608f0609d40c06ea4c5dea01a7
44512ad0c52f44209894e5066a8b9183493d22e39fb4fc379b57b1d8a125e564
GET /recaptcha/api2/anchor?ar=1&k=6LfEXOQjAAAAABrzrXbC1Bq1e1Dg19kXbbzIJoOg&co=aHR0cHM6Ly96Ym5mcHMuY2Y6NDQz&hl=en&v=Gg72x2_SHmxi8X0BLo33HMpr&size=invisible&cb=cws5fms1l0bl HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 25 Jan 2023 11:44:59 GMT
content-security-policy: script-src 'nonce-_ifzC_4ak7tl3LPvpOkJgQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 22581
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbl?t=72747&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 25 Jan 2023 11:44:59 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: cced19f371f9ec70e9171e69db29886e
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
www.nbfcs.org/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fform.e5986808.png&w=640&q=75
23.254.229.241200 OK 8.9 kB URL HTTP/1.1 www.nbfcs.org/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fform.e5986808.png&w=640&q=75
IP 23.254.229.241:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 18293f3c0452895c1c3a222f65f87bc1
518b919779481eab098c975a0e1d327d13e18077
3ca64d58b362f06f982c2bafa478478ca36713375b2fc4542394fcc413e40f35
GET /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fform.e5986808.png&w=640&q=75 HTTP/1.1
Host: www.nbfcs.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nbfcs.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 11:44:59 GMT
Content-Type: image/webp
Content-Length: 8854
Connection: keep-alive
Vary: Accept
Cache-Control: public, max-age=315360000, immutable
ETag: PKZNWLNi8G+YLCuvpHhHjKNnEzdbL8RUI5T8xBPkDzU=
Content-Disposition: inline; filename="form.webp"
Content-Security-Policy: script-src 'none'; frame-src 'none'; sandbox;
X-Nextjs-Cache: HIT
www.nbfcs.org/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fworld.c12e01af.png&w=1200&q=75
23.254.229.241200 OK 37 kB URL HTTP/1.1 www.nbfcs.org/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fworld.c12e01af.png&w=1200&q=75
IP 23.254.229.241:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 76341a391d7dab85dd7d219410e9718b
5e4be2c4616b9893339a0e19d1e1765e34fcc8c4
99b87290fdd4a0692eb23a380eb2c7c4e40ca3fc5f5e7702bdb41e9018b56b74
GET /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fworld.c12e01af.png&w=1200&q=75 HTTP/1.1
Host: www.nbfcs.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nbfcs.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 11:44:59 GMT
Content-Type: image/webp
Content-Length: 37200
Connection: keep-alive
Vary: Accept
Cache-Control: public, max-age=315360000, immutable
ETag: mbhykP3UoGkusjo4DrLHxOQMo-xfXncCvbQekBi1a3Q=
Content-Disposition: inline; filename="world.webp"
Content-Security-Policy: script-src 'none'; frame-src 'none'; sandbox;
X-Nextjs-Cache: HIT
www.nbfcs.org/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fus.2cafd197.png&w=750&q=75
23.254.229.241200 OK 32 kB URL HTTP/1.1 www.nbfcs.org/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fus.2cafd197.png&w=750&q=75
IP 23.254.229.241:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 746x478, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 975d5adf70ce77384e3238bf72f00e96
0e188e26a0bb4ca0b5d2748ce0704d9b2e814714
df49b0eb8da8fbc1ac0b6d7e4773e6299d8e242dd3b18101bab092661cd870aa
GET /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fus.2cafd197.png&w=750&q=75 HTTP/1.1
Host: www.nbfcs.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nbfcs.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 25 Jan 2023 11:44:59 GMT
Content-Type: image/webp
Content-Length: 32380
Connection: keep-alive
Vary: Accept
Cache-Control: public, max-age=315360000, immutable
ETag: 30mw642o+8GsC21+R3PmKZ2OJC3TsYEBurCSZhzYcKo=
Content-Disposition: inline; filename="us.webp"
Content-Security-Policy: script-src 'none'; frame-src 'none'; sandbox;
X-Nextjs-Cache: HIT
fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
142.250.74.35200 OK 46 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 46524, version 1.0\012- data
Hash c1fd378f54921c75e4ae1821e7b8fff6
