8.8.8.8:53

103.100.211.218:80

GET /sts/cimage.jpg HTTP/1.1
User-Agent: HTTPREAD
Host: bz.bbbeioaag.com
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 24 Apr 2023 11:09:40 GMT
Content-Type: image/jpeg
Content-Length: 1495756
Last-Modified: Sun, 23 Apr 2023 15:29:53 GMT
Connection: keep-alive
ETag: "64454ef1-16d2cc"
Accept-Ranges: bytes

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

157.240.196.17:443

GET /ads/manager/account_settings/account_billing/ HTTP/1.1
Connection: Keep-Alive
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Language: en,q=0.9;q=0.8,ja;q=0.7,af;q=0.6,am;q=0.5,sq;q=0.4,ar;q=0.3,an;q=0.2,hy;q=0.1,ast;q=0.1,az;q=0.1,bn;q=0.1,eu;q=0.1
Host: adsmanager.facebook.com
User-Agent: User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36 Edg/111.0.1661.62
sec-ch-ua: "Microsoft Edge";v="111", "Not(A:Brand";v="8", "Chromium";v="111"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
sec-ch-prefers-color-scheme: light
Upgrade-Insecure-Requests: 1
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document

HTTP/1.1 302 Found
Vary: Accept-Encoding
Set-Cookie: sb=fWNGZKAW0VefLy7y7lxJ9eNL; expires=Wed, 23-Apr-2025 11:09:49 GMT; Max-Age=63072000; path=/; domain=.facebook.com; secure; httponly; SameSite=None
Location: https://www.facebook.com/login.php?next=https%3A%2F%2Fadsmanager.facebook.com%2Fads%2Fmanager%2Faccount_settings%2Faccount_billing%2F
content-security-policy-report-only: default-src data: blob: 'self' *.fbcdn.net *.facebook.com;script-src blob: data: 'self' 'unsafe-inline' 'unsafe-eval' *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com;style-src data: blob: 'self' 'unsafe-inline' 'unsafe-eval' *.facebook.com *.fbcdn.net;connect-src adsmanager.facebook.com adsmanager-graph.facebook.com adsmanager.secure.facebook.com blob: 'self' *.fbcdn.net rupload.facebook.com wss://gateway.facebook.com wss://edge-chat.facebook.com wss://edge-chat-latest.facebook.com https://edge-chat.facebook.com/mqtt/pull https://edge-chat-latest.facebook.com/mqtt/pull *.facebook.com/rsrc.php/;font-src 'self' *.facebook.com *.fbcdn.net fonts.gstatic.com;img-src data: blob: 'self' *.facebook.com *.fbcdn.net *.fbsbx.com *.cdninstagram.com;media-src 'self' *.facebook.com *.fbcdn.net *.fbsbx.com *.cdninstagram.com;frame-src * ms-excel:;manifest-src data: blob: 'self';report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' *.fbcdn.net *.facebook.com;script-src blob: data: 'self' 'unsafe-inline' 'unsafe-eval' *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com;style-src data: blob: 'self' 'unsafe-inline' 'unsafe-eval' *.facebook.com *.fbcdn.net;connect-src adsmanager.facebook.com adsmanager-graph.facebook.com adsmanager.secure.facebook.com blob: 'self' 'unsafe-inline' 'unsafe-eval' *.fbcdn.net rupload.facebook.com wss://gateway.facebook.com wss://edge-chat.facebook.com wss://edge-chat-latest.facebook.com https://edge-chat.facebook.com/mqtt/pull https://edge-chat-latest.facebook.com/mqtt/pull *.facebook.com/rsrc.php/ *.facebook.com;font-src 'self' *.facebook.com *.fbcdn.net fonts.gstatic.com;img-src data: blob: 'self' *.facebook.com *.fbcdn.net *.fbsbx.com *.cdninstagram.com;media-src 'self' *.facebook.com *.fbcdn.net *.fbsbx.com *.cdninstagram.com;frame-src * ms-excel:;manifest-src data: blob: 'self';block-all-mixed-content;upgrade-insecure-requests;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
cross-origin-opener-policy: same-origin-allow-popups
Pragma: no-cache
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
X-Frame-Options: DENY
origin-agent-cluster: ?0
Strict-Transport-Security: max-age=15552000; preload
Content-Type: text/html; charset="utf-8"
X-FB-Debug: 8PvXxrhIRYmzg50u/V9c24ySGuIsKnEDE+yImaa4pc8TNncRHS19ck0snKFjI9w2rKy6EMrYjHgLvIq3P2rxEg==
Date: Mon, 24 Apr 2023 11:09:49 GMT
Connection: keep-alive
Content-Length: 0

