r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 326898eb925368408f6f42ee173b9d89
b8b20ee34b7e7b139e7729b8e46a54ea25f54ac8
96c2c75f700ab55649882111713ca3cfb2eaf08e404c2bc245a641dc12ae168a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96C2C75F700AB55649882111713CA3CFB2EAF08E404C2BC245A641DC12AE168A"
Last-Modified: Wed, 04 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10710
Expires: Fri, 06 Jan 2023 20:25:08 GMT
Date: Fri, 06 Jan 2023 17:26:38 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a6f32ea922de222ff0886881d86cbc83
fe58a68eec2ef42ab6414cb13d80c7e64cf02337
f25f70638b513dd7f44a6235b6be2fb45a3b63bc6c06b5dcbce2853bb53cf610
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2346
Cache-Control: max-age=151985
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 17:26:38 GMT
Etag: "63b7ff55-117"
Expires: Sun, 08 Jan 2023 11:39:43 GMT
Last-Modified: Fri, 06 Jan 2023 11:00:37 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ce8af3d72e7e9af609039abee59c8b87
8e1b16591fbc632df35f15e23da55ee86af31bc3
52edddbda4a3a3b778f61a491b21e6ea439e9d8024189e636b1f37b2dd7226fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52EDDDBDA4A3A3B778F61A491B21E6EA439E9D8024189E636B1F37B2DD7226FC"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4698
Expires: Fri, 06 Jan 2023 18:44:56 GMT
Date: Fri, 06 Jan 2023 17:26:38 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 06 Jan 2023 16:48:03 GMT
content-type: application/json
age: 2315
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash da484f5e9c6805745e063b236fb81473
ae454bf4a7ae0e96935afc81ee0f89c049097b15
068d0da23acbe7f6b600c4e7dbe9c81d3ad78c8afd122255bbf3550e8a290686
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "068D0DA23ACBE7F6B600C4E7DBE9C81D3AD78C8AFD122255BBF3550E8A290686"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11434
Expires: Fri, 06 Jan 2023 20:37:12 GMT
Date: Fri, 06 Jan 2023 17:26:38 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: BhHSnZSO1IV0e7ci958TuJpc8BRRRY78HvcSDAEGykV+qHZDyOuMYQh/rVOTQhtgu1xqJpBB0u8=
x-amz-request-id: 99CH4PT8KDREA7J5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 06 Jan 2023 17:02:16 GMT
age: 1462
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 06 Jan 2023 17:26:38 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash a6f32ea922de222ff0886881d86cbc83
fe58a68eec2ef42ab6414cb13d80c7e64cf02337
f25f70638b513dd7f44a6235b6be2fb45a3b63bc6c06b5dcbce2853bb53cf610
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2346
Cache-Control: max-age=151985
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 17:26:38 GMT
Etag: "63b7ff55-117"
Expires: Sun, 08 Jan 2023 11:39:43 GMT
Last-Modified: Fri, 06 Jan 2023 11:00:37 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 06 Jan 2023 17:08:12 GMT
age: 1106
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 43c8442b7447debab97b0f6bc973e23a
38a5f1869cff7f6ddbfd3a24e57a3da7851ba3b0
4eb7adc914570287dde1317395d1d95b07271c8fe20b97a8928025c292c47dba
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3160
Cache-Control: max-age=145969
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 17:26:39 GMT
Etag: "63b7e4a8-1d7"
Expires: Sun, 08 Jan 2023 09:59:28 GMT
Last-Modified: Fri, 06 Jan 2023 09:06:48 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 25ab4f5cfcf37de665a32c7a61fc9d62
e32a625d6bcc09ea8728b7c6a0064a5f0ba36034
0292c8dc60ef841d4db9a1d546a3c8cb9de6e3f6009443b4ef734cd0e9621faa
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0292C8DC60EF841D4DB9A1D546A3C8CB9DE6E3F6009443B4EF734CD0E9621FAA"
Last-Modified: Fri, 06 Jan 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21573
Expires: Fri, 06 Jan 2023 23:26:12 GMT
Date: Fri, 06 Jan 2023 17:26:39 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 25ab4f5cfcf37de665a32c7a61fc9d62
e32a625d6bcc09ea8728b7c6a0064a5f0ba36034
0292c8dc60ef841d4db9a1d546a3c8cb9de6e3f6009443b4ef734cd0e9621faa
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0292C8DC60EF841D4DB9A1D546A3C8CB9DE6E3F6009443B4EF734CD0E9621FAA"
Last-Modified: Fri, 06 Jan 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21573
Expires: Fri, 06 Jan 2023 23:26:12 GMT
Date: Fri, 06 Jan 2023 17:26:39 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e4fdd703d4ebb3209cd70c0ffd234da1
2e3a0a6fe0e63d2991e4b8726d5a2c21406a0dc1
ff40f371b1ebac1fbc0e809a0e85f500977372f25e8a72eda450083755fef11d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 17:26:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-152330835-1
142.250.74.168200 OK 46 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-152330835-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1759)
Hash 4136e571d4cdc3ca9bc0b356e96f368f
5b6f4ed5209e59bcfaa894dc51f0f4fc88f5017c
7ba883f51497d440d283504c7f4bda5d39c11c20bb07f5c0d1a17282e5bd1c34
GET /gtag/js?id=UA-152330835-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bimtrens17.pages.dev/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 06 Jan 2023 17:26:39 GMT
expires: Fri, 06 Jan 2023 17:26:39 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46257
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bit.ly/3QhofZr
67.199.248.11301 Moved Permanently 124 B IP 67.199.248.11:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 12ed540e37f0dfc67669b9d822808654
461329aefc48e32f13cdb7269bfb60d17ec9ba78
7661be93aab11a1171fc4fc01569299cdda283c0b893359aa3a527c254077a49
GET /3QhofZr HTTP/1.1
Host: bit.ly
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 06 Jan 2023 17:26:39 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 124
Cache-Control: private, max-age=90
Location: https://i.imgur.com/wQutfXw.png?BIM20
Set-Cookie: _bit=n06hqD-4852b8c1c2a915ad4e-00I; Domain=bit.ly; Expires=Wed, 05 Jul 2023 17:26:39 GMT
Via: 1.1 google
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e4fdd703d4ebb3209cd70c0ffd234da1
2e3a0a6fe0e63d2991e4b8726d5a2c21406a0dc1
ff40f371b1ebac1fbc0e809a0e85f500977372f25e8a72eda450083755fef11d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 17:26:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.imgur.com/wQutfXw.png?BIM20
151.101.244.193200 OK 88 B URL HTTP/2 i.imgur.com/wQutfXw.png?BIM20
IP 151.101.244.193:0
File type PNG image data, 1 x 1, 8-bit/color RGB, non-interlaced\012- data
Hash 9c0402f15afd3dc9d505169d986a2a87
8a7df3faa1a32d52ff53f96871bf1203f2a4c432
6ca38a05eccdcb4c81a9361d531f03577759ffd10483d154ea48f8143b60122e
GET /wQutfXw.png?BIM20 HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Sat, 04 Dec 2021 23:26:53 GMT
etag: "9c0402f15afd3dc9d505169d986a2a87"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Fri, 06 Jan 2023 17:26:39 GMT
