Overview

URLfiles.technicalatg.com/cu1xLl1
IP 188.114.96.1 (Colombia)
ASN#13335 CLOUDFLARENET
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Access lock_open
Report completed2022-12-12 06:27:34 UTC
StatusLoading report..
IDS alerts0
Blocklist alert9
urlquery alerts No alerts detected
Tags None

Domain Summary (34)

Fully Qualifying Domain Name Rank First Seen Last Seen Sent bytes Received bytes IP Comment
onclickperformance.com (5) 40767 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 3818 137336 35.190.55.95
e1.o.lencr.org (4) 6159 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 1352 2914 23.36.77.32
push.services.mozilla.com (1) 2140 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 606 127 35.163.49.154
6a246040fffc465aa5f1a606729b6316.safeframe.googlesyndication.com (1) 0 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 593 3495 142.250.74.97
technicalatg.com (5) 0 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 3263 18326 188.114.96.1
firefox.settings.services.mozilla.com (2) 867 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 782 2374 35.241.9.150
ocsp.digicert.com (1) 86 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 341 796 93.184.220.29
stats.wp.com (2) 2711 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 763 81368 192.0.76.3
simplewebanalysis.com (2) 0 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 944 18651 18.195.193.92
r3.o.lencr.org (10) 344 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 3380 8863 23.36.77.32
adservice.google.no (1) 96969 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 442 1104 216.58.211.2
files.technicalatg.com (2) 0 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 820 1589 188.114.96.1
securepubads.g.doubleclick.net (1) 190 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 423 28519 142.250.74.34
pagead2.googlesyndication.com (2) 101 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 985 62661 216.58.211.2
cdn.adxfire.com (1) 0 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 431 41412 23.111.12.177
ocsp.sectigo.com (2) 487 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 680 1926 104.18.32.68
code.jquery.com (2) 634 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 787 67440 69.16.175.42
shopde.pricedeals.shop (3) 0 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 2019 2037 135.181.6.240
contile.services.mozilla.com (1) 1114 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 333 391 34.117.237.239
tpc.googlesyndication.com (1) 126 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 420 7187 172.217.21.161
ocsp.sca1b.amazontrust.com (1) 1015 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 350 944 54.230.245.100
restorationpencil.com (2) 0 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 2868 4536 173.233.137.60
ciar-kep.com (1) 0 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 475 753 3.212.50.125
ocsp.pki.goog (7) 175 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 2401 4900 142.250.74.131
knewwholesomecharming.com (2) 462916 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 894 20983 192.243.59.13
cdn.pubxmedia.com (1) 0 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 439 7889 172.67.142.130
ocsp.comodoca.com (1) 1696 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 341 1006 172.64.155.188
pixel.wp.com (1) 2545 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 559 239 192.0.76.3
crrepo.com (2) 82002 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 959 147561 104.21.235.113
jsc.adskeeper.co.uk (1) 27362 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 430 1598 104.18.34.236
slobcarpstun.com (1) 0 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 2528 3258 192.243.59.13
content-signature-2.cdn.mozilla.net (1) 1152 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 413 5844 34.160.144.191
img-getpocket.cdn.mozilla.net (5) 1631 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 2705 45569 34.120.237.76
www.spikereekvelocity.com (2) 0 0001-01-01T00:00:00Z 0001-01-01T00:00:00Z 2306 3887 173.233.137.52

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-12-12 medium simplewebanalysis.com/stats Malware
2022-12-12 medium simplewebanalysis.com/stats Malware
2022-12-12 medium ciar-kep.com/zcvisitor/0e4c3df2-79e6-11ed-996e-0a1b3cd554bb/014d4f70-c126-1 (...) Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
Scan Date Severity Indicator Comment
2022-12-12 medium restorationpencil.com Sinkholed
2022-12-12 medium restorationpencil.com Sinkholed
2022-12-11 medium slobcarpstun.com Sinkholed
2022-12-11 medium spikereekvelocity.com Sinkholed
2022-12-11 medium spikereekvelocity.com Sinkholed
2022-12-12 medium ciar-kep.com Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 188.114.96.1
Date UQ / IDS / BL URL IP
2023-06-05 22:41:40 UTC 0 - 0 - 0 certaainly3.nl/ 188.114.96.1
2023-06-05 22:31:40 UTC 0 - 3 - 4 pasteio.com/raw/xkDoqBXNzJWd/ 188.114.96.1
2023-06-05 22:32:45 UTC 0 - 4 - 12 videoandgames.site/zb3FQS4t 188.114.96.1
2023-06-05 22:24:51 UTC 0 - 3 - 4 pasteio.com/raw/xkDoqBXNzJWd 188.114.96.1
2023-06-05 22:19:56 UTC 0 - 0 - 0 certaainly3.nl/invite/i=1570 188.114.96.1


