www.dzgurus.com/2022/11/gta-san-andreas-apkobb-for-all-versions.html
142.250.74.179301 Moved Permanently 213 B URL HTTP/1.1 www.dzgurus.com/2022/11/gta-san-andreas-apkobb-for-all-versions.html
IP 142.250.74.179:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 0923e385af74bf89e7e7f54ac62815af
0b074b7f8b1c3a7bf4e19c028347265d4f1fe2a6
6a1da51db767561905ad92576af18a5ee3a149afc259e553a52d9e22f31f592b
GET /2022/11/gta-san-andreas-apkobb-for-all-versions.html HTTP/1.1
Host: www.dzgurus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://www.dzgurus.com/2022/11/gta-san-andreas-apkobb-for-all-versions.html
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Sun, 22 Jan 2023 22:44:10 GMT
Expires: Sun, 22 Jan 2023 22:44:10 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 213
Server: GSE
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 8997fa58a7262e8fd559d64b40511a1b
0aa1c4365c28f45e4d7a8a234fbcf51cd009e083
1580d1145f125c765e40e5983cb4bb4e2424010d2920a25ea7da992485da0dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1580D1145F125C765E40E5983CB4BB4E2424010D2920A25EA7DA992485DA0DEA"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14790
Expires: Mon, 23 Jan 2023 02:50:40 GMT
Date: Sun, 22 Jan 2023 22:44:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 4714c95a0c854e38f9be444f9343bf14
07ce5eb635448f2b3bafbe51e4dfeef47cdf4f7b
4d47e08c9afb704096e93a51f6e95c0dc7c7bc31e67ded39998ff37ed56e0965
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D47E08C9AFB704096E93A51F6E95C0DC7C7BC31E67DED39998FF37ED56E0965"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13708
Expires: Mon, 23 Jan 2023 02:32:38 GMT
Date: Sun, 22 Jan 2023 22:44:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 17094b856fde02b2c8c2d3845ad325cf
26dc3f2ebf81faf5ab96eb75ffcbead6085528b8
6547376c41dcaa352cc4e747291916902bcddc0032b750bd84c5e3b2fe6f7d16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6547376C41DCAA352CC4E747291916902BCDDC0032B750BD84C5E3B2FE6F7D16"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7646
Expires: Mon, 23 Jan 2023 00:51:36 GMT
Date: Sun, 22 Jan 2023 22:44:10 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 22 Jan 2023 22:34:53 GMT
content-type: application/json
age: 557
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: PZmgOzh34VFeJ2fSLPmkAJJOfhviI9YCF6csjViV1GMdCx9mJe8FIXGxYuVbp1a7omehA6f4b40=
x-amz-request-id: JSDJXDKV0J5MS6MC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 22 Jan 2023 21:47:27 GMT
age: 3403
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 22:44:10 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/Iwa-0MGng7Y
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/Iwa-0MGng7Y
IP 142.250.74.3:0
Hash 45a5897a8c53e955a364d9cef841fda5
4dd019c69043f0db4de32cc8ac7ae8483b539aa2
e66eacbded63d03bcd19199cd04de40d06878541bf0e1fc86e8f0962a8aa04af
POST /s/gts1d4/Iwa-0MGng7Y HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:44:10 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 22 Jan 2023 22:17:30 GMT
age: 1601
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
www.dzgurus.com/2022/11/gta-san-andreas-apkobb-for-all-versions.html
142.250.74.179404 Not Found 41 kB URL HTTP/2 www.dzgurus.com/2022/11/gta-san-andreas-apkobb-for-all-versions.html
IP 142.250.74.179:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1352)
Hash 75b4eb1d80af6ef626b6e95bd2bab6cd
8d73772a83d16b28a40475061528d39ec764e77e
a5b215390656a84afd54645a66856d2429906275a819e9ea29a4c47e8b479274
GET /2022/11/gta-san-andreas-apkobb-for-all-versions.html HTTP/1.1
Host: www.dzgurus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 22 Jan 2023 22:44:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 40630
server: GSE
X-Firefox-Spdy: h2
www.dzgurus.com/js/cookienotice.js
142.250.74.179200 OK 2.0 kB URL HTTP/2 www.dzgurus.com/js/cookienotice.js
IP 142.250.74.179:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
GET /js/cookienotice.js HTTP/1.1
Host: www.dzgurus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dzgurus.com/2022/11/gta-san-andreas-apkobb-for-all-versions.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2026
date: Sun, 22 Jan 2023 22:44:11 GMT
expires: Sun, 29 Jan 2023 22:44:11 GMT
cache-control: public, max-age=604800
last-modified: Sun, 22 Jan 2023 20:49:36 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css
104.17.24.14200 OK 10 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (56656)
Hash 5c32368e2726220885c82f35b6fb4e78
bb3909d2aaca84d895296187aeaea024c76f46ec
53ceda316a9da4b956909214bb1bdaf76d2b2e3d2037614a13b6749e1e5c9e17
GET /ajax/libs/font-awesome/5.11.2/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dzgurus.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 22:44:11 GMT
content-type: text/css; charset=utf-8
content-length: 10022
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e60-de0a"
last-modified: Mon, 04 May 2020 16:10:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 322051
expires: Fri, 12 Jan 2024 22:44:11 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=65drhDNmrALVOXKsg8VeG7xjLhnCGmY%2BuqwHPwA%2FAsf183ReblkG8nmF3kOceIbu2OfSWL3Esd1nWHeeI9nzjbytx%2FoK%2FIAg2VSgFn9VmEoQgRolAJ1h3iLxNvQKxE%2Fd5SJeHLxI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78dbd01228b2b521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
104.17.24.14200 OK 27 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (32065)
Hash 63827323c175768ccb0e8ed54589a3e5
9760e238d6ecced66396798559f70593793d801e
196f9479a27db836a2a7454e222f0cb52d4eeb162e0a50e69401ba1a8d81b564
GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dzgurus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 22:44:11 GMT
content-type: application/javascript; charset=utf-8
content-length: 26909
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-14e4a"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 152897
expires: Fri, 12 Jan 2024 22:44:11 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d1a%2F04lnL9kYknRt5Axgftvgbd2hQj5TI6pBaVr4SuPApwnWSWhJzOB%2F9AyRgpEQXiiriuGEVYVUIzsLooVa4Grc7R50E%2BDjzHoEqJbM8Ll3GcmXweERzzeWN%2BS8MlUOsuMddrXN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78dbd01238bfb521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 78340979b1b3f5dbe63bfc88075b94e3
ffbe099dbcb99393a304805a3a80bedf3728d1e8
3b6e3c30064cd15c9abacd73b373f165702545351a93f1707f70e732904ad39a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:44:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c74880fa99032b5c3831c179d702419
0020b368309735c94d8053d3781a7efb7283cfc5
437e2d4e2bbfb33b0ff696172378ce55a0a5ed005a1b8c4005eab4a6995a3042
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5363
Cache-Control: max-age=129119
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:44:11 GMT
Etag: "63ccfca7-1d7"
Expires: Tue, 24 Jan 2023 10:36:10 GMT
Last-Modified: Sun, 22 Jan 2023 09:06:47 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
www.blogger.com/static/v1/widgets/4196832948-widgets.js
216.58.207.233200 OK 56 kB URL HTTP/2 www.blogger.com/static/v1/widgets/4196832948-widgets.js
IP 216.58.207.233:0
File type ASCII text, with very long lines (2221)
Hash 24f533b2cc89b4264c224d433a37718a
fc4848c3b411e8fdc97831e20c7ebcbf735e636a
aa805bed551a6ac1fa4886b1ee634633bdec1de952fbf94cd81a805ef702a395
GET /static/v1/widgets/4196832948-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dzgurus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56454
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 18 Jan 2023 02:15:20 GMT
expires: Thu, 18 Jan 2024 02:15:20 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 17 Jan 2023 17:54:44 GMT
content-type: text/javascript
age: 419331
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2182bcd522c31d3b880961c8c82e5789
e5caa39d2aa22d6d5f9f4cecc26ec61d244a4be9
25d37caaa7bb1a0e464d7bbf1495839e70f06c1cb4ad0ad5abe42e8ab0e1676e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:44:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 78340979b1b3f5dbe63bfc88075b94e3
ffbe099dbcb99393a304805a3a80bedf3728d1e8
3b6e3c30064cd15c9abacd73b373f165702545351a93f1707f70e732904ad39a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:44:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/js/platform.js
172.217.21.174200 OK 21 kB URL HTTP/2 apis.google.com/js/platform.js
IP 172.217.21.174:0
File type ASCII text, with very long lines (1429)
Hash 1cc36f699291ba29dab9ec0f885b281b
d536f8bda7d333c21eae8e3d816d690402adb90c
6b20ce0ec6b6c57b33e8118f8d5d3c501ede61b8589ebab71d411b81d0fae994
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dzgurus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20933
date: Sun, 22 Jan 2023 22:44:11 GMT
expires: Sun, 22 Jan 2023 22:44:11 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "4fcbc207c89b8c6c"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bb5fac1f289cb91381d3d1a07094b179
df6f8fe7a21efb35290d24f2b8b0fe809cae8d33
34472778a647b2db33e669d8582b510d94d9e0d355d77c73d643b7495b0f6997
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:44:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
