www.techtolive.xyz/2022/08/indian-entertainment-pubg-whatsapp.html
142.250.74.179301 Moved Permanently 210 B URL HTTP/1.1 www.techtolive.xyz/2022/08/indian-entertainment-pubg-whatsapp.html
IP 142.250.74.179:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 6f5b1feaecd375541d4245db4a90e20c
0689a8d8208d43a82f260214245a9d9a4b7f5f01
b254030d00daeb043b8eafa3fb188c5d01ec675eab9ed6056bcaea1e881e7cf8
GET /2022/08/indian-entertainment-pubg-whatsapp.html HTTP/1.1
Host: www.techtolive.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://www.techtolive.xyz/2022/08/indian-entertainment-pubg-whatsapp.html
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Mon, 28 Nov 2022 02:55:02 GMT
Expires: Mon, 28 Nov 2022 02:55:02 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 210
Server: GSE
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 150792cfc458af013998f4ef6bdf5f74
d5179b2dcb11d06f82606bf6eb6648319998d63e
72937c756d3feeae6d04a6f445398b0436bdf559f8c7437e3a3233263943900e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "72937C756D3FEEAE6D04A6F445398B0436BDF559F8C7437E3A3233263943900E"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10666
Expires: Mon, 28 Nov 2022 05:52:48 GMT
Date: Mon, 28 Nov 2022 02:55:02 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 64b2a23eab6e5ae8c010ec7242be930c
0673e4385ba01a5a245711bab96cafc34f765793
64751d193f7af72431e9689581faffcae1a30ff50ea425697b2b80ff61c87909
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 303
Cache-Control: max-age=114074
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 02:55:02 GMT
Etag: "63833c71-1d7"
Expires: Tue, 29 Nov 2022 10:36:16 GMT
Last-Modified: Sun, 27 Nov 2022 10:31:13 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3b56944f0e5716fd4fad2ec18994d4be
61cafa4de31ba960d1145ec37272f6f6b6944e0c
4fd46b0b6a2ea24f5ce175985a3933c04b4c01bd3e32bee2e50a61a65eef7af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4FD46B0B6A2EA24F5CE175985A3933C04B4C01BD3E32BEE2E50A61A65EEF7AF4"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13331
Expires: Mon, 28 Nov 2022 06:37:13 GMT
Date: Mon, 28 Nov 2022 02:55:02 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 28 Nov 2022 02:17:45 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2237
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 3Th73xGXoAG68bZ7bdCSfp6N0oyZ0FJxQ6+iqxov99ZdhnBhwDVRDCrOSBZqiZgorA3FJrdCL18=
x-amz-request-id: 70DN0ZD22HTNP1GW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 28 Nov 2022 02:41:53 GMT
age: 789
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 02:55:02 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/L36YE2nME7Q
142.250.74.35200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/L36YE2nME7Q
IP 142.250.74.35:0
Hash 37ce7468aff4123fddeaa3596ed3c9a3
5acccfc3d92c460e3bd4445f8c09259f664e3fca
b5a334709d3d7d103fcb60d8472425c5d403d502bb6e3c3cb3a8a866df1f81e7
POST /s/gts1d4/L36YE2nME7Q HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 02:55:02 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 28 Nov 2022 02:11:12 GMT
cache-control: public,max-age=3600
age: 2631
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a6fee11dfe1b88cd768a0ca3e2bd0c89
59cec9a44a4a92467678afe65f347f68641a2174
50870c499aae4d5dfd6df25a36cd04b6d185b66ef0590e46933984bf52e2483f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2991
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 02:55:03 GMT
Last-Modified: Mon, 28 Nov 2022 02:05:12 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
www.techtolive.xyz/2022/08/indian-entertainment-pubg-whatsapp.html
142.250.74.179200 OK 57 kB URL HTTP/2 www.techtolive.xyz/2022/08/indian-entertainment-pubg-whatsapp.html
IP 142.250.74.179:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2382)
Hash ad16722c12f4731031a06745759917af
b30bd40d2ce27b2682f6eb6230fe4364f93f75b1
2d1e9d7c0d8d8e61d5fd2214383ac86a5b01a43343544d5fd72f9ba0fb6dacf5
GET /2022/08/indian-entertainment-pubg-whatsapp.html HTTP/1.1
Host: www.techtolive.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Mon, 28 Nov 2022 02:55:03 GMT
date: Mon, 28 Nov 2022 02:55:03 GMT
cache-control: private, max-age=0
last-modified: Sun, 27 Nov 2022 15:07:27 GMT
etag: W/"0018271aa2a4e8bca0143c65797b902449919b87c5120161f08bf1a8c85898c0"
x-robots-tag: all,noodp
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 57355
server: GSE
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2620cb440711056d80ec6ee6a4101116
0de0450475dd899906c36956881f9db5ecad90fd
9a84a21b1cb5e13c925b144beef55b87669a02836087e1a9cf74fa4964ef43f4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2534
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 02:55:03 GMT
Etag: "63830b45-117"
Last-Modified: Mon, 28 Nov 2022 02:12:50 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279
www.techtolive.xyz/js/cookienotice.js
142.250.74.179200 OK 2.0 kB URL HTTP/2 www.techtolive.xyz/js/cookienotice.js
IP 142.250.74.179:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
GET /js/cookienotice.js HTTP/1.1
Host: www.techtolive.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techtolive.xyz/2022/08/indian-entertainment-pubg-whatsapp.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2026
date: Mon, 28 Nov 2022 02:55:03 GMT
expires: Mon, 05 Dec 2022 02:55:03 GMT
cache-control: public, max-age=604800
last-modified: Sun, 27 Nov 2022 17:49:42 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 5af61422c4eaa1b995ec63e463abda26
db75634681ed688840773ce828c169ac9da7d131
506791493bb08d458008ad072ac34a26c2170c1e775b83f55f20cd8af97aa895
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 02:55:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 28e89e1001626402898c469305638763
15660d07b075a19aa95b766fd77fc3e895f6ff98
2648d64b8c11eb8acfcf372b60cb7f371c378f68b2b3b36d547814d5c0a347c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2648D64B8C11EB8ACFCF372B60CB7F371C378F68B2B3B36D547814D5C0A347C6"
Last-Modified: Fri, 25 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12697
Expires: Mon, 28 Nov 2022 06:26:40 GMT
Date: Mon, 28 Nov 2022 02:55:03 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 0ee1d1a60ec1770ec3e880a25c257f5d
015b05feff63bdcf8fae4d1a8c0c83c923a2ca67
b6845619444a37f322c044933a44cf3fd283a18a54d03bad4f76a2ed8c2cbaf6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 02:55:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 13c870f9d0256a3e5dd72fc47aea94e9
55b39d22353b9f020626c9ad5067adbb4e0a4761
a7af66142920ccb78d06c97456b0c48fc4596b853bf3f5eef60940857bcd6fd9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 02:55:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 3777052dd051aadd51d7ed0abe02aeb8
ef84205bb29e91e9b0bc1dec2bb1d087937dd74f
5f2c213da2f9b19ecd1a1b8b2eef8c431dad7a587bdb24338741b0848b2228c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 02:55:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2620cb440711056d80ec6ee6a4101116
0de0450475dd899906c36956881f9db5ecad90fd
9a84a21b1cb5e13c925b144beef55b87669a02836087e1a9cf74fa4964ef43f4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2534
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 02:55:03 GMT
Etag: "63830b45-117"
Last-Modified: Mon, 28 Nov 2022 02:12:50 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279
ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
142.250.74.170200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
IP 142.250.74.170:0
File type ASCII text, with very long lines (32077)
Hash fd2b58574f9637ba7ef639267349d848
6eda5ea93f549ceb5693f6f1c038893fa56a510d
75627d4b97e5e6294a8f88f5eeaf9b616696dc8600db9701c47ef05f067880ec
GET /ajax/libs/jquery/1.12.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33951
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:51:00 GMT
expires: Thu, 23 Nov 2023 18:51:00 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 374643
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 1070f987d04f66ed32c3055c234c9912
106e630271a81d058e7cb3c2b659feb17c611388
cdf1aa8aa5ab6b1a46108e12c388d75fa72a4089dd979c2ccb8003d536567d07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 02:55:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
142.250.74.105200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
IP 142.250.74.105:0
File type ASCII text, with very long lines (1441)
Hash f60e5037324bf7fd2256c16929886f09
aae4b1aea3737e0268e3578dd1d0e7cfe6c6d66b
71846da8d45274b77549b110389ab3dbcb8ce042051b5c39547909c1c343dfde
GET /static/v1/jsbin/3469866930-comment_from_post_iframe.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6573
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 18:59:43 GMT
expires: Wed, 22 Nov 2023 18:59:43 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Nov 2022 19:52:12 GMT
content-type: text/javascript
age: 460520
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/2342155703-widgets.js
142.250.74.105200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2342155703-widgets.js
IP 142.250.74.105:0
File type ASCII text, with very long lines (2221)
Hash 1217c8e34acb09c7cea97bae4d386ea1
55ee17703d0a7710943e93913bacb49220d98b4b
c2f23437ab938096bf8b40de8b08c4f27bb880b7ef8588481ec5ccc08b58870b
GET /static/v1/widgets/2342155703-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 16:02:03 GMT
expires: Tue, 21 Nov 2023 16:02:03 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Nov 2022 00:52:59 GMT
content-type: text/javascript
age: 557580
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-237882561-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-237882561-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 3ad9b3070d7b0c017fa84191e11e99e1
7a17d137a5202b73410d7859018eeaf7e04176b0
5bbc3693373b709ed40525671dd17b7cbdf481c7b18231e6ff1438e1dadda94a
GET /gtag/js?id=UA-237882561-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 28 Nov 2022 02:55:03 GMT
expires: Mon, 28 Nov 2022 02:55:03 GMT
cache-control: private, max-age=900
last-modified: Mon, 28 Nov 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43678
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a937208e2fa3e8b0074c987dc01a7161
115240a18e98625dfe7686be74220da5a43deea5
1d6a38a3d4aa4931f972dc279d30a03ef23425733de4a27972994dcf0e9f040a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1D6A38A3D4AA4931F972DC279D30A03EF23425733DE4A27972994DCF0E9F040A"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8507
Expires: Mon, 28 Nov 2022 05:16:50 GMT
Date: Mon, 28 Nov 2022 02:55:03 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 5af61422c4eaa1b995ec63e463abda26
db75634681ed688840773ce828c169ac9da7d131
506791493bb08d458008ad072ac34a26c2170c1e775b83f55f20cd8af97aa895
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 02:55:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-cqKZEnufXg4/XypjY0a1dpI/AAAAAAAAJG0/-JwPjWouOcMKEVztAqimTdRl6-4Tmq79gCK4BGAYYCw/s1600/Sora-Seo-Head-Bg.png
142.250.74.161200 OK 221 B URL HTTP/2 1.bp.blogspot.com/-cqKZEnufXg4/XypjY0a1dpI/AAAAAAAAJG0/-JwPjWouOcMKEVztAqimTdRl6-4Tmq79gCK4BGAYYCw/s1600/Sora-Seo-Head-Bg.png
IP 142.250.74.161:0
File type PNG image data, 4 x 4, 8-bit/color RGBA, non-interlaced\012- data
Hash 442c71180ab2f818b332a6385d439a35
8eba8df0f6b8aecc787e88291ac2135e7610b55b
b35315485c6a1c25d2fa993ca3ea77bd42811e27e6db1b3efe99d57cb05e42bd
GET /-cqKZEnufXg4/XypjY0a1dpI/AAAAAAAAJG0/-JwPjWouOcMKEVztAqimTdRl6-4Tmq79gCK4BGAYYCw/s1600/Sora-Seo-Head-Bg.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Sora-Seo-Head-Bg.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 221
x-xss-protection: 0
date: Mon, 28 Nov 2022 00:18:32 GMT
expires: Thu, 10 Nov 2022 19:08:08 GMT
cache-control: public, max-age=86400, no-transform
age: 9391
etag: "v246e"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 5af61422c4eaa1b995ec63e463abda26
db75634681ed688840773ce828c169ac9da7d131
506791493bb08d458008ad072ac34a26c2170c1e775b83f55f20cd8af97aa895
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 02:55:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
34.216.192.228101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.216.192.228:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: d2eoDa7IULrBd+LCgyFtGg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 1M7tJg+HYrnBgAjtsQSo35q1TA0=
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 3777052dd051aadd51d7ed0abe02aeb8
ef84205bb29e91e9b0bc1dec2bb1d087937dd74f
5f2c213da2f9b19ecd1a1b8b2eef8c431dad7a587bdb24338741b0848b2228c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 02:55:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adhitzads.com/1171918
104.21.67.138200 OK 782 B IP 104.21.67.138:0
File type ASCII text, with very long lines (448), with no line terminators
Hash 631f9980fa47c2d45152c7917b3d2f26
44c87ed4ba4fca5148ac0e467f5cc4d597fd8b17
65234210b73be1af5696bfda58870314b98402c0baa430b02d967133e42fbec0
GET /1171918 HTTP/1.1
Host: adhitzads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 02:55:03 GMT
content-type: text/html
vary: Accept-Encoding
expires: Mon, 28 Nov 2022 03:55:03 GMT
cache-control: max-age=3600, public
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y1u98CsH6SgD9yC2BmlR9d%2Bqnb3mev3SYgFhvSoU%2B8pJyDQIPhn5T%2BnrPD6b1dZxW44bJ3YP0553%2Bklqls3MEeWfjqrG0G0IczZxUhRFX4a0uGTXhfc%2BP5Uclgh5ifY4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770fd28f6b9cb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash c81653e99cfdfb43236c8d50248b2e51
a33bc0cb7d3bb714b7ef23b059bb304cf23d464f
e75fa0ce568755990d6949ef93e3e5c29213a5a11887f697af901f41b14e0274
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 02:55:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 02:55:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
216.58.207.195200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Hash e43b535855a4ae53bd5b07a6eeb3bf67
6507312d9491156036316484bf8dc41e8b52ddd9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.techtolive.xyz
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 18:53:39 GMT
expires: Tue, 21 Nov 2023 18:53:39 GMT
cache-control: public, max-age=31536000
age: 547284
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 636ab52e8412c404c27b203b7dde8958
adcaadc8107cf64e0bf312f21b78cf0db5a8d72a
8551d69b33cdb90d88ac0f282c8c1e3fd7a28f697d326ecf68627a5ac7761060
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 02:55:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 02:55:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-zMeLELY2M8k/YUD-wjOLB-I/AAAAAAAAJr0/C2pfz6pF2pA44xa9QdhC80dnaUiTgH5XACLcBGAsYHQ/w100/Best_ads_networks_for_bloggers_blogspot_approval.jpg
142.250.74.161200 OK 6.9 kB URL HTTP/2 1.bp.blogspot.com/-zMeLELY2M8k/YUD-wjOLB-I/AAAAAAAAJr0/C2pfz6pF2pA44xa9QdhC80dnaUiTgH5XACLcBGAsYHQ/w100/Best_ads_networks_for_bloggers_blogspot_approval.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 100x150, components 3\012- data
Hash 406e6626c9aa4ee64c05c8d93257c7a1
bd738a95383555b98715eafdf6384a852eda2a46
c48d167d3651d56708dddffe89429fcced0aac5cf5ee583d3e88ad389072c0ee
GET /-zMeLELY2M8k/YUD-wjOLB-I/AAAAAAAAJr0/C2pfz6pF2pA44xa9QdhC80dnaUiTgH5XACLcBGAsYHQ/w100/Best_ads_networks_for_bloggers_blogspot_approval.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v26be"
expires: Tue, 29 Nov 2022 02:55:03 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Best_ads_networks_for_bloggers_blogspot_approval.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 02:55:03 GMT
server: fife
content-length: 6948
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d3291561a5ccd9984991efc9f753d15e
6fda7a2549ca22c52296b142c7488fab93e828e8
44a5d02cf48be38481464c703e53d23f4d037779ca728fdc28acee3f0aa807ef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "44A5D02CF48BE38481464C703E53D23F4D037779CA728FDC28ACEE3F0AA807EF"
Last-Modified: Sat, 26 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21570
Expires: Mon, 28 Nov 2022 08:54:34 GMT
Date: Mon, 28 Nov 2022 02:55:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43dca8ebcf06bd09eb16b5516072ec48
84fe572e189c13383dc0a805a90c07de69c48ee6
be524e069364f1231ff9f6f8a5ca6ae8aa4353ba95fa7913c30c13ed008ab8fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE524E069364F1231FF9F6F8A5CA6AE8AA4353BA95FA7913C30C13ED008AB8FD"
Last-Modified: Sat, 26 Nov 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16489
Expires: Mon, 28 Nov 2022 07:29:53 GMT
Date: Mon, 28 Nov 2022 02:55:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d3291561a5ccd9984991efc9f753d15e
6fda7a2549ca22c52296b142c7488fab93e828e8
44a5d02cf48be38481464c703e53d23f4d037779ca728fdc28acee3f0aa807ef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "44A5D02CF48BE38481464C703E53D23F4D037779CA728FDC28ACEE3F0AA807EF"
Last-Modified: Sat, 26 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 28 Nov 2022 08:55:04 GMT
Date: Mon, 28 Nov 2022 02:55:04 GMT
Connection: keep-alive
my.rtmark.net/gid.js
139.45.195.8200 OK 65 B IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash e41213d41ad2064efaf72f16cf4f4ce0
0b18306929c87b69c97b8c8500d12bc4fc0efcb4
3827e2a3ad351273e5ec4a34261b0d8bb7106ed9cf8c9bb520ee6a3160c4644f
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.techtolive.xyz