Last 5 reports on ASN: CLOUDFLARENET
Date UQ / IDS / BL URL IP
2023-06-05 22:47:39 UTC 0 - 0 - 0 bwjgukv48p647a2153c8a46.94taiw.ru 188.114.97.1
2023-06-05 22:45:15 UTC 0 - 1 - 0 gleetchisurvey.top/survey-dating.html 172.64.165.21
2023-06-05 22:45:00 UTC 0 - 2 - 0 s3.romsfast.com/PS2-EU/Silent%20Hill%20-%20Sh (...) 172.67.71.93
2023-06-05 22:41:49 UTC 0 - 0 - 13 www.searchingforsingles.com/landing/milf_dark (...) 104.26.3.164
2023-06-05 22:41:40 UTC 0 - 0 - 0 certaainly3.nl/ 188.114.96.1


Last 5 reports on domain: technicalatg.com
Date UQ / IDS / BL URL IP
2023-05-30 21:49:03 UTC 0 - 0 - 1 files.technicalatg.com/dGtB 188.114.97.1
2023-05-26 16:44:54 UTC 0 - 0 - 4 files.technicalatg.com/G5DTvuyQzL 104.21.70.184
2023-05-20 10:51:34 UTC 0 - 0 - 9 files.technicalatg.com/97xeVhEGr 172.67.138.171
2023-03-19 07:49:13 UTC 0 - 0 - 2 technicalatg.com/verify/?TPs8lrH 172.67.138.171
2023-01-06 23:37:31 UTC 0 - 0 - 10 technicalatg.com/?go=869997c18b5d1338fd7ca828 (...) 104.21.70.184


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-03-24 19:47:38 UTC 0 - 0 - 2 raw.githubusercontent.com/limerboy/stormkitty (...) 185.199.111.133
2023-03-20 14:28:03 UTC 0 - 1 - 0 raw.githubusercontent.com/hak5/usbrubberducky (...) 185.199.110.133
2023-01-27 20:57:06 UTC 0 - 1 - 0 d2hksidhws90js.cloudfront.net/gate.php?gate=b (...) 54.230.245.130
2023-01-19 09:45:30 UTC 0 - 1 - 0 raw.githubusercontent.com/nvnrcsq/rust-extern (...) 185.199.111.133
2023-01-06 16:27:02 UTC 0 - 0 - 2 raw.githubusercontent.com/vxunderground/malwa (...) 185.199.108.133

JavaScript

Executed Scripts (64)

Executed Evals (3)
#1 JavaScript::Eval (size: 31) - SHA256: 6e4c074bba968f3a2899edcbccf9e893ebdad7a5a533463e4d9630f28f3baed1
(a = 0) => {
    let b;
    const c = class {};
}
#2 JavaScript::Eval (size: 29) - SHA256: b2ebc210c5c379879d07a4a9e046a4ea803d56dcc91d533db817ec272cbcfaf4
var dfc221c35e = Number('');
#3 JavaScript::Eval (size: 469) - SHA256: 91f418c520f227355db381120aeb0ac0005497307defe49bfeebc6e31868391b
           if (typeof dfc221c35e !== 'undefined') {
               if (!isNaN(dfc221c35e) && dfc221c35e > 0) setTimeout(function() {
                   window.top.location = 'https://www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17798884';
               }, dfc221c35e * 1000);
               else window.top.location = 'https://www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17798884';
           }

