Overview

URLmkkuei4kdsz.com/714/900.html
IP 64.225.91.73 (United States)
ASN#14061 DIGITALOCEAN-ASN
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-07 20:27:01 UTC
StatusLoading report..
IDS alerts0
Blocklist alert5
urlquery alerts No alerts detected
Tags None

Domain Summary (44)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
static.hotjar.com (1) 641 2014-11-01 05:14:27 UTC 2022-12-06 17:12:17 UTC 143.204.55.37
e1.o.lencr.org (1) 6159 2021-08-20 07:36:30 UTC 2022-12-06 17:12:18 UTC 23.36.77.32
d.impactradius-event.com (1) 2612 2016-11-05 16:00:49 UTC 2022-12-06 20:00:12 UTC 35.186.249.72
www.google-analytics.com (1) 40 2012-05-21 09:41:50 UTC 2022-12-06 23:17:44 UTC 142.250.74.46
vars.hotjar.com (1) 1014 2020-11-05 10:13:14 UTC 2022-12-07 01:05:05 UTC 143.204.55.101
www.google.no (1) 25607 2012-06-26 23:22:08 UTC 2022-12-06 20:15:41 UTC 142.250.74.163
www.google.com (1) 7 2012-11-08 00:08:21 UTC 2022-12-06 23:42:40 UTC 142.250.74.132
r3.o.lencr.org (8) 344 2020-12-02 08:52:13 UTC 2022-12-06 17:12:17 UTC 23.36.76.226
cdnjs.cloudflare.com (2) 235 2012-05-23 12:49:49 UTC 2022-12-06 18:26:00 UTC 104.17.25.14
img.sedoparking.com (1) 54200 2013-04-22 22:23:29 UTC 2022-12-06 18:11:03 UTC 205.234.175.175
img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-12-06 17:31:54 UTC 34.120.237.76
connect.facebook.net (1) 139 2012-05-22 02:51:28 UTC 2022-12-06 17:12:12 UTC 157.240.247.8
xml.sedodna.com (1) 278378 2020-10-22 08:18:03 UTC 2022-12-06 22:36:11 UTC 173.239.53.32
www.globalconsumerwinner.com (1) 0 2016-06-09 10:30:14 UTC 2022-12-06 06:58:52 UTC 137.74.65.7 Domain (globalconsumerwinner.com) ranked at: 237634
socialplugin.facebook.net (1) 0 2022-07-19 20:27:01 UTC 2022-12-06 18:11:15 UTC 31.13.72.8 Domain (facebook.net) ranked at: 20561
ocsp.digicert.com (5) 86 2012-05-21 07:02:23 UTC 2022-12-06 21:45:35 UTC 93.184.220.29
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-12-06 17:19:43 UTC 52.34.4.233
www.googletagmanager.com (1) 75 2012-10-04 01:07:32 UTC 2022-12-06 23:57:23 UTC 172.217.21.168
cdn.sur.ly (1) 167578 2015-11-05 11:50:36 UTC 2022-12-06 05:42:20 UTC 172.67.74.235
stats.g.doubleclick.net (1) 96 2012-07-01 17:13:23 UTC 2022-12-06 18:18:53 UTC 108.177.14.154
vc.hotjar.io (1) 2334 2019-04-16 10:33:25 UTC 2022-12-06 17:12:42 UTC 54.230.111.91
content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-12-06 17:17:39 UTC 34.160.144.191
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-12-06 17:13:17 UTC 34.117.237.239
domaincntrol.com (1) 274993 2018-01-06 22:46:59 UTC 2022-12-06 23:36:53 UTC 104.26.11.61
ww2.mkkuei4kdsz.com (4) 0 2022-01-21 14:07:05 UTC 2022-12-06 18:04:51 UTC 64.190.63.136 Unknown ranking
appsbd.com (4) 169900 2015-09-26 04:11:06 UTC 2016-01-31 10:57:57 UTC 104.21.26.128
script.hotjar.com (1) 887 2020-11-05 10:02:45 UTC 2022-12-07 01:05:05 UTC 143.204.55.40
region1.google-analytics.com (1) 0 2022-03-17 11:26:33 UTC 2022-12-06 20:46:34 UTC 216.239.34.36 Domain (google-analytics.com) ranked at: 8401
mkkuei4kdsz.com (1) 0 2012-11-29 20:21:30 UTC 2022-12-06 23:58:49 UTC 64.225.91.73 Unknown ranking
globalconsumerwinner.com (1) 237634 2015-03-13 23:00:20 UTC 2022-12-06 06:59:08 UTC 137.74.65.7
ocsp.pki.goog (18) 175 2017-06-14 07:23:31 UTC 2022-12-06 17:12:08 UTC 142.250.74.131
ws12.hotjar.com (2) 63207 2020-10-19 15:11:26 UTC 2022-12-07 06:15:59 UTC 52.210.93.54
in.hotjar.com (1) 1746 2018-07-03 09:33:18 UTC 2022-12-06 17:12:17 UTC 99.80.127.52
ocsp.sca1b.amazontrust.com (1) 1015 2016-02-14 02:37:56 UTC 2019-03-27 04:05:54 UTC 143.204.42.156
firefox.settings.services.mozilla.com (2) 867 2020-05-25 20:06:39 UTC 2022-12-06 17:12:34 UTC 35.241.9.150
mybettermb.com (1) 0 2022-11-02 11:39:39 UTC 2022-12-07 01:55:01 UTC 108.168.193.189 Unknown ranking
r.srvtrck.com (1) 45104 2015-03-03 12:59:37 UTC 2022-12-06 22:26:50 UTC 104.19.168.96
www.appsbd.com (1) 0 2015-09-26 04:11:06 UTC 2022-09-14 19:25:48 UTC 172.67.136.69 Domain (appsbd.com) ranked at: 169900
cdn.paddle.com (3) 35531 2016-05-11 06:35:18 UTC 2022-12-06 18:57:53 UTC 172.66.43.196
fonts.googleapis.com (3) 8877 2012-05-23 12:41:44 UTC 2022-12-06 23:11:27 UTC 142.250.74.106
ocsp.sectigo.com (2) 487 2018-12-17 11:31:55 UTC 2022-12-06 21:32:26 UTC 172.64.155.188
p201298.mybettermb.com (1) 0 2022-11-02 14:55:39 UTC 2022-12-06 22:16:24 UTC 108.168.193.189 Unknown ranking
fonts.gstatic.com (5) 0 2014-04-02 10:51:04 UTC 2022-12-06 21:54:56 UTC 142.250.74.35 Domain (gstatic.com) ranked at: 540
www.facebook.com (2) 99 No data No data 31.13.72.36

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
 No alerts detected

mnemonic secure dns
 No alerts detected

Quad9 DNS
Scan Date Severity Indicator Comment
2022-12-07 2 mkkuei4kdsz.com Sinkholed
2022-12-07 2 mkkuei4kdsz.com Sinkholed
2022-12-07 2 mkkuei4kdsz.com Sinkholed
2022-12-07 2 mkkuei4kdsz.com Sinkholed
2022-12-07 2 mkkuei4kdsz.com Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 64.225.91.73
Date UQ / IDS / BL URL IP
2023-02-03 08:22:05 +0000 0 - 4 - 3 paqiang.cc/ 64.225.91.73
2023-02-03 07:21:31 +0000 0 - 0 - 3 qasralkaramtrading.com/ 64.225.91.73
2023-02-03 05:26:07 +0000 0 - 2 - 8 juloly.com/ 64.225.91.73
2023-02-03 04:06:17 +0000 0 - 6 - 0 wjda.asia/ 64.225.91.73
2023-02-03 03:47:47 +0000 0 - 2 - 1 publicadoptmeprivate.buzz/ 64.225.91.73


Last 5 reports on ASN: DIGITALOCEAN-ASN
Date UQ / IDS / BL URL IP
2023-02-03 09:54:04 +0000 0 - 0 - 0 hoplo.org/best-nespresso-machines/?utm_campai (...) 46.101.63.74
2023-02-03 09:37:05 +0000 0 - 0 - 9 staging.eduvisor.app/uploads/002/assets/image (...) 138.197.152.52
2023-02-03 09:32:54 +0000 0 - 1 - 2 tratbc.com/tb?h=waWQiOjEwMDU1ODcsInNpZCI6MTEz (...) 138.68.123.185
2023-02-03 09:26:35 +0000 0 - 8 - 0 delicious-audio.com/ 165.227.176.161
2023-02-03 09:14:02 +0000 0 - 1 - 2 209.97.150.233/bins/UnHAnaAW.ppc 209.97.150.233


Last 5 reports on domain: mkkuei4kdsz.com
Date UQ / IDS / BL URL IP
2023-02-02 14:59:01 +0000 0 - 0 - 8 mkkuei4kdsz.com/835/150.html 64.225.91.73
2023-02-01 23:51:41 +0000 0 - 0 - 9 mkkuei4kdsz.com/430/66.html 64.225.91.73
2023-02-01 19:27:15 +0000 0 - 2 - 13 mkkuei4kdsz.com/234/204.html 64.225.91.73
2023-01-31 10:33:03 +0000 0 - 0 - 9 mkkuei4kdsz.com/171/579.html 64.225.91.73
2023-01-31 03:43:28 +0000 0 - 0 - 9 mkkuei4kdsz.com/966/863.html 64.225.91.73