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 02:55:04 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www.techtolive.xyz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=19974a92c7e446d2b6e60c4722cd61ff; expires=Tue, 28 Nov 2023 02:55:04 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e6ba763d5e21ffe9972a731ef51e1565
bb8f34256b9bdd0a1ba75f0e4410f48f454763b5
70f0914708515c145caa378d10fb1f06bce1311993b329d1080cb3c14db64b20
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "70F0914708515C145CAA378D10FB1F06BCE1311993B329D1080CB3C14DB64B20"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21541
Expires: Mon, 28 Nov 2022 08:54:05 GMT
Date: Mon, 28 Nov 2022 02:55:04 GMT
Connection: keep-alive
arsnivyr.com/9?z=5353584&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.techtolive.xyz%2F2022%2F08%2Findian-entertainment-pubg-whatsapp.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=19974a92c7e446d2b6e60c4722cd61ff
139.45.197.242204 No Content 0 B URL HTTP/2 arsnivyr.com/9?z=5353584&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.techtolive.xyz%2F2022%2F08%2Findian-entertainment-pubg-whatsapp.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=19974a92c7e446d2b6e60c4722cd61ff
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /9?z=5353584&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.techtolive.xyz%2F2022%2F08%2Findian-entertainment-pubg-whatsapp.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=19974a92c7e446d2b6e60c4722cd61ff HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.techtolive.xyz/
Origin: https://www.techtolive.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Mon, 28 Nov 2022 02:55:04 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.techtolive.xyz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
virtuallythanksgivinganchovy.com/aa95d721af570c636b5eb9f248721758/invoke.js
173.233.137.60200 OK 9.3 kB URL HTTP/1.1 virtuallythanksgivinganchovy.com/aa95d721af570c636b5eb9f248721758/invoke.js
IP 173.233.137.60:0
File type Unicode text, UTF-8 text, with very long lines (25077), with no line terminators
Hash fa0b97e96aa82715da937392769416c0
a4a2589bd7c3c03c19d10eefcf6efaa67f094443
c6373ade7548b4edd65114fdc4e3178cd20668ca1d68f1aee7780e98b93672b6
Analyzer Verdict Alert quad9 Sinkholed
GET /aa95d721af570c636b5eb9f248721758/invoke.js HTTP/1.1
Host: virtuallythanksgivinganchovy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 02:55:04 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 10679986eb4667b86e09fb4e44e4724a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
virtuallythanksgivinganchovy.com/d0/6d/8c/d06d8c07b7e38dbb7d733180628273af.js
173.233.137.60200 OK 13 kB URL HTTP/1.1 virtuallythanksgivinganchovy.com/d0/6d/8c/d06d8c07b7e38dbb7d733180628273af.js
IP 173.233.137.60:0
File type ASCII text, with very long lines (37137), with no line terminators
Hash 6dd39011272696934cb30c8233f5ad19
3bacb61b820e24428652d785b05fa853b7a7778b
47003992d089773cef99e53de7ac5734963cdfcc02673c7ebc5db10e231a5ce5
Analyzer Verdict Alert quad9 Sinkholed
GET /d0/6d/8c/d06d8c07b7e38dbb7d733180628273af.js HTTP/1.1
Host: virtuallythanksgivinganchovy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 02:55:04 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 41ab95c0dd4a0c80e2c842a4ac730fdd
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
virtuallythanksgivinganchovy.com/b0e41b943632dca3fd17e8bc87c8eb03/invoke.js
173.233.137.60200 OK 9.8 kB URL HTTP/1.1 virtuallythanksgivinganchovy.com/b0e41b943632dca3fd17e8bc87c8eb03/invoke.js
IP 173.233.137.60:0
File type exported SGML document, ASCII text, with very long lines (26951), with no line terminators
Hash 6973821f2ae6d400843eb152a21951df
16b59408d1b2803dbd5922eb91a129054d67e57d
322ea4095c48fb13a4aa48b0e32294e8bc4bce49c7288f2771d6bd2631747ba1
Analyzer Verdict Alert quad9 Sinkholed
GET /b0e41b943632dca3fd17e8bc87c8eb03/invoke.js HTTP/1.1
Host: virtuallythanksgivinganchovy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 02:55:04 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e340699feb59fee6ef34e23f36739784
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
arsnivyr.com/9?z=5353584&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.techtolive.xyz%2F2022%2F08%2Findian-entertainment-pubg-whatsapp.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=19974a92c7e446d2b6e60c4722cd61ff
139.45.197.242200 OK 2.8 kB URL HTTP/2 arsnivyr.com/9?z=5353584&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.techtolive.xyz%2F2022%2F08%2Findian-entertainment-pubg-whatsapp.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=19974a92c7e446d2b6e60c4722cd61ff
IP 139.45.197.242:0
File type JSON data\012- , ASCII text, with very long lines (6502), with no line terminators
Hash d4e1c27ff3d0ef4c1b1f89d97f9727d0
f63ab3a2eae9e8530efbca536a37cbee06937ff6
c89ac0a5041973735f458d3828af1e9b742d3ce16c3676fcc8112defb52e43a3
Analyzer Verdict Alert quad9 Sinkholed
POST /9?z=5353584&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.techtolive.xyz%2F2022%2F08%2Findian-entertainment-pubg-whatsapp.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=19974a92c7e446d2b6e60c4722cd61ff HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 265
Origin: https://www.techtolive.xyz
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Cookie: scm=1; OAID=e53f6bbd3794439eba1c918c746a22b4; oaidts=1669604103
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 02:55:04 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://www.techtolive.xyz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 5f414950ae85735c431f1d866763f502
access-control-expose-headers: X-Sc
set-cookie: OAID=19974a92c7e446d2b6e60c4722cd61ff; expires=Tue, 28 Nov 2023 02:55:04 GMT; secure; SameSite=None
oaidts=1669604103; expires=Tue, 28 Nov 2023 02:55:04 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 043b17f254385b94cbd52aefcf2d36d5
98a72cb873aae26ddd444a08de64abac17ca06f4
72246e6d818664f68fabc582e485f906ed4049b8fb60c84666a10f74bb9372de
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1464
Cache-Control: max-age=110538
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 02:55:04 GMT
Etag: "63832a1a-116"
Expires: Tue, 29 Nov 2022 09:37:22 GMT
Last-Modified: Sun, 27 Nov 2022 09:12:58 GMT
Server: ECS (amb/6BA1)
X-Cache: HIT
Content-Length: 278
d3x2.myfastcdn.com/www/images/768032df68c0c4575f5bdbf95dc223a8.png?width=984
172.66.43.101200 OK 38 kB URL HTTP/2 d3x2.myfastcdn.com/www/images/768032df68c0c4575f5bdbf95dc223a8.png?width=984
IP 172.66.43.101:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash b597788af8ec06d7e84e2b78db4a180b
f3eb90c10a90cbd39fa5a46061e9169755f7cc5c
adfd0573c6560b315e3c97d04d786e105e83e8ab30d7db8be5581284d3777871
GET /www/images/768032df68c0c4575f5bdbf95dc223a8.png?width=984 HTTP/1.1
Host: d3x2.myfastcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 02:55:04 GMT
content-type: image/webp
content-length: 38532
access-control-allow-headers: X-Requested-With
access-control-allow-origin: *
edge-cache-tag: 365614159681057689225644943605981001450,299117348020261205842514309066101480215,29ecf9b93bbf306179626feeda1fab70
etag: "d21016ccad31ac09be2e8db7e92f9505"
last-modified: Fri, 25 Nov 2022 11:23:13 GMT
req-referer: https://www.y2mate.com/
status: 200 OK
x-ratelimit-limit: 101
x-ratelimit-remaining: 100
x-ratelimit-reset: 1
x-envoy-upstream-service-time: 4033
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
cache-control: max-age=86400
age: 32009
vary: ImageFormat, Accept-Encoding
x-vcl-time-ms: 1
expires: Mon, 28 Nov 2022 18:01:35 GMT
timing-allow-origin: *
cf-cache-status: HIT
accept-ranges: bytes
server: cloudflare
cf-ray: 770fd294fd8a0b4d-OSL
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
216.58.207.195200 OK 48 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 47952, version 1.0\012- data
Hash 17b406b7b8caa297435fa358e194f5a1
e2132f0e97781af56fa966c0fabb49132f2af203
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
GET /s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.techtolive.xyz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47952
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 18:59:14 GMT
expires: Tue, 21 Nov 2023 18:59:14 GMT
cache-control: public, max-age=31536000
age: 546950
last-modified: Mon, 15 Aug 2022 18:22:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.195200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.techtolive.xyz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 05:42:51 GMT
expires: Fri, 24 Nov 2023 05:42:51 GMT
cache-control: public, max-age=31536000
age: 335533
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8671f7bd22b7a99e927e8779ebfb5311
fdfcee9d40ed2f8ba2329184f6f5860f6ea27173
b2262a0e9166e4686a3e0078a2cb15604fef095c3e7af7e17c719cf98acef5f6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B2262A0E9166E4686A3E0078A2CB15604FEF095C3E7AF7E17C719CF98ACEF5F6"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5209
Expires: Mon, 28 Nov 2022 04:21:53 GMT
Date: Mon, 28 Nov 2022 02:55:04 GMT
Connection: keep-alive
arsnivyr.com/11?rnd=1498168534&z=5353584&b=15852075&var=&rqtdbc=0&rcvdbc=0&btp=1&rb=xwFrWxu2iHYreF7ON5tMnWHgA-21yAXzrTC8USX6rjSrDASNGKtxhcVlbm3MDzAyCoJEWHtxByB5uGUBBBmNS_Drt1K3CwdXg9PiVscL46JWEyJsHbWeR2w8HmG7wRnCJlbdsBm-UCXSIU6Rqb_6I67805b5WtQ8JfUaWVgsYSnC-PCgj_7uw7T8qrGdi6Ltnx9zmB0r7mPhWzTN5tYtAJIHxnCv6e3ad2ZTEml1CyWA1cx3SNeMYsgqytC9GUIZrWfBopEP_jeKvh-jlrsIKI1CtPjjpXm_C0z_lMnO_m6bRIC6Lwgj-6-ljEc9sGcw5Er8PIEI03uiBd3JtFBkCwwO0IUKIGKqrW1beDsGaOoismZZtgdojTa8-Q78WJuZmQ3YscbyqnJSEzvApFZ8AqE0WGUNeMcx-7EB4GkR7pwhPuYoRhv95Pj514qnfqvclCr_aLHACRCOGHLd1393p6Zi1C80D1jnFWhDMhco88qWnuKwRM0yLsL4pKC_nFM7PObACt6g3w6XmDxehPgn4T2PHTrc3rEoKbtEdVizRb8oFFUt2R5X8EMlxBF6QxRRGkbB4l6yx2ItGAo0cG11Jz8S52ww1JNJyxHUw_NP-eFelptNa55bTbvXC-OAHmMFW2WQ8v_B-ZKqTtfhMUkhTUCpX_k2cmf95Cjwo9wHuJECZKQxqsN_LM1sl_s33ejwV4T4xEnSPqznPgQ3u1gYQvVbLnl-H2pKJMB2h0Pr56hUKuoV81QeebfPKHRoio8uDWNCu2oXPo-cVNHtCHBIe8a72TPJJCGssSZp9rH0710=&ruid=4a624c67-406b-41f2-9ad1-fb2a92c2b4d8&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.techtolive.xyz%2F2022%2F08%2Findian-entertainment-pubg-whatsapp.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
139.45.197.242200 OK 0 B URL HTTP/2 arsnivyr.com/11?rnd=1498168534&z=5353584&b=15852075&var=&rqtdbc=0&rcvdbc=0&btp=1&rb=xwFrWxu2iHYreF7ON5tMnWHgA-21yAXzrTC8USX6rjSrDASNGKtxhcVlbm3MDzAyCoJEWHtxByB5uGUBBBmNS_Drt1K3CwdXg9PiVscL46JWEyJsHbWeR2w8HmG7wRnCJlbdsBm-UCXSIU6Rqb_6I67805b5WtQ8JfUaWVgsYSnC-PCgj_7uw7T8qrGdi6Ltnx9zmB0r7mPhWzTN5tYtAJIHxnCv6e3ad2ZTEml1CyWA1cx3SNeMYsgqytC9GUIZrWfBopEP_jeKvh-jlrsIKI1CtPjjpXm_C0z_lMnO_m6bRIC6Lwgj-6-ljEc9sGcw5Er8PIEI03uiBd3JtFBkCwwO0IUKIGKqrW1beDsGaOoismZZtgdojTa8-Q78WJuZmQ3YscbyqnJSEzvApFZ8AqE0WGUNeMcx-7EB4GkR7pwhPuYoRhv95Pj514qnfqvclCr_aLHACRCOGHLd1393p6Zi1C80D1jnFWhDMhco88qWnuKwRM0yLsL4pKC_nFM7PObACt6g3w6XmDxehPgn4T2PHTrc3rEoKbtEdVizRb8oFFUt2R5X8EMlxBF6QxRRGkbB4l6yx2ItGAo0cG11Jz8S52ww1JNJyxHUw_NP-eFelptNa55bTbvXC-OAHmMFW2WQ8v_B-ZKqTtfhMUkhTUCpX_k2cmf95Cjwo9wHuJECZKQxqsN_LM1sl_s33ejwV4T4xEnSPqznPgQ3u1gYQvVbLnl-H2pKJMB2h0Pr56hUKuoV81QeebfPKHRoio8uDWNCu2oXPo-cVNHtCHBIe8a72TPJJCGssSZp9rH0710=&ruid=4a624c67-406b-41f2-9ad1-fb2a92c2b4d8&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.techtolive.xyz%2F2022%2F08%2Findian-entertainment-pubg-whatsapp.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /11?rnd=1498168534&z=5353584&b=15852075&var=&rqtdbc=0&rcvdbc=0&btp=1&rb=xwFrWxu2iHYreF7ON5tMnWHgA-21yAXzrTC8USX6rjSrDASNGKtxhcVlbm3MDzAyCoJEWHtxByB5uGUBBBmNS_Drt1K3CwdXg9PiVscL46JWEyJsHbWeR2w8HmG7wRnCJlbdsBm-UCXSIU6Rqb_6I67805b5WtQ8JfUaWVgsYSnC-PCgj_7uw7T8qrGdi6Ltnx9zmB0r7mPhWzTN5tYtAJIHxnCv6e3ad2ZTEml1CyWA1cx3SNeMYsgqytC9GUIZrWfBopEP_jeKvh-jlrsIKI1CtPjjpXm_C0z_lMnO_m6bRIC6Lwgj-6-ljEc9sGcw5Er8PIEI03uiBd3JtFBkCwwO0IUKIGKqrW1beDsGaOoismZZtgdojTa8-Q78WJuZmQ3YscbyqnJSEzvApFZ8AqE0WGUNeMcx-7EB4GkR7pwhPuYoRhv95Pj514qnfqvclCr_aLHACRCOGHLd1393p6Zi1C80D1jnFWhDMhco88qWnuKwRM0yLsL4pKC_nFM7PObACt6g3w6XmDxehPgn4T2PHTrc3rEoKbtEdVizRb8oFFUt2R5X8EMlxBF6QxRRGkbB4l6yx2ItGAo0cG11Jz8S52ww1JNJyxHUw_NP-eFelptNa55bTbvXC-OAHmMFW2WQ8v_B-ZKqTtfhMUkhTUCpX_k2cmf95Cjwo9wHuJECZKQxqsN_LM1sl_s33ejwV4T4xEnSPqznPgQ3u1gYQvVbLnl-H2pKJMB2h0Pr56hUKuoV81QeebfPKHRoio8uDWNCu2oXPo-cVNHtCHBIe8a72TPJJCGssSZp9rH0710=&ruid=4a624c67-406b-41f2-9ad1-fb2a92c2b4d8&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.techtolive.xyz%2F2022%2F08%2Findian-entertainment-pubg-whatsapp.html&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1 HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.techtolive.xyz
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Cookie: scm=1; OAID=19974a92c7e446d2b6e60c4722cd61ff; oaidts=1669604103
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 02:55:04 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://www.techtolive.xyz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: b64476f9b8d655d278ac2a7e769eb45b
access-control-expose-headers: X-Sc
set-cookie: OAID=19974a92c7e446d2b6e60c4722cd61ff; expires=Tue, 28 Nov 2023 02:55:04 GMT; secure; SameSite=None
oaidts=1669604103; expires=Tue, 28 Nov 2023 02:55:04 GMT; secure; SameSite=None
oaidvc=1; expires=Tue, 28 Nov 2023 02:55:04 GMT; secure; SameSite=None
CNT=1_v1_K-LxAAEAAAB8S3Jp; expires=Mon, 28 Nov 2022 03:55:04 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 8781ef7b81ea378c87b9b75e52115397
df3106ed152971215d454459c4e7ad93559aa4ca
e44e3b4621bc2e63c4b7a69aee8cf240a496c5d1cdef6b26f5a6036c0e3007a1
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 28 Nov 2022 02:55:04 GMT
Last-Modified: Mon, 28 Nov 2022 02:03:36 GMT
Server: ECS (nyb/1D19)
X-Cache: Miss from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: er3GCPuEmsTV6ytqBa1z-Es-38IrohJVMlJVKQl99Mh_RyB5wSxi_A==
Age: 3088
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8671f7bd22b7a99e927e8779ebfb5311
fdfcee9d40ed2f8ba2329184f6f5860f6ea27173
b2262a0e9166e4686a3e0078a2cb15604fef095c3e7af7e17c719cf98acef5f6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B2262A0E9166E4686A3E0078A2CB15604FEF095C3E7AF7E17C719CF98ACEF5F6"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5209
Expires: Mon, 28 Nov 2022 04:21:53 GMT
Date: Mon, 28 Nov 2022 02:55:04 GMT
Connection: keep-alive
simplewebanalysis.com/stats
18.185.190.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.185.190.54:0
File type ASCII text, with no line terminators
Hash d2afafd00c4f0b71832874e376f08c08
0b10c77cb363d38620892a258a250a03650007c1
fb8727165e0abe5e6d48aa357bd7ca3537ab2676bf6090b2f50124a996ee1ef3
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.techtolive.xyz
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 02:55:04 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.techtolive.xyz
access-control-allow-credentials: true
set-cookie: uid_id2=effd56c6-bc94-4078-8c05-8b3969187a63:2:1; expires=Thu, 25 Nov 2032 02:55:04 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 8781ef7b81ea378c87b9b75e52115397
df3106ed152971215d454459c4e7ad93559aa4ca
e44e3b4621bc2e63c4b7a69aee8cf240a496c5d1cdef6b26f5a6036c0e3007a1
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=130335
Date: Mon, 28 Nov 2022 02:55:04 GMT
Etag: "63836697-1d7"
Expires: Tue, 29 Nov 2022 15:07:19 GMT
Last-Modified: Sun, 27 Nov 2022 13:31:03 GMT
Server: ECS (nyb/1D0A)
X-Cache: Miss from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: U93IxQhG3aEsq3NWl_EbQghgTrDbrh4EYBkIv7esBpjAQ5aNiDRMpw==
Age: 5776
simplewebanalysis.com/stats
18.185.190.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.185.190.54:0
File type ASCII text, with no line terminators
Hash d2afafd00c4f0b71832874e376f08c08
0b10c77cb363d38620892a258a250a03650007c1
fb8727165e0abe5e6d48aa357bd7ca3537ab2676bf6090b2f50124a996ee1ef3
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.techtolive.xyz
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Cookie: uid_id2=effd56c6-bc94-4078-8c05-8b3969187a63:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 02:55:04 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.techtolive.xyz
access-control-allow-credentials: true
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
18.185.190.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.185.190.54:0
File type ASCII text, with no line terminators
Hash 6228af34e28888138326e9bb9d754384
4337904053fa6177f54b873b809791242270e22f
b53e0e6d7f55ab6cba6a7d0687202092eef8d068a73ac626eef0fd3f096bd115
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.techtolive.xyz
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 02:55:04 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.techtolive.xyz
access-control-allow-credentials: true
set-cookie: uid_id2=f95f7e30-9509-4cf7-af6f-cf4bf8db2d98:3:1; expires=Thu, 25 Nov 2032 02:55:04 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 59e2a328e393183bd20a3d747f466c8d
370374b49ab27b2464d4113cf8720b2ddf738250
c8b3ee65fe098c555f49cf38535969d20f4eeae5a9485e759215fe7711fa0709
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8B3EE65FE098C555F49CF38535969D20F4EEAE5A9485E759215FE7711FA0709"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5906
Expires: Mon, 28 Nov 2022 04:33:30 GMT
Date: Mon, 28 Nov 2022 02:55:04 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55703d3bfe2eb684148ed6c064f04955
7ebd83b433d0f21d992c54c5cb686fac8031a0cf
ace43109e30792780c3b526994d017abac37d7bedec0382de7b0fb3a10d62041