52.35.92.170101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.35.92.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: wk/hMcnsCOIaqBBe1d2HCg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: dPqA/wSF49aWhZMUvMYVA6TPTnk=
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 698b6ba9ccaa05fe77921f60c658d465
4bf1c2824672d0545f2538e41d5d046028ba74c9
24c1e9f42f1c5d74cd0407d7706c865d2d2b01b01f62f3072a050602c15ce2a6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "24C1E9F42F1C5D74CD0407D7706C865D2D2B01B01F62F3072A050602C15CE2A6"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10824
Expires: Mon, 23 Jan 2023 01:44:35 GMT
Date: Sun, 22 Jan 2023 22:44:11 GMT
Connection: keep-alive
pl15872466.highcpmrevenuenetwork.com/f7/c2/f2/f7c2f218a71324f49eac3f7733565c8b.js
173.233.137.44200 OK 13 kB URL HTTP/1.1 pl15872466.highcpmrevenuenetwork.com/f7/c2/f2/f7c2f218a71324f49eac3f7733565c8b.js
IP 173.233.137.44:0
File type ASCII text, with very long lines (37122), with no line terminators
Hash a403bb0e2db159ee2f4ef76eabfec249
81db3fce772037cc99997c64732f10408558093f
4554ef1e20771ea040ab70d781c60fb326ee17e5c9ad5e7f1a6d0ff7578f2e39
Analyzer Verdict Alert quad9 Sinkholed
GET /f7/c2/f2/f7c2f218a71324f49eac3f7733565c8b.js HTTP/1.1
Host: pl15872466.highcpmrevenuenetwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dzgurus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 22 Jan 2023 22:44:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b1bf8fee2f28795a22ebd58e6e1903ba
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
pl15872141.highcpmrevenuenetwork.com/07/0f/10/070f1088c9802792a1aea00839b47afe.js
192.243.59.13200 OK 21 kB URL HTTP/1.1 pl15872141.highcpmrevenuenetwork.com/07/0f/10/070f1088c9802792a1aea00839b47afe.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (60146), with no line terminators
Hash 8629459e6e2fdb6c4662c9e4a82317b5
d8bc9d00679bf550fe513c8e191ee72d7f3720b2
d281a9909d1f59872c1b574c5cde7069017da4a5dc9873e41b03b03376a4c4ad
Analyzer Verdict Alert quad9 Sinkholed
GET /07/0f/10/070f1088c9802792a1aea00839b47afe.js HTTP/1.1
Host: pl15872141.highcpmrevenuenetwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dzgurus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 22 Jan 2023 22:44:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cc2842737e2c7201fcf12206401ba706
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.dzgurus.com/feeds/posts/default?orderby=published&alt=json-in-script&callback=showrecentpostswiththumbs
142.250.74.179200 OK 43 kB URL HTTP/2 www.dzgurus.com/feeds/posts/default?orderby=published&alt=json-in-script&callback=showrecentpostswiththumbs
IP 142.250.74.179:0
File type Unicode text, UTF-8 text, with very long lines (65514)
Hash 8b136b9dcf7f2f20038c38094f12ef23
e75b32bee83c63c62192963080a1cb9508b347d3
a982f21b51ce9632f4acd3fb4ee40362593488d4b32e18b3f061d8de77831470
GET /feeds/posts/default?orderby=published&alt=json-in-script&callback=showrecentpostswiththumbs HTTP/1.1
Host: www.dzgurus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dzgurus.com/2022/11/gta-san-andreas-apkobb-for-all-versions.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
etag: W/"db0b902955b1cba3724cc235997eaae3f1bfd7366d963444ac74eef20c2ac43f"
date: Sun, 22 Jan 2023 22:44:11 GMT
content-type: text/javascript; charset=UTF-8
server: blogger-renderd
expires: Sun, 22 Jan 2023 22:44:12 GMT
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Sun, 22 Jan 2023 21:51:16 GMT
content-encoding: gzip
content-length: 43046
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 346 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 23f4b01a430ac3cd131f4b0afadbc101
f523c41c49e2fa293046770278341bf9e85b02b3
d89e48ee244a88b167102bbd865e00b0407715100cb9f8b94595270869abd926
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "D89E48EE244A88B167102BBD865E00B0407715100CB9F8B94595270869ABD926"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7482
Expires: Mon, 23 Jan 2023 00:48:54 GMT
Date: Sun, 22 Jan 2023 22:44:12 GMT
Connection: keep-alive
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/fa-solid-900.woff2
104.17.24.14200 OK 471 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/fa-solid-900.woff2
IP 104.17.24.14:0
Hash dec1960c15b7b32835eece7cb397c51f
ddaf303a58c2f336530c55a9ca29d5731e5f7da6
f2d6ba10803cb182fe6bac4e417ce57f3d712c836ed1d8950829bd29cbb35f48
GET /ajax/libs/font-awesome/5.11.2/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.dzgurus.com
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 22:44:12 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 75728
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03e60-127d0"
last-modified: Mon, 04 May 2020 16:10:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 228902
expires: Fri, 12 Jan 2024 22:44:12 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Yg8ifbp%2BeqGqlnidXjZza%2BMEpq0nfi8d5oYCCKFD%2BBnvnu5nOqERJMxOdAEfHOaLsnsE8Avk4ujrIuX1nO8wpaUCsbSpVZeqti%2BHMAy7RGYkqyFtpOVf%2FGuBzKm2qZdRFaITRrd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78dbd0183eaa1c0a-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v19/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v19/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15816, version 1.0\012- data
Hash 2735a3a69b509faf3577afd25bdf552e
8621aff863b67040010ccc183da5b9079ce6fd1d
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
GET /s/roboto/v19/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.dzgurus.com
Connection: keep-alive
Referer: https://www.dzgurus.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 16 Jan 2023 16:07:50 GMT
expires: Tue, 16 Jan 2024 16:07:50 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 25 Mar 2019 20:13:46 GMT
content-type: font/woff2
age: 542182
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash dec1960c15b7b32835eece7cb397c51f
ddaf303a58c2f336530c55a9ca29d5731e5f7da6
f2d6ba10803cb182fe6bac4e417ce57f3d712c836ed1d8950829bd29cbb35f48
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:44:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash dec1960c15b7b32835eece7cb397c51f
ddaf303a58c2f336530c55a9ca29d5731e5f7da6
f2d6ba10803cb182fe6bac4e417ce57f3d712c836ed1d8950829bd29cbb35f48
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:44:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v19/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v19/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15872, version 1.0\012- data
Hash 020c97dc8e0463259c2f9df929bb0c69
8f956a31154047d1b6527b63db2ecf0f3a463f24
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
GET /s/roboto/v19/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.dzgurus.com
Connection: keep-alive
Referer: https://www.dzgurus.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 21 Jan 2023 13:51:43 GMT
expires: Sun, 21 Jan 2024 13:51:43 GMT
cache-control: public, max-age=31536000
age: 118349
last-modified: Mon, 25 Mar 2019 20:14:12 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v19/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v19/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15736, version 1.0\012- data
Hash 479970ffb74f2117317f9d24d9e317fe
81c796737cbe44d4a719777f0aff14b73a3efb1e
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
GET /s/roboto/v19/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.dzgurus.com
Connection: keep-alive
Referer: https://www.dzgurus.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15736
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 17 Jan 2023 13:09:12 GMT
expires: Wed, 17 Jan 2024 13:09:12 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 25 Mar 2019 20:12:01 GMT
content-type: font/woff2
age: 466500
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 4dab8a11f6f832896613d012233bf6ba
05fb1e721b40793fc921c840b2b89d732868184a
04948e2b6ac1e964c58eb5cdee1bbb5adc6d5a80edb63bf96e62426d19c2f5ab
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 22 Jan 2023 22:44:12 GMT
Last-Modified: Sun, 22 Jan 2023 22:02:44 GMT
Server: ECS (nyb/1D32)
X-Cache: Miss from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: dwPxTNvlvBH3RSUxOmQUPadJYDRiQjlSJ8J6qFGSCDrB0w9h-UG_0w==
Age: 2488
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash dec1960c15b7b32835eece7cb397c51f
ddaf303a58c2f336530c55a9ca29d5731e5f7da6
f2d6ba10803cb182fe6bac4e417ce57f3d712c836ed1d8950829bd29cbb35f48
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:44:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 4dab8a11f6f832896613d012233bf6ba
05fb1e721b40793fc921c840b2b89d732868184a
04948e2b6ac1e964c58eb5cdee1bbb5adc6d5a80edb63bf96e62426d19c2f5ab
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=142049
Date: Sun, 22 Jan 2023 22:44:12 GMT
Etag: "63cd3a95-1d7"
Expires: Tue, 24 Jan 2023 14:11:41 GMT
Last-Modified: Sun, 22 Jan 2023 13:31:01 GMT
Server: ECS (bsa/EB14)
X-Cache: Miss from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: z8RKgME267S1P0xGAmr7LgNHZszk8MHXIiZdKAQPhM4lC1RsTW08Pw==
Age: 2440
simplewebanalysis.com/stats
52.57.42.193200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.57.42.193:0
