Overview

URLbdbreserve.com/
IP 66.147.236.12 (United States)
ASN#23535 HOSTROCKET
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-29 23:17:23 UTC
StatusLoading report..
IDS alerts0
Blocklist alert19
urlquery alerts No alerts detected
Tags None

Domain Summary (16)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
bdbreserve.com (29) 0 2021-03-13 08:23:47 UTC 2022-11-06 04:01:20 UTC 66.147.236.12 Unknown ranking
ocsp.pki.goog (9) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.131
fonts.googleapis.com (2) 8877 2013-06-10 20:14:26 UTC 2022-11-29 09:35:58 UTC 142.250.74.106
img-getpocket.cdn.mozilla.net (7) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
cdn.jsdelivr.net (1) 439 2012-09-30 00:15:09 UTC 2020-08-10 12:12:39 UTC 151.101.193.229
vsb20.tawk.to (1) 117644 2020-04-03 17:50:59 UTC 2022-11-29 11:32:21 UTC 104.22.25.131
embed.tawk.to (7) 8650 2014-03-19 21:03:49 UTC 2022-11-29 06:20:43 UTC 104.22.25.131
r3.o.lencr.org (5) 344 No data No data 23.33.119.27
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-29 05:48:55 UTC 34.102.187.140
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 54.149.51.98
translate.google.com (1) 1156 2012-05-30 01:30:32 UTC 2020-04-26 20:04:42 UTC 142.250.74.110
www.gstatic.com (3) 0 2016-07-26 09:37:06 UTC 2022-11-29 09:50:47 UTC 142.250.74.35 Domain (gstatic.com) ranked at: 540
ocsp.digicert.com (4) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-29 05:51:44 UTC 34.117.237.239
fonts.gstatic.com (5) 0 2014-09-09 00:40:21 UTC 2022-11-29 07:36:52 UTC 216.58.207.227 Domain (gstatic.com) ranked at: 540

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-29 2 bdbreserve.com/ Phishing
2022-11-29 2 bdbreserve.com/wp-content/plugins/gtranslate/gtranslate-style16.css?ver=5.5.10 Phishing
2022-11-29 2 bdbreserve.com/wp-includes/css/dist/block-library/style.min.css?ver=5.5.10 Phishing
2022-11-29 2 bdbreserve.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4 Phishing
2022-11-29 2 bdbreserve.com/wp-content/plugins/multiline-files-for-contact-form-7/css/st (...) Phishing
2022-11-29 2 bdbreserve.com/wp-content/themes/sports-club-lite/css/nivo-slider.css?ver=5.5.10 Phishing
2022-11-29 2 bdbreserve.com/wp-content/plugins/contact-form-7-style/css/responsive.css?v (...) Phishing
2022-11-29 2 bdbreserve.com/wp-content/plugins/multiline-files-for-contact-form-7/js/zl- (...) Phishing
2022-11-29 2 bdbreserve.com/wp-content/themes/sports-club-lite/js/editable.js?ver=5.5.10 Phishing
2022-11-29 2 bdbreserve.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp Phishing
2022-11-29 2 bdbreserve.com/wp-content/plugins/elementor/assets/css/frontend-legacy.min. (...) Phishing
2022-11-29 2 bdbreserve.com/wp-content/plugins/elementor/assets/lib/animations/animation (...) Phishing
2022-11-29 2 bdbreserve.com/wp-content/uploads/elementor/css/post-5.css?ver=1615753768 Phishing
2022-11-29 2 bdbreserve.com/wp-content/uploads/elementor/css/post-6.css?ver=1615758120 Phishing
2022-11-29 2 bdbreserve.com/wp-content/uploads/elementor/css/global.css?ver=1615753768 Phishing
2022-11-29 2 bdbreserve.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fon (...) Phishing
2022-11-29 2 bdbreserve.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/sol (...) Phishing
2022-11-29 2 bdbreserve.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/reg (...) Phishing
2022-11-29 2 bdbreserve.com/ Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 66.147.236.12
Date UQ / IDS / BL URL IP
2022-12-25 00:14:27 +0000 0 - 0 - 5 collinsedu.co.uk/NA.php 66.147.236.12
2022-12-24 13:46:18 +0000 0 - 0 - 5 collinsedu.co.uk/NA.php 66.147.236.12
2022-12-24 13:44:35 +0000 0 - 0 - 6 equifirstcfloan.com/SUQ.php 66.147.236.12
2022-12-24 13:13:43 +0000 0 - 0 - 6 servicecapitalone.info/OBP.php 66.147.236.12
2022-12-24 13:09:46 +0000 0 - 0 - 6 easyminning.com/OCOT.php 66.147.236.12


Last 5 reports on ASN: HOSTROCKET
Date UQ / IDS / BL URL IP
2023-01-16 03:44:08 +0000 0 - 3 - 0 www.attorney.services.philippe.audet.pi-agency.us/ 199.101.49.156
2023-01-15 12:56:38 +0000 0 - 6 - 0 tokunbocars.ng/users/activate/5985e0d77d326a8 (...) 66.147.239.119
2023-01-15 12:56:37 +0000 0 - 6 - 0 tokunbocars.ng/ 66.147.239.119
2023-01-11 12:39:01 +0000 0 - 3 - 0 www.onlyscript.biz/ 216.120.255.118
2023-01-09 18:36:11 +0000 0 - 6 - 10 generationspb.com/ib/gpb/login.php 66.147.230.55


