r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2d2e7649ce9e9ba6fc8b68aa89352e3c
0153d1d3d830a457043e16bb40d48a0b9ddef4b8
8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3380
Expires: Thu, 01 Dec 2022 05:23:55 GMT
Date: Thu, 01 Dec 2022 04:27:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2e39e430d6f9644de431ec5e79d52eeb
5f97597057ffb76c33d732ab56d674d6c139c66f
d8a67f59a37b4cf4667cb81253167b80725d3c3ccd23a01e2078ab6ba29c7fb3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8A67F59A37B4CF4667CB81253167B80725D3C3CCD23A01E2078AB6BA29C7FB3"
Last-Modified: Wed, 30 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21228
Expires: Thu, 01 Dec 2022 10:21:23 GMT
Date: Thu, 01 Dec 2022 04:27:35 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f3cf023c797da81728c0ac84c8759331
fa07c5e39e4b0741ea484101cccb2202acea9d9c
5206a0bac8bf78d6b84322519271a1ece2c1039a0090e583de6d6192d88873d0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 941
Cache-Control: max-age=109165
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 04:27:35 GMT
Etag: "638730f7-1d7"
Expires: Fri, 02 Dec 2022 10:47:00 GMT
Last-Modified: Wed, 30 Nov 2022 10:31:19 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6d9d34c96b9a826ae5676640c966469c
8052a16d41a637e420478b7de1ff5a2dc951fccd
f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8545
Expires: Thu, 01 Dec 2022 06:50:00 GMT
Date: Thu, 01 Dec 2022 04:27:35 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 01 Dec 2022 04:19:45 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 470
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: tNUyIWdgFxw9D1NUsS2SzOngnEQqgY8QOVLlIQbUcvC7YoyhEJPd3rMQnAzEBuQ5hn7gJzkRw+o=
x-amz-request-id: A21SE5YK3KBC2Z6Z
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 01 Dec 2022 03:45:30 GMT
age: 2525
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
www.bangbooz.work.gd/net.htm
194.124.43.118200 OK 19 kB URL HTTP/1.1 www.bangbooz.work.gd/net.htm
IP 194.124.43.118:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text
Hash f2568f8854614f1281ad24640ce047a0
a6d9f4aa1b9b55b28d3806de0c6c0478bb93aba9
065b65f2571169572abfc9c8f3a6a197d28accbeb93d0dba741a536ab34f1295
Analyzer Verdict Alert openphish RBFCU
fortinet Phishing
GET /net.htm HTTP/1.1
Host: www.bangbooz.work.gd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Dec 2022 04:27:35 GMT
Content-Type: text/html
Last-Modified: Thu, 01 Dec 2022 00:57:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
ETag: W/"6387fc03-105dd"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 04:27:35 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.bangbooz.work.gd/NBO/assets/js/spin.min.js
194.124.43.118404 Not Found 724 B URL HTTP/1.1 www.bangbooz.work.gd/NBO/assets/js/spin.min.js
IP 194.124.43.118:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 52d904c91a9182a2c0b84e362a0d545f
88a277c2f606de4c42d43954345de5712d350ed2
dacd576c06ac7fcc533ff18c18663d5bfa30e19c286356323259986d3bd8371a
Analyzer Verdict Alert fortinet Phishing
GET /NBO/assets/js/spin.min.js HTTP/1.1
Host: www.bangbooz.work.gd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bangbooz.work.gd/net.htm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 04:27:35 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
Last-Modified: Wed, 30 Nov 2022 08:57:26 GMT
ETag: W/"58f-5eeac4b25ec7f"
Content-Encoding: gzip
www.bangbooz.work.gd/NBO/assets/js/columnHeight.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
194.124.43.118404 Not Found 724 B URL HTTP/1.1 www.bangbooz.work.gd/NBO/assets/js/columnHeight.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
IP 194.124.43.118:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 52d904c91a9182a2c0b84e362a0d545f
88a277c2f606de4c42d43954345de5712d350ed2
dacd576c06ac7fcc533ff18c18663d5bfa30e19c286356323259986d3bd8371a
GET /NBO/assets/js/columnHeight.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8 HTTP/1.1
Host: www.bangbooz.work.gd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bangbooz.work.gd/net.htm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 04:27:35 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
Last-Modified: Wed, 30 Nov 2022 08:57:26 GMT
ETag: W/"58f-5eeac4b25ec7f"
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 04:27:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.bangbooz.work.gd/NBO/assets/js/ajax.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
194.124.43.118404 Not Found 724 B URL HTTP/1.1 www.bangbooz.work.gd/NBO/assets/js/ajax.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
IP 194.124.43.118:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 52d904c91a9182a2c0b84e362a0d545f
88a277c2f606de4c42d43954345de5712d350ed2
dacd576c06ac7fcc533ff18c18663d5bfa30e19c286356323259986d3bd8371a
Analyzer Verdict Alert fortinet Phishing
GET /NBO/assets/js/ajax.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8 HTTP/1.1
Host: www.bangbooz.work.gd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bangbooz.work.gd/net.htm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 04:27:35 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
Last-Modified: Wed, 30 Nov 2022 08:57:26 GMT
ETag: W/"58f-5eeac4b25ec7f"
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 04:27:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.bangbooz.work.gd/NBO/assets/js/common.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
194.124.43.118404 Not Found 724 B URL HTTP/1.1 www.bangbooz.work.gd/NBO/assets/js/common.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
IP 194.124.43.118:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 52d904c91a9182a2c0b84e362a0d545f
88a277c2f606de4c42d43954345de5712d350ed2
dacd576c06ac7fcc533ff18c18663d5bfa30e19c286356323259986d3bd8371a
GET /NBO/assets/js/common.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8 HTTP/1.1
Host: www.bangbooz.work.gd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bangbooz.work.gd/net.htm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 04:27:35 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
Last-Modified: Wed, 30 Nov 2022 08:57:26 GMT
ETag: W/"58f-5eeac4b25ec7f"
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 04:27:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
142.250.74.138200 OK 33 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
IP 142.250.74.138:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash 18351732b1849ba758e98884e186b3c8
d735af8661eda41ff4ffbf76e6a284a0e2deb81c
bfac625d304d52e04f2caeb19266354749929c888ca09d3d1e3edcbb8770d0f0
GET /ajax/libs/jquery/1.7.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bangbooz.work.gd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33333
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 21:11:43 GMT
expires: Sun, 26 Nov 2023 21:11:43 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 371752
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jqueryui/1.8.16/themes/base/jquery-ui.css
142.250.74.138200 OK 5.9 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jqueryui/1.8.16/themes/base/jquery-ui.css
IP 142.250.74.138:0
File type ASCII text, with very long lines (551)
Hash 521def403dde2402c6d867185ab41ac6
128490143795bd6d557b6c6bd463c2973b1862ce
16c80f377bbb572eff07ce4b202463d39073e31e4c327edaf898de923b2034c0
GET /ajax/libs/jqueryui/1.8.16/themes/base/jquery-ui.css HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bangbooz.work.gd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 5918
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Nov 2022 16:06:53 GMT
expires: Sat, 25 Nov 2023 16:06:53 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 476442
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.bangbooz.work.gd/NBO/assets/js/logon.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
194.124.43.118404 Not Found 724 B URL HTTP/1.1 www.bangbooz.work.gd/NBO/assets/js/logon.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