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "ACE43109E30792780C3B526994D017ABAC37D7BEDEC0382DE7B0FB3A10D62041"
Last-Modified: Sun, 27 Nov 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5733
Expires: Mon, 28 Nov 2022 04:30:37 GMT
Date: Mon, 28 Nov 2022 02:55:04 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 8620cb50c13aa6595039feb6a940c719
87697510b8823d7312df41eaca3fd042a12bf96d
eda65270df7fee2cb4c1dcd7d5116c6e58918b7685ff2b2ef5e791c5b787a618
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5730
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 02:55:04 GMT
Last-Modified: Mon, 28 Nov 2022 01:19:34 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55703d3bfe2eb684148ed6c064f04955
7ebd83b433d0f21d992c54c5cb686fac8031a0cf
ace43109e30792780c3b526994d017abac37d7bedec0382de7b0fb3a10d62041
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "ACE43109E30792780C3B526994D017ABAC37D7BEDEC0382DE7B0FB3A10D62041"
Last-Modified: Sun, 27 Nov 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5733
Expires: Mon, 28 Nov 2022 04:30:37 GMT
Date: Mon, 28 Nov 2022 02:55:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2212
Expires: Mon, 28 Nov 2022 03:31:56 GMT
Date: Mon, 28 Nov 2022 02:55:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2211
Expires: Mon, 28 Nov 2022 03:31:56 GMT
Date: Mon, 28 Nov 2022 02:55:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2212
Expires: Mon, 28 Nov 2022 03:31:56 GMT
Date: Mon, 28 Nov 2022 02:55:04 GMT
Connection: keep-alive
tzegilo.com/stattag.js
172.67.194.45200 OK 5.7 kB IP 172.67.194.45:0
File type ASCII text, with very long lines (12966), with no line terminators
Hash e9f039947f00abeedf59d1beef424bbd
7f530cf4b3b5692f45836c6404872fc8ba0ad7cf
4495c7e3f00645fe183f8723eb5ddd8b05d45562234dbeba1300850bd217dc0b
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 02:55:04 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 15:07:42 GMT
etag: W/"637e373e-32a6"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 2344
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GdB5yAe0W4u0HTDpKpPqZ5lJ6bwiSduX3yzBzNGDsPlmYObmQRek4PuKNJ5gfhkNHmxIJ7YP0Eb2AFreK7fqGfXD%2FhySdtOq5ZAvRUBNV1CTVYq%2FDuqmkrQS6A9sRg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770fd2980b7fb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2211
Expires: Mon, 28 Nov 2022 03:31:56 GMT
Date: Mon, 28 Nov 2022 02:55:05 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd94c980-e701-4603-9381-0bd47116d31d.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd94c980-e701-4603-9381-0bd47116d31d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fa848cb85e85df184b078fe7aa95ae52
21aa6418f3a0d2b64925b66d5fb9079b7e84a11c
37d299c166e3350dee6dee647e98a86f8bd916d186bae12c42764ed0a3177085
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd94c980-e701-4603-9381-0bd47116d31d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5989
x-amzn-requestid: db10fcc5-80ab-4650-af49-d5afe36706f3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR78LHQqIAMF9_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d9e7-4cbd19e3227894844807742c;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: A5n6y1-hpgr4vynnRXkEZNvCvjlNGH6brl7eYMsdN1MST7YoD2BPgA==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:13 GMT
age: 18232
etag: "21aa6418f3a0d2b64925b66d5fb9079b7e84a11c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e40048fc88bbc0ae363201042188c791
8a044646f03d3982600bf911315a803bb83845d3
dea708c9da9eb427791e342a6c90470dc2bf9a65c2af1500a6aaad7fc02e3577
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DEA708C9DA9EB427791E342A6C90470DC2BF9A65C2AF1500A6AAAD7FC02E3577"
Last-Modified: Sat, 26 Nov 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4660
Expires: Mon, 28 Nov 2022 04:12:45 GMT
Date: Mon, 28 Nov 2022 02:55:05 GMT
Connection: keep-alive
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
104.18.10.207200 OK 23 kB URL HTTP/2 stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.18.10.207:0
File type ASCII text, with very long lines (30837)
Hash 4840d97d7d4d3847bb4eda9116207657
66f1567a51f2368a2d702319c2f81024b54f5065
89407a4f4e9407fff64540e3207c0e358db051f81ea19dd000db75dac9d575f2
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 02:55:03 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 11/15/2021 21:49:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 2729ae8f2fc6c761bdc17d91cc795f58
cdn-cache: HIT
cf-cache-status: HIT
age: 15050857
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 770fd28f49c2b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F17eed5ca-e7b1-43be-b937-69356fce9d8a.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F17eed5ca-e7b1-43be-b937-69356fce9d8a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4060284252d32701c42e2df4a83970a0
a73feecd0e221f7c7a3b74b75aeaa81bd9baa1da
53eca0f8435d6e2e62962ef80d4597afad2773a582746d523f7f5d30c3e07b8e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F17eed5ca-e7b1-43be-b937-69356fce9d8a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4708
x-amzn-requestid: 6efd15cd-c944-42e7-8142-01360fbe4a25
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_JFbXIAMFc_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-3c7d91eb7a2f3a9669f89d88;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6FSZ3Zw-s95LlrU3skAr5_g6m36c9SQ9_6vA3HFbMKYTTFzJRBJ76w==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:26:43 GMT
age: 16102
etag: "a73feecd0e221f7c7a3b74b75aeaa81bd9baa1da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 8620cb50c13aa6595039feb6a940c719
87697510b8823d7312df41eaca3fd042a12bf96d
eda65270df7fee2cb4c1dcd7d5116c6e58918b7685ff2b2ef5e791c5b787a618
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5731
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 02:55:05 GMT
Last-Modified: Mon, 28 Nov 2022 01:19:34 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279
arsnivyr.com/1?z=5353584
139.45.197.242200 OK 14 kB IP 139.45.197.242:0
Hash 74ce796b2f226e7d50a4f9c390c56646
81988097cc79b39fd43810bd2a5a7397d8ec3295
e5bba6bb66b1c2f2de5cf5e3404516e4ab1aa863dac2b9f686f5618b150bc497
Analyzer Verdict Alert quad9 Sinkholed
GET /1?z=5353584 HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 02:55:03 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: a2a1fcef0b1828eab06b0687f4477663
access-control-expose-headers: X-Sc
x-sc: beX8a-mQq_9zHNHEDg4UPUbNLCI23R2f4QYOuCsN-lFfGLvV2RDI1VQRQxBLDEBxuI7QMFZgOsRIpXMguOw7mPL8Uog=
set-cookie: scm=1; expires=Tue, 28 Nov 2023 02:55:03 GMT; secure; SameSite=None
OAID=e53f6bbd3794439eba1c918c746a22b4; expires=Tue, 28 Nov 2023 02:55:03 GMT; secure; SameSite=None
oaidts=1669604103; expires=Tue, 28 Nov 2023 02:55:03 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd56d2fad-ed89-4d96-831f-7f8467b7079b.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd56d2fad-ed89-4d96-831f-7f8467b7079b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 15bd53848c7082464273007e010c54e0
9a3ca698ca1aeae695923277ed2244465e01a1ea
36cfa29965173ea683992d4b436f393e92c978350347f869355d933613e2c005
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd56d2fad-ed89-4d96-831f-7f8467b7079b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10119
x-amzn-requestid: 20bfd6a6-2981-42ca-8997-9363676773c1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR782HEZIAMFTKQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d9eb-552581a92a69d6cd322bf334;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _jTN1lFL0_PS-9DYgE6O2V6s6AYnlGJs0xCEHn761Mxq_asytlaRoQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:40 GMT
age: 18205
etag: "9a3ca698ca1aeae695923277ed2244465e01a1ea"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd18bfa3f-3214-4f84-8a7e-d219428f5242.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd18bfa3f-3214-4f84-8a7e-d219428f5242.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 005e5ba3c9588cf389a58195001b64e3
238a7439d887fb3aa7f1302eeb43fce62f08441a
d75dd5b6f57d9c9290725c5be76cc7d7a39682ca569bea18eceb9bdc13d444f9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd18bfa3f-3214-4f84-8a7e-d219428f5242.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10813
x-amzn-requestid: 5a3c9584-1389-45ac-968d-0a2301f82eda
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_KG00oAMFpig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-6ffc3ff67f7f7e75399834e8;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3ggibSv4guzAQjW77yMg7HTp5JCBi1B9dxXi-Zy_-Vw0b6lP1PAGyQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:09 GMT
age: 18236
etag: "238a7439d887fb3aa7f1302eeb43fce62f08441a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 80423577bb8ca66350f796c228ae9152
39a9a538873e91016bec486f0a39a8f5decf276c
b97b4d704efc28d3c9e1839cc5d08b9663f3f56654d42124e0ec19377a1a9084
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5991
Cache-Control: max-age=164389
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 02:55:05 GMT
Etag: "6383eac7-1d7"
Expires: Wed, 30 Nov 2022 00:34:54 GMT
Last-Modified: Sun, 27 Nov 2022 22:55:03 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Mon, 28 Nov 2022 02:41:08 GMT
expires: Mon, 28 Nov 2022 04:41:08 GMT
cache-control: public, max-age=7200
age: 837
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 8835f987270c3a6655732a8b9f79019d
b526a02966f50407fd20c881616a505ca6693ce3
349663442998cf63d2ff77fdfee46ac572703750f977b4f60e9082307309f7c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 02:55:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 8835f987270c3a6655732a8b9f79019d
b526a02966f50407fd20c881616a505ca6693ce3
349663442998cf63d2ff77fdfee46ac572703750f977b4f60e9082307309f7c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 02:55:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 8835f987270c3a6655732a8b9f79019d
b526a02966f50407fd20c881616a505ca6693ce3
349663442998cf63d2ff77fdfee46ac572703750f977b4f60e9082307309f7c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 02:55:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 8835f987270c3a6655732a8b9f79019d
b526a02966f50407fd20c881616a505ca6693ce3
349663442998cf63d2ff77fdfee46ac572703750f977b4f60e9082307309f7c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 02:55:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/sdk.js
31.13.72.12200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1957)
Hash ce24d2dd13296d29dc5a8e75a0e6e977
973cda8d02026b76d3b93131570014baae38df2e
14ccb76feb1f914bf004fd56ca981b004ac5e78e62180c1a0bedfeab8d96547e
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: b4779762ebe2316a1fd59d21a8dc794c
etag: "529b24cdda07415e7486861107a0d98c"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Mon, 28 Nov 2022 03:03:33 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: ziTS3RMpbSncWo51oObpdw==
x-fb-debug: AY0XZUaNvnDcgPiXfN7eWLremhimyQpETr9pBrdwfSKr17+MOHlRd0VZGUYtV/N1iYwgefFWL8Qto2DK/3kxGA==
content-length: 1687
x-fb-trip-id: 1904183273
date: Mon, 28 Nov 2022 02:55:05 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 8835f987270c3a6655732a8b9f79019d
b526a02966f50407fd20c881616a505ca6693ce3
349663442998cf63d2ff77fdfee46ac572703750f977b4f60e9082307309f7c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 02:55:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 770555aa8a0a52c611bafb289ca8a650
62504cadc49747f328e3c31ad3aa7a740043072c
6317c8530220392b1339be640b8c1181c468ff8e3f3d1d5692b39cb32404216f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 02:55:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 770555aa8a0a52c611bafb289ca8a650
62504cadc49747f328e3c31ad3aa7a740043072c
6317c8530220392b1339be640b8c1181c468ff8e3f3d1d5692b39cb32404216f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 02:55:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.techtolive.xyz/favicon.ico
142.250.74.179200 OK 331 B URL HTTP/2 www.techtolive.xyz/favicon.ico
IP 142.250.74.179:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash d66cec563c49ab181ab00cf94d243bc0
c8d0eef14b260f20256ff55c848691334a8485ef
43773fb77119750aac76b3817769caceae551d07cdb2a9e6e6fc2caa861e73c6
GET /favicon.ico HTTP/1.1
Host: www.techtolive.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techtolive.xyz/2022/08/indian-entertainment-pubg-whatsapp.html
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=effd56c6-bc94-4078-8c05-8b3969187a63%3A2%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/x-icon; charset=UTF-8
expires: Mon, 28 Nov 2022 02:55:05 GMT
date: Mon, 28 Nov 2022 02:55:05 GMT
cache-control: private, max-age=86400
last-modified: Sun, 27 Nov 2022 15:07:27 GMT
etag: W/"0018271aa2a4e8bca0143c65797b902449919b87c5120161f08bf1a8c85898c0"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 331
server: GSE
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 80423577bb8ca66350f796c228ae9152
39a9a538873e91016bec486f0a39a8f5decf276c
b97b4d704efc28d3c9e1839cc5d08b9663f3f56654d42124e0ec19377a1a9084
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5991
Cache-Control: max-age=164389
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 02:55:05 GMT
Etag: "6383eac7-1d7"
Expires: Wed, 30 Nov 2022 00:34:54 GMT
Last-Modified: Sun, 27 Nov 2022 22:55:03 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 627775c3a804fa2b204735ad46d1de68
71155acfaa5212049108b355b07665432467cc1a
937e883cae16f19760094e80022ae925e2723678dfde030638ebd64e72523820
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "937E883CAE16F19760094E80022AE925E2723678DFDE030638EBD64E72523820"
Last-Modified: Sun, 27 Nov 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2940
Expires: Mon, 28 Nov 2022 03:44:05 GMT
Date: Mon, 28 Nov 2022 02:55:05 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 9f6cc8d3fe9092a6d3901e873a87fd87
2e0aac117a4cc57596efb3d6f6624c269f94b031
e73982e62b92abac3d15b161f4525448cc2bc8b9bacefdcbfc6f87b74ec372e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 02:55:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9165420310627483
216.58.211.2200 OK 49 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9165420310627483
IP 216.58.211.2:0
File type ASCII text, with very long lines (4885)
Hash a79b29a229ed77534580b6b61be86c8a
ff8611136a71019d47c6a6a1c433a200940edeaf
5100c70d00895ec255abb3c22a7fe17959712af091263106cfb17e266fc1b7c1
GET /pagead/js/adsbygoogle.js?client=ca-pub-9165420310627483 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.techtolive.xyz
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 28 Nov 2022 02:55:05 GMT
expires: Mon, 28 Nov 2022 02:55:05 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 8255859975026170509
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49280
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7301300688772049&host=ca-host-pub-1556223355139109
216.58.211.2200 OK 49 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7301300688772049&host=ca-host-pub-1556223355139109
IP 216.58.211.2:0
File type ASCII text, with very long lines (4885)
Hash 3b8d79c83d5e04a7d47d9a819d04fefd
142f0f7d1ba52730989d88eb2afeed41be4af21f
3ae1539c391fc8bb4df86dce4b4498d26d30352cf9c7febf301742758b233304
GET /pagead/js/adsbygoogle.js?client=ca-pub-7301300688772049&host=ca-host-pub-1556223355139109 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.techtolive.xyz
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 28 Nov 2022 02:55:05 GMT
expires: Mon, 28 Nov 2022 02:55:05 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 16642319422877032086
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49149
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
concernederase.com/ntv.json?key=aa95d721af570c636b5eb9f248721758&vstc=3
173.233.137.44200 OK 13 kB URL HTTP/1.1 concernederase.com/ntv.json?key=aa95d721af570c636b5eb9f248721758&vstc=3
IP 173.233.137.44:0
File type JSON data\012- , ASCII text, with very long lines (12761), with no line terminators
Hash 7b46ec4249df43d2058d6ef87157c3ee
735dea2304305b7f64a884f0d08787518ac3c4b0
7625e38c54b5069c959ebf89650efb668a6668070b0de3f949c244db859b1fe1
GET /ntv.json?key=aa95d721af570c636b5eb9f248721758&vstc=3 HTTP/1.1
Host: concernederase.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.techtolive.xyz
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 02:55:05 GMT
Content-Type: application/json
Content-Length: 12761
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.techtolive.xyz
Access-Control-Allow-Origin: https://www.techtolive.xyz
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17558900; expires=Tue, 29 Nov 2022 02:55:05 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 29 Nov 2022 02:55:05 GMT; secure; SameSite=None
uncs=1; expires=Tue, 29 Nov 2022 02:55:05 GMT; secure; SameSite=None
pdhtkv49=true; expires=Tue, 29 Nov 2022 02:55:05 GMT; secure; SameSite=None
uncs49=1; expires=Tue, 29 Nov 2022 02:55:05 GMT; secure; SameSite=None
nlecaa95d721af570c636b5eb9f248721758=[2019380,2229337,2229333]; expires=Mon, 28 Nov 2022 02:55:10 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f83457f9898ce99b78b001aba4060ac4
Strict-Transport-Security: max-age=0; includeSubdomains
www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
142.250.74.164200 OK 665 B URL HTTP/2 www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