Executed Writes (11)
#1 JavaScript::Write (size: 885) - SHA256: c3778b08847ad3088fb9353c3758c84414d2ff3739b570e8fc916f75c1136a12
< iframe width = "300"
height = "250"
marginwidth = "0"
marginheight = "0"
vspace = "0"
hspace = "0"
allowtransparency = "true"
allowfullscreen = "true"
style = "border: medium none; padding: 0; margin: 0;  sandbox="
allow - scripts allow - forms allow - popups allow - popups - to - escape - sandbox allow - pointer - lock allow - same - origin " id="
6396 c9d00ea64 " frameborder="
0 " src="
https: //onclickperformance.com/ad/display.php?stamat=m%257C%252C8NjZ793OqB1dAN0dEdHP3xP.248%252CZMkKdRAQlkuDbgTABrav5PzkPQ5_heC032WtGHCgC4b9awuZEr_u0LUi_2kBMcEADAEPG5wvq70Qrq2Sslfxk0ehdy7MzSMJUqKohDOYjew%252C&cbpage=https://technicalatg.com/?go=869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSbVdkYkFkTTRqcVMybWc2WnhXRVBDaz0=&cbur=0.5358227788406204&cbtitle=2017%20Marketplace%20health%20insurance%20%26%20tax%20tips&cbiframe=0&cbWidth=1280&cbHeight=939&cbdescription=&cbkeywords=&cbref=" scrolling="no"></iframe>
#2 JavaScript::Write (size: 711) - SHA256: 2f7680da7e354a7d538874169b0c1aec1525ef445908045643bbaf19ab9efae2
< a href = "https://onclickperformance.com/do/c.php?stamat=m%257C%252C%252CQjJ2IhY3oGU3Bf9GH0dEdHP3xP.49c%252CM_c1quJmdZXG33DIX4nsNQywvzPlUTaFSKee893AmJ04DMTzJM9f-puRl6MsptB7cIwuqq3TAV9Eg3IFYeWOeuyi1wo2pDIF0c0bUvc1s6D1hZQqS6HUl_UnSbTF5rC12AdBbuMQT7SYI6ABEbuoZpydEJrVPG9yVyfhLMTFIwm_-V6vaRUBkLxkVEQ8DtqqysdtOORO73ZFR0ayZmoesqpBi6fzPzJ42Tw1LzxWBUjytGyK7bS_HsaDwDQFa3q3HpYWRP9BChKrFmEIZhdrvr6ywftqP7I06sJ9hBziS-vXwzOtgyfb2Sey2_dC3kpOZnPmAgmYX43i7OSkZEKulfnqHN5ykap79b-XfP7o3vw97c7S-Y_Xu2-9YMg8WovcLNXYMasZbFEw4LCCaugoyVF0Yfquim9GccvQu7fitu3FNvywfqSeKvljvryOnFr9"
target = "_blank" > < img border = "0"
src = "https://crrepo.com/extban/261160620/creatives/23276894/54db327e1998eb469be2be3c96dfa739_5143.gif"
width = "100%" / > < /a>
#3 JavaScript::Write (size: 885) - SHA256: 24de09562ca534e27240ce99a4bc9ac52263c27af85cef46277a5930f6ed434f
< iframe width = "300"
height = "250"
marginwidth = "0"
marginheight = "0"
vspace = "0"
hspace = "0"
allowtransparency = "true"
allowfullscreen = "true"
style = "border: medium none; padding: 0; margin: 0;  sandbox="
allow - scripts allow - forms allow - popups allow - popups - to - escape - sandbox allow - pointer - lock allow - same - origin " id="
6396 c9d106f8e " frameborder="
0 " src="
https: //onclickperformance.com/ad/display.php?stamat=m%257C%252Ck9iI6d2NqB1dAN0dEdHP3xP.72c%252CZMkKdRAQlkuDbgTABrav5Jba4Rb81R4UOgKk6FDg_X5n_dhQzSPY_S4ufg3pDsMoZAY42NUGCGdilkOoWrY5zQrZosfOXiruwl39GxQYiJc%252C&cbpage=https://technicalatg.com/?go=869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSbVdkYkFkTTRqcVMybWc2WnhXRVBDaz0=&cbur=0.6274548350604121&cbtitle=2017%20Marketplace%20health%20insurance%20%26%20tax%20tips&cbiframe=0&cbWidth=1280&cbHeight=939&cbdescription=&cbkeywords=&cbref=" scrolling="no"></iframe>
#4 JavaScript::Write (size: 711) - SHA256: 11b4504c288dd13717ed2b68946eff2be5478d1f465c5864f9de6cb78aba7310