IP 194.124.43.118:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 52d904c91a9182a2c0b84e362a0d545f
88a277c2f606de4c42d43954345de5712d350ed2
dacd576c06ac7fcc533ff18c18663d5bfa30e19c286356323259986d3bd8371a
Analyzer Verdict Alert fortinet Phishing
GET /NBO/assets/js/logon.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8 HTTP/1.1
Host: www.bangbooz.work.gd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bangbooz.work.gd/net.htm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 04:27:35 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
Last-Modified: Wed, 30 Nov 2022 08:57:26 GMT
ETag: W/"58f-5eeac4b25ec7f"
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 82636550758e8604b4162568f2b413af
82555ec2c38ac3939b5fff3aa242a3d34ea7988b
f53c6bbc1d16c790805894ca6437c2ef11c8990bb95f2be2a6b7a0062cad9376
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 865
Cache-Control: max-age=114825
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 04:27:35 GMT
Etag: "6387475f-117"
Expires: Fri, 02 Dec 2022 12:21:20 GMT
Last-Modified: Wed, 30 Nov 2022 12:06:55 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 04:27:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jqueryui/1.8.16/jquery-ui.min.js
142.250.74.138200 OK 52 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jqueryui/1.8.16/jquery-ui.min.js
IP 142.250.74.138:0
File type ASCII text, with very long lines (563)
Hash 0fd0e04fe62ff281d2dd5a94ced9e11f
0fc9632b823fd5c782ab106fc2ef9715130e2822
2e19c9038a7939b50ac6beca5801c3d8d8c6ac506fb397300276a8d1127d35d5
GET /ajax/libs/jqueryui/1.8.16/jquery-ui.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bangbooz.work.gd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 52222
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 20:46:50 GMT
expires: Thu, 30 Nov 2023 20:46:50 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 27645
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 04:27:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.bangbooz.work.gd/NBO/assets/js/spin.min.js
194.124.43.118404 Not Found 724 B URL HTTP/1.1 www.bangbooz.work.gd/NBO/assets/js/spin.min.js
IP 194.124.43.118:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 52d904c91a9182a2c0b84e362a0d545f
88a277c2f606de4c42d43954345de5712d350ed2
dacd576c06ac7fcc533ff18c18663d5bfa30e19c286356323259986d3bd8371a
Analyzer Verdict Alert fortinet Phishing
GET /NBO/assets/js/spin.min.js HTTP/1.1
Host: www.bangbooz.work.gd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bangbooz.work.gd/net.htm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 04:27:35 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
Last-Modified: Wed, 30 Nov 2022 08:57:26 GMT
ETag: W/"58f-5eeac4b25ec7f"
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 82636550758e8604b4162568f2b413af
82555ec2c38ac3939b5fff3aa242a3d34ea7988b
f53c6bbc1d16c790805894ca6437c2ef11c8990bb95f2be2a6b7a0062cad9376
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 865
Cache-Control: max-age=114825
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 04:27:35 GMT
Etag: "6387475f-117"
Expires: Fri, 02 Dec 2022 12:21:20 GMT
Last-Modified: Wed, 30 Nov 2022 12:06:55 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279
www.bangbooz.work.gd/NBO/assets/js/ajax.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
194.124.43.118404 Not Found 724 B URL HTTP/1.1 www.bangbooz.work.gd/NBO/assets/js/ajax.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
IP 194.124.43.118:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 52d904c91a9182a2c0b84e362a0d545f
88a277c2f606de4c42d43954345de5712d350ed2
dacd576c06ac7fcc533ff18c18663d5bfa30e19c286356323259986d3bd8371a
Analyzer Verdict Alert fortinet Phishing
GET /NBO/assets/js/ajax.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8 HTTP/1.1
Host: www.bangbooz.work.gd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bangbooz.work.gd/net.htm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 04:27:35 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
Last-Modified: Wed, 30 Nov 2022 08:57:26 GMT
ETag: W/"58f-5eeac4b25ec7f"
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0ea87db59dce85a59e0cb6456fb593e7
d2d4307d2c444a2c14a280995b185f2d6d96539b
bea3c2ac6b37c6d3ebc7e5c4825d3f6c32dd4ef82c526ff6277cbcc4f8048f91
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 815
Cache-Control: max-age=162325
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 04:27:36 GMT
Etag: "6388011f-1d7"
Expires: Sat, 03 Dec 2022 01:33:01 GMT
Last-Modified: Thu, 01 Dec 2022 01:19:27 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0ea87db59dce85a59e0cb6456fb593e7
d2d4307d2c444a2c14a280995b185f2d6d96539b
bea3c2ac6b37c6d3ebc7e5c4825d3f6c32dd4ef82c526ff6277cbcc4f8048f91
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 815
Cache-Control: max-age=162325
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 04:27:36 GMT
Etag: "6388011f-1d7"
Expires: Sat, 03 Dec 2022 01:33:01 GMT
Last-Modified: Thu, 01 Dec 2022 01:19:27 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0ea87db59dce85a59e0cb6456fb593e7
d2d4307d2c444a2c14a280995b185f2d6d96539b
bea3c2ac6b37c6d3ebc7e5c4825d3f6c32dd4ef82c526ff6277cbcc4f8048f91
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 754
Cache-Control: max-age=162265
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 04:27:36 GMT
Etag: "6388011f-1d7"
Expires: Sat, 03 Dec 2022 01:32:01 GMT
Last-Modified: Thu, 01 Dec 2022 01:19:27 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0ea87db59dce85a59e0cb6456fb593e7
d2d4307d2c444a2c14a280995b185f2d6d96539b
bea3c2ac6b37c6d3ebc7e5c4825d3f6c32dd4ef82c526ff6277cbcc4f8048f91
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 780
Cache-Control: max-age=162291
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 04:27:36 GMT
Etag: "6388011f-1d7"
Expires: Sat, 03 Dec 2022 01:32:27 GMT
Last-Modified: Thu, 01 Dec 2022 01:19:27 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
www.bangbooz.work.gd/NBO/assets/js/common.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
194.124.43.118404 Not Found 724 B URL HTTP/1.1 www.bangbooz.work.gd/NBO/assets/js/common.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
IP 194.124.43.118:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 52d904c91a9182a2c0b84e362a0d545f
88a277c2f606de4c42d43954345de5712d350ed2
dacd576c06ac7fcc533ff18c18663d5bfa30e19c286356323259986d3bd8371a
GET /NBO/assets/js/common.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8 HTTP/1.1
Host: www.bangbooz.work.gd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bangbooz.work.gd/net.htm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 04:27:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
Last-Modified: Wed, 30 Nov 2022 08:57:26 GMT
ETag: W/"58f-5eeac4b25ec7f"
Content-Encoding: gzip
www.bangbooz.work.gd/NBO/assets/js/columnHeight.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
194.124.43.118404 Not Found 724 B URL HTTP/1.1 www.bangbooz.work.gd/NBO/assets/js/columnHeight.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
IP 194.124.43.118:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 52d904c91a9182a2c0b84e362a0d545f
88a277c2f606de4c42d43954345de5712d350ed2
dacd576c06ac7fcc533ff18c18663d5bfa30e19c286356323259986d3bd8371a
GET /NBO/assets/js/columnHeight.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8 HTTP/1.1
Host: www.bangbooz.work.gd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bangbooz.work.gd/net.htm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 04:27:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
Last-Modified: Wed, 30 Nov 2022 08:57:26 GMT
ETag: W/"58f-5eeac4b25ec7f"
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 01 Dec 2022 04:11:15 GMT
cache-control: public,max-age=3600
age: 981
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 462687f15e4c75a036f2bbeb060aafb0
72c42e479ed18ff24607c7a7dd52cc949332f2c9
1d26f1198d8e6f0889c13a67d76e486b0bd252bba76f9daf16f57d929fb9c718