age: 272995
x-served-by: cache-iad-kjyo7100040-IAD, cache-hel1410022-HEL
x-cache: HIT, HIT
x-cache-hits: 263, 1
x-timer: S1673025999.422606,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 88
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.89.217.163101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.217.163:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: MuuckxO4slsDlHmC4DqapA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: JD2gA2ahhZWELA5Gm+3eA4q11Ac=
bimtrens17.pages.dev/
172.66.44.188200 OK 79 kB IP 172.66.44.188:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 7232ebd927c89a413ea6f9e8417172e0
a9b97d36e53535624ed2fee55dd095413477e2e4
fffcc7a59c28443d97915466e9192f0e2113af5d69239f659d349f9727cb40e8
GET / HTTP/1.1
Host: bimtrens17.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 06 Jan 2023 17:26:39 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"1b0419e0e1358f85cd2ea77921b3d424"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9IcKo0%2FwakKD1CDHYuGqoFuyv8Zv2Lzh0xhUXSoshl%2FXM%2FWeIkXJGWSR1NuwNEhCXEDG%2BnkhZaHI4DdhlpJbX58eGX6vc1KQgDQgsCT1D3xDbJxOSL9Zr9F27n9ApYFZKysdsNyJKw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 785628ee7b080b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.imgur.com/bbvOIUc.jpg
151.101.244.193200 OK 76 kB IP 151.101.244.193:0
File type JPEG image data, baseline, precision 8, 700x500, components 3\012- data
Hash d2749b90460a549b2cff124d1696fe6d
fd0a5fd7c45497d5cb45efc93cec7d25aa8216bc
24b7c52bfeb23e372d14308482a29fd29e7e1fa744c292607f1a2f48651a7426
GET /bbvOIUc.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bimtrens17.pages.dev/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Jan 2023 20:14:58 GMT
etag: "d2749b90460a549b2cff124d1696fe6d"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Fri, 06 Jan 2023 17:26:39 GMT
age: 421902
x-served-by: cache-iad-kjyo7100152-IAD, cache-hel1410022-HEL
x-cache: HIT, HIT
x-cache-hits: 9, 1
x-timer: S1673025999.460038,VS0,VE2
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 76044
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.14200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.14:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bimtrens17.pages.dev/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 06 Jan 2023 15:43:41 GMT
expires: Fri, 06 Jan 2023 17:43:41 GMT
cache-control: public, max-age=7200
age: 6178
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/bghXgz9CN6g
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/bghXgz9CN6g
IP 142.250.74.131:0
Hash e7862400181ca6d5179b9b8759da0bea
30b80e565a00d1ddc099868ca5dc57509b5c124b
826c7e606c9b91cc6c3b5164d29b0da2fd7fac57add70ef2baa84ba750327364
POST /s/gts1p5/bghXgz9CN6g HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 17:26:39 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/bghXgz9CN6g
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/bghXgz9CN6g
IP 142.250.74.131:0
Hash e7862400181ca6d5179b9b8759da0bea
30b80e565a00d1ddc099868ca5dc57509b5c124b
826c7e606c9b91cc6c3b5164d29b0da2fd7fac57add70ef2baa84ba750327364
POST /s/gts1p5/bghXgz9CN6g HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 17:26:39 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 354505d3283a5da76fdfd0c8c5aa2bdf
69b91c8192b653ce1e8bfbc96683220684c81cef
739c61cff8b85f76108e148cc36a867e3afa04ee83a47f4ec78a4cddfc1ff4e2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "739C61CFF8B85F76108E148CC36A867E3AFA04EE83A47F4EC78A4CDDFC1FF4E2"
Last-Modified: Wed, 04 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6572
Expires: Fri, 06 Jan 2023 19:16:11 GMT
Date: Fri, 06 Jan 2023 17:26:39 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 354505d3283a5da76fdfd0c8c5aa2bdf
69b91c8192b653ce1e8bfbc96683220684c81cef
739c61cff8b85f76108e148cc36a867e3afa04ee83a47f4ec78a4cddfc1ff4e2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "739C61CFF8B85F76108E148CC36A867E3AFA04EE83A47F4EC78A4CDDFC1FF4E2"
Last-Modified: Wed, 04 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6572
Expires: Fri, 06 Jan 2023 19:16:11 GMT
Date: Fri, 06 Jan 2023 17:26:39 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 07a5ec80d8c96a4a1487205117e3f231
84f52008b8164535e990651a2322ec9fc0a6d148
79501493a8c7ac33afbb8aa1e99d32145a403eebb636fd5b9fb8a26b429970cb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3944
Cache-Control: max-age=124088
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 17:26:40 GMT
Etag: "63b78c20-118"
Expires: Sun, 08 Jan 2023 03:54:48 GMT
Last-Modified: Fri, 06 Jan 2023 02:49:04 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e5782ef491c4bb5e1dc5245aed1640b7
2a34a0380e837befa2d6f2ba794c58fca083302a
88fa0e25126e72bd99d8333a8093ad8fa9d2ada9f2012bc64af23c5a7dd143a3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 17:26:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 623e85ff33837eb6c59e11ae2759237a
cea1948490802e652e7f6678dc76694e0d6ab61a
1fb30f3579d3277435c860f472008bea3680db1202d838ad4669d943ec88ba65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 17:26:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 07a5ec80d8c96a4a1487205117e3f231
84f52008b8164535e990651a2322ec9fc0a6d148
79501493a8c7ac33afbb8aa1e99d32145a403eebb636fd5b9fb8a26b429970cb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3944
Cache-Control: max-age=124088
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 17:26:40 GMT
Etag: "63b78c20-118"
Expires: Sun, 08 Jan 2023 03:54:48 GMT
Last-Modified: Fri, 06 Jan 2023 02:49:04 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 280
i.imgur.com/g6cV61A.png
151.101.244.193200 OK 624 B IP 151.101.244.193:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 354fbd5644ab479f0f8b939323b0f0c6
c7c4976b747c125dd8319f03777fb4362fcad9bc
04349321c371bff9047a8125a2b6554be6932ac6cf10cbd8883b69f03f943fe5
GET /g6cV61A.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bimmarketz.pages.dev/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Feb 2022 00:15:11 GMT
etag: "354fbd5644ab479f0f8b939323b0f0c6"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Fri, 06 Jan 2023 17:26:40 GMT
age: 3124884
x-served-by: cache-iad-kiad7000138-IAD, cache-hel1410031-HEL
x-cache: HIT, HIT
x-cache-hits: 4981, 1
x-timer: S1673026000.080039,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 624
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e4fdd703d4ebb3209cd70c0ffd234da1
2e3a0a6fe0e63d2991e4b8726d5a2c21406a0dc1
ff40f371b1ebac1fbc0e809a0e85f500977372f25e8a72eda450083755fef11d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 17:26:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.imgur.com/KTvWL6j.jpg