File type ASCII text, with no line terminators
Hash e8f8ae3b0aee491049b90f7227887c51
b06eb503e5a6aa7fdfb1fb41da18600c32219b41
c24d2e334ee67e5d4a12557fcbc4d0fa8d805b521caa9c8742b20a34782ab02b
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dzgurus.com
Connection: keep-alive
Referer: https://www.dzgurus.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 22:44:12 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.dzgurus.com
access-control-allow-credentials: true
set-cookie: uid_id2=b5c62d2e-13ad-416b-9180-d37e5f211d3c:3:1; expires=Wed, 19 Jan 2033 22:44:12 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
52.57.42.193200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.57.42.193:0
File type ASCII text, with no line terminators
Hash f117facdff022f89a28b5cc0e980f097
b2272aa13cc3ea388e557187c0cfa6586082b6e8
d1a44d1a57b34eee2e730fbf7888f72726f71736010c8776db86f70338936d32
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dzgurus.com
Connection: keep-alive
Referer: https://www.dzgurus.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 22:44:12 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.dzgurus.com
access-control-allow-credentials: true
set-cookie: uid_id2=5c36f402-f682-4429-b43e-371a153d037d:1:1; expires=Wed, 19 Jan 2033 22:44:12 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d243b3fc0cecc95a397dce1a53ea771f
524b6a1584b6c22d28545ab16937f3658842eede
1c018a8aca6ba174dad6ee11261b2520756f782d6b70a01f18533059ae5c852c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1C018A8ACA6BA174DAD6EE11261B2520756F782D6B70A01F18533059AE5C852C"
Last-Modified: Fri, 20 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16301
Expires: Mon, 23 Jan 2023 03:15:53 GMT
Date: Sun, 22 Jan 2023 22:44:12 GMT
Connection: keep-alive
www.dzgurus.com/feeds/comments/summary?alt=json&max-results=3
142.250.74.179200 OK 1.7 kB URL HTTP/2 www.dzgurus.com/feeds/comments/summary?alt=json&max-results=3
IP 142.250.74.179:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (6908), with no line terminators
Hash e9dd7659e93e336391b1b906b6d9d313
f0c52004bc757c3a34a952d6e900512618c19614
b8ce88a2aea1c95046f22f240988bcf3ce36189f2be14cd44ec75cc74f6fb4a1
GET /feeds/comments/summary?alt=json&max-results=3 HTTP/1.1
Host: www.dzgurus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.dzgurus.com/2022/11/gta-san-andreas-apkobb-for-all-versions.html
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
etag: W/"f992b400b1f02bad78597071e91966c6769f692caf720b6b00151d87d85f2419"
date: Sun, 22 Jan 2023 22:44:12 GMT
content-type: application/json; charset=UTF-8
server: blogger-renderd
expires: Sun, 22 Jan 2023 22:44:13 GMT
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Sun, 22 Jan 2023 00:45:31 GMT
content-encoding: gzip
content-length: 1705
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3942f67e2cc00fdf75e15cbc0f7d95ba
73b1e73fa54fd6fec8a2391729a624704ae8107f
fdb6616cb8ada5de76b30070a5f5fb4a919f9115e0a3cf61f08f924b16fe28f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:44:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3942f67e2cc00fdf75e15cbc0f7d95ba
73b1e73fa54fd6fec8a2391729a624704ae8107f
fdb6616cb8ada5de76b30070a5f5fb4a919f9115e0a3cf61f08f924b16fe28f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:44:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
4.bp.blogspot.com/-oSjP8F09qxo/Wy1J9dp7b0I/AAAAAAAACF0/ggcRfLCFQ9s2SSaeL9BFSE2wyTYzQaTyQCK4BGAYYCw/w55-h55-p-k-no-nu/avatar.jpg
142.250.74.129200 OK 827 B URL HTTP/2 4.bp.blogspot.com/-oSjP8F09qxo/Wy1J9dp7b0I/AAAAAAAACF0/ggcRfLCFQ9s2SSaeL9BFSE2wyTYzQaTyQCK4BGAYYCw/w55-h55-p-k-no-nu/avatar.jpg
IP 142.250.74.129:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 55x55, components 3\012- data
Hash e85ac00251b0f7e4e750994d464aac81
99bf0f8bc26b8efa65e3fc5710a394780db93e01
7ba674ebde38263038219d541a9a468891f0843b3f310a72a551ccb081baeb66
GET /-oSjP8F09qxo/Wy1J9dp7b0I/AAAAAAAACF0/ggcRfLCFQ9s2SSaeL9BFSE2wyTYzQaTyQCK4BGAYYCw/w55-h55-p-k-no-nu/avatar.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dzgurus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="avatar.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 827
x-xss-protection: 0
date: Sun, 22 Jan 2023 20:10:18 GMT
expires: Sat, 21 Jan 2023 18:39:03 GMT
cache-control: public, max-age=86400, no-transform
age: 9234
etag: "v85e"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dimreproofjumped.com/pixel/purst?dl=0&th=0&sc=0&rs=1831&rd=1831&fd=988&bv=22.10.v.9&tmpl=70
192.243.59.12200 OK 0 B URL HTTP/1.1 dimreproofjumped.com/pixel/purst?dl=0&th=0&sc=0&rs=1831&rd=1831&fd=988&bv=22.10.v.9&tmpl=70
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=1831&rd=1831&fd=988&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: dimreproofjumped.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dzgurus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 22 Jan 2023 22:44:12 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
1.bp.blogspot.com/-CrjtGnDuFiw/X_1wb5F-wWI/AAAAAAAAEFY/KRc8av3rXBQqi-EWFB5rheRXp7Aou3IyQCK4BGAYYCw/w55-h55-p-k-no-nu/1589441609407.png
142.250.74.129200 OK 5.0 kB URL HTTP/2 1.bp.blogspot.com/-CrjtGnDuFiw/X_1wb5F-wWI/AAAAAAAAEFY/KRc8av3rXBQqi-EWFB5rheRXp7Aou3IyQCK4BGAYYCw/w55-h55-p-k-no-nu/1589441609407.png
IP 142.250.74.129:0
File type PNG image data, 55 x 55, 8-bit/color RGBA, non-interlaced\012- data
Hash 85f74022a433dc921106dbed2c74c071
535be52b0c257a5182180cd3a3a89bdf7eb9e5c4
1516bf9099bdc3e814f14e74d006c50837c3815a22d561daefde2229febe226f
GET /-CrjtGnDuFiw/X_1wb5F-wWI/AAAAAAAAEFY/KRc8av3rXBQqi-EWFB5rheRXp7Aou3IyQCK4BGAYYCw/w55-h55-p-k-no-nu/1589441609407.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dzgurus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="1589441609407.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4987
x-xss-protection: 0
date: Sun, 22 Jan 2023 22:44:12 GMT
expires: Mon, 16 Jan 2023 19:15:30 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1057"
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3942f67e2cc00fdf75e15cbc0f7d95ba
73b1e73fa54fd6fec8a2391729a624704ae8107f
fdb6616cb8ada5de76b30070a5f5fb4a919f9115e0a3cf61f08f924b16fe28f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:44:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 524483aca3bdccdb0a691acea80347d9
a838a2c998ee7a2de770b911dc2dc2ea5e555bf4
b9f9d83abe27fb858cded7027e3f2e997d1c9de05fd587985c674cb67bb7b2fe
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B9F9D83ABE27FB858CDED7027E3F2E997D1C9DE05FD587985C674CB67BB7B2FE"
Last-Modified: Sun, 22 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2468
Expires: Sun, 22 Jan 2023 23:25:20 GMT
Date: Sun, 22 Jan 2023 22:44:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d5528af26e629a9bfbf0c421146b921f
1e4f99245d551384bedfe9b59b5f9905127d87bf
989830d93a90c30051b948a26ce403fb4370587ed3407d8d77ad0ad9cc28eb7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "989830D93A90C30051B948A26CE403FB4370587ED3407D8D77AD0AD9CC28EB7A"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16909
Expires: Mon, 23 Jan 2023 03:26:01 GMT
Date: Sun, 22 Jan 2023 22:44:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d5528af26e629a9bfbf0c421146b921f
1e4f99245d551384bedfe9b59b5f9905127d87bf
989830d93a90c30051b948a26ce403fb4370587ed3407d8d77ad0ad9cc28eb7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "989830D93A90C30051B948A26CE403FB4370587ED3407D8D77AD0AD9CC28EB7A"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16909
Expires: Mon, 23 Jan 2023 03:26:01 GMT
Date: Sun, 22 Jan 2023 22:44:12 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F776639f2-eb42-4725-b2a7-00e94fc28d19.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F776639f2-eb42-4725-b2a7-00e94fc28d19.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b3bb461e2e4e28de0ad024cd421d4b1a
9c67f7af385f0999feb27ab02bb96fb86f74d93d
f430b4b3d325f51ce516a4ab3abae723daffe011f1b1246146a75aedd58c70a7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F776639f2-eb42-4725-b2a7-00e94fc28d19.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8440
x-amzn-requestid: e39ab13e-8072-4c5b-8c3c-5cf627252fdb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fKezKFq-IAMFkdw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cdab47-3cdf64b20b43bdd705acb62f;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 21:31:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: EmlBzMrxN8Ah3VQJ05pUy7_4PoX8gIkhxyvHPdmMb8jTEsydjgN_lw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 21:47:46 GMT
etag: "9c67f7af385f0999feb27ab02bb96fb86f74d93d"
content-type: image/jpeg
age: 3386
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fe4b994-3774-4962-a9e1-b5806a10d003.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fe4b994-3774-4962-a9e1-b5806a10d003.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 95b95060778eca8d5323002d4afe406f
d91109d98c607bd3a0eb56784ed91fbcfc89bd5f
d549664c9a2abc859b3fe4f0144b18095d8c4b63552385224ff9d77f8b57b297
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fe4b994-3774-4962-a9e1-b5806a10d003.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12886