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=127288
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 04:27:36 GMT
Etag: "63877b70-1d7"
Expires: Fri, 02 Dec 2022 15:49:04 GMT
Last-Modified: Wed, 30 Nov 2022 15:49:04 GMT
Server: nginx
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 462687f15e4c75a036f2bbeb060aafb0
72c42e479ed18ff24607c7a7dd52cc949332f2c9
1d26f1198d8e6f0889c13a67d76e486b0bd252bba76f9daf16f57d929fb9c718
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 04:27:36 GMT
Server: ECS (amb/6BC6)
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 462687f15e4c75a036f2bbeb060aafb0
72c42e479ed18ff24607c7a7dd52cc949332f2c9
1d26f1198d8e6f0889c13a67d76e486b0bd252bba76f9daf16f57d929fb9c718
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=127288
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 04:27:36 GMT
Etag: "63877b70-1d7"
Expires: Fri, 02 Dec 2022 15:49:04 GMT
Last-Modified: Wed, 30 Nov 2022 15:49:04 GMT
Server: nginx
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 462687f15e4c75a036f2bbeb060aafb0
72c42e479ed18ff24607c7a7dd52cc949332f2c9
1d26f1198d8e6f0889c13a67d76e486b0bd252bba76f9daf16f57d929fb9c718
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 04:27:36 GMT
Server: ECS (amb/6BB9)
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cfdd00e67ee6ca21712b867eb5288ab6
b61d5d6ec3b7ad71619e13e32c87f2d01871b88a
f740cac6dfedc1bf0f82efb10dac4f6ffb22f9bb5d4a9b68a4cd971dd2f65793
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 937
Cache-Control: max-age=104092
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 04:27:36 GMT
Etag: "63871d2b-1d7"
Expires: Fri, 02 Dec 2022 09:22:28 GMT
Last-Modified: Wed, 30 Nov 2022 09:06:51 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
www.rbfcu.org/NBO/assets/css/redesignCss/footer-modals.css?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
107.162.179.221200 OK 2.5 kB URL HTTP/1.1 www.rbfcu.org/NBO/assets/css/redesignCss/footer-modals.css?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
IP 107.162.179.221:0
File type assembler source, ASCII text
Hash 2fd2f617739aa997c7bcbebbdb267ba7
9ab75932f5bafaa4c904420da16700d3a774c0f9
01122f59e7a9eac9e9bbf57333213af6ce4b965f3cd8ffc2bcbaa39ac5899150
GET /NBO/assets/css/redesignCss/footer-modals.css?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8 HTTP/1.1
Host: www.rbfcu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bangbooz.work.gd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Xet-Cookie:
Age: 2196
Date: Thu, 01 Dec 2022 03:51:02 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 111, 1.1 dca1-bit13027
Last-Modified: Tue, 13 Sep 2022 13:50:20 GMT
Content-Type: text/css
Accept-Ranges: bytes
Content-Language: en-US
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
serverID: LA3
Strict-Transport-Security: max-age=31536000
Set-Cookie: PersistanceCookie=!b2YYucD2dJsuHfThrnwYohVdbB9C83EN6iVh9Pg0+wXRrUQvlLL2T9V7OxXDoL+dXswZjU/kIzo6x4M=; path=/; Httponly; Secure
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
www.rbfcu.org/NBO/assets/css/redesignCss/floatlabel.css?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
107.162.179.221200 OK 1.1 kB URL HTTP/1.1 www.rbfcu.org/NBO/assets/css/redesignCss/floatlabel.css?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
IP 107.162.179.221:0
Hash 1509136a466e9b3348c6bb0c803044c2
7eab67a0e86fe871a40a6cfe3953cca61de25ec1
184fc0262b74e2ef61c0b770ca455695f1d7446e8970ee735159165b9d86e3c1
GET /NBO/assets/css/redesignCss/floatlabel.css?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8 HTTP/1.1
Host: www.rbfcu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bangbooz.work.gd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Xet-Cookie:
Age: 2198
Date: Thu, 01 Dec 2022 03:51:00 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 111, 1.1 dca1-bit13027
Last-Modified: Tue, 13 Sep 2022 13:50:18 GMT
Content-Type: text/css
Accept-Ranges: bytes
Content-Language: en-US
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
serverID: LA3
Strict-Transport-Security: max-age=31536000
Set-Cookie: PersistanceCookie=!xuUCH/QDGB8uYprhrnwYohVdbB9C8+vLvorCBd7Akj3HnIOS4vwPvbJ33YlL4zv3kc5xVlnaey56CCI=; path=/; Httponly; Secure
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
www.rbfcu.org/NBO/assets/css/main.css?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
107.162.179.221200 OK 111 B URL HTTP/1.1 www.rbfcu.org/NBO/assets/css/main.css?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
IP 107.162.179.221:0
File type ASCII text, with CRLF line terminators
Hash e8bd1af33f5e090e5209198ed99d41bb
94170279d30cde0a2214d7088aaa410b30d00105
942291e9ad3d59a3fafc8605673ed39fb422878a73cdfbfcdb59231048923c26
GET /NBO/assets/css/main.css?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8 HTTP/1.1
Host: www.rbfcu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bangbooz.work.gd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Xet-Cookie:
Age: 2201
Date: Thu, 01 Dec 2022 03:50:57 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 111, 1.1 dca1-bit13027
Last-Modified: Tue, 13 Sep 2022 13:50:12 GMT
Content-Type: text/css
Accept-Ranges: bytes
Content-Language: en-US
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
serverID: LS4
Strict-Transport-Security: max-age=31536000
Set-Cookie: PersistanceCookie=!B6KETNvKrd7h4wThrnwYohVdbB9C87cPEzfFREu4YxcKoFnJrVcCukqxyJ3s1l7y1CBGZEnY4mRP9aE=; path=/; Httponly; Secure
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
www.rbfcu.org/NBO/assets/css/redesignCss/redesignheader.css?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
107.162.179.221200 OK 14 kB URL HTTP/1.1 www.rbfcu.org/NBO/assets/css/redesignCss/redesignheader.css?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
IP 107.162.179.221:0
File type assembler source, ASCII text, with very long lines (325), with CRLF line terminators
Hash 5e1b6d02febad06c3c474b7ccf3242db
087c1fe6f79b7f551c2add530aa83883aa3a3032
a4953551f043d2fefd1256393b824cbd1003abe746db1e1accd99dfc23d83a6e
GET /NBO/assets/css/redesignCss/redesignheader.css?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8 HTTP/1.1
Host: www.rbfcu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bangbooz.work.gd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Xet-Cookie:
Age: 2201
Date: Thu, 01 Dec 2022 03:50:57 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 111, 1.1 dca1-bit7011
Last-Modified: Tue, 13 Sep 2022 13:50:12 GMT
Content-Type: text/css
Accept-Ranges: bytes
Content-Language: en-US
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
serverID: LA2
Strict-Transport-Security: max-age=31536000
Set-Cookie: PersistanceCookie=!NCrPTkSHPLGH1sMfAlrt/gAymWxGa8LOcPHQhfJ/fpPAS0d66q031C16+gwG3jzNP1McOUJgXSeRGRs=; path=/; Httponly; Secure
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
push.services.mozilla.com/
54.148.69.31101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.69.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: UfbDbLbNlOJPiiaZ4C5LHA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Fp+zztKj9Xm+ZBleiPRS+nCQuUg=
www.rbfcu.org/NBO/assets/css/forms.css?upd=543
107.162.179.221200 OK 4.2 kB URL HTTP/1.1 www.rbfcu.org/NBO/assets/css/forms.css?upd=543
IP 107.162.179.221:0
File type ASCII text, with CRLF, LF line terminators
Hash 6ef8909be78bade49e1021cd1617f633
3f8874d85e1ec1be94f8bbfea69db63bc4f7319d
11a057f97cdb636b0f48108a8c9c1ad2d0c2e16d29d0739111a01f11cb7ad9a1
GET /NBO/assets/css/forms.css?upd=543 HTTP/1.1
Host: www.rbfcu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rbfcu.org/NBO/assets/css/main.css?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Xet-Cookie:
Age: 2133
Date: Thu, 01 Dec 2022 03:52:05 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 111, 1.1 dca1-bit13027
Last-Modified: Tue, 13 Sep 2022 13:50:16 GMT
Content-Type: text/css
Accept-Ranges: bytes
Content-Language: en-US
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
serverID: LS4