151.101.244.193200 OK 95 kB IP 151.101.244.193:0
File type JPEG image data, baseline, precision 8, 1080x1350, components 3\012- data
Hash 2c1df6e9d76577fde9a1366c729b50d3
cc98f995bb0934a8e07e16a25eaae51c4d5ae695
9be47f391698710b12b2e95a85082d05e84bdb615cfd567bf12d1f5ccf629d0f
GET /KTvWL6j.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bimmarketz.pages.dev/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 02 Apr 2022 18:28:23 GMT
etag: "2c1df6e9d76577fde9a1366c729b50d3"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Fri, 06 Jan 2023 17:26:40 GMT
age: 623427
x-served-by: cache-iad-kcgs7200109-IAD, cache-hel1410031-HEL
x-cache: HIT, HIT
x-cache-hits: 4984, 1
x-timer: S1673026000.079985,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 95122
X-Firefox-Spdy: h2
i.imgur.com/sSMYbTT.png
151.101.244.193200 OK 933 B IP 151.101.244.193:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash df94e4b9e14db5f7c4254cfb27259333
f122f58426ff6a07c770189bfa54a1c15c7c72f1
594d9200c7b8fdbf512fa6b52de947cfa3f0b8cbae7821aa60d0e4468d9ffa6c
GET /sSMYbTT.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bimmarketz.pages.dev/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Feb 2022 00:15:06 GMT
etag: "df94e4b9e14db5f7c4254cfb27259333"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Fri, 06 Jan 2023 17:26:40 GMT
age: 4584088
x-served-by: cache-iad-kjyo7100155-IAD, cache-hel1410031-HEL
x-cache: HIT, HIT
x-cache-hits: 19498, 1
x-timer: S1673026000.080528,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 933
X-Firefox-Spdy: h2
i.imgur.com/zw6Mkea.png
151.101.244.193200 OK 21 kB IP 151.101.244.193:0
File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Hash ac4eff5127ae809bff6ca8a2c8814f69
ac956bddedafa2638cf6c852e3cfb1e9bb6ed7e8
a6111c6269fdf9c661941f20557c0ae6abce3c855f2d9a63900e90985c4f691c
GET /zw6Mkea.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bimmarketz.pages.dev/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 06 Jan 2023 13:01:03 GMT
etag: "ac4eff5127ae809bff6ca8a2c8814f69"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Fri, 06 Jan 2023 17:26:40 GMT
age: 15936
x-served-by: cache-iad-kcgs7200031-IAD, cache-hel1410031-HEL
x-cache: HIT, HIT
x-cache-hits: 17, 4
x-timer: S1673026000.080573,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 21054
X-Firefox-Spdy: h2
i.imgur.com/7PWScYK.jpg
151.101.244.193200 OK 6.4 kB IP 151.101.244.193:0
File type JPEG image data, baseline, precision 8, 225x225, components 3\012- data
Hash 42a73c7d4bee64671a9d4f1105cd8d1e
a35ee9b3eee7716ba937546684ef774fd5fb1c83
4b6bb55159db46c2298f62204067e699aa774e3a5843ecabf9d274acd6c735b1
GET /7PWScYK.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bimmarketz.pages.dev/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 02 Apr 2022 18:26:54 GMT
etag: "42a73c7d4bee64671a9d4f1105cd8d1e"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Fri, 06 Jan 2023 17:26:40 GMT
age: 631815
x-served-by: cache-iad-kiad7000101-IAD, cache-hel1410031-HEL
x-cache: HIT, HIT
x-cache-hits: 745, 1
x-timer: S1673026000.080515,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 6439
X-Firefox-Spdy: h2
i.imgur.com/Xuf2Txz.jpg
151.101.244.193200 OK 12 kB IP 151.101.244.193:0
File type JPEG image data, baseline, precision 8, 500x333, components 3\012- data
Hash d99c57afd5b77de568934874db38e394
e712da8f9e31f4d5b373962338b326cab0d04960
93c75a3949295b28c2cfd5dc127f58be5b19f14b08b1cde8b358a0bf454641ea
GET /Xuf2Txz.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bimmarketz.pages.dev/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 13 Nov 2022 21:57:30 GMT
etag: "d99c57afd5b77de568934874db38e394"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Fri, 06 Jan 2023 17:26:40 GMT
age: 3120199
x-served-by: cache-iad-kjyo7100150-IAD, cache-hel1410031-HEL
x-cache: HIT, HIT
x-cache-hits: 3, 1
x-timer: S1673026000.079692,VS0,VE3
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 12334
X-Firefox-Spdy: h2
i.imgur.com/0UHB1f0.png
151.101.244.193200 OK 664 B IP 151.101.244.193:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 651000584cf023a30d7d74a07ad71047
db8c09026e535d31cb37affc41365a6df1e1ee1d
4912d7b6b27805d2f0d39a5c372917b15d01b70198d4f6f7aaef9c943d3bb274
GET /0UHB1f0.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bimmarketz.pages.dev/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 21 Feb 2022 00:15:16 GMT
etag: "651000584cf023a30d7d74a07ad71047"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Fri, 06 Jan 2023 17:26:40 GMT
age: 6338484
x-served-by: cache-iad-kcgs7200178-IAD, cache-hel1410031-HEL
x-cache: HIT, HIT
x-cache-hits: 16594, 6240
x-timer: S1673026000.093036,VS0,VE0
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 664
X-Firefox-Spdy: h2
i.imgur.com/UF8Lpoq.png
151.101.244.193200 OK 23 kB IP 151.101.244.193:0
File type PNG image data, 340 x 167, 8-bit/color RGB, non-interlaced\012- data
Hash 08182c942c4c5fdc9da556257d1ef49c
c781ccd1ba8a7f2ac5fc4d8d180deb03fc01091c
df304d33f8185c8120e8ba7a73cadb7049a592e57dcaf2add94d0e5a3ab8cd84
GET /UF8Lpoq.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bimmarketz.pages.dev/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Jan 2023 19:55:41 GMT
etag: "08182c942c4c5fdc9da556257d1ef49c"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Fri, 06 Jan 2023 17:26:40 GMT
age: 423059
x-served-by: cache-iad-kjyo7100129-IAD, cache-hel1410031-HEL
x-cache: HIT, HIT
x-cache-hits: 20, 1
x-timer: S1673026000.082893,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 22965
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-152330835-1
142.250.74.168200 OK 46 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-152330835-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1759)
Hash 3b90b16726c1501c5753c110eaccf7e7
f90a93030984e9ff3d8d5866ea2d4ac5290f315b
3aa2a2c9b5a74821faa6f13ba1ef6b64cf0508598d9aa7da30c5e33af67785ae
GET /gtag/js?id=UA-152330835-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bimmarketz.pages.dev/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 06 Jan 2023 17:26:40 GMT
expires: Fri, 06 Jan 2023 17:26:40 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46257
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.imgur.com/85hSdGn.jpg
151.101.244.193200 OK 38 kB IP 151.101.244.193:0
File type JPEG image data, baseline, precision 8, 480x512, components 3\012- data
Hash 571a1b6d07c63ea5a29590d6fa267274
382381523b4d85553a850c74ba91c032ae21f47c
abcd2ab24bb2fab8764139592359c0b9f556ff7b2e77ed156eed29485ea806a0