No other reports with similar screenshot

JavaScript

Executed Scripts (58)

Executed Evals (1)
#1 JavaScript::Eval (size: 96) - SHA256: aa4130b4a198c29b431ceb2c6b13d9de76ec94a0e1aaa4ef108e7fba91271123
[function _expression_function() {
    var $bm_rt;
    $bm_rt = loopOut('cycle', 0);;
    scoped_bm_rt = $bm_rt
}]

Executed Writes (0)


HTTP Transactions (96)


Request Response
                                        
                                            GET /714/900.html HTTP/1.1 
Host: mkkuei4kdsz.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         64.225.91.73
HTTP/1.1 200 OK
content-type: text/html
                                        
server: nginx/1.18.0 (Ubuntu)
date: Wed, 07 Dec 2022 20:26:49 GMT
last-modified: Wed, 12 Jan 2022 17:20:45 GMT
etag: W/"61df0ded-1ad"
content-encoding: gzip
transfer-encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   329
Md5:    ecbcb8bae64098de3e587487b474f8b8
Sha1:   e275409fb40ea27c3826af493f70faf147d0f995
Sha256: 2597a3f2418586d8a9fb0764743a84486ba066c6af3ff194922fb6c65a783688

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E00EAAD18FFA9F5181FE540B156608DF88565B09E98CA78B87EBA97F3FBC6E79"
Last-Modified: Wed, 07 Dec 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2558
Expires: Wed, 07 Dec 2022 21:09:27 GMT
Date: Wed, 07 Dec 2022 20:26:49 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5170
Expires: Wed, 07 Dec 2022 21:52:59 GMT
Date: Wed, 07 Dec 2022 20:26:49 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         35.241.9.150
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 07 Dec 2022 20:08:05 GMT
age: 1124
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "593BC437FF8A8233516C62613D50220FCB25B9F967ED5FB384C253F0DB135103"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12681
Expires: Wed, 07 Dec 2022 23:58:10 GMT
Date: Wed, 07 Dec 2022 20:26:49 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: 2CDxghR3Sy2qTn8PAAkv89EUSjEPrnNR/dPVq7ljpJPXQTHNWiJ5p8wg3MLZ8bfu9yxjOcqS5wo=
x-amz-request-id: 8P4KQ6K1QTAM50AX
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 07 Dec 2022 19:49:29 GMT
age: 2240
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    53341dea33f4f3d9b4966f80589f429a
Sha1:   20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
Sha256: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 07 Dec 2022 20:26:49 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://mkkuei4kdsz.com
Connection: keep-alive
Referer: http://mkkuei4kdsz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         104.17.25.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Wed, 07 Dec 2022 20:26:50 GMT
content-length: 27958
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb09ed3-15d84"
last-modified: Mon, 04 May 2020 23:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 15888514
expires: Mon, 27 Nov 2023 20:26:50 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BAlIyO54utLL3%2FaZYkSjqPZejj4uiIEvtGpY8OqQgOUmSgyKB2omcK6TF8wu%2FGCRy4v6SteFlUb56%2BGEpDdXG6ON3Kka%2FMNjbGrezjGkRHMW%2BFIrRHgUcqxuAbnHlvt3JhOglHrp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 775fff9e7e7bfab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   27958
Md5:    4b5f47439b640180cc3450f7de05d0d8
Sha1:   5a0dc9bcab80ddc409dd35fcb00a88fe6846fee2
Sha256: 1f85e8b327f42c17c025d69849914068536d9aa95412fe473ae90ffb2f4ebd82
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "D820C9FE909A20B7B11A28C26508CB8A536AAE64C6C7094A0D8F9B0E3E705C56"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19487
Expires: Thu, 08 Dec 2022 01:51:37 GMT
Date: Wed, 07 Dec 2022 20:26:50 GMT
Connection: keep-alive

                                        
                                            GET /?orighost=http://mkkuei4kdsz.com/714/900.html HTTP/1.1 
Host: domaincntrol.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://mkkuei4kdsz.com
Connection: keep-alive
Referer: http://mkkuei4kdsz.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         104.26.11.61
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
                                        
date: Wed, 07 Dec 2022 20:26:50 GMT
content-length: 28
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nKsldP1dr%2FiO19EmEQsic%2BCSFUE6fHosO0C2HTh3DqZDY3GA%2FtA7WPYrGwNXuGWWy7qfbv17tBVSYH8n1oOmlDH%2Flp3FayptKqtJUFb8SWqh3S1M29zMDaSwzaq%2BVvFQJrQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775fff9f3ce7b4ee-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   28
Md5:    7aae16ed70d2e07943585bbb1cd02b55
Sha1:   3209123510c034e6e38ca45edf14307f1375a8f5
Sha256: 51bfb53a70df6adc48f0670be59a16a657ab5a2bafc176973a32d5c36a4fc5d3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         35.241.9.150
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 07 Dec 2022 20:07:55 GMT
age: 1135
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2674
Cache-Control: max-age=134674
Date: Wed, 07 Dec 2022 20:26:50 GMT
Etag: "639057aa-1d7"
Expires: Fri, 09 Dec 2022 09:51:24 GMT
Last-Modified: Wed, 07 Dec 2022 09:06:50 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: NDyHaaiBiDu/INNZQMzvjw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.34.4.233
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: BYP8GYftpRUe4TlDvrVbfmxo73M=

                                        
                                            GET / HTTP/1.1 
Host: ww2.mkkuei4kdsz.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mkkuei4kdsz.com/
Upgrade-Insecure-Requests: 1

search
                                         64.190.63.136
HTTP/1.1 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Wed, 07 Dec 2022 20:26:51 GMT
transfer-encoding: chunked
vary: Accept-Encoding
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_zfi2IAQMFhbeJz7TohoVHVtJWU2hwm7Lrp9mU2CS1tg8fh6Um4KcOzzYJ6LQkNLWAjiGBQP1WU+h5qP7TrTizQ==
last-modified: Wed, 07 Dec 2022 20:26:50 GMT
x-cache-miss-from: parking-d7dbd8c4d-5wc8k
server: NginX
content-encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (700)
Size:   1328
Md5:    bb6259896d6cf40d58d0b687b55f61fd
Sha1:   d628660a70fece8834c2ee84addc57380e506205
Sha256: 421c9bbadcc1f2c8238e483314bcdc65df437ad5fd0525fa47845fe12bb9d76b

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /images/js_preloader.gif HTTP/1.1 
Host: img.sedoparking.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww2.mkkuei4kdsz.com/

search
                                         205.234.175.175
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Wed, 07 Dec 2022 20:26:51 GMT
Content-Length: 4254
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Expires: Wed, 14 Dec 2022 20:26:51 GMT
X-CFHash: "90c93102a88c2ab94bff1575b7a6e86e"
X-CFF: B
Last-Modified: Fri, 15 Mar 2019 12:24:07 GMT
X-CF3: H
CF4Age: 156700
x-cf-tsc: 1648179742
CF4ttl: 31536000.000
X-CF2: H
Server: CFS 0215
X-CF-ReqID: 45add73df7fc8bc7c59388db24827dbf
X-CF1: 11696:fA.arn1:cf:cacheN.arn1-01:H
Accept-Ranges: bytes


--- Additional Info ---
Magic:  GIF image data, version 89a, 16 x 16\012- data
Size:   4254
Md5:    90c93102a88c2ab94bff1575b7a6e86e
Sha1:   56d71bf13de464534643db9d127629a0a3bf677a
Sha256: 5f6ad7031600056b578a6e8c6b34bc718d13125cc8256aa4a9050e549576f81a
                                        
                                            GET /search/tsc.php?200=MzgzNDQ1ODM3&21=OTEuOTAuNDIuMTU0&681=MTY3MDQ0NDgxMWI5MjlhN2RlZDNhZmI4NTEwZDJlNWQwODY2MDcxMjY5&crc=b26cdbdf884003da53bf08e2ad367d782e2c1e2c&cv=1 HTTP/1.1 
Host: ww2.mkkuei4kdsz.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww2.mkkuei4kdsz.com/

search
                                         64.190.63.136
HTTP/1.1 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Wed, 07 Dec 2022 20:26:51 GMT
content-length: 0
x-powered-by: PHP/8.1.9
x-cache-miss-from: parking-d7dbd8c4d-lpd8s
server: NginX