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
www.rbfcu.org/NBO/assets/css/general.css?upd=542
107.162.179.221200 OK 6.6 kB URL HTTP/1.1 www.rbfcu.org/NBO/assets/css/general.css?upd=542
IP 107.162.179.221:0
File type ASCII text, with CRLF line terminators
Hash 6c053eb84e8e6bf03c92d22e9324fc10
9a40791116cd1b2203cc8046e5bdc09a273b3fdb
8a75a1e8aeb0eccaad5502074bcef62da1836e9d9bdaf4a083aa7cab1dd202ce
GET /NBO/assets/css/general.css?upd=542 HTTP/1.1
Host: www.rbfcu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rbfcu.org/NBO/assets/css/main.css?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Xet-Cookie:
Age: 2132
Date: Thu, 01 Dec 2022 03:52:05 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 111, 1.1 dca1-bit13027
Last-Modified: Tue, 13 Sep 2022 13:50:18 GMT
Content-Type: text/css
Accept-Ranges: bytes
Content-Language: en-US
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
serverID: LS4
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
www.rbfcu.org/NBO/assets/css/colors.css?upd=543
107.162.179.221200 OK 1.7 kB URL HTTP/1.1 www.rbfcu.org/NBO/assets/css/colors.css?upd=543
IP 107.162.179.221:0
Hash df3996f8f9f4dfd4130ed12d34ba9949
6513e274dfb205cf38a2e66c5fe4a96bb39335e6
9f574443d1b4af964d23411e63f9170aede32bf4770dee8793053d0408df3717
GET /NBO/assets/css/colors.css?upd=543 HTTP/1.1
Host: www.rbfcu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rbfcu.org/NBO/assets/css/main.css?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Xet-Cookie:
Age: 2133
Date: Thu, 01 Dec 2022 03:52:05 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 111, 1.1 dca1-bit7011
Last-Modified: Tue, 13 Sep 2022 13:50:12 GMT
Content-Type: text/css
Accept-Ranges: bytes
Content-Language: en-US
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
serverID: LS4
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
www.rbfcu.org/NBO/assets/css/tables.css?upd=543
107.162.179.221200 OK 3.8 kB URL HTTP/1.1 www.rbfcu.org/NBO/assets/css/tables.css?upd=543
IP 107.162.179.221:0
Hash c715d1a5a4dd47e79a10debccc08cbe2
124d338ddff312c98341e64f62b5fc449f962b7c
d2c88ee20f64b6214f1e73e8892330ebe5446a82974b2eb2d0eee972d30a442b
GET /NBO/assets/css/tables.css?upd=543 HTTP/1.1
Host: www.rbfcu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rbfcu.org/NBO/assets/css/main.css?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Xet-Cookie:
Age: 2132
Date: Thu, 01 Dec 2022 03:52:05 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 111, 1.1 dca1-bit13027
Last-Modified: Tue, 13 Sep 2022 13:50:16 GMT
Content-Type: text/css
Accept-Ranges: bytes
Content-Language: en-US
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
serverID: LA2
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
www.rbfcu.org/NBO/assets/css/print.css?upd=543
107.162.179.221200 OK 876 B URL HTTP/1.1 www.rbfcu.org/NBO/assets/css/print.css?upd=543
IP 107.162.179.221:0
Hash fb0070d0acdc7f98ec86305f286d863b
cad50ba27361167699186ce9a2c20ecf1cf16fed
becb7ab334081cde0535c42c199eaf539e15ff8e7e8fa62823644b05032f09c2
GET /NBO/assets/css/print.css?upd=543 HTTP/1.1
Host: www.rbfcu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rbfcu.org/NBO/assets/css/main.css?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Xet-Cookie:
Age: 2134
Date: Thu, 01 Dec 2022 03:52:05 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 111, 1.1 dca1-bit7011
Last-Modified: Tue, 13 Sep 2022 13:50:14 GMT
Content-Type: text/css
Accept-Ranges: bytes
Content-Language: en-US
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
serverID: LA2
Strict-Transport-Security: max-age=31536000
Set-Cookie: PersistanceCookie=!fQC2SEl8EoH5ws0fAlrt/gAymWxGa4UklRqgStUFUd3cG3jQ57qPgRtmQUfcbKns2SVNAxKZxgfVvvY=; path=/; Httponly; Secure
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
www.rbfcu.org/NBO/assets/css/font-awesome.min.css?upd=543
107.162.179.221200 OK 8.1 kB URL HTTP/1.1 www.rbfcu.org/NBO/assets/css/font-awesome.min.css?upd=543
IP 107.162.179.221:0
File type ASCII text, with very long lines (30837)
Hash 5c556f9e7946df92e121cf44fd2304b6
234c501437052a466a152d6ba2705926cfceb62f
dd17d174481dfce0bf64b4a59dab49177ac57d35b9ddb31cc0c98303323dec4e
GET /NBO/assets/css/font-awesome.min.css?upd=543 HTTP/1.1
Host: www.rbfcu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rbfcu.org/NBO/assets/css/main.css?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Xet-Cookie:
Age: 2134
Date: Thu, 01 Dec 2022 03:52:05 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 111, 1.1 dca1-bit13027
Last-Modified: Tue, 13 Sep 2022 13:50:16 GMT
Content-Type: text/css
Accept-Ranges: bytes
Content-Language: en-US
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
serverID: LS4
Strict-Transport-Security: max-age=31536000
Set-Cookie: PersistanceCookie=!/aXk8qFG55WYhAbhrnwYohVdbB9C8/2Ma2QPq+fVIgF4NnCuWKyZ3JYWwiJ4/VPFXxRRD0rFgt138nM=; path=/; Httponly; Secure
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
www.bangbooz.work.gd/NBO/assets/js/logon.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
194.124.43.118404 Not Found 724 B URL HTTP/1.1 www.bangbooz.work.gd/NBO/assets/js/logon.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
IP 194.124.43.118:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 52d904c91a9182a2c0b84e362a0d545f
88a277c2f606de4c42d43954345de5712d350ed2
dacd576c06ac7fcc533ff18c18663d5bfa30e19c286356323259986d3bd8371a
Analyzer Verdict Alert fortinet Phishing
GET /NBO/assets/js/logon.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8 HTTP/1.1
Host: www.bangbooz.work.gd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bangbooz.work.gd/net.htm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 04:27:37 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
Last-Modified: Wed, 30 Nov 2022 08:57:26 GMT
ETag: W/"58f-5eeac4b25ec7f"
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 188c50963e7939b1f26a31dbcb8c8200
859416e6148ea6618584e53604efcf072bb989cc
3a313cd3c1693a886bfbf6ffc6fbac78f87e6ded2b9a7749553444ada65ce36e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 04:27:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
use.fontawesome.com/releases/v5.0.12/css/all.css
172.64.133.15200 OK 9.0 kB URL HTTP/2 use.fontawesome.com/releases/v5.0.12/css/all.css
IP 172.64.133.15:0
File type ASCII text, with very long lines (38882)
Hash 2ababc335a846c7d6b484360d811fab5
18d3d4e0bcc272835cc5f95bbf8bc840f1ba828b
d356cacb10633aba942c14f2a1ab26d507d8126a02efa58626f1523ee712aecf
GET /releases/v5.0.12/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bangbooz.work.gd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 04:27:35 GMT
content-type: text/css
x-amz-id-2: uivxPHYW5gn19Pq4JlYNrDVLRQ/dQ3wiz/l9Bv1HdxUfo9t5P1wYh0Fi4udsWg0VNqVqi7XsP5M=
x-amz-request-id: FVWGB8QESVXZZMZM
last-modified: Wed, 30 Jun 2021 15:27:17 GMT
etag: W/"d896a88b71aa2ba5d6bd670429bf1bad"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 400542
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3loI7VRfOkWkxTr%2FlfpMdFasiRa1%2BvZEaSTw8SutrjPJ4tb2dVG1%2FAkBCQSQeR72s%2BcHx55AHj0T6o1zZYVbiY3hhDp8TVdUcFf58vGS5r6qN5G%2B64HYsP%2FyXgknx2xnLj8Cix35"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7729123d1fac71d4-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 04:27:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.bangbooz.work.gd
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:54 GMT
expires: Thu, 30 Nov 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 32023
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
216.58.207.227200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Hash e43b535855a4ae53bd5b07a6eeb3bf67
6507312d9491156036316484bf8dc41e8b52ddd9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.bangbooz.work.gd
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 18:52:55 GMT
expires: Tue, 28 Nov 2023 18:52:55 GMT
cache-control: public, max-age=31536000
age: 207282
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-5B5PGN