GET /85hSdGn.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bimmarketz.pages.dev/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 02 Apr 2022 18:30:03 GMT
etag: "571a1b6d07c63ea5a29590d6fa267274"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Fri, 06 Jan 2023 17:26:40 GMT
age: 6338832
x-served-by: cache-iad-kiad7000102-IAD, cache-hel1410031-HEL
x-cache: HIT, HIT
x-cache-hits: 4019, 1
x-timer: S1673026000.080472,VS0,VE2
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 38262
X-Firefox-Spdy: h2
i.imgur.com/wBBSHPs.png
151.101.244.193200 OK 86 kB IP 151.101.244.193:0
File type PNG image data, 340 x 241, 8-bit/color RGB, non-interlaced\012- data
Hash 38b31dfc8562fcbbc03040ca20ae8a06
ff9522dcb3698a91fc580c01897392ce7112823c
adcc1fbe8c2d7e19ea61e253b36e2cfadbd81de9ac665701c48bc7243166f668
GET /wBBSHPs.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bimmarketz.pages.dev/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Jan 2023 19:55:41 GMT
etag: "38b31dfc8562fcbbc03040ca20ae8a06"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Fri, 06 Jan 2023 17:26:40 GMT
age: 423059
x-served-by: cache-iad-kiad7000049-IAD, cache-hel1410031-HEL
x-cache: HIT, HIT
x-cache-hits: 87, 1
x-timer: S1673026000.082265,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 86193
X-Firefox-Spdy: h2
i.imgur.com/BoSRrNs.png
151.101.244.193200 OK 95 kB IP 151.101.244.193:0
File type PNG image data, 330 x 154, 8-bit/color RGB, non-interlaced\012- data
Hash 29779e2cbaed756978f62ad4fd511aaf
e50306a745640462d605547faad52e5eb71f06eb
5689209d3949ee1d372c94b48c6b8ef588f3e75cadd20cb1e1a89b1ac425e09d
GET /BoSRrNs.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bimmarketz.pages.dev/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 01 Jan 2023 20:00:55 GMT
etag: "29779e2cbaed756978f62ad4fd511aaf"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Fri, 06 Jan 2023 17:26:40 GMT
age: 422745
x-served-by: cache-iad-kiad7000053-IAD, cache-hel1410031-HEL
x-cache: HIT, HIT
x-cache-hits: 22, 1
x-timer: S1673026000.093422,VS0,VE2
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 95058
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e5782ef491c4bb5e1dc5245aed1640b7
2a34a0380e837befa2d6f2ba794c58fca083302a
88fa0e25126e72bd99d8333a8093ad8fa9d2ada9f2012bc64af23c5a7dd143a3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 17:26:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8b64a17d9b8c33515817fc19dd6f60d7
a752305109964bc1ef3537debed9c40c44198cea
8f7b7d229100176e82780eb0c3808b410b078025237210d8b5037c30ac3b0987
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 17:26:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.google-analytics.com/g/collect?v=2&tid=G-2H0WXCQSF6>m=2oe120&_p=1429876735&cid=1720220040.1673025989&ul=en-us&sr=1280x1024&_s=1&sid=1673025988&sct=1&seg=0&dl=https%3A%2F%2Fbimtrens17.pages.dev%2F&dt=BIIM%20Tran&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-2H0WXCQSF6>m=2oe120&_p=1429876735&cid=1720220040.1673025989&ul=en-us&sr=1280x1024&_s=1&sid=1673025988&sct=1&seg=0&dl=https%3A%2F%2Fbimtrens17.pages.dev%2F&dt=BIIM%20Tran&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-2H0WXCQSF6>m=2oe120&_p=1429876735&cid=1720220040.1673025989&ul=en-us&sr=1280x1024&_s=1&sid=1673025988&sct=1&seg=0&dl=https%3A%2F%2Fbimtrens17.pages.dev%2F&dt=BIIM%20Tran&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bimtrens17.pages.dev/
Origin: https://bimtrens17.pages.dev
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://bimtrens17.pages.dev
date: Fri, 06 Jan 2023 17:26:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/earlyaccess/droidarabicnaskh.css
142.250.74.106200 OK 761 B URL HTTP/2 fonts.googleapis.com/earlyaccess/droidarabicnaskh.css
IP 142.250.74.106:0
Hash 7d3560f28c08efe05b11529c0935c213
a83426c236f50e9ac9e740080b4c32cdd86055b1
aa89b691c90cc641fc1b704fa8687dd3275d21ffa0e1b45af5301fb1eefb5be5
GET /earlyaccess/droidarabicnaskh.css HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bimmarketz.pages.dev/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
expires: Fri, 06 Jan 2023 17:26:40 GMT
date: Fri, 06 Jan 2023 17:26:40 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
216.58.207.227200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bimmarketz.pages.dev
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 06 Jan 2023 13:33:13 GMT
expires: Sat, 06 Jan 2024 13:33:13 GMT
cache-control: public, max-age=31536000
age: 14007
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/ea/droidarabicnaskh/v7/DroidNaskh-Bold.woff2
216.58.207.227200 OK 41 kB URL HTTP/2 fonts.gstatic.com/ea/droidarabicnaskh/v7/DroidNaskh-Bold.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 41252, version 1.0\012- data
Hash 827765ced4b6d367803d4ef34633dc05
0ce49124ea2b7f356029c86cd00e5fae272f5e99
0a6b3b2583f0b9ea7da829409bcde3dc1641adb9092100bf2e1415d61cde46d6
GET /ea/droidarabicnaskh/v7/DroidNaskh-Bold.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bimmarketz.pages.dev
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 41252
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 06 Jan 2023 13:45:12 GMT
expires: Sat, 06 Jan 2024 13:45:12 GMT
cache-control: public, max-age=31536000
age: 13288
last-modified: Wed, 13 Aug 2014 16:50:04 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 75cfc8b3d7a22c317465a354b950897b
272651a02a8fa17067d9e4e9ff4878d2c1af75af
40dc9698f6d97aeada27973d1b096a149bb5bb299c38a6ed87e853e6d724d26b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 17:26:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d18b3d0829f942e4665bbb6b99554690
98a7923b5fa0ebe1e3aa8af8c761f90d02fc9c53
49ddf1230176a2246899bf1176b6d147cd8cb5e058aa86586bdf5de4adee630a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49DDF1230176A2246899BF1176B6D147CD8CB5E058AA86586BDF5DE4ADEE630A"
Last-Modified: Fri, 06 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21533
Expires: Fri, 06 Jan 2023 23:25:33 GMT
Date: Fri, 06 Jan 2023 17:26:40 GMT
Connection: keep-alive
code.jquery.com/jquery-latest.min.js
69.16.175.42200 OK 33 kB URL HTTP/2 code.jquery.com/jquery-latest.min.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (32086)
Hash a39e9fcc2a78d5b1ed25b5f853c17a22
f1d1d30d35146a7adee855becba02b776366f169
a0581d3f2c05cfb302f81d2894c114da758e14a290bd4f240c7b63628469ee8d
GET /jquery-latest.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bimmarketz.pages.dev/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 06 Jan 2023 17:26:40 GMT
content-encoding: gzip
content-length: 33202
