r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c83d39f350161ed2f5d20dcd68e47c92
2695a888e652cb314f8094cc6073c3364336d272
62e5cc6aea61c3c32acd964d4bbe143806416008181eebc4451a8f035b69a0bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62E5CC6AEA61C3C32ACD964D4BBE143806416008181EEBC4451A8F035B69A0BC"
Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12059
Expires: Tue, 28 Mar 2023 16:01:27 GMT
Date: Tue, 28 Mar 2023 12:40:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 93f633ce30c038eb581544323c5a971e
2f60526cb750c6babccc207f75fb5a8ae6f7598b
0ff6df80a892199848fb943af78541b66efc09a7ab70d4b169906fdbac1eabf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FF6DF80A892199848FB943AF78541B66EFC09A7AB70D4B169906FDBAC1EABF8"
Last-Modified: Mon, 27 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9223
Expires: Tue, 28 Mar 2023 15:14:11 GMT
Date: Tue, 28 Mar 2023 12:40:28 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 29fdbcd53b5646cfcdd46510063734c4
85e3ceda5ef130219f4fe8a31e52e2690c8f7d8e
24c27586332c016685e6231fec5836e921048d8aaefbcd4cd6f88969f9d91e18
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Type, Backoff, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 28 Mar 2023 12:28:03 GMT
content-type: application/json
age: 745
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5ad3eec59bebbf969f175627757507c1
b176af3a70db378c9e1f219bab24d9d446070d6f
704fa284035b4c9aa487331b516f5f11c324e204756ae2503bad2606ed34f25e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "704FA284035B4C9AA487331B516F5F11C324E204756AE2503BAD2606ED34F25E"
Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17397
Expires: Tue, 28 Mar 2023 17:30:25 GMT
Date: Tue, 28 Mar 2023 12:40:28 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: LNHDSboqzVboq4qrf9XgoE9xdfzoWK0iYJJcqle71gZgsVO3S2HdP9TzLuK7UJKGmOSQcFHRlaQ=
x-amz-request-id: C7FBKRPDTY0B4SG1
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 28 Mar 2023 11:56:12 GMT
age: 2656
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 28 Mar 2023 12:40:28 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
iwuseh.com/Zr0zCRz
72.5.35.137302 Found 1.2 kB IP 72.5.35.137:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (517)
Hash 7c64eb3970ad610f24167b2ee7ae06d0
59a64b42771012efa5ea16dccfb0ec953273d911
6e5420249e2263bbb4e8269d03292b4656ef312d95fd4854c00d45f7131a800a
GET /Zr0zCRz HTTP/1.1
Host: iwuseh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx/1.22.1
Date: Tue, 28 Mar 2023 12:40:28 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: private, must-revalidate
pragma: no-cache
expires: -1
Location: https://track.tranklatsall.com/d335a8eb-ba3e-4a55-8964-e20d02a5de24?click_id=Zr0zCRz&var2=&var3=H63F5EF05E89EC&var4=&var5=633&var6=&var7=Sandberg&var8=Stian&var9=4797741243&var10=&sms_cost=%sms_cost%
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Backoff, Pragma, Last-Modified, Cache-Control, Alert, Content-Type, ETag, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 28 Mar 2023 12:14:35 GMT
age: 1553
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 76a0aba3ddb470751c690f5a725159f2
8cb789e8e0dfa336270700ef1e607173f2aee6cd
e76de476654125a06994065d66e30c6fb6c354d0f67fd4e31a3f78679e2bfdcb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E76DE476654125A06994065D66E30C6FB6C354D0F67FD4E31A3F78679E2BFDCB"
Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17767
Expires: Tue, 28 Mar 2023 17:36:35 GMT
Date: Tue, 28 Mar 2023 12:40:28 GMT
Connection: keep-alive
track.tranklatsall.com/d335a8eb-ba3e-4a55-8964-e20d02a5de24?click_id=Zr0zCRz&var2=&var3=H63F5EF05E89EC&var4=&var5=633&var6=&var7=Sandberg&var8=Stian&var9=4797741243&var10=&sms_cost=%sms_cost%
18.192.249.87302 Found 0 B URL HTTP/2 track.tranklatsall.com/d335a8eb-ba3e-4a55-8964-e20d02a5de24?click_id=Zr0zCRz&var2=&var3=H63F5EF05E89EC&var4=&var5=633&var6=&var7=Sandberg&var8=Stian&var9=4797741243&var10=&sms_cost=%sms_cost%
IP 18.192.249.87:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /d335a8eb-ba3e-4a55-8964-e20d02a5de24?click_id=Zr0zCRz&var2=&var3=H63F5EF05E89EC&var4=&var5=633&var6=&var7=Sandberg&var8=Stian&var9=4797741243&var10=&sms_cost=%sms_cost% HTTP/1.1
Host: track.tranklatsall.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Tue, 28 Mar 2023 12:40:28 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://incomebuzzer.com/bkb/mnm206/swps/NO/1593/?dom=track.tranklatsall.com&m1=Stian&m2=Sandberg&m3=4797741243&m4=Oslo&m5=&vr=logo&cep=BfUqcQzjlSQIP_MkHM-jd7xj2wjBy3tr5Og0noxYasS6Hrfmq3y2pJex2G33l9EQOpJdjYk9rvNCPxp0hBaTwqIVlYYF8e7kmsbWxqQ_5iNUPOFSQXli1VOJSzRe5q5pnLQz8XNgNpQm_G6Qucbifwxw2LNll5Qk58UsZ4anIcC-NkXoTk6SZ8k9lYw2h_Arf5ekcttMxoAUcXjcd6xEVj2YNnkZ2QGV7vsG9d6RcK0vZBXOaVSGrDZoZcUVG78er-zu8y7Ahso-SYc4_VkoMdRfit_tickfanGW6vFl73biY2aOU22hUKY14pfJbwTJWXyr4gP-k6__fA8tdyJqL6n0GtV0anbLXQEni5xHsp-Gm6EhV0C8jLLKPahWuaaoRf9iLRp55bMEpeja4YdQhAD8sGKn8UC6erFcl6756h5L2o5DHPbi4gWDKzWiPybkSkmx7sNwJRJhwkaIN2fKASzQsTVIBnUhE0SQvCe5xrhjS2pGkgsIOuM11DWRRq2DlD4_uMlSYu0ixhilZ3FILQcqF7Xw16FY8FomVJ2F5GfSQMdZ6QQ_lFyA7XLneckDWw-yrqtR_EMreJtkno3MwIZSLHj-U6uZiHiy_k5cCpEA9hsacRGbZZtg0PAQWgDr&lptoken=165280b600bd904528bd&click_id=Zr0zCRz&var2=&var3=H63F5EF05E89EC&var4=&var5=633&var6=&var7=Sandberg&var8=Stian&var9=4797741243&var10=
pragma: no-cache
set-cookie: d335a8eb-ba3e-4a55-8964-e20d02a5de24-v4=xe58D8aGcRonhMU5JzMvx7pUZ2fYcJtr35PJBu9rx3E; Max-Age=86400; Expires=Wed, 29-Mar-2023 12:40:28 GMT; Domain=track.tranklatsall.com; Path=/; Secure; HttpOnly;SameSite=None