142.250.74.168200 OK 90 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-5B5PGN
IP 142.250.74.168:0
File type Unicode text, UTF-8 text, with very long lines (44551)
Hash ee1c58a799c5dcf95453b3db385e8531
886806437ff33f894a9c8e494ad8198a422631b9
054241f861f8d9744072adbb2ec1da3e88a63e978860f7c5f3a26ba0b32cc338
GET /gtm.js?id=GTM-5B5PGN HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bangbooz.work.gd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 01 Dec 2022 04:27:37 GMT
expires: Thu, 01 Dec 2022 04:27:37 GMT
cache-control: private, max-age=900
last-modified: Thu, 01 Dec 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 89542
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.rbfcu.org/NBO/assets/img/redesign-icons/send-reg-mail-olive.svg
107.162.179.221200 OK 6.8 kB URL HTTP/1.1 www.rbfcu.org/NBO/assets/img/redesign-icons/send-reg-mail-olive.svg
IP 107.162.179.221:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4432)
Hash 9929514c11d33bfe2a6799469f364d86
de2d9b60c8e7d9280b6e651e0083ccce21b3576b
4e2bff0068e8833892e2a07e86e168f9ce05b57bb0820ae9b67b7802781704b1
GET /NBO/assets/img/redesign-icons/send-reg-mail-olive.svg HTTP/1.1
Host: www.rbfcu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bangbooz.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Xet-Cookie:
Age: 2133
Date: Thu, 01 Dec 2022 03:52:05 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 111, 1.1 dca1-bit13027
Last-Modified: Tue, 13 Sep 2022 13:50:20 GMT
Content-Length: 6764
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Language: en-US
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
serverID: LA2
Strict-Transport-Security: max-age=31536000
www.rbfcu.org/NBO/assets/img/redesign-icons/locate-branch-orange.svg
107.162.179.221200 OK 1.8 kB URL HTTP/1.1 www.rbfcu.org/NBO/assets/img/redesign-icons/locate-branch-orange.svg
IP 107.162.179.221:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (709)
Hash 13b566dce2613be3e009ffb5e247f2a9
27d576b054500fc6e1d3687524f31198bba198a9
0658dde45a3100670a452f32dc2eef8ab127ea26bae103c34c0b7b3d743f0a4f
GET /NBO/assets/img/redesign-icons/locate-branch-orange.svg HTTP/1.1
Host: www.rbfcu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bangbooz.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Xet-Cookie:
Age: 2133
Date: Thu, 01 Dec 2022 03:52:05 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 111, 1.1 dca1-bit13027
Last-Modified: Tue, 13 Sep 2022 13:50:18 GMT
Content-Length: 1809
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Language: en-US
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
serverID: LS4
Strict-Transport-Security: max-age=31536000
www.rbfcu.org/NBO/assets/img/redesign-icons/EHL-logo-gray.svg
107.162.179.221200 OK 1.6 kB URL HTTP/1.1 www.rbfcu.org/NBO/assets/img/redesign-icons/EHL-logo-gray.svg
IP 107.162.179.221:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (364)
Hash 4c3e76f3539f8138ce127058adda3f16
3d24cf4b8ac04557b1cb49ba5200e06513bc5136
8113eb956366da6d18ed13faa5cc8e9a459c09cdcf41c2619c80828d4ac2b152
GET /NBO/assets/img/redesign-icons/EHL-logo-gray.svg HTTP/1.1
Host: www.rbfcu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bangbooz.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Xet-Cookie:
Age: 2134
Date: Thu, 01 Dec 2022 03:52:05 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 111, 1.1 dca1-bit7011
Last-Modified: Tue, 13 Sep 2022 13:50:20 GMT
Content-Length: 1613
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Language: en-US
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
serverID: LA2
Strict-Transport-Security: max-age=31536000
www.rbfcu.org/NBO/assets/img/redesign-icons/call-member-services-blue.svg
107.162.179.221200 OK 1.9 kB URL HTTP/1.1 www.rbfcu.org/NBO/assets/img/redesign-icons/call-member-services-blue.svg
IP 107.162.179.221:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (750)
Hash b5b5a34c5ba5d972249fcdd7a26ceb3d
f02d36454cb31a73cbc672fe95ebcaa0bdd432e4
abc9fe01ce6f914e95ca82f3a92dc6fad4301e74db572714db706c938aa8a6ef
GET /NBO/assets/img/redesign-icons/call-member-services-blue.svg HTTP/1.1
Host: www.rbfcu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bangbooz.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Xet-Cookie:
Age: 2134
Date: Thu, 01 Dec 2022 03:52:05 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 111, 1.1 dca1-bit13027
Last-Modified: Tue, 13 Sep 2022 13:50:14 GMT
Content-Length: 1859
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Language: en-US
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
serverID: LS4
Strict-Transport-Security: max-age=31536000
www.rbfcu.org/NBO/assets/img/redesign-icons/NCUA-gray.jpg
107.162.179.221200 OK 3.0 kB URL HTTP/1.1 www.rbfcu.org/NBO/assets/img/redesign-icons/NCUA-gray.jpg
IP 107.162.179.221:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 96x40, components 3\012- data
Hash d80aab3eb6561429fe8e8492f6d0536f
e33730a2c6f2767ca5df99c54062da34813ba5ff
07c30c3c7a4f0be68f1435fce0f5ad1bd975c078d6615f10db02b82a24d2e5d6
GET /NBO/assets/img/redesign-icons/NCUA-gray.jpg HTTP/1.1
Host: www.rbfcu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bangbooz.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Xet-Cookie:
Age: 2133
Date: Thu, 01 Dec 2022 03:52:05 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 111, 1.1 dca1-bit13027
Last-Modified: Tue, 13 Sep 2022 13:50:12 GMT
Content-Length: 3001
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Language: en-US
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
serverID: LA2
Strict-Transport-Security: max-age=31536000
www.rbfcu.org/NBO/assets/img/redesign-icons/gray-phone-footer.svg
107.162.179.221200 OK 1.7 kB URL HTTP/1.1 www.rbfcu.org/NBO/assets/img/redesign-icons/gray-phone-footer.svg
IP 107.162.179.221:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (845)
Hash cb033ded6c1f2f925259cc1d79c1c386
393c06fb6736af1a32e122feba480012716ecaf6
ae9a2a53c52aa5ee5f447598cfd3dc771459349e9bbb2f1f82a9d1d875246d74
GET /NBO/assets/img/redesign-icons/gray-phone-footer.svg HTTP/1.1
Host: www.rbfcu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bangbooz.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Xet-Cookie:
Age: 2133
Date: Thu, 01 Dec 2022 03:52:05 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 111, 1.1 dca1-bit7011
Last-Modified: Tue, 13 Sep 2022 13:50:20 GMT
Content-Length: 1653
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Language: en-US
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
serverID: LA4
Strict-Transport-Security: max-age=31536000
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 04:27:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 188c50963e7939b1f26a31dbcb8c8200
859416e6148ea6618584e53604efcf072bb989cc
3a313cd3c1693a886bfbf6ffc6fbac78f87e6ded2b9a7749553444ada65ce36e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 04:27:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.rbfcu.org/NBO/assets/img/redesign-icons/rbfcu-logo.svg
107.162.179.221200 OK 5.4 kB URL HTTP/1.1 www.rbfcu.org/NBO/assets/img/redesign-icons/rbfcu-logo.svg
IP 107.162.179.221:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (5383), with no line terminators
Hash 2d436455d162d3e00f0ca92055cef754
5b64a30fd987d469bd818fc8ed6a4ed89b873d02
09092e11153b90955b14c6dcad28c3e2902b035f6b12ac85e24a693e5c97c884
GET /NBO/assets/img/redesign-icons/rbfcu-logo.svg HTTP/1.1
Host: www.rbfcu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bangbooz.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Xet-Cookie:
Age: 2134
Date: Thu, 01 Dec 2022 03:52:04 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 111, 1.1 dca1-bit13027
Last-Modified: Tue, 13 Sep 2022 13:50:18 GMT
Content-Length: 5383
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Language: en-US
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
serverID: LA3
Strict-Transport-Security: max-age=31536000
www.rbfcu.org/NBO/assets/img/redesign-icons/white-phone-header.svg