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DdGMA4EuNESs_0&v=YWFhMDcwZmQxM2IxOGY0ZDNiMmI5ZjE4M2FkYzg2MjEJMQl3dzIubWtrdWVpNGtkc3ouY29tNjM5MGY3MGE5MGIyYjcuOTA0NzM2MDUJd3cyLm1ra3VlaTRrZHN6LmNvbTYzOTBmNzBhOTBiNTg5LjI5NDIzMDIyCTE2NzA0NDQ4MTEJYWRfNjNfMA==&l=OAlmOTVhZThmYWExZWMzYzA2YjNkMzkyMmMxYTFmN2ZhYgkwCTM1CTAJMDY1YWZlY2IyODMwNzNmMjBmNzljMmNmMDI3NTJmYjgJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NzA0NDQ4MTEJMC4wMDAyNjcJTgkwCTEJMTgwNQkxMjA1CTE5NDA0MzE0Mgk5MS45MC40Mi4xNTQJMA%3D%3D HTTP/1.1 
Host: ww2.mkkuei4kdsz.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ww2.mkkuei4kdsz.com/
Upgrade-Insecure-Requests: 1

search
                                         64.190.63.136
HTTP/1.1 302 Found
content-type: text/html; charset=UTF-8
                                        
date: Wed, 07 Dec 2022 20:26:51 GMT
content-length: 0
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Wed, 07 Dec 2022 20:26:51 GMT
location: /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DdGMA4EuNESs_0&v=YWFhMDcwZmQxM2IxOGY0ZDNiMmI5ZjE4M2FkYzg2MjEJMQl3dzIubWtrdWVpNGtkc3ouY29tNjM5MGY3MGE5MGIyYjcuOTA0NzM2MDUJd3cyLm1ra3VlaTRrZHN6LmNvbTYzOTBmNzBhOTBiNTg5LjI5NDIzMDIyCTE2NzA0NDQ4MTEJYWRfNjNfMA==&l=OAlmOTVhZThmYWExZWMzYzA2YjNkMzkyMmMxYTFmN2ZhYgkwCTM1CTAJMDY1YWZlY2IyODMwNzNmMjBmNzljMmNmMDI3NTJmYjgJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NzA0NDQ4MTEJMC4wMDAyNjcJTgkwCTEJMTgwNQkxMjA1CTE5NDA0MzE0Mgk5MS45MC40Mi4xNTQJMA%3D%3D
x-cache-miss-from: parking-d7dbd8c4d-lpd8s
server: NginX


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DdGMA4EuNESs_0&v=YWFhMDcwZmQxM2IxOGY0ZDNiMmI5ZjE4M2FkYzg2MjEJMQl3dzIubWtrdWVpNGtkc3ouY29tNjM5MGY3MGE5MGIyYjcuOTA0NzM2MDUJd3cyLm1ra3VlaTRrZHN6LmNvbTYzOTBmNzBhOTBiNTg5LjI5NDIzMDIyCTE2NzA0NDQ4MTEJYWRfNjNfMA==&l=OAlmOTVhZThmYWExZWMzYzA2YjNkMzkyMmMxYTFmN2ZhYgkwCTM1CTAJMDY1YWZlY2IyODMwNzNmMjBmNzljMmNmMDI3NTJmYjgJMzgzNDQ1ODM3CW1ra3VlaTRrZHN6CTAJNjMJNgkyCTE2NzA0NDQ4MTEJMC4wMDAyNjcJTgkwCTEJMTgwNQkxMjA1CTE5NDA0MzE0Mgk5MS45MC40Mi4xNTQJMA%3D%3D HTTP/1.1 
Host: ww2.mkkuei4kdsz.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww2.mkkuei4kdsz.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         64.190.63.136
HTTP/1.1 302 Found
content-type: text/html; charset=UTF-8
                                        
date: Wed, 07 Dec 2022 20:26:51 GMT
transfer-encoding: chunked
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
last-modified: Wed, 07 Dec 2022 20:26:51 GMT
location: http://xml.sedodna.com/click?i=dGMA4EuNESs_0
x-cache-miss-from: parking-d7dbd8c4d-565j6
server: NginX


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   311
Md5:    55d93571c49ab6a8f1578b63610b9926
Sha1:   6ebd6b665c6e3bbf3b45c4ec795541b9232dd715
Sha256: 6fbbbb2c906db4330b25f34ca0bae3fb78a5731ae039715268c6d896010698d1

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /click?i=dGMA4EuNESs_0 HTTP/1.1 
Host: xml.sedodna.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ww2.mkkuei4kdsz.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         173.239.53.32
HTTP/1.1 302 Found
                                        
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: https://mybettermb.com/aS/feedclick?s=HFz5zNIIs96fzq49jFkHXa3dDnCBF-q5pjcTajzqm_QH0A88-gtuCxG_6U4hqQTcO4eq_lgR48_oiQJuDuwoS9gcFc4_-stlmbd3B7sGcRAkoDlrhq7v09i6czQKU3WjqWfap4yUt_iPH1TzciB1Qg6AZUDRz9bjOEX4iGGchU3WvWxDEdTlqf4h8XW3oo3KxbNDc0naMt_UD3eg5Z5w7URtWxpLV7zGJF7YtIv_pSU8yedaajdQan7X1xyAWrFGJaATSme3WF9iYH5cn7PpR96H_Z4cAXUhbNWIUl0XQT-85OIp9iwj7uwUW1daS2u3jXkdiroZGpvbnyvokSzRUdkToqh8XF8oSlbEWRe_vMZ585EtGYcDgElmlUqhKAuUWDF_aYFKoC_pCloREz-gAUf4GCn_ti_dC0ynZ48tkGSDsFZzNHNozOQiGGVu-xbsDCRyz2H-C45Heh8v0Km3Y1oaVVIbEr-PuuKRjgR8nMTmxekK28wDoRMkZAll1gGpA7wZp7a6IJO8RJT6is_tgBFVXMhxbJ1a3lLVGDOQcJ7XNLVlVnjPxxbPR3gMLCYzkuKMowKAWI3qEPCeYIJUQLsnuHDiWSpkX0HlYO-giQeDpH3J1pxR2jRwYHDO-YZwsu2PCggsopd_I1h3UOTRcd6Iez1QXWMYWbmStyCJrC9HydVPRrkWrre2FyI3zJE9XtPzPZgsqfpRdQeoA2h4A0JvH6RBYM1x-2hMb9Pb2jF32-S5bEkeFG735iCmsc80-eG-D03DV5K6HCdI1Kk0GXJycJGD0_q49c2YSS5y3g7h6mu_rWd5EI3wJfaCX6yvmLR4OqlPou_jY-nZ4h2Gi8g2MYNKf9gzRu1tHZec409ufGrp8vEveGSZXs9N-UlXWAcy_s0ZetMc-lmTMvRz7cC49WDpqXe-qqdGOzi4GAb-fNgP3tEjDFFehKlGmMbgPAj_yaetn5VIlXqw7Fgk2OgbZLq7t0BuU0js5-rF3QU6RI6IV5OkKlv0FLGsKb_TdMgSsO8Lq_DPnZ6asMmh3atSStWeSexnBDUsAjReqsC8T6FZOp0ZMrgPoxdNST-TuiC5-ZNuWGuT909NKZ1v4B24alExuw8hlpV-8zSmya4cN0b677rz0VmLeyxWDCVFQQez3GY6xh042_WeKFuS6PoQnLoX10-cPfbBJMfuRSv6VHEC34sadnyRSbbdX-Jdrtg5Yuugvl7nAA319rQT5Ud6a0Dn6eNJZbhSXBsuqp4TKI2qVF_upugCggYFh3EAoiiZxlTdJcUbO7pWllwGdVGZXxgmhR3INz-QU0tQexjS1sjTSDdvxjTnBG6KLohwyqV7tETR7cP-o1a3gHjZa_gjn5QKyssU7dq2rVA9fmvq9IaY6LYxIeiF1cs76ErxCBdlQonnkAtH2nCzpVOQcBJKWnGaCo17onOqLNsrJIIZq0s55ffWLHuIbGhxTF_-0Nt8EcIHbwDzqtnT4ntHmxZxkWjqRJlyD8JxOvyypQk1dJc-S9Xe__RHY-F7HlOGrXtVVrcM9JGG1v9ddiGF13eg4EfiAxt9RCmuI0tSEk_a_Gei7StA-CFjNx6Toj9kghgbOnleKyz947GP4TsT26NezqvwtmGKUTpGk9yX0sr4SfHbi0RDkFmhaS5DjZ7fq1QONt9OxTf7WLbPkU3hnuULpSBOclApGnETwPbCednl8usGYgrUihltjPnnWR7ArmQLfoUt5WaRwCIXpnHq8I0bYtXdmST4aCvw1mX2qEUhYBeUO1dAajXaSwjszpoemvdNVb-Ai2sCC7QSYRJxkXd-d-Km4x3zpGL3jwDO2rKic6os2yskgrCLYR7wB-v9Wa_x1wU3pDZetrPeDa_33MtPdZsQMGS7Jm7EhOsk27bxGYd3vi6Mg-aHrLZE3F_n
Pragma: no-cache

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Dec 2022 20:26:52 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 19:25:46 GMT
Expires: Sun, 11 Dec 2022 19:25:45 GMT
Etag: "502f6f4bf0484b95b1a1339077d6fd9df5aced9e"
Cache-Control: max-age=341332,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775fffaaef8b1c06-OSL