cep-v4=EZga5mH1vw2YKRJNrz6WZJPejsJmeOzVNHABnv7kCtutn5ihmgxAxq0WW9gt6hn6V09h5ySSEjX7Vy-oJ26Y0x8O5Q0JjH9VMzKZYQPp5drliDNkXjRX0AULbzSVzbw2GbAD7s8fGbgqpysUyJlTJVgDlXcb7APLygFio7Po1ovdcjbyAO5BMlssgNSOL8KSqq4-vxj4JQw-j7-w0inq2UBoaJq9Hrvq_GItqJDbS97pjOpMYqndOHH36ZXdx2gsITAuR02OVig0SNWbrfln_pak-497FRq6x1WBBObnIhHbKv99yT9ke5MEID5kniDd_jllNUt93K7i4LuFmhXRdAkqywtDK9GfepwjIOyPfN7VNcTgXwqMIk0mi4rHmQchWhmLBRU_SB9SL3eBNeC5YTADtUObCeZyhbCcszJYWYsJo0Ed12Ef-0ttadHj8jSZ7NDshouujIiMZE3WKk39zFe05NvaYJALSx69XBad_PTQ0-N4WcF1mBw8V26oXfRgKtTPcUTJmJNYbH2fqWWgNf3FEIpfwzg3OYWn3gqp1QvZLOAtZxM7EsYQw4RbEwLiT16u_hV-Iisji6CHk54t-9US49nFWzzEjGprQlERn6Kyn0JDwh4uFWnTHb_X5OCk; Max-Age=86400; Expires=Wed, 29-Mar-2023 12:40:28 GMT; Domain=track.tranklatsall.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 3f09ba2ccec48ff640c36a91b1b26e45
c0a6391b41ed4b14db5154e53804c419cbdc101d
112cf470e1705e0011acbef82655b83ecf7b52b219cdda6f3f349a0c39d147bb
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 28 Mar 2023 12:40:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 27 Mar 2023 23:45:44 GMT
Expires: Mon, 03 Apr 2023 23:45:43 GMT
Etag: "c0a6391b41ed4b14db5154e53804c419cbdc101d"
Cache-Control: max-age=557713,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7aeff11dcc8cb51e-OSL
incomebuzzer.com/bkb/mnm206/swps/NO/1593/?dom=track.tranklatsall.com&m1=Stian&m2=Sandberg&m3=4797741243&m4=Oslo&m5=&vr=logo&cep=BfUqcQzjlSQIP_MkHM-jd7xj2wjBy3tr5Og0noxYasS6Hrfmq3y2pJex2G33l9EQOpJdjYk9rvNCPxp0hBaTwqIVlYYF8e7kmsbWxqQ_5iNUPOFSQXli1VOJSzRe5q5pnLQz8XNgNpQm_G6Qucbifwxw2LNll5Qk58UsZ4anIcC-NkXoTk6SZ8k9lYw2h_Arf5ekcttMxoAUcXjcd6xEVj2YNnkZ2QGV7vsG9d6RcK0vZBXOaVSGrDZoZcUVG78er-zu8y7Ahso-SYc4_VkoMdRfit_tickfanGW6vFl73biY2aOU22hUKY14pfJbwTJWXyr4gP-k6__fA8tdyJqL6n0GtV0anbLXQEni5xHsp-Gm6EhV0C8jLLKPahWuaaoRf9iLRp55bMEpeja4YdQhAD8sGKn8UC6erFcl6756h5L2o5DHPbi4gWDKzWiPybkSkmx7sNwJRJhwkaIN2fKASzQsTVIBnUhE0SQvCe5xrhjS2pGkgsIOuM11DWRRq2DlD4_uMlSYu0ixhilZ3FILQcqF7Xw16FY8FomVJ2F5GfSQMdZ6QQ_lFyA7XLneckDWw-yrqtR_EMreJtkno3MwIZSLHj-U6uZiHiy_k5cCpEA9hsacRGbZZtg0PAQWgDr&lptoken=165280b600bd904528bd&click_id=Zr0zCRz&var2=&var3=H63F5EF05E89EC&var4=&var5=633&var6=&var7=Sandberg&var8=Stian&var9=4797741243&var10=
162.0.217.18200 OK 2.8 kB URL HTTP/2 incomebuzzer.com/bkb/mnm206/swps/NO/1593/?dom=track.tranklatsall.com&m1=Stian&m2=Sandberg&m3=4797741243&m4=Oslo&m5=&vr=logo&cep=BfUqcQzjlSQIP_MkHM-jd7xj2wjBy3tr5Og0noxYasS6Hrfmq3y2pJex2G33l9EQOpJdjYk9rvNCPxp0hBaTwqIVlYYF8e7kmsbWxqQ_5iNUPOFSQXli1VOJSzRe5q5pnLQz8XNgNpQm_G6Qucbifwxw2LNll5Qk58UsZ4anIcC-NkXoTk6SZ8k9lYw2h_Arf5ekcttMxoAUcXjcd6xEVj2YNnkZ2QGV7vsG9d6RcK0vZBXOaVSGrDZoZcUVG78er-zu8y7Ahso-SYc4_VkoMdRfit_tickfanGW6vFl73biY2aOU22hUKY14pfJbwTJWXyr4gP-k6__fA8tdyJqL6n0GtV0anbLXQEni5xHsp-Gm6EhV0C8jLLKPahWuaaoRf9iLRp55bMEpeja4YdQhAD8sGKn8UC6erFcl6756h5L2o5DHPbi4gWDKzWiPybkSkmx7sNwJRJhwkaIN2fKASzQsTVIBnUhE0SQvCe5xrhjS2pGkgsIOuM11DWRRq2DlD4_uMlSYu0ixhilZ3FILQcqF7Xw16FY8FomVJ2F5GfSQMdZ6QQ_lFyA7XLneckDWw-yrqtR_EMreJtkno3MwIZSLHj-U6uZiHiy_k5cCpEA9hsacRGbZZtg0PAQWgDr&lptoken=165280b600bd904528bd&click_id=Zr0zCRz&var2=&var3=H63F5EF05E89EC&var4=&var5=633&var6=&var7=Sandberg&var8=Stian&var9=4797741243&var10=
IP 162.0.217.18:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 4c944b37e15a1a1ed4df31857c041cc0
ea71e5c202bd5c105b4c268bd9cfc46e5ebbd20f
265c39286139f4c6f797e486567c8ea53e87767d98961f41103b9ad9f31470d4
Analyzer Verdict Alert quad9 Sinkholed
GET /bkb/mnm206/swps/NO/1593/?dom=track.tranklatsall.com&m1=Stian&m2=Sandberg&m3=4797741243&m4=Oslo&m5=&vr=logo&cep=BfUqcQzjlSQIP_MkHM-jd7xj2wjBy3tr5Og0noxYasS6Hrfmq3y2pJex2G33l9EQOpJdjYk9rvNCPxp0hBaTwqIVlYYF8e7kmsbWxqQ_5iNUPOFSQXli1VOJSzRe5q5pnLQz8XNgNpQm_G6Qucbifwxw2LNll5Qk58UsZ4anIcC-NkXoTk6SZ8k9lYw2h_Arf5ekcttMxoAUcXjcd6xEVj2YNnkZ2QGV7vsG9d6RcK0vZBXOaVSGrDZoZcUVG78er-zu8y7Ahso-SYc4_VkoMdRfit_tickfanGW6vFl73biY2aOU22hUKY14pfJbwTJWXyr4gP-k6__fA8tdyJqL6n0GtV0anbLXQEni5xHsp-Gm6EhV0C8jLLKPahWuaaoRf9iLRp55bMEpeja4YdQhAD8sGKn8UC6erFcl6756h5L2o5DHPbi4gWDKzWiPybkSkmx7sNwJRJhwkaIN2fKASzQsTVIBnUhE0SQvCe5xrhjS2pGkgsIOuM11DWRRq2DlD4_uMlSYu0ixhilZ3FILQcqF7Xw16FY8FomVJ2F5GfSQMdZ6QQ_lFyA7XLneckDWw-yrqtR_EMreJtkno3MwIZSLHj-U6uZiHiy_k5cCpEA9hsacRGbZZtg0PAQWgDr&lptoken=165280b600bd904528bd&click_id=Zr0zCRz&var2=&var3=H63F5EF05E89EC&var4=&var5=633&var6=&var7=Sandberg&var8=Stian&var9=4797741243&var10= HTTP/1.1
Host: incomebuzzer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html
last-modified: Tue, 28 Mar 2023 06:13:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2834
date: Tue, 28 Mar 2023 12:40:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.164.132.223101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.164.132.223:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: IhPAwyLeyXPrV/YdPujR5A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: pY3wFeFMqX1X4fXIgf0TF/6hghk=
incomebuzzer.com/bkb/mnm206/swps/NO/1593/css/bootstrap/bootstrap.min.css
162.0.217.18200 OK 21 kB URL HTTP/2 incomebuzzer.com/bkb/mnm206/swps/NO/1593/css/bootstrap/bootstrap.min.css
IP 162.0.217.18:0
File type ASCII text, with very long lines (65324)
Hash 123062a501318cc73759315eaeffca9c
0542dbfd3008893ffcf9cfbd31783b14523adf4e
e37a08be15644b88b5b90bad49a9282d36ececef5f1bd98b74640728bcfa0a3c
Analyzer Verdict Alert quad9 Sinkholed
GET /bkb/mnm206/swps/NO/1593/css/bootstrap/bootstrap.min.css HTTP/1.1
Host: incomebuzzer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://incomebuzzer.com/bkb/mnm206/swps/NO/1593/?dom=track.tranklatsall.com&m1=Stian&m2=Sandberg&m3=4797741243&m4=Oslo&m5=&vr=logo&cep=BfUqcQzjlSQIP_MkHM-jd7xj2wjBy3tr5Og0noxYasS6Hrfmq3y2pJex2G33l9EQOpJdjYk9rvNCPxp0hBaTwqIVlYYF8e7kmsbWxqQ_5iNUPOFSQXli1VOJSzRe5q5pnLQz8XNgNpQm_G6Qucbifwxw2LNll5Qk58UsZ4anIcC-NkXoTk6SZ8k9lYw2h_Arf5ekcttMxoAUcXjcd6xEVj2YNnkZ2QGV7vsG9d6RcK0vZBXOaVSGrDZoZcUVG78er-zu8y7Ahso-SYc4_VkoMdRfit_tickfanGW6vFl73biY2aOU22hUKY14pfJbwTJWXyr4gP-k6__fA8tdyJqL6n0GtV0anbLXQEni5xHsp-Gm6EhV0C8jLLKPahWuaaoRf9iLRp55bMEpeja4YdQhAD8sGKn8UC6erFcl6756h5L2o5DHPbi4gWDKzWiPybkSkmx7sNwJRJhwkaIN2fKASzQsTVIBnUhE0SQvCe5xrhjS2pGkgsIOuM11DWRRq2DlD4_uMlSYu0ixhilZ3FILQcqF7Xw16FY8FomVJ2F5GfSQMdZ6QQ_lFyA7XLneckDWw-yrqtR_EMreJtkno3MwIZSLHj-U6uZiHiy_k5cCpEA9hsacRGbZZtg0PAQWgDr&lptoken=165280b600bd904528bd&click_id=Zr0zCRz&var2=&var3=H63F5EF05E89EC&var4=&var5=633&var6=&var7=Sandberg&var8=Stian&var9=4797741243&var10=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Apr 2023 12:40:29 GMT