107.162.179.221200 OK 1.7 kB URL HTTP/1.1 www.rbfcu.org/NBO/assets/img/redesign-icons/white-phone-header.svg
IP 107.162.179.221:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (845)
Hash 4a066fd87a48426d8cf5d81f2f1e7622
bc25e0aaa78aa736100d278b1a4beb5fa46db78b
2c0b8abef50020a91c0b8f07a8478c65eea5bd77446467b9a44ae1b1d98828b7
GET /NBO/assets/img/redesign-icons/white-phone-header.svg HTTP/1.1
Host: www.rbfcu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bangbooz.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Xet-Cookie:
Age: 2134
Date: Thu, 01 Dec 2022 03:52:04 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 111, 1.1 dca1-bit13027
Last-Modified: Tue, 13 Sep 2022 13:50:16 GMT
Content-Length: 1653
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Language: en-US
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
serverID: LS3
Strict-Transport-Security: max-age=31536000
www.rbfcu.org/NBO/assets/img/gray-round-down-button.svg
107.162.179.221200 OK 1.0 kB URL HTTP/1.1 www.rbfcu.org/NBO/assets/img/gray-round-down-button.svg
IP 107.162.179.221:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 4b652b4abbbaa5a4e12e759d3121ef88
a7bd664d4384710ca1d61b7306668309983d5fed
5295aab1350294261baecbce85d4f26191d89f7434a7829c7515166d23fa2bbd
GET /NBO/assets/img/gray-round-down-button.svg HTTP/1.1
Host: www.rbfcu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rbfcu.org/NBO/assets/css/redesignCss/redesignheader.css?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Xet-Cookie:
Age: 1351
Date: Thu, 01 Dec 2022 04:05:08 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 111, 1.1 dca1-bit7011
Last-Modified: Tue, 13 Sep 2022 13:50:14 GMT
Content-Length: 1019
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Language: en-US
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
serverID: LA3
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
www.rbfcu.org/NBO/assets/img/redesign-icons/send-email-blue.svg
107.162.179.221200 OK 2.0 kB URL HTTP/1.1 www.rbfcu.org/NBO/assets/img/redesign-icons/send-email-blue.svg
IP 107.162.179.221:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (486)
Hash d8dfad42f1093203fc216df58447df6a
16c8ba02821191ba9ee5c80af56775a46e411d9d
0485a7fb75a2337825e6fef13a41ae4baeb10de565cb6f32eae708e9c293fdae
GET /NBO/assets/img/redesign-icons/send-email-blue.svg HTTP/1.1
Host: www.rbfcu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bangbooz.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Xet-Cookie:
Age: 2133
Date: Thu, 01 Dec 2022 03:52:05 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 111, 1.1 dca1-bit13027
Last-Modified: Tue, 13 Sep 2022 13:50:12 GMT
Content-Length: 1965
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Language: en-US
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
serverID: LA2
Strict-Transport-Security: max-age=31536000
www.rbfcu.org/NBO/assets/img/gloss.png
107.162.179.221200 OK 399 B URL HTTP/1.1 www.rbfcu.org/NBO/assets/img/gloss.png
IP 107.162.179.221:0
File type PNG image data, 100 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash cccb13661652c2216f2f2c8eed7ae728
0772be45b82aca4933bcfad8be4c4d45c6595a68
b923ab35ae73a0112a01b4f4b323e8e1d00260e2280b153232e6a069f57c7009
GET /NBO/assets/img/gloss.png HTTP/1.1
Host: www.rbfcu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.rbfcu.org/NBO/assets/css/forms.css?upd=543
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Xet-Cookie:
Age: 2158
Date: Thu, 01 Dec 2022 03:51:40 GMT
Connection: Keep-Alive
Via: NS-CACHE-10.0: 111, 1.1 dca1-bit13027
Last-Modified: Tue, 13 Sep 2022 13:50:20 GMT
Content-Length: 399
Content-Type: image/png
Accept-Ranges: bytes
Content-Language: en-US
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
serverID: LS3
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
www.bangbooz.work.gd/favicon.ico
194.124.43.118404 Not Found 724 B URL HTTP/1.1 www.bangbooz.work.gd/favicon.ico
IP 194.124.43.118:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 52d904c91a9182a2c0b84e362a0d545f
88a277c2f606de4c42d43954345de5712d350ed2
dacd576c06ac7fcc533ff18c18663d5bfa30e19c286356323259986d3bd8371a
GET /favicon.ico HTTP/1.1
Host: www.bangbooz.work.gd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bangbooz.work.gd/net.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 04:27:37 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
Last-Modified: Wed, 30 Nov 2022 08:57:26 GMT
ETag: W/"58f-5eeac4b25ec7f"
Content-Encoding: gzip
www.bangbooz.work.gd/NBO/assets/js/header-footer-redesign.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
194.124.43.118404 Not Found 724 B URL HTTP/1.1 www.bangbooz.work.gd/NBO/assets/js/header-footer-redesign.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8
IP 194.124.43.118:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 52d904c91a9182a2c0b84e362a0d545f
88a277c2f606de4c42d43954345de5712d350ed2
dacd576c06ac7fcc533ff18c18663d5bfa30e19c286356323259986d3bd8371a
Analyzer Verdict Alert fortinet Phishing
GET /NBO/assets/js/header-footer-redesign.js?upd=4a11822c71c3cb970dbd68c3707a3ee251dbf8c8 HTTP/1.1
Host: www.bangbooz.work.gd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.bangbooz.work.gd/net.htm
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Dec 2022 04:27:37 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
Last-Modified: Wed, 30 Nov 2022 08:57:26 GMT
ETag: W/"58f-5eeac4b25ec7f"
Content-Encoding: gzip
snap.licdn.com/li.lms-analytics/insight.min.js
23.36.76.121200 OK 4.6 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP 23.36.76.121:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (12961)
Hash c1a25b303b61b25e995516f5559bcdea
3c16a6fa3a2a6dc59d57a9ea1588c4f259884688
2063d2d1415ce9437e9331cb9a798714a5b2e106a65d6dc0ef0d426a5a4c30f2
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bangbooz.work.gd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 17 Nov 2022 18:52:45 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=29274
date: Thu, 01 Dec 2022 04:27:37 GMT
content-length: 4581
x-cdn: AKAM
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bangbooz.work.gd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 01 Dec 2022 02:41:08 GMT
expires: Thu, 01 Dec 2022 04:41:08 GMT
cache-control: public, max-age=7200
age: 6389
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bat.bing.com/bat.js
204.79.197.200200 OK 11 kB IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39007), with no line terminators
Hash 22e2e3226eb5ada04929a2e43307eeda
04615fa88f80567974bdeb0f103ca5909746ebd7
41feebdfb0b03cd7fee2eb886adef6f3f1f85d3f14215e9a388d2a50e42efb9b
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bangbooz.work.gd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11421
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 09 Nov 2022 21:23:50 GMT
accept-ranges: bytes
etag: "077538f81f4d81:0"
vary: Accept-Encoding
set-cookie: MUID=354C6905313A68771E0F7B68306D6908; domain=.bing.com; expires=Tue, 26-Dec-2023 04:27:37 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9F55444DDEF84F3E9F1156A8DA2C1EAF Ref B: OSL30EDGE0415 Ref C: 2022-12-01T04:27:37Z
date: Thu, 01 Dec 2022 04:27:37 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e78306be7d581e2f6a5369ffdf88ae23
cbc5955f9e6b359f6f45e9184cfa60909156b7f2
8ff7ad1af374bc68af5236be9e672bbacc7b89826b070b550fd4b35e6e41a1ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8FF7AD1AF374BC68AF5236BE9E672BBACC7B89826B070B550FD4B35E6E41A1BA"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8949
Expires: Thu, 01 Dec 2022 06:56:46 GMT
Date: Thu, 01 Dec 2022 04:27:37 GMT
Connection: keep-alive
fullstory.com/s/fs.js
147.75.40.150301 Moved Permanently 48 B IP 147.75.40.150:0
File type ASCII text, with no line terminators
Hash 7b12595d471f02dde9ebc1b7c701e936
77abfc06684d022f59656235c475fbe61775da94
7bc37f83786f13fe81ada038f604a9256dd3da7722b885ee8fdace203fbc5752
GET /s/fs.js HTTP/1.1
Host: fullstory.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.bangbooz.work.gd