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10784
Expires: Wed, 07 Dec 2022 23:26:36 GMT
Date: Wed, 07 Dec 2022 20:26:52 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10784
Expires: Wed, 07 Dec 2022 23:26:36 GMT
Date: Wed, 07 Dec 2022 20:26:52 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10784
Expires: Wed, 07 Dec 2022 23:26:36 GMT
Date: Wed, 07 Dec 2022 20:26:52 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10784
Expires: Wed, 07 Dec 2022 23:26:36 GMT
Date: Wed, 07 Dec 2022 20:26:52 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10784
Expires: Wed, 07 Dec 2022 23:26:36 GMT
Date: Wed, 07 Dec 2022 20:26:52 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6aff31b2-ef3e-4782-ae28-38f9aee8b1b7.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5995
x-amzn-requestid: 25b34277-c486-4642-aea7-21e0598babc3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSzOGGjoAMF4kw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64e1-6f43ab8e0c1a5260327bce11;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YzpOZW9e-54LuSSOigtmFRb0sUGpIRpqZ-UtINp-B_Uzk6lFPnb6dw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 22:29:29 GMT
age: 79043
etag: "5979d7dc3ba0eb61947282a4adeac8208b4148ae"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5995
Md5:    3801236dc22938e1cc18947e90ea5326
Sha1:   5979d7dc3ba0eb61947282a4adeac8208b4148ae
Sha256: 3bd4eab29590ec3c316597abd2be65281cd9a6137add037ad57c093f1fca12e2
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6557
x-amzn-requestid: 0232ddcd-8274-431e-a55e-8298fbfd6dfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcuMG6bIAMFUng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e5a-3cc17121425f87321ce7ae7e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: va_vly0iX6rzm_aTWrryPRjoTWlI-_0m6rpS6VrTx-nsd71dk1cSZw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 08:32:51 GMT
age: 42841
etag: "08d241e56622cb900754d95bc5d58ed8826d9f32"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6557
Md5:    210b27f5f6310d8fad640acce3d9ae0e
Sha1:   08d241e56622cb900754d95bc5d58ed8826d9f32
Sha256: 64410e13759cdfa24976dcba0c64aca27edc3ee56358f344e55f60793422e3ea
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb602c981-caf1-4cfc-b19b-56f816dc7417.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9891
x-amzn-requestid: f15dc6ba-901b-4ef6-8589-d8918fe84173
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csU8lF3MoAMF47g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6850-496d269b228065a365a67eea;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:53:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PeQWrtcQx_ZzQ4WNPzeiPoHXbxVcdLo9ulplJSlL1GmEpuC0qGkElw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 13:28:58 GMT
age: 25074
etag: "9ec84996b63362ad370ff67b0fd8136a343c1bbf"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9891
Md5:    c2ae931d0f14a81013f782d43b8c7b85
Sha1:   9ec84996b63362ad370ff67b0fd8136a343c1bbf
Sha256: 9b4a2b3e5e2d2b4fac094135fed10a3040598f1208f6b2ec52d95d10aca66ed5
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51c41646-4c8f-4a18-bf60-2b67be5db8d0.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8701
x-amzn-requestid: 653284c3-ee7f-45f1-9513-3a6c81e1d6e3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cm3-2HRWIAMFjfg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c39f8-6f8969a26787a9463ba6c2ec;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 06:11:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cmRvAOLmk_xZC4RKdin-lozUNeK9-icqkzsQmSjP9scXnnCLxkvJ5A==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 22:01:53 GMT
age: 80699
etag: "ddf982c6ff7a0d8e5376c119b6642fe7e0ba8566"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8701
Md5:    604a4132da78a0c013b5818644adb121
Sha1:   ddf982c6ff7a0d8e5376c119b6642fe7e0ba8566
Sha256: eecab519c33596c67f2d2021dfd1af24e7fd8f2ed403f99b4ba0c265c08a259f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 20:49:34 GMT
age: 85038
etag: "36082b7329d473829178f280cb71a83b1531e486"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11224
Md5:    b15136d60fd0a5e0f657a4f5c75d540f
Sha1:   36082b7329d473829178f280cb71a83b1531e486
Sha256: 79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19ffa93b-2002-4f40-ab8b-aa163e9b5939.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6186
x-amzn-requestid: 53d1d373-ff6c-4c59-bdeb-fff592bca586
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUsyGOEIAMFwfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e67eb-0156077b52dc07fb124c087b;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:51:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: KkP8o_5GoqAukEAUkPrvsHE0v_36vO0wI7_97kvnUkqYc4ziC7UPpw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 16:47:32 GMT
age: 13160
etag: "d51162b7fcba50022482b7130a556f3a7dfe822f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6186
Md5:    535710165275856757bd7d1689f79de3
Sha1:   d51162b7fcba50022482b7130a556f3a7dfe822f
Sha256: c93e2df13b78cd4b718eb4fe3fe70a9d6d12fd0a0d7f505219ec0d5e6a70653c
                                        
                                            GET /aS/feedclick?s=HFz5zNIIs96fzq49jFkHXa3dDnCBF-q5pjcTajzqm_QH0A88-gtuCxG_6U4hqQTcO4eq_lgR48_oiQJuDuwoS9gcFc4_-stlmbd3B7sGcRAkoDlrhq7v09i6czQKU3WjqWfap4yUt_iPH1TzciB1Qg6AZUDRz9bjOEX4iGGchU3WvWxDEdTlqf4h8XW3oo3KxbNDc0naMt_UD3eg5Z5w7URtWxpLV7zGJF7YtIv_pSU8yedaajdQan7X1xyAWrFGJaATSme3WF9iYH5cn7PpR96H_Z4cAXUhbNWIUl0XQT-85OIp9iwj7uwUW1daS2u3jXkdiroZGpvbnyvokSzRUdkToqh8XF8oSlbEWRe_vMZ585EtGYcDgElmlUqhKAuUWDF_aYFKoC_pCloREz-gAUf4GCn_ti_dC0ynZ48tkGSDsFZzNHNozOQiGGVu-xbsDCRyz2H-C45Heh8v0Km3Y1oaVVIbEr-PuuKRjgR8nMTmxekK28wDoRMkZAll1gGpA7wZp7a6IJO8RJT6is_tgBFVXMhxbJ1a3lLVGDOQcJ7XNLVlVnjPxxbPR3gMLCYzkuKMowKAWI3qEPCeYIJUQLsnuHDiWSpkX0HlYO-giQeDpH3J1pxR2jRwYHDO-YZwsu2PCggsopd_I1h3UOTRcd6Iez1QXWMYWbmStyCJrC9HydVPRrkWrre2FyI3zJE9XtPzPZgsqfpRdQeoA2h4A0JvH6RBYM1x-2hMb9Pb2jF32-S5bEkeFG735iCmsc80-eG-D03DV5K6HCdI1Kk0GXJycJGD0_q49c2YSS5y3g7h6mu_rWd5EI3wJfaCX6yvmLR4OqlPou_jY-nZ4h2Gi8g2MYNKf9gzRu1tHZec409ufGrp8vEveGSZXs9N-UlXWAcy_s0ZetMc-lmTMvRz7cC49WDpqXe-qqdGOzi4GAb-fNgP3tEjDFFehKlGmMbgPAj_yaetn5VIlXqw7Fgk2OgbZLq7t0BuU0js5-rF3QU6RI6IV5OkKlv0FLGsKb_TdMgSsO8Lq_DPnZ6asMmh3atSStWeSexnBDUsAjReqsC8T6FZOp0ZMrgPoxdNST-TuiC5-ZNuWGuT909NKZ1v4B24alExuw8hlpV-8zSmya4cN0b677rz0VmLeyxWDCVFQQez3GY6xh042_WeKFuS6PoQnLoX10-cPfbBJMfuRSv6VHEC34sadnyRSbbdX-Jdrtg5Yuugvl7nAA319rQT5Ud6a0Dn6eNJZbhSXBsuqp4TKI2qVF_upugCggYFh3EAoiiZxlTdJcUbO7pWllwGdVGZXxgmhR3INz-QU0tQexjS1sjTSDdvxjTnBG6KLohwyqV7tETR7cP-o1a3gHjZa_gjn5QKyssU7dq2rVA9fmvq9IaY6LYxIeiF1cs76ErxCBdlQonnkAtH2nCzpVOQcBJKWnGaCo17onOqLNsrJIIZq0s55ffWLHuIbGhxTF_-0Nt8EcIHbwDzqtnT4ntHmxZxkWjqRJlyD8JxOvyypQk1dJc-S9Xe__RHY-F7HlOGrXtVVrcM9JGG1v9ddiGF13eg4EfiAxt9RCmuI0tSEk_a_Gei7StA-CFjNx6Toj9kghgbOnleKyz947GP4TsT26NezqvwtmGKUTpGk9yX0sr4SfHbi0RDkFmhaS5DjZ7fq1QONt9OxTf7WLbPkU3hnuULpSBOclApGnETwPbCednl8usGYgrUihltjPnnWR7ArmQLfoUt5WaRwCIXpnHq8I0bYtXdmST4aCvw1mX2qEUhYBeUO1dAajXaSwjszpoemvdNVb-Ai2sCC7QSYRJxkXd-d-Km4x3zpGL3jwDO2rKic6os2yskgrCLYR7wB-v9Wa_x1wU3pDZetrPeDa_33MtPdZsQMGS7Jm7EhOsk27bxGYd3vi6Mg-aHrLZE3F_n HTTP/1.1 
Host: mybettermb.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ww2.mkkuei4kdsz.com/
Connection: keep-alive
Cookie: rhid=82508415611; loi=ad_1121758_off_566552_aff_90126_cid_201298-MKKUEI4KDSZ.COM_ts_1670442957
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         108.168.193.189
HTTP/2 302 Found
                                        