content-type: text/css
last-modified: Tue, 28 Mar 2023 06:13:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 20941
date: Tue, 28 Mar 2023 12:40:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js
104.17.24.14200 OK 6.6 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (20831)
Hash 368c425fc94c424e1688caadefbed981
13d24c22c199ef6668d758434819f44307a65094
ed9c7a83e1c1300a93ecd08807a736ebe7b87ab8262a40bc7e3859d00a46a102
GET /ajax/libs/popper.js/1.14.7/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://incomebuzzer.com
Connection: keep-alive
Referer: https://incomebuzzer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 28 Mar 2023 12:40:29 GMT
content-type: application/javascript; charset=utf-8
content-length: 6646
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-520c"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 403679
expires: Sun, 17 Mar 2024 12:40:29 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GVZjqaRwduqQJAbVplzxj%2Fr15bghSrHLtWoWWWlt%2BOG4wq7k5pvZfU84xfhUENjNoqW%2BNt1g1npRMoEi3chkMO6GesPDFvxfMO9K6GK87vOjSQBWO7eNtW0%2FdtgEdMqQ8lMXAw0m"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7aeff11f4f31b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
104.17.24.14200 OK 4.2 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (65348)
Hash eefc9abe5bc10d658a2393a70d052566
dd49deafcd3ebe1306cda0b843f2da265f8a90e1
6011c33e447455e96e1d4926b0e15ca399eb993163a8e5ee0c523947396d66c3
GET /ajax/libs/animate.css/4.1.1/animate.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://incomebuzzer.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 28 Mar 2023 12:40:29 GMT
content-type: text/css; charset=utf-8
content-length: 4216
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f5628a2-11846"
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1615577
expires: Sun, 17 Mar 2024 12:40:29 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L8fyfzY7LFVI%2FL5RR5h2pGm%2FFfz6gdsNMWlW2UZZ4b3fJfTR%2BmVnQIlspQnb5VztAcTl%2FSoRSU8eJkwFlyzD3t7qt0nvZiEX%2BFBa%2B%2BFfbz9DWU1x3nKldfJdspo9KBwjcIYmMl38"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7aeff11f4f43b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
incomebuzzer.com/bkb/mnm206/swps/NO/1593/css/style.css
162.0.217.18200 OK 2.0 kB URL HTTP/2 incomebuzzer.com/bkb/mnm206/swps/NO/1593/css/style.css
IP 162.0.217.18:0
Hash 1b881ca942c1177d7e6e987a2ed90263
e9cc46947709cd26c0ca894adfc4dd9871bc63a6
a5f1044b77158fffc06fe5a46bc3b9056a5fdef5e39f4ca5e649fec7387b95cd
Analyzer Verdict Alert quad9 Sinkholed
GET /bkb/mnm206/swps/NO/1593/css/style.css HTTP/1.1
Host: incomebuzzer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://incomebuzzer.com/bkb/mnm206/swps/NO/1593/?dom=track.tranklatsall.com&m1=Stian&m2=Sandberg&m3=4797741243&m4=Oslo&m5=&vr=logo&cep=BfUqcQzjlSQIP_MkHM-jd7xj2wjBy3tr5Og0noxYasS6Hrfmq3y2pJex2G33l9EQOpJdjYk9rvNCPxp0hBaTwqIVlYYF8e7kmsbWxqQ_5iNUPOFSQXli1VOJSzRe5q5pnLQz8XNgNpQm_G6Qucbifwxw2LNll5Qk58UsZ4anIcC-NkXoTk6SZ8k9lYw2h_Arf5ekcttMxoAUcXjcd6xEVj2YNnkZ2QGV7vsG9d6RcK0vZBXOaVSGrDZoZcUVG78er-zu8y7Ahso-SYc4_VkoMdRfit_tickfanGW6vFl73biY2aOU22hUKY14pfJbwTJWXyr4gP-k6__fA8tdyJqL6n0GtV0anbLXQEni5xHsp-Gm6EhV0C8jLLKPahWuaaoRf9iLRp55bMEpeja4YdQhAD8sGKn8UC6erFcl6756h5L2o5DHPbi4gWDKzWiPybkSkmx7sNwJRJhwkaIN2fKASzQsTVIBnUhE0SQvCe5xrhjS2pGkgsIOuM11DWRRq2DlD4_uMlSYu0ixhilZ3FILQcqF7Xw16FY8FomVJ2F5GfSQMdZ6QQ_lFyA7XLneckDWw-yrqtR_EMreJtkno3MwIZSLHj-U6uZiHiy_k5cCpEA9hsacRGbZZtg0PAQWgDr&lptoken=165280b600bd904528bd&click_id=Zr0zCRz&var2=&var3=H63F5EF05E89EC&var4=&var5=633&var6=&var7=Sandberg&var8=Stian&var9=4797741243&var10=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Apr 2023 12:40:29 GMT
content-type: text/css
last-modified: Tue, 28 Mar 2023 06:13:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1974
date: Tue, 28 Mar 2023 12:40:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
incomebuzzer.com/bkb/mnm206/swps/NO/1593/css/animate.css
162.0.217.18200 OK 4.5 kB URL HTTP/2 incomebuzzer.com/bkb/mnm206/swps/NO/1593/css/animate.css
IP 162.0.217.18:0
File type ASCII text, with CRLF line terminators
Hash b928e4ed8108147cf52d8e33611fe8a8
5e65a0e7dd22f097c8d7cf9985c097ef8846ca03
285dbbe5815743dd9c12da8507795f5f7c38ebb31e0685e796eca2e0025a528d
Analyzer Verdict Alert quad9 Sinkholed
GET /bkb/mnm206/swps/NO/1593/css/animate.css HTTP/1.1
Host: incomebuzzer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://incomebuzzer.com/bkb/mnm206/swps/NO/1593/?dom=track.tranklatsall.com&m1=Stian&m2=Sandberg&m3=4797741243&m4=Oslo&m5=&vr=logo&cep=BfUqcQzjlSQIP_MkHM-jd7xj2wjBy3tr5Og0noxYasS6Hrfmq3y2pJex2G33l9EQOpJdjYk9rvNCPxp0hBaTwqIVlYYF8e7kmsbWxqQ_5iNUPOFSQXli1VOJSzRe5q5pnLQz8XNgNpQm_G6Qucbifwxw2LNll5Qk58UsZ4anIcC-NkXoTk6SZ8k9lYw2h_Arf5ekcttMxoAUcXjcd6xEVj2YNnkZ2QGV7vsG9d6RcK0vZBXOaVSGrDZoZcUVG78er-zu8y7Ahso-SYc4_VkoMdRfit_tickfanGW6vFl73biY2aOU22hUKY14pfJbwTJWXyr4gP-k6__fA8tdyJqL6n0GtV0anbLXQEni5xHsp-Gm6EhV0C8jLLKPahWuaaoRf9iLRp55bMEpeja4YdQhAD8sGKn8UC6erFcl6756h5L2o5DHPbi4gWDKzWiPybkSkmx7sNwJRJhwkaIN2fKASzQsTVIBnUhE0SQvCe5xrhjS2pGkgsIOuM11DWRRq2DlD4_uMlSYu0ixhilZ3FILQcqF7Xw16FY8FomVJ2F5GfSQMdZ6QQ_lFyA7XLneckDWw-yrqtR_EMreJtkno3MwIZSLHj-U6uZiHiy_k5cCpEA9hsacRGbZZtg0PAQWgDr&lptoken=165280b600bd904528bd&click_id=Zr0zCRz&var2=&var3=H63F5EF05E89EC&var4=&var5=633&var6=&var7=Sandberg&var8=Stian&var9=4797741243&var10=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Apr 2023 12:40:29 GMT