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-1762a"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-sp-metadata: HS256.CODP4Z0GEoYBCiQzMTY2ZjUwZi0zZDM2LTQwN2YtYjk1Zi0yM2I2YjdhOTM5NTQQ+OiCoKvU+wIaBgjQs+GdBiIMOTEuOTAuNDIuMTU0KKwbMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogYzdkMmI0YzQ4NGE0MTNlMTkxZGU2YWNmZjJkYjIwMDkaLAgBEiQzMmNmNDQ0Yy03ZWM3LTRhNGQtYmVmZC01NDYzNDczOTUzMzUYsoMCIhgIAhIUY2RzMjU2LnNrMS5od2Nkbi5uZXQ=.pQDaN9aavkasS2uqY/st2M29yZbTd2kK8VoHzCt723Q=
x-hw: 1673026000.dop022.sk1.t,1673026000.cds252.sk1.hn,1673026000.cds256.sk1.c
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
104.18.11.207200 OK 85 kB URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.18.11.207:0
File type ASCII text, with very long lines (30837)
Hash 12107910a9a172b5f241f9b364205a5a
aeab60c1d3223e14b5e61cb9b9185fcbd6f58a1e
fe74a7cb9ef0e8648e47278051e6d8aad750f1df3e0db93310d17616a5e3a084
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bimmarketz.pages.dev/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 06 Jan 2023 17:26:40 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 722, 617
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 2021-03-10 20:26:20
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 121d365db7a9aba3915641185d93b963
cdn-cache: HIT
cf-cache-status: HIT
age: 22336807
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 785628f45e4eb4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 872ad13c3966689cbd481bebca0b21f8
2a052c414b68b9e71b00fa3903995e8bdd22a81c
bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10872
Expires: Fri, 06 Jan 2023 20:27:52 GMT
Date: Fri, 06 Jan 2023 17:26:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 872ad13c3966689cbd481bebca0b21f8
2a052c414b68b9e71b00fa3903995e8bdd22a81c
bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10872
Expires: Fri, 06 Jan 2023 20:27:52 GMT
Date: Fri, 06 Jan 2023 17:26:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 872ad13c3966689cbd481bebca0b21f8
2a052c414b68b9e71b00fa3903995e8bdd22a81c
bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10872
Expires: Fri, 06 Jan 2023 20:27:52 GMT
Date: Fri, 06 Jan 2023 17:26:40 GMT
Connection: keep-alive
www.google-analytics.com/analytics.js
142.250.74.14200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.14:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bimmarketz.pages.dev/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 06 Jan 2023 15:43:41 GMT
expires: Fri, 06 Jan 2023 17:43:41 GMT
cache-control: public, max-age=7200
age: 6179
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e832123ea0c92a446b5894e75efc86ae
bb438ca635b43819701067ef07a3d910ad29a0c7
e1b0c6cd873f304de15664f96af6b6914e13fbbfb3e2179ba43369e116446773
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5578
x-amzn-requestid: 93353c3e-1b26-424c-b4c6-0d113703edd6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eFvpBFGvIAMFobw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b22c9f-1d07cff31ae39320693642f0;Sampled=0
x-amzn-remapped-date: Mon, 02 Jan 2023 01:00:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: skIlgzeKmjJ2Wsx2QeubgMvO7chgpPNZYqW4E_xhRgkCtDEhAfBp4w==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 07:33:22 GMT
age: 35598
etag: "bb438ca635b43819701067ef07a3d910ad29a0c7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 872ad13c3966689cbd481bebca0b21f8
2a052c414b68b9e71b00fa3903995e8bdd22a81c
bd2222d291deec7ba01875b7ddfd0d27de71e68fc600057fb3d1fa9394aa46fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD2222D291DEEC7BA01875B7DDFD0D27DE71E68FC600057FB3D1FA9394AA46FA"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10872
Expires: Fri, 06 Jan 2023 20:27:52 GMT
Date: Fri, 06 Jan 2023 17:26:40 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F727b2cef-2229-487d-9623-29ccec44ab1f.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F727b2cef-2229-487d-9623-29ccec44ab1f.jpeg
IP 34.120.237.76:0
Hash d0403aa2707e8f6c0c1d1371c3492f70
67f4188e5b949ffdf1cf8bcf282ad21d77f1e5c6
dff03aeb3770ed2b682b36522b2843bcff422e8ecf7f66b16464d37e6dae5309
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F727b2cef-2229-487d-9623-29ccec44ab1f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5809
x-amzn-requestid: 16b4843e-ac69-402f-87e7-66c24984cecb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eSeJoHgwIAMFhdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b743d7-507b52112e0f1176182e5d99;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 21:40:39 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JGGMyfzW2uwEbY-V22ZCWjFegXRLY-wAlWxSjLCM6C1A5kjXa2DTGw==
via: 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 21:46:41 GMT
age: 70799
etag: "d7c083857e9512ad3ecb3bbaf285409926473ceb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F426acd7d-b225-4d35-a3be-10ba23ba69c9.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F426acd7d-b225-4d35-a3be-10ba23ba69c9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 49cab8228badce0317f63284420a2a06
94abc863dc8ac54c9ab9e57a791b404a8a09729e
399c22a3adea805a2fa373f6a85d842f47798088593803b6b38034f942e092af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F426acd7d-b225-4d35-a3be-10ba23ba69c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8693
x-amzn-requestid: ae2b861d-87b8-4913-853a-64c76f410bf4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eNLADE-ZoAMFttw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b52533-6e5412c92f70fbd12a893047;Sampled=0
x-amzn-remapped-date: Wed, 04 Jan 2023 07:05:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 78YflWiepSLgVw3s7rsefJd1FkwKcScpFt2tIHNaBjbpF3ZQmxT9Zw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 07:48:09 GMT
age: 34711
etag: "94abc863dc8ac54c9ab9e57a791b404a8a09729e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn-server.info/show.php?u65421673026000=true&ad=673873&f=300x250&a=395578&cri=0&s=NWM4NzM0NGUzZjEwMzIxN2U1ZmI1YmY3OTBjNDkzMTE=&u=533889&si=533723881&di=46478301&ci=16&h=873f544891e57d216345df0a0a19ed8b&cc=NO&https=1&useAf=loaded_string_9852735b0bce9d250429df012c0426f88d0bd_2831261_1673026000.4162_87511&capSettings=Y2RuLXNlcnZlci5pbmZvfDUwMDAwfDI0fDY1MTUz&ar=aHR0cHM6Ly9iaW1tYXJrZXR6LnBhZ2VzLmRldi8=
185.66.200.222200 OK 14 kB URL HTTP/2 cdn-server.info/show.php?u65421673026000=true&ad=673873&f=300x250&a=395578&cri=0&s=NWM4NzM0NGUzZjEwMzIxN2U1ZmI1YmY3OTBjNDkzMTE=&u=533889&si=533723881&di=46478301&ci=16&h=873f544891e57d216345df0a0a19ed8b&cc=NO&https=1&useAf=loaded_string_9852735b0bce9d250429df012c0426f88d0bd_2831261_1673026000.4162_87511&capSettings=Y2RuLXNlcnZlci5pbmZvfDUwMDAwfDI0fDY1MTUz&ar=aHR0cHM6Ly9iaW1tYXJrZXR6LnBhZ2VzLmRldi8=
IP 185.66.200.222:0
ASN #201702 skHosting.eu s.r.o.