server: nginx
date: Wed, 07 Dec 2022 20:26:52 GMT
content-length: 0
set-cookie: rhid=82508415611; Max-Age=15552000; Expires=Mon, 05-Jun-2023 20:26:52 GMT; Domain=mybettermb.com; Path=/; SameSite=None; secure;
location: https://p201298.mybettermb.com/adServe/domainClick?ai=LyBVgUe5lplgdyiN53G4w2SZVu5NPqSq-h2rSoksoBqNG2LV3Zkk-L8FPCSjKZr_YsQ0yRxpJ6k8LlotqmtX7ErGSkvN2YlGY4HZ8X7cx-dM1QaxFxK0PHGpJGlCLAoWMnzoVZuce8ueVaQ0F217-cHwFJ-CDJF8T7C2wcJ1dqtoOgN9pzNxgl6S4oChQzOvrPE96Ym7CMGlXRdGMK-TkKMF_XSxG7q5c9lRJWHNr4s5bSTdWcYVZJciO9bgcuS1jIeAEiXnU3VYEUAru7F_DuXugOnM5m-8Jm7EhOsk27bxGYd3vi6Mg89LCz5E8ciHT2L9NFyVXF7znKF9-VqSkcQ3h4V_I-OhbM7TR-A6o2LnrG8E1DfQ9Vu8kUSrMxroonOqLNsrJIKgUSZw7eMl7vr4nvPsKvQNOYwwqJPWDKxkmVbuTT6kqjvQfnk4ki0ivitaEXZPV_A9yZrhH3-SbobW_112IYXXc4yRFO65Hy6OF0SokHo2PZeYO9hdbD2Gn6oVmfmCmc-q0T2xsmJwnBfZ8RtWPEH2SnZADPOdLz_p-OGBQW3exAhKJncPyYXssKbYd4jRL3fz-AbClJeve1IAxxj8fbHTscWi84ZIOk0qJeEuaLJ-WEdDYOEm2_nsCKidNDxuV5s&ui=HFz5zNIIs96fzq49jFkHXcQzYObQGwwU7xf6tdOZukOG1v9ddiGF139WD8PwTAds1FMKmUcmLsouyUXWzv0GQAvarM0a23-YAhmqLJLutcoI36UgdOm7kA&si=1&oref=e2905b67c440133e06d94d472902354c&optunit=g1X1rV7f4BpBS4YUfGI2rw&rb=2Vb288azLYM&rr=1&abtg=0
X-Firefox-Spdy: h2

                                        
                                            GET /redirect-simple?ci=193&c=no&m_c_r=best HTTP/1.1 
Host: globalconsumerwinner.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         137.74.65.7
HTTP/2 301 Moved Permanently
content-type: text/html
                                        
server: nginx/1.14.2
date: Wed, 07 Dec 2022 20:26:52 GMT
content-length: 185
location: https://www.globalconsumerwinner.com/redirect-simple?ci=193&c=no&m_c_r=best
x-frame-options: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   185
Md5:    4c555068310076e85908835c721911f5
Sha1:   9ec990aabb4391e139034f68e5e657e0f1d0b74d
Sha256: 568b4de0ad30e85670e724dc30ccb675924353b77807356c5ad7f29c8c38f510
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Dec 2022 20:26:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /adServe/domainClick?ai=LyBVgUe5lplgdyiN53G4w2SZVu5NPqSq-h2rSoksoBqNG2LV3Zkk-L8FPCSjKZr_YsQ0yRxpJ6k8LlotqmtX7ErGSkvN2YlGY4HZ8X7cx-dM1QaxFxK0PHGpJGlCLAoWMnzoVZuce8ueVaQ0F217-cHwFJ-CDJF8T7C2wcJ1dqtoOgN9pzNxgl6S4oChQzOvrPE96Ym7CMGlXRdGMK-TkKMF_XSxG7q5c9lRJWHNr4s5bSTdWcYVZJciO9bgcuS1jIeAEiXnU3VYEUAru7F_DuXugOnM5m-8Jm7EhOsk27bxGYd3vi6Mg89LCz5E8ciHT2L9NFyVXF7znKF9-VqSkcQ3h4V_I-OhbM7TR-A6o2LnrG8E1DfQ9Vu8kUSrMxroonOqLNsrJIKgUSZw7eMl7vr4nvPsKvQNOYwwqJPWDKxkmVbuTT6kqjvQfnk4ki0ivitaEXZPV_A9yZrhH3-SbobW_112IYXXc4yRFO65Hy6OF0SokHo2PZeYO9hdbD2Gn6oVmfmCmc-q0T2xsmJwnBfZ8RtWPEH2SnZADPOdLz_p-OGBQW3exAhKJncPyYXssKbYd4jRL3fz-AbClJeve1IAxxj8fbHTscWi84ZIOk0qJeEuaLJ-WEdDYOEm2_nsCKidNDxuV5s&ui=HFz5zNIIs96fzq49jFkHXcQzYObQGwwU7xf6tdOZukOG1v9ddiGF139WD8PwTAds1FMKmUcmLsouyUXWzv0GQAvarM0a23-YAhmqLJLutcoI36UgdOm7kA&si=1&oref=e2905b67c440133e06d94d472902354c&optunit=g1X1rV7f4BpBS4YUfGI2rw&rb=2Vb288azLYM&rr=1&abtg=0 HTTP/1.1 
Host: p201298.mybettermb.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ww2.mkkuei4kdsz.com/
Connection: keep-alive
Cookie: rhid=82508415611; loi=ad_1121758_off_566552_aff_90126_cid_201298-MKKUEI4KDSZ.COM_ts_1670442957
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         108.168.193.189
HTTP/2 200 OK
content-type: text/html;charset=ISO-8859-1
                                        
server: nginx
date: Wed, 07 Dec 2022 20:26:52 GMT
vary: Accept-Encoding
set-cookie: rhid=82508415611; Max-Age=15552000; Expires=Mon, 05-Jun-2023 20:26:52 GMT; Domain=mybettermb.com; Path=/; SameSite=None; secure; loi=ad_1312958_off_756152_aff_13719_cid_201298-MKKUEI4KDSZ.COM_ts_1670444812; Max-Age=3600; Expires=Wed, 07-Dec-2022 21:26:52 GMT; Domain=mybettermb.com; Path=/; SameSite=None; secure;
content-encoding: gzip
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Dec 2022 20:26:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /redirect-simple?ci=193&c=no&m_c_r=best HTTP/1.1 
Host: www.globalconsumerwinner.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         137.74.65.7
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx/1.14.2
date: Wed, 07 Dec 2022 20:26:52 GMT
x-frame-options: *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   30608
Md5:    8b9ec936d8051939db76f2ea327f91de
Sha1:   bb3dbbf8028eea99da5c017182c3ba71a4b87d86
Sha256: eb69bed586981685b09ad971d495664d5009724b377be229675c3df351e70a54
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Dec 2022 20:26:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /v1/redirect?type=linkId&id=6daed2efbca64c829f5a18f674e1196b&api_key=4762ed855d632653578bb0b0b1cbab5b&site_id=8233b159ba5c4e4f970e524d6dd1a9c6&dch=feed&ad_t=advertiser HTTP/1.1 
Host: r.srvtrck.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ykuid=918f28e0666f44d28d28adc9dcd587ac
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         104.19.168.96
HTTP/2 302 Found
                                        
date: Wed, 07 Dec 2022 20:26:53 GMT
content-length: 0
location: http://www.appsbd.com
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 775fffb24b63b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET / HTTP/1.1 
Host: www.appsbd.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         172.67.136.69
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 07 Dec 2022 20:26:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Frame-Options: sameorigin
Content-Security-Policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
X-Content-Security-Policy: default-src 'self';
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer-when-downgrade
Feature-Policy: camera *; fullscreen 'self'; geolocation *; microphone 'self'
X-Redirect-By: WordPress
Location: https://appsbd.com/
Vary: Accept-Encoding
X-Permitted-Cross-Domain-Policies: none
Permissions-Policy: autoplay=*, camera=*, display-capture=*, fullscreen=(self), geolocation=*, microphone=(self)
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Vb6Usw2%2Fz1Xdy7RRfKv8rmrS%2FXddcuh%2BXjLw4DLqk3rPJXwD3VWdAnupxNeshF7xquNNxaWmRyY%2FQHii0awsDBNeofXofvtxP4EoEk1yDA36j6ocJBgwES%2BU4Vyqpay4w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 775fffb30c1db524-OSL
alt-svc: h2=":443"; ma=60

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=143518
Date: Wed, 07 Dec 2022 20:26:53 GMT
Etag: "639084ab-118"
Expires: Fri, 09 Dec 2022 12:18:51 GMT
Last-Modified: Wed, 07 Dec 2022 12:18:51 GMT
Server: nginx
Content-Length: 280