content-type: text/css
last-modified: Tue, 28 Mar 2023 06:13:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4464
date: Tue, 28 Mar 2023 12:40:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d2d4415f4eeb34e663d209eeddd8d25d
5d239718d7235d1f62e10d7d381c5a063e94c73a
cc35be0a21b7442cc2628ea8cd42023f81eb2deea66e5149a22776228b105213
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 28 Mar 2023 12:40:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
142.250.74.74200 OK 31 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP 142.250.74.74:0
File type ASCII text, with very long lines (65451)
Hash 81182f4b684635f6bdcbdd907ee66f25
a1f2f151df72ede41397c8131bd47a3ce85575b3
be40946c98d9a78a3c7c9ad097d379ab12549a195bd7a4766919a1d3fd987396
GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://incomebuzzer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 22:25:47 GMT
expires: Sat, 23 Mar 2024 22:25:47 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Mon, 13 May 2019 14:37:17 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 310482
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
incomebuzzer.com/bkb/mnm206/swps/NO/1593/images/spinner.gif
162.0.217.18404 Not Found 1.2 kB URL HTTP/2 incomebuzzer.com/bkb/mnm206/swps/NO/1593/images/spinner.gif
IP 162.0.217.18:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
Analyzer Verdict Alert quad9 Sinkholed
GET /bkb/mnm206/swps/NO/1593/images/spinner.gif HTTP/1.1
Host: incomebuzzer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://incomebuzzer.com/bkb/mnm206/swps/NO/1593/?dom=track.tranklatsall.com&m1=Stian&m2=Sandberg&m3=4797741243&m4=Oslo&m5=&vr=logo&cep=BfUqcQzjlSQIP_MkHM-jd7xj2wjBy3tr5Og0noxYasS6Hrfmq3y2pJex2G33l9EQOpJdjYk9rvNCPxp0hBaTwqIVlYYF8e7kmsbWxqQ_5iNUPOFSQXli1VOJSzRe5q5pnLQz8XNgNpQm_G6Qucbifwxw2LNll5Qk58UsZ4anIcC-NkXoTk6SZ8k9lYw2h_Arf5ekcttMxoAUcXjcd6xEVj2YNnkZ2QGV7vsG9d6RcK0vZBXOaVSGrDZoZcUVG78er-zu8y7Ahso-SYc4_VkoMdRfit_tickfanGW6vFl73biY2aOU22hUKY14pfJbwTJWXyr4gP-k6__fA8tdyJqL6n0GtV0anbLXQEni5xHsp-Gm6EhV0C8jLLKPahWuaaoRf9iLRp55bMEpeja4YdQhAD8sGKn8UC6erFcl6756h5L2o5DHPbi4gWDKzWiPybkSkmx7sNwJRJhwkaIN2fKASzQsTVIBnUhE0SQvCe5xrhjS2pGkgsIOuM11DWRRq2DlD4_uMlSYu0ixhilZ3FILQcqF7Xw16FY8FomVJ2F5GfSQMdZ6QQ_lFyA7XLneckDWw-yrqtR_EMreJtkno3MwIZSLHj-U6uZiHiy_k5cCpEA9hsacRGbZZtg0PAQWgDr&lptoken=165280b600bd904528bd&click_id=Zr0zCRz&var2=&var3=H63F5EF05E89EC&var4=&var5=633&var6=&var7=Sandberg&var8=Stian&var9=4797741243&var10=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Tue, 28 Mar 2023 12:40:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
incomebuzzer.com/bkb/mnm206/swps/NO/1593/img/spinner.gif
162.0.217.18200 OK 42 kB URL HTTP/2 incomebuzzer.com/bkb/mnm206/swps/NO/1593/img/spinner.gif
IP 162.0.217.18:0
File type GIF image data, version 89a, 110 x 110\012- data
Hash 15e0200bc740473687e186d300ae6f42
372adf98908a2a0ec8f295b82d0369566e462e43
bd947b144e2dd3a3b54ffe5de65904116b94f2016c86e3ae7c449f101cb9d364
Analyzer Verdict Alert quad9 Sinkholed
GET /bkb/mnm206/swps/NO/1593/img/spinner.gif HTTP/1.1
Host: incomebuzzer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://incomebuzzer.com/bkb/mnm206/swps/NO/1593/?dom=track.tranklatsall.com&m1=Stian&m2=Sandberg&m3=4797741243&m4=Oslo&m5=&vr=logo&cep=BfUqcQzjlSQIP_MkHM-jd7xj2wjBy3tr5Og0noxYasS6Hrfmq3y2pJex2G33l9EQOpJdjYk9rvNCPxp0hBaTwqIVlYYF8e7kmsbWxqQ_5iNUPOFSQXli1VOJSzRe5q5pnLQz8XNgNpQm_G6Qucbifwxw2LNll5Qk58UsZ4anIcC-NkXoTk6SZ8k9lYw2h_Arf5ekcttMxoAUcXjcd6xEVj2YNnkZ2QGV7vsG9d6RcK0vZBXOaVSGrDZoZcUVG78er-zu8y7Ahso-SYc4_VkoMdRfit_tickfanGW6vFl73biY2aOU22hUKY14pfJbwTJWXyr4gP-k6__fA8tdyJqL6n0GtV0anbLXQEni5xHsp-Gm6EhV0C8jLLKPahWuaaoRf9iLRp55bMEpeja4YdQhAD8sGKn8UC6erFcl6756h5L2o5DHPbi4gWDKzWiPybkSkmx7sNwJRJhwkaIN2fKASzQsTVIBnUhE0SQvCe5xrhjS2pGkgsIOuM11DWRRq2DlD4_uMlSYu0ixhilZ3FILQcqF7Xw16FY8FomVJ2F5GfSQMdZ6QQ_lFyA7XLneckDWw-yrqtR_EMreJtkno3MwIZSLHj-U6uZiHiy_k5cCpEA9hsacRGbZZtg0PAQWgDr&lptoken=165280b600bd904528bd&click_id=Zr0zCRz&var2=&var3=H63F5EF05E89EC&var4=&var5=633&var6=&var7=Sandberg&var8=Stian&var9=4797741243&var10=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Apr 2023 12:40:29 GMT
content-type: image/gif
last-modified: Tue, 28 Mar 2023 06:13:13 GMT
accept-ranges: bytes
content-length: 41934
date: Tue, 28 Mar 2023 12:40:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
incomebuzzer.com/bkb/mnm206/swps/NO/1593/img/logo-colissimo.svg
162.0.217.18200 OK 562 B URL HTTP/2 incomebuzzer.com/bkb/mnm206/swps/NO/1593/img/logo-colissimo.svg
IP 162.0.217.18:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (923)
Hash a6d0a52d97f9468f2d485980c0e201bf
e7e6a559a6372990a8c59ca075accdb923cc2733
7d49402f1c910ac00ef2744d9e6ef7d3c9d582d3b8c25568b99f6576cb0d2670
Analyzer Verdict Alert quad9 Sinkholed
GET /bkb/mnm206/swps/NO/1593/img/logo-colissimo.svg HTTP/1.1
Host: incomebuzzer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://incomebuzzer.com/bkb/mnm206/swps/NO/1593/?dom=track.tranklatsall.com&m1=Stian&m2=Sandberg&m3=4797741243&m4=Oslo&m5=&vr=logo&cep=BfUqcQzjlSQIP_MkHM-jd7xj2wjBy3tr5Og0noxYasS6Hrfmq3y2pJex2G33l9EQOpJdjYk9rvNCPxp0hBaTwqIVlYYF8e7kmsbWxqQ_5iNUPOFSQXli1VOJSzRe5q5pnLQz8XNgNpQm_G6Qucbifwxw2LNll5Qk58UsZ4anIcC-NkXoTk6SZ8k9lYw2h_Arf5ekcttMxoAUcXjcd6xEVj2YNnkZ2QGV7vsG9d6RcK0vZBXOaVSGrDZoZcUVG78er-zu8y7Ahso-SYc4_VkoMdRfit_tickfanGW6vFl73biY2aOU22hUKY14pfJbwTJWXyr4gP-k6__fA8tdyJqL6n0GtV0anbLXQEni5xHsp-Gm6EhV0C8jLLKPahWuaaoRf9iLRp55bMEpeja4YdQhAD8sGKn8UC6erFcl6756h5L2o5DHPbi4gWDKzWiPybkSkmx7sNwJRJhwkaIN2fKASzQsTVIBnUhE0SQvCe5xrhjS2pGkgsIOuM11DWRRq2DlD4_uMlSYu0ixhilZ3FILQcqF7Xw16FY8FomVJ2F5GfSQMdZ6QQ_lFyA7XLneckDWw-yrqtR_EMreJtkno3MwIZSLHj-U6uZiHiy_k5cCpEA9hsacRGbZZtg0PAQWgDr&lptoken=165280b600bd904528bd&click_id=Zr0zCRz&var2=&var3=H63F5EF05E89EC&var4=&var5=633&var6=&var7=Sandberg&var8=Stian&var9=4797741243&var10=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Apr 2023 12:40:29 GMT