Connection: keep-alive
Referer: https://www.bangbooz.work.gd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
location: https://www.fullstory.com/s/fs.js
server: Netlify
strict-transport-security: max-age=31536000
x-nf-request-id: 01GK5Z1ADTD5DGJ7JT31MHW7F2
content-type: text/plain; charset=utf-8
content-length: 48
date: Thu, 01 Dec 2022 04:27:37 GMT
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=4031169&Ver=2&mid=a881d8b2-54bd-4ec1-86ab-ec0c7c107264&sid=7b9674a0713011eda7334521516086f9&vid=7b967d90713011ed9507295ce88a4679&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=RBFCU%3A%20Online%20Banking%20Logon&p=https%3A%2F%2Fwww.bangbooz.work.gd%2Fnet.htm&r=<=2154&evt=pageLoad&sv=1&rn=225510
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=4031169&Ver=2&mid=a881d8b2-54bd-4ec1-86ab-ec0c7c107264&sid=7b9674a0713011eda7334521516086f9&vid=7b967d90713011ed9507295ce88a4679&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=RBFCU%3A%20Online%20Banking%20Logon&p=https%3A%2F%2Fwww.bangbooz.work.gd%2Fnet.htm&r=<=2154&evt=pageLoad&sv=1&rn=225510
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=4031169&Ver=2&mid=a881d8b2-54bd-4ec1-86ab-ec0c7c107264&sid=7b9674a0713011eda7334521516086f9&vid=7b967d90713011ed9507295ce88a4679&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=RBFCU%3A%20Online%20Banking%20Logon&p=https%3A%2F%2Fwww.bangbooz.work.gd%2Fnet.htm&r=<=2154&evt=pageLoad&sv=1&rn=225510 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bangbooz.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=17913BE9C3076ED503C12984C2506FC0; domain=.bing.com; expires=Tue, 26-Dec-2023 04:27:37 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B94E114CC3A54894824C8FAFA3DDA1AC Ref B: OSL30EDGE0415 Ref C: 2022-12-01T04:27:37Z
date: Thu, 01 Dec 2022 04:27:37 GMT
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/2367698/domain/bangbooz.work.gd/token
54.230.111.112200 OK 0 B URL HTTP/2 cdn.linkedin.oribi.io/partner/2367698/domain/bangbooz.work.gd/token
IP 54.230.111.112:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /partner/2367698/domain/bangbooz.work.gd/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://www.bangbooz.work.gd/
Origin: https://www.bangbooz.work.gd
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 0
date: Wed, 30 Nov 2022 18:01:32 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: content-type
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4zoqchqILdyvU-FGQkMBUQ1MI48f3xKkW_JqRHp-F4i21rBXSTRlwQ==
age: 37565
X-Firefox-Spdy: h2
bat.bing.com/p/action/4031169.js
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/4031169.js
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/4031169.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bangbooz.work.gd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=08DA9B8B0B626A2B29F389E60A356B07; domain=.bing.com; expires=Tue, 26-Dec-2023 04:27:37 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A57F32000A524DCE88F407FA1320E5EE Ref B: OSL30EDGE0415 Ref C: 2022-12-01T04:27:37Z
date: Thu, 01 Dec 2022 04:27:37 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5727
Expires: Thu, 01 Dec 2022 06:03:04 GMT
Date: Thu, 01 Dec 2022 04:27:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5727
Expires: Thu, 01 Dec 2022 06:03:04 GMT
Date: Thu, 01 Dec 2022 04:27:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5727
Expires: Thu, 01 Dec 2022 06:03:04 GMT
Date: Thu, 01 Dec 2022 04:27:37 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb560dfdf-cffc-469d-bc98-e6eed575f5ab.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb560dfdf-cffc-469d-bc98-e6eed575f5ab.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c2f2f7c9706a549fd41ba29135ce83e1
838faca0991563ccc5756f65d5bfd6c3d4d88372
f35f6a43751ff81f220789a2aa352c6abbd2f52b3beabff738cd11761b1923da
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb560dfdf-cffc-469d-bc98-e6eed575f5ab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6509
x-amzn-requestid: a86cb68e-5c74-4945-acbc-79d10f7c6c7a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbzMPFOEIAMFYnA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cbe7-006677c06331c3e014ab143e;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:32:23 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k2k9AknhmGY4uVLur8zbcP36tRQdRnEfQZLWjzqLz7KaUtQ1f3KGfw==
via: 1.1 7514e5e25722778fd4b1744d4ecc67e0.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:49:20 GMT
age: 23897
etag: "838faca0991563ccc5756f65d5bfd6c3d4d88372"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc551f651-39d0-4021-90ed-915a79168ea0.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc551f651-39d0-4021-90ed-915a79168ea0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b8802d5080eb35e4052ef31cf7658650
1e78566f2e69268c5f753fb49112ab07aae3eccf
9c96906ee1dea353198c9069fa7e42b100e4fa766e5be8e4d8db036033961086
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc551f651-39d0-4021-90ed-915a79168ea0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4409
x-amzn-requestid: dc9ccdbf-a051-49ce-a535-c100b8ee6f12
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbz81EHdoAMF6dQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cd1e-0b06c368156b828e0c663081;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:37:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UsYYNMsulshDYcUC9N2Q3fnxjdZd5ki-0_LlXRchIsNSq0FruNhFqw==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:48:09 GMT
age: 23968
etag: "1e78566f2e69268c5f753fb49112ab07aae3eccf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ffd12f9c423ffc627d9e3b3145944fe4
5cf9a7a784952e1bb0cbe499104f1774b1269d08
a25f1b752d9af599aefd73073c105853130f1759905269de3d582d2eb35fe167
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16038
x-amzn-requestid: 9d34c42b-ba0c-498f-8f99-d4ab527ffa89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbzMdHXNIAMFgaw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cbe9-376846f31dc9b995797cbd18;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:32:25 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DngCuOTO9fQAwWe_ip6EtBcgruigZN6Bl1_v5BHM2dsWlhqCXCL3gg==
via: 1.1 efcf7b9d0f917f9ebf314db03e52d9b6.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:45:33 GMT
age: 24124
etag: "5cf9a7a784952e1bb0cbe499104f1774b1269d08"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac125ad4-8001-4f7b-a27e-5f3c4f979358.png
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac125ad4-8001-4f7b-a27e-5f3c4f979358.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 83e8a8c500dbcb636ad4a57a10de8adf
4593bb86a0a61eccab43063cb3c0c797abea5b46
fd9bc5cfa9db9999ceba780a3c801663ae3a9d115fc968f633800da2a680d49c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac125ad4-8001-4f7b-a27e-5f3c4f979358.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6036
x-amzn-requestid: 9867bb66-8624-4fe5-943f-2752e038cd22
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb0YoE3YoAMFSWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cdd0-1710e0052c8bf19c06b6011e;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:40:32 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RXKIjgAm-fxCv0Wadim_1BwhuUkcAmZRPXUB9gT_qnEkREplaGZpkg==
via: 1.1 44cd593d82a2d200a94217033c614c6a.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:45:30 GMT
age: 24127
etag: "4593bb86a0a61eccab43063cb3c0c797abea5b46"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9768b9bd-d7a9-4426-a5b2-ea1a71860733.jpeg
34.120.237.76200 OK 2.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9768b9bd-d7a9-4426-a5b2-ea1a71860733.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 995eb3df7ec5507e3392fdb1ca6395b4
9bc2e9039e9340b83ffcfb90e4e2c631a8723e60
4c86fdcd3b338040ea8130ee6a1ed5c3bd66c4dd59fe461f81e5df88a379ebb3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9768b9bd-d7a9-4426-a5b2-ea1a71860733.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2150