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=143518
Date: Wed, 07 Dec 2022 20:26:53 GMT
Etag: "639084ab-118"
Expires: Fri, 09 Dec 2022 12:18:51 GMT
Last-Modified: Wed, 07 Dec 2022 12:18:51 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /ajax/libs/animate.css/4.1.1/animate.min.css HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appsbd.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.17.25.14
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Wed, 07 Dec 2022 20:26:54 GMT
content-length: 4216
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f5628a2-11846"
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 10663
expires: Mon, 27 Nov 2023 20:26:54 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MYkWvGx3kjlN0KAvPEHoBQBRfUcw%2B94E4A%2FkMbLJE48tO9yB186GyxNKVMaaGEr8RVk2AdjxoRUPrfuDoT3PdlFxN%2B0aW1OgUNZezaRrTS9FPEosbONHHl3x6iFEFaqaRHFAYbJv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 775fffb79e2a0b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65348)
Size:   4216
Md5:    eefc9abe5bc10d658a2393a70d052566
Sha1:   dd49deafcd3ebe1306cda0b843f2da265f8a90e1
Sha256: 6011c33e447455e96e1d4926b0e15ca399eb993163a8e5ee0c523947396d66c3
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Dec 2022 20:26:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Dec 2022 20:26:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   1267
Md5:    79fea17a3e63c580b5615345644c4adb
Sha1:   37f92cd8cf4d1e02a275b26ce7b6d80d4cfaba7b
Sha256: 0a426b3193b8280640aefe3f47a48d9a63006b95655fcd6d009cb86388f08c4d
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Dec 2022 20:26:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   8308
Md5:    ba6ff3dce9f239ed42751426059dac9d
Sha1:   526b302fef68fec73dbfb9e8c0fc52027b53671c
Sha256: d92840b17f4dd8b13a53f81af8a460461304600b8c712523cca52c3fd38145d7
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Dec 2022 20:26:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://appsbd.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.35
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 37924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 04 Dec 2022 01:47:01 GMT
expires: Mon, 04 Dec 2023 01:47:01 GMT
cache-control: public, max-age=31536000
age: 326393
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 37924, version 1.0\012- data
Size:   37924
Md5:    e08be6d5d433944f7ad52902e4d24db5
Sha1:   e2600c1d60d12d397b3ee44411a021231d71e974
Sha256: 450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
                                        
                                            GET /gtag/js?id=UA-97189522-2 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appsbd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.217.21.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 07 Dec 2022 20:26:54 GMT
expires: Wed, 07 Dec 2022 20:26:54 GMT
cache-control: private, max-age=900
last-modified: Wed, 07 Dec 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43581
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1921)
Size:   43581
Md5:    f37cb6c80197feafc4c87b920da14258
Sha1:   21f0975f431735e32830e7c64305f9c448e027a1
Sha256: 749a24b0e09794eef9ad75a1e6bdd2fdb621056f6c76f82c1c1e46405a09ddbb
                                        
                                            GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://appsbd.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.35
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Dec 2022 06:30:11 GMT
expires: Sat, 02 Dec 2023 06:30:11 GMT
cache-control: public, max-age=31536000
age: 482203
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   51696
Md5:    41cdc760f49bb1383a7811036934532a
Sha1:   793080c19ce7692b1990ae136785c65f6abcf8c6
Sha256: b46648b0a1c93e6ce398c72df1df8a21838ba2b51b2d6d41d5bcebdb9122e699
                                        
                                            GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://appsbd.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.35
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:28:50 GMT
expires: Thu, 07 Dec 2023 19:28:50 GMT
cache-control: public, max-age=31536000
age: 3484
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Size:   7884
Md5:    9212f6f9860f9fc6c69b02fedf6db8c3
Sha1:   ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
Sha256: 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
                                        
                                            GET /s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://appsbd.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.35
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 21:18:06 GMT
expires: Tue, 05 Dec 2023 21:18:06 GMT
cache-control: public, max-age=31536000
age: 169728
last-modified: Mon, 18 Jul 2022 19:24:04 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 9840, version 1.0\012- data
Size:   9840
Md5:    afda6e429fd299054de28e1f157c683d
Sha1:   c1847d6f3df5fe11d5e96fd5e6a59b73ff7ed96b
Sha256: 81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Dec 2022 20:26:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Dec 2022 20:26:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://appsbd.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.35
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:34:15 GMT
expires: Thu, 07 Dec 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 3159
last-modified: Wed, 11 May 2022 19:24:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   16822
Md5:    048e672d55d792f8194afc8a43fc3c7d
Sha1:   e7d4a4054ed1d29a91dbba31e3069a35f9430d79
Sha256: a00bba311076a7cbd4d4bdb59367260fe22e63d03cb0b8d927db34d294447d7d
                                        
                                            GET /wp-content/plugins/bdthemes-element-pack/assets/css/ep-helper.css?ver=6.5.0 HTTP/1.1 
Host: appsbd.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://appsbd.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.26.128
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Wed, 07 Dec 2022 20:26:54 GMT
cache-control: public, max-age=2678400
cf-bgj: minify
cf-polished: origSize=33597
content-security-policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
feature-policy: camera *; fullscreen 'self'; geolocation *; microphone 'self'
last-modified: Wed, 14 Sep 2022 16:58:00 GMT
permissions-policy: autoplay=*, camera=*, display-capture=*, fullscreen=(self), geolocation=*, microphone=(self)
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: sameorigin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2b9ixVkWNUtbUdTBnDs2bSns7r2JfD7SGflkcgHLuASHTfzgsQSTjW5uV6tFOt1nJnU4pyEaiImP3cTiSMch4Pwbu%2BqhDdRAVrWWs9fLdns9kpt6rQrdDxKbpFCp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 775fffb75b670b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (33219), with no line terminators
Size:   21056
Md5:    79f773d9e1c607c35b5cef7194465f0c
Sha1:   9bc041ffb201da8fed217da0b4d8dc05b1e02516
Sha256: 4def3edd6d434d29a084c23a30aab0cc5a8214f9f7b7f217e29f3525921a39dd
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Dec 2022 20:26:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /paddle/assets/css/animate.css HTTP/1.1 
Host: cdn.paddle.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appsbd.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         172.66.43.196
HTTP/2 200 OK
content-type: text/css
                                        
date: Wed, 07 Dec 2022 20:26:54 GMT
x-amz-replication-status: COMPLETED
last-modified: Wed, 16 Nov 2022 10:00:11 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: e32lEutKb7ZXFTWwrAUZURIgeAKty7Xa
etag: W/"6b0b1b3d169eb424f5898cad70ee4496"
x-cache: Hit from cloudfront
via: 1.1 7edd8006b8bc56aba6e41686a63bba52.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL50-C1
x-amz-cf-id: V7cwnyV-PgoUwwdEDYW7wXsSxgpcqfyaBttrzAozZ6wN7FJOOILKbw==
cf-cache-status: HIT
age: 16925
expires: Thu, 08 Dec 2022 00:26:54 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 775fffbbdb01b4ed-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   81922
Md5:    5936bd832ad87dcdd2bb3f42198cd5cd
Sha1:   0db8fae34c7e24dcff5fac99fb6304ffe6659b28
Sha256: ef59aae323c45c338ba7464dd2ceb69dfe6059bd6cd2f3b0dd7a3d423b4b4187
                                        
                                            GET /A2224684-0318-4f33-b4c8-6125803cb6bf1.js HTTP/1.1 
Host: d.impactradius-event.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appsbd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         35.186.249.72
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
x-guploader-uploadid: ADPycdv-zQI9jwgLEiokGcBGFmzMmUU9gVfB104RSqxd9qXppyAksWPZjCvN-aOBYGOLp2DqJsN0atY15yTokt3uI3j6-g
x-goog-generation: 1607517559731695
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 13043
content-encoding: gzip
x-goog-hash: crc32c=oCUDxQ==, md5=w1HgYZ0iliY36qEcxn64NA==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
content-length: 13043
server: UploadServer
date: Wed, 07 Dec 2022 20:26:54 GMT
expires: Wed, 07 Dec 2022 20:31:54 GMT
cache-control: public,max-age=900,s-maxage=300
last-modified: Wed, 09 Dec 2020 12:39:19 GMT
etag: "c351e0619d22962637eaa11cc67eb834"
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  C source, ASCII text, with very long lines (41946), with no line terminators
Size:   13043
Md5:    c351e0619d22962637eaa11cc67eb834
Sha1:   f48e99a0f7da2c4e12ff243a429300aeb8833cea
Sha256: 557fbe7920be92cb032aff1528290e0da3bba88218e882f6b44fc16ca1a03686
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Dec 2022 20:26:54 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 07 Dec 2022 14:09:16 GMT
Expires: Wed, 14 Dec 2022 14:09:15 GMT
Etag: "9e3cb9284bfafb5d30e2a3d71b910ea6f18c3586"
Cache-Control: max-age=581540,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775fffbd6d3e1c06-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1507
Cache-Control: max-age=112602
Date: Wed, 07 Dec 2022 20:26:54 GMT
Etag: "63900605-1d7"
Expires: Fri, 09 Dec 2022 03:43:36 GMT
Last-Modified: Wed, 07 Dec 2022 03:18:29 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471


--- Additional Info ---
Magic:  data
Size:   128416
Md5:    e5af716392630204fdb2a626cac4a857
Sha1:   6d8b41966b32ed76b7467415a7363be5419e373c
Sha256: 8ffb4047f4116a2ea0c14267a7a16eda2828eb8b50ee3f83a50b9b93d5479c59
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1508
Cache-Control: max-age=112602
Date: Wed, 07 Dec 2022 20:26:55 GMT
Etag: "63900605-1d7"
Expires: Fri, 09 Dec 2022 03:43:37 GMT
Last-Modified: Wed, 07 Dec 2022 03:18:29 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /en_US/sdk/xfbml.customerchat.js HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appsbd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         157.240.247.8
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: ad25ecfb156948b6c2af1239ccd1470d
etag: "fe2719eda382f1bd74db9b34ed44de26"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Wed, 07 Dec 2022 20:45:01 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: 1DlXXR+tWdP9CVRVwxtj9A==
x-fb-debug: ObGaKnmAknfqgnGn3kzqotAS8EP4luQxSg/070cOTytyn0XedBcArO8t/zHQI9nfPYa5fZrk2t6VybfqAB7Wew==
priority: u=3,i
content-length: 90982
x-fb-trip-id: 1679558926
date: Wed, 07 Dec 2022 20:26:55 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (18734)
Size:   90982
Md5:    d439575d1fad59d3fd095455c31b63f4
Sha1:   e02c348f4b15b1f22a1b2cb582e6f66e5ba34c46
Sha256: c20e4853b269badea3a91dbeb3826fd3dd0982a3fdc2c0c2c368700adc18308f
                                        