content-type: image/svg+xml
last-modified: Tue, 28 Mar 2023 06:13:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 562
date: Tue, 28 Mar 2023 12:40:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d2d4415f4eeb34e663d209eeddd8d25d
5d239718d7235d1f62e10d7d381c5a063e94c73a
cc35be0a21b7442cc2628ea8cd42023f81eb2deea66e5149a22776228b105213
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 28 Mar 2023 12:40:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
incomebuzzer.com/bkb/mnm206/swps/NO/1593/js/custom.js
162.0.217.18200 OK 1.3 kB URL HTTP/2 incomebuzzer.com/bkb/mnm206/swps/NO/1593/js/custom.js
IP 162.0.217.18:0
Hash c376187c35e6c8da07dd8741519e6b46
437273e698a5311f35ecfe9ec0005d79fe02a1b2
948b581128520434709d7aa72b25d31e98af5531295c2f8b33bca7620c150b5c
Analyzer Verdict Alert quad9 Sinkholed
GET /bkb/mnm206/swps/NO/1593/js/custom.js HTTP/1.1
Host: incomebuzzer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://incomebuzzer.com/bkb/mnm206/swps/NO/1593/?dom=track.tranklatsall.com&m1=Stian&m2=Sandberg&m3=4797741243&m4=Oslo&m5=&vr=logo&cep=BfUqcQzjlSQIP_MkHM-jd7xj2wjBy3tr5Og0noxYasS6Hrfmq3y2pJex2G33l9EQOpJdjYk9rvNCPxp0hBaTwqIVlYYF8e7kmsbWxqQ_5iNUPOFSQXli1VOJSzRe5q5pnLQz8XNgNpQm_G6Qucbifwxw2LNll5Qk58UsZ4anIcC-NkXoTk6SZ8k9lYw2h_Arf5ekcttMxoAUcXjcd6xEVj2YNnkZ2QGV7vsG9d6RcK0vZBXOaVSGrDZoZcUVG78er-zu8y7Ahso-SYc4_VkoMdRfit_tickfanGW6vFl73biY2aOU22hUKY14pfJbwTJWXyr4gP-k6__fA8tdyJqL6n0GtV0anbLXQEni5xHsp-Gm6EhV0C8jLLKPahWuaaoRf9iLRp55bMEpeja4YdQhAD8sGKn8UC6erFcl6756h5L2o5DHPbi4gWDKzWiPybkSkmx7sNwJRJhwkaIN2fKASzQsTVIBnUhE0SQvCe5xrhjS2pGkgsIOuM11DWRRq2DlD4_uMlSYu0ixhilZ3FILQcqF7Xw16FY8FomVJ2F5GfSQMdZ6QQ_lFyA7XLneckDWw-yrqtR_EMreJtkno3MwIZSLHj-U6uZiHiy_k5cCpEA9hsacRGbZZtg0PAQWgDr&lptoken=165280b600bd904528bd&click_id=Zr0zCRz&var2=&var3=H63F5EF05E89EC&var4=&var5=633&var6=&var7=Sandberg&var8=Stian&var9=4797741243&var10=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Apr 2023 12:40:29 GMT
content-type: application/javascript
last-modified: Tue, 28 Mar 2023 06:13:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1325
date: Tue, 28 Mar 2023 12:40:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
incomebuzzer.com/bkb/mnm206/swps/NO/1593/img/parcel.png
162.0.217.18200 OK 61 kB URL HTTP/2 incomebuzzer.com/bkb/mnm206/swps/NO/1593/img/parcel.png
IP 162.0.217.18:0
File type PNG image data, 347 x 286, 8-bit/color RGBA, non-interlaced\012- data
Hash 69fcd1d7a65e86d598827241df19a486
3df73b00e88ae629647507259fbf175558c92ce7
83039dfded56f43693e12b49ce15aed05f80f342d732449a383d7cfccc806a6c
Analyzer Verdict Alert quad9 Sinkholed
GET /bkb/mnm206/swps/NO/1593/img/parcel.png HTTP/1.1
Host: incomebuzzer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://incomebuzzer.com/bkb/mnm206/swps/NO/1593/?dom=track.tranklatsall.com&m1=Stian&m2=Sandberg&m3=4797741243&m4=Oslo&m5=&vr=logo&cep=BfUqcQzjlSQIP_MkHM-jd7xj2wjBy3tr5Og0noxYasS6Hrfmq3y2pJex2G33l9EQOpJdjYk9rvNCPxp0hBaTwqIVlYYF8e7kmsbWxqQ_5iNUPOFSQXli1VOJSzRe5q5pnLQz8XNgNpQm_G6Qucbifwxw2LNll5Qk58UsZ4anIcC-NkXoTk6SZ8k9lYw2h_Arf5ekcttMxoAUcXjcd6xEVj2YNnkZ2QGV7vsG9d6RcK0vZBXOaVSGrDZoZcUVG78er-zu8y7Ahso-SYc4_VkoMdRfit_tickfanGW6vFl73biY2aOU22hUKY14pfJbwTJWXyr4gP-k6__fA8tdyJqL6n0GtV0anbLXQEni5xHsp-Gm6EhV0C8jLLKPahWuaaoRf9iLRp55bMEpeja4YdQhAD8sGKn8UC6erFcl6756h5L2o5DHPbi4gWDKzWiPybkSkmx7sNwJRJhwkaIN2fKASzQsTVIBnUhE0SQvCe5xrhjS2pGkgsIOuM11DWRRq2DlD4_uMlSYu0ixhilZ3FILQcqF7Xw16FY8FomVJ2F5GfSQMdZ6QQ_lFyA7XLneckDWw-yrqtR_EMreJtkno3MwIZSLHj-U6uZiHiy_k5cCpEA9hsacRGbZZtg0PAQWgDr&lptoken=165280b600bd904528bd&click_id=Zr0zCRz&var2=&var3=H63F5EF05E89EC&var4=&var5=633&var6=&var7=Sandberg&var8=Stian&var9=4797741243&var10=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Apr 2023 12:40:29 GMT
content-type: image/png
last-modified: Tue, 28 Mar 2023 06:13:13 GMT
accept-ranges: bytes
content-length: 60796
date: Tue, 28 Mar 2023 12:40:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
incomebuzzer.com/bkb/mnm206/swps/NO/1593/img/intro-logo.png
162.0.217.18200 OK 12 kB URL HTTP/2 incomebuzzer.com/bkb/mnm206/swps/NO/1593/img/intro-logo.png
IP 162.0.217.18:0
File type PNG image data, 400 x 77, 8-bit/color RGBA, non-interlaced\012- data
Hash 8efcfb49713925e40792e8cdc8038c55
e289601aec5af2a2539133e63aced519a9cfae05
94331215ac158c0ab2c7f2a395f7ba17d706ba97e5cf8d3bc2992141fb7116cb
Analyzer Verdict Alert quad9 Sinkholed
GET /bkb/mnm206/swps/NO/1593/img/intro-logo.png HTTP/1.1
Host: incomebuzzer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://incomebuzzer.com/bkb/mnm206/swps/NO/1593/?dom=track.tranklatsall.com&m1=Stian&m2=Sandberg&m3=4797741243&m4=Oslo&m5=&vr=logo&cep=BfUqcQzjlSQIP_MkHM-jd7xj2wjBy3tr5Og0noxYasS6Hrfmq3y2pJex2G33l9EQOpJdjYk9rvNCPxp0hBaTwqIVlYYF8e7kmsbWxqQ_5iNUPOFSQXli1VOJSzRe5q5pnLQz8XNgNpQm_G6Qucbifwxw2LNll5Qk58UsZ4anIcC-NkXoTk6SZ8k9lYw2h_Arf5ekcttMxoAUcXjcd6xEVj2YNnkZ2QGV7vsG9d6RcK0vZBXOaVSGrDZoZcUVG78er-zu8y7Ahso-SYc4_VkoMdRfit_tickfanGW6vFl73biY2aOU22hUKY14pfJbwTJWXyr4gP-k6__fA8tdyJqL6n0GtV0anbLXQEni5xHsp-Gm6EhV0C8jLLKPahWuaaoRf9iLRp55bMEpeja4YdQhAD8sGKn8UC6erFcl6756h5L2o5DHPbi4gWDKzWiPybkSkmx7sNwJRJhwkaIN2fKASzQsTVIBnUhE0SQvCe5xrhjS2pGkgsIOuM11DWRRq2DlD4_uMlSYu0ixhilZ3FILQcqF7Xw16FY8FomVJ2F5GfSQMdZ6QQ_lFyA7XLneckDWw-yrqtR_EMreJtkno3MwIZSLHj-U6uZiHiy_k5cCpEA9hsacRGbZZtg0PAQWgDr&lptoken=165280b600bd904528bd&click_id=Zr0zCRz&var2=&var3=H63F5EF05E89EC&var4=&var5=633&var6=&var7=Sandberg&var8=Stian&var9=4797741243&var10=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Apr 2023 12:40:29 GMT
content-type: image/png
last-modified: Tue, 28 Mar 2023 06:13:13 GMT