x-amzn-requestid: 60d7f7b0-742a-4485-9db9-8457791b59e2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: exbSWEAfoAMFVow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c3a5a8-528cc2b371f663ce2e11b779;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 07:05:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fgRIVO_dWCOoXcMQf4n2c9FUDKj7V5cYeBWr_GwNaQp5MHOGus_7KA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 05:28:10 GMT
age: 62162
etag: "d91109d98c607bd3a0eb56784ed91fbcfc89bd5f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d5528af26e629a9bfbf0c421146b921f
1e4f99245d551384bedfe9b59b5f9905127d87bf
989830d93a90c30051b948a26ce403fb4370587ed3407d8d77ad0ad9cc28eb7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "989830D93A90C30051B948A26CE403FB4370587ED3407D8D77AD0AD9CC28EB7A"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16909
Expires: Mon, 23 Jan 2023 03:26:01 GMT
Date: Sun, 22 Jan 2023 22:44:12 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ed6afa7-c805-4ddd-a71c-bc9bde7aee5a.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ed6afa7-c805-4ddd-a71c-bc9bde7aee5a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e42f475b1e14cb9d0939ef39db8e1f91
dda57d67c7b5f32123d3c9956dec8f805138b3bf
ace1e5843457dc5493432ea113059e67827e6c95d6998a7465dea1eb0e723a1e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ed6afa7-c805-4ddd-a71c-bc9bde7aee5a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11818
x-amzn-requestid: e80dab53-5137-4776-a105-b1933e9bda6b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEqu6GhZIAMFWSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb57f8-696c3a7f103b96a23ed4abec;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 03:11:52 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 5bEvPaVPmareEYTNHUoTIEtCn0EKpBBafR11mjrvwPFVS_DLFKgm3w==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 05:42:33 GMT
age: 61299
etag: "dda57d67c7b5f32123d3c9956dec8f805138b3bf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0247217-9730-4fdb-8be7-667f0568ffc2.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0247217-9730-4fdb-8be7-667f0568ffc2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d95b4a29d3337c5c2ca7e4d31fa3a0b6
4c6d22bdc48d7011e2c875ee18876da6a8401669
23421c7f67582c927dacf52c25779e43f5196a40fb1b70467ed737c2417ba39e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0247217-9730-4fdb-8be7-667f0568ffc2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10822
x-amzn-requestid: 60a33a3f-36b1-4f6e-a17b-964118a9da31
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3AcMGeNoAMFs7A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c5e11a-7673a87f26759a1a64e4aab2;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 23:43:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JqvCEzxKP39gLHZjcr7R303XMAlfQz2nAtz-Wv_9W0rsAYJ3ODczPg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 21:58:40 GMT
age: 2732
etag: "4c6d22bdc48d7011e2c875ee18876da6a8401669"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf2abec1-a455-47b9-9aaf-69794032330f.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf2abec1-a455-47b9-9aaf-69794032330f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8ec35d753b6b816abcd14030255a7b76
a67bd0fa5beb10935442bef246bf4f52ec6e74bd
9adfddc8877a8ea9f1c3bcc0af99548cb11dc4e1d62a706bf9b2a5cc6d72e82f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf2abec1-a455-47b9-9aaf-69794032330f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7982
x-amzn-requestid: 59d91715-b444-445e-bd6b-268fc630024b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fKezLExAIAMFSeA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cdab47-1e12e8f335ea162532ce6aca;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 21:31:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0BgrMQG0-OHmZipKTgnHTs3HxYGBqKowIS37tg_QooT4JPlqHBPFvw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 21:47:46 GMT
age: 3386
etag: "a67bd0fa5beb10935442bef246bf4f52ec6e74bd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F602ef184-7161-4092-91b7-61e14eef28a5.jpeg
34.120.237.76200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F602ef184-7161-4092-91b7-61e14eef28a5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 805711aaab303931f8966bbf73aeda52
2bd02a45c8b407e36a41a482b121ea3e14f7c722
66268668c1a970268d75beb1b57f66a759bedac76958a3359cb23104de40fbeb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F602ef184-7161-4092-91b7-61e14eef28a5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3411
x-amzn-requestid: 62afd364-e94f-45ff-ba6c-9b589fc53e5f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e-EyCEzrIAMFb8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8b4d9-203f51040f82f12d535446c4;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 03:11:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: K73B093GBbsf85ny_o8fc9oE417nJBFlH0eEdhiifeQk3KG5Q-HHdg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 08:48:14 GMT
age: 50158
etag: "2bd02a45c8b407e36a41a482b121ea3e14f7c722"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 36f69c576be6f781f131e89d144916b2
a96a0a7bad1198b6265756eb6dd79d444199dbaf
b1fa2795c057042627ad607c3a2bce695c3c564803d938373cd8243478d3d0d2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:44:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 3bbec64cde333b8c3068e63b2adbf2bb
e1fad0f09db1e1b01c9d36d7dbc8163682dcc533
850bdbc33df9ee9c938ed81f35ee0a6782fe99f49f65359e1a66ff21e282ffc9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:44:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 3bbec64cde333b8c3068e63b2adbf2bb
e1fad0f09db1e1b01c9d36d7dbc8163682dcc533
850bdbc33df9ee9c938ed81f35ee0a6782fe99f49f65359e1a66ff21e282ffc9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:44:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 3bbec64cde333b8c3068e63b2adbf2bb
e1fad0f09db1e1b01c9d36d7dbc8163682dcc533
850bdbc33df9ee9c938ed81f35ee0a6782fe99f49f65359e1a66ff21e282ffc9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:44:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
142.250.74.98200 OK 42 B URL HTTP/2 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP 142.250.74.98:0
Hash d0360ff032091f5b24fb22cdc84a6890
76140dbc7eb007f3ec7995d88e7491ebebcf159c
29ea95cbc925c4afd08a2d36d812406c2a0172e0bb2703fce7a76749667472d7
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dzgurus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 42
x-xss-protection: 0
date: Sun, 22 Jan 2023 03:23:16 GMT
expires: Sun, 05 Feb 2023 03:23:16 GMT
cache-control: public, max-age=1209600
etag: 13036835877489095579
content-type: text/javascript; charset=UTF-8
age: 69657
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 36f69c576be6f781f131e89d144916b2
a96a0a7bad1198b6265756eb6dd79d444199dbaf
b1fa2795c057042627ad607c3a2bce695c3c564803d938373cd8243478d3d0d2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:44:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.98200 OK 50 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.98:0
File type ASCII text, with very long lines (4879)
Hash 482eff14c59b65c5723961e8da9871d3
0282ae8f2108577532ac79b38c67b7329a7bd626
3fedcd6fa0992a1e9dc20031346be6d0726284db0280e09ed62dae7f83fba988
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dzgurus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 22 Jan 2023 22:44:13 GMT
expires: Sun, 22 Jan 2023 22:44:13 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 2680061101902523589
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49724
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 3bbec64cde333b8c3068e63b2adbf2bb
e1fad0f09db1e1b01c9d36d7dbc8163682dcc533
850bdbc33df9ee9c938ed81f35ee0a6782fe99f49f65359e1a66ff21e282ffc9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:44:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.dzgurus.com/favicon.ico
142.250.74.179200 OK 844 B URL HTTP/2 www.dzgurus.com/favicon.ico
IP 142.250.74.179:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 3fcd8d2e0d2b5b727d004ef158a7288e
5c4a6b4921d164307a984d426fe801cb56a1a0b0
7287976c13b0d3998f0a8c7f8d140736773b57c65d12b795b751ef1ec5abc9de
GET /favicon.ico HTTP/1.1
Host: www.dzgurus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dzgurus.com/2022/11/gta-san-andreas-apkobb-for-all-versions.html
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=5c36f402-f682-4429-b43e-371a153d037d%3A1%3A1; sb_main_f7c2f218a71324f49eac3f7733565c8b=1; sb_count_f7c2f218a71324f49eac3f7733565c8b=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/x-icon; charset=UTF-8
expires: Sun, 22 Jan 2023 22:44:13 GMT
date: Sun, 22 Jan 2023 22:44:13 GMT
cache-control: private, max-age=86400
last-modified: Sun, 22 Jan 2023 21:51:16 GMT
etag: W/"7985a1d29baac0bfcbe1dd6b3ea0fa2d61d1e55804a090c89346243e1f8ccfd6"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 844
server: GSE
X-Firefox-Spdy: h2
squatdisloyal.com/sbar.json?key=f7c2f218a71324f49eac3f7733565c8b&uuid=b5c62d2e-13ad-416b-9180-d37e5f211d3c%3A3%3A1