157.240.196.17:443

GET /ads/manager/account_settings/account_billing/ HTTP/1.1
Connection: Keep-Alive
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Language: en,q=0.9;q=0.8,ja;q=0.7,af;q=0.6,am;q=0.5,sq;q=0.4,ar;q=0.3,an;q=0.2,hy;q=0.1,ast;q=0.1,az;q=0.1,bn;q=0.1,eu;q=0.1
Host: adsmanager.facebook.com
User-Agent: User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36 Edg/111.0.1661.62
sec-ch-ua: "Microsoft Edge";v="111", "Not(A:Brand";v="8", "Chromium";v="111"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
sec-ch-prefers-color-scheme: light
Upgrade-Insecure-Requests: 1
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document

HTTP/1.1 302 Found
Vary: Accept-Encoding
Set-Cookie: sb=hWNGZLO92bmH1bdvFJ8XUXUx; expires=Wed, 23-Apr-2025 11:09:57 GMT; Max-Age=63072000; path=/; domain=.facebook.com; secure; httponly; SameSite=None
Location: https://www.facebook.com/login.php?next=https%3A%2F%2Fadsmanager.facebook.com%2Fads%2Fmanager%2Faccount_settings%2Faccount_billing%2F
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
cross-origin-opener-policy: same-origin-allow-popups
Pragma: no-cache
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
X-Frame-Options: DENY
origin-agent-cluster: ?0
Strict-Transport-Security: max-age=15552000; preload
Content-Type: text/html; charset="utf-8"
X-FB-Debug: uL/QoW0Ii8Mmy9FSrpUZxgOH6XfcVxQUxkfiK1j6fpD1yQWnKcA0Z80ryhC6ccIlvpvUb6mVLrqSFM/uFvBqgA==
Date: Mon, 24 Apr 2023 11:09:57 GMT
Connection: keep-alive
Content-Length: 0

8.8.8.8:53

157.240.201.35:443

GET /login.php?next=https%3A%2F%2Fadsmanager.facebook.com%2Fads%2Fmanager%2Faccount_settings%2Faccount_billing%2F HTTP/1.1
Connection: Keep-Alive
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Language: en,q=0.9;q=0.8,ja;q=0.7,af;q=0.6,am;q=0.5,sq;q=0.4,ar;q=0.3,an;q=0.2,hy;q=0.1,ast;q=0.1,az;q=0.1,bn;q=0.1,eu;q=0.1
User-Agent: User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36 Edg/111.0.1661.62
sec-ch-ua: "Microsoft Edge";v="111", "Not(A:Brand";v="8", "Chromium";v="111"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
sec-ch-prefers-color-scheme: light
Upgrade-Insecure-Requests: 1
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Host: www.facebook.com
Cookie: sb=fWNGZKAW0VefLy7y7lxJ9eNL