2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
GET /s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.nbfcs.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 03:37:22 GMT
expires: Thu, 25 Jan 2024 03:37:22 GMT
cache-control: public, max-age=31536000
age: 29258
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/images/branding/product/1x/translate_24dp.png
142.250.74.35200 OK 846 B URL HTTP/2 www.gstatic.com/images/branding/product/1x/translate_24dp.png
IP 142.250.74.35:0
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash e9cd262114358f26b7608b56905185dc
6dbde0a96deaab2b529723ce26c62043cf9180ab
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
GET /images/branding/product/1x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 846
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 12:53:47 GMT
expires: Tue, 23 Jan 2024 12:53:47 GMT
cache-control: public, max-age=31536000
age: 168673
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/images/branding/product/2x/translate_24dp.png
142.250.74.35200 OK 1.8 kB URL HTTP/2 www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP 142.250.74.35:0
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://translate.googleapis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 16:07:41 GMT
expires: Tue, 23 Jan 2024 16:07:41 GMT
cache-control: public, max-age=31536000
age: 157039
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/api2/logo_48.png
142.250.74.35200 OK 2.2 kB URL HTTP/2 www.gstatic.com/recaptcha/api2/logo_48.png
IP 142.250.74.35:0
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 18:48:55 GMT
expires: Tue, 31 Jan 2023 18:48:55 GMT
cache-control: public, max-age=604800
age: 60965
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/webworker.js?hl=en&v=Gg72x2_SHmxi8X0BLo33HMpr
142.250.74.164200 OK 112 B URL HTTP/2 www.google.com/recaptcha/api2/webworker.js?hl=en&v=Gg72x2_SHmxi8X0BLo33HMpr
IP 142.250.74.164:0
File type ASCII text, with no line terminators
Hash 9b49aa875be57db985c91eefa608786b
857c3a1800678abbbfdc2acc147daa6339c3aea2
7d75b044e459ac0ebf1915879bfb6468c034a39e39790ece9719dab921614c3f
GET /recaptcha/api2/webworker.js?hl=en&v=Gg72x2_SHmxi8X0BLo33HMpr HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfEXOQjAAAAABrzrXbC1Bq1e1Dg19kXbbzIJoOg&co=aHR0cHM6Ly96Ym5mcHMuY2Y6NDQz&hl=en&v=Gg72x2_SHmxi8X0BLo33HMpr&size=invisible&cb=cws5fms1l0bl
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
expires: Wed, 25 Jan 2023 11:45:00 GMT
date: Wed, 25 Jan 2023 11:45:00 GMT
cache-control: private, max-age=300
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 112
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ibrapush.com/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zbnfps.cf/
Content-Type: application/json
Origin: https://zbnfps.cf
Content-Length: 664
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 11:45:00 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: d1733843b975ea3a81d0b0a19979f0b7
access-control-allow-origin: https://zbnfps.cf
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/reload?k=6LfEXOQjAAAAABrzrXbC1Bq1e1Dg19kXbbzIJoOg
142.250.74.164200 OK 19 kB URL HTTP/2 www.google.com/recaptcha/api2/reload?k=6LfEXOQjAAAAABrzrXbC1Bq1e1Dg19kXbbzIJoOg
IP 142.250.74.164:0
File type ASCII text, with very long lines (32890)
Hash 2b6392e65c1a852e8eef82cd5b6b0fe5
163e7d4e9806cf46080f9e98d4fb1f16b6287f86
9d5a11d6ec4740972309dca9287e7493653f5343d71c04afe091c10061d06b23
POST /recaptcha/api2/reload?k=6LfEXOQjAAAAABrzrXbC1Bq1e1Dg19kXbbzIJoOg HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-protobuffer
Content-Length: 6737
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfEXOQjAAAAABrzrXbC1Bq1e1Dg19kXbbzIJoOg&co=aHR0cHM6Ly96Ym5mcHMuY2Y6NDQz&hl=en&v=Gg72x2_SHmxi8X0BLo33HMpr&size=invisible&cb=cws5fms1l0bl
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
content-encoding: gzip
date: Wed, 25 Jan 2023 11:45:00 GMT
expires: Wed, 25 Jan 2023 11:45:00 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 18870
server: GSE