                                            GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CInter%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=d9e04cdc79baf22f39c10e745caa92cc HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appsbd.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.106
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 07 Dec 2022 20:26:54 GMT
date: Wed, 07 Dec 2022 20:26:54 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   16967
Md5:    d0c99622f05c59dbbeef0dec4ba59eb8
Sha1:   9c665226ddddbac301c9ae284c4218fbe1d958c4
Sha256: e2aeb595ecbd710703c4c81b3243ec8e4134186cfa57e2aac3f929bab0a16d3e
                                        
                                            GET /widget-awards/css/surly-badges.min.css HTTP/1.1 
Host: cdn.sur.ly
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appsbd.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.67.74.235
HTTP/2 200 OK
content-type: text/css
                                        
date: Wed, 07 Dec 2022 20:26:54 GMT
last-modified: Mon, 13 Jun 2022 04:23:24 GMT
vary: Accept-Encoding
etag: W/"62a6bbbc-4517"
expires: Sat, 17 Dec 2022 09:38:57 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1766621
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eLQ%2FO9t%2B0H97bdrvnODed5kwY8ujv3oetPkuiSoyizW5XWayKseB0ngPC1U8Qf9M797n8IIAlJSqrsrT82fnsEESdguvxQisAZ6uJYnUIrPhAwAUTG5qRZB8vfM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 775fffb7ccf1b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (17687), with no line terminators
Size:   9268
Md5:    10900e54bba620705b872e6a2707d8b2
Sha1:   8e69228a2027369633ce401d208ed758bd61de66
Sha256: 02654cadd0ec8329c90e8ded9c5e63d9efac0d601af361d81d2480a7babc1755
                                        
                                            GET /modules.bc0a4c72d88d266f15af.js HTTP/1.1 
Host: script.hotjar.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appsbd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.40
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 68590
date: Wed, 07 Dec 2022 14:35:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "2375e31c5dc0ca09d740bee5c1486c2b"
last-modified: Wed, 07 Dec 2022 14:34:24 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: PsONTf7a07AmU9K3Xo4LOflqpKhgxgIlQAff_2gFJbHyqk69R1Jz4g==
age: 21109
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (48638)
Size:   68590
Md5:    2375e31c5dc0ca09d740bee5c1486c2b
Sha1:   d68ad5ffd79e99af40377945f2f41db8b6f00ad0
Sha256: 2197593e6c85391abbb9c0cba866862dc84bad91aedbe5d90d374e413504f5cb
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Dec 2022 20:26:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   16284
Md5:    f842b8984a862a74b85a8d1b4434f1ef
Sha1:   dc21b2622d4f0b8c4fae017464188a2dd98fea99
Sha256: ab511d84ca93c10cc29887498aa8478e1787734dcdb89599b95ee50cf4ac3a35
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appsbd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.46
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 07 Dec 2022 18:46:55 GMT
expires: Wed, 07 Dec 2022 20:46:55 GMT
cache-control: public, max-age=7200
age: 6000
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20039
Md5:    47e6f374ca946fddd5b59871b325736c
Sha1:   baa9282efc8785e84d247c3bff518eaa45f101c4
Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Dec 2022 20:26:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /box-5e66f98b4ee957db209dc6f63e3d59dd.html HTTP/1.1 
Host: vars.hotjar.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appsbd.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         143.204.55.101
HTTP/2 200 OK
content-type: text/html
                                        
content-length: 1035
date: Wed, 23 Nov 2022 13:10:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "e0652b84b7b3b650769c759fc520c3f8"
last-modified: Wed, 23 Nov 2022 13:09:18 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 5nvUYVqhDSYtOeLoVMuyswDJVieziDA8H9XRemRAS9kp3Hy61Lplzw==
age: 1235809
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Size:   1035
Md5:    e0652b84b7b3b650769c759fc520c3f8
Sha1:   0b55d6e28613350c7f41b88f19e726e6751ad03b
Sha256: 94b4c240f83065223dcacdd3f8b69cb229d0616edc3e2041eef3e270d859fc3d
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Dec 2022 20:26:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-97189522-2&cid=928288412.1670444815&jid=1711824625&gjid=161509030&_gid=267834097.1670444816&_u=YCDACUAABAAAACAAI~&z=482753729 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://appsbd.com
Connection: keep-alive
Referer: https://appsbd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         108.177.14.154
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://appsbd.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 07 Dec 2022 20:26:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   4
Md5:    48c0473b7821185d937e685216e2168b
Sha1:   3743e47f8a429a5e87b86cb582d78940733d9d2e
Sha256: 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Dec 2022 20:26:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3ffc4f04a1925e%26domain%3Dappsbd.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fappsbd.com%252Ff899a44f9623f%26relation%3Dparent.parent&current_url=https%3A%2F%2Fappsbd.com%2F&event_name=chat_plugin_sdk_facade_create&is_loaded_by_facade=true&loading_time=0&locale=en_US&log_id=5403fa37-7237-4a5d-8aa0-59a2ea34a4ec&page_id=817991701713673&request_time=1670444815782&sdk=joey&should_use_new_domain=false&suppress_http_code=1 HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Origin: https://appsbd.com
Connection: keep-alive
Referer: https://appsbd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         31.13.72.36
HTTP/2 200 OK
content-type: text/html; charset="utf-8"
                                        
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
access-control-allow-origin: https://appsbd.com
strict-transport-security: max-age=15552000; preload
x-fb-debug: ZzDqa6P+S0S3b4ortbyul/Lun9M86NfEF4RIoStu8JjybDNj0szXuoHs2mYEnXtZTyr1L1TEgXnYmh15WPfSAg==
content-length: 0
date: Wed, 07 Dec 2022 20:26:56 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  gzip compressed data, from Unix\012- data
Size:   14965
Md5:    8cb3efbf110f1589570f492114e552d1
Sha1:   e0410a5b8f0120f828166b21ff881eec5db10fbd
Sha256: 696aea1b435de8df6a86b3d34171fcb0d537324ba7f4ca77693ea614663bbb5b
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Dec 2022 20:26:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Dec 2022 20:26:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /sessions/3218885?s=0.25&r=0.01613542322646 HTTP/1.1 
Host: vc.hotjar.io
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://appsbd.com
Connection: keep-alive
Referer: https://appsbd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.91
HTTP/2 204 No Content
                                        
access-control-allow-origin: *
cache-control: no-store
date: Wed, 07 Dec 2022 20:26:56 GMT
server: Python/3.7 aiohttp/3.5.4
x-cache: Miss from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: iYOVDybyHuwptY1BSrA0qEM2O9d4is4arwvWysJvpHmoheGoeInHSw==
X-Firefox-Spdy: h2

                                        
                                            GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-97189522-2&cid=928288412.1670444815&jid=1711824625&_u=YCDACUAABAAAACAAI~&z=2142004261 HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appsbd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.163
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 20:26:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-97189522-2&cid=928288412.1670444815&jid=1711824625&_u=YCDACUAABAAAACAAI~&z=2142004261 HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appsbd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.132
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 20:26:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   69243
Md5:    ee4933686a73f14736b8937dd00c3427
Sha1:   f4e95de5c38eac41757429b9f8c993f0efed60a0
Sha256: 4157a88d0bd4abb5b7c398abecd05342464e9ce59fc8573dc0e31470bcd4e133
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Dec 2022 20:26:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 07 Dec 2022 20:26:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   1294
Md5:    4517c5e5e6cf4d7b98f449c0842191cc
Sha1:   b5a44faa98396b6665e47ecf4dbbb2a1c71c123d
Sha256: 21d57682e961730d3ae1c6e9aef9ace47fc0ee8c6527b32065955a5ddbc868a6
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.156
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=157275
Date: Wed, 07 Dec 2022 20:26:56 GMT
Etag: "6390b060-1d7"
Expires: Fri, 09 Dec 2022 16:08:11 GMT
Last-Modified: Wed, 07 Dec 2022 15:25:20 GMT
Server: ECS (nyb/1D2B)
X-Cache: Miss from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: L9U7Yi5uz9wGO7XKUWj_p0A_Q9UDfsgQ7yYxIacxFhLaIEjsXTLcWw==
Age: 2571


--- Additional Info ---
Magic:  data
Size:   4710
Md5:    c51e533e7d98bd31189dfd7acead48cb
Sha1:   c3508e44372f9e549d9d3103a5149df3befad129
Sha256: cc55ac39aef77dc66dbddc8488dd17ff6bebf6424c7b84b4e52d24a750bb30e1
                                        