Last 1 reports on domain: bdbreserve.com
Date UQ / IDS / BL URL IP
2022-11-29 23:17:23 +0000 0 - 0 - 19 bdbreserve.com/ 66.147.236.12


No other reports with similar screenshot

JavaScript

Executed Scripts (60)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (79)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8489
Expires: Wed, 30 Nov 2022 01:38:41 GMT
Date: Tue, 29 Nov 2022 23:17:12 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Accept-Ranges: bytes
Age: 865
Cache-Control: public, max-age=1209600
Date: Tue, 29 Nov 2022 23:17:12 GMT
Etag: "638650c5-37"
Last-Modified: Tue, 29 Nov 2022 18:34:45 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 55


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   55
Md5:    9f073354411bbaf7a319b1519f10b4b7
Sha1:   571498f38548829bf186f49f5be9d5fa6e689a68
Sha256: 4a7aaaa1c093dee8a191d4469c9f701c5e62e88896bc778a13cc4ffedf9be89a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5659
Expires: Wed, 30 Nov 2022 00:51:31 GMT
Date: Tue, 29 Nov 2022 23:17:12 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 22:17:55 GMT
cache-control: public,max-age=3600
age: 3557
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: 4Q9HDc8N0iHCfkztzx/mGnAHgliB1c455T/g4aMz7JwcAH92kJFmvwAH/n1G7NIstBsBAuwCp7E=
x-amz-request-id: 4SRZDMGZ83GS8ZAA
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 22:45:38 GMT
age: 1894
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 29 Nov 2022 23:17:12 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET / HTTP/1.1 
Host: bdbreserve.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         66.147.236.12
HTTP/1.1 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/5.6.40
x-redirect-by: WordPress
location: https://bdbreserve.com/
content-length: 0
date: Tue, 29 Nov 2022 23:17:12 GMT
server: LiteSpeed


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 23:08:56 GMT
cache-control: public,max-age=3600
age: 496
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4365
Cache-Control: 'max-age=158059'
Date: Tue, 29 Nov 2022 23:17:12 GMT
Last-Modified: Tue, 29 Nov 2022 22:04:27 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: nSjfq/fbZoy/mKuzBoLJSg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         54.149.51.98
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: bcrAxn1UUYQI9Si1zA635Gn3YZ8=

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 23:17:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 23:17:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/plugins/gtranslate/gtranslate-style16.css?ver=5.5.10 HTTP/1.1 
Host: bdbreserve.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bdbreserve.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         66.147.236.12
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 23:17:13 GMT
last-modified: Tue, 16 Feb 2021 22:26:07 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 233
date: Tue, 29 Nov 2022 23:17:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   233
Md5:    1aed81a29c2297bbb22e3be2b431c2d1
Sha1:   87a8c07cc93ca2e69584e9b35c84641466d72f97
Sha256: b53067246a902e0b460a82ccdfd035443c2f0ff872587ea41dce022680626a85

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /css?family=Roboto+Condensed%3A300%2C400%2C700%7COpen+Sans%3A400%2C600%2C700%2C800&ver=5.5.10 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bdbreserve.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.106
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 29 Nov 2022 23:17:13 GMT
date: Tue, 29 Nov 2022 23:17:13 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1441
Md5:    88e7fce6d8a10a8dae616ef5786d5479
Sha1:   632fd69836ce427c4de946d915d0cea8e277f3c8
Sha256: e7e4456fcc9b65cb47e5751840066d088e7890f04c4490abf1bd99fe52a07d58
                                        
                                            GET /wp-includes/css/dist/block-library/style.min.css?ver=5.5.10 HTTP/1.1 
Host: bdbreserve.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bdbreserve.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         66.147.236.12
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 23:17:13 GMT
last-modified: Fri, 28 Aug 2020 03:30:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7455
date: Tue, 29 Nov 2022 23:17:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (27100)
Size:   7455
Md5:    bd31b2b1085f1595b77592174490b5e6
Sha1:   f11b8bd4d75033ed07ef0288c9177dc614d9e214
Sha256: 43cd7e52a79bbc27b1d70717ccf5a7c73cb4b04f3837c7dd8af45d05a47aea0d

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/contact-form-7-style/css/frontend.css?ver=3.1.9 HTTP/1.1 
Host: bdbreserve.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bdbreserve.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         66.147.236.12
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 23:17:13 GMT
last-modified: Mon, 16 Nov 2020 21:42:20 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6075
date: Tue, 29 Nov 2022 23:17:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (40049), with no line terminators
Size:   6075
Md5:    43ba6717edbaf90249f545be699e0c95
Sha1:   a43999157e52575fe9539f670ed9a6641ed6966f
Sha256: ecd793343090b0d2f5fa3d30e5c060152bbaaa4c19abdc2d0a02832cfb0e0c03
                                        
                                            GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4 HTTP/1.1 
Host: bdbreserve.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bdbreserve.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         66.147.236.12
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 23:17:13 GMT
last-modified: Sun, 07 Mar 2021 15:47:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 824
date: Tue, 29 Nov 2022 23:17:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   824
Md5:    f76f64e264bcac5d2d75cd42610597f1
Sha1:   d50ce5995b527ea2a04a8eed52283085e22ac565
Sha256: ae412022bf120f5a1b5c5889cdae492baa4252af3a22d5bd2974281af0b7e928