IP 142.250.74.164:0
File type ASCII text, with very long lines (1034), with no line terminators
Hash 34e37af4d526255a20a2056cd5f4addf
bcac186d6a49539e69a3f67aa08d0188966f5623
51a2c479b272414cb9d7e1ec62edffbad01217068b73d516d33cb8f26a4fc634
GET /recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Mon, 28 Nov 2022 02:55:05 GMT
date: Mon, 28 Nov 2022 02:55:05 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 665
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 770555aa8a0a52c611bafb289ca8a650
62504cadc49747f328e3c31ad3aa7a740043072c
6317c8530220392b1339be640b8c1181c468ff8e3f3d1d5692b39cb32404216f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 02:55:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.techtolive.xyz/feeds/posts/default?alt=json-in-script&max-results=6&callback=jQuery1124042903684836299383_1669604104178&_=1669604104179
142.250.74.179200 OK 23 kB URL HTTP/2 www.techtolive.xyz/feeds/posts/default?alt=json-in-script&max-results=6&callback=jQuery1124042903684836299383_1669604104178&_=1669604104179
IP 142.250.74.179:0
File type Unicode text, UTF-8 text, with very long lines (65334)
Hash 27ddd49f54c1434114dc34fadd1fbfdb
7fea0939bc6b98037928137872a899b45575c317
36660a0f092d8ebd2d2bcaff6ab9453629caf33b0f55cea40989a20fdea96f53
GET /feeds/posts/default?alt=json-in-script&max-results=6&callback=jQuery1124042903684836299383_1669604104178&_=1669604104179 HTTP/1.1
Host: www.techtolive.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.techtolive.xyz/2022/08/indian-entertainment-pubg-whatsapp.html
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=effd56c6-bc94-4078-8c05-8b3969187a63%3A2%3A1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
etag: W/"58a4a14e8a1b7d8d71a6be822b39ee55426cf38e436e040e6ef74db5f485bda6"
date: Mon, 28 Nov 2022 02:55:05 GMT
content-type: text/javascript; charset=UTF-8
server: blogger-renderd
expires: Mon, 28 Nov 2022 02:55:06 GMT
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Sun, 27 Nov 2022 15:07:27 GMT
content-encoding: gzip
content-length: 22698
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 88e42375d2172305f819b892225cf877
674324641f82700172e72fe259ee2241361e2ea1
6dce3754a67df878b536c368657a492a1f908d408fe7fe5ba43c5d24c44434b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 02:55:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 72e278c32e6d5f06a97a7c36dfe35514
f5d9c5bb4a10ea9bfb7f829dcff2a3fc7298397e
fe9de8dbde2a414f1a4ff1b02b923be949c46ddfabc7e4324955e3de70c4916b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 02:55:05 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 00:52:21 GMT
Expires: Mon, 05 Dec 2022 00:52:20 GMT
Etag: "f5d9c5bb4a10ea9bfb7f829dcff2a3fc7298397e"
Cache-Control: max-age=596834,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 770fd29b58460b61-OSL
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
216.58.207.194200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
IP 216.58.207.194:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20221110/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Sun, 27 Nov 2022 11:45:52 GMT
expires: Sun, 11 Dec 2022 11:45:52 GMT
cache-control: public, max-age=1209600
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
age: 54553
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.techtolive.xyz/feeds/posts/default?max-results=3&start-index=3&alt=json-in-script&callback=jQuery1124042903684836299383_1669604104180&_=1669604104181
142.250.74.179200 OK 7.5 kB URL HTTP/2 www.techtolive.xyz/feeds/posts/default?max-results=3&start-index=3&alt=json-in-script&callback=jQuery1124042903684836299383_1669604104180&_=1669604104181
IP 142.250.74.179:0
File type Unicode text, UTF-8 text, with very long lines (33275)
Hash 9800fb8bd90c6808da0a0f65de8272ff
d9452ad0d4826f4ed13963d1392f8cb9ac2ad076
c81936184833629d9cec2a62b0788dc036cd9a1b63800fdfb34b2549d4b1d498
GET /feeds/posts/default?max-results=3&start-index=3&alt=json-in-script&callback=jQuery1124042903684836299383_1669604104180&_=1669604104181 HTTP/1.1
Host: www.techtolive.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.techtolive.xyz/2022/08/indian-entertainment-pubg-whatsapp.html
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=effd56c6-bc94-4078-8c05-8b3969187a63%3A2%3A1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
etag: W/"4426dd799b596b9228c14ad873670f487532c953158803f55168c7981ef0d1dd"
date: Mon, 28 Nov 2022 02:55:05 GMT
content-type: text/javascript; charset=UTF-8
server: blogger-renderd
expires: Mon, 28 Nov 2022 02:55:06 GMT
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Sun, 27 Nov 2022 15:07:27 GMT
content-encoding: gzip
content-length: 7461
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 88e42375d2172305f819b892225cf877
674324641f82700172e72fe259ee2241361e2ea1
6dce3754a67df878b536c368657a492a1f908d408fe7fe5ba43c5d24c44434b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 02:55:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
oaphoace.net/401/5330694
139.45.197.239200 OK 32 kB IP 139.45.197.239:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash d22bab6a81988a23264280d187ea19e7
cb31db705f3ec0659f391c9e3f1526d339f2994e
bdb68ba04e8981eb6e467d927a9076d43d7b946cd454ada67dd1502b696ee7b0
Analyzer Verdict Alert quad9 Sinkholed
GET /401/5330694 HTTP/1.1
Host: oaphoace.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 02:55:04 GMT
content-type: application/javascript
x-trace-id: cb85418446d89ea1b9c2aa7aa533ac63
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=4462f7b28d674978afcaf296ec0c6a84; expires=Tue, 28 Nov 2023 02:55:04 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.163200 OK 472 B URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.163:0
Hash 7207a5076b63fb5f39b9436ced9fb18f
cdd84ecfe85882601e81f11783d9f63b30084de3
6d4543402df8135d5860ecd47dd52d96d66d2e1ac6feec11accb5f43f2da7d0d
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 21:26:04 GMT
expires: Sun, 26 Nov 2023 21:26:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 106141
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
play.google.com/log?format=json&hasfast=true&authuser=0
142.250.74.110200 OK 0 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP 142.250.74.110:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Mon, 28 Nov 2022 02:55:05 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+115; expires=Wed, 27-Nov-2024 02:55:05 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 28 Nov 2022 02:55:05 GMT
cache-control: private
X-Firefox-Spdy: h2
play.google.com/log?format=json&hasfast=true&authuser=0
142.250.74.110200 OK 131 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP 142.250.74.110:0
File type JSON data\012- , ASCII text, with no line terminators
Hash babb6f090aeebc6f421624475b4aefff
06079b7547949822c118224e51604f4c5ebf80c8
b2fe8b91f31edc7284cc9690e90dd4a38d985598374df68967d917590beb55dd
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 2978
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Mon, 28 Nov 2022 02:55:05 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+306; expires=Wed, 27-Nov-2024 02:55:05 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 28 Nov 2022 02:55:05 GMT
X-Firefox-Spdy: h2
oaphoace.net/500/5330694?excludes=&oaid=19974a92c7e446d2b6e60c4722cd61ff&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fwww.techtolive.xyz%2F2022%2F08%2Findian-entertainment-pubg-whatsapp.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 0 B URL HTTP/2 oaphoace.net/500/5330694?excludes=&oaid=19974a92c7e446d2b6e60c4722cd61ff&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fwww.techtolive.xyz%2F2022%2F08%2Findian-entertainment-pubg-whatsapp.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /500/5330694?excludes=&oaid=19974a92c7e446d2b6e60c4722cd61ff&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fwww.techtolive.xyz%2F2022%2F08%2Findian-entertainment-pubg-whatsapp.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: oaphoace.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://www.techtolive.xyz/
Origin: https://www.techtolive.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 02:55:05 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://www.techtolive.xyz
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
www.techtolive.xyz/2022/08/monetizemore-review-for-publishers.html
142.250.74.179200 OK 61 kB URL HTTP/2 www.techtolive.xyz/2022/08/monetizemore-review-for-publishers.html
IP 142.250.74.179:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2382)
Hash c7b223e9de8980dc95ebbb901c37d7e2
fffeedb3c7c9f92645292fa31322bd0fa605bb88
24d5b969e095f8124e68cde4d05f07a0b358c5f27f51fb65c7ad60145f16102f
GET /2022/08/monetizemore-review-for-publishers.html HTTP/1.1
Host: www.techtolive.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.techtolive.xyz/2022/08/indian-entertainment-pubg-whatsapp.html
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=effd56c6-bc94-4078-8c05-8b3969187a63%3A2%3A1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Mon, 28 Nov 2022 02:55:05 GMT
date: Mon, 28 Nov 2022 02:55:05 GMT
cache-control: private, max-age=0
last-modified: Sun, 27 Nov 2022 15:07:27 GMT
etag: W/"0018271aa2a4e8bca0143c65797b902449919b87c5120161f08bf1a8c85898c0"
x-robots-tag: all,noodp
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 61150
server: GSE
X-Firefox-Spdy: h2
concernederase.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSu3sSDuyC4ehF%2FMCiCiky6Z6YzMy6yuK4rwZjE%2FUHwWF1VPSlT3dVU9Y%2FJnIIrsscRL%2Bqp802yQV0W9w8QZCLIEhAzlyUH8x94EhaP0rMDow%2F6vff19w7f9159uZedERcZPd34WA%2BkUnTJr7u1NzZlzHVha2s3a55bdy%2FVNmW83LpU61fJ5O94rl9336x9KNi2Xmq4nut6rle7Jo0IdX9pykIm97pevevWW42657fQN%2F%2FHNnNgqQOen5GLkHzy1NbDB5BsjDj66aqw26lO3v4gyhRNtUHOD2%2FF27EuYkTzNjQOwvhwNg1tJ4R8cw46Ppw5gM73KwcI5IQ4jzwE8eFMJoL84InSQEHECPgFFPkYQo0h6RhM34bkJwRgHGvriKO7a9oUdOcJSyt2QhYf%2Fw1ZTMjin88jju5fUbJfu6FVlkodW%2FTDErI%2FhuyNkWRHSAcOZHEEln4OyX8nS49XEUf761ZpSF5O3Us5hgzHUGIIah1k1ScdZKGDLHEQ8dMa9buh67bDIGw2Oy3GWLPJmN9Z5j5vtjqhi4xV8oZIkyGYGoKZXSRmF9vyqxP%2FIkz2C%2BxWCcsd2HRCnE92kfMShSAoLEFBCQpJUKQERV4ecGUbtrzLlc0Cb1Ybs9osRzrt7dEDnfZETPaSM%2FJstRrnwl8ptsVpjdKuz9sNj4Z%2B22XLzeXAF0E3bLQ67YbX9juwsoS056ZuB3JCXi6WkMgJWYxeRECPYNURmHwJNPNAi1G74YJujVodF4P4firYVqqVzEW9vzMA1yWSdBHpjrOnzsgL0yO98kcLgh1f%2Fu38u8no0XkwUyIxJT6TvxL01J3RdV2Q%2Feu6sOTBepLKSA5odcAbKU3Fwg8fiZ1CG75y1Q6%2Ff49VRNXeuylsukpjLuOeJT9ekZwLc00bJsjPK3ZTBBuZ3bqSmThLVjfev7YSJUZYK3U8BpUn6%2F%2BAVRZff276NJ85eQvSjGGyElF2TGYBqY%2FAkl3YZK7eagKj5jNB4qDIypFpBPOfShIoMcc0KGH%2Fg4N5v2fvoGcWQNPbiKMSuSmRqxJUDWGz86M0MceXH35bxXcI1MIoUGZhP1BGfT1d7YS8uvhplW7BytOa8EM3FG5DBGE3CNvU5d2w1Q1o1xPtwKceUjthX7z29L8AAAD%2F%2FwEAAP%2F%2F2sMeVHwEAAA%3D
173.233.137.44200 OK 7 B URL HTTP/1.1 concernederase.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSu3sSDuyC4ehF%2FMCiCiky6Z6YzMy6yuK4rwZjE%2FUHwWF1VPSlT3dVU9Y%2FJnIIrsscRL%2Bqp802yQV0W9w8QZCLIEhAzlyUH8x94EhaP0rMDow%2F6vff19w7f9159uZedERcZPd34WA%2BkUnTJr7u1NzZlzHVha2s3a55bdy%2FVNmW83LpU61fJ5O94rl9336x9KNi2Xmq4nut6rle7Jo0IdX9pykIm97pevevWW42657fQN%2F%2FHNnNgqQOen5GLkHzy1NbDB5BsjDj66aqw26lO3v4gyhRNtUHOD2%2FF27EuYkTzNjQOwvhwNg1tJ4R8cw46Ppw5gM73KwcI5IQ4jzwE8eFMJoL84InSQEHECPgFFPkYQo0h6RhM34bkJwRgHGvriKO7a9oUdOcJSyt2QhYf%2Fw1ZTMjin88jju5fUbJfu6FVlkodW%2FTDErI%2FhuyNkWRHSAcOZHEEln4OyX8nS49XEUf761ZpSF5O3Us5hgzHUGIIah1k1ScdZKGDLHEQ8dMa9buh67bDIGw2Oy3GWLPJmN9Z5j5vtjqhi4xV8oZIkyGYGoKZXSRmF9vyqxP%2FIkz2C%2BxWCcsd2HRCnE92kfMShSAoLEFBCQpJUKQERV4ecGUbtrzLlc0Cb1Ybs9osRzrt7dEDnfZETPaSM%2FJstRrnwl8ptsVpjdKuz9sNj4Z%2B22XLzeXAF0E3bLQ67YbX9juwsoS056ZuB3JCXi6WkMgJWYxeRECPYNURmHwJNPNAi1G74YJujVodF4P4firYVqqVzEW9vzMA1yWSdBHpjrOnzsgL0yO98kcLgh1f%2Fu38u8no0XkwUyIxJT6TvxL01J3RdV2Q%2Feu6sOTBepLKSA5odcAbKU3Fwg8fiZ1CG75y1Q6%2Ff49VRNXeuylsukpjLuOeJT9ekZwLc00bJsjPK3ZTBBuZ3bqSmThLVjfev7YSJUZYK3U8BpUn6%2F%2BAVRZff276NJ85eQvSjGGyElF2TGYBqY%2FAkl3YZK7eagKj5jNB4qDIypFpBPOfShIoMcc0KGH%2Fg4N5v2fvoGcWQNPbiKMSuSmRqxJUDWGz86M0MceXH35bxXcI1MIoUGZhP1BGfT1d7YS8uvhplW7BytOa8EM3FG5DBGE3CNvU5d2w1Q1o1xPtwKceUjthX7z29L8AAAD%2F%2FwEAAP%2F%2F2sMeVHwEAAA%3D
IP 173.233.137.44:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSu3sSDuyC4ehF%2FMCiCiky6Z6YzMy6yuK4rwZjE%2FUHwWF1VPSlT3dVU9Y%2FJnIIrsscRL%2Bqp802yQV0W9w8QZCLIEhAzlyUH8x94EhaP0rMDow%2F6vff19w7f9159uZedERcZPd34WA%2BkUnTJr7u1NzZlzHVha2s3a55bdy%2FVNmW83LpU61fJ5O94rl9336x9KNi2Xmq4nut6rle7Jo0IdX9pykIm97pevevWW42657fQN%2F%2FHNnNgqQOen5GLkHzy1NbDB5BsjDj66aqw26lO3v4gyhRNtUHOD2%2FF27EuYkTzNjQOwvhwNg1tJ4R8cw46Ppw5gM73KwcI5IQ4jzwE8eFMJoL84InSQEHECPgFFPkYQo0h6RhM34bkJwRgHGvriKO7a9oUdOcJSyt2QhYf%2Fw1ZTMjin88jju5fUbJfu6FVlkodW%2FTDErI%2FhuyNkWRHSAcOZHEEln4OyX8nS49XEUf761ZpSF5O3Us5hgzHUGIIah1k1ScdZKGDLHEQ8dMa9buh67bDIGw2Oy3GWLPJmN9Z5j5vtjqhi4xV8oZIkyGYGoKZXSRmF9vyqxP%2FIkz2C%2BxWCcsd2HRCnE92kfMShSAoLEFBCQpJUKQERV4ecGUbtrzLlc0Cb1Ybs9osRzrt7dEDnfZETPaSM%2FJstRrnwl8ptsVpjdKuz9sNj4Z%2B22XLzeXAF0E3bLQ67YbX9juwsoS056ZuB3JCXi6WkMgJWYxeRECPYNURmHwJNPNAi1G74YJujVodF4P4firYVqqVzEW9vzMA1yWSdBHpjrOnzsgL0yO98kcLgh1f%2Fu38u8no0XkwUyIxJT6TvxL01J3RdV2Q%2Feu6sOTBepLKSA5odcAbKU3Fwg8fiZ1CG75y1Q6%2Ff49VRNXeuylsukpjLuOeJT9ekZwLc00bJsjPK3ZTBBuZ3bqSmThLVjfev7YSJUZYK3U8BpUn6%2F%2BAVRZff276NJ85eQvSjGGyElF2TGYBqY%2FAkl3YZK7eagKj5jNB4qDIypFpBPOfShIoMcc0KGH%2Fg4N5v2fvoGcWQNPbiKMSuSmRqxJUDWGz86M0MceXH35bxXcI1MIoUGZhP1BGfT1d7YS8uvhplW7BytOa8EM3FG5DBGE3CNvU5d2w1Q1o1xPtwKceUjthX7z29L8AAAD%2F%2FwEAAP%2F%2F2sMeVHwEAAA%3D HTTP/1.1
Host: concernederase.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Cookie: u_pl=17558900; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlecaa95d721af570c636b5eb9f248721758=[2019380,2229337,2229333]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 02:55:05 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 010f39b0a910a0ea8605553a1744a56f
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d02308d366e622aa26e632ea017600cc
c16673d53c20ac70efbda483ca12b4374a76105c
ad8ccb9b049120b7e44a79dcbc9caab326567933cfce70608bc812237319a0ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD8CCB9B049120B7E44A79DCBC9CAAB326567933CFCE70608BC812237319A0EC"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10534
Expires: Mon, 28 Nov 2022 05:50:39 GMT
Date: Mon, 28 Nov 2022 02:55:05 GMT
Connection: keep-alive
oaphoace.net/500/5330694?excludes=&oaid=19974a92c7e446d2b6e60c4722cd61ff&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fwww.techtolive.xyz%2F2022%2F08%2Findian-entertainment-pubg-whatsapp.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 1.7 kB URL HTTP/2 oaphoace.net/500/5330694?excludes=&oaid=19974a92c7e446d2b6e60c4722cd61ff&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fwww.techtolive.xyz%2F2022%2F08%2Findian-entertainment-pubg-whatsapp.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
Hash 0ec480330c6c6862fc0e50fe7989cb36
9a10d65ee85be7c3b3d23b7bfe432606e2f6499b
c15b246071af58b216572291f96f6dd6833adf5826dd276f20b0680293cf83f3
Analyzer Verdict Alert quad9 Sinkholed
GET /500/5330694?excludes=&oaid=19974a92c7e446d2b6e60c4722cd61ff&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fwww.techtolive.xyz%2F2022%2F08%2Findian-entertainment-pubg-whatsapp.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: oaphoace.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://www.techtolive.xyz
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Cookie: OAID=4462f7b28d674978afcaf296ec0c6a84
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 02:55:05 GMT
content-type: application/javascript
x-trace-id: 45fc0fee9544b577ff37d780f4f116d2
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://www.techtolive.xyz
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=19974a92c7e446d2b6e60c4722cd61ff; expires=Tue, 28 Nov 2023 02:55:05 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
lightssyrupdecree.com/watch.1638424876425.js?key=b0e41b943632dca3fd17e8bc87c8eb03&kw=%5B%22indian%22%2C%22entertainment%22%2C%22pubg%22%2C%22whatsapp%22%2C%22group%22%2C%22new%22%2C%22whatsapp%22%2C%22groups%22%2C%22links%22%5D&refer=https%3A%2F%2Fwww.techtolive.xyz%2F2022%2F08%2Findian-entertainment-pubg-whatsapp.html&tz=0&dev=e&res=12.1055&uuid=effd56c6-bc94-4078-8c05-8b3969187a63%3A2%3A1&shu=03612b8f0fe808cc2f9caa792457ad01b4aa25b41448747d82879c56ec3ee3f0dc76c59266fcc5791a60d75e60d9161b47b3f2bcdcafdff2013bd689d7a8cdc049470c08864a4dbff5cb4e8e137624579bfb0a72&pst=1669604165&rmtc=t
192.243.59.13200 OK 2.1 kB URL HTTP/1.1 lightssyrupdecree.com/watch.1638424876425.js?key=b0e41b943632dca3fd17e8bc87c8eb03&kw=%5B%22indian%22%2C%22entertainment%22%2C%22pubg%22%2C%22whatsapp%22%2C%22group%22%2C%22new%22%2C%22whatsapp%22%2C%22groups%22%2C%22links%22%5D&refer=https%3A%2F%2Fwww.techtolive.xyz%2F2022%2F08%2Findian-entertainment-pubg-whatsapp.html&tz=0&dev=e&res=12.1055&uuid=effd56c6-bc94-4078-8c05-8b3969187a63%3A2%3A1&shu=03612b8f0fe808cc2f9caa792457ad01b4aa25b41448747d82879c56ec3ee3f0dc76c59266fcc5791a60d75e60d9161b47b3f2bcdcafdff2013bd689d7a8cdc049470c08864a4dbff5cb4e8e137624579bfb0a72&pst=1669604165&rmtc=t
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (2621)
Hash 9ac029b04e24beb6664e1c1c894ed722
f9a51d15ae849e4c8f0c2e0ee5dcf386ad7542c5
12b6542ddbb5053f9ecbabc58c6d345c570100af67325295332e24adc1a73436