173.233.137.60200 OK 2.7 kB URL HTTP/1.1 squatdisloyal.com/sbar.json?key=f7c2f218a71324f49eac3f7733565c8b&uuid=b5c62d2e-13ad-416b-9180-d37e5f211d3c%3A3%3A1
IP 173.233.137.60:0
File type JSON data\012- , ASCII text, with very long lines (6154), with no line terminators
Hash 0acef948126d123b962ef5d06f782643
389e789042208c6d3fa46d952d4cb136a2d3b8e2
c0ded030cef77a3c6a8fc4b1fb32e55c49e3324bbeb8d43923f1f5ae85c00d51
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=f7c2f218a71324f49eac3f7733565c8b&uuid=b5c62d2e-13ad-416b-9180-d37e5f211d3c%3A3%3A1 HTTP/1.1
Host: squatdisloyal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dzgurus.com
Connection: keep-alive
Referer: https://www.dzgurus.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 22 Jan 2023 22:44:13 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.dzgurus.com
Access-Control-Allow-Origin: https://www.dzgurus.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15771967; expires=Mon, 23 Jan 2023 22:44:12 GMT; secure; SameSite=None
uid_id2=b5c62d2e-13ad-416b-9180-d37e5f211d3c:3:1; expires=Sun, 29 Jan 2023 22:44:12 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 23 Jan 2023 22:44:13 GMT; secure; SameSite=None
uncs=1; expires=Mon, 23 Jan 2023 22:44:13 GMT; secure; SameSite=None
pdhtkv29=true; expires=Mon, 23 Jan 2023 22:44:13 GMT; secure; SameSite=None
uncs29=1; expires=Mon, 23 Jan 2023 22:44:13 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 960ea29db13ca83049298abf3508d20a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fa8a13e70570700654b112eb06029bd8
58de515ebe29aab1e5932eed2fbe5d802eb1707c
59253e9d3bc1a2319f2e05163644da0445077741392d78d996cc8394d13a8bc8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "59253E9D3BC1A2319F2E05163644DA0445077741392D78D996CC8394D13A8BC8"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3537
Expires: Sun, 22 Jan 2023 23:43:10 GMT
Date: Sun, 22 Jan 2023 22:44:13 GMT
Connection: keep-alive
squatdisloyal.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSP2wjxRudvdyv%2BVFx4goKkAsKkIizf7yxTYQC4QiKOJLo7iASBdLszKwzeL2zmtnxOhZFxElwDZKvgnLznFx03And9SAhhwZFFDEFSkHoECUSEjWyY8nwFfu9t%2B8r3vfm%2B%2BzAXhAXlp5vv6f6MknoUlh1Ky%2FvyJSrwlQ271Q8t%2BquVHZkulxbqfQmH919zXPDqvtK5R3B2mrJdz3X9Vyvsi61iFVvaapCZo%2BbXrXpVmt%2B1Qtr6On%2FcmMdGOqAdy%2FINUg%2B%2Ft%2Fuj08h2Qhp58kNYdq5yl59u2MTmiuNLj9%2BP22nqkjRmcNYO4jT49k0lBkT8tUVqPR4tgFU93CyASI5Js4vHqL0eGYTUffo0mmUQKSI%2BDMouiOIZARJR2DqLiQ%2FIwDj2NxC2nmwqXRB9y5VOlHH5Orff0EWY3L11%2BeQdr5ZS2SvclslNpcqNejFJWRvBNkaIbMnyPsOZHECln8KyQnSTgnJz1%2BKQrbsc18segHlizVvOVpseg13kQd1Eca%2B5%2FGATaORcgQZj5CIAahZgDUOrHRgYwc2c9Dh5xUaNmPXrcdRHASNGmMsCBgLG8s85EGtEbuwbOJ9gDwbgCUDML2PTO%2BjLe%2Bfhdeg7fcwuyUMd2Bygi4vUQiCwhAUlKCQBEVOUHTLI54Y35QPeGJs5M26P%2BtBOVR564AeqbwlUnKQXZBnp5n9%2BXAVbXFeievMj32vQete4NfiWlNQFsT1ehCEyyFrRDCyhDRXQI2DvhyT6x89QSbHZOH654joCUxyAiYXQO0LoMWw7rugu8Naw0U%2FfcT7LautqTLVAVclsvwq8j3nILkgz09tNH8nEOx09csvtn5b4R%2BC6RKZLvGx%2FIGgldwb3lIFObylCkOebmW57Mg%2BnTzr7ZzmYuHrd8VeoTTfuGEGD99kE2ECH98RJr9JUy7TliGP1iTnQq8rzQT5bsPsiGjbmt01q1Ob3dx%2Ba32jk2lhjFTpCFSeffAJmByT%2F%2Bv29GBf%2FOMNSD2CtiU69pTMClKNwLJ9mGzu3igCncxnosxBYcuh9qP5z0QSJGLOaVTC%2FItHc3xg7qGlHdD87vRMu7pENylBkwGMXRjmmT5d%2FTmYFqLEGUaJdg6jRCf3L6M18rwiwtiNheuLKG5GcZ26vBnXmhFteqIehdRDbsbsp29f%2FwcAAP%2F%2FAQAA%2F%2F8ikGPdiAQAAA%3D%3D
173.233.137.60200 OK 7 B URL HTTP/1.1 squatdisloyal.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSP2wjxRudvdyv%2BVFx4goKkAsKkIizf7yxTYQC4QiKOJLo7iASBdLszKwzeL2zmtnxOhZFxElwDZKvgnLznFx03And9SAhhwZFFDEFSkHoECUSEjWyY8nwFfu9t%2B8r3vfm%2B%2BzAXhAXlp5vv6f6MknoUlh1Ky%2FvyJSrwlQ271Q8t%2BquVHZkulxbqfQmH919zXPDqvtK5R3B2mrJdz3X9Vyvsi61iFVvaapCZo%2BbXrXpVmt%2B1Qtr6On%2FcmMdGOqAdy%2FINUg%2B%2Ft%2Fuj08h2Qhp58kNYdq5yl59u2MTmiuNLj9%2BP22nqkjRmcNYO4jT49k0lBkT8tUVqPR4tgFU93CyASI5Js4vHqL0eGYTUffo0mmUQKSI%2BDMouiOIZARJR2DqLiQ%2FIwDj2NxC2nmwqXRB9y5VOlHH5Orff0EWY3L11%2BeQdr5ZS2SvclslNpcqNejFJWRvBNkaIbMnyPsOZHECln8KyQnSTgnJz1%2BKQrbsc18segHlizVvOVpseg13kQd1Eca%2B5%2FGATaORcgQZj5CIAahZgDUOrHRgYwc2c9Dh5xUaNmPXrcdRHASNGmMsCBgLG8s85EGtEbuwbOJ9gDwbgCUDML2PTO%2BjLe%2Bfhdeg7fcwuyUMd2Bygi4vUQiCwhAUlKCQBEVOUHTLI54Y35QPeGJs5M26P%2BtBOVR564AeqbwlUnKQXZBnp5n9%2BXAVbXFeievMj32vQete4NfiWlNQFsT1ehCEyyFrRDCyhDRXQI2DvhyT6x89QSbHZOH654joCUxyAiYXQO0LoMWw7rugu8Naw0U%2FfcT7LautqTLVAVclsvwq8j3nILkgz09tNH8nEOx09csvtn5b4R%2BC6RKZLvGx%2FIGgldwb3lIFObylCkOebmW57Mg%2BnTzr7ZzmYuHrd8VeoTTfuGEGD99kE2ECH98RJr9JUy7TliGP1iTnQq8rzQT5bsPsiGjbmt01q1Ob3dx%2Ba32jk2lhjFTpCFSeffAJmByT%2F%2Bv29GBf%2FOMNSD2CtiU69pTMClKNwLJ9mGzu3igCncxnosxBYcuh9qP5z0QSJGLOaVTC%2FItHc3xg7qGlHdD87vRMu7pENylBkwGMXRjmmT5d%2FTmYFqLEGUaJdg6jRCf3L6M18rwiwtiNheuLKG5GcZ26vBnXmhFteqIehdRDbsbsp29f%2FwcAAP%2F%2FAQAA%2F%2F8ikGPdiAQAAA%3D%3D
IP 173.233.137.60:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSP2wjxRudvdyv%2BVFx4goKkAsKkIizf7yxTYQC4QiKOJLo7iASBdLszKwzeL2zmtnxOhZFxElwDZKvgnLznFx03And9SAhhwZFFDEFSkHoECUSEjWyY8nwFfu9t%2B8r3vfm%2B%2BzAXhAXlp5vv6f6MknoUlh1Ky%2FvyJSrwlQ271Q8t%2BquVHZkulxbqfQmH919zXPDqvtK5R3B2mrJdz3X9Vyvsi61iFVvaapCZo%2BbXrXpVmt%2B1Qtr6On%2FcmMdGOqAdy%2FINUg%2B%2Ft%2Fuj08h2Qhp58kNYdq5yl59u2MTmiuNLj9%2BP22nqkjRmcNYO4jT49k0lBkT8tUVqPR4tgFU93CyASI5Js4vHqL0eGYTUffo0mmUQKSI%2BDMouiOIZARJR2DqLiQ%2FIwDj2NxC2nmwqXRB9y5VOlHH5Orff0EWY3L11%2BeQdr5ZS2SvclslNpcqNejFJWRvBNkaIbMnyPsOZHECln8KyQnSTgnJz1%2BKQrbsc18segHlizVvOVpseg13kQd1Eca%2B5%2FGATaORcgQZj5CIAahZgDUOrHRgYwc2c9Dh5xUaNmPXrcdRHASNGmMsCBgLG8s85EGtEbuwbOJ9gDwbgCUDML2PTO%2BjLe%2Bfhdeg7fcwuyUMd2Bygi4vUQiCwhAUlKCQBEVOUHTLI54Y35QPeGJs5M26P%2BtBOVR564AeqbwlUnKQXZBnp5n9%2BXAVbXFeievMj32vQete4NfiWlNQFsT1ehCEyyFrRDCyhDRXQI2DvhyT6x89QSbHZOH654joCUxyAiYXQO0LoMWw7rugu8Naw0U%2FfcT7LautqTLVAVclsvwq8j3nILkgz09tNH8nEOx09csvtn5b4R%2BC6RKZLvGx%2FIGgldwb3lIFObylCkOebmW57Mg%2BnTzr7ZzmYuHrd8VeoTTfuGEGD99kE2ECH98RJr9JUy7TliGP1iTnQq8rzQT5bsPsiGjbmt01q1Ob3dx%2Ba32jk2lhjFTpCFSeffAJmByT%2F%2Bv29GBf%2FOMNSD2CtiU69pTMClKNwLJ9mGzu3igCncxnosxBYcuh9qP5z0QSJGLOaVTC%2FItHc3xg7qGlHdD87vRMu7pENylBkwGMXRjmmT5d%2FTmYFqLEGUaJdg6jRCf3L6M18rwiwtiNheuLKG5GcZ26vBnXmhFteqIehdRDbsbsp29f%2FwcAAP%2F%2FAQAA%2F%2F8ikGPdiAQAAA%3D%3D HTTP/1.1
Host: squatdisloyal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dzgurus.com/
Cookie: u_pl=15771967; uid_id2=b5c62d2e-13ad-416b-9180-d37e5f211d3c:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 22 Jan 2023 22:44:13 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 745a59614d06b7828ba6f5b334eb66e8
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash cc298ded3fc0f058105ddd7b442f5b55
38d43fe921b0b34e4a762598c3ad003956592c04
61a166c11ee3bc04f5be109d262b7f69525e428b1a85f68e00a58de4ff26b4c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:44:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bb5fac1f289cb91381d3d1a07094b179
df6f8fe7a21efb35290d24f2b8b0fe809cae8d33
34472778a647b2db33e669d8582b510d94d9e0d355d77c73d643b7495b0f6997
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:44:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=www.dzgurus.com
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=www.dzgurus.com
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.dzgurus.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dzgurus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 22 Jan 2023 22:44:13 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=www.dzgurus.com
142.250.74.98200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=www.dzgurus.com
IP 142.250.74.98:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.dzgurus.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dzgurus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 22 Jan 2023 22:44:13 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
squatdisloyal.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F50%2F77%2Fd2%2F5077d2a4de96d9464e3c0d2ecf8bb3de%2F1601543282.html&l=1209&fd=125
173.233.137.60200 OK 0 B URL HTTP/1.1 squatdisloyal.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F50%2F77%2Fd2%2F5077d2a4de96d9464e3c0d2ecf8bb3de%2F1601543282.html&l=1209&fd=125
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F50%2F77%2Fd2%2F5077d2a4de96d9464e3c0d2ecf8bb3de%2F1601543282.html&l=1209&fd=125 HTTP/1.1
Host: squatdisloyal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dzgurus.com/
Cookie: u_pl=15771967; uid_id2=b5c62d2e-13ad-416b-9180-d37e5f211d3c:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 22 Jan 2023 22:44:13 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash cc298ded3fc0f058105ddd7b442f5b55
38d43fe921b0b34e4a762598c3ad003956592c04
61a166c11ee3bc04f5be109d262b7f69525e428b1a85f68e00a58de4ff26b4c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:44:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.33.119.27200 OK 344 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash f82a4633fe57b496fb5cd05288b04145
ac0346f5dcb9cf3e1a2cc701848f95ee57b0bfd2
a081933eef2483a8b7fe00e421b35ea57db032bbdae36b45d520935df4006425
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "A081933EEF2483A8B7FE00E421B35EA57DB032BBDAE36B45D520935DF4006425"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8271
Expires: Mon, 23 Jan 2023 01:02:04 GMT
Date: Sun, 22 Jan 2023 22:44:13 GMT
Connection: keep-alive
e1.o.lencr.org/