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/drag-and-drop-multiple-file-upload-contact-form-7/assets/css/dnd-upload-cf7.css?ver=1.3.5.9 HTTP/1.1 
Host: bdbreserve.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bdbreserve.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         66.147.236.12
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 23:17:13 GMT
last-modified: Sun, 07 Mar 2021 15:47:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1788
date: Tue, 29 Nov 2022 23:17:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1146), with CRLF line terminators
Size:   1788
Md5:    ee86ab3cd419635127f8f8d59d3fff2c
Sha1:   b9356bafeeff6b763be6b672271102c3603beeca
Sha256: 9f5a8beba3851805eefac179a2d899ccef7bcf00da9609c37018410feec74781
                                        
                                            GET /wp-content/plugins/multiline-files-for-contact-form-7/css/style.css?ver=5.5.10 HTTP/1.1 
Host: bdbreserve.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bdbreserve.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         66.147.236.12
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 23:17:13 GMT
last-modified: Mon, 16 Nov 2020 21:41:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 279
date: Tue, 29 Nov 2022 23:17:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   279
Md5:    2330db8eae46db86fbf79f3a6fe22e69
Sha1:   38c8da6111261451ac7f48b1664687b2b0d08c3f
Sha256: 7a20cf53ca607c48937fea1b8798b70e77c2b19ed7beefa4db9183f5d5799a23

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/sports-club-lite/style.css?ver=5.5.10 HTTP/1.1 
Host: bdbreserve.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bdbreserve.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         66.147.236.12
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 23:17:13 GMT
last-modified: Sun, 15 Nov 2020 19:27:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6356
date: Tue, 29 Nov 2022 23:17:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  assembler source, ASCII text, with very long lines (808), with CRLF line terminators
Size:   6356
Md5:    ef977afdc1f2526ec8a1768ab8853445
Sha1:   f45b05dbfaf37361c5d0d892a2dc3cd58ac224ad
Sha256: 6c661d2d52b5b33ac4836ee8d055b3a3abc6addfad52b238385ba69c4c397cbf
                                        
                                            GET /wp-content/themes/sports-club-lite/css/nivo-slider.css?ver=5.5.10 HTTP/1.1 
Host: bdbreserve.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bdbreserve.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         66.147.236.12
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 23:17:13 GMT
last-modified: Sun, 15 Nov 2020 19:27:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1130
date: Tue, 29 Nov 2022 23:17:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   1130
Md5:    c88bcf566f7d424a5c927588ec1c2540
Sha1:   a966a6e075bab724590d90efb2fc179d7bb566b0
Sha256: 4002919585d225c227743e8f0b5b3ec445d27896b629b328f3bacf9b5451f5db

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/contact-form-7-style/css/responsive.css?ver=3.1.9 HTTP/1.1 
Host: bdbreserve.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bdbreserve.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         66.147.236.12
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 23:17:13 GMT
last-modified: Mon, 16 Nov 2020 21:42:20 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1491
date: Tue, 29 Nov 2022 23:17:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (8173), with no line terminators
Size:   1491
Md5:    be76a8b5375d6500e35fc1e2a5433f62
Sha1:   b5e62f727dc1a9f6280fc4b1aa3f5f695495e884
Sha256: c2cf9236fcf30a6024712dbbd73d3b83e203f07285d8c7d10160143b9af8dc0b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/sports-club-lite/fontsawesome/css/fontawesome-all.css?ver=5.5.10 HTTP/1.1 
Host: bdbreserve.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bdbreserve.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         66.147.236.12
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 23:17:13 GMT
last-modified: Sun, 15 Nov 2020 19:27:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9080
date: Tue, 29 Nov 2022 23:17:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (317), with CRLF line terminators
Size:   9080
Md5:    06f06d7009541a78eeca8cdf5ab91e03
Sha1:   4ec4caa7390ba5ee2525ef40b838ee6bfceae4dd
Sha256: 147aca701f4253720232dfe1b7ce574117c33ec626770eaf03d1890e6843a9cd
                                        
                                            GET /wp-content/plugins/multiline-files-for-contact-form-7/js/zl-multine-files.js?ver=5.5.10 HTTP/1.1 
Host: bdbreserve.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bdbreserve.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         66.147.236.12
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 23:17:13 GMT
last-modified: Mon, 16 Nov 2020 21:41:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 658
date: Tue, 29 Nov 2022 23:17:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   658
Md5:    7d75fd56cae7771e284d3f8e481afed3
Sha1:   331bf26c5ce7b69306d3f53b55a6b95b91672cb4
Sha256: 72bfac0ebf940883ac21c1ab63f40d54805a25cb65f0a22269569f6506d80f97

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/sports-club-lite/js/jquery.nivo.slider.js?ver=5.5.10 HTTP/1.1 
Host: bdbreserve.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bdbreserve.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         66.147.236.12
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 23:17:13 GMT
last-modified: Sun, 15 Nov 2020 19:27:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4649
date: Tue, 29 Nov 2022 23:17:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (386), with CRLF line terminators
Size:   4649
Md5:    2cdc4f45a59e8177438769ac8bad617b
Sha1:   abd8f62bd27f25ed177847aafad8ab58c8f0104c
Sha256: 867720c8d60e675533779ab460bf9190d198e2cf917c80b5c5f32ff46626e3b1
                                        