accept-ranges: bytes
content-length: 12427
date: Tue, 28 Mar 2023 12:40:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
incomebuzzer.com/bkb/mnm206/swps/NO/1593/img/logo.png
162.0.217.18200 OK 12 kB URL HTTP/2 incomebuzzer.com/bkb/mnm206/swps/NO/1593/img/logo.png
IP 162.0.217.18:0
File type PNG image data, 400 x 77, 8-bit/color RGBA, non-interlaced\012- data
Hash 8efcfb49713925e40792e8cdc8038c55
e289601aec5af2a2539133e63aced519a9cfae05
94331215ac158c0ab2c7f2a395f7ba17d706ba97e5cf8d3bc2992141fb7116cb
Analyzer Verdict Alert quad9 Sinkholed
GET /bkb/mnm206/swps/NO/1593/img/logo.png HTTP/1.1
Host: incomebuzzer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://incomebuzzer.com/bkb/mnm206/swps/NO/1593/?dom=track.tranklatsall.com&m1=Stian&m2=Sandberg&m3=4797741243&m4=Oslo&m5=&vr=logo&cep=BfUqcQzjlSQIP_MkHM-jd7xj2wjBy3tr5Og0noxYasS6Hrfmq3y2pJex2G33l9EQOpJdjYk9rvNCPxp0hBaTwqIVlYYF8e7kmsbWxqQ_5iNUPOFSQXli1VOJSzRe5q5pnLQz8XNgNpQm_G6Qucbifwxw2LNll5Qk58UsZ4anIcC-NkXoTk6SZ8k9lYw2h_Arf5ekcttMxoAUcXjcd6xEVj2YNnkZ2QGV7vsG9d6RcK0vZBXOaVSGrDZoZcUVG78er-zu8y7Ahso-SYc4_VkoMdRfit_tickfanGW6vFl73biY2aOU22hUKY14pfJbwTJWXyr4gP-k6__fA8tdyJqL6n0GtV0anbLXQEni5xHsp-Gm6EhV0C8jLLKPahWuaaoRf9iLRp55bMEpeja4YdQhAD8sGKn8UC6erFcl6756h5L2o5DHPbi4gWDKzWiPybkSkmx7sNwJRJhwkaIN2fKASzQsTVIBnUhE0SQvCe5xrhjS2pGkgsIOuM11DWRRq2DlD4_uMlSYu0ixhilZ3FILQcqF7Xw16FY8FomVJ2F5GfSQMdZ6QQ_lFyA7XLneckDWw-yrqtR_EMreJtkno3MwIZSLHj-U6uZiHiy_k5cCpEA9hsacRGbZZtg0PAQWgDr&lptoken=165280b600bd904528bd&click_id=Zr0zCRz&var2=&var3=H63F5EF05E89EC&var4=&var5=633&var6=&var7=Sandberg&var8=Stian&var9=4797741243&var10=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Apr 2023 12:40:29 GMT
content-type: image/png
last-modified: Tue, 28 Mar 2023 06:13:13 GMT
accept-ranges: bytes
content-length: 12427
date: Tue, 28 Mar 2023 12:40:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
incomebuzzer.com/bkb/mnm206/swps/NO/1593/images/spinner.gif
162.0.217.18404 Not Found 1.2 kB URL HTTP/2 incomebuzzer.com/bkb/mnm206/swps/NO/1593/images/spinner.gif
IP 162.0.217.18:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
Analyzer Verdict Alert quad9 Sinkholed
GET /bkb/mnm206/swps/NO/1593/images/spinner.gif HTTP/1.1
Host: incomebuzzer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://incomebuzzer.com/bkb/mnm206/swps/NO/1593/?dom=track.tranklatsall.com&m1=Stian&m2=Sandberg&m3=4797741243&m4=Oslo&m5=&vr=logo&cep=BfUqcQzjlSQIP_MkHM-jd7xj2wjBy3tr5Og0noxYasS6Hrfmq3y2pJex2G33l9EQOpJdjYk9rvNCPxp0hBaTwqIVlYYF8e7kmsbWxqQ_5iNUPOFSQXli1VOJSzRe5q5pnLQz8XNgNpQm_G6Qucbifwxw2LNll5Qk58UsZ4anIcC-NkXoTk6SZ8k9lYw2h_Arf5ekcttMxoAUcXjcd6xEVj2YNnkZ2QGV7vsG9d6RcK0vZBXOaVSGrDZoZcUVG78er-zu8y7Ahso-SYc4_VkoMdRfit_tickfanGW6vFl73biY2aOU22hUKY14pfJbwTJWXyr4gP-k6__fA8tdyJqL6n0GtV0anbLXQEni5xHsp-Gm6EhV0C8jLLKPahWuaaoRf9iLRp55bMEpeja4YdQhAD8sGKn8UC6erFcl6756h5L2o5DHPbi4gWDKzWiPybkSkmx7sNwJRJhwkaIN2fKASzQsTVIBnUhE0SQvCe5xrhjS2pGkgsIOuM11DWRRq2DlD4_uMlSYu0ixhilZ3FILQcqF7Xw16FY8FomVJ2F5GfSQMdZ6QQ_lFyA7XLneckDWw-yrqtR_EMreJtkno3MwIZSLHj-U6uZiHiy_k5cCpEA9hsacRGbZZtg0PAQWgDr&lptoken=165280b600bd904528bd&click_id=Zr0zCRz&var2=&var3=H63F5EF05E89EC&var4=&var5=633&var6=&var7=Sandberg&var8=Stian&var9=4797741243&var10=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Tue, 28 Mar 2023 12:40:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
incomebuzzer.com/favicon.ico
162.0.217.18404 Not Found 1.2 kB URL HTTP/2 incomebuzzer.com/favicon.ico
IP 162.0.217.18:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: incomebuzzer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://incomebuzzer.com/bkb/mnm206/swps/NO/1593/?dom=track.tranklatsall.com&m1=Stian&m2=Sandberg&m3=4797741243&m4=Oslo&m5=&vr=logo&cep=BfUqcQzjlSQIP_MkHM-jd7xj2wjBy3tr5Og0noxYasS6Hrfmq3y2pJex2G33l9EQOpJdjYk9rvNCPxp0hBaTwqIVlYYF8e7kmsbWxqQ_5iNUPOFSQXli1VOJSzRe5q5pnLQz8XNgNpQm_G6Qucbifwxw2LNll5Qk58UsZ4anIcC-NkXoTk6SZ8k9lYw2h_Arf5ekcttMxoAUcXjcd6xEVj2YNnkZ2QGV7vsG9d6RcK0vZBXOaVSGrDZoZcUVG78er-zu8y7Ahso-SYc4_VkoMdRfit_tickfanGW6vFl73biY2aOU22hUKY14pfJbwTJWXyr4gP-k6__fA8tdyJqL6n0GtV0anbLXQEni5xHsp-Gm6EhV0C8jLLKPahWuaaoRf9iLRp55bMEpeja4YdQhAD8sGKn8UC6erFcl6756h5L2o5DHPbi4gWDKzWiPybkSkmx7sNwJRJhwkaIN2fKASzQsTVIBnUhE0SQvCe5xrhjS2pGkgsIOuM11DWRRq2DlD4_uMlSYu0ixhilZ3FILQcqF7Xw16FY8FomVJ2F5GfSQMdZ6QQ_lFyA7XLneckDWw-yrqtR_EMreJtkno3MwIZSLHj-U6uZiHiy_k5cCpEA9hsacRGbZZtg0PAQWgDr&lptoken=165280b600bd904528bd&click_id=Zr0zCRz&var2=&var3=H63F5EF05E89EC&var4=&var5=633&var6=&var7=Sandberg&var8=Stian&var9=4797741243&var10=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Tue, 28 Mar 2023 12:40:29 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
pushserve.xyz/api/v1/visit
20.50.64.3200 OK 0 B URL HTTP/2 pushserve.xyz/api/v1/visit
IP 20.50.64.3:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /api/v1/visit HTTP/1.1
Host: pushserve.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://incomebuzzer.com/
Origin: https://incomebuzzer.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 28 Mar 2023 12:40:28 GMT
access-control-allow-headers: content-type
access-control-allow-origin: *
set-cookie: TiPMix=36.160209277086395; path=/; HttpOnly; Domain=pushserve.xyz; Max-Age=3600; Secure; SameSite=None
x-ms-routing-name=self; path=/; HttpOnly; Domain=pushserve.xyz; Max-Age=3600; Secure; SameSite=None
content-length: 0
X-Firefox-Spdy: h2
pushserve.xyz/api/v1/visit
20.50.64.3200 OK 2.2 kB URL HTTP/2 pushserve.xyz/api/v1/visit
IP 20.50.64.3:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with very long lines (2209), with no line terminators
Hash 620ad00eec671d534ff304c3907225e0
a56189f922b73dfe5415bab414fce09644316be5
9727d00a820e7fca3db9786742843dc87a1ee35dee8b7f1944cef74584d571ab
POST /api/v1/visit HTTP/1.1