set-cookie: _GRECAPTCHA=09AOOcfwuB9ZXMlo-ZzbVEUVHteV1dUcEb_UOUqWgB-vQo1L5ZDv382jG2EhT54vQPxGKnNgFwYvFYDB0d-h-5f-A;Path=/recaptcha;Expires=Mon, 24-Jul-2023 11:45:00 GMT;Secure;HttpOnly;Priority=HIGH;SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
zbnfps.cf/wp-content/uploads/2022/12/cropped-zkkBoost-1-32x32.png
45.152.46.6200 OK 1.2 kB URL HTTP/2 zbnfps.cf/wp-content/uploads/2022/12/cropped-zkkBoost-1-32x32.png
IP 45.152.46.6:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash dda7f81760e89191fbc4125c3bfc0038
83c1078ebb9de782048833408179bcf9547509b1
2ea25b56cc605cb60c4af1b0f2a4c097c2460b2a8459843a49c5f569fb64b337
GET /wp-content/uploads/2022/12/cropped-zkkBoost-1-32x32.png HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Cookie: gt_auto_switch=1; _lscache_vary=94e5bf7938206be54e1bc9042eabefb5; prefetchAd_5673552=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:45:01 GMT
content-type: image/png
last-modified: Thu, 29 Dec 2022 06:34:44 GMT
etag: "4ad-63ad3504-7c348f41947811b6;;;"
accept-ranges: bytes
content-length: 1197
date: Wed, 25 Jan 2023 11:45:01 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/wp-content/uploads/2022/12/cropped-zkkBoost-1-192x192.png
45.152.46.6200 OK 9.0 kB URL HTTP/2 zbnfps.cf/wp-content/uploads/2022/12/cropped-zkkBoost-1-192x192.png
IP 45.152.46.6:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash e1693d6af38acaf4e6e9c8d211e0daba
9baf49dee9cae6498b6e584c5deccf843c32d87a
5f8a31e434ebc08864c2a24d40f2544d98fcf809a3b3baff53e299ccc8f7ec6a
GET /wp-content/uploads/2022/12/cropped-zkkBoost-1-192x192.png HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Cookie: gt_auto_switch=1; _lscache_vary=94e5bf7938206be54e1bc9042eabefb5; prefetchAd_5673552=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:45:01 GMT
content-type: image/png
last-modified: Thu, 29 Dec 2022 06:34:44 GMT
etag: "234b-63ad3504-47a98d614a14d09e;;;"
accept-ranges: bytes
content-length: 9035
date: Wed, 25 Jan 2023 11:45:01 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/wp-content/uploads/2023/01/kisspng-drawing-computer-software-application-software-cus-5d4b8c2073b722.851695851565232160474-1.png
45.152.46.6200 OK 0 B URL HTTP/2 zbnfps.cf/wp-content/uploads/2023/01/kisspng-drawing-computer-software-application-software-cus-5d4b8c2073b722.851695851565232160474-1.png
IP 45.152.46.6:0
GET /wp-content/uploads/2023/01/kisspng-drawing-computer-software-application-software-cus-5d4b8c2073b722.851695851565232160474-1.png HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Cookie: gt_auto_switch=1; _lscache_vary=94e5bf7938206be54e1bc9042eabefb5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:59 GMT
content-type: image/png
last-modified: Thu, 19 Jan 2023 06:34:13 GMT
etag: "3d636a-63c8e465-15e9ed82181a4f3b;;;"
accept-ranges: bytes
content-length: 4023146
date: Wed, 25 Jan 2023 11:44:59 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
arsnivyr.com/9?z=5673570&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fzbnfps.cf%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=21c5a511ae97490b9e2c1da142212cb0
139.45.197.242200 OK 0 B URL HTTP/2 arsnivyr.com/9?z=5673570&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fzbnfps.cf%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=21c5a511ae97490b9e2c1da142212cb0
IP 139.45.197.242:0
POST /9?z=5673570&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fzbnfps.cf%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=21c5a511ae97490b9e2c1da142212cb0 HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 82
Origin: https://zbnfps.cf
Connection: keep-alive
Referer: https://zbnfps.cf/
Cookie: scm=1; OAID=21c5a511ae97490b9e2c1da142212cb0; oaidts=1674647094; oaidvc=1; CNT=1_v1_E0TxAAEAAAC2S2Ri
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 11:44:58 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://zbnfps.cf
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: 4a223e7d929a6b820571063c7c54efc9
access-control-expose-headers: X-Sc
set-cookie: OAID=21c5a511ae97490b9e2c1da142212cb0; expires=Thu, 25 Jan 2024 11:44:58 GMT; secure; SameSite=None