                                            GET /wp-content/themes/sports-club-lite/js/editable.js?ver=5.5.10 HTTP/1.1 
Host: bdbreserve.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bdbreserve.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         66.147.236.12
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 23:17:13 GMT
last-modified: Sun, 15 Nov 2020 19:27:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 706
date: Tue, 29 Nov 2022 23:17:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   706
Md5:    7d5708b0d6e58d29ff32f9c983efac04
Sha1:   a558867d9ee8b0e8756ca99c008d92f2431e9072
Sha256: 5615018ed066b1ec9584f7ecf63c13af83cb508def17d79f9450bd9e19a6e08a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp HTTP/1.1 
Host: bdbreserve.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bdbreserve.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         66.147.236.12
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 23:17:13 GMT
last-modified: Fri, 17 May 2019 13:55:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 32853
date: Tue, 29 Nov 2022 23:17:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (31997)
Size:   32853
Md5:    a95303ca3b1a9372809d72ffa31bca40
Sha1:   65130bca144d3b49d5f97387173c423b9b4abfe3
Sha256: c5d914b6693616fcf2c61bc363660dcc5f6ea7de5a25b1d6a5a2a95f39846565

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/themes/sports-club-lite/css/responsive.css?ver=5.5.10 HTTP/1.1 
Host: bdbreserve.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bdbreserve.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         66.147.236.12
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 23:17:13 GMT
last-modified: Sun, 15 Nov 2020 19:27:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1802
date: Tue, 29 Nov 2022 23:17:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   1802
Md5:    7111ebc1e65929315a8c6e2bb398ba0c
Sha1:   f7ea9392a099dddc0cb6486d661f844eebac9dd7
Sha256: 3363214672b9afa7ea3f19a9ab9dc3c1c657fe9159803979e52f24633ad7d045
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.11.0 HTTP/1.1 
Host: bdbreserve.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bdbreserve.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         66.147.236.12
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 23:17:13 GMT
last-modified: Sun, 14 Mar 2021 20:20:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3296
date: Tue, 29 Nov 2022 23:17:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (17186)
Size:   3296
Md5:    6c4cff9d3ad2e3a26287348df9886ce8
Sha1:   2d9389d03acfd678e573a2687aa23ac581db3cd4
Sha256: 6d16634ec24262a69b7afb6308c6b81325ad45af3bd04092c7000d1a90d23c94
                                        
                                            GET /wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.1.4 HTTP/1.1 
Host: bdbreserve.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bdbreserve.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         66.147.236.12
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 23:17:13 GMT
last-modified: Sun, 14 Mar 2021 20:20:01 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 445
date: Tue, 29 Nov 2022 23:17:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3815)
Size:   445
Md5:    af853cde8ca7783256726fa72c102176
Sha1:   bb3dc4862c94e3e96ab47da71d85039a290ed283
Sha256: fb4ac9baba01d9a2c77f8217832ba7a24fe8acfcf833320718c84692390131c3

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.1.4 HTTP/1.1 
Host: bdbreserve.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bdbreserve.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         66.147.236.12
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 23:17:13 GMT
last-modified: Sun, 14 Mar 2021 20:20:01 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 15219
date: Tue, 29 Nov 2022 23:17:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65497)
Size:   15219
Md5:    ae47a36afe34073ff957db39aae2352e
Sha1:   243ff157984320b51991881c9e79c57992ec0659
Sha256: e5da49ffffecb7a024040a59348ebc6e25113fa027d238f4ba05f10656cc2c30
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.1.4 HTTP/1.1 
Host: bdbreserve.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bdbreserve.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         66.147.236.12
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 23:17:13 GMT
last-modified: Sun, 14 Mar 2021 20:20:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2442
date: Tue, 29 Nov 2022 23:17:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (10019)
Size:   2442
Md5:    d2db71c82a8f672aea59a3e050cd8cd7
Sha1:   af626566f94b3164e4310288cfb142431e8349a6
Sha256: bcd2c9c2ba22a48a8fabf9fbe5e947deb6404367e4be24f48326e302aead1180

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/uploads/elementor/css/post-5.css?ver=1615753768 HTTP/1.1 
Host: bdbreserve.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bdbreserve.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         66.147.236.12
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 23:17:13 GMT
last-modified: Sun, 14 Mar 2021 20:29:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 281
date: Tue, 29 Nov 2022 23:17:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (946), with no line terminators
Size:   281
Md5:    54f498612ccd843423cd5bc8624c31ae
Sha1:   2f083aaa53d0cd5ab8154fb8c16f75fe8cac4ea2
Sha256: 99af559228fbde8914b78708eaef566be305297d6b1ff77d065828e8260b875d

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/uploads/elementor/css/post-6.css?ver=1615758120 HTTP/1.1 
Host: bdbreserve.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bdbreserve.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         66.147.236.12
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 23:17:13 GMT
last-modified: Sun, 14 Mar 2021 21:42:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1968
date: Tue, 29 Nov 2022 23:17:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (21760), with no line terminators
Size:   1968
Md5:    81c7bd663e4d6306eb9183462d514b72
Sha1:   8c7a6a81f3a014ff34e4dd85c1d795efd58595d6
Sha256: b16bec3591a32a95e1e88c8ae9921cb8eaaed8de411f7ae1597079d398abf2c4