< a href = "https://onclickperformance.com/do/c.php?stamat=m%257C%252C%252CQ3LqNhZrtGU3Bf9GH0dEdHP3xP.bd9%252CM_c1quJmdZXG33DIX4nsNe8guKU1jFEybi9vA9_NXjC9JF5qhQnKoutBL6r43mGCS8lh_kzO2FouRNBdgva8RtzgGJ-3BjeCFxGVuhINXsptOdowJ9KROhOpB6Au77CAoK9u5PRtj3l3cAsJCZd2a83D7OXs6_uDmBTUWjXKFCVix-yIDC69gHoS3kiorjNMaUFdLGbxFZgSADfhMiBBY0FUK_Ecbgov6ci4fNVhw2GPSaYQ-8L26z9O99P9aM2HHAAm6BzThqlivBO7n75KErfrjPVgvE45xpKPJC4XZv8kosG70Wh8zc2trIvhKJJczcIza3ZjLwGOReYZ3pcM6YdnB45kJjtQFUTo776Qv5rV3V3rUp6WnqBtk6eRVyaBehC-OfG3lRk-V9RejuZjWy26M8X3p4QMqnBR7n3XkAFblWGOMOv81uyMfZggdI4U"
target = "_blank" > < img border = "0"
src = "https://crrepo.com/extban/316762620/creatives/23554626/708384a5184db12f1b4ce5b589b2ffe1_6778.gif"
width = "100%" / > < /a>
#5 JavaScript::Write (size: 711) - SHA256: 70afe1b87ca66ed480de873a9a3a361a9308c65e743c83a93a7b119d9ce17f86
< a href = "https://onclickperformance.com/do/c.php?stamat=m%257C%252C%252CQiLqY3F2tGU3Bf9GH0dEdHP3xP.5c2%252CEVPB5_Dv3HCOIazz9yXcLcS0_SmcBHdYROrv0hcMV0zaP_UTHeA_pr_z8dhxnBisYSw65307_Sssq8RVKRaueAXvgHLfDvrYbqCv2VwzBqUl7YpVasF219iPxA5mvmE_iZBpFHRFmYRbcySCYecW268D9m62Ofu7anEK2-fcpyFkJkPLtUp8D9gUP7hVunlFfw18YG9uFwFvHuCGOikU2pdud0jVFOTLSDdhgbKr5cE6PFFN10t2xKsKGdjdSGfeRXasEN_ztRopUe7fve8K5x1VuF8X7-tZ8sG2tf7AFSG3C19XfyRcPKMnKv592QdH4M_McgFvmyhN96G-Qo1kK2yghuvQ_gWXkCALooYy86qwqMVBDB_HvRhfQPtrkiaVpNkV73MgLFLLRclccfk5m1L_2PEJ_oy-FaZ7UQYLmqMnJ_PGeetpN5jm_OQRpRcP"
target = "_blank" > < img border = "0"
src = "https://crrepo.com/extban/316762620/creatives/23554622/63271d75be5297aca2c00d081a8429d7_7308.gif"
width = "100%" / > < /a>
#6 JavaScript::Write (size: 896) - SHA256: 69e90454d93d855b82e0f87d6bab5efe0e44942d9447ef00e8d0675691ab2a0f
< iframe width = "300"
height = "250"
marginwidth = "0"
marginheight = "0"
vspace = "0"
hspace = "0"
allowtransparency = "true"
allowfullscreen = "true"
style = "border: medium none; padding: 0; margin: 0;  sandbox="
allow - scripts allow - forms allow - popups allow - popups - to - escape - sandbox allow - pointer - lock allow - same - origin " id="
6396 c9ce1f53e " frameborder="
0 " src="
https: //onclickperformance.com/ad/display.php?stamat=m%257C%252CQYhPiIiKqB1dAN0dEdHP3xP.1e8%252CZMkKdRAQlkuDbgTABrav5INbu5UfO9yR33tef41JmGUzFQEuAJw2QnNlGEFywe9_SfVrODN_--WFw3335ACLWhbLiy_r-fswtGuMj9K7lSg%252C&cbpage=https://technicalatg.com/?go=869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSbVdkYkFkTTRqcVMybWc2WnhXRVBDaz0=&cbur=0.8721518924642385&cbtitle=What%20Is%20A%20Consumer%20Durable%20Loan%20%E2%80%93%20Higamingworld&cbiframe=0&cbWidth=1280&cbHeight=939&cbdescription=&cbkeywords=&cbref=" scrolling="no"></iframe>
#7 JavaScript::Write (size: 711) - SHA256: fd7826ffab8eed513c92de912c922f51094c0da72b47ff612046823068162004
< a href = "https://onclickperformance.com/do/c.php?stamat=m%257C%252C%252CwiJmYiK-oGU3Bf9GH0dEdHP3xP.6ac%252CM_c1quJmdZXG33DIX4nsNfCyOS2DRPe42ATbr82fqXFJhxJy3bwJTSYRYkz6hLTQiDXSxitm9Xbuf6Fhr8grv7DtU0Nvz-ueUxFMKZwGQDIaZTEJcsX8BNyFlj7KB_lty4J5TjmyMUc_3gbhY4TOv0TU87pj5HaYclxE_cOlyK7_EUOt9Z4SsDdW7kRNKh-UzXH1qi_HLhDsVEyo3KTR0cH25Z5fgP_v_LD2N_bjILxA8VrXGgxkgyYz5KJlox-irn-Lw7VMk1jLiEaE-OO54uh-k7nQdvIo2P7zplEMx7jgNEvyeJT_StjTBvUQJHQesDA3JdR9XoxM659iIWQSCHm3pXL_B4-MR_iTlIBLgDmuysnz1-s5Cx420jpmWOEdhzivswku5WdlW_23510Sycmcx8wlGSXsjhm64Xnq3KJQA227WFmdRvr5jMKfvst1"
target = "_blank" > < img border = "0"
src = "https://crrepo.com/extban/261160620/creatives/23276906/746a681c008e9512034507041aa6f3f3_8707.gif"