Hash 4852d3f037284176fc9ced289e545eff
a457d160d53e32809cbe97e8ad16f21b57c54b1d
58a061172969a47b2729042ca7c5ba3da5b15414bde2c2553cf689ed523c3f09
GET /show.php?u65421673026000=true&ad=673873&f=300x250&a=395578&cri=0&s=NWM4NzM0NGUzZjEwMzIxN2U1ZmI1YmY3OTBjNDkzMTE=&u=533889&si=533723881&di=46478301&ci=16&h=873f544891e57d216345df0a0a19ed8b&cc=NO&https=1&useAf=loaded_string_9852735b0bce9d250429df012c0426f88d0bd_2831261_1673026000.4162_87511&capSettings=Y2RuLXNlcnZlci5pbmZvfDUwMDAwfDI0fDY1MTUz&ar=aHR0cHM6Ly9iaW1tYXJrZXR6LnBhZ2VzLmRldi8= HTTP/1.1
Host: cdn-server.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-server.info/bnr_xload.php?section=General&pub=533889&format=300x250&ga=g&xt=167302600063194&xtt=6138329
Cookie: used_ad2831261=1; total_impressions=1; cpa_673873=300x250_533723881_0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 06 Jan 2023 17:26:40 GMT
content-type: text/html; charset=UTF-8
expires: Fri, 06 Jan 2023 17:26:40 GMT
last-modified: Fri, 06 Jan 2023 17:26:40 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0cc6987-cb45-42f9-8b7e-1ec781513572.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0cc6987-cb45-42f9-8b7e-1ec781513572.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 884498828be14529bda4485a38b033c3
9443f22559b64c5861bbc50d0980dad8da158352
c48b1203e6b6e9468dc9a07934709f5ec2ba064fb2c9dd97f6cdc0e452a7dd77
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0cc6987-cb45-42f9-8b7e-1ec781513572.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6268
x-amzn-requestid: 3674eb24-1902-4722-8ea0-63b5fb36b41e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eSdsIEtbIAMFYsw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b7431a-1e840ef57d3fa7ab2362f37c;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 21:37:30 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jSI7UFknz6hbv5lG44ZUvaRg2ekHMRdi4NaLtpDGbpNrolofHvqbAQ==
via: 1.1 b838ef1ff22a4a994af82d5178c30e1c.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 21:46:41 GMT
age: 70799
etag: "9443f22559b64c5861bbc50d0980dad8da158352"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn-server.info/trk/?873f544891e57d216345df0a0a19ed8b
185.66.200.222200 OK 43 B URL HTTP/2 cdn-server.info/trk/?873f544891e57d216345df0a0a19ed8b
IP 185.66.200.222:0
ASN #201702 skHosting.eu s.r.o.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /trk/?873f544891e57d216345df0a0a19ed8b HTTP/1.1
Host: cdn-server.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-server.info/show.php?u65421673026000=true&ad=673873&f=300x250&a=395578&cri=0&s=NWM4NzM0NGUzZjEwMzIxN2U1ZmI1YmY3OTBjNDkzMTE=&u=533889&si=533723881&di=46478301&ci=16&h=873f544891e57d216345df0a0a19ed8b&cc=NO&https=1&useAf=loaded_string_9852735b0bce9d250429df012c0426f88d0bd_2831261_1673026000.4162_87511&capSettings=Y2RuLXNlcnZlci5pbmZvfDUwMDAwfDI0fDY1MTUz&ar=aHR0cHM6Ly9iaW1tYXJrZXR6LnBhZ2VzLmRldi8=
Cookie: used_ad2831261=1; total_impressions=1; cpa_673873=300x250_533723881_0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 06 Jan 2023 17:26:40 GMT
content-type: image/gif
content-length: 43
last-modified: Fri, 06 Jan 2023 17:26:40 GMT
x-robots-tag: noindex, nofollow, noarchive, nosnippet
pragma-directive: no-cache
cache-directive: no-cache
cache-control: public, no-cache
pragma: no-cache
expires: 0
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb84dc300-436d-4ab6-93ff-5c34a5e8faa9.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb84dc300-436d-4ab6-93ff-5c34a5e8faa9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 905c01ccaa57e0ea71e9a2f58bbb2ca4
6cf4b068623644dd0ca790dbc75e3533e7759f8b
4b579d86c6b957bf5c777b44b474c1c8fac699ffe695757d43f9752b079ef42a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb84dc300-436d-4ab6-93ff-5c34a5e8faa9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4473
x-amzn-requestid: 4732a7f2-382c-41a0-a96a-dbd073af76dc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eScwQG6hoAMFQaw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b7419b-4b3c3ebf3c06242b360e6421;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 21:31:07 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XRsEwpela3bYpgBLNQxwiFzDcHzfFiXWmAEAl1jvIb1ustFu2lJdaA==
via: 1.1 adc2002956acc4d61bfbf3b973fdf246.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Thu, 05 Jan 2023 22:00:17 GMT
age: 69983
etag: "6cf4b068623644dd0ca790dbc75e3533e7759f8b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a010fd2547d82eee4af0643d31193b9b
a77548611cbafad441977010078a770b6d8752d0
f020d9c2b1589fe31dbc0db1bda69aae8ba02463daec0453cc736543d4a8bea7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F020D9C2B1589FE31DBC0DB1BDA69AAE8BA02463DAEC0453CC736543D4A8BEA7"
Last-Modified: Wed, 04 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6157
Expires: Fri, 06 Jan 2023 19:09:17 GMT
Date: Fri, 06 Jan 2023 17:26:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3636a2b6d0e587c40826b6cbad4803f4
d1941dd464c2db05c203fc3c5851a7ee14d17a68
cde308b045c8e2307f7fddbd9a56d615dc39dc86c1633c6b5ee240466223be41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CDE308B045C8E2307F7FDDBD9A56D615DC39DC86C1633C6B5EE240466223BE41"
Last-Modified: Fri, 06 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20866
Expires: Fri, 06 Jan 2023 23:14:26 GMT
Date: Fri, 06 Jan 2023 17:26:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8f012a31fbc9634ece2ce099bb8b67f4
1f3630dfc86b06e222108a20b6aa735ab3bdeeb2
db6a8ae0ae010c961c108406ee25d7f363d1250fd52f37fa1a1154c0fd1db47f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DB6A8AE0AE010C961C108406EE25D7F363D1250FD52F37FA1A1154C0FD1DB47F"
Last-Modified: Wed, 04 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10615
Expires: Fri, 06 Jan 2023 20:23:35 GMT
Date: Fri, 06 Jan 2023 17:26:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3425f2ebbe49f150b216b5bb25b03f53
929a6e2b619e46761b4699ecdb65a633f0076dcc
727a54dcdd432df0e84310693166dd46df099ac9fec8a85a660558fabd64fe7b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "727A54DCDD432DF0E84310693166DD46DF099AC9FEC8A85A660558FABD64FE7B"