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1638424876425.js?key=b0e41b943632dca3fd17e8bc87c8eb03&kw=%5B%22indian%22%2C%22entertainment%22%2C%22pubg%22%2C%22whatsapp%22%2C%22group%22%2C%22new%22%2C%22whatsapp%22%2C%22groups%22%2C%22links%22%5D&refer=https%3A%2F%2Fwww.techtolive.xyz%2F2022%2F08%2Findian-entertainment-pubg-whatsapp.html&tz=0&dev=e&res=12.1055&uuid=effd56c6-bc94-4078-8c05-8b3969187a63%3A2%3A1&shu=03612b8f0fe808cc2f9caa792457ad01b4aa25b41448747d82879c56ec3ee3f0dc76c59266fcc5791a60d75e60d9161b47b3f2bcdcafdff2013bd689d7a8cdc049470c08864a4dbff5cb4e8e137624579bfb0a72&pst=1669604165&rmtc=t HTTP/1.1
Host: lightssyrupdecree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.techtolive.xyz
Referer: https://www.techtolive.xyz/
Connection: keep-alive
Cookie: u_pl=17499697; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzQ5OTY5NywiayI6ImIwZTQxYjk0MzYzMmRjYTNmZDE3ZThiYzg3YzhlYjAzIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTMxMDU1LCJwaWQiOjI5MDA3NSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyMywicHQiOjQsInBrIjoicXppMzA1bXAiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cudGVjaHRvbGl2ZS54eXovMjAyMi8wOC9pbmRpYW4tZW50ZXJ0YWlubWVudC1wdWJnLXdoYXRzYXBwLmh0bWwifX0._oa_vV9JgNvA2rQwcEaurFj5M3ITEL7QXsK1ImY-Nuc
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 28 Nov 2022 02:55:05 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.techtolive.xyz
Access-Control-Allow-Origin: https://www.techtolive.xyz
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=effd56c6-bc94-4078-8c05-8b3969187a63:2:1; expires=Mon, 05 Dec 2022 02:55:05 GMT; secure; SameSite=None
iprc22e9b2938028b4add8063ffd2c010a0c=3569808; expires=Mon, 28 Nov 2022 06:55:05 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 29 Nov 2022 02:55:05 GMT; secure; SameSite=None
uncs=1; expires=Tue, 29 Nov 2022 02:55:05 GMT; secure; SameSite=None
pdhtkv23=true; expires=Tue, 29 Nov 2022 02:55:05 GMT; secure; SameSite=None
uncs23=1; expires=Tue, 29 Nov 2022 02:55:05 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a122ac04a12cad20cb1a487cfc11d0ef
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdn.cloudimagesb.com/cti/d7/14/ea/d714ea0356c58a2679ce4074962c0e16/1588233398.jpeg
45.133.44.10200 OK 23 kB URL HTTP/2 cdn.cloudimagesb.com/cti/d7/14/ea/d714ea0356c58a2679ce4074962c0e16/1588233398.jpeg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash 9a2dc4fe2ebb70df2dfb1566d22970b8
b85a5f4ef7bd68b834d03d8b9a552e2e546e8701
1983c705f5f4315c8cd002183eb9ed3c846abed8fc2a6f0a073185c249552efd
GET /cti/d7/14/ea/d714ea0356c58a2679ce4074962c0e16/1588233398.jpeg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 02:55:05 GMT
content-type: image/jpeg
content-length: 22757
server: nginx/1.17.6
last-modified: Thu, 30 Apr 2020 07:56:41 GMT
etag: "5eaa84b9-58e5"
expires: Wed, 30 Nov 2022 02:55:05 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/d6/e8/37/d6e83777d7311d26f1ac5b2b62a81218/1588233535.jpg
45.133.44.10200 OK 28 kB URL HTTP/2 cdn.cloudimagesb.com/cti/d6/e8/37/d6e83777d7311d26f1ac5b2b62a81218/1588233535.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash 1dcde64d47d24d151a1433ecf4403dd7
443d6704b5a294e000084d7a8ac823e526093928
d11bcd65a82589c2c31d6fd87cb16ec673dd5640462ad3d20ff53e014a435376
GET /cti/d6/e8/37/d6e83777d7311d26f1ac5b2b62a81218/1588233535.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 02:55:05 GMT
content-type: image/jpeg
content-length: 27832
server: nginx/1.17.6
last-modified: Thu, 30 Apr 2020 07:58:58 GMT
etag: "5eaa8542-6cb8"
expires: Wed, 30 Nov 2022 02:55:05 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.techtolive.xyz/2022/08/how-to-make-money-online-2022-online.html
142.250.74.179200 OK 55 kB URL HTTP/2 www.techtolive.xyz/2022/08/how-to-make-money-online-2022-online.html
IP 142.250.74.179:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2382)
Hash fc850e22a61fb440ee9da71d492775b8
38ccccdd808220830a5700d70b947de5120656bf
707ee654ca680b8d5e1dce4bde9fb7dfce0db0cb79d97768aab40b48619e0976
GET /2022/08/how-to-make-money-online-2022-online.html HTTP/1.1
Host: www.techtolive.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.techtolive.xyz/2022/08/indian-entertainment-pubg-whatsapp.html
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=effd56c6-bc94-4078-8c05-8b3969187a63%3A2%3A1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
content-security-policy-report-only: default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; report-uri https://www.blogger.com/cspreport
content-type: text/html; charset=UTF-8
expires: Mon, 28 Nov 2022 02:55:05 GMT
date: Mon, 28 Nov 2022 02:55:05 GMT
cache-control: private, max-age=0
last-modified: Sun, 27 Nov 2022 15:07:27 GMT
etag: W/"0018271aa2a4e8bca0143c65797b902449919b87c5120161f08bf1a8c85898c0"
x-robots-tag: all,noodp
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 55295
server: GSE
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjbsWQUecrPi5n9j-x1QgyUW7I3n8J3J_EMTvjP17BLZkhfejT2HsrPjNYXiZ2ootJwXubcvrkMoyc-B8QpFjBj6DE3SZbRakKjGZWQ9GNgylzpGA-GtGFl2fla5o5fLGAyr7NIudMwv2y6lsP77ETHEwyBWTVPbxSa7R5YQ9CWnt2zTe9TL83KK5eD/w100/GettyImages-1371828696-1440x864.webp
142.250.74.33200 OK 3.1 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjbsWQUecrPi5n9j-x1QgyUW7I3n8J3J_EMTvjP17BLZkhfejT2HsrPjNYXiZ2ootJwXubcvrkMoyc-B8QpFjBj6DE3SZbRakKjGZWQ9GNgylzpGA-GtGFl2fla5o5fLGAyr7NIudMwv2y6lsP77ETHEwyBWTVPbxSa7R5YQ9CWnt2zTe9TL83KK5eD/w100/GettyImages-1371828696-1440x864.webp
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 100x60, components 3\012- data
Hash 22329e370c1728afa92d0bfbbe954707
b65e1e8de7a5aeaf2e7ada8983baa892911c58d1
28ab739b9c7f9a3642a31d0d6ddbe307c378e5369d96542496295cffc79002b4
GET /img/b/R29vZ2xl/AVvXsEjbsWQUecrPi5n9j-x1QgyUW7I3n8J3J_EMTvjP17BLZkhfejT2HsrPjNYXiZ2ootJwXubcvrkMoyc-B8QpFjBj6DE3SZbRakKjGZWQ9GNgylzpGA-GtGFl2fla5o5fLGAyr7NIudMwv2y6lsP77ETHEwyBWTVPbxSa7R5YQ9CWnt2zTe9TL83KK5eD/w100/GettyImages-1371828696-1440x864.webp HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v31bb"
expires: Tue, 29 Nov 2022 02:55:05 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="GettyImages-1371828696-1440x864.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 02:55:05 GMT
server: fife
content-length: 3053
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/5e/78/a9/5e78a94057ff65f06ec19e727c7be04f/1588233511.jpg
45.133.44.10200 OK 24 kB URL HTTP/2 cdn.cloudimagesb.com/cti/5e/78/a9/5e78a94057ff65f06ec19e727c7be04f/1588233511.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash d71c872fb9f50bd9383abc0721d1d51e
1f69b40ef2f95798b4e0fd738d630ad4319cd739
6b4a622b9de1ffab8fe905fc8c4633994c732476664b5190ceedd62a3795ab08
GET /cti/5e/78/a9/5e78a94057ff65f06ec19e727c7be04f/1588233511.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 02:55:05 GMT
content-type: image/jpeg
content-length: 24518
server: nginx/1.17.6
last-modified: Thu, 30 Apr 2020 07:58:34 GMT
etag: "5eaa852a-5fc6"
expires: Wed, 30 Nov 2022 02:55:05 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
concernederase.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST2sk1Rd9leS3%2BGU2OroR%2F9AogoJ0qrq70t0OMhjHSDAmcf4QXL5671XnmVf1ivequjq9Co7ILFvcqKvK6WSCOgzOBxCkI8gQFNObIQvzDcSFMLiU6mlovVD33lPnLs659312kF0QFxk93%2FpA96VSdMmvupXXtmXMdW4rGzcrnlt1r1S2ZbzcuFLplcl03%2FRcv%2Bq%2BXnlPsF29VHM91%2FVcr7IqjQh1b2nCQib32l617VYbtarnN9Az%2F8U2c2CpA969IJch%2Bfh%2FOw8fQLIR4uj7a8Lupjp5490oUzTVBl1%2BfCvejXUeI5q1oXEQxsfTaWg7JuTLOej4eOoAuntYOkAgx8R55CGIj6cyEXSPnigNFESMgF9C3h1BqBEkHYHp25D8jACMY2MTcXR3Q5uc7j1hacmOycLjvyDzMVn4%2FVnE0f0VJXuVG1plqdSxRS8sIHsjyM4ISXaCtO9A5idg6SeQ%2FFey9HgdcXS4aZWG5MXEvZQjyHAEJQag1kFWftJBFjrIEgcRP69Qvx26bjMMwnq91WCM1euM%2Ba1l7vN6oxW6yFgpb4A0GYCpAZjZR2L2sSs%2FP%2FMvw2Q%2Fwu4UsNyBTcfE%2BXAfXV4gFwS5JcgpQS4J8pQg7xZHXNmaLe5yZbPAm9batNaLoU47B%2FRIpx0Rk4Pkgjxdrsa59EeKXXFeobTt82bNo6HfdNlyfTnwRdAOa41Ws%2BY1%2FRasLCDt3MRtX47Ji%2FkSEjkmC9HzCOgJrDoBky%2BAZh5oPmzWXNCdYaPloh%2FfTwXbSbWSXVHt7fXBdYEkXUC65xyoC%2FLc5EgvL3wEwU6v%2Frz4VjJ8tAhmCiSmwMfyJ4KOujO8rnNyeF3nljzYTFIZyT4tD3gjpamY%2F%2FZ9sZdrw9eu2cE3b7OSKNt7N4VN12nMZdyx5LsVybkwq9owQX5Ys9si2Mrszkpm4ixZ33pndS1KjLBW6ngEKs82%2FwYrLb76zORpPvXLn5BmBJMViLJTMg1IfQKW7MMmM%2FVWExg1mwmSOeRZMTS1YPZTSQIlZpgGBey%2FcDDrD%2BwddMw8aHobcVSgawp0VQGqBrDZ4jBNzOnVh1%2BV8TUCNT8MlJk%2FDJRRX4zJS781Jvst0y1YeV4RfuiGwq2JIGwHYZO6vB022gFte6IZ%2BNRDasfs01f%2B%2Fw8AAAD%2F%2FwEAAP%2F%2FUXD%2Bu3wEAAA%3D
173.233.137.44200 OK 7 B URL HTTP/1.1 concernederase.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST2sk1Rd9leS3%2BGU2OroR%2F9AogoJ0qrq70t0OMhjHSDAmcf4QXL5671XnmVf1ivequjq9Co7ILFvcqKvK6WSCOgzOBxCkI8gQFNObIQvzDcSFMLiU6mlovVD33lPnLs659312kF0QFxk93%2FpA96VSdMmvupXXtmXMdW4rGzcrnlt1r1S2ZbzcuFLplcl03%2FRcv%2Bq%2BXnlPsF29VHM91%2FVcr7IqjQh1b2nCQib32l617VYbtarnN9Az%2F8U2c2CpA969IJch%2Bfh%2FOw8fQLIR4uj7a8Lupjp5490oUzTVBl1%2BfCvejXUeI5q1oXEQxsfTaWg7JuTLOej4eOoAuntYOkAgx8R55CGIj6cyEXSPnigNFESMgF9C3h1BqBEkHYHp25D8jACMY2MTcXR3Q5uc7j1hacmOycLjvyDzMVn4%2FVnE0f0VJXuVG1plqdSxRS8sIHsjyM4ISXaCtO9A5idg6SeQ%2FFey9HgdcXS4aZWG5MXEvZQjyHAEJQag1kFWftJBFjrIEgcRP69Qvx26bjMMwnq91WCM1euM%2Ba1l7vN6oxW6yFgpb4A0GYCpAZjZR2L2sSs%2FP%2FMvw2Q%2Fwu4UsNyBTcfE%2BXAfXV4gFwS5JcgpQS4J8pQg7xZHXNmaLe5yZbPAm9batNaLoU47B%2FRIpx0Rk4Pkgjxdrsa59EeKXXFeobTt82bNo6HfdNlyfTnwRdAOa41Ws%2BY1%2FRasLCDt3MRtX47Ji%2FkSEjkmC9HzCOgJrDoBky%2BAZh5oPmzWXNCdYaPloh%2FfTwXbSbWSXVHt7fXBdYEkXUC65xyoC%2FLc5EgvL3wEwU6v%2Frz4VjJ8tAhmCiSmwMfyJ4KOujO8rnNyeF3nljzYTFIZyT4tD3gjpamY%2F%2FZ9sZdrw9eu2cE3b7OSKNt7N4VN12nMZdyx5LsVybkwq9owQX5Ys9si2Mrszkpm4ixZ33pndS1KjLBW6ngEKs82%2FwYrLb76zORpPvXLn5BmBJMViLJTMg1IfQKW7MMmM%2FVWExg1mwmSOeRZMTS1YPZTSQIlZpgGBey%2FcDDrD%2BwddMw8aHobcVSgawp0VQGqBrDZ4jBNzOnVh1%2BV8TUCNT8MlJk%2FDJRRX4zJS781Jvst0y1YeV4RfuiGwq2JIGwHYZO6vB022gFte6IZ%2BNRDasfs01f%2B%2Fw8AAAD%2F%2FwEAAP%2F%2FUXD%2Bu3wEAAA%3D
IP 173.233.137.44:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RST2sk1Rd9leS3%2BGU2OroR%2F9AogoJ0qrq70t0OMhjHSDAmcf4QXL5671XnmVf1ivequjq9Co7ILFvcqKvK6WSCOgzOBxCkI8gQFNObIQvzDcSFMLiU6mlovVD33lPnLs659312kF0QFxk93%2FpA96VSdMmvupXXtmXMdW4rGzcrnlt1r1S2ZbzcuFLplcl03%2FRcv%2Bq%2BXnlPsF29VHM91%2FVcr7IqjQh1b2nCQib32l617VYbtarnN9Az%2F8U2c2CpA969IJch%2Bfh%2FOw8fQLIR4uj7a8Lupjp5490oUzTVBl1%2BfCvejXUeI5q1oXEQxsfTaWg7JuTLOej4eOoAuntYOkAgx8R55CGIj6cyEXSPnigNFESMgF9C3h1BqBEkHYHp25D8jACMY2MTcXR3Q5uc7j1hacmOycLjvyDzMVn4%2FVnE0f0VJXuVG1plqdSxRS8sIHsjyM4ISXaCtO9A5idg6SeQ%2FFey9HgdcXS4aZWG5MXEvZQjyHAEJQag1kFWftJBFjrIEgcRP69Qvx26bjMMwnq91WCM1euM%2Ba1l7vN6oxW6yFgpb4A0GYCpAZjZR2L2sSs%2FP%2FMvw2Q%2Fwu4UsNyBTcfE%2BXAfXV4gFwS5JcgpQS4J8pQg7xZHXNmaLe5yZbPAm9batNaLoU47B%2FRIpx0Rk4Pkgjxdrsa59EeKXXFeobTt82bNo6HfdNlyfTnwRdAOa41Ws%2BY1%2FRasLCDt3MRtX47Ji%2FkSEjkmC9HzCOgJrDoBky%2BAZh5oPmzWXNCdYaPloh%2FfTwXbSbWSXVHt7fXBdYEkXUC65xyoC%2FLc5EgvL3wEwU6v%2Frz4VjJ8tAhmCiSmwMfyJ4KOujO8rnNyeF3nljzYTFIZyT4tD3gjpamY%2F%2FZ9sZdrw9eu2cE3b7OSKNt7N4VN12nMZdyx5LsVybkwq9owQX5Ys9si2Mrszkpm4ixZ33pndS1KjLBW6ngEKs82%2FwYrLb76zORpPvXLn5BmBJMViLJTMg1IfQKW7MMmM%2FVWExg1mwmSOeRZMTS1YPZTSQIlZpgGBey%2FcDDrD%2BwddMw8aHobcVSgawp0VQGqBrDZ4jBNzOnVh1%2BV8TUCNT8MlJk%2FDJRRX4zJS781Jvst0y1YeV4RfuiGwq2JIGwHYZO6vB022gFte6IZ%2BNRDasfs01f%2B%2Fw8AAAD%2F%2FwEAAP%2F%2FUXD%2Bu3wEAAA%3D HTTP/1.1
Host: concernederase.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Cookie: u_pl=17558900; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlecaa95d721af570c636b5eb9f248721758=[2019380,2229337,2229333]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 02:55:05 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 81561bd4bdc19aed368e2ea9da4a791e
Strict-Transport-Security: max-age=0; includeSubdomains
blogger.googleusercontent.com/img/a/AVvXsEgo95icnQa8biH7TZxW9iH554549XOlINQ-Ke45ZJwyNv-ZF1R33N-wGmE8byelD9KVYFo58zg_EWM8xu0JrgcBwImzkDZSQQZOKqE9ub1qy03VtfsFTBldsPj5euWQDpS-lNb65b_xLGvZvoa2yY6_0LwpN_08huTlP1w1JgcEWAe5E6sXmcYGYteK=s257
142.250.74.33200 OK 7.4 kB URL HTTP/2 blogger.googleusercontent.com/img/a/AVvXsEgo95icnQa8biH7TZxW9iH554549XOlINQ-Ke45ZJwyNv-ZF1R33N-wGmE8byelD9KVYFo58zg_EWM8xu0JrgcBwImzkDZSQQZOKqE9ub1qy03VtfsFTBldsPj5euWQDpS-lNb65b_xLGvZvoa2yY6_0LwpN_08huTlP1w1JgcEWAe5E6sXmcYGYteK=s257
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 257x69, components 3\012- data
Hash 31b7b0f77b6c086b5e42c77078237c2f
3cd8e41e02e7283acb6fd157626323053feda453
618737980a8befe486fbd0f51d1dcdd4ed9390c55d14e6673d9aee249b279553
GET /img/a/AVvXsEgo95icnQa8biH7TZxW9iH554549XOlINQ-Ke45ZJwyNv-ZF1R33N-wGmE8byelD9KVYFo58zg_EWM8xu0JrgcBwImzkDZSQQZOKqE9ub1qy03VtfsFTBldsPj5euWQDpS-lNb65b_xLGvZvoa2yY6_0LwpN_08huTlP1w1JgcEWAe5E6sXmcYGYteK=s257 HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v2f4a"
expires: Tue, 29 Nov 2022 02:55:05 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="images.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 02:55:05 GMT
server: fife
content-length: 7390
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 8835f987270c3a6655732a8b9f79019d
b526a02966f50407fd20c881616a505ca6693ce3
349663442998cf63d2ff77fdfee46ac572703750f977b4f60e9082307309f7c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 02:55:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA36YAXezJK_WidgevnCK1leePLcqWjadcWTnD8ftM_NBwfEAB-CLxtGim-xH0PBFzGeUFsSw7rX-5iECXiplCP6-l0s6NjcNbhSqhoa0YyS6waLkUu4IZGA1Zs_A5W7W7nnqrBH_XR_6fMENbICpwpBRKyH9d8iC8fuAuDxDzo9mdVN1f3QZ83-YS/w100/SEO-Tips-1170x546.png.webp
142.250.74.33200 OK 3.0 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiA36YAXezJK_WidgevnCK1leePLcqWjadcWTnD8ftM_NBwfEAB-CLxtGim-xH0PBFzGeUFsSw7rX-5iECXiplCP6-l0s6NjcNbhSqhoa0YyS6waLkUu4IZGA1Zs_A5W7W7nnqrBH_XR_6fMENbICpwpBRKyH9d8iC8fuAuDxDzo9mdVN1f3QZ83-YS/w100/SEO-Tips-1170x546.png.webp
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 100x47, components 3\012- data
Hash 97b835c47fd8bbde77e846a029727097
9695ee419f719e9f4e74ca7c90e69a7499b950f4
95e62b7d60f2bb6668cf478208c46453358c7f42a188ff720e7aa513c3c9507d
GET /img/b/R29vZ2xl/AVvXsEiA36YAXezJK_WidgevnCK1leePLcqWjadcWTnD8ftM_NBwfEAB-CLxtGim-xH0PBFzGeUFsSw7rX-5iECXiplCP6-l0s6NjcNbhSqhoa0YyS6waLkUu4IZGA1Zs_A5W7W7nnqrBH_XR_6fMENbICpwpBRKyH9d8iC8fuAuDxDzo9mdVN1f3QZ83-YS/w100/SEO-Tips-1170x546.png.webp HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v317e"
expires: Tue, 29 Nov 2022 02:55:05 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="SEO-Tips-1170x546.png.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 02:55:05 GMT
server: fife
content-length: 2996
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/a/AVvXsEg6F-j9S65PL20rdTruu2E0U9q0U0bEL0CbB9LhVWrHMOnBKM-5dOyKjydORDNSUzHscXnHz7FoBJ-AT3uxABk1MbJQ5MDUj206BXh9IAr9_ZiJslYkhkJgvd9y1f1e4HX-ud53NSE4y8PZyzh5d3hlX4PDVG4qxrRKPQpvAAMnBBWu7-fakTMXrZqj=s304
142.250.74.33200 OK 7.6 kB URL HTTP/2 blogger.googleusercontent.com/img/a/AVvXsEg6F-j9S65PL20rdTruu2E0U9q0U0bEL0CbB9LhVWrHMOnBKM-5dOyKjydORDNSUzHscXnHz7FoBJ-AT3uxABk1MbJQ5MDUj206BXh9IAr9_ZiJslYkhkJgvd9y1f1e4HX-ud53NSE4y8PZyzh5d3hlX4PDVG4qxrRKPQpvAAMnBBWu7-fakTMXrZqj=s304
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 304x82, components 3\012- data
Hash ccdd0b701d4b6448d294a22ec1f9c2e1
d5a31cdb4e88239e85dd6cec022af83bdefbb32c
dba0763a0db7a3acc94bde7c3b0b574bb2cd04079c58334839aab93f5ed2032d
GET /img/a/AVvXsEg6F-j9S65PL20rdTruu2E0U9q0U0bEL0CbB9LhVWrHMOnBKM-5dOyKjydORDNSUzHscXnHz7FoBJ-AT3uxABk1MbJQ5MDUj206BXh9IAr9_ZiJslYkhkJgvd9y1f1e4HX-ud53NSE4y8PZyzh5d3hlX4PDVG4qxrRKPQpvAAMnBBWu7-fakTMXrZqj=s304 HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v2f71"
expires: Tue, 29 Nov 2022 02:55:05 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="images.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 02:55:05 GMT
server: fife
content-length: 7608
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5c0748d6b73f44e551a70bbd351fa44b
938677b2f0d2152ebb028c00d095492d4946d2ee
4e3fa15077f57b5966d4b60f2a856c9defe22ad657f6374387c83d8afe466861
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4E3FA15077F57B5966D4B60F2A856C9DEFE22AD657F6374387C83D8AFE466861"
Last-Modified: Sat, 26 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3571
Expires: Mon, 28 Nov 2022 03:54:36 GMT
Date: Mon, 28 Nov 2022 02:55:05 GMT
Connection: keep-alive
concernederase.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3uR3%2BO1edPUifjAogoJMumemMzMusriukWBM4n4QPFZXVU%2FKVHc1Vf0xmVNwRfY44kU9dZ5JNqjL4v4BgkwEWYJi5rLkYP4DvQiLR%2BlkYPSFqvd963kPz%2FO89dludkpcZPRk%2FQM9kErRBb%2Fu1l7bkDHXha2t3qp5bt29UtuQ8WLrSq1fXSZ%2F03P9uvt67T3BtvRCw%2FVc13O92pI0ItT9hTMUMrnf9epdt95q1D2%2Fhb75b28zB5Y64PkpuQzJJ%2F%2FbfPQQko0RR99fF3Yr1ckb70aZoqk2yPnB7Xgr1kWMaFaGxkEYH0ynoe2EkC8vQMcHUwXQ%2BV6lAIGcEOexhyA%2BmNJEkO%2BfMw0URIyAX0KRjyHUGJKOwfQdSH5MAMaxuoY4ureqTUG3z1FaoRMy%2F%2BQvyGJC5n9%2FFnH04JqS%2FdpNrbJU6tiiH5aQ%2FTFkb4wkO0Q6cCCLQ7D0E0j%2BK1l4soI42luzSkPy8ky9lGPIcAwlhqDWQVYd6SALHWSJg4if1KjfDV23HQZhs9lpMcaaTcb8ziL3ebPVCV1krKI3RJoMwdQQzOwgMTvYkp8f%2B5dhsh9hN0tY7sCmE%2BJ8uIOclygEQWEJCkpQSIIiJSjycp8r27DlPa5sFnjT3JjmZjnSaW%2BX7uu0J2Kym5ySpytrnEt%2FpNgSJzVKuz5vNzwa%2Bm2XLTYXA18E3bDR6rQbXtvvwMoS0l44UzuQE%2FJisYBETsh89DwCegirDsHkC6CZB1qM2g0XdHPU6rgYxA9SwTZTrWQu6v3tAbgukaTzSLedXXVKnjtb0svztyHY0dWfL76VjB5fBDMlElPiY%2FkTQU%2FdHd3QBdm7oQtLHq4lqYzkgFYLvJnSVMx9%2B77YLrThy9ft8Ju3WQVU5f1bwqYrNOYy7lny3TXJuTBL2jBBfli2GyJYz%2BzmtczEWbKy%2Fs7ScpQYYa3U8RhUHq%2F9DVZJfPWZs6%2F51C9%2FQpoxTFYiyo7INCD1IViyA5vM2FtNYNRsJkjmUGTlyDSC2aOSBErMehqUsP%2Fqg1m9a%2B%2BiZ%2BZA0zuIoxK5KZGrElQNYbOLozQxR1cffVXF1wjU3ChQZm4vUEZ9MSEv%2Fdaq%2FP3o3GQrT2rCD91QuA0RhN0gbFOXd8NWN6BdT7QDn3pI7YR9%2Bsr%2F%2FwEAAP%2F%2FAQAA%2F%2F%2B2mCaYfAQAAA%3D%3D