Host: pushserve.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://incomebuzzer.com/
Content-type: application/json
Origin: https://incomebuzzer.com
Content-Length: 1220
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Tue, 28 Mar 2023 12:40:29 GMT
server: Kestrel
access-control-allow-origin: *
set-cookie: TiPMix=99.46405945622145; path=/; HttpOnly; Domain=pushserve.xyz; Max-Age=3600; Secure; SameSite=None
x-ms-routing-name=self; path=/; HttpOnly; Domain=pushserve.xyz; Max-Age=3600; Secure; SameSite=None
content-length: 2209
X-Firefox-Spdy: h2
incomebuzzer.com/md-service-worker.js
162.0.217.18200 OK 134 B URL HTTP/2 incomebuzzer.com/md-service-worker.js
IP 162.0.217.18:0
File type ASCII text, with CRLF line terminators
Hash c9cdbc37f1c0313ec4a850c3d6b8ee70
3648880c30013fe22b8e2a3eeb15d13e52345f53
04bfec3a2727f60258cdb52d59344c72ed4e0fe634aaff44532673b7ee7a0bf6
Analyzer Verdict Alert quad9 Sinkholed
GET /md-service-worker.js HTTP/1.1
Host: incomebuzzer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 04 Apr 2023 12:40:25 GMT
content-type: application/javascript
last-modified: Wed, 03 Nov 2021 10:51:00 GMT
accept-ranges: bytes
content-length: 134
date: Tue, 28 Mar 2023 12:40:25 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
104.18.10.207200 OK 7.0 kB URL HTTP/2 stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.18.10.207:0
File type ASCII text, with very long lines (30837)
Hash 7703aa0e0fbc590eb852d837a024d54b
df2ebf32216fa91d5055803b60e90618be9499e5
8af8bc3ecb14814ee0160adb3560780961fd0f9e41d0d65378eb50d24059d7df
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://incomebuzzer.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 28 Mar 2023 12:40:29 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 11/15/2021 21:49:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 2729ae8f2fc6c761bdc17d91cc795f58
cdn-cache: HIT
cf-cache-status: HIT
age: 25453983
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7aeff11f5d171bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6215
Expires: Tue, 28 Mar 2023 14:24:05 GMT
Date: Tue, 28 Mar 2023 12:40:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6215
Expires: Tue, 28 Mar 2023 14:24:05 GMT
Date: Tue, 28 Mar 2023 12:40:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6215
Expires: Tue, 28 Mar 2023 14:24:05 GMT
Date: Tue, 28 Mar 2023 12:40:30 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb739a909-c509-4c7a-b5a6-250435d88a54.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb739a909-c509-4c7a-b5a6-250435d88a54.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ada29e049501b12a35b0bcc5f68e3e57
5c1ba9bffbcc9007e7f119dbb3197db34a12f8da
b45583b5845129386a456e03fbdba25305c8d6d9fb5a8f01d783816ced080629
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb739a909-c509-4c7a-b5a6-250435d88a54.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10744
x-amzn-requestid: d693d820-7eed-47a3-9b0b-8f43c141bd3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CdbogF0poAMFTAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64220c9c-22ab350146e8a3a606f74c42;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 21:37:32 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: KAI78tfv0ATn1DQvBGyodBs9UWsIGdj1Fa50KowbUAO4ab2ceaYhMw==
via: 1.1 59456abf79b201034ab5c9cfef7355e2.cloudfront.net (CloudFront), 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 21:49:26 GMT
age: 53464
etag: "5c1ba9bffbcc9007e7f119dbb3197db34a12f8da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53327ce0-8541-4bc8-bd51-59cee099b396.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53327ce0-8541-4bc8-bd51-59cee099b396.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1da68df9d96e2758e37b9f15daab027b
5ff19ed6dc5752aa4b15fb88da972b736fd55783
ad924425946dbdf309c764e7097e676185516301feb7722b30d95ffd50b4353f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53327ce0-8541-4bc8-bd51-59cee099b396.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7426
x-amzn-requestid: 85a30298-4613-4a96-bdba-0899fe9f9475
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CdcsgGZsoAMFQkw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64220e4f-10db431e7632048d7b15e0ec;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 21:44:47 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: JDa9YUJ9xo5mo8tb7poZC8XJDp6USTidZjWEwTZCrioJxR7vur6uJw==
via: 1.1 f193acd25f2604e189bfbfaf539aaa06.cloudfront.net (CloudFront), 1.1 7514e5e25722778fd4b1744d4ecc67e0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 22:00:12 GMT
age: 52818
etag: "5ff19ed6dc5752aa4b15fb88da972b736fd55783"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd937575-8f71-4732-8bca-faaeed83b6a1.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd937575-8f71-4732-8bca-faaeed83b6a1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5fdd8a3f935830ca9e5ffdb5824acebc
39caaddec703fdad962d03fff8687bad2c1df4ad
6fe6301fb3610c3e8a9b62671579db53189bb62ead4cf5ab30a1f1e0b90b8ca2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd937575-8f71-4732-8bca-faaeed83b6a1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7537
x-amzn-requestid: 2fb06f69-4757-4ba5-9f20-6e829127b931
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CdbqWETgoAMFV5g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64220ca8-6421e38b3a0ac0590ffa8b52;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 21:37:44 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: JZfiBSqQdWXqpaxSlepC6hEJ888ja6o10GW0KziDifD8KdTmDTn0eQ==
via: 1.1 4e4278a2778e72cc34feef6db603088c.cloudfront.net (CloudFront), 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 22:05:18 GMT
age: 52512