Last-Modified: Wed, 04 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4742
Expires: Fri, 06 Jan 2023 18:45:43 GMT
Date: Fri, 06 Jan 2023 17:26:41 GMT
Connection: keep-alive
region1.google-analytics.com/g/collect?v=2&tid=G-2H0WXCQSF6>m=2oe120&_p=205433524&cid=969802266.1673025990&ul=en-us&sr=1280x1024&_s=1&sid=1673025989&sct=1&seg=0&dl=https%3A%2F%2Fbimmarketz.pages.dev%2F&dr=https%3A%2F%2Fbiem-vi2.pages.dev%2F&dt=BIM-%D8%A8%D9%8A%D9%85&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-2H0WXCQSF6>m=2oe120&_p=205433524&cid=969802266.1673025990&ul=en-us&sr=1280x1024&_s=1&sid=1673025989&sct=1&seg=0&dl=https%3A%2F%2Fbimmarketz.pages.dev%2F&dr=https%3A%2F%2Fbiem-vi2.pages.dev%2F&dt=BIM-%D8%A8%D9%8A%D9%85&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-2H0WXCQSF6>m=2oe120&_p=205433524&cid=969802266.1673025990&ul=en-us&sr=1280x1024&_s=1&sid=1673025989&sct=1&seg=0&dl=https%3A%2F%2Fbimmarketz.pages.dev%2F&dr=https%3A%2F%2Fbiem-vi2.pages.dev%2F&dt=BIM-%D8%A8%D9%8A%D9%85&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bimmarketz.pages.dev/
Origin: https://bimmarketz.pages.dev
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://bimmarketz.pages.dev
date: Fri, 06 Jan 2023 17:26:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
biem-vi2.pages.dev/
172.66.44.237200 OK 0 B IP 172.66.44.237:0
GET / HTTP/1.1
Host: biem-vi2.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 06 Jan 2023 17:26:39 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"c9cbc1d4b3e53f5d8992bd93895e46a8"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EofvBTx3lWv5Xlok8HyxPBUfqvshMDVBsYBsLQ0dAZeGyTM6G0xYpE3OdjRIOauzbo9%2BdDjT%2FsJQP98ZI4GMyQxOLB%2FRtq3xiS9rH0lHgHnsn1TRyxCL6NakBcjkOrIRHhusFRk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 785628f21f4db50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Poppins:wght@500;700&display=swap
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Poppins:wght@500;700&display=swap
IP 142.250.74.106:0
GET /css2?family=Poppins:wght@500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bimmarketz.pages.dev/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 06 Jan 2023 17:26:40 GMT
date: Fri, 06 Jan 2023 17:26:40 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn-server.info/bnr.php?section=General&pub=533889&format=300x250&ga=g
185.66.200.222200 OK 0 B URL HTTP/2 cdn-server.info/bnr.php?section=General&pub=533889&format=300x250&ga=g
IP 185.66.200.222:0
ASN #201702 skHosting.eu s.r.o.
GET /bnr.php?section=General&pub=533889&format=300x250&ga=g HTTP/1.1
Host: cdn-server.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bimmarketz.pages.dev/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 06 Jan 2023 17:26:40 GMT
content-type: application/javascript
expires: Fri, 06 Jan 2023 17:26:40 GMT
last-modified: Fri, 06 Jan 2023 17:26:40 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
X-Firefox-Spdy: h2
ylx-i.advertica-cdn2.com/logo_p_small.png?1480628811
185.66.200.127200 OK 0 B URL HTTP/2 ylx-i.advertica-cdn2.com/logo_p_small.png?1480628811
IP 185.66.200.127:0
ASN #201702 skHosting.eu s.r.o.
GET /logo_p_small.png?1480628811 HTTP/1.1
Host: ylx-i.advertica-cdn2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-server.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 06 Jan 2023 17:26:40 GMT
content-type: image/png
last-modified: Thu, 01 Dec 2016 21:46:51 GMT
etag: W/"58409a4b-675"
expires: Sun, 05 Feb 2023 17:26:40 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-cache: HIT
x-server: cdnbts
content-encoding: gzip
X-Firefox-Spdy: h2
bimmarketz.pages.dev/
172.66.44.197200 OK 0 B IP 172.66.44.197:0
Analyzer Verdict Alert urlquery suspicious Suspicious - JavaScript obfuscation
urlquery suspicious Suspicious - JavaScript obfuscation
GET / HTTP/1.1
Host: bimmarketz.pages.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://biem-vi2.pages.dev/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 06 Jan 2023 17:26:39 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"8b9b358007de2aa579f81bad2464782b"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DlkpfXgA2940sY%2FJYRbxJSr2BGRigYdMxhGJNA74oo7lIgF3cta6%2FQOcrDbSSY0ZxHtTLHOdSdS7%2B0A%2F3PvN7o%2BEHRzPMCwZKIeleFwZXNIZpXG1ca7PGQw5%2BC9VXDwSdVDeHNUX8A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 785628f39d72b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tinyurl.com/BiM-Voucher89
104.20.138.65301 Moved Permanently 0 B URL HTTP/2 tinyurl.com/BiM-Voucher89
IP 104.20.138.65:0
GET /BiM-Voucher89 HTTP/1.1
Host: tinyurl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Fri, 06 Jan 2023 17:26:38 GMT
content-type: text/html; charset=UTF-8
location: https://bimtrens17.pages.dev/
x-powered-by: PHP/8.1.8
cache-control: max-age=0, public, s-max-age=900, stale-if-error: 86400
referrer-policy: unsafe-url
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 785628e9aeeab515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ebaaa.xyz/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrdpCAiiGZijjrCikAAGjCxCkrNkxNpZNrApCrCZZZCCrkjCrxACrCrGCxCZxkkjjiZpCCr_46556&adApiR=loaded_string_9852735b0bce9d250429df012c0426f88d0bd_2831261_1673026000.4162_87511&capSettings=Y2RuLXNlcnZlci5pbmZvfDUwMDAwfDI0fDY1MTUz&adApiR=loaded_string_9852735b0bce9d250429df012c0426f88d0bd_2831261_1673026000.4162_87511&refferer=1563843210_aHR0cHM6Ly9iaW1tYXJrZXR6LnBhZ2VzLmRldi8=&width=300&height=250&yxDom=Y2RuLXNlcnZlci5pbmZv_dffb114e096ea505e274a7665e6dd6a2
185.66.201.8200 OK 0 B URL HTTP/2 ebaaa.xyz/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrdpCAiiGZijjrCikAAGjCxCkrNkxNpZNrApCrCZZZCCrkjCrxACrCrGCxCZxkkjjiZpCCr_46556&adApiR=loaded_string_9852735b0bce9d250429df012c0426f88d0bd_2831261_1673026000.4162_87511&capSettings=Y2RuLXNlcnZlci5pbmZvfDUwMDAwfDI0fDY1MTUz&adApiR=loaded_string_9852735b0bce9d250429df012c0426f88d0bd_2831261_1673026000.4162_87511&refferer=1563843210_aHR0cHM6Ly9iaW1tYXJrZXR6LnBhZ2VzLmRldi8=&width=300&height=250&yxDom=Y2RuLXNlcnZlci5pbmZv_dffb114e096ea505e274a7665e6dd6a2
IP 185.66.201.8:0
ASN #201702 skHosting.eu s.r.o.