width = "100%" / > < /a>
#8 JavaScript::Write (size: 123) - SHA256: 295537ae3dedc5578c2062fba98f1c39521afa3e55164e8ab3dc8534bc8527d0
< script type = "text/javascript"
src = "https://knewwholesomecharming.com/be6c213e1e6a6a782e4f480f94d27a70/invoke.js" > < /script>
#9 JavaScript::Write (size: 896) - SHA256: 94e5a2c6f1a282a7257513138b3fe1b9a4d264f803811b70c38d7aaadf7d5f0c
< iframe width = "300"
height = "250"
marginwidth = "0"
marginheight = "0"
vspace = "0"
hspace = "0"
allowtransparency = "true"
allowfullscreen = "true"
style = "border: medium none; padding: 0; margin: 0;  sandbox="
allow - scripts allow - forms allow - popups allow - popups - to - escape - sandbox allow - pointer - lock allow - same - origin " id="
6396 c9cd950c5 " frameborder="
0 " src="
https: //onclickperformance.com/ad/display.php?stamat=m%257C%252CwoiOi9ifrB1dAN0dEdHP3xP.339%252CZMkKdRAQlkuDbgTABrav5Axo-d3udOzyEwAsbeGiVOj18zG2pDcEiF28R-AT1HyqxenOv4Oh6nnJEP4t4YRb8aTDl21Vq9z29JHpWBdPeX0%252C&cbpage=https://technicalatg.com/?go=869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSbVdkYkFkTTRqcVMybWc2WnhXRVBDaz0=&cbur=0.3630167998679503&cbtitle=What%20Is%20A%20Consumer%20Durable%20Loan%20%E2%80%93%20Higamingworld&cbiframe=0&cbWidth=1280&cbHeight=939&cbdescription=&cbkeywords=&cbref=" scrolling="no"></iframe>
#10 JavaScript::Write (size: 896) - SHA256: 50defc421c777cfdb6a5cfbe0df017fbf2f34914aca2a07145db3c8cf4ad7c1a
< iframe width = "300"
height = "250"
marginwidth = "0"
marginheight = "0"
vspace = "0"
hspace = "0"
allowtransparency = "true"
allowfullscreen = "true"
style = "border: medium none; padding: 0; margin: 0;  sandbox="
allow - scripts allow - forms allow - popups allow - popups - to - escape - sandbox allow - pointer - lock allow - same - origin " id="
6396 c9cdf0201 " frameborder="
0 " src="
https: //onclickperformance.com/ad/display.php?stamat=m%257C%252CkY2EuI2erB1dAN0dEdHP3xP.2f5%252CZMkKdRAQlkuDbgTABrav5DXtfh2BLgZl9Omf7uSj2KuM1rv_QJiMoxvWEJ-8hx02F-YkE-CbFhia4xqyNGUt9o_KNLtVEI8dd4lF5Waf0cY%252C&cbpage=https://technicalatg.com/?go=869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSbVdkYkFkTTRqcVMybWc2WnhXRVBDaz0=&cbur=0.6156696813641938&cbtitle=What%20Is%20A%20Consumer%20Durable%20Loan%20%E2%80%93%20Higamingworld&cbiframe=0&cbWidth=1280&cbHeight=939&cbdescription=&cbkeywords=&cbref=" scrolling="no"></iframe>
#11 JavaScript::Write (size: 711) - SHA256: c7fa2e8972ad30a9e8b6f1e89c407a51923afd634c92fd665d17da51dfdb1816
< a href = "https://onclickperformance.com/do/c.php?stamat=m%257C%252C%252Cg3ejNjImtGU3Bf9GH0dEdHP3xP.dd9%252CEVPB5_Dv3HCOIazz9yXcLbERJq4szL9nOv9Vqep-rFFM8YvNLgXUIIgLIJ-oH5kTdhQ5unfhgAEuluhJx2NoCpRnARu7A0zPfye0QNX6y4oHPwfrxHpLOtBJmQnl-6YfSMK9DG7kZJoaS_MWciXiUcWLlfARJqghbg5o3TxvG7IqfDZ9tNstsQOgQjYfws9X9edKvdI4VC38L2vw2uA6LU3NNAkaupzo2NUmkQo4NmfTnOPWuSh2xdGVBddL_KVlDAHmlx6MEKIibkVnu-4f1HHTIjxTxy3lLsaj0KfEfTem5gQJa4rRy9-rkJOdbFW-i8vHfdAhB7z_Xc3ymFW9_I1pJFQQSF9G4YalwA2gM8QD4Y4DXC-uOmiGFZexlyN_Sj_bip_e1x-k-V2aDPhq7rh7Sbjss3dEkoG0P84aKrGJbCa-ic6F_N7_ij9GTlDS"
target = "_blank" > < img border = "0"
src = "https://crrepo.com/extban/316762620/creatives/23554622/63271d75be5297aca2c00d081a8429d7_7308.gif"
width = "100%" / > < /a>