173.233.137.44200 OK 7 B URL HTTP/1.1 concernederase.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3uR3%2BO1edPUifjAogoJMumemMzMusriukWBM4n4QPFZXVU%2FKVHc1Vf0xmVNwRfY44kU9dZ5JNqjL4v4BgkwEWYJi5rLkYP4DvQiLR%2BlkYPSFqvd963kPz%2FO89dludkpcZPRk%2FQM9kErRBb%2Fu1l7bkDHXha2t3qp5bt29UtuQ8WLrSq1fXSZ%2F03P9uvt67T3BtvRCw%2FVc13O92pI0ItT9hTMUMrnf9epdt95q1D2%2Fhb75b28zB5Y64PkpuQzJJ%2F%2FbfPQQko0RR99fF3Yr1ckb70aZoqk2yPnB7Xgr1kWMaFaGxkEYH0ynoe2EkC8vQMcHUwXQ%2BV6lAIGcEOexhyA%2BmNJEkO%2BfMw0URIyAX0KRjyHUGJKOwfQdSH5MAMaxuoY4ureqTUG3z1FaoRMy%2F%2BQvyGJC5n9%2FFnH04JqS%2FdpNrbJU6tiiH5aQ%2FTFkb4wkO0Q6cCCLQ7D0E0j%2BK1l4soI42luzSkPy8ky9lGPIcAwlhqDWQVYd6SALHWSJg4if1KjfDV23HQZhs9lpMcaaTcb8ziL3ebPVCV1krKI3RJoMwdQQzOwgMTvYkp8f%2B5dhsh9hN0tY7sCmE%2BJ8uIOclygEQWEJCkpQSIIiJSjycp8r27DlPa5sFnjT3JjmZjnSaW%2BX7uu0J2Kym5ySpytrnEt%2FpNgSJzVKuz5vNzwa%2Bm2XLTYXA18E3bDR6rQbXtvvwMoS0l44UzuQE%2FJisYBETsh89DwCegirDsHkC6CZB1qM2g0XdHPU6rgYxA9SwTZTrWQu6v3tAbgukaTzSLedXXVKnjtb0svztyHY0dWfL76VjB5fBDMlElPiY%2FkTQU%2FdHd3QBdm7oQtLHq4lqYzkgFYLvJnSVMx9%2B77YLrThy9ft8Ju3WQVU5f1bwqYrNOYy7lny3TXJuTBL2jBBfli2GyJYz%2BzmtczEWbKy%2Fs7ScpQYYa3U8RhUHq%2F9DVZJfPWZs6%2F51C9%2FQpoxTFYiyo7INCD1IViyA5vM2FtNYNRsJkjmUGTlyDSC2aOSBErMehqUsP%2Fqg1m9a%2B%2BiZ%2BZA0zuIoxK5KZGrElQNYbOLozQxR1cffVXF1wjU3ChQZm4vUEZ9MSEv%2Fdaq%2FP3o3GQrT2rCD91QuA0RhN0gbFOXd8NWN6BdT7QDn3pI7YR9%2Bsr%2F%2FwEAAP%2F%2FAQAA%2F%2F%2B2mCaYfAQAAA%3D%3D
IP 173.233.137.44:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3uR3%2BO1edPUifjAogoJMumemMzMusriukWBM4n4QPFZXVU%2FKVHc1Vf0xmVNwRfY44kU9dZ5JNqjL4v4BgkwEWYJi5rLkYP4DvQiLR%2BlkYPSFqvd963kPz%2FO89dludkpcZPRk%2FQM9kErRBb%2Fu1l7bkDHXha2t3qp5bt29UtuQ8WLrSq1fXSZ%2F03P9uvt67T3BtvRCw%2FVc13O92pI0ItT9hTMUMrnf9epdt95q1D2%2Fhb75b28zB5Y64PkpuQzJJ%2F%2FbfPQQko0RR99fF3Yr1ckb70aZoqk2yPnB7Xgr1kWMaFaGxkEYH0ynoe2EkC8vQMcHUwXQ%2BV6lAIGcEOexhyA%2BmNJEkO%2BfMw0URIyAX0KRjyHUGJKOwfQdSH5MAMaxuoY4ureqTUG3z1FaoRMy%2F%2BQvyGJC5n9%2FFnH04JqS%2FdpNrbJU6tiiH5aQ%2FTFkb4wkO0Q6cCCLQ7D0E0j%2BK1l4soI42luzSkPy8ky9lGPIcAwlhqDWQVYd6SALHWSJg4if1KjfDV23HQZhs9lpMcaaTcb8ziL3ebPVCV1krKI3RJoMwdQQzOwgMTvYkp8f%2B5dhsh9hN0tY7sCmE%2BJ8uIOclygEQWEJCkpQSIIiJSjycp8r27DlPa5sFnjT3JjmZjnSaW%2BX7uu0J2Kym5ySpytrnEt%2FpNgSJzVKuz5vNzwa%2Bm2XLTYXA18E3bDR6rQbXtvvwMoS0l44UzuQE%2FJisYBETsh89DwCegirDsHkC6CZB1qM2g0XdHPU6rgYxA9SwTZTrWQu6v3tAbgukaTzSLedXXVKnjtb0svztyHY0dWfL76VjB5fBDMlElPiY%2FkTQU%2FdHd3QBdm7oQtLHq4lqYzkgFYLvJnSVMx9%2B77YLrThy9ft8Ju3WQVU5f1bwqYrNOYy7lny3TXJuTBL2jBBfli2GyJYz%2BzmtczEWbKy%2Fs7ScpQYYa3U8RhUHq%2F9DVZJfPWZs6%2F51C9%2FQpoxTFYiyo7INCD1IViyA5vM2FtNYNRsJkjmUGTlyDSC2aOSBErMehqUsP%2Fqg1m9a%2B%2BiZ%2BZA0zuIoxK5KZGrElQNYbOLozQxR1cffVXF1wjU3ChQZm4vUEZ9MSEv%2Fdaq%2FP3o3GQrT2rCD91QuA0RhN0gbFOXd8NWN6BdT7QDn3pI7YR9%2Bsr%2F%2FwEAAP%2F%2FAQAA%2F%2F%2B2mCaYfAQAAA%3D%3D HTTP/1.1
Host: concernederase.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Cookie: u_pl=17558900; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlecaa95d721af570c636b5eb9f248721758=[2019380,2229337,2229333]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 02:55:05 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0e2567ba41dc46091c12c55180b4fa57
Strict-Transport-Security: max-age=0; includeSubdomains
concernederase.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSu3sSDuyC4ehF%2FMCiCiky6Z6YzMy6yuK4rwZjE%2FUHwWF1VPSlT3dVU9Y%2FJnIIrsscRL%2Bqp802yQV0W9w8QZCLIEhAzlyUH8x94EhaP0rMDow%2F6vff19w7f9159uZedERcZPd34WA%2BkUnTJr7u1NzZlzHVha2s3a55bdy%2FVNmW83LpU61fJ5O94rl9336x9KNi2Xmq4nut6rle7Jo0IdX9pykIm97pevevWW42657fQN%2F%2FHNnNgqQOen5GLkHzy1NbDB5BsjDj66aqw26lO3v4gyhRNtUHOD2%2FF27EuYkTzNjQOwvhwNg1tJ4R8cw46Ppw5gM73KwcI5IQ4jzwE8eFMJoL84InSQEHECPgFFPkYQo0h6RhM34bkJwRgHGvriKO7a9oUdOcJSyt2QhYf%2Fw1ZTMjin88jju5fUbJfu6FVlkodW%2FTDErI%2FhuyNkWRHSAcOZHEEln4OyX8nS49XEUf761ZpSF5O3Us5hgzHUGIIah1k1ScdZKGDLHEQ8dMa9buh67bDIGw2Oy3GWLPJmN9Z5j5vtjqhi4xV8oZIkyGYGoKZXSRmF9vyqxP%2FIkz2C%2BxWCcsd2HRCnE92kfMShSAoLEFBCQpJUKQERV4ecGUbtrzLlc0Cb1Ybs9osRzrt7dEDnfZETPaSM%2FJstRrnwl8ptsVpjdKuz9sNj4Z%2B22XLzeXAF0E3bLQ67YbX9juwsoS056ZuB3JCXi6WkMgJWYxeRECPYNURmHwJNPNAi1G74YJujVodF4P4firYVqqVzEW9vzMA1yWSdBHpjrOnzsgL0yO98kcLgh1f%2Fu38u8no0XkwUyIxJT6TvxL01J3RdV2Q%2Feu6sOTBepLKSA5odcAbKU3Fwg8fiZ1CG75y1Q6%2Ff49VRNXeuylsukpjLuOeJT9ekZwLc00bJsjPK3ZTBBuZ3bqSmThLVjfev7YSJUZYK3U8BpUn6%2F%2BAVRZff276NJ85eQvSjGGyElF2TGYBqY%2FAkl3YZK7eagKj5jNB4qDIypFpBPOfShIoMcc0KGH%2Fg4N5v2fvoGcWQNPbiKMSuSmRqxJUDWGz86M0MceXH35bxXcI1MIoUGZhP1BGfT1d7YS8uvhplW7BytOa77VEJ%2Bi0GeeBYNxrN5qdpus2OG%2B1u8LrIrUT9sVrT%2F8LAAD%2F%2FwEAAP%2F%2FzsuQsnwEAAA%3D
173.233.137.44200 OK 7 B URL HTTP/1.1 concernederase.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSu3sSDuyC4ehF%2FMCiCiky6Z6YzMy6yuK4rwZjE%2FUHwWF1VPSlT3dVU9Y%2FJnIIrsscRL%2Bqp802yQV0W9w8QZCLIEhAzlyUH8x94EhaP0rMDow%2F6vff19w7f9159uZedERcZPd34WA%2BkUnTJr7u1NzZlzHVha2s3a55bdy%2FVNmW83LpU61fJ5O94rl9336x9KNi2Xmq4nut6rle7Jo0IdX9pykIm97pevevWW42657fQN%2F%2FHNnNgqQOen5GLkHzy1NbDB5BsjDj66aqw26lO3v4gyhRNtUHOD2%2FF27EuYkTzNjQOwvhwNg1tJ4R8cw46Ppw5gM73KwcI5IQ4jzwE8eFMJoL84InSQEHECPgFFPkYQo0h6RhM34bkJwRgHGvriKO7a9oUdOcJSyt2QhYf%2Fw1ZTMjin88jju5fUbJfu6FVlkodW%2FTDErI%2FhuyNkWRHSAcOZHEEln4OyX8nS49XEUf761ZpSF5O3Us5hgzHUGIIah1k1ScdZKGDLHEQ8dMa9buh67bDIGw2Oy3GWLPJmN9Z5j5vtjqhi4xV8oZIkyGYGoKZXSRmF9vyqxP%2FIkz2C%2BxWCcsd2HRCnE92kfMShSAoLEFBCQpJUKQERV4ecGUbtrzLlc0Cb1Ybs9osRzrt7dEDnfZETPaSM%2FJstRrnwl8ptsVpjdKuz9sNj4Z%2B22XLzeXAF0E3bLQ67YbX9juwsoS056ZuB3JCXi6WkMgJWYxeRECPYNURmHwJNPNAi1G74YJujVodF4P4firYVqqVzEW9vzMA1yWSdBHpjrOnzsgL0yO98kcLgh1f%2Fu38u8no0XkwUyIxJT6TvxL01J3RdV2Q%2Feu6sOTBepLKSA5odcAbKU3Fwg8fiZ1CG75y1Q6%2Ff49VRNXeuylsukpjLuOeJT9ekZwLc00bJsjPK3ZTBBuZ3bqSmThLVjfev7YSJUZYK3U8BpUn6%2F%2BAVRZff276NJ85eQvSjGGyElF2TGYBqY%2FAkl3YZK7eagKj5jNB4qDIypFpBPOfShIoMcc0KGH%2Fg4N5v2fvoGcWQNPbiKMSuSmRqxJUDWGz86M0MceXH35bxXcI1MIoUGZhP1BGfT1d7YS8uvhplW7BytOa77VEJ%2Bi0GeeBYNxrN5qdpus2OG%2B1u8LrIrUT9sVrT%2F8LAAD%2F%2FwEAAP%2F%2FzsuQsnwEAAA%3D
IP 173.233.137.44:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSu3sSDuyC4ehF%2FMCiCiky6Z6YzMy6yuK4rwZjE%2FUHwWF1VPSlT3dVU9Y%2FJnIIrsscRL%2Bqp802yQV0W9w8QZCLIEhAzlyUH8x94EhaP0rMDow%2F6vff19w7f9159uZedERcZPd34WA%2BkUnTJr7u1NzZlzHVha2s3a55bdy%2FVNmW83LpU61fJ5O94rl9336x9KNi2Xmq4nut6rle7Jo0IdX9pykIm97pevevWW42657fQN%2F%2FHNnNgqQOen5GLkHzy1NbDB5BsjDj66aqw26lO3v4gyhRNtUHOD2%2FF27EuYkTzNjQOwvhwNg1tJ4R8cw46Ppw5gM73KwcI5IQ4jzwE8eFMJoL84InSQEHECPgFFPkYQo0h6RhM34bkJwRgHGvriKO7a9oUdOcJSyt2QhYf%2Fw1ZTMjin88jju5fUbJfu6FVlkodW%2FTDErI%2FhuyNkWRHSAcOZHEEln4OyX8nS49XEUf761ZpSF5O3Us5hgzHUGIIah1k1ScdZKGDLHEQ8dMa9buh67bDIGw2Oy3GWLPJmN9Z5j5vtjqhi4xV8oZIkyGYGoKZXSRmF9vyqxP%2FIkz2C%2BxWCcsd2HRCnE92kfMShSAoLEFBCQpJUKQERV4ecGUbtrzLlc0Cb1Ybs9osRzrt7dEDnfZETPaSM%2FJstRrnwl8ptsVpjdKuz9sNj4Z%2B22XLzeXAF0E3bLQ67YbX9juwsoS056ZuB3JCXi6WkMgJWYxeRECPYNURmHwJNPNAi1G74YJujVodF4P4firYVqqVzEW9vzMA1yWSdBHpjrOnzsgL0yO98kcLgh1f%2Fu38u8no0XkwUyIxJT6TvxL01J3RdV2Q%2Feu6sOTBepLKSA5odcAbKU3Fwg8fiZ1CG75y1Q6%2Ff49VRNXeuylsukpjLuOeJT9ekZwLc00bJsjPK3ZTBBuZ3bqSmThLVjfev7YSJUZYK3U8BpUn6%2F%2BAVRZff276NJ85eQvSjGGyElF2TGYBqY%2FAkl3YZK7eagKj5jNB4qDIypFpBPOfShIoMcc0KGH%2Fg4N5v2fvoGcWQNPbiKMSuSmRqxJUDWGz86M0MceXH35bxXcI1MIoUGZhP1BGfT1d7YS8uvhplW7BytOa77VEJ%2Bi0GeeBYNxrN5qdpus2OG%2B1u8LrIrUT9sVrT%2F8LAAD%2F%2FwEAAP%2F%2FzsuQsnwEAAA%3D HTTP/1.1
Host: concernederase.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Cookie: u_pl=17558900; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlecaa95d721af570c636b5eb9f248721758=[2019380,2229337,2229333]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 02:55:05 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0f62e9ac8c8760d83d640b240a7d1900
Strict-Transport-Security: max-age=0; includeSubdomains
concernederase.com/impr.gif?sid=H4sIAAAAAAAC%2F1RST2sk1Rd9leS3%2BGU2OroR%2F9AogoJ0qrq70t0OMhjHSDAmcf4QXL5671XnmVf1ivequjq9Co7ILFvcqKvK6WSCOgzOBxCkI8gQFNObIQvzDcSFMLiU6mlovVD33lPnLs659312kF0QFxk93%2FpA96VSdMmvupXXtmXMdW4rGzcrnlt1r1S2ZbzcuFLplcl03%2FRcv%2Bq%2BXnlPsF29VHM91%2FVcr7IqjQh1b2nCQib32l617VYbtarnN9Az%2F8U2c2CpA969IJch%2Bfh%2FOw8fQLIR4uj7a8Lupjp5490oUzTVBl1%2BfCvejXUeI5q1oXEQxsfTaWg7JuTLOej4eOoAuntYOkAgx8R55CGIj6cyEXSPnigNFESMgF9C3h1BqBEkHYHp25D8jACMY2MTcXR3Q5uc7j1hacmOycLjvyDzMVn4%2FVnE0f0VJXuVG1plqdSxRS8sIHsjyM4ISXaCtO9A5idg6SeQ%2FFey9HgdcXS4aZWG5MXEvZQjyHAEJQag1kFWftJBFjrIEgcRP69Qvx26bjMMwnq91WCM1euM%2Ba1l7vN6oxW6yFgpb4A0GYCpAZjZR2L2sSs%2FP%2FMvw2Q%2Fwu4UsNyBTcfE%2BXAfXV4gFwS5JcgpQS4J8pQg7xZHXNmaLe5yZbPAm9batNaLoU47B%2FRIpx0Rk4Pkgjxdrsa59EeKXXFeobTt82bNo6HfdNlyfTnwRdAOa41Ws%2BY1%2FRasLCDt3MRtX47Ji%2FkSEjkmC9HzCOgJrDoBky%2BAZh5oPmzWXNCdYaPloh%2FfTwXbSbWSXVHt7fXBdYEkXUC65xyoC%2FLc5EgvL3wEwU6v%2Frz4VjJ8tAhmCiSmwMfyJ4KOujO8rnNyeF3nljzYTFIZyT4tD3gjpamY%2F%2FZ9sZdrw9eu2cE3b7OSKNt7N4VN12nMZdyx5LsVybkwq9owQX5Ys9si2Mrszkpm4ixZ33pndS1KjLBW6ngEKs82%2FwYrLb76zORpPvXLn5BmBJMViLJTMg1IfQKW7MMmM%2FVWExg1mwmSOeRZMTS1YPZTSQIlZpgGBey%2FcDDrD%2BwddMw8aHobcVSgawp0VQGqBrDZ4jBNzOnVh1%2BV8TUCNT8MlJk%2FDJRRX4zJS781Jvst0y1YeV7xvYZoBa0m4zwQjHvNWr1Vd90a541mW3htpHbMPn3l%2F%2F8AAAD%2F%2FwEAAP%2F%2FRXhwXXwEAAA%3D
173.233.137.44200 OK 7 B URL HTTP/1.1 concernederase.com/impr.gif?sid=H4sIAAAAAAAC%2F1RST2sk1Rd9leS3%2BGU2OroR%2F9AogoJ0qrq70t0OMhjHSDAmcf4QXL5671XnmVf1ivequjq9Co7ILFvcqKvK6WSCOgzOBxCkI8gQFNObIQvzDcSFMLiU6mlovVD33lPnLs659312kF0QFxk93%2FpA96VSdMmvupXXtmXMdW4rGzcrnlt1r1S2ZbzcuFLplcl03%2FRcv%2Bq%2BXnlPsF29VHM91%2FVcr7IqjQh1b2nCQib32l617VYbtarnN9Az%2F8U2c2CpA969IJch%2Bfh%2FOw8fQLIR4uj7a8Lupjp5490oUzTVBl1%2BfCvejXUeI5q1oXEQxsfTaWg7JuTLOej4eOoAuntYOkAgx8R55CGIj6cyEXSPnigNFESMgF9C3h1BqBEkHYHp25D8jACMY2MTcXR3Q5uc7j1hacmOycLjvyDzMVn4%2FVnE0f0VJXuVG1plqdSxRS8sIHsjyM4ISXaCtO9A5idg6SeQ%2FFey9HgdcXS4aZWG5MXEvZQjyHAEJQag1kFWftJBFjrIEgcRP69Qvx26bjMMwnq91WCM1euM%2Ba1l7vN6oxW6yFgpb4A0GYCpAZjZR2L2sSs%2FP%2FMvw2Q%2Fwu4UsNyBTcfE%2BXAfXV4gFwS5JcgpQS4J8pQg7xZHXNmaLe5yZbPAm9batNaLoU47B%2FRIpx0Rk4Pkgjxdrsa59EeKXXFeobTt82bNo6HfdNlyfTnwRdAOa41Ws%2BY1%2FRasLCDt3MRtX47Ji%2FkSEjkmC9HzCOgJrDoBky%2BAZh5oPmzWXNCdYaPloh%2FfTwXbSbWSXVHt7fXBdYEkXUC65xyoC%2FLc5EgvL3wEwU6v%2Frz4VjJ8tAhmCiSmwMfyJ4KOujO8rnNyeF3nljzYTFIZyT4tD3gjpamY%2F%2FZ9sZdrw9eu2cE3b7OSKNt7N4VN12nMZdyx5LsVybkwq9owQX5Ys9si2Mrszkpm4ixZ33pndS1KjLBW6ngEKs82%2FwYrLb76zORpPvXLn5BmBJMViLJTMg1IfQKW7MMmM%2FVWExg1mwmSOeRZMTS1YPZTSQIlZpgGBey%2FcDDrD%2BwddMw8aHobcVSgawp0VQGqBrDZ4jBNzOnVh1%2BV8TUCNT8MlJk%2FDJRRX4zJS781Jvst0y1YeV7xvYZoBa0m4zwQjHvNWr1Vd90a541mW3htpHbMPn3l%2F%2F8AAAD%2F%2FwEAAP%2F%2FRXhwXXwEAAA%3D
IP 173.233.137.44:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RST2sk1Rd9leS3%2BGU2OroR%2F9AogoJ0qrq70t0OMhjHSDAmcf4QXL5671XnmVf1ivequjq9Co7ILFvcqKvK6WSCOgzOBxCkI8gQFNObIQvzDcSFMLiU6mlovVD33lPnLs659312kF0QFxk93%2FpA96VSdMmvupXXtmXMdW4rGzcrnlt1r1S2ZbzcuFLplcl03%2FRcv%2Bq%2BXnlPsF29VHM91%2FVcr7IqjQh1b2nCQib32l617VYbtarnN9Az%2F8U2c2CpA969IJch%2Bfh%2FOw8fQLIR4uj7a8Lupjp5490oUzTVBl1%2BfCvejXUeI5q1oXEQxsfTaWg7JuTLOej4eOoAuntYOkAgx8R55CGIj6cyEXSPnigNFESMgF9C3h1BqBEkHYHp25D8jACMY2MTcXR3Q5uc7j1hacmOycLjvyDzMVn4%2FVnE0f0VJXuVG1plqdSxRS8sIHsjyM4ISXaCtO9A5idg6SeQ%2FFey9HgdcXS4aZWG5MXEvZQjyHAEJQag1kFWftJBFjrIEgcRP69Qvx26bjMMwnq91WCM1euM%2Ba1l7vN6oxW6yFgpb4A0GYCpAZjZR2L2sSs%2FP%2FMvw2Q%2Fwu4UsNyBTcfE%2BXAfXV4gFwS5JcgpQS4J8pQg7xZHXNmaLe5yZbPAm9batNaLoU47B%2FRIpx0Rk4Pkgjxdrsa59EeKXXFeobTt82bNo6HfdNlyfTnwRdAOa41Ws%2BY1%2FRasLCDt3MRtX47Ji%2FkSEjkmC9HzCOgJrDoBky%2BAZh5oPmzWXNCdYaPloh%2FfTwXbSbWSXVHt7fXBdYEkXUC65xyoC%2FLc5EgvL3wEwU6v%2Frz4VjJ8tAhmCiSmwMfyJ4KOujO8rnNyeF3nljzYTFIZyT4tD3gjpamY%2F%2FZ9sZdrw9eu2cE3b7OSKNt7N4VN12nMZdyx5LsVybkwq9owQX5Ys9si2Mrszkpm4ixZ33pndS1KjLBW6ngEKs82%2FwYrLb76zORpPvXLn5BmBJMViLJTMg1IfQKW7MMmM%2FVWExg1mwmSOeRZMTS1YPZTSQIlZpgGBey%2FcDDrD%2BwddMw8aHobcVSgawp0VQGqBrDZ4jBNzOnVh1%2BV8TUCNT8MlJk%2FDJRRX4zJS781Jvst0y1YeV7xvYZoBa0m4zwQjHvNWr1Vd90a541mW3htpHbMPn3l%2F%2F8AAAD%2F%2FwEAAP%2F%2FRXhwXXwEAAA%3D HTTP/1.1
Host: concernederase.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Cookie: u_pl=17558900; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlecaa95d721af570c636b5eb9f248721758=[2019380,2229337,2229333]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 02:55:05 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2f30ed39f2ca7586084320eeb70b4f6b
Strict-Transport-Security: max-age=0; includeSubdomains
concernederase.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3uR3%2BO1edPUifjAogoJMumemMzMusriukWBM4n4QPFZXVU%2FKVHc1Vf0xmVNwRfY44kU9dZ5JNqjL4v4BgkwEWYJi5rLkYP4DvQiLR%2BlkYPSFqvd963kPz%2FO89dludkpcZPRk%2FQM9kErRBb%2Fu1l7bkDHXha2t3qp5bt29UtuQ8WLrSq1fXSZ%2F03P9uvt67T3BtvRCw%2FVc13O92pI0ItT9hTMUMrnf9epdt95q1D2%2Fhb75b28zB5Y64PkpuQzJJ%2F%2FbfPQQko0RR99fF3Yr1ckb70aZoqk2yPnB7Xgr1kWMaFaGxkEYH0ynoe2EkC8vQMcHUwXQ%2BV6lAIGcEOexhyA%2BmNJEkO%2BfMw0URIyAX0KRjyHUGJKOwfQdSH5MAMaxuoY4ureqTUG3z1FaoRMy%2F%2BQvyGJC5n9%2FFnH04JqS%2FdpNrbJU6tiiH5aQ%2FTFkb4wkO0Q6cCCLQ7D0E0j%2BK1l4soI42luzSkPy8ky9lGPIcAwlhqDWQVYd6SALHWSJg4if1KjfDV23HQZhs9lpMcaaTcb8ziL3ebPVCV1krKI3RJoMwdQQzOwgMTvYkp8f%2B5dhsh9hN0tY7sCmE%2BJ8uIOclygEQWEJCkpQSIIiJSjycp8r27DlPa5sFnjT3JjmZjnSaW%2BX7uu0J2Kym5ySpytrnEt%2FpNgSJzVKuz5vNzwa%2Bm2XLTYXA18E3bDR6rQbXtvvwMoS0l44UzuQE%2FJisYBETsh89DwCegirDsHkC6CZB1qM2g0XdHPU6rgYxA9SwTZTrWQu6v3tAbgukaTzSLedXXVKnjtb0svztyHY0dWfL76VjB5fBDMlElPiY%2FkTQU%2FdHd3QBdm7oQtLHq4lqYzkgFYLvJnSVMx9%2B77YLrThy9ft8Ju3WQVU5f1bwqYrNOYy7lny3TXJuTBL2jBBfli2GyJYz%2BzmtczEWbKy%2Fs7ScpQYYa3U8RhUHq%2F9DVZJfPWZs6%2F51C9%2FQpoxTFYiyo7INCD1IViyA5vM2FtNYNRsJkjmUGTlyDSC2aOSBErMehqUsP%2Fqg1m9a%2B%2BiZ%2BZA0zuIoxK5KZGrElQNYbOLozQxR1cffVXF1wjU3ChQZm4vUEZ9MSEv%2Fdaq%2FP3o3GQrT2q%2B1xKdoNNmnAeCca%2FdaHaartvgvNXuCq%2BL1E7Yp6%2F8%2Fx8AAAD%2F%2FwEAAP%2F%2FopCofnwEAAA%3D
173.233.137.44200 OK 7 B URL HTTP/1.1 concernederase.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3uR3%2BO1edPUifjAogoJMumemMzMusriukWBM4n4QPFZXVU%2FKVHc1Vf0xmVNwRfY44kU9dZ5JNqjL4v4BgkwEWYJi5rLkYP4DvQiLR%2BlkYPSFqvd963kPz%2FO89dludkpcZPRk%2FQM9kErRBb%2Fu1l7bkDHXha2t3qp5bt29UtuQ8WLrSq1fXSZ%2F03P9uvt67T3BtvRCw%2FVc13O92pI0ItT9hTMUMrnf9epdt95q1D2%2Fhb75b28zB5Y64PkpuQzJJ%2F%2FbfPQQko0RR99fF3Yr1ckb70aZoqk2yPnB7Xgr1kWMaFaGxkEYH0ynoe2EkC8vQMcHUwXQ%2BV6lAIGcEOexhyA%2BmNJEkO%2BfMw0URIyAX0KRjyHUGJKOwfQdSH5MAMaxuoY4ureqTUG3z1FaoRMy%2F%2BQvyGJC5n9%2FFnH04JqS%2FdpNrbJU6tiiH5aQ%2FTFkb4wkO0Q6cCCLQ7D0E0j%2BK1l4soI42luzSkPy8ky9lGPIcAwlhqDWQVYd6SALHWSJg4if1KjfDV23HQZhs9lpMcaaTcb8ziL3ebPVCV1krKI3RJoMwdQQzOwgMTvYkp8f%2B5dhsh9hN0tY7sCmE%2BJ8uIOclygEQWEJCkpQSIIiJSjycp8r27DlPa5sFnjT3JjmZjnSaW%2BX7uu0J2Kym5ySpytrnEt%2FpNgSJzVKuz5vNzwa%2Bm2XLTYXA18E3bDR6rQbXtvvwMoS0l44UzuQE%2FJisYBETsh89DwCegirDsHkC6CZB1qM2g0XdHPU6rgYxA9SwTZTrWQu6v3tAbgukaTzSLedXXVKnjtb0svztyHY0dWfL76VjB5fBDMlElPiY%2FkTQU%2FdHd3QBdm7oQtLHq4lqYzkgFYLvJnSVMx9%2B77YLrThy9ft8Ju3WQVU5f1bwqYrNOYy7lny3TXJuTBL2jBBfli2GyJYz%2BzmtczEWbKy%2Fs7ScpQYYa3U8RhUHq%2F9DVZJfPWZs6%2F51C9%2FQpoxTFYiyo7INCD1IViyA5vM2FtNYNRsJkjmUGTlyDSC2aOSBErMehqUsP%2Fqg1m9a%2B%2BiZ%2BZA0zuIoxK5KZGrElQNYbOLozQxR1cffVXF1wjU3ChQZm4vUEZ9MSEv%2Fdaq%2FP3o3GQrT2q%2B1xKdoNNmnAeCca%2FdaHaartvgvNXuCq%2BL1E7Yp6%2F8%2Fx8AAAD%2F%2FwEAAP%2F%2FopCofnwEAAA%3D
IP 173.233.137.44:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3uR3%2BO1edPUifjAogoJMumemMzMusriukWBM4n4QPFZXVU%2FKVHc1Vf0xmVNwRfY44kU9dZ5JNqjL4v4BgkwEWYJi5rLkYP4DvQiLR%2BlkYPSFqvd963kPz%2FO89dludkpcZPRk%2FQM9kErRBb%2Fu1l7bkDHXha2t3qp5bt29UtuQ8WLrSq1fXSZ%2F03P9uvt67T3BtvRCw%2FVc13O92pI0ItT9hTMUMrnf9epdt95q1D2%2Fhb75b28zB5Y64PkpuQzJJ%2F%2FbfPQQko0RR99fF3Yr1ckb70aZoqk2yPnB7Xgr1kWMaFaGxkEYH0ynoe2EkC8vQMcHUwXQ%2BV6lAIGcEOexhyA%2BmNJEkO%2BfMw0URIyAX0KRjyHUGJKOwfQdSH5MAMaxuoY4ureqTUG3z1FaoRMy%2F%2BQvyGJC5n9%2FFnH04JqS%2FdpNrbJU6tiiH5aQ%2FTFkb4wkO0Q6cCCLQ7D0E0j%2BK1l4soI42luzSkPy8ky9lGPIcAwlhqDWQVYd6SALHWSJg4if1KjfDV23HQZhs9lpMcaaTcb8ziL3ebPVCV1krKI3RJoMwdQQzOwgMTvYkp8f%2B5dhsh9hN0tY7sCmE%2BJ8uIOclygEQWEJCkpQSIIiJSjycp8r27DlPa5sFnjT3JjmZjnSaW%2BX7uu0J2Kym5ySpytrnEt%2FpNgSJzVKuz5vNzwa%2Bm2XLTYXA18E3bDR6rQbXtvvwMoS0l44UzuQE%2FJisYBETsh89DwCegirDsHkC6CZB1qM2g0XdHPU6rgYxA9SwTZTrWQu6v3tAbgukaTzSLedXXVKnjtb0svztyHY0dWfL76VjB5fBDMlElPiY%2FkTQU%2FdHd3QBdm7oQtLHq4lqYzkgFYLvJnSVMx9%2B77YLrThy9ft8Ju3WQVU5f1bwqYrNOYy7lny3TXJuTBL2jBBfli2GyJYz%2BzmtczEWbKy%2Fs7ScpQYYa3U8RhUHq%2F9DVZJfPWZs6%2F51C9%2FQpoxTFYiyo7INCD1IViyA5vM2FtNYNRsJkjmUGTlyDSC2aOSBErMehqUsP%2Fqg1m9a%2B%2BiZ%2BZA0zuIoxK5KZGrElQNYbOLozQxR1cffVXF1wjU3ChQZm4vUEZ9MSEv%2Fdaq%2FP3o3GQrT2q%2B1xKdoNNmnAeCca%2FdaHaartvgvNXuCq%2BL1E7Yp6%2F8%2Fx8AAAD%2F%2FwEAAP%2F%2FopCofnwEAAA%3D HTTP/1.1
Host: concernederase.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Cookie: u_pl=17558900; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlecaa95d721af570c636b5eb9f248721758=[2019380,2229337,2229333]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 02:55:05 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2557a2ffcab1308f4555ff44097ced11
Strict-Transport-Security: max-age=0; includeSubdomains
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi1QzxgqYMsAwH2Oc7XkwQtMm4BdeiVBWOnBUBGAvOwk5shi4Zd-ahGkjtUNEC-3YV9EEBtigSD30Opa1Vpy_zDU3Bmnd6d0jhmqspO_QAZG-GDqRjJPkAHFxyDJeSBLXLw5C0eKE5V7Ld6B92j1mtxd2e4Uk1KjuPgLlbmgg78_hSg-k2yuNRghFoF/w320-h213/Whatsapp_Groups.jpg
142.250.74.33200 OK 23 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi1QzxgqYMsAwH2Oc7XkwQtMm4BdeiVBWOnBUBGAvOwk5shi4Zd-ahGkjtUNEC-3YV9EEBtigSD30Opa1Vpy_zDU3Bmnd6d0jhmqspO_QAZG-GDqRjJPkAHFxyDJeSBLXLw5C0eKE5V7Ld6B92j1mtxd2e4Uk1KjuPgLlbmgg78_hSg-k2yuNRghFoF/w320-h213/Whatsapp_Groups.jpg
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 320x213, components 3\012- data
Hash 7d570e3ff7760285f762aaaafb686724
85d9a998c41eced568c2c3c1d298ab5c0edc99b9
aa9305117f38117f26fe304cd7ad17ff9d74fb7064abd1b25327b3cd50b17cf8