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/uploads/elementor/css/global.css?ver=1615753768 HTTP/1.1 
Host: bdbreserve.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bdbreserve.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         66.147.236.12
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 23:17:13 GMT
last-modified: Sun, 14 Mar 2021 20:29:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 739
date: Tue, 29 Nov 2022 23:17:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6837)
Size:   739
Md5:    76fdebadf72d3fea4b4491be62684076
Sha1:   1440c2ebded6e9b9d859442b40cdb21ab85d6af2
Sha256: 68e9d1d6b1560d475426dd4a2c2f16b1832f5fb8d479f83f2a73050cc8eeba01

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.1 HTTP/1.1 
Host: bdbreserve.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bdbreserve.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         66.147.236.12
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 23:17:13 GMT
last-modified: Sun, 14 Mar 2021 20:20:11 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12133
date: Tue, 29 Nov 2022 23:17:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (57726)
Size:   12133
Md5:    7cfefbdd5cd865c1b324362c06b804a2
Sha1:   ad8d6419f970a99bbdcfeeb2657e6f4eccd2ce63
Sha256: 5a2a72bb61d6daa3127f09335299dc1125cb2797cc1c2d56a979f369258482cc

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/uploads/2021/03/cropped-aa.jpg HTTP/1.1 
Host: bdbreserve.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bdbreserve.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         66.147.236.12
HTTP/2 200 OK
content-type: image/jpeg
                                        
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 23:17:13 GMT
last-modified: Sun, 14 Mar 2021 20:33:01 GMT
accept-ranges: bytes
content-length: 5194
date: Tue, 29 Nov 2022 23:17:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 250x52, components 3\012- data
Size:   5194
Md5:    a4963d2da29b3cdb8be5246d5fe841df
Sha1:   49de8443e10a1b28a55af04f4579660b7c75fff4
Sha256: d0d9f84533c1d13cbf52b148a036b8757d69f357a69f4defb42f13d803a6b337
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.1 HTTP/1.1 
Host: bdbreserve.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bdbreserve.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         66.147.236.12
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 23:17:13 GMT
last-modified: Sun, 14 Mar 2021 20:20:11 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 286
date: Tue, 29 Nov 2022 23:17:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (483)
Size:   286
Md5:    dd8fa48903cc839f219c5ea5f8c83d97
Sha1:   b37c1219e3faf68a1a6d3e9e69cc6bc3768e0f78
Sha256: 82a9dc8780d5943453178fbb9dc80e04bb98ef9454523ad5b209adff09bdf214

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.1 HTTP/1.1 
Host: bdbreserve.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bdbreserve.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         66.147.236.12
HTTP/2 200 OK
content-type: text/css
                                        
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 23:17:13 GMT
last-modified: Sun, 14 Mar 2021 20:20:11 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 282
date: Tue, 29 Nov 2022 23:17:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (491)
Size:   282
Md5:    2636f2151fe4dd1960df03bb3334fdec
Sha1:   5787e4333469e668a59aa680a54001a60dd8b840
Sha256: cd7a098f20f41fe3b247b91cdb57527f896bfdcbdf09efb6eb170135a4304df4

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /wp-includes/js/wp-emoji-release.min.js?ver=5.5.10 HTTP/1.1 
Host: bdbreserve.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bdbreserve.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         66.147.236.12
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 23:17:13 GMT
last-modified: Thu, 15 Apr 2021 07:08:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4316
date: Tue, 29 Nov 2022 23:17:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11272)
Size:   4316
Md5:    cbe8cb2fedf8a769a95b7fb14607cb1f
Sha1:   bd8a18991728b257e9eefb89ba6ea9058860983a
Sha256: 0be8d8f894d47080f1723551cb8adf6c158249dc6f99fb06639ee9e5d332be4f
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 23:17:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /translate_a/element.js?cb=googleTranslateElementInit2 HTTP/1.1 
Host: translate.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bdbreserve.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.110
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 29 Nov 2022 23:17:13 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+057; expires=Thu, 28-Nov-2024 23:17:13 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   26646
Md5:    d19acc941cc4021103f0e57686c5b398
Sha1:   1c45b60932cebfe83efd171d8cb51bc51e323a45
Sha256: 52975a1ae096e7335379396646d5cf096a274931a04504e6fd6995670b160c0c
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 23:17:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 23:17:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 23:17:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bdbreserve.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.227
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 18:52:41 GMT
expires: Tue, 28 Nov 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 102272
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size:   44856
Md5:    565ce506190ad3af920b40baf1794cec
Sha1:   ad3cba5d06100e09449a864d3b5e58403b478b3d
Sha256: 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
                                        
                                            GET /s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bdbreserve.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.227
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15700
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 15:42:33 GMT
expires: Wed, 29 Nov 2023 15:42:33 GMT
cache-control: public, max-age=31536000
age: 27280
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15700, version 1.0\012- data
Size:   15700
Md5:    3d7f7413fca69bff4d231ebdc50aaab0
Sha1:   cb18e7943b6a8a0e3672d7242197c19a226b92e8
Sha256: 6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13385
Expires: Wed, 30 Nov 2022 03:00:18 GMT
Date: Tue, 29 Nov 2022 23:17:13 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 23:17:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13385
Expires: Wed, 30 Nov 2022 03:00:18 GMT
Date: Tue, 29 Nov 2022 23:17:13 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13385
Expires: Wed, 30 Nov 2022 03:00:18 GMT
Date: Tue, 29 Nov 2022 23:17:13 GMT
Connection: keep-alive