oaidts=1674647094; expires=Thu, 25 Jan 2024 11:44:58 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
betotodilea.com/500/5673549?excludes=&oaid=21c5a511ae97490b9e2c1da142212cb0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fzbnfps.cf%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL HTTP/2 betotodilea.com/500/5673549?excludes=&oaid=21c5a511ae97490b9e2c1da142212cb0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fzbnfps.cf%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
GET /500/5673549?excludes=&oaid=21c5a511ae97490b9e2c1da142212cb0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fzbnfps.cf%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://zbnfps.cf
Connection: keep-alive
Referer: https://zbnfps.cf/
Cookie: OAID=48d719fd53164ae9aa60c3c03a385fe4
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 11:44:59 GMT
content-type: application/javascript
x-trace-id: 45ad5d4cecaa1a61459c690d05e8d20b
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://zbnfps.cf
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=21c5a511ae97490b9e2c1da142212cb0; expires=Thu, 25 Jan 2024 11:44:59 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700&family=Raleway:wght@400;500;600;700;800&display=swap
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700&family=Raleway:wght@400;500;600;700;800&display=swap
IP 142.250.74.106:0
GET /css2?family=Montserrat:wght@400;500;600;700&family=Raleway:wght@400;500;600;700;800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nbfcs.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 25 Jan 2023 11:44:59 GMT
date: Wed, 25 Jan 2023 11:44:59 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
zbnfps.cf/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
45.152.46.6200 OK 0 B URL HTTP/2 zbnfps.cf/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 45.152.46.6:0
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Cookie: gt_auto_switch=1; _lscache_vary=94e5bf7938206be54e1bc9042eabefb5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31557600
expires: Thu, 25 Jan 2024 17:44:58 GMT
content-type: application/x-javascript
last-modified: Tue, 06 Dec 2022 06:41:15 GMT
etag: "459f-638ee40b-f198d5d6d18d55e;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6292
date: Wed, 25 Jan 2023 11:44:58 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zbnfps.cf/
45.152.46.6200 OK 0 B IP 45.152.46.6:0
GET / HTTP/1.1
Host: zbnfps.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: gt_auto_switch=1; _lscache_vary=94e5bf7938206be54e1bc9042eabefb5
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-powered-by: PHP/7.4.32
content-type: text/html; charset=UTF-8
x-ua-compatible: IE=edge
link: <https://zbnfps.cf/wp-json/>; rel="https://api.w.org/", <https://zbnfps.cf/wp-json/wp/v2/pages/15>; rel="alternate"; type="application/json", <https://zbnfps.cf/>; rel=shortlink
x-litespeed-cache-control: public,max-age=604800
x-litespeed-tag: 9ad_HTTP.200,9ad_front,9ad_URL.6666cd76f96956469e7be39d750cc7d9,9ad_F,9ad_Po.15,9ad_PGS,9ad_
etag: "2136-1674647097;br"
x-litespeed-cache: miss
content-encoding: br
vary: Accept-Encoding
date: Wed, 25 Jan 2023 11:44:57 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
arsnivyr.com/27/7032fd23f7825e75f6f79a3de91ed077
139.45.197.242200 OK 0 B URL HTTP/2 arsnivyr.com/27/7032fd23f7825e75f6f79a3de91ed077
IP 139.45.197.242:0
GET /27/7032fd23f7825e75f6f79a3de91ed077 HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Cookie: scm=1; OAID=4521fc1787354b4285ad4572fb508ba9; oaidts=1674647094
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 11:44:55 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
cache-control: max-age:290304000, public
last-modified: Tue, 24 Jan 2023 07:37:20 GMT
expires: Tue, 23 Feb 2083 07:37:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
bedrapiona.com/5/5673552/?oo=1&js_build=iclick-v1.473.0
139.45.197.234200 OK 0 B URL HTTP/2 bedrapiona.com/5/5673552/?oo=1&js_build=iclick-v1.473.0
IP 139.45.197.234:0
GET /5/5673552/?oo=1&js_build=iclick-v1.473.0 HTTP/1.1