HTTP Transactions (77)


Request Response
                                        
                                            GET /cu1xLl1 HTTP/1.1 
Host: files.technicalatg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                        
                                             188.114.96.1
HTTP/1.1 301 Moved Permanently
                                            
Date: Mon, 12 Dec 2022 06:27:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 12 Dec 2022 07:27:23 GMT
Location: https://files.technicalatg.com/cu1xLl1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VcPbaYJxz9BQK4NYselnm1gp6Ydddpp07h5y%2FyOj1Sx6NVapKIsIF7QOW9ppoCMmxenQjZQRDXYnRWJrM7fVETtCzamQ43ERysCWB6oIfTb7z4%2FutXp7XHrBq46Kl4p7Ry8aE%2F1FmRIX"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 778464d75a43b50b-OSL
alt-svc: h2=":443"; ma=60

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 503
ETag: "315D77A9956F34B1615E38F5F1971DD05146980F8A36B35A8108D47EBBA7E8E5"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9665
Expires: Mon, 12 Dec 2022 09:08:28 GMT
Date: Mon, 12 Dec 2022 06:27:23 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 503
ETag: "636635B57F9E6D2AD9B1B949298EE7D3B5B7E251A63516FF68BFB1ECEDED5688"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13926
Expires: Mon, 12 Dec 2022 10:19:29 GMT
Date: Mon, 12 Dec 2022 06:27:23 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 503
ETag: "22DA5E6E3F9507688FC8CB02183D52CF38F4ADF8B2C6C52EAF5F88182471EFEB"
Last-Modified: Sun, 11 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15852
Expires: Mon, 12 Dec 2022 10:51:35 GMT
Date: Mon, 12 Dec 2022 06:27:23 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             35.241.9.150
HTTP/2 200 OK
content-type: application/json
                                            
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 12 Dec 2022 06:08:34 GMT
age: 1129
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    b44c4b5daa307a355e7bab1c83c1ca82
Sha1:   dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
Sha256: fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                            
x-amz-id-2: /tUTnFL2Pq3D/Ysx2v8b+9xxK+TMR0CB/utdmQgCdNlHPF9MuaiD37aMEYuFx2o5bonrmP0zsdo=
x-amz-request-id: H9C3ENG4AK57Z1J8
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 12 Dec 2022 05:49:29 GMT
age: 2274
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    53341dea33f4f3d9b4966f80589f429a
Sha1:   20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
Sha256: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                            
server: nginx
date: Mon, 12 Dec 2022 06:27:23 GMT
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 345
ETag: "98D30463D41500BFBBDB72FADD9CDCD840CFDA509D2CFBF57A2A51D27ED05EC6"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21586
Expires: Mon, 12 Dec 2022 12:27:09 GMT
Date: Mon, 12 Dec 2022 06:27:23 GMT
Connection: keep-alive

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             35.241.9.150
HTTP/2 200 OK
content-type: application/json
                                            
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 12 Dec 2022 05:33:17 GMT
age: 3247
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 345
ETag: "98D30463D41500BFBBDB72FADD9CDCD840CFDA509D2CFBF57A2A51D27ED05EC6"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21585
Expires: Mon, 12 Dec 2022 12:27:09 GMT
Date: Mon, 12 Dec 2022 06:27:24 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Accept-Ranges: bytes
Age: 1492
Cache-Control: max-age=97464
Date: Mon, 12 Dec 2022 06:27:24 GMT
Etag: "63959db0-1d7"
Expires: Tue, 13 Dec 2022 09:31:48 GMT
Last-Modified: Sun, 11 Dec 2022 09:06:56 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: O7zn/d+8NH0uRCOHDsldsg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                        
                                             35.163.49.154
HTTP/1.1 101 Switching Protocols
                                            
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: IjKX2P3AsyakSoIZe6snxkW845U=

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Date: Mon, 12 Dec 2022 06:27:25 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 10 Dec 2022 02:57:56 GMT
Expires: Sat, 17 Dec 2022 02:57:55 GMT
Etag: "8027b9617a77c573cafbbf5ac901e61e188d0e84"
Cache-Control: max-age=418829,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 778464e3599a0afe-OSL

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Date: Mon, 12 Dec 2022 06:27:25 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 10 Dec 2022 02:57:56 GMT
Expires: Sat, 17 Dec 2022 02:57:55 GMT
Etag: "8027b9617a77c573cafbbf5ac901e61e188d0e84"
Cache-Control: max-age=418829,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 778464e5aaca0afe-OSL

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7307
Expires: Mon, 12 Dec 2022 08:29:12 GMT
Date: Mon, 12 Dec 2022 06:27:25 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7307
Expires: Mon, 12 Dec 2022 08:29:12 GMT
Date: Mon, 12 Dec 2022 06:27:25 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7307
Expires: Mon, 12 Dec 2022 08:29:12 GMT
Date: Mon, 12 Dec 2022 06:27:25 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5d9c5ff-aaa2-4c2a-ab2b-661f84126bf7.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                            
server: nginx
content-length: 7104
x-amzn-requestid: b1117224-be51-4e21-8b3b-01e5485f0af0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAD2yH4loAMFuWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964cf8-1382e1a6710239ec629eedb8;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:34:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: A--8wjYJWCj_JD6eaj3FoD0dLarj6gvH2uQrmsEDLgPwZdQgtUmaoA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 21:34:48 GMT
age: 31957
etag: "f11e21b6ad97e07b1d7103ad40a2e158e06fda73"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7104
Md5:    86bce3d677c0dd541440ebf38920020d
Sha1:   f11e21b6ad97e07b1d7103ad40a2e158e06fda73
Sha256: 9e23bc16cd1402d9124ebb9e625a5580f677ca9e008d3e04dc95080072fd1df4
                                        