etag: "39caaddec703fdad962d03fff8687bad2c1df4ad"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 85351059b67b0a42eda7e69a31b3b4b4
b798268806dc2f79f033e5872676019faf0e0cc1
86e163b7159b197d6358ab01333ac6da221de0ebe1c5da8d5cef2977d38625fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4000
x-amzn-requestid: 68dc01d7-3eed-48f6-8532-8efaa96cc1ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJpraEqyoAMFgNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a2315-3852cc8961365a560d1fa02f;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:17 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: I3GuoZ4ZxAtz0sKe3wrW67aitLlCAbaZkiPw23fl0F3FoumJDEnXiQ==
via: 1.1 288c777a01e22425da9494dad7a69734.cloudfront.net (CloudFront), 1.1 d90109c5a0c30f43223e0db85921c5c2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 10:12:21 GMT
age: 8889
etag: "b798268806dc2f79f033e5872676019faf0e0cc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pushnation.xyz/md-service-worker-content.js
104.21.36.142200 OK 10 kB URL HTTP/2 pushnation.xyz/md-service-worker-content.js
IP 104.21.36.142:0
File type ASCII text, with CRLF line terminators
Hash a1eb2ea2c80529a653128bceed0d0d46
c86b73fdb58413a7b0ccdf3c7946e7a51d64a230
b90e2a0bbbc30b3ec92a82e457329c0a94d379515531fca639f1b93200874a9c
GET /md-service-worker-content.js HTTP/1.1
Host: pushnation.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://incomebuzzer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 28 Mar 2023 12:40:30 GMT
content-type: application/javascript
etag: W/"1d94d186ef15004"
last-modified: Thu, 02 Mar 2023 15:05:32 GMT
cf-cache-status: BYPASS
set-cookie: TiPMix=12.598214036126354; path=/; HttpOnly; Domain=pushnation.xyz; Max-Age=3600; Secure; SameSite=None
x-ms-routing-name=self; path=/; HttpOnly; Domain=pushnation.xyz; Max-Age=3600; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nDHpnInb0WD34PE6LZGxI%2FNcWPB5htvQIbAHcafrI6rkVl49kQlvOnGVCDVxRtP11loEmS6WZKwf7hbLyG6%2Bf%2FH%2FEcnccVwDkYcIazZySk7PzoRkk27nYqNjtHZ2k%2FkA4g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7aeff122ee00b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F858e946a-2e67-4e7b-b78f-763226855b6d.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F858e946a-2e67-4e7b-b78f-763226855b6d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 789f11978a1149984408fbbb9a2b3f81
078bd523107096bab5e26d42b18e316c253f1ca7
7974980290443b64126f512686261150cd27331cb7b32a96d1167a97d046e8a3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F858e946a-2e67-4e7b-b78f-763226855b6d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8961
x-amzn-requestid: 9277e35d-8fe8-482e-b65c-b132dfcbd87e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CdbqBGl0IAMFy4w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64220ca6-7869936b33cbf3633c68e7ac;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 21:37:42 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: Xz5zjv-po5mgSFz_kkZZ5Hvw9SxY-3d-J2DpvFWxM-iI4jXTsUbiyg==
via: 1.1 e92cc925fc8895560cd0628c67f58828.cloudfront.net (CloudFront), 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 10:16:22 GMT
age: 8648
etag: "078bd523107096bab5e26d42b18e316c253f1ca7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
104.18.10.207200 OK 77 kB URL HTTP/2 stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 104.18.10.207:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://incomebuzzer.com
Connection: keep-alive
Referer: https://stackpath.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 28 Mar 2023 12:40:34 GMT
content-type: font/woff2
content-length: 77160
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "af7ae505a9eed503f8b8e6982036873e"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 08/17/2022 18:20:14
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: ee31b4638cf3004ea1f58b4f0805b779
cdn-cache: HIT
cf-cache-status: HIT
age: 63006
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7aeff13fbf970b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js
104.18.10.207200 OK 0 B URL HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js
IP 104.18.10.207:0
GET /bootstrap/4.3.1/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://incomebuzzer.com
Connection: keep-alive
Referer: https://incomebuzzer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 28 Mar 2023 12:40:29 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"e1d98d47689e00f8ecbc5d9f61bdb42e"
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
cdn-cachedat: 01/05/2023 11:06:25
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1079
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 82724651c28b69c40a316f27498ed9f9
cdn-cache: HIT
cf-cache-status: HIT
age: 63958
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7aeff11f59af0b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
md-apache.com/ace-push.js
188.114.97.1200 OK 0 B URL HTTP/2 md-apache.com/ace-push.js
IP 188.114.97.1:0
GET /ace-push.js HTTP/1.1
Host: md-apache.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://incomebuzzer.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 28 Mar 2023 12:40:29 GMT
content-type: application/javascript
etag: W/"1d93d4c6f6742a1"
last-modified: Fri, 10 Feb 2023 12:37:28 GMT
cf-cache-status: BYPASS
set-cookie: TiPMix=87.80376072474571; path=/; HttpOnly; Domain=md-apache.com; Max-Age=3600; Secure; SameSite=None
x-ms-routing-name=self; path=/; HttpOnly; Domain=md-apache.com; Max-Age=3600; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mNXoh7Z%2F7CQhEVzwySC5xWw11cza4vUKtr8t4vLjBVYauACQuVwyAAnx1XfWER6rkQ3hdPPvAUq3%2FNhs2uPxYkrzeJvFZJ9pvmbYyQz4ugwNAFRmnN8%2FMb5EIi%2Fn8UXn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7aeff11f5d37b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2