23.33.119.27200 OK 344 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash f82a4633fe57b496fb5cd05288b04145
ac0346f5dcb9cf3e1a2cc701848f95ee57b0bfd2
a081933eef2483a8b7fe00e421b35ea57db032bbdae36b45d520935df4006425
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "A081933EEF2483A8B7FE00E421B35EA57DB032BBDAE36B45D520935DF4006425"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8271
Expires: Mon, 23 Jan 2023 01:02:04 GMT
Date: Sun, 22 Jan 2023 22:44:13 GMT
Connection: keep-alive
e1.o.lencr.org/
23.33.119.27200 OK 344 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash f82a4633fe57b496fb5cd05288b04145
ac0346f5dcb9cf3e1a2cc701848f95ee57b0bfd2
a081933eef2483a8b7fe00e421b35ea57db032bbdae36b45d520935df4006425
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "A081933EEF2483A8B7FE00E421B35EA57DB032BBDAE36B45D520935DF4006425"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8271
Expires: Mon, 23 Jan 2023 01:02:04 GMT
Date: Sun, 22 Jan 2023 22:44:13 GMT
Connection: keep-alive
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh3xmj6sSVzflZZ8u3gEr_4EhDk5vPVCKvUZyHMZkTu3U-aFjH0n1KIK-hkcS5Z75cDgrUMNFeDjSQR5aZIrel_QtPG0sFNdlsLpUi-ge7tNeZpfnhSGX_X4zgeqV7DrmF8UaONP8DGEO881uvKzMDMRuXttS73Yx1gK3AVJU6OkFqNiYEIQyVjYA4AbQ/w100-h100-p-k-no-nu/IMG_20230121_003822_147.jpg
142.250.74.97200 OK 7.2 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh3xmj6sSVzflZZ8u3gEr_4EhDk5vPVCKvUZyHMZkTu3U-aFjH0n1KIK-hkcS5Z75cDgrUMNFeDjSQR5aZIrel_QtPG0sFNdlsLpUi-ge7tNeZpfnhSGX_X4zgeqV7DrmF8UaONP8DGEO881uvKzMDMRuXttS73Yx1gK3AVJU6OkFqNiYEIQyVjYA4AbQ/w100-h100-p-k-no-nu/IMG_20230121_003822_147.jpg
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 100x100, components 3\012- data
Hash 0f6f76f068ea540d881daef8fb578c4b
f1a91a4b2507315b143ff28117fcd16aaa28f228
9722d13a2f1e076baf75116502b0cab113e7110bbd35d902c83ccb5f4a8d36db
GET /img/b/R29vZ2xl/AVvXsEh3xmj6sSVzflZZ8u3gEr_4EhDk5vPVCKvUZyHMZkTu3U-aFjH0n1KIK-hkcS5Z75cDgrUMNFeDjSQR5aZIrel_QtPG0sFNdlsLpUi-ge7tNeZpfnhSGX_X4zgeqV7DrmF8UaONP8DGEO881uvKzMDMRuXttS73Yx1gK3AVJU6OkFqNiYEIQyVjYA4AbQ/w100-h100-p-k-no-nu/IMG_20230121_003822_147.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dzgurus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v273f"
expires: Mon, 23 Jan 2023 22:44:13 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IMG_20230121_003822_147.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Sun, 22 Jan 2023 22:44:13 GMT
server: fife
content-length: 7211
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 41d9a97f3e66fa295337149c04ad0bae
5d0ffce8986ba0d9e47cd508b79c1feab18076cf
fa5f51ac868aed9106d71f0d5ae7d2fba4afed36bc9fdb94a5a66cea3ac15550
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:44:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgHddadROY03a81RPDFBXPKYn60b_OsDV_YFllOMzi3rRVE9JOcb-lr9sYCkt69Kz_TyA-egtR8vNJLbLqbXlcPmtuifzroDqGjPfl0GeOknsYwf42MCE-fJSCAK_2VOQq9S9VA9I6McWW85TEaTf6vCA3vNCZ8xi4nUhjKYDBARG8Pdk3CNxkz-YKtCQ/w100-h100-p-k-no-nu/PicsArt_08-23-05.37.53.jpg
142.250.74.97200 OK 6.4 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgHddadROY03a81RPDFBXPKYn60b_OsDV_YFllOMzi3rRVE9JOcb-lr9sYCkt69Kz_TyA-egtR8vNJLbLqbXlcPmtuifzroDqGjPfl0GeOknsYwf42MCE-fJSCAK_2VOQq9S9VA9I6McWW85TEaTf6vCA3vNCZ8xi4nUhjKYDBARG8Pdk3CNxkz-YKtCQ/w100-h100-p-k-no-nu/PicsArt_08-23-05.37.53.jpg
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 100x100, components 3\012- data
Hash 0cc3f827a4de8cea39d432fb11cb260d
5ec0ffb2c7719db1aa888c0c1c9f89d8380fe7d9
a04d22355693fbe74c2b1f2ff5aa0fde3fac90d4e73421dfd11c03a0f3f8a4dc
GET /img/b/R29vZ2xl/AVvXsEgHddadROY03a81RPDFBXPKYn60b_OsDV_YFllOMzi3rRVE9JOcb-lr9sYCkt69Kz_TyA-egtR8vNJLbLqbXlcPmtuifzroDqGjPfl0GeOknsYwf42MCE-fJSCAK_2VOQq9S9VA9I6McWW85TEaTf6vCA3vNCZ8xi4nUhjKYDBARG8Pdk3CNxkz-YKtCQ/w100-h100-p-k-no-nu/PicsArt_08-23-05.37.53.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dzgurus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v2290"
expires: Mon, 23 Jan 2023 22:44:13 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PicsArt_08-23-05.37.53.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Sun, 22 Jan 2023 22:44:13 GMT
server: fife
content-length: 6376
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh2NtpCcJVfUaTFKDEgdAcziYTdLFan_7yGWYHeAj0R_LSixmYIwZRoWTnbmk3h4A_HXKk45Fz_OAkwnOCO3ZIOAvhSlSXSg091-UrGixl13ZvOdZSAFZrBt7OqQy1N8z5JVo2vfUvkJlX1CPzsFzfEJyTJIeqA5QvSH01HlsHQ2Ehw3Mqe-sf6ZmewBg/w100-h100-p-k-no-nu/PicsArt_09-20-09.31.38.jpg
142.250.74.97200 OK 7.9 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh2NtpCcJVfUaTFKDEgdAcziYTdLFan_7yGWYHeAj0R_LSixmYIwZRoWTnbmk3h4A_HXKk45Fz_OAkwnOCO3ZIOAvhSlSXSg091-UrGixl13ZvOdZSAFZrBt7OqQy1N8z5JVo2vfUvkJlX1CPzsFzfEJyTJIeqA5QvSH01HlsHQ2Ehw3Mqe-sf6ZmewBg/w100-h100-p-k-no-nu/PicsArt_09-20-09.31.38.jpg
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 100x100, components 3\012- data
Hash 6168ff8ae16dd4a8a5bdc8680d5ed636
88387d88a4daf66434fedbfa914cb8674a6493ba
2a248c887736a107fcec8b4733951176a5322a1ab80c2fd358f480ac3c0b9c06
GET /img/b/R29vZ2xl/AVvXsEh2NtpCcJVfUaTFKDEgdAcziYTdLFan_7yGWYHeAj0R_LSixmYIwZRoWTnbmk3h4A_HXKk45Fz_OAkwnOCO3ZIOAvhSlSXSg091-UrGixl13ZvOdZSAFZrBt7OqQy1N8z5JVo2vfUvkJlX1CPzsFzfEJyTJIeqA5QvSH01HlsHQ2Ehw3Mqe-sf6ZmewBg/w100-h100-p-k-no-nu/PicsArt_09-20-09.31.38.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dzgurus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v246d"
expires: Mon, 23 Jan 2023 22:44:13 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PicsArt_09-20-09.31.38.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Sun, 22 Jan 2023 22:44:13 GMT
server: fife
content-length: 7880
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 36f69c576be6f781f131e89d144916b2
a96a0a7bad1198b6265756eb6dd79d444199dbaf
b1fa2795c057042627ad607c3a2bce695c3c564803d938373cd8243478d3d0d2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:44:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.creative-bars1.com/sb/notifications/software/us/windows/flash-all/ssp/1/img/close.png
172.64.166.9200 OK 4.0 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/software/us/windows/flash-all/ssp/1/img/close.png
IP 172.64.166.9:0
File type PNG image data, 500 x 500, 8-bit gray+alpha, non-interlaced\012- data
Hash 23e9690b0e7ac26868363a6248f44467
d7ad0eae64e0c1e65b12eda0aa9d2b91996dd64f
f362c67320d739ccf3bea21f857b9620075bd20ceacda8c51261b9612fe28395
GET /sb/notifications/software/us/windows/flash-all/ssp/1/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 22:44:13 GMT
content-type: image/png
content-length: 4022
last-modified: Wed, 17 Feb 2021 11:46:53 GMT
etag: "602d022d-fb6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5906982
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KV0xCUOTxc86UGZHFwUS3D13LWv%2Btm0ICAeBDG6WvUDdYajem35Qv5WAhezagfUfrJa%2BKFA%2BIxUDYdixv3O5HNkXZMda3nnZZcqitoc%2BCYvaWSdMXtySFe0Aid4R7Ww%2BzjuIgiU8NUSc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78dbd0213fa9759d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiwLCDz6jG0iKOahPL51jTrfSKxA8my-TFxJZVJu3ahniSI806H2_Q-ZuxX8CeMBdeA1WOvl8izge7PNiiGLqkwVo5Dj-vveVV2pjVsrblwqcGywuau4nNuv0JVFjyQjjW_EijylQpBko8JyksWapMy-K41FWW1J3KigchaJjuFkp9QjctandfhpQwcqg/w100-h100-p-k-no-nu/PicsArt_08-07-07.44.17.jpg
142.250.74.97200 OK 6.6 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiwLCDz6jG0iKOahPL51jTrfSKxA8my-TFxJZVJu3ahniSI806H2_Q-ZuxX8CeMBdeA1WOvl8izge7PNiiGLqkwVo5Dj-vveVV2pjVsrblwqcGywuau4nNuv0JVFjyQjjW_EijylQpBko8JyksWapMy-K41FWW1J3KigchaJjuFkp9QjctandfhpQwcqg/w100-h100-p-k-no-nu/PicsArt_08-07-07.44.17.jpg
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 100x100, components 3\012- data
Hash dd5b3484ecd6d2633b407184f3d0ab49
4f094bdcffb7b49068382aea9acc86aaffe26cf2
151e2baedea0a16a462a32c79480ac316f52e97df1acb5ef6374676a2798d798
GET /img/b/R29vZ2xl/AVvXsEiwLCDz6jG0iKOahPL51jTrfSKxA8my-TFxJZVJu3ahniSI806H2_Q-ZuxX8CeMBdeA1WOvl8izge7PNiiGLqkwVo5Dj-vveVV2pjVsrblwqcGywuau4nNuv0JVFjyQjjW_EijylQpBko8JyksWapMy-K41FWW1J3KigchaJjuFkp9QjctandfhpQwcqg/w100-h100-p-k-no-nu/PicsArt_08-07-07.44.17.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dzgurus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v2212"
expires: Mon, 23 Jan 2023 22:44:13 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PicsArt_08-07-07.44.17.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Sun, 22 Jan 2023 22:44:13 GMT
server: fife
content-length: 6620
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 65ef6cd7b306a14db6bae32b6e53cb21
f075625519666495b65144b86440c3b912ff4975
d2587fc268e36bd7e808e250b4c85412520e25c0232d7f7bc564b04331f70d1b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2587FC268E36BD7E808E250B4C85412520E25C0232D7F7BC564B04331F70D1B"
Last-Modified: Sun, 22 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7662
Expires: Mon, 23 Jan 2023 00:51:55 GMT
Date: Sun, 22 Jan 2023 22:44:13 GMT
Connection: keep-alive
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiWjm1753aaZWZg9nINMfTZsyD9y3J_DhEIWTMY6rm1m665JubJKStwwf6mi5P6QwuVbkHq5hs7C4qTX5YXlB-R7FLt96lwT9Mgna0DCm00-mXWY5mlTYF790fJMw7yIovx6VFEH_36zgpygHjlMIqzuj1DjwC_Z6E8tcbio-QormTcftNKfRDxVpcVJQ/w100-h100-p-k-no-nu/PicsArt_08-18-12.22.08.jpg