                                            GET /a/display.php?r=5070395 HTTP/1.1 
Host: onclickperformance.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             35.190.55.95
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                            
server: openresty
date: Mon, 12 Dec 2022 06:27:25 GMT
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   14041
Md5:    00b686c006226b9aa44f914acdcffe5a
Sha1:   82137a4e89ba564a7abb8ad4cc8d957d71e29bec
Sha256: 15c7ddacb86d4cbe1ac22177be854a9508c6945704e82141550fd8c1c103e426
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99b29987-02fd-4d31-922b-982bc01fc707.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                            
server: nginx
content-length: 11031
x-amzn-requestid: 69574045-a0a8-43d6-9d8d-55882e45da77
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAEM0HIWIAMFaJA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964d85-6815de4f3eec22984800e99b;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:37:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: L8bSONyZ4Sppy_T6TZjFUz19FsRQRqRGALg4Ttr1cuHPYJxdZwk9VA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 22:13:54 GMT
age: 29611
etag: "85c2634af4069eed597ee1c3d469234f948ffe30"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11031
Md5:    3c6b849c6f129763fdb8cb8e204c4061
Sha1:   85c2634af4069eed597ee1c3d469234f948ffe30
Sha256: e3199deebec60704cfcc2ade400cf7a676cc29571604904decf72fdae77218af
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df4e4c1-6b35-42cb-934f-923298f77ec2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                            
server: nginx
content-length: 9265
x-amzn-requestid: f9aa1f6f-91dc-48c1-819b-c7ac8fba37e6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAD4BFPMIAMFacw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964cff-6530a07c79f68a2a51e56a57;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:34:55 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: HMJiGsGsLtxdi-wVK-0Rl_YcYkb4T5kX8aOCFkxVIc0Xu8NhG8XLUg==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 21:34:56 GMT
age: 31949
etag: "3c2b64c94cc098a416b1d4865e31298fcd5d05c1"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9265
Md5:    7b226bd8dfeafe00183109d4f824e2be
Sha1:   3c2b64c94cc098a416b1d4865e31298fcd5d05c1
Sha256: ccce0f89771d141076cbf3a1830eaa5d81b9c0376c3637e100bdb21b98ecd3b2
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F665ae3f9-217a-4a26-a3ba-2af041aeaf35.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                            
server: nginx
content-length: 7408
x-amzn-requestid: 97306647-44c0-4d73-9625-f0af54acb577
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAD4MFTkoAMFX_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964d01-46d74b3f283ba5895aef6d3e;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:34:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XIdLQlkXcJ5PdAXw1Fb7i6CAaKnLuagCbzkMPBmcYeuSQJh_AwoMVw==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 21:34:57 GMT
age: 31948
etag: "23ec6d9f18c44680415659b987399014c20b6954"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7408
Md5:    8a37f35b8baf163928afa96129d83305
Sha1:   23ec6d9f18c44680415659b987399014c20b6954
Sha256: 13eb6db6765e1a69ba386cdb12d1451596ddebfcef20f1dbdf34f132c7f6c8f6
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc582b370-f952-4f63-9937-1de61f295c46.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        
                                             34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                            
server: nginx
content-length: 5452
x-amzn-requestid: eb6aca44-e834-4123-b191-eb3f007bf7b8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c6OCrGM-IAMFnxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393f6dd-71fee2de2dd69c7d1d4d32fe;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 03:02:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: SQJoOlmklC9KQSsedNiaNHyhmvIUvHCg0IU1PfXcZba1LXU-7VmMjw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 02:35:07 GMT
age: 13938
etag: "241a28d882355e06b0a2428c931f9d72dd5c6c53"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5452
Md5:    24d5e5918cf53c569d6674e598228246
Sha1:   241a28d882355e06b0a2428c931f9d72dd5c6c53
Sha256: 2ebf30d1844d23a2b7516b900b1aa4473e5c042b0e0ecb2c39675d4b4bc7910e
                                        
                                            GET /jquery-1.11.2.min.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             69.16.175.42
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                            
date: Mon, 12 Dec 2022 06:27:26 GMT
content-encoding: gzip
content-length: 33262
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-176bb"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1670826446.dop226.sk1.t,1670826446.cds071.sk1.hn,1670826446.cds264.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32047)
Size:   33262
Md5:    b63c8cb1c4a495ed04e735d25beabd78
Sha1:   0ae68f1c55c227331286ad94403122a5ab4526e1
Sha256: 26ea04aa9c41767051276b819a4aa8c6aa337df4da89872d021862312d478d39
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Date: Mon, 12 Dec 2022 06:27:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /tag/js/gpt.js HTTP/1.1 
Host: securepubads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             142.250.74.34
HTTP/2 200 OK
content-type: text/javascript
                                            