Host: bedrapiona.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://zbnfps.cf
Connection: keep-alive
Referer: https://zbnfps.cf/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 11:44:55 GMT
content-type: application/json
x-trace-id: df3565200aa7ac943878a589c0008d5a
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://zbnfps.cf
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=8509edea9eb943cf80ec2eee439cbd57; expires=Thu, 25 Jan 2024 11:44:55 GMT; path=/; secure; SameSite=None
oaidts=1674647095; expires=Thu, 25 Jan 2024 11:44:55 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
ibrapush.com/pfe/current/tag.min.js?z=5673551
139.45.197.250200 OK 0 B URL HTTP/2 ibrapush.com/pfe/current/tag.min.js?z=5673551
IP 139.45.197.250:0
GET /pfe/current/tag.min.js?z=5673551 HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 11:44:58 GMT
content-type: application/javascript
last-modified: Tue, 24 Jan 2023 14:31:33 GMT
etag: W/"63cfebc5-390a"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
link: <https://my.rtmark.net>; rel=dns-prefetch;, <https://my.rtmark.net>; rel=preconnect
content-encoding: gzip
X-Firefox-Spdy: h2
ibrapush.com/pfe/current/universal.min.js?v=3.1.413
139.45.197.250200 OK 0 B URL HTTP/2 ibrapush.com/pfe/current/universal.min.js?v=3.1.413
IP 139.45.197.250:0
GET /pfe/current/universal.min.js?v=3.1.413 HTTP/1.1
Host: ibrapush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://zbnfps.cf/
Origin: https://zbnfps.cf
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 11:44:58 GMT
content-type: application/javascript
last-modified: Tue, 24 Jan 2023 14:31:33 GMT
etag: W/"63cfebc5-18c6c"
access-control-allow-origin: https://zbnfps.cf
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
arsnivyr.com/9?z=5673570&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fzbnfps.cf%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=21c5a511ae97490b9e2c1da142212cb0
139.45.197.242200 OK 0 B URL HTTP/2 arsnivyr.com/9?z=5673570&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fzbnfps.cf%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=21c5a511ae97490b9e2c1da142212cb0
IP 139.45.197.242:0
POST /9?z=5673570&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fzbnfps.cf%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=21c5a511ae97490b9e2c1da142212cb0 HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 82
Origin: https://zbnfps.cf
Connection: keep-alive
Referer: https://zbnfps.cf/
Cookie: scm=1; OAID=4521fc1787354b4285ad4572fb508ba9; oaidts=1674647094
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 11:44:55 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://zbnfps.cf
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: 81fe0c86aac257801ee5a313b48e4465
access-control-expose-headers: X-Sc
set-cookie: OAID=21c5a511ae97490b9e2c1da142212cb0; expires=Thu, 25 Jan 2024 11:44:55 GMT; secure; SameSite=None
oaidts=1674647094; expires=Thu, 25 Jan 2024 11:44:55 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2
142.250.74.78200 OK 0 B URL HTTP/2 translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2
IP 142.250.74.78:0
GET /translate_a/element.js?cb=googleTranslateElementInit2 HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 25 Jan 2023 11:44:59 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+863; expires=Fri, 24-Jan-2025 11:44:59 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
arsnivyr.com/27/7032fd23f7825e75f6f79a3de91ed077
139.45.197.242200 OK 0 B URL HTTP/2 arsnivyr.com/27/7032fd23f7825e75f6f79a3de91ed077
IP 139.45.197.242:0
GET /27/7032fd23f7825e75f6f79a3de91ed077 HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zbnfps.cf/
Cookie: scm=1; OAID=21c5a511ae97490b9e2c1da142212cb0; oaidts=1674647094; oaidvc=1; CNT=1_v1_E0TxAAEAAAC2S2Ri
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 11:44:58 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
cache-control: max-age:290304000, public
last-modified: Tue, 24 Jan 2023 07:37:20 GMT
expires: Tue, 23 Feb 2083 07:37:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2