GET /img/b/R29vZ2xl/AVvXsEi1QzxgqYMsAwH2Oc7XkwQtMm4BdeiVBWOnBUBGAvOwk5shi4Zd-ahGkjtUNEC-3YV9EEBtigSD30Opa1Vpy_zDU3Bmnd6d0jhmqspO_QAZG-GDqRjJPkAHFxyDJeSBLXLw5C0eKE5V7Ld6B92j1mtxd2e4Uk1KjuPgLlbmgg78_hSg-k2yuNRghFoF/w320-h213/Whatsapp_Groups.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v2f15"
expires: Tue, 29 Nov 2022 02:55:06 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Whatsapp_Groups.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 02:55:06 GMT
server: fife
content-length: 22571
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/sdk.js?hash=d2edd2c530a03f669e2780c846465da9
31.13.72.12200 OK 87 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=d2edd2c530a03f669e2780c846465da9
IP 31.13.72.12:0
File type ASCII text, with very long lines (13192)
Hash 4b0d93b85356abc990911213276dd095
0b60ee3cc6870394c11ed33d445c2e71e83f9bdb
575aa42195c24eb38ab9f224472d98a3e4f2a6013dcc61f01df96580509063ef
GET /en_US/sdk.js?hash=d2edd2c530a03f669e2780c846465da9 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.techtolive.xyz
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: f577436092084476b3afa7631f4548d8
etag: "52c2d8f5f96caffeabfdca189395d58d"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Tue, 28 Nov 2023 01:52:06 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: Sw2TuFNWq8mQkRITJ23QlQ==
x-fb-debug: bW3C8Pl+nCi8moubbARzfL5G6EHiEfv6pttKD7qrmkcxiTB5MulAGxaOw/56xvtbeU91wd1cNNfsvgKY2l2sWQ==
priority: u=3,i
content-length: 86898
x-fb-trip-id: 1904183273
date: Mon, 28 Nov 2022 02:55:06 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
tallysaturatesnare.com/sbar.json?key=d06d8c07b7e38dbb7d733180628273af
173.233.137.52200 OK 4.2 kB URL HTTP/1.1 tallysaturatesnare.com/sbar.json?key=d06d8c07b7e38dbb7d733180628273af
IP 173.233.137.52:0
File type JSON data\012- , ASCII text, with very long lines (5750), with no line terminators
Hash 50ee2b0cb02c6019e2b46ec16c5aa9bd
80849899d71d91e2163eca59e6c4e9c012022463
a643c8c6fe55243677a73c5c6e2ab13303fb358c040736dca17538e8fb45878a
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=d06d8c07b7e38dbb7d733180628273af HTTP/1.1
Host: tallysaturatesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.techtolive.xyz
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 02:55:06 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.techtolive.xyz
Access-Control-Allow-Origin: https://www.techtolive.xyz
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17499693; expires=Tue, 29 Nov 2022 02:55:06 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 29 Nov 2022 02:55:06 GMT; secure; SameSite=None
uncs=1; expires=Tue, 29 Nov 2022 02:55:06 GMT; secure; SameSite=None
pdhtkv29=true; expires=Tue, 29 Nov 2022 02:55:06 GMT; secure; SameSite=None
uncs29=1; expires=Tue, 29 Nov 2022 02:55:06 GMT; secure; SameSite=None
slecd06d8c07b7e38dbb7d733180628273af=[3760946]; expires=Mon, 28 Nov 2022 02:55:11 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 555c226b6daefccd76a456ff40a89ecc
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 879cba431d8b6f2717a750acd5ca7156
1d4eb23583d48dd6801a104aa20046b34acd0efe
31223aada310e8d8e3fa41e22ee23019a07b362b3b062ccdc10600c22071bd78
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 02:55:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=www.techtolive.xyz
142.250.74.2200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=www.techtolive.xyz
IP 142.250.74.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.techtolive.xyz HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 28 Nov 2022 02:55:06 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=www.techtolive.xyz
142.250.74.34200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=www.techtolive.xyz
IP 142.250.74.34:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=www.techtolive.xyz HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 28 Nov 2022 02:55:06 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
offerimage.com/www/images/5f22624db7437e4fcaa7b047f57da38a.png
104.22.33.172200 OK 2.5 kB URL HTTP/2 offerimage.com/www/images/5f22624db7437e4fcaa7b047f57da38a.png
IP 104.22.33.172:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 5f22624db7437e4fcaa7b047f57da38a
f22bcd530fc732bc470dc0983ab70a59920126f4
b703b099a1da49f9a80fc7dc79073caf5aaf2ea9d72c36a57a6617937340a923
GET /www/images/5f22624db7437e4fcaa7b047f57da38a.png HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 02:55:06 GMT
content-type: image/png
content-length: 2530
last-modified: Tue, 22 Nov 2022 22:14:45 GMT
etag: "637d49d5-9e2"
expires: Mon, 28 Nov 2022 22:19:59 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 16507
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 770fd2a1793815f0-ARN
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash d3c9b092aee5820bdab6595daad65d61
89e983faeedf25b3e15696f9bf6dbf76feb07868
58d24c4dde4a578c2c0191a19a5a42bdcb5be03b21a1907f60c8deaee78b7331
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 02:55:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.cloudimagesb.com/cti/5c/10/b0/5c10b0b28e7a0e9d7e61bd8d09bee3db/1658920078.png
45.133.44.10200 OK 106 kB URL HTTP/2 cdn.cloudimagesb.com/cti/5c/10/b0/5c10b0b28e7a0e9d7e61bd8d09bee3db/1658920078.png
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 728 x 90, 8-bit/color RGBA, non-interlaced\012- data
Size 106 kB (105910 bytes)
Hash a36b92bb68d9b579458560ba9b94862a
782d2932ccd3a56e5aad1cca7e6e7fb4a3cf23d6
9de12cf85ad80cae34d8bdaeb59169d75e3bd4f8b931ec90ea2c3be166647c0e
GET /cti/5c/10/b0/5c10b0b28e7a0e9d7e61bd8d09bee3db/1658920078.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 02:55:06 GMT
content-type: image/png
content-length: 105910
server: nginx/1.17.6
last-modified: Wed, 27 Jul 2022 11:08:06 GMT
etag: "62e11c96-19db6"
expires: Wed, 30 Nov 2022 02:55:06 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
static.tapfiliate.com/62750d6f19062558179182.jpeg?a=112248-741ab4&s=3097060-210f93
143.204.55.12200 OK 71 kB URL HTTP/2 static.tapfiliate.com/62750d6f19062558179182.jpeg?a=112248-741ab4&s=3097060-210f93
IP 143.204.55.12:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 366x280, components 3\012- data
Hash 1d3cb3cebb828f1d24335b3d09ebc062
0558d2c4e5f8658d50d2cadc459f5868b72d46e0
25cd9d7511b56458dce6df712c747137fe48124a4a7a100fded2f09fa4913814
GET /62750d6f19062558179182.jpeg?a=112248-741ab4&s=3097060-210f93 HTTP/1.1
Host: static.tapfiliate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 71432
last-modified: Fri, 06 May 2022 11:58:40 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 28 Nov 2022 02:55:07 GMT
etag: "1d3cb3cebb828f1d24335b3d09ebc062"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: TuV7O08VhjxjoPH_123I8kCBpqo_1jd10EpR12i0O4udmY6dwhUXxw==
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
104.21.234.92200 OK 86 kB URL HTTP/2 friendshipmale.com/sfp.js
IP 104.21.234.92:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash fccb67970ab60382f25ce04ef612ae2e
06bbcf18dd9e8af47c45b592af8d52c34bc67ad1
11cb4b44b0389f3d0aaf16fcc9e6022867091b96c80cfbe30f2fc710bac48e49
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 02:55:04 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: ac5bb0760dcc9903f2c97398cb8676bb
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Mon, 28 Nov 2022 02:55:04 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m3zYNIGI168AFGQ5udPKFHHYGSwoQ0m73fERkdFEuLYlqvRH9T1WB62K4Hp46QdKTQDmDD0OpuW82hHeQSY0HziDXeKMjbw13R437FvTQ5W5FlzsI92MybHaGEXcltm4vaExKjk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770fd296ebfd88a9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash a857eec26a095f97806facc4251f4048
21bcf238687fd5f4fbefaf9704786f7c498f305e
b44b50b7e234fd05080699152a9bc0055a703a93ec2642ecb6b1f717effe7933
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 02:55:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 15619e238e943befcd5fa4737f76c851
7198f9cb4672d54e5d6812730b875b6172e64b53
7ecac89dd434501d9e15d8c728d1ec497ac7b4962285396c7fbfcc7987700ca0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 02:55:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f3a3efe248a599bcccf04881f3d686cb
10e5741399303e7c20f334d8dd72b4b8c968c0d4
cef064183db51cefadcca610b91c5ea86154ae2024029d60e59a152a7a3b1723
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEF064183DB51CEFADCCA610B91C5EA86154AE2024029D60E59A152A7A3B1723"
Last-Modified: Sat, 26 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15605
Expires: Mon, 28 Nov 2022 07:15:11 GMT
Date: Mon, 28 Nov 2022 02:55:06 GMT
Connection: keep-alive
tallysaturatesnare.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz28bxR%2Bd7TdfDi0XKi4Iiiy4gATOrteObXqIKCWoapuWtqjn%2BbXONLM7q5ldr%2BMDiihCPXBw6QUuaPOcNAKqit5BIKdCQpaQYg5VDuRfoBKiB07IjqWIj7T7%2Bcy8d3jvfeazrfyQ%2BMjpwdXLpq%2B0pouNql9546ZKhClcZfVGJfCr%2FtnKTZUs1c9WetOf7b4T%2BI2q%2F2blA8nXzWLND3w%2F8IPKirIyMr3FGQqVPmgH1bZfrdeqQaOOnv3v2eUeHPUguofkNJSY%2FH%2Ft10dQfIQk%2Fv68dOuZSd96P841zYxFV%2Bx%2BlKwnpkgQH4%2BR9RAlu3M2jJsQ8uUJmGR37gCmuz11AKYmxHsSgCW7c5lg3Z0jpUxDJmDiFIruCFKPoOgI3NyGEvsE4AKrV5DE91eNLejGEUqn6IQsPPsLqpiQhT9eRBI%2FPKdVr3Ld6DxTJnHoRSVUbwTVGSHN95D1PahiDzz7BEr8RhafXUISb19x2kCJcuZeqRFUNIKWA1DnIZ9%2BykMeechTD7E4qNBGO%2FL9ZsSiMGzVOedhyHmjtSQaIqy3Ih85n8obIEsH4HoAbjeR2k2sq7v7jdOw%2Bc9wayWc8OCyCfE%2B3ERXlCgkQeEICkpQKIIiIyi65Y7QrubK%2B0K7nAXzXpv3sByarLNFd0zWkQnZSg%2FJC9NovFPPvY11eVAR%2FpJocb%2FJmjJsCcaaohmGQctfqrVqzZBGcKqEcidmbvtqQs4Ui0jVhCzEL4PRPTi9B65eAc3PgBbDZs0HXRvWWz76ycNM8rXMaNWV1d5GH8KUSLMFZBvelj4kL82W1OY1SD5e%2Frt58ZfdP78GtyVSW%2BKWekzQ0XeG10xBtq%2BZwpFHV9JMxapPpwu8ntFMLnx7UW4UxooL593gm3f5FJiOD25Il12iiVBJx5HvzikhpF0xlkvy4wV3U7KruVs7l9skTy9dfW%2FlQpxa6ZwyyQhU7TfvgasJOXl5c%2FY0X%2F38MZQdweYl4nxM5gVl9sDTTbh0vPz0XvbDrY%2F%2FgTMEVh9zWOqhyMuhrbHjS60mJPzqNWg5Xv4ifX5lNXgCyko4eRwDk%2BOfnh7xt9wddKwHmt1GEpfo2hJdXYLqAVz%2Bv2GW2vHy7%2BGswLQ3ZNp620xbffcoXqcOKrIR%2BZH0a5JFbRY1qS%2FaUb3NaDuQTdagATI34Z%2B%2BfvJfAAAA%2F%2F8BAAD%2F%2F5c0qbx2BAAA
173.233.137.52200 OK 7 B URL HTTP/1.1 tallysaturatesnare.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz28bxR%2Bd7TdfDi0XKi4Iiiy4gATOrteObXqIKCWoapuWtqjn%2BbXONLM7q5ldr%2BMDiihCPXBw6QUuaPOcNAKqit5BIKdCQpaQYg5VDuRfoBKiB07IjqWIj7T7%2Bcy8d3jvfeazrfyQ%2BMjpwdXLpq%2B0pouNql9546ZKhClcZfVGJfCr%2FtnKTZUs1c9WetOf7b4T%2BI2q%2F2blA8nXzWLND3w%2F8IPKirIyMr3FGQqVPmgH1bZfrdeqQaOOnv3v2eUeHPUguofkNJSY%2FH%2Ft10dQfIQk%2Fv68dOuZSd96P841zYxFV%2Bx%2BlKwnpkgQH4%2BR9RAlu3M2jJsQ8uUJmGR37gCmuz11AKYmxHsSgCW7c5lg3Z0jpUxDJmDiFIruCFKPoOgI3NyGEvsE4AKrV5DE91eNLejGEUqn6IQsPPsLqpiQhT9eRBI%2FPKdVr3Ld6DxTJnHoRSVUbwTVGSHN95D1PahiDzz7BEr8RhafXUISb19x2kCJcuZeqRFUNIKWA1DnIZ9%2BykMeechTD7E4qNBGO%2FL9ZsSiMGzVOedhyHmjtSQaIqy3Ih85n8obIEsH4HoAbjeR2k2sq7v7jdOw%2Bc9wayWc8OCyCfE%2B3ERXlCgkQeEICkpQKIIiIyi65Y7QrubK%2B0K7nAXzXpv3sByarLNFd0zWkQnZSg%2FJC9NovFPPvY11eVAR%2FpJocb%2FJmjJsCcaaohmGQctfqrVqzZBGcKqEcidmbvtqQs4Ui0jVhCzEL4PRPTi9B65eAc3PgBbDZs0HXRvWWz76ycNM8rXMaNWV1d5GH8KUSLMFZBvelj4kL82W1OY1SD5e%2Frt58ZfdP78GtyVSW%2BKWekzQ0XeG10xBtq%2BZwpFHV9JMxapPpwu8ntFMLnx7UW4UxooL593gm3f5FJiOD25Il12iiVBJx5HvzikhpF0xlkvy4wV3U7KruVs7l9skTy9dfW%2FlQpxa6ZwyyQhU7TfvgasJOXl5c%2FY0X%2F38MZQdweYl4nxM5gVl9sDTTbh0vPz0XvbDrY%2F%2FgTMEVh9zWOqhyMuhrbHjS60mJPzqNWg5Xv4ifX5lNXgCyko4eRwDk%2BOfnh7xt9wddKwHmt1GEpfo2hJdXYLqAVz%2Bv2GW2vHy7%2BGswLQ3ZNp620xbffcoXqcOKrIR%2BZH0a5JFbRY1qS%2FaUb3NaDuQTdagATI34Z%2B%2BfvJfAAAA%2F%2F8BAAD%2F%2F5c0qbx2BAAA
IP 173.233.137.52:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz28bxR%2Bd7TdfDi0XKi4Iiiy4gATOrteObXqIKCWoapuWtqjn%2BbXONLM7q5ldr%2BMDiihCPXBw6QUuaPOcNAKqit5BIKdCQpaQYg5VDuRfoBKiB07IjqWIj7T7%2Bcy8d3jvfeazrfyQ%2BMjpwdXLpq%2B0pouNql9546ZKhClcZfVGJfCr%2FtnKTZUs1c9WetOf7b4T%2BI2q%2F2blA8nXzWLND3w%2F8IPKirIyMr3FGQqVPmgH1bZfrdeqQaOOnv3v2eUeHPUguofkNJSY%2FH%2Ft10dQfIQk%2Fv68dOuZSd96P841zYxFV%2Bx%2BlKwnpkgQH4%2BR9RAlu3M2jJsQ8uUJmGR37gCmuz11AKYmxHsSgCW7c5lg3Z0jpUxDJmDiFIruCFKPoOgI3NyGEvsE4AKrV5DE91eNLejGEUqn6IQsPPsLqpiQhT9eRBI%2FPKdVr3Ld6DxTJnHoRSVUbwTVGSHN95D1PahiDzz7BEr8RhafXUISb19x2kCJcuZeqRFUNIKWA1DnIZ9%2BykMeechTD7E4qNBGO%2FL9ZsSiMGzVOedhyHmjtSQaIqy3Ih85n8obIEsH4HoAbjeR2k2sq7v7jdOw%2Bc9wayWc8OCyCfE%2B3ERXlCgkQeEICkpQKIIiIyi65Y7QrubK%2B0K7nAXzXpv3sByarLNFd0zWkQnZSg%2FJC9NovFPPvY11eVAR%2FpJocb%2FJmjJsCcaaohmGQctfqrVqzZBGcKqEcidmbvtqQs4Ui0jVhCzEL4PRPTi9B65eAc3PgBbDZs0HXRvWWz76ycNM8rXMaNWV1d5GH8KUSLMFZBvelj4kL82W1OY1SD5e%2Frt58ZfdP78GtyVSW%2BKWekzQ0XeG10xBtq%2BZwpFHV9JMxapPpwu8ntFMLnx7UW4UxooL593gm3f5FJiOD25Il12iiVBJx5HvzikhpF0xlkvy4wV3U7KruVs7l9skTy9dfW%2FlQpxa6ZwyyQhU7TfvgasJOXl5c%2FY0X%2F38MZQdweYl4nxM5gVl9sDTTbh0vPz0XvbDrY%2F%2FgTMEVh9zWOqhyMuhrbHjS60mJPzqNWg5Xv4ifX5lNXgCyko4eRwDk%2BOfnh7xt9wddKwHmt1GEpfo2hJdXYLqAVz%2Bv2GW2vHy7%2BGswLQ3ZNp620xbffcoXqcOKrIR%2BZH0a5JFbRY1qS%2FaUb3NaDuQTdagATI34Z%2B%2BfvJfAAAA%2F%2F8BAAD%2F%2F5c0qbx2BAAA HTTP/1.1
Host: tallysaturatesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Cookie: u_pl=17499693; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecd06d8c07b7e38dbb7d733180628273af=[3760946]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 02:55:06 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 207497bc501c28f398a0c497a8cc934a
Strict-Transport-Security: max-age=0; includeSubdomains
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3a1eb8e3d7b5e963c21e1905e849e570
fff8193edc6218562c5612b0e02f73dbcca98c0c
12db50941a08926a1f14146c52b53cfc6acc1dcb6ac858f6fcfb421330dfb12f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "12DB50941A08926A1F14146C52B53CFC6ACC1DCB6AC858F6FCFB421330DFB12F"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4212
Expires: Mon, 28 Nov 2022 04:05:18 GMT
Date: Mon, 28 Nov 2022 02:55:06 GMT
Connection: keep-alive
tallysaturatesnare.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Findex.html&l=3323&fd=118
173.233.137.52200 OK 0 B URL HTTP/1.1 tallysaturatesnare.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Findex.html&l=3323&fd=118
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Findex.html&l=3323&fd=118 HTTP/1.1
Host: tallysaturatesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Cookie: u_pl=17499693; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecd06d8c07b7e38dbb7d733180628273af=[3760946]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 02:55:06 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/img/flash-logo.png
172.64.109.13200 OK 9.4 kB URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/img/flash-logo.png
IP 172.64.109.13:0
File type PNG image data, 240 x 240, 8-bit colormap, non-interlaced\012- data
Hash 910542c04f8bf2f90ee33d17d538a006
18d5943e5d51539038f7988c34bccef2937c5545
5969cb3c5c4f573f5c05035ddf9748ee17d5c71df6fca4e484f65d30e2694e57
GET /sb/interstitial/software/flashPlayer/mac/multi/1/img/flash-logo.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 02:55:06 GMT
content-type: image/png
content-length: 9360
last-modified: Wed, 01 Sep 2021 12:22:39 GMT
etag: "612f708f-2490"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1083656
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ldtH7IeO%2BHki33u9qYV8WOVKjrEdmtbjZ3cXF%2B2H0r8cSW%2B2xN43ECmHUnzfP73djheRaoTISgv1kfikPhO9CRPhCgZYcBvHM3BzP5%2FENUkHY3eL3%2B4Ph%2B2Gyy%2BjaNhgNlq1pAT%2BOagU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770fd2a49da588c1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3a1eb8e3d7b5e963c21e1905e849e570
fff8193edc6218562c5612b0e02f73dbcca98c0c
12db50941a08926a1f14146c52b53cfc6acc1dcb6ac858f6fcfb421330dfb12f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "12DB50941A08926A1F14146C52B53CFC6ACC1DCB6AC858F6FCFB421330DFB12F"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4211
Expires: Mon, 28 Nov 2022 04:05:18 GMT
Date: Mon, 28 Nov 2022 02:55:07 GMT
Connection: keep-alive
tallysaturatesnare.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Fcss%2Fstyle.css&l=4522&fd=322
173.233.137.52200 OK 0 B URL HTTP/1.1 tallysaturatesnare.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Fcss%2Fstyle.css&l=4522&fd=322
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Fcss%2Fstyle.css&l=4522&fd=322 HTTP/1.1
Host: tallysaturatesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Cookie: u_pl=17499693; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecd06d8c07b7e38dbb7d733180628273af=[3760946]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 02:55:07 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c1e0e890fa0d9f79c9d31d7e51050c45
7c8320ddaac9a281a8e991a370e7f04f56b52667
952ea85225c5754b61c1b640ca341fadec09162769ff53870d86ac578839feea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "952EA85225C5754B61C1B640CA341FADEC09162769FF53870D86AC578839FEEA"
Last-Modified: Sun, 27 Nov 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14562
Expires: Mon, 28 Nov 2022 06:57:49 GMT
Date: Mon, 28 Nov 2022 02:55:07 GMT
Connection: keep-alive
tallysaturatesnare.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Fcss%2Fanimate.css&l=79249&fd=335
173.233.137.52200 OK 0 B URL HTTP/1.1 tallysaturatesnare.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Fcss%2Fanimate.css&l=79249&fd=335
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Fcss%2Fanimate.css&l=79249&fd=335 HTTP/1.1