                                            POST /g/collect?v=2&tid=G-WYH0VJY7WF&gtm=2oebu0&_p=702257528&cid=928288412.1670444815&ul=en-us&sr=1280x1024&_s=1&sid=1670444815&sct=1&seg=0&dl=https%3A%2F%2Fappsbd.com%2F&dt=1%23%20Software%20Licenses%20Manager%20%E2%80%93%20Customer%20Support%20Software&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1 
Host: region1.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://appsbd.com
Connection: keep-alive
Referer: https://appsbd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

search
                                         216.239.34.36
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: https://appsbd.com
date: Wed, 07 Dec 2022 20:26:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /plugins/customer_chat/facade/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3ffc4f04a1925e%26domain%3Dappsbd.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fappsbd.com%252Ff899a44f9623f%26relation%3Dparent.parent&current_url=https%3A%2F%2Fappsbd.com%2F&is_loaded_by_facade=true&locale=en_US&log_id=5403fa37-7237-4a5d-8aa0-59a2ea34a4ec&page_id=817991701713673&request_time=1670444815782&sdk=joey&should_use_new_domain=false&suppress_http_code=1 HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Origin: https://appsbd.com
Connection: keep-alive
Referer: https://appsbd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         31.13.72.36
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
access-control-allow-origin: https://appsbd.com
strict-transport-security: max-age=15552000; preload
x-fb-debug: YYmLfze8KBsPMJyx03X6BWhUr7Qk4YHajKATGlxjlm1CeabicztisGO4YL8q9wIROM7iJnu9/Sru6CLk+nVrnA==
date: Wed, 07 Dec 2022 20:26:56 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4918)
Size:   2927
Md5:    6c0143b9eb9c3e3bf3738abaefe19795
Sha1:   d39c36aad364ed1e06a31c317da1b252ae2f159c
Sha256: 765cfa7825ea691f4d154b3a876d3a3a922185486bb6215afc50e6096aec06a4
                                        
                                            GET /api/v2/client/ws HTTP/1.1 
Host: ws12.hotjar.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://appsbd.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7T1+zvZveH3Qjm/vciBxxw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.210.93.54
HTTP/1.1 101 Switching Protocols
Content-Type: application/octet-stream
                                        
Date: Wed, 07 Dec 2022 20:26:56 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 1pNsvtYLpAF19s8xapI30WRF/2g=
Sec-WebSocket-Extensions: permessage-deflate


--- Additional Info ---
Magic:  data
Size:   3973
Md5:    06a2e524c144c75e2e69c91d8ea01014
Sha1:   28ea23d9ee87e4ef68ba67db50b15f2b5807cd6d
Sha256: 78c5f8e129f0381242641646c3388074141a2963cdccef8b0501b2ec2739c497
                                        
                                            GET /wp-includes/css/dist/block-library/style.min.css?ver=d9e04cdc79baf22f39c10e745caa92cc HTTP/1.1 
Host: appsbd.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://appsbd.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.26.128
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Wed, 07 Dec 2022 20:26:54 GMT
last-modified: Wed, 14 Sep 2022 16:58:49 GMT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
referrer-policy: no-referrer-when-downgrade
feature-policy: camera *; fullscreen 'self'; geolocation *; microphone 'self'
permissions-policy: autoplay=*, camera=*, display-capture=*, fullscreen=(self), geolocation=*, microphone=(self)
cache-control: public, max-age=2678400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X9EiLrKTiX27Ap0FDPqvYcUBxRUYiBfaQ7%2BXIMSCPKuwA3KxzEMUWXCjLseAdfrC6aYVTqziJsIH4vQcA9wKbDahbsmhZwxthGROsW%2FDlSdxwxmkp07Mer%2Bz2R7F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 775fffb76b6b0b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /paddle/assets/css/paddle.css HTTP/1.1 
Host: cdn.paddle.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appsbd.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         172.66.43.196
HTTP/2 200 OK
content-type: text/css
                                        
date: Wed, 07 Dec 2022 20:26:54 GMT
x-amz-replication-status: PENDING
last-modified: Tue, 06 Dec 2022 15:09:13 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: _MPWTb20o_2egFZ4dPMdEq9vYg97qKhw
etag: W/"363959fb7459f6a3ff15190f211b628a"
x-cache: Hit from cloudfront
via: 1.1 7edd8006b8bc56aba6e41686a63bba52.cloudfront.net (CloudFront)
x-amz-cf-pop: HEL50-C1
x-amz-cf-id: St_cRiU0nw-C6S2nGDwUCkh6dHWRNbcaTdxuP5YfvFka7IEJ8j2E-w==
cf-cache-status: HIT
age: 16925
expires: Thu, 08 Dec 2022 00:26:54 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 775fffbbdb04b4ed-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /c/hotjar-3218885.js?sv=5 HTTP/1.1 
Host: static.hotjar.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appsbd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.37
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 20:26:54 GMT
cache-control: max-age=60
etag: W/1e8126bf9b8e692ee2bbc454d14ad298
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Hy7FsdcuAV-dLRs_jA0zvgdRiD-Xl27aXkbdzD5bKMNxLylUAtekiw==
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            POST /api/v2/sites/3218885/recordings/content HTTP/1.1 
Host: ws12.hotjar.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 903646
Origin: https://appsbd.com
Connection: keep-alive
Referer: https://appsbd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         52.210.93.54
HTTP/2 200 OK
content-type: application/json
                                        
date: Wed, 07 Dec 2022 20:26:57 GMT
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css2?family=Oswald&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.sur.ly/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.106
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 07 Dec 2022 20:26:54 GMT
date: Wed, 07 Dec 2022 20:26:54 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            POST /api/v2/client/sites/3218885/visit-data?sv=5 HTTP/1.1 
Host: in.hotjar.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=UTF-8
Content-Length: 112
Origin: https://appsbd.com
Connection: keep-alive
Referer: https://appsbd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         99.80.127.52
HTTP/2 200 OK
content-type: application/json
                                        
date: Wed, 07 Dec 2022 20:26:56 GMT
vary: Accept-Encoding
cache-control: no-cache, no-store
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /paddle/paddle.js HTTP/1.1 
Host: cdn.paddle.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://appsbd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         172.66.43.196
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Wed, 07 Dec 2022 20:26:54 GMT
cf-bgj: minify
cf-polished: origSize=227559
etag: W/"bdf8f3230994b1353e86c87e927b9198"
last-modified: Tue, 06 Dec 2022 15:09:13 GMT
via: 1.1 bccded73b8b9a1d038e5d874cf586402.cloudfront.net (CloudFront)
x-amz-cf-id: Fy0pJD-lGTQm_T56u8M0xTh-qEoQBpTNryDyVlYXzpSQ_JMfjVYC7g==
x-amz-cf-pop: HEL50-C1
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: r21YZSXGK9eTjB0cB68QyRAGgv1G9RCd
cf-cache-status: HIT
age: 16929
expires: Thu, 08 Dec 2022 00:26:54 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 775fffb9bf6bb4ed-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /new_domain_gating/?endpoint=customerchat&page_id=817991701713673&suppress_http_code=1 HTTP/1.1 
Host: socialplugin.facebook.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Origin: https://appsbd.com
Connection: keep-alive
Referer: https://appsbd.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         31.13.72.8
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: br
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
access-control-allow-origin: https://appsbd.com
x-fb-debug: RwLC8R6q08rxRIhq4Aai/ABAJLpH2HvO1KDxILZ5ZmmwG5JEO3S4iLRUgz3seW2yfSDVC9n30gITHXwqLfIO1Q==
date: Wed, 07 Dec 2022 20:26:56 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET / HTTP/1.1 
Host: appsbd.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         104.21.26.128
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Wed, 07 Dec 2022 20:26:53 GMT
last-modified: Wed, 07 Dec 2022 15:36:48 GMT
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
referrer-policy: no-referrer-when-downgrade
feature-policy: camera *; fullscreen 'self'; geolocation *; microphone 'self'
permissions-policy: autoplay=*, camera=*, display-capture=*, fullscreen=(self), geolocation=*, microphone=(self)
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YBeLpqvj%2F9mkTXJsmRounso3h7z5UP3mZVLe6PxTPKiA%2BAFVoLYfd7KlDG8ezuqkAvuOF8rv%2FvHpq4J8%2BkAO7017U7LRBDy6hZO5KOybURJMr7oF2ax2fY5rYG6M"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 775fffb5a9c80b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css?family=Permanent+Marker&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.globalconsumerwinner.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.106
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 07 Dec 2022 20:26:53 GMT
date: Wed, 07 Dec 2022 20:26:53 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.13 HTTP/1.1 
Host: appsbd.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://appsbd.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.21.26.128
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Wed, 07 Dec 2022 20:26:54 GMT
cache-control: public, max-age=2678400
cf-bgj: minify
cf-polished: origSize=776
content-security-policy: default-src * data:; script-src https: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'
feature-policy: camera *; fullscreen 'self'; geolocation *; microphone 'self'
last-modified: Wed, 14 Sep 2022 16:56:19 GMT
permissions-policy: autoplay=*, camera=*, display-capture=*, fullscreen=(self), geolocation=*, microphone=(self)
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: sameorigin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yy7gGnJEDWyZ%2F3LZ7R63cxYvJ2icqMdEGoK2kfzKUk3U77BBvLTQsW5xRXXR9%2FZUgYdgC85k11n6MS6YX8qhFW5Mx05mIqHJnW9PPBf2a9Y8c9BSubWqvYYUWEys"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 775fffb76b6d0b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---