142.250.74.97200 OK 6.5 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiWjm1753aaZWZg9nINMfTZsyD9y3J_DhEIWTMY6rm1m665JubJKStwwf6mi5P6QwuVbkHq5hs7C4qTX5YXlB-R7FLt96lwT9Mgna0DCm00-mXWY5mlTYF790fJMw7yIovx6VFEH_36zgpygHjlMIqzuj1DjwC_Z6E8tcbio-QormTcftNKfRDxVpcVJQ/w100-h100-p-k-no-nu/PicsArt_08-18-12.22.08.jpg
IP 142.250.74.97:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 100x100, components 3\012- data
Hash d80bb9945b13d1619407e11bc1454e6c
7b73dab086e512accfeccdb144550f6fbb2de52b
02d4764b62d2c5307682b4047dfeec13218f2187c144e4d9e3d4cb85f683be4b
GET /img/b/R29vZ2xl/AVvXsEiWjm1753aaZWZg9nINMfTZsyD9y3J_DhEIWTMY6rm1m665JubJKStwwf6mi5P6QwuVbkHq5hs7C4qTX5YXlB-R7FLt96lwT9Mgna0DCm00-mXWY5mlTYF790fJMw7yIovx6VFEH_36zgpygHjlMIqzuj1DjwC_Z6E8tcbio-QormTcftNKfRDxVpcVJQ/w100-h100-p-k-no-nu/PicsArt_08-18-12.22.08.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dzgurus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v2273"
expires: Mon, 23 Jan 2023 22:44:13 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="PicsArt_08-18-12.22.08.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Sun, 22 Jan 2023 22:44:13 GMT
server: fife
content-length: 6540
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 41d9a97f3e66fa295337149c04ad0bae
5d0ffce8986ba0d9e47cd508b79c1feab18076cf
fa5f51ac868aed9106d71f0d5ae7d2fba4afed36bc9fdb94a5a66cea3ac15550
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:44:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.cloudimagesb.com/si/9f/03/9f/9f039f12c3a901981b39e44a7e2deb89/1667590110.png
45.133.44.10200 OK 33 kB URL HTTP/2 cdn.cloudimagesb.com/si/9f/03/9f/9f039f12c3a901981b39e44a7e2deb89/1667590110.png
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 2cb2500acb00f247ef19403c3a0f89e1
7c57e8b84b2bb0003810ffae7a14e24869155464
7efcd5082673b787603d2a0b8d768fb26807cf2ab79771a69886a916d0cda3ce
GET /si/9f/03/9f/9f039f12c3a901981b39e44a7e2deb89/1667590110.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 22:44:13 GMT
content-type: image/png
content-length: 32763
server: nginx/1.17.6
last-modified: Fri, 04 Nov 2022 19:28:39 GMT
etag: "636567e7-7ffb"
expires: Tue, 24 Jan 2023 22:44:13 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 344 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash f82a4633fe57b496fb5cd05288b04145
ac0346f5dcb9cf3e1a2cc701848f95ee57b0bfd2
a081933eef2483a8b7fe00e421b35ea57db032bbdae36b45d520935df4006425
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "A081933EEF2483A8B7FE00E421B35EA57DB032BBDAE36B45D520935DF4006425"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8271
Expires: Mon, 23 Jan 2023 01:02:04 GMT
Date: Sun, 22 Jan 2023 22:44:13 GMT
Connection: keep-alive
squatdisloyal.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fus%2Fwindows%2Fflash-all%2Fssp%2F1%2Fjs%2Fscript.js&l=386&fd=279
173.233.137.60200 OK 0 B URL HTTP/1.1 squatdisloyal.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fus%2Fwindows%2Fflash-all%2Fssp%2F1%2Fjs%2Fscript.js&l=386&fd=279
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fus%2Fwindows%2Fflash-all%2Fssp%2F1%2Fjs%2Fscript.js&l=386&fd=279 HTTP/1.1
Host: squatdisloyal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dzgurus.com/
Cookie: u_pl=15771967; uid_id2=b5c62d2e-13ad-416b-9180-d37e5f211d3c:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 22 Jan 2023 22:44:13 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 31a96aea31b9bde911c809b90b4b2340
67ac2a598c4d19de11e6a81eabb7af7aeec45dcb
22eb898eb4c8aafb440456924cb0a74529b3f18dbc9e0fa11fdfeeef4ac37908
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:44:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
partner.googleadservices.com/gampad/cookie.js?domain=www.dzgurus.com&callback=_gfp_s_&client=ca-pub-2719765140359855
142.250.74.66200 OK 251 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=www.dzgurus.com&callback=_gfp_s_&client=ca-pub-2719765140359855
IP 142.250.74.66:0
File type ASCII text, with very long lines (389), with no line terminators
Hash 2a205b26b7e73f1b1b0ad17a0bb8af84
91b65935ec5a3d50e160af029b3d94278cb310cc
0073a4807018b6797534e340da30ced20cd16bea9df446583031642a9ae25223
GET /gampad/cookie.js?domain=www.dzgurus.com&callback=_gfp_s_&client=ca-pub-2719765140359855 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dzgurus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 22 Jan 2023 22:44:13 GMT
server: cafe
cache-control: private
content-length: 251
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 31a96aea31b9bde911c809b90b4b2340
67ac2a598c4d19de11e6a81eabb7af7aeec45dcb
22eb898eb4c8aafb440456924cb0a74529b3f18dbc9e0fa11fdfeeef4ac37908
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:44:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
squatdisloyal.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fus%2Fwindows%2Fflash-all%2Fssp%2F1%2Fcss%2Fstyle.css&l=5644&fd=396
173.233.137.60200 OK 0 B URL HTTP/1.1 squatdisloyal.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fus%2Fwindows%2Fflash-all%2Fssp%2F1%2Fcss%2Fstyle.css&l=5644&fd=396
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fus%2Fwindows%2Fflash-all%2Fssp%2F1%2Fcss%2Fstyle.css&l=5644&fd=396 HTTP/1.1
Host: squatdisloyal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dzgurus.com/
Cookie: u_pl=15771967; uid_id2=b5c62d2e-13ad-416b-9180-d37e5f211d3c:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 22 Jan 2023 22:44:13 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
squatdisloyal.com/pixel/sbs?c=1
173.233.137.60200 OK 0 B URL HTTP/1.1 squatdisloyal.com/pixel/sbs?c=1
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: squatdisloyal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dzgurus.com/
Cookie: u_pl=15771967; uid_id2=b5c62d2e-13ad-416b-9180-d37e5f211d3c:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 22 Jan 2023 22:44:14 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
squatdisloyal.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSP2wjxRudvdyv%2BVFx4goKkAsKkIizf7yxTYQC4QiKOJLo7iASBdLszKwzeL2zmtnxOhZFxElwDZKvgnLznFx03And9SAhhwZFFDEFSkHoECUSEjWyY8nwFfu9t%2B8r3vfm%2B%2BzAXhAXlp5vv6f6MknoUlh1Ky%2FvyJSrwlQ271Q8t%2BquVHZkulxbqfQmH919zXPDqvtK5R3B2mrJdz3X9Vyvsi61iFVvaapCZo%2BbXrXpVmt%2B1Qtr6On%2FcmMdGOqAdy%2FINUg%2B%2Ft%2Fuj08h2Qhp58kNYdq5yl59u2MTmiuNLj9%2BP22nqkjRmcNYO4jT49k0lBkT8tUVqPR4tgFU93CyASI5Js4vHqL0eGYTUffo0mmUQKSI%2BDMouiOIZARJR2DqLiQ%2FIwDj2NxC2nmwqXRB9y5VOlHH5Orff0EWY3L11%2BeQdr5ZS2SvclslNpcqNejFJWRvBNkaIbMnyPsOZHECln8KyQnSTgnJz1%2BKQrbsc18segHlizVvOVpseg13kQd1Eca%2B5%2FGATaORcgQZj5CIAahZgDUOrHRgYwc2c9Dh5xUaNmPXrcdRHASNGmMsCBgLG8s85EGtEbuwbOJ9gDwbgCUDML2PTO%2BjLe%2Bfhdeg7fcwuyUMd2Bygi4vUQiCwhAUlKCQBEVOUHTLI54Y35QPeGJs5M26P%2BtBOVR564AeqbwlUnKQXZBnp5n9%2BXAVbXFeievMj32vQete4NfiWlNQFsT1ehCEyyFrRDCyhDRXQI2DvhyT6x89QSbHZOH654joCUxyAiYXQO0LoMWw7rugu8Naw0U%2FfcT7LautqTLVAVclsvwq8j3nILkgz09tNH8nEOx09csvtn5b4R%2BC6RKZLvGx%2FIGgldwb3lIFObylCkOebmW57Mg%2BnTzr7ZzmYuHrd8VeoTTfuGEGD99kE2ECH98RJr9JUy7TliGP1iTnQq8rzQT5bsPsiGjbmt01q1Ob3dx%2Ba32jk2lhjFTpCFSeffAJmByT%2F%2Bv29GBf%2FOMNSD2CtiU69pTMClKNwLJ9mGzu3igCncxnosxBYcuh9qP5z0QSJGLOaVTC%2FItHc3xg7qGlHdD87vRMu7pENylBkwGMXRjmmT5d%2FTmYFqLEGUaJdg6jRCf3L6M18rwSejXRiBp1xnkkGPfqftAIXNfnvFZvCq%2BJ3IzZT9%2B%2B%2Fg8AAAD%2F%2FwEAAP%2F%2FNpjtO4gEAAA%3D
173.233.137.60200 OK 7 B URL HTTP/1.1 squatdisloyal.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSP2wjxRudvdyv%2BVFx4goKkAsKkIizf7yxTYQC4QiKOJLo7iASBdLszKwzeL2zmtnxOhZFxElwDZKvgnLznFx03And9SAhhwZFFDEFSkHoECUSEjWyY8nwFfu9t%2B8r3vfm%2B%2BzAXhAXlp5vv6f6MknoUlh1Ky%2FvyJSrwlQ271Q8t%2BquVHZkulxbqfQmH919zXPDqvtK5R3B2mrJdz3X9Vyvsi61iFVvaapCZo%2BbXrXpVmt%2B1Qtr6On%2FcmMdGOqAdy%2FINUg%2B%2Ft%2Fuj08h2Qhp58kNYdq5yl59u2MTmiuNLj9%2BP22nqkjRmcNYO4jT49k0lBkT8tUVqPR4tgFU93CyASI5Js4vHqL0eGYTUffo0mmUQKSI%2BDMouiOIZARJR2DqLiQ%2FIwDj2NxC2nmwqXRB9y5VOlHH5Orff0EWY3L11%2BeQdr5ZS2SvclslNpcqNejFJWRvBNkaIbMnyPsOZHECln8KyQnSTgnJz1%2BKQrbsc18segHlizVvOVpseg13kQd1Eca%2B5%2FGATaORcgQZj5CIAahZgDUOrHRgYwc2c9Dh5xUaNmPXrcdRHASNGmMsCBgLG8s85EGtEbuwbOJ9gDwbgCUDML2PTO%2BjLe%2Bfhdeg7fcwuyUMd2Bygi4vUQiCwhAUlKCQBEVOUHTLI54Y35QPeGJs5M26P%2BtBOVR564AeqbwlUnKQXZBnp5n9%2BXAVbXFeievMj32vQete4NfiWlNQFsT1ehCEyyFrRDCyhDRXQI2DvhyT6x89QSbHZOH654joCUxyAiYXQO0LoMWw7rugu8Naw0U%2FfcT7LautqTLVAVclsvwq8j3nILkgz09tNH8nEOx09csvtn5b4R%2BC6RKZLvGx%2FIGgldwb3lIFObylCkOebmW57Mg%2BnTzr7ZzmYuHrd8VeoTTfuGEGD99kE2ECH98RJr9JUy7TliGP1iTnQq8rzQT5bsPsiGjbmt01q1Ob3dx%2Ba32jk2lhjFTpCFSeffAJmByT%2F%2Bv29GBf%2FOMNSD2CtiU69pTMClKNwLJ9mGzu3igCncxnosxBYcuh9qP5z0QSJGLOaVTC%2FItHc3xg7qGlHdD87vRMu7pENylBkwGMXRjmmT5d%2FTmYFqLEGUaJdg6jRCf3L6M18rwSejXRiBp1xnkkGPfqftAIXNfnvFZvCq%2BJ3IzZT9%2B%2B%2Fg8AAAD%2F%2FwEAAP%2F%2FNpjtO4gEAAA%3D