Host: tallysaturatesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Cookie: u_pl=17499693; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecd06d8c07b7e38dbb7d733180628273af=[3760946]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 02:55:07 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
tallysaturatesnare.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Fjs%2Fscript.js&l=23003&fd=374
173.233.137.52200 OK 0 B URL HTTP/1.1 tallysaturatesnare.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Fjs%2Fscript.js&l=23003&fd=374
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Fjs%2Fscript.js&l=23003&fd=374 HTTP/1.1
Host: tallysaturatesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Cookie: u_pl=17499693; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecd06d8c07b7e38dbb7d733180628273af=[3760946]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 02:55:07 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
unseenreport.com/pxf.gif?uuid=effd56c6-bc94-4078-8c05-8b3969187a63&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=d06d8c07b7e38dbb7d733180628273af&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=2
192.243.59.12200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=effd56c6-bc94-4078-8c05-8b3969187a63&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=d06d8c07b7e38dbb7d733180628273af&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=2
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=effd56c6-bc94-4078-8c05-8b3969187a63&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=d06d8c07b7e38dbb7d733180628273af&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=2 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 28 Nov 2022 02:55:07 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 798f69cd08c31de5c4e979d3d8ce514c
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/img/close.svg
172.64.109.13200 OK 132 kB URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/img/close.svg
IP 172.64.109.13:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text
Size 132 kB (131776 bytes)
Hash ec532f1b20669aa5975961c96acdbece
c56d7597287e118656e8f897e9590c1d8159b1d2
13b558e3068952e71c5920eaece7ed7a095192caec74efe56301913482ffcaca
GET /sb/interstitial/software/flashPlayer/mac/multi/1/img/close.svg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 02:55:06 GMT
content-type: image/svg+xml
last-modified: Wed, 01 Sep 2021 12:22:39 GMT
etag: W/"612f708f-4ff"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1083656
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ktqD1U3jAZ9Fer8S%2Fvo%2Fk1ulhpKGKpTwOY8%2FyOXQdbKjWuZ2gKcHKgBg7juxN3sbuhW7yJTvAhejTy%2FxyiaCz09Z4icDqtvbNmFD0FnDdA4OrGGPjelx%2Fq4lW5IeY0ps6QoSL9YCf41B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770fd2a49da488c1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 0c7f923b97046608033f90253a891bf0
bf5025e94ed9ea85ee3e7677561ee686480b526c
1062154cd5de28de1d012a4f4d10fb5e548fabf6d67918eaeb745975949a3294
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 02:55:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/js/jquery.min.js
172.64.109.13200 OK 31 kB URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/js/jquery.min.js
IP 172.64.109.13:0
File type ASCII text, with very long lines (32025), with CRLF line terminators
Hash 6027933e90b1d0f8d4af63208f6f5a40
b47a6b107d038d71c0b1bb8a2226dd6a026ceefa
516380e00fa3822eb0f1e7c93aa9bdb873f1d8db4a05b38885e19df70db5db14
GET /sb/interstitial/software/flashPlayer/mac/multi/1/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 02:55:06 GMT
content-type: application/javascript
last-modified: Wed, 01 Sep 2021 12:22:37 GMT
etag: W/"612f708d-149a0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1083656
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2xTlQqFl5uVQR6gl%2BI6DsrUExk7JbdsYr77bbCP0zBRRMXBviQb3%2B64JMFl3NNG4G76fzBiykpaojrEYZU0ltW8dfeH9sSG1nCmdOzN%2Ft2eXjVSj05HEZAXufn1NayPAGvE7VPDO%2FKd8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770fd2a49da688c1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tallysaturatesnare.com/pixel/sbs?c=1
173.233.137.52200 OK 0 B URL HTTP/1.1 tallysaturatesnare.com/pixel/sbs?c=1
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: tallysaturatesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Cookie: u_pl=17499693; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecd06d8c07b7e38dbb7d733180628273af=[3760946]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 02:55:07 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
tallysaturatesnare.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSwW8bxRud7S8%2FDi0XKi4Iiiy4gATOrtfO2vQQUUpQ1TQJbVHOszNjZ5rZndXMrtfxAUUUoR44uPQCF7R5ThoBVUXvIJBTISFLSFkOVQ7kX6ASogdOyI6liE%2Fa%2Fb6Z9w7vvW8%2B28mOiYuMHq1d032pFJ1vVN3KG%2Bsy5jq3lZWbFc%2Btuhcr6zJeqF%2Bs9CY%2F033HcxtV983KB4Jt6vma67mu53qVJWlEW%2Ffmpyhk8qDlVVtutV6reo06eua%2FZ5s5sNQB7x6T85C8%2FP%2FGr48g2Qhx9P1lYTdTnbz1fpQpmmqDLt%2F%2FKN6MdR4jOh3bxkE73p%2BxoW1JyJdnoOP9mQPo7u7EAUJZEueJhzDen8lE2N07URoqiBghP4e8O4JQI0g6AtO3IfkhARjHyiri6P6KNjndOkHpBC3J3LO%2FIPOSzP3xIuLo4SUle5UbWmWp1LFFr11A9kaQnRGS7ABp34HMD8DSTyD5b2T%2B2TLiaHfVKg3Ji6l7KUeQ7RGUGIBaB9nkkw6ytoMscRDxowpttNquG7TDtu8364wx32es0VzgDe7Xm20XGZvIGyBNBmBqAGa2kZhtbMq7h43zMNnPsBsFLHdg05I4H26jywvkgiC3BDklyCVBnhLk3WKPK1uzxX2ubBZ6s16bdb8Y6rSzQ%2Fd02hEx2UmOyQuTaJxzz72NTXFU4e4CbzI3CAPhN3kYBjzwfa%2FpLtSatcCnbVhZQNozU7d9WZIL%2BTwSWZK56GWE9ABWHYDJV0CzC6D5MKi5oBvDetNFP36YCraRaiW7otrb6oPrAkk6h3TL2VHH5KXpklqsBsHGi38HV3%2FZ%2F%2FNrMFMgMQVuyccEHXVneF3nZPe6zi15tJqkMpJ9OlngjZSmYu7bq2Ir14ZfuWwH37zLJsBkfHBT2HSZxlzGHUu%2BuyQ5F2ZJGybIj1fsugjXMrtxKTNxliyvvbd0JUqMsFbqeAQqD4N7YLIkZ69tT5%2Fmq58%2FhjQjmKxAlI3JrCD1AViyDZuMF5%2FeS3%2B49fE%2FsJrAqFNOmDjIs2JoauHppZIl8b96DUqMF79Inl9a8Z6AhgWsOI0hFOOfnp7wd%2BwddIwDmt5GHBXomgJdVYCqAWz2v2GamPHi7%2F60ECpnGCrj7IbKqLsn8Vp5VGl4ddEMmwHjPBSMe0HNb%2FquW%2BO8HrSE10JqS%2Fbp62f%2FBQAA%2F%2F8BAAD%2F%2F4M8J1p2BAAA
173.233.137.52200 OK 7 B URL HTTP/1.1 tallysaturatesnare.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSwW8bxRud7S8%2FDi0XKi4Iiiy4gATOrtfO2vQQUUpQ1TQJbVHOszNjZ5rZndXMrtfxAUUUoR44uPQCF7R5ThoBVUXvIJBTISFLSFkOVQ7kX6ASogdOyI6liE%2Fa%2Fb6Z9w7vvW8%2B28mOiYuMHq1d032pFJ1vVN3KG%2Bsy5jq3lZWbFc%2Btuhcr6zJeqF%2Bs9CY%2F033HcxtV983KB4Jt6vma67mu53qVJWlEW%2Ffmpyhk8qDlVVtutV6reo06eua%2FZ5s5sNQB7x6T85C8%2FP%2FGr48g2Qhx9P1lYTdTnbz1fpQpmmqDLt%2F%2FKN6MdR4jOh3bxkE73p%2BxoW1JyJdnoOP9mQPo7u7EAUJZEueJhzDen8lE2N07URoqiBghP4e8O4JQI0g6AtO3IfkhARjHyiri6P6KNjndOkHpBC3J3LO%2FIPOSzP3xIuLo4SUle5UbWmWp1LFFr11A9kaQnRGS7ABp34HMD8DSTyD5b2T%2B2TLiaHfVKg3Ji6l7KUeQ7RGUGIBaB9nkkw6ytoMscRDxowpttNquG7TDtu8364wx32es0VzgDe7Xm20XGZvIGyBNBmBqAGa2kZhtbMq7h43zMNnPsBsFLHdg05I4H26jywvkgiC3BDklyCVBnhLk3WKPK1uzxX2ubBZ6s16bdb8Y6rSzQ%2Fd02hEx2UmOyQuTaJxzz72NTXFU4e4CbzI3CAPhN3kYBjzwfa%2FpLtSatcCnbVhZQNozU7d9WZIL%2BTwSWZK56GWE9ABWHYDJV0CzC6D5MKi5oBvDetNFP36YCraRaiW7otrb6oPrAkk6h3TL2VHH5KXpklqsBsHGi38HV3%2FZ%2F%2FNrMFMgMQVuyccEHXVneF3nZPe6zi15tJqkMpJ9OlngjZSmYu7bq2Ir14ZfuWwH37zLJsBkfHBT2HSZxlzGHUu%2BuyQ5F2ZJGybIj1fsugjXMrtxKTNxliyvvbd0JUqMsFbqeAQqD4N7YLIkZ69tT5%2Fmq58%2FhjQjmKxAlI3JrCD1AViyDZuMF5%2FeS3%2B49fE%2FsJrAqFNOmDjIs2JoauHppZIl8b96DUqMF79Inl9a8Z6AhgWsOI0hFOOfnp7wd%2BwddIwDmt5GHBXomgJdVYCqAWz2v2GamPHi7%2F60ECpnGCrj7IbKqLsn8Vp5VGl4ddEMmwHjPBSMe0HNb%2FquW%2BO8HrSE10JqS%2Fbp62f%2FBQAA%2F%2F8BAAD%2F%2F4M8J1p2BAAA
IP 173.233.137.52:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSwW8bxRud7S8%2FDi0XKi4Iiiy4gATOrtfO2vQQUUpQ1TQJbVHOszNjZ5rZndXMrtfxAUUUoR44uPQCF7R5ThoBVUXvIJBTISFLSFkOVQ7kX6ASogdOyI6liE%2Fa%2Fb6Z9w7vvW8%2B28mOiYuMHq1d032pFJ1vVN3KG%2Bsy5jq3lZWbFc%2Btuhcr6zJeqF%2Bs9CY%2F033HcxtV983KB4Jt6vma67mu53qVJWlEW%2Ffmpyhk8qDlVVtutV6reo06eua%2FZ5s5sNQB7x6T85C8%2FP%2FGr48g2Qhx9P1lYTdTnbz1fpQpmmqDLt%2F%2FKN6MdR4jOh3bxkE73p%2BxoW1JyJdnoOP9mQPo7u7EAUJZEueJhzDen8lE2N07URoqiBghP4e8O4JQI0g6AtO3IfkhARjHyiri6P6KNjndOkHpBC3J3LO%2FIPOSzP3xIuLo4SUle5UbWmWp1LFFr11A9kaQnRGS7ABp34HMD8DSTyD5b2T%2B2TLiaHfVKg3Ji6l7KUeQ7RGUGIBaB9nkkw6ytoMscRDxowpttNquG7TDtu8364wx32es0VzgDe7Xm20XGZvIGyBNBmBqAGa2kZhtbMq7h43zMNnPsBsFLHdg05I4H26jywvkgiC3BDklyCVBnhLk3WKPK1uzxX2ubBZ6s16bdb8Y6rSzQ%2Fd02hEx2UmOyQuTaJxzz72NTXFU4e4CbzI3CAPhN3kYBjzwfa%2FpLtSatcCnbVhZQNozU7d9WZIL%2BTwSWZK56GWE9ABWHYDJV0CzC6D5MKi5oBvDetNFP36YCraRaiW7otrb6oPrAkk6h3TL2VHH5KXpklqsBsHGi38HV3%2FZ%2F%2FNrMFMgMQVuyccEHXVneF3nZPe6zi15tJqkMpJ9OlngjZSmYu7bq2Ir14ZfuWwH37zLJsBkfHBT2HSZxlzGHUu%2BuyQ5F2ZJGybIj1fsugjXMrtxKTNxliyvvbd0JUqMsFbqeAQqD4N7YLIkZ69tT5%2Fmq58%2FhjQjmKxAlI3JrCD1AViyDZuMF5%2FeS3%2B49fE%2FsJrAqFNOmDjIs2JoauHppZIl8b96DUqMF79Inl9a8Z6AhgWsOI0hFOOfnp7wd%2BwddIwDmt5GHBXomgJdVYCqAWz2v2GamPHi7%2F60ECpnGCrj7IbKqLsn8Vp5VGl4ddEMmwHjPBSMe0HNb%2FquW%2BO8HrSE10JqS%2Fbp62f%2FBQAA%2F%2F8BAAD%2F%2F4M8J1p2BAAA HTTP/1.1
Host: tallysaturatesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Cookie: u_pl=17499693; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecd06d8c07b7e38dbb7d733180628273af=[3760946]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 28 Nov 2022 02:55:07 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 546748eca487cbf08bbf71034b594515
Strict-Transport-Security: max-age=0; includeSubdomains
oaphoace.net/impression/FZc1i91AoAH6iCiS-OZsbjM7e7XfsvAjuWvI3f5OjJsSHqfeH-T3eSUupXTV8H2n-FjlgSBeFB14y8j-fFaclbdpdrPDeDpPJ4N5i0VljhmyGIhRZqe_nA9rqIOYER50Sqs841IxGOBk-unMQHlF0DENphytm31Mtz5z96Ncwfp8yauB_X5UkYVm4sXIe5EXdkN7Dz2DFgdDio6O62u5ad73UcqD-6Se5akPRgiWn4W-VaGLdOD75W1rE0GKkM397Xpo7BN2qYUItuudEgDjOgQLKbDEtV-xtfjeSKqCN5qpyOzm2aTnDE4Wy_tC4fKFQjU3O-jTyPLHtT55ytLb2cKT8M6O_JHHKbThaMV8HYdu3M5Hu_fxlLHJXUmx0ADJ4-rinFLNqTz_2k1U3L09weB-_KvjbwALKh7cYCD4QUFRQnbB-NClsbC_HuDjMnVz3dZ7wTI1bl86hf0XPMh51oXw_xTkG_P5rbhG_HWUNgE0uC4Ym9p-XD7hoZkMbZFG3CbpXRJFBvpMy7f6yvwJclKLVLHwoazpO_TJ41-QUlnd5DKaSNRnKX3WWc35332IJ1RJeaaoREB9TL7zLlVL-m4yp7GcDAzKyj4d96a8KEW2z8r5pmm4GBhftimVz3bgBg-nUYKZ6zvdbUxrgqA5DVY2nKvxLF9Wb8m8qKaeq96_zbPdsRQrlUWglWEzm-VH3n966H3ORrc90mjyLrXRtEx3ZybbkQM2saH6eHTTtxoERlrCLV9FjOKYeKYELmaA5iZI0it0UJrmJ-0UqsF_E1fnonBB6S5bB4QcpaJ5HROgcpUpVZz3d70ESPH_ai9M?_z=5330694&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=7&pl=https%3A%2F%2Fwww.techtolive.xyz%2F2022%2F08%2Findian-entertainment-pubg-whatsapp.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 43 B URL HTTP/2 oaphoace.net/impression/FZc1i91AoAH6iCiS-OZsbjM7e7XfsvAjuWvI3f5OjJsSHqfeH-T3eSUupXTV8H2n-FjlgSBeFB14y8j-fFaclbdpdrPDeDpPJ4N5i0VljhmyGIhRZqe_nA9rqIOYER50Sqs841IxGOBk-unMQHlF0DENphytm31Mtz5z96Ncwfp8yauB_X5UkYVm4sXIe5EXdkN7Dz2DFgdDio6O62u5ad73UcqD-6Se5akPRgiWn4W-VaGLdOD75W1rE0GKkM397Xpo7BN2qYUItuudEgDjOgQLKbDEtV-xtfjeSKqCN5qpyOzm2aTnDE4Wy_tC4fKFQjU3O-jTyPLHtT55ytLb2cKT8M6O_JHHKbThaMV8HYdu3M5Hu_fxlLHJXUmx0ADJ4-rinFLNqTz_2k1U3L09weB-_KvjbwALKh7cYCD4QUFRQnbB-NClsbC_HuDjMnVz3dZ7wTI1bl86hf0XPMh51oXw_xTkG_P5rbhG_HWUNgE0uC4Ym9p-XD7hoZkMbZFG3CbpXRJFBvpMy7f6yvwJclKLVLHwoazpO_TJ41-QUlnd5DKaSNRnKX3WWc35332IJ1RJeaaoREB9TL7zLlVL-m4yp7GcDAzKyj4d96a8KEW2z8r5pmm4GBhftimVz3bgBg-nUYKZ6zvdbUxrgqA5DVY2nKvxLF9Wb8m8qKaeq96_zbPdsRQrlUWglWEzm-VH3n966H3ORrc90mjyLrXRtEx3ZybbkQM2saH6eHTTtxoERlrCLV9FjOKYeKYELmaA5iZI0it0UJrmJ-0UqsF_E1fnonBB6S5bB4QcpaJ5HROgcpUpVZz3d70ESPH_ai9M?_z=5330694&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=7&pl=https%3A%2F%2Fwww.techtolive.xyz%2F2022%2F08%2Findian-entertainment-pubg-whatsapp.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Analyzer Verdict Alert quad9 Sinkholed
GET /impression/FZc1i91AoAH6iCiS-OZsbjM7e7XfsvAjuWvI3f5OjJsSHqfeH-T3eSUupXTV8H2n-FjlgSBeFB14y8j-fFaclbdpdrPDeDpPJ4N5i0VljhmyGIhRZqe_nA9rqIOYER50Sqs841IxGOBk-unMQHlF0DENphytm31Mtz5z96Ncwfp8yauB_X5UkYVm4sXIe5EXdkN7Dz2DFgdDio6O62u5ad73UcqD-6Se5akPRgiWn4W-VaGLdOD75W1rE0GKkM397Xpo7BN2qYUItuudEgDjOgQLKbDEtV-xtfjeSKqCN5qpyOzm2aTnDE4Wy_tC4fKFQjU3O-jTyPLHtT55ytLb2cKT8M6O_JHHKbThaMV8HYdu3M5Hu_fxlLHJXUmx0ADJ4-rinFLNqTz_2k1U3L09weB-_KvjbwALKh7cYCD4QUFRQnbB-NClsbC_HuDjMnVz3dZ7wTI1bl86hf0XPMh51oXw_xTkG_P5rbhG_HWUNgE0uC4Ym9p-XD7hoZkMbZFG3CbpXRJFBvpMy7f6yvwJclKLVLHwoazpO_TJ41-QUlnd5DKaSNRnKX3WWc35332IJ1RJeaaoREB9TL7zLlVL-m4yp7GcDAzKyj4d96a8KEW2z8r5pmm4GBhftimVz3bgBg-nUYKZ6zvdbUxrgqA5DVY2nKvxLF9Wb8m8qKaeq96_zbPdsRQrlUWglWEzm-VH3n966H3ORrc90mjyLrXRtEx3ZybbkQM2saH6eHTTtxoERlrCLV9FjOKYeKYELmaA5iZI0it0UJrmJ-0UqsF_E1fnonBB6S5bB4QcpaJ5HROgcpUpVZz3d70ESPH_ai9M?_z=5330694&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=7&pl=https%3A%2F%2Fwww.techtolive.xyz%2F2022%2F08%2Findian-entertainment-pubg-whatsapp.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: oaphoace.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Cookie: OAID=19974a92c7e446d2b6e60c4722cd61ff
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 02:55:10 GMT
content-type: image/gif
content-length: 43
x-trace-id: 5775ebc90e4419e75e10dc80fe2d0868
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
p3.adhitzads.com/6384230894e47926509238gtechtolive.xyz219575
104.21.67.138200 OK 0 B URL HTTP/2 p3.adhitzads.com/6384230894e47926509238gtechtolive.xyz219575
IP 104.21.67.138:0
GET /6384230894e47926509238gtechtolive.xyz219575 HTTP/1.1
Host: p3.adhitzads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 02:55:04 GMT
content-type: text/html; charset=UTF-8
expires: Mon, 28 Nov 2022 03:25:04 GMT
cache-control: max-age=1800, private
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sLM7p%2BjoF6t2NBOIKEZwyVpHEZs2hnjYMcZtkuxIC4XIGzy9i0dxNK0ARYh9bINvJCa1kW2JhHjE3dHmUDO0ej4bBmXV9dElTFvcQjd3wX5wTw9sNBVgnN6nW8XYe8yr7Vmd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770fd2960a6eb506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/interstitial/software/flashPlayer/mac/multi/1/index.html
45.133.44.4200 OK 0 B URL HTTP/2 cdn.barscreative1.com/sb/interstitial/software/flashPlayer/mac/multi/1/index.html
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert fortinet Phishing
GET /sb/interstitial/software/flashPlayer/mac/multi/1/index.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.techtolive.xyz
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 02:55:06 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Wed, 01 Sep 2021 12:22:33 GMT
etag: W/"612f7089-cfb"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Mon, 28 Nov 2022 03:55:06 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:400,400i,700,700i
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,400i,700,700i
IP 142.250.74.10:0
GET /css?family=Open+Sans:400,400i,700,700i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 28 Nov 2022 02:55:03 GMT
date: Mon, 28 Nov 2022 02:55:03 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
arsnivyr.com/27/22b0ff6d446d45dfe24f0ae457b1c7db
139.45.197.242200 OK 0 B URL HTTP/2 arsnivyr.com/27/22b0ff6d446d45dfe24f0ae457b1c7db
IP 139.45.197.242:0
Analyzer Verdict Alert quad9 Sinkholed
GET /27/22b0ff6d446d45dfe24f0ae457b1c7db HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Cookie: scm=1; OAID=e53f6bbd3794439eba1c918c746a22b4; oaidts=1669604103
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 02:55:03 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Fri, 25 Nov 2022 08:14:39 GMT
expires: Fri, 25 Dec 2082 08:14:39 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
p3.adhitzads.com/?z=1171918&p=4026898487&l=https%3A//www.techtolive.xyz/2022/08/indian-entertainment-pubg-whatsapp.html&c=1
104.21.67.138200 OK 0 B URL HTTP/2 p3.adhitzads.com/?z=1171918&p=4026898487&l=https%3A//www.techtolive.xyz/2022/08/indian-entertainment-pubg-whatsapp.html&c=1
IP 104.21.67.138:0
GET /?z=1171918&p=4026898487&l=https%3A//www.techtolive.xyz/2022/08/indian-entertainment-pubg-whatsapp.html&c=1 HTTP/1.1
Host: p3.adhitzads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 02:55:04 GMT
content-type: text/javascript;charset=UTF-8
x-powered-by: PHP/5.6.40
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=szGy66Nm%2BQDMmf%2FIaMmImM73KNq8XLLs%2B7W0R0DhPKyZFu1NHSy7g13ek%2BDl25uPiiQs40kXgc7KzO4xi2c7h76I3mIoC44xB5iwYtqOhP7BzpedQuA5YjSjCsDTwSRXn2lB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770fd2958a48b506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/css/style.css
172.64.109.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/css/style.css
IP 172.64.109.13:0
GET /sb/interstitial/software/flashPlayer/mac/multi/1/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.techtolive.xyz
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 02:55:07 GMT
content-type: text/css
last-modified: Wed, 01 Sep 2021 12:22:34 GMT
etag: W/"612f708a-11aa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Czw70fH7TG4vv3lUe7WYgodOb9%2FVGGvsfq8SlFJjk0KOrqxeHVDYiKg%2FRo70ZkBVmf%2FSGp8xNdeRD6WQmfpXrA5O%2BsvXTxZFrKJrlcWmHKeAjbF0aQYHGeG85LWaaHcd78hNjMTb3gud"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770fd2a40d4e88c1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/css/animate.css
172.64.109.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/css/animate.css
IP 172.64.109.13:0
GET /sb/interstitial/software/flashPlayer/mac/multi/1/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.techtolive.xyz
Connection: keep-alive
Referer: https://www.techtolive.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 02:55:07 GMT
content-type: text/css
last-modified: Wed, 01 Sep 2021 12:22:34 GMT
etag: W/"612f708a-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kFeUGJEJaKdOuvVYNUpIWKIitkvJb3GtVk3fDk35VyoxtogShY67Ed8HnysNv%2Br3ekDbFM5lSj55TW7vT8vkvdZVW5owiJIS%2FJ8SxPQMA1z3kNeV4WsUk%2FbXn9IrSvEA9xxedGhH8FtS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770fd2a42d6f88c1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2