                                        
                                            GET /s/worksans/v18/QGYsz_wNahGAdqQ43Rh_fKDp.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bdbreserve.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.227
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47728
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 19:22:22 GMT
expires: Wed, 29 Nov 2023 19:22:22 GMT
cache-control: public, max-age=31536000
age: 14091
last-modified: Tue, 23 Aug 2022 17:55:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 47728, version 1.0\012- data
Size:   47728
Md5:    b1581ddd77372ceb06eb14adfd1bea07
Sha1:   1a3b0fc96fa73b808aa1f91f122a3c9bdcf93ee8
Sha256: 97e82d8eac8d106b28abf1b716982c40c06fffe49cc2f34cd1c299266745ef73
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 23:17:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/alegreyasc/v22/taiTGmRtCJ62-O0HhNEa-ZZc-oU2SKo.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bdbreserve.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.227
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28948
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Nov 2022 14:06:34 GMT
expires: Sat, 25 Nov 2023 14:06:34 GMT
cache-control: public, max-age=31536000
age: 378639
last-modified: Tue, 19 Apr 2022 18:23:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 28948, version 1.0\012- data
Size:   28948
Md5:    966e319289cecf00689b6aadc5975639
Sha1:   9f614786070dd969b84938e39f93776734c45de8
Sha256: 04bfe49aee7342ee9a4db0ade98749c68bf35161ce9fc159bd414a501b08cc03
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29e8368b-e5a8-4256-a456-b724e13819e4.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10068
x-amzn-requestid: 7f386e94-3c17-44a1-a36b-3d0eeff4623d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhGvEQQoAMFihA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bc4-5069acfd038ffb2c124b7bd8;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Ec2HkhHmHE2ddGBpLsJ5Rn7SCMjyR5kzaTyrguDoI9xOohgsCi08CQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:26 GMT
age: 5567
etag: "639165dc66d171b8266f22cd495181427112bc80"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10068
Md5:    f621857774e4b4adda95f58081644859
Sha1:   639165dc66d171b8266f22cd495181427112bc80
Sha256: 341fd33d3d9486079c182d60e21c355244b6597e6e09ba51ecee2e331b38ca2e
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Accept-Ranges: bytes
Age: 6137
Date: Tue, 29 Nov 2022 23:17:13 GMT
Etag: "638651c5-37"
Last-Modified: Tue, 29 Nov 2022 18:39:01 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 55


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   55
Md5:    9f073354411bbaf7a319b1519f10b4b7
Sha1:   571498f38548829bf186f49f5be9d5fa6e689a68
Sha256: 4a7aaaa1c093dee8a191d4469c9f701c5e62e88896bc778a13cc4ffedf9be89a
                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bdbreserve.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.227
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:33:54 GMT
expires: Thu, 23 Nov 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 531799
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87a30da8-85ab-41b8-bac9-b9c57f447d6a.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9670
x-amzn-requestid: d9a529ac-9dc6-4e12-80c5-3250dc97e7bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDcFiAoAMF0nA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-116ddf09265d51523c3638b3;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dTu4TnkeBj5Jm6nU8CA37pptq4F43BUYXcAJPcXro47W1MJriiVrcw==
via: 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:35 GMT
etag: "3d8c927b6945d880f92d4e7a686cad5a9985e8ad"
age: 5558
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9670
Md5:    33ee67e62c49fc8d51f18df313002aac
Sha1:   3d8c927b6945d880f92d4e7a686cad5a9985e8ad
Sha256: ba6e66e07cd93219926927fd2b468a92b8d02cc9bf1da0b3b9a3c48da160bbdc
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7298
x-amzn-requestid: 381e55bb-876b-46ad-84b6-1ddf9f876f56
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDcE3poAMFaAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-7c12394600900afc7281e858;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7mRG070F4NZnewfowUhVhMerJaGjJd4G6O1tvTPiKyvTAzq-Y16-jw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:56:51 GMT
etag: "e4ddf955e8ac1986045ed55880c43c69e588a021"
age: 4822
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7298
Md5:    e00769bd1391b8f4f5b8ab128a825355
Sha1:   e4ddf955e8ac1986045ed55880c43c69e588a021
Sha256: 81ca4d20c28fed8fd3135515daadc1fdbfb4198535d7c46021b418b8b98e59a5
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7f230eb-6b67-4a80-b973-d8ea78fe73ae.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12853
x-amzn-requestid: 25e4402d-98d0-4c38-a927-397c37724bea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhdpHAuIAMFweQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867c57-506672a36959d9ea09ef5155;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:40:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gHL2sFE-o1u5kEIUiabbP6u5CXr3ihI4mKiAVkfReyuJuTF5k5ktSg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:48 GMT
age: 5545
etag: "151b60134a66305bd72dbb3810f67a57720b2af1"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12853
Md5:    e08af5b1d18986e112913c6e69cc8ce6
Sha1:   151b60134a66305bd72dbb3810f67a57720b2af1
Sha256: 555a62d98f4002ad187a6b480d534a1dbe3c64d1f4d17cffad2ab985c10ca462
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8af12b89-c1a0-4a2a-aa29-cd6dea02f435.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8288
x-amzn-requestid: 8b48ce45-1c30-4ea3-8cef-bf3b2e7f106f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEgFcUIAMFkSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1c-20e896a62338c6dc45c1ca2a;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:08 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 0bNBjOUnEjVgDrhXO2wYnfemT_030w9kk747Zk9-DTeI0UB-lV073g==
via: 1.1 1570d93226c1bbca2ebaad510cff3e0c.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:44:26 GMT
age: 5568
etag: "268e6202466941e612ff503835de9091ef4d5b38"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8288
Md5:    2cd563ab005d968185c8d000e38b88c2
Sha1:   268e6202466941e612ff503835de9091ef4d5b38
Sha256: 272c867dcc37d97f8682e8f3aa11a567a401b4d4d78e890b0eb94a3c77ea5000
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde294fb7-e851-4e57-83be-aa3374862dcb.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7971
x-amzn-requestid: e47d10e4-2b60-4998-b5fa-5b145e60aac2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhgWHgGoAMFcLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867c68-5b9710a07b0a59730e73dce4;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:40:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OURSF_raDXrHV3-3ScaEdorNpW9ZKSIQjv6WUCQYHhruGz372BU_QA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:11:32 GMT
age: 3942
etag: "87447d20e9c0a6a6aeefe6ca107f93cd3598cd0d"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7971
Md5:    9e135c29a8769eb12ef8c26f99097400
Sha1:   87447d20e9c0a6a6aeefe6ca107f93cd3598cd0d
Sha256: ce41ff79c382efc54aa2fd3ab64293d2d2b706a7f21585f4bd8bbcd9a3566126
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 23:17:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CWork+Sans%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CAlegreya+SC%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=5.5.10 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bdbreserve.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.106
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 29 Nov 2022 23:17:13 GMT
date: Tue, 29 Nov 2022 23:17:13 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   4841
Md5:    7e9d402180e9a73907f88c069484d775
Sha1:   b11730dcd6879a78b2e1cb49129040287b2e48d1
Sha256: 47fc80de35679dcfe787ece28193bb2a92b9b888bdbbfdf125de552b66d56da1
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Accept-Ranges: bytes
Age: 6138
Date: Tue, 29 Nov 2022 23:17:14 GMT
Etag: "638651c5-37"
Last-Modified: Tue, 29 Nov 2022 18:39:01 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 55