x-amzn-requestid: 59ef9edf-d9c1-45d0-b084-adf8e2f0738d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cXQcKGPXoAMFbWA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6385fab4-693e8d7d5632d48722e31757;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 12:27:32 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: iO-jUNMNzAM6zHh1oEftgZcW18vxdgaFGpNe4a1WHU97pRMMuHIKaQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 17:51:49 GMT
age: 38148
etag: "9bc2e9039e9340b83ffcfb90e4e2c631a8723e60"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc501a87-1b50-43f3-8031-2c93f724dc91.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc501a87-1b50-43f3-8031-2c93f724dc91.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b92721cbe24623f1713a5248d6a7c1b2
3628390c62642dcc375b28f58c9b48180c4abd73
37d0451c03bc7cf0253aba6d3204cbf38502692a0fbc751a3ead01b07e9a65d6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc501a87-1b50-43f3-8031-2c93f724dc91.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9613
x-amzn-requestid: a46cc458-2e28-4ca7-b223-ba66256caef1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cTPfmEmKoAMFZvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63845f96-7ecee5764c4a40e50e5b1f98;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 07:13:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 6p5kV3OCTlaiLWEa9wyeRJOYoxPNZwLhXGIbEnymaufjKL246zfrhw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 07:44:22 GMT
age: 74595
etag: "3628390c62642dcc375b28f58c9b48180c4abd73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 51d5484b700426c5612c309bbf14b114
026994960bfaaa4e2604b66cb795b2787fe300a2
e3e30a64f2e4fc59120c46b320d104f1b9d9a8af90106ab78715d14e49e11ae0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 04:27:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
px.ads.linkedin.com/collect?v=2&fmt=js&pid=2367698&time=1669868856377&url=https%3A%2F%2Fwww.bangbooz.work.gd%2Fnet.htm
13.107.42.14302 Found 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=2367698&time=1669868856377&url=https%3A%2F%2Fwww.bangbooz.work.gd%2Fnet.htm
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=2367698&time=1669868856377&url=https%3A%2F%2Fwww.bangbooz.work.gd%2Fnet.htm HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bangbooz.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2367698%26time%3D1669868856377%26url%3Dhttps%253A%252F%252Fwww.bangbooz.work.gd%252Fnet.htm%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQL-RDEaEB50cwAAAYTL8Kokl-B9eL6W8ye8JY_Q0wjCrf53Z_zyKlPQ2GEkVnW9l-MrXLRRm3lGzQ; Max-Age=2592000; Expires=Sat, 31 Dec 2022 04:27:37 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQLE6WXOSixiMAAAAYTL8KokntNczDotlJk50iarrLu4t7XwqbNhoSf4Co-SFefPRqOXtUV_d3vmyMyQEXUVvQ; Max-Age=2592000; Expires=Sat, 31 Dec 2022 04:27:37 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&a5da2a88-9ceb-41e5-88a3-d14918608446"; domain=.linkedin.com; Path=/; Secure; Expires=Fri, 01-Dec-2023 04:27:37 GMT; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2383:u=1:x=1:i=1669868857:t=1669955257:v=2:sig=AQHMdIT5c9UBNtJLJ9J-m0QiJoOkXgSP"; Expires=Fri, 02 Dec 2022 04:27:37 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXuvKQYd0FIcVemGRFgiw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 3CAFDF9D053A41C39CC6C818C1A83898 Ref B: OSL30EDGE0517 Ref C: 2022-12-01T04:27:37Z
date: Thu, 01 Dec 2022 04:27:37 GMT
content-length: 0
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/2367698/domain/bangbooz.work.gd/token
54.230.111.112200 OK 63 B URL HTTP/2 cdn.linkedin.oribi.io/partner/2367698/domain/bangbooz.work.gd/token
IP 54.230.111.112:0
Hash e3b1a0214295f12ccb36ff507cc5a8ee
81a3f0fa61eda2b97122a2a6a035de26f9d06bda
e3af43a08ec7a6c894aae0c9730e3c9230519c389ea10350d2484bffd736d2e6
GET /partner/2367698/domain/bangbooz.work.gd/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://www.bangbooz.work.gd
Connection: keep-alive
Referer: https://www.bangbooz.work.gd/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Thu, 01 Dec 2022 03:38:07 GMT
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Bw00noe7P2tDExpPsRwuooNOQmUagoziflsnhV0uuIh3lrIMBQDZUg==
age: 2970
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5d950b70d3b1532276ed817249b72618
dca7faf727b8afdd481c8f8bcc3e9129fdadadc3
afe3fbe5f269179e18a66ca806664b7f96b903150b364129e2f2b30087198e34
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 04:27:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2367698%26time%3D1669868856377%26url%3Dhttps%253A%252F%252Fwww.bangbooz.work.gd%252Fnet.htm%26liSync%3Dtrue
13.107.42.14302 Found 0 B URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2367698%26time%3D1669868856377%26url%3Dhttps%253A%252F%252Fwww.bangbooz.work.gd%252Fnet.htm%26liSync%3Dtrue
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2367698%26time%3D1669868856377%26url%3Dhttps%253A%252F%252Fwww.bangbooz.work.gd%252Fnet.htm%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.bangbooz.work.gd/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2367698&time=1669868856377&url=https%3A%2F%2Fwww.bangbooz.work.gd%2Fnet.htm&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&5a9c1ba3-ca2c-4cb3-8bf6-b593ed7dfe10"; Domain=.linkedin.com; Expires=Fri, 01-Dec-2023 04:27:38 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&20221201042738746978b1-b1cd-405b-82eb-bcfb8f067e29AQG-_YLMsBbPkmdYxuw_vFoELesRqT0h"; Domain=.www.linkedin.com; Expires=Fri, 01-Dec-2023 04:27:38 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2Njk4Njg4NTg7MjswMjFnq2c+WnZ0UGjVY8yFvwaEL/o1r95SXYdahx4tQHerww==; Domain=.linkedin.com; Expires=Tue, 30 May 2023 04:27:38 GMT; Path=/; Secure; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2383:u=1:x=1:i=1669868858:t=1669955258:v=2:sig=AQF6u0Nav1RjSAHaFc9z-XoC5_Aepnd4"; Expires=Fri, 02 Dec 2022 04:27:38 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' *.licdn.com *.linkedin.com wss://*.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/status linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; worker-src blob: 'self'; frame-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' teams.microsoft.com client.learningapp.microsoft.com
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXuvKQbfQF4VNnqvNqYfg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 19FF73E130534E19961EBD8774E35B2B Ref B: OSL30EDGE0517 Ref C: 2022-12-01T04:27:37Z
date: Thu, 01 Dec 2022 04:27:37 GMT
content-length: 0
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=2367698&time=1669868856377&url=https%3A%2F%2Fwww.bangbooz.work.gd%2Fnet.htm&liSync=true
13.107.42.14200 OK 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=2367698&time=1669868856377&url=https%3A%2F%2Fwww.bangbooz.work.gd%2Fnet.htm&liSync=true
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=2367698&time=1669868856377&url=https%3A%2F%2Fwww.bangbooz.work.gd%2Fnet.htm&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.bangbooz.work.gd/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&f45d042d-6a30-4f72-8f40-0f61d9c79812"; domain=.linkedin.com; Path=/; Secure; Expires=Fri, 01-Dec-2023 04:27:38 GMT; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2425:u=1:x=1:i=1669868858:t=1669955258:v=2:sig=AQF-mBKaxAQCq_sd7JhZDnviP9Ug1Rjo"; Expires=Fri, 02 Dec 2022 04:27:38 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXuvKQehDFV61q+VJtrIQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 9FFEE9C53FA549C5BECA94476BD43B5E Ref B: OSL30EDGE0517 Ref C: 2022-12-01T04:27:38Z
date: Thu, 01 Dec 2022 04:27:37 GMT
content-length: 0
X-Firefox-Spdy: h2
fonts.googleapis.com/icon?family=Material+Icons
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/icon?family=Material+Icons
IP 142.250.74.106:0
GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bangbooz.work.gd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 01 Dec 2022 04:27:35 GMT
date: Thu, 01 Dec 2022 04:27:35 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2