GET /148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrdpCAiiGZijjrCikAAGjCxCkrNkxNpZNrApCrCZZZCCrkjCrxACrCrGCxCZxkkjjiZpCCr_46556&adApiR=loaded_string_9852735b0bce9d250429df012c0426f88d0bd_2831261_1673026000.4162_87511&capSettings=Y2RuLXNlcnZlci5pbmZvfDUwMDAwfDI0fDY1MTUz&adApiR=loaded_string_9852735b0bce9d250429df012c0426f88d0bd_2831261_1673026000.4162_87511&refferer=1563843210_aHR0cHM6Ly9iaW1tYXJrZXR6LnBhZ2VzLmRldi8=&width=300&height=250&yxDom=Y2RuLXNlcnZlci5pbmZv_dffb114e096ea505e274a7665e6dd6a2 HTTP/1.1
Host: ebaaa.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-server.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 06 Jan 2023 17:26:40 GMT
content-type: application/javascript
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
content-encoding: br
X-Firefox-Spdy: h2
ylx-i.advertica-cdn2.com/aff/pub_s9c2nm.png?1480419364
185.66.200.127200 OK 0 B URL HTTP/2 ylx-i.advertica-cdn2.com/aff/pub_s9c2nm.png?1480419364
IP 185.66.200.127:0
ASN #201702 skHosting.eu s.r.o.
GET /aff/pub_s9c2nm.png?1480419364 HTTP/1.1
Host: ylx-i.advertica-cdn2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-server.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 06 Jan 2023 17:26:40 GMT
content-type: image/png
last-modified: Tue, 29 Nov 2016 11:36:04 GMT
etag: W/"583d6824-68a8"
expires: Sun, 05 Feb 2023 17:26:40 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-cache: HIT
x-server: cdnbts
content-encoding: gzip
X-Firefox-Spdy: h2
ebaaa.xyz/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrdpCAiiGZijjrCikAAGjCxCkrNkxNpZNrApCrCZZZCCrkjCrxACrCrGCxCZxkkjjiZpCCr_46556&adApiR=loaded_string_9852735b0bce9d250429df012c0426f88d0bd_2831261_1673026000.4162_87511&capSettings=Y2RuLXNlcnZlci5pbmZvfDUwMDAwfDI0fDY1MTUz&adApiR=loaded_string_9852735b0bce9d250429df012c0426f88d0bd_2831261_1673026000.4162_87511&refferer=1563843210_aHR0cHM6Ly9iaW1tYXJrZXR6LnBhZ2VzLmRldi8=&width=300&height=250&yxDom=Y2RuLXNlcnZlci5pbmZv_dffb114e096ea505e274a7665e6dd6a2&randomA=761257629398&realRef=Rkl2eDFHVjRydlIyYzhQZStoZldtUU9MaHhyZDNjQlFqa1ZQeGNrVDdqST0=
185.66.201.8200 OK 0 B URL HTTP/2 ebaaa.xyz/148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrdpCAiiGZijjrCikAAGjCxCkrNkxNpZNrApCrCZZZCCrkjCrxACrCrGCxCZxkkjjiZpCCr_46556&adApiR=loaded_string_9852735b0bce9d250429df012c0426f88d0bd_2831261_1673026000.4162_87511&capSettings=Y2RuLXNlcnZlci5pbmZvfDUwMDAwfDI0fDY1MTUz&adApiR=loaded_string_9852735b0bce9d250429df012c0426f88d0bd_2831261_1673026000.4162_87511&refferer=1563843210_aHR0cHM6Ly9iaW1tYXJrZXR6LnBhZ2VzLmRldi8=&width=300&height=250&yxDom=Y2RuLXNlcnZlci5pbmZv_dffb114e096ea505e274a7665e6dd6a2&randomA=761257629398&realRef=Rkl2eDFHVjRydlIyYzhQZStoZldtUU9MaHhyZDNjQlFqa1ZQeGNrVDdqST0=
IP 185.66.201.8:0
ASN #201702 skHosting.eu s.r.o.
GET /148bcf03fc/bb6bac9292/?placementName=ROTATOR&type=n&cv=XrdpCAiiGZijjrCikAAGjCxCkrNkxNpZNrApCrCZZZCCrkjCrxACrCrGCxCZxkkjjiZpCCr_46556&adApiR=loaded_string_9852735b0bce9d250429df012c0426f88d0bd_2831261_1673026000.4162_87511&capSettings=Y2RuLXNlcnZlci5pbmZvfDUwMDAwfDI0fDY1MTUz&adApiR=loaded_string_9852735b0bce9d250429df012c0426f88d0bd_2831261_1673026000.4162_87511&refferer=1563843210_aHR0cHM6Ly9iaW1tYXJrZXR6LnBhZ2VzLmRldi8=&width=300&height=250&yxDom=Y2RuLXNlcnZlci5pbmZv_dffb114e096ea505e274a7665e6dd6a2&randomA=761257629398&realRef=Rkl2eDFHVjRydlIyYzhQZStoZldtUU9MaHhyZDNjQlFqa1ZQeGNrVDdqST0= HTTP/1.1
Host: ebaaa.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn-server.info/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 06 Jan 2023 17:26:40 GMT
content-type: text/html; charset=UTF-8
set-cookie: total_impressions=1; expires=Sat, 07-Jan-2023 04:59:59 GMT; Max-Age=41599; secure; SameSite=None
used_ad2831261=1; expires=Sat, 07-Jan-2023 04:59:59 GMT; Max-Age=41599; path=/; secure; SameSite=None
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2