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   55
Md5:    9f073354411bbaf7a319b1519f10b4b7
Sha1:   571498f38548829bf186f49f5be9d5fa6e689a68
Sha256: 4a7aaaa1c093dee8a191d4469c9f701c5e62e88896bc778a13cc4ffedf9be89a
                                        
                                            GET /images/branding/product/1x/translate_24dp.png HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bdbreserve.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.35
HTTP/2 200 OK
content-type: image/png
                                        
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 846
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 23:15:09 GMT
expires: Wed, 29 Nov 2023 23:15:09 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
age: 125
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size:   846
Md5:    e9cd262114358f26b7608b56905185dc
Sha1:   6dbde0a96deaab2b529723ce26c62043cf9180ab
Sha256: 5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
                                        
                                            GET /images/branding/product/2x/translate_24dp.png HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://translate.googleapis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.35
HTTP/2 200 OK
content-type: image/png
                                        
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 21:37:17 GMT
expires: Wed, 29 Nov 2023 21:37:17 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
age: 5997
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size:   1842
Md5:    c69c796362406f9e11c7f4bf5bb628da
Sha1:   e489ce95ab56208090868882113d7416abf46775
Sha256: 4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
                                        
                                            GET /images/branding/googlelogo/1x/googlelogo_color_42x16dp.png HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bdbreserve.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.35
HTTP/2 200 OK
content-type: image/png
                                        
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 910
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 21:53:10 GMT
expires: Wed, 29 Nov 2023 21:53:10 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
age: 5044
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 42 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size:   910
Md5:    efa6bb2bfe459bc6f4bdafa3db0383f6
Sha1:   52d15ce52fe50643e542c17812de43f4ed1b6ee0
Sha256: 6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
                                        
                                            GET /emojione/2.2.7/lib/js/emojione.min.js HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bdbreserve.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.193.229
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 29 Nov 2022 23:17:16 GMT
age: 21910193
x-served-by: cache-fra19156-FRA, cache-bma1661-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 53889
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   67902
Md5:    54f67b7d71295530007bb039d88e5809
Sha1:   e31d44f65f5a9418ddccb7f8d56b8434b64dfa40
Sha256: a89736b4b32bd3731d7dbd752a3b7533a3f21ddf191ab950f2b7ede4ed4b4982
                                        
                                            GET /_s/v4/app/637ddf31c8f/js/twk-chunk-common.js HTTP/1.1 
Host: embed.tawk.to
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bdbreserve.com
Connection: keep-alive
Referer: https://bdbreserve.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.22.25.131
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 29 Nov 2022 23:17:15 GMT
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
etag: W/"bde99510bdf9ab7bbc9ce82519a19a36"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 771f0e3f9e85fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65466)
Size:   42236
Md5:    922ee861d5a966f4f2710b60a0950e38
Sha1:   3cac9fccbe0604ae99575babc6272e0e5051663f
Sha256: 56cedb600640cfa8924ad5c77c250ca080f207e1eee97cbe91c0cec6cb6532fb
                                        