HTTP/1.1 200 OK
Vary: Accept-Encoding
Set-Cookie: fr=0SGeDYaZXgKlAVxgG..BkRmN9.1i.AAA.0.0.BkRmN9.AWVyTnLdg6M; expires=Sun, 23-Jul-2023 11:09:48 GMT; Max-Age=7775999; path=/; domain=.facebook.com; secure; httponly; SameSite=None
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
Pragma: no-cache
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
X-Frame-Options: DENY
origin-agent-cluster: ?0
Strict-Transport-Security: max-age=15552000; preload
Content-Type: text/html; charset="utf-8"
X-FB-Debug: sDKjauN+n9c5LEw7nG/piR0C/oTz7GYYFXpAT40Ns6UWyvfpbu1vRWGKWg0etnMfQXG/BsyVKtVZPlvBsGmPdw==
Date: Mon, 24 Apr 2023 11:09:49 GMT
Transfer-Encoding: chunked
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive

157.240.201.35:443

GET /login.php?next=https%3A%2F%2Fadsmanager.facebook.com%2Fads%2Fmanager%2Faccount_settings%2Faccount_billing%2F HTTP/1.1
Connection: Keep-Alive
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Language: en,q=0.9;q=0.8,ja;q=0.7,af;q=0.6,am;q=0.5,sq;q=0.4,ar;q=0.3,an;q=0.2,hy;q=0.1,ast;q=0.1,az;q=0.1,bn;q=0.1,eu;q=0.1
User-Agent: User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36 Edg/111.0.1661.62
sec-ch-ua: "Microsoft Edge";v="111", "Not(A:Brand";v="8", "Chromium";v="111"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
sec-ch-prefers-color-scheme: light
Upgrade-Insecure-Requests: 1
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Host: www.facebook.com
Cookie: sb=hWNGZLO92bmH1bdvFJ8XUXUx

HTTP/1.1 200 OK
Vary: Accept-Encoding
Set-Cookie: fr=0FdX7cIsr0uIKsEU9..BkRmOF.Xf.AAA.0.0.BkRmOF.AWWILtHt6ds; expires=Sun, 23-Jul-2023 11:09:56 GMT; Max-Age=7775999; path=/; domain=.facebook.com; secure; httponly; SameSite=None
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}],"group":"network-errors"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
nel: {"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
Pragma: no-cache
Cache-Control: private, no-cache, no-store, must-revalidate
Expires: Sat, 01 Jan 2000 00:00:00 GMT
X-Content-Type-Options: nosniff
X-XSS-Protection: 0
X-Frame-Options: DENY
origin-agent-cluster: ?0
Strict-Transport-Security: max-age=15552000; preload
Content-Type: text/html; charset="utf-8"
X-FB-Debug: oBpXrtw/0mx261t2l7vm3FogUqlEnzO6nJHh9XyvlplkhrKyGewye4dRIq711hTXPGOHugQHTL1XdDw3D9EcQA==
Date: Mon, 24 Apr 2023 11:09:57 GMT
Transfer-Encoding: chunked
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive

8.8.8.8:53

154.221.31.191:80

GET /check/safe HTTP/1.1
Connection: Keep-Alive
User-Agent: User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36 Edg/111.0.1661.62
Host: count.iiagjaggg.com

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 24 Apr 2023 11:09:50 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.30

154.221.31.191:80

POST /check/?sid=493828&key=daf4169ca1ee6cfb8ccc96b357d1c9cd HTTP/1.1
Connection: Keep-Alive
Content-Type: application/x-www-form-urlencoded
User-Agent: User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36 Edg/111.0.1661.62
Content-Length: 256
Host: count.iiagjaggg.com

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 24 Apr 2023 11:09:50 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.30

154.221.31.191:80

GET /check/safe HTTP/1.1
Connection: Keep-Alive
User-Agent: User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36 Edg/111.0.1661.62
Host: count.iiagjaggg.com

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 24 Apr 2023 11:09:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.30

154.221.31.191:80

POST /check/?sid=493904&key=c79ee38727ef35ebfe61b3fee5e52b68 HTTP/1.1
Connection: Keep-Alive
Content-Type: application/x-www-form-urlencoded
User-Agent: User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36 Edg/111.0.1661.62
Content-Length: 256
Host: count.iiagjaggg.com

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 24 Apr 2023 11:09:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.30

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53

8.8.8.8:53