IP 173.233.137.60:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSP2wjxRudvdyv%2BVFx4goKkAsKkIizf7yxTYQC4QiKOJLo7iASBdLszKwzeL2zmtnxOhZFxElwDZKvgnLznFx03And9SAhhwZFFDEFSkHoECUSEjWyY8nwFfu9t%2B8r3vfm%2B%2BzAXhAXlp5vv6f6MknoUlh1Ky%2FvyJSrwlQ271Q8t%2BquVHZkulxbqfQmH919zXPDqvtK5R3B2mrJdz3X9Vyvsi61iFVvaapCZo%2BbXrXpVmt%2B1Qtr6On%2FcmMdGOqAdy%2FINUg%2B%2Ft%2Fuj08h2Qhp58kNYdq5yl59u2MTmiuNLj9%2BP22nqkjRmcNYO4jT49k0lBkT8tUVqPR4tgFU93CyASI5Js4vHqL0eGYTUffo0mmUQKSI%2BDMouiOIZARJR2DqLiQ%2FIwDj2NxC2nmwqXRB9y5VOlHH5Orff0EWY3L11%2BeQdr5ZS2SvclslNpcqNejFJWRvBNkaIbMnyPsOZHECln8KyQnSTgnJz1%2BKQrbsc18segHlizVvOVpseg13kQd1Eca%2B5%2FGATaORcgQZj5CIAahZgDUOrHRgYwc2c9Dh5xUaNmPXrcdRHASNGmMsCBgLG8s85EGtEbuwbOJ9gDwbgCUDML2PTO%2BjLe%2Bfhdeg7fcwuyUMd2Bygi4vUQiCwhAUlKCQBEVOUHTLI54Y35QPeGJs5M26P%2BtBOVR564AeqbwlUnKQXZBnp5n9%2BXAVbXFeievMj32vQete4NfiWlNQFsT1ehCEyyFrRDCyhDRXQI2DvhyT6x89QSbHZOH654joCUxyAiYXQO0LoMWw7rugu8Naw0U%2FfcT7LautqTLVAVclsvwq8j3nILkgz09tNH8nEOx09csvtn5b4R%2BC6RKZLvGx%2FIGgldwb3lIFObylCkOebmW57Mg%2BnTzr7ZzmYuHrd8VeoTTfuGEGD99kE2ECH98RJr9JUy7TliGP1iTnQq8rzQT5bsPsiGjbmt01q1Ob3dx%2Ba32jk2lhjFTpCFSeffAJmByT%2F%2Bv29GBf%2FOMNSD2CtiU69pTMClKNwLJ9mGzu3igCncxnosxBYcuh9qP5z0QSJGLOaVTC%2FItHc3xg7qGlHdD87vRMu7pENylBkwGMXRjmmT5d%2FTmYFqLEGUaJdg6jRCf3L6M18rwSejXRiBp1xnkkGPfqftAIXNfnvFZvCq%2BJ3IzZT9%2B%2B%2Fg8AAAD%2F%2FwEAAP%2F%2FNpjtO4gEAAA%3D HTTP/1.1
Host: squatdisloyal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dzgurus.com/
Cookie: u_pl=15771967; uid_id2=b5c62d2e-13ad-416b-9180-d37e5f211d3c:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 22 Jan 2023 22:44:14 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 82d37985c3eaed6ce95a37a3083567c9
Strict-Transport-Security: max-age=0; includeSubdomains
squatdisloyal.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fus%2Fwindows%2Fflash-all%2Fssp%2F1%2Fcss%2Fanimate.css&l=79245&fd=403
173.233.137.60200 OK 0 B URL HTTP/1.1 squatdisloyal.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fus%2Fwindows%2Fflash-all%2Fssp%2F1%2Fcss%2Fanimate.css&l=79245&fd=403
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fus%2Fwindows%2Fflash-all%2Fssp%2F1%2Fcss%2Fanimate.css&l=79245&fd=403 HTTP/1.1
Host: squatdisloyal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dzgurus.com/
Cookie: u_pl=15771967; uid_id2=b5c62d2e-13ad-416b-9180-d37e5f211d3c:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 22 Jan 2023 22:44:14 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 61ad64be1d17c072bde0da4ad094fe74
be20a360ad4314e4488560d3dd9bf6f6d95ac01f
27242c742941dbf7b04c1998d0971b1c5c738311c3ea9925dfeaee3db4f93b4c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:44:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
216.58.207.193200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 216.58.207.193:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dzgurus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Sun, 22 Jan 2023 22:44:14 GMT
expires: Sun, 22 Jan 2023 22:44:14 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9f9788e381983082a10350bba3234afb
dc16e103c5174374433d4432b8d6171a3960dbbc
961980c0a8fa08aca4b97e793686994e2d85e5272cebeb48229611a88ecabc83
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 22:44:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 512 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 208efb9511b51bc8f6170f48f5570ce3
03a7f4b1672c830d457155811ff8ce20b1a2b95c
f8b8ca844c080fb49596485f49d87be7e383d5df9317817f780cac6f3ccaaaf5
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dzgurus.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 22 Jan 2023 22:44:14 GMT
date: Sun, 22 Jan 2023 22:44:14 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-P3wCE5CDYF1pT0yfjFms2w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 58049bcceb1eb564a82626bc224e614c
5bed3931561adf23292562b4847dc98d3fd8c743
484f743313f730a9f0a283d612424f969701d8894a1d3db3db22946d138a3292
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "484F743313F730A9F0A283D612424F969701D8894A1D3DB3DB22946D138A3292"
Last-Modified: Sat, 21 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3019
Expires: Sun, 22 Jan 2023 23:34:33 GMT
Date: Sun, 22 Jan 2023 22:44:14 GMT
Connection: keep-alive
unseenreport.com/pxf.gif?uuid=5c36f402-f682-4429-b43e-371a153d037d&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=070f1088c9802792a1aea00839b47afe&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=22
192.243.61.227200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=5c36f402-f682-4429-b43e-371a153d037d&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=070f1088c9802792a1aea00839b47afe&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=22
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=5c36f402-f682-4429-b43e-371a153d037d&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=070f1088c9802792a1aea00839b47afe&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=22 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dzgurus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 22 Jan 2023 22:44:14 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 13f7979d35bad157b94158b74ed7ee0b
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=5c36f402-f682-4429-b43e-371a153d037d&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=f7c2f218a71324f49eac3f7733565c8b&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=22
192.243.61.227200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=5c36f402-f682-4429-b43e-371a153d037d&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=f7c2f218a71324f49eac3f7733565c8b&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=22
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=5c36f402-f682-4429-b43e-371a153d037d&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=f7c2f218a71324f49eac3f7733565c8b&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=22 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dzgurus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 22 Jan 2023 22:44:14 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b890ef0fe852fa54febf480ee75a70a3
Strict-Transport-Security: max-age=0; includeSubdomains
friendshipmale.com/sfp.js
172.64.140.24200 OK 0 B URL HTTP/2 friendshipmale.com/sfp.js
IP 172.64.140.24:0
Analyzer Verdict Alert fortinet Malware
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.dzgurus.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 22:44:12 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 7a07c38c59333f602a7931036f6e2a61
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 22 Jan 2023 22:44:12 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UPzBRe9qGJN4jOO3dQObzzmg%2BZftvJwIPMp8gbrlUTa5%2BU4RVz2ZZTmf8%2BILjKh0gtWT%2B%2BQR87CIzu3mTmZQludFpxPV%2FQ5y22q0mWp8w1RH%2FJ%2FBOQjGhN9Rlkrq52tmJIdBPyE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78dbd0188fe575c3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/au/50/77/d2/5077d2a4de96d9464e3c0d2ecf8bb3de/1601543282.html
45.133.44.3200 OK 0 B URL HTTP/2 cdn.barscreative1.com/sb/au/50/77/d2/5077d2a4de96d9464e3c0d2ecf8bb3de/1601543282.html
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert fortinet Phishing
GET /sb/au/50/77/d2/5077d2a4de96d9464e3c0d2ecf8bb3de/1601543282.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dzgurus.com
Connection: keep-alive
Referer: https://www.dzgurus.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 22:44:13 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Sat, 07 May 2022 03:21:28 GMT
etag: W/"6275e5b8-4b9"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sun, 22 Jan 2023 23:44:13 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP 142.250.74.106:0
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 22 Jan 2023 22:44:13 GMT
date: Sun, 22 Jan 2023 22:44:13 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/software/us/windows/flash-all/ssp/1/css/style.css
172.64.166.9200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/software/us/windows/flash-all/ssp/1/css/style.css
IP 172.64.166.9:0
GET /sb/notifications/software/us/windows/flash-all/ssp/1/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dzgurus.com
Connection: keep-alive
Referer: https://www.dzgurus.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 22:44:13 GMT
content-type: text/css
last-modified: Thu, 23 Sep 2021 11:41:22 GMT
etag: W/"614c67e2-160c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0k4cuiRYgG9l85UK6SZxTpOI2598dqcj1qLy74t0ixbZgFrQm9vwWC%2BwP9Vi3WflfHSSATI7wX%2BkzWU9KrRyLOYN%2FMi2XZ1Ow%2Bu%2BcpBb9jfFmir7d%2FDsA2oGbtn%2FBDqmrckTsJFAHYrS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78dbd020e9b423bb-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/software/us/windows/flash-all/ssp/1/css/animate.css
172.64.166.9200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/software/us/windows/flash-all/ssp/1/css/animate.css
IP 172.64.166.9:0
GET /sb/notifications/software/us/windows/flash-all/ssp/1/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.dzgurus.com
Connection: keep-alive
Referer: https://www.dzgurus.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 22:44:13 GMT
content-type: text/css
last-modified: Wed, 17 Feb 2021 11:46:51 GMT
etag: W/"602d022b-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L7tqpujaxlvmA4Ejvuc0oVLQ70tAsnvc%2FiETqniUlazoNYjlz%2FmzAxzrV9D6KgCPP27cKjRd9eYjYN9QnsqwWFPAxGNerJTv3l8fDfFdfc7vuvlZhDpm7u9hanB3A1rVmi6IfjxSDA31"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78dbd020e9a623bb-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2