                                            GET /s/?k=638692fc91d77096fa4b9983&cver=0&pop=false&asver=674&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI2MDRlN2VlMTA2N2MyNjA1YzBiODQ1NzUiLCJ2aWQiOiI2MDRlN2VlMTA2N2MyNjA1YzBiODQ1NzUtN1FfMENGS3lWVjNwc09neXBnUDQxIiwic2lkIjoiNjM4NjkyZmM5MWQ3NzA5NmZhNGI5OTgzIiwiaWF0IjoxNjY5NzYzODM2LCJleHAiOjE2Njk3NjU2MzYsImp0aSI6IlI0bndUUVVjWHhITTRKR0ZaNXFvaCJ9.cftiw50GYZESYjNKeCZsz5rtoGxg_d8vO_85ngR1UfnGQrSETZGMLFSH6wEYkVfgIYLGHOMQu7OFJ2U2wSr22Q&EIO=3&transport=websocket&__t=OJ5hYLQ HTTP/1.1 
Host: vsb20.tawk.to
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://bdbreserve.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ZrmFOrZ1N2KYWvwXiyUoqA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         104.22.25.131
HTTP/1.1 101 Switching Protocols
                                        
Date: Tue, 29 Nov 2022 23:17:16 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: Nk/ESylfX9IlLsETyqp4SWFg5P0=
sec-websocket-extensions: permessage-deflate
strict-transport-security: max-age=0; includeSubDomains; preload
CF-Cache-Status: DYNAMIC
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 771f0e48b81d0b55-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400


--- Additional Info ---
Magic:  data
Size:   7287
Md5:    26cd9102c3d55d269f716283207af180
Sha1:   30dc108415e4f4cb44eedcae363a2384a0f79517
Sha256: baa3a2121ab9c2b419685f1d7acf87e927a80e6ab60ac89fb423603b259e9395
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa44c8657-c62c-4dd0-8688-d6b89a767fb4.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8337
x-amzn-requestid: 88e6ec5a-6b04-4787-91e4-02f316d0d6e2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhgYHViIAMFZrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867c68-10f0d81a09c0ae930f6be726;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:40:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8XATm-S2y3wzXWzJxgof2GIbXx_7WzuEMKrhI5By_tGaB8EiYeGkLg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:59:07 GMT
age: 4693
etag: "71e4307194ea9fb15d29c8a5e35f9bfd3cb0c6e0"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8337
Md5:    2cb669522a324cd5d9ba1b1743138d38
Sha1:   71e4307194ea9fb15d29c8a5e35f9bfd3cb0c6e0
Sha256: a997731964710b80affb001f7f2e2f05a93550b06c1626279516d78b11332803
                                        
                                            GET /_s/v4/app/637ddf31c8f/js/twk-main.js HTTP/1.1 
Host: embed.tawk.to
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bdbreserve.com
Connection: keep-alive
Referer: https://bdbreserve.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.22.25.131
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 29 Nov 2022 23:17:14 GMT
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
etag: W/"da5bb1dc647470204df0e49f5afac2de"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 771f0e3f9e82fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /_s/v4/app/637ddf31c8f/js/twk-runtime.js HTTP/1.1 
Host: embed.tawk.to
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bdbreserve.com
Connection: keep-alive
Referer: https://bdbreserve.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.22.25.131
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 29 Nov 2022 23:17:15 GMT
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
etag: W/"9075c2f5460b2832318d3c7217cc68cb"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 771f0e3f9e86fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /_s/v4/app/637ddf31c8f/js/twk-vendor.js HTTP/1.1 
Host: embed.tawk.to
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bdbreserve.com
Connection: keep-alive
Referer: https://bdbreserve.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.22.25.131
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 29 Nov 2022 23:17:15 GMT
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
etag: W/"7dcb496e4882926f93f2e73fa87062c0"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 771f0e3f9e83fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET / HTTP/1.1 
Host: bdbreserve.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         66.147.236.12
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
x-powered-by: PHP/5.6.40
link: <https://bdbreserve.com/wp-json/>; rel="https://api.w.org/", <https://bdbreserve.com/wp-json/wp/v2/pages/6>; rel="alternate"; type="application/json", <https://bdbreserve.com/>; rel=shortlink
content-encoding: br
vary: Accept-Encoding
date: Tue, 29 Nov 2022 23:17:13 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /604e7ee1067c2605c0b84575/1f0p9v8kh HTTP/1.1 
Host: embed.tawk.to
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bdbreserve.com
Connection: keep-alive
Referer: https://bdbreserve.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         104.22.25.131
HTTP/2 200 OK
content-type: application/x-javascript
                                        
date: Tue, 29 Nov 2022 23:17:14 GMT
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
etag: W/"stable-v4-637ddf31c8f"
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
x-content-type-options: nosniff
server: cloudflare
cf-ray: 771f0e3a9c36fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /_s/v4/app/637ddf31c8f/js/twk-app.js HTTP/1.1 
Host: embed.tawk.to
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bdbreserve.com
Connection: keep-alive
Referer: https://bdbreserve.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.22.25.131
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 29 Nov 2022 23:17:15 GMT
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 771f0e3f9e87fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /_s/v4/app/637ddf31c8f/js/twk-chunk-vendors.js HTTP/1.1 
Host: embed.tawk.to
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bdbreserve.com
Connection: keep-alive
Referer: https://bdbreserve.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.22.25.131
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Tue, 29 Nov 2022 23:17:15 GMT
last-modified: Wed, 23 Nov 2022 08:52:37 GMT
etag: W/"70dac54eca3bb2143032bc4db3237623"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 771f0e3f9e84fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---