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27666
date: Mon, 12 Dec 2022 06:27:27 GMT
expires: Mon, 12 Dec 2022 06:27:27 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1419 / 626 of 1000 / last-modified: 1670587582"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (39504)
Size:   27666
Md5:    6e6a655c88ab947ddbbb8b38d167fbba
Sha1:   dfa4655064d9cc96138e05c3603e3c177d38a895
Sha256: fa31f9e17efaa6e5c7f26995cf21c4a23c7688fcbef4f2a4f827d1a090d3a59e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Date: Mon, 12 Dec 2022 06:27:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 344
ETag: "A4FCD6865511935EC8A24E9B836F82ED1202F2BBDBD9E0362BEA31632BD5A930"
Last-Modified: Sun, 11 Dec 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 12 Dec 2022 12:27:27 GMT
Date: Mon, 12 Dec 2022 06:27:27 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 344
ETag: "A4FCD6865511935EC8A24E9B836F82ED1202F2BBDBD9E0362BEA31632BD5A930"
Last-Modified: Sun, 11 Dec 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 12 Dec 2022 12:27:27 GMT
Date: Mon, 12 Dec 2022 06:27:27 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Date: Mon, 12 Dec 2022 06:27:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Date: Mon, 12 Dec 2022 06:27:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /scripts/technicalatg.com/banner/display.js HTTP/1.1 
Host: cdn.pubxmedia.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             172.67.142.130
HTTP/2 200 OK
content-type: application/javascript
                                            
date: Mon, 12 Dec 2022 06:27:27 GMT
cf-bgj: minify
cache-control: public, max-age=604800
expires: Sun, 18 Dec 2022 20:28:39 GMT
last-modified: Sun, 27 Nov 2022 20:07:54 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 35928
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XqC%2FQxi%2FscHXY16fWLZM5KzUv1seg7SBznTWV4en5Go9w7HUjXTqE%2FU8CnwF77w25GSTwIy%2BXrx15xbecOdB%2F7dCDif5ojzAR6L41M1ld1WtsICpFvqa8U9kW8Lq5yo3KCxr3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 778464f02b0cb4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   7078
Md5:    79efc7e17e56f38705f57d2486f83d4a
Sha1:   8798228e233158a0ee7fef963c857d103e200719
Sha256: 5847a14499e9220952983a25af1db4b31be5a6336c9bca5137a61ca41ea231b7
                                        
                                            GET /adsid/integrator.js?domain=technicalatg.com HTTP/1.1 
Host: adservice.google.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             216.58.211.2
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                            
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 12 Dec 2022 06:27:27 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   100
Md5:    917951a58be8c6c6f3680159550ba3c2
Sha1:   21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
Sha256: cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Date: Mon, 12 Dec 2022 06:27:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Date: Mon, 12 Dec 2022 06:27:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /safeframe/1-0-40/html/container.html HTTP/1.1 
Host: 6a246040fffc465aa5f1a606729b6316.safeframe.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             142.250.74.97
HTTP/2 200 OK
content-type: text/html
                                            
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 2653
date: Mon, 12 Dec 2022 06:27:27 GMT
expires: Tue, 12 Dec 2023 06:27:27 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5657)
Size:   2653
Md5:    e8ee9c011ff8e1f464e74c37113119ee
Sha1:   64ad72134ea05877de0f2b6503f5c0d8c3f78197
Sha256: 09e42988871806c7f0a897bda7bc4247f47f4d8590749eaa245b8ff1fa907303
                                        
                                            GET /pagead/js/adsbygoogle.js?client=ca-pub-4594086434938959 HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://technicalatg.com
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             216.58.211.2
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                            
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 12 Dec 2022 06:27:27 GMT
expires: Mon, 12 Dec 2022 06:27:27 GMT
cache-control: private, max-age=3600
etag: 1160028405088854012
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49967
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4885)
Size:   49967
Md5:    944f9febc3f1df125b2dc38e83a05e86
Sha1:   98e8a8643beab6f5c58fcb58f3314ec6c3d22b1d
Sha256: 85873de2243dda9470f8fd5bd9f15cf0d02a89bbfb5760565d6ec14a3c62ccc8
                                        
                                            GET /getconfig/sodar?sv=200&tid=gpt&tv=2022120601&st=env HTTP/1.1 
Host: pagead2.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://technicalatg.com
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             216.58.211.2
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
                                            
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Mon, 12 Dec 2022 06:27:27 GMT
server: cafe
content-length: 11223
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (14870), with no line terminators
Size:   11223
Md5:    91b273954529f97049e37edae9e11d3c
Sha1:   e2eb9efac398a2852ec362df4a94c1cad17ff7dd
Sha256: 2c5e5ab1fe54d6411aae68dd6183480739f765ab7895563544d7c305e83c4e1d
                                        
                                            GET /wp-content/uploads/2022/08/c2b0165c490aa7aff8b35843961d9ab5.gif HTTP/1.1 
Host: technicalatg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/?go=869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSbVdkYkFkTTRqcVMybWc2WnhXRVBDaz0=
Cookie: _lscache_vary=ea31f36e8ff3d0f771e819272d135d37
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        
                                             188.114.96.1
HTTP/2 200 OK
content-type: image/gif
                                            
date: Mon, 12 Dec 2022 06:27:27 GMT
content-length: 8944
cache-control: public, max-age=16070400
expires: Sat, 17 Dec 2022 06:47:05 GMT
last-modified: Wed, 14 Sep 2022 14:22:04 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 164140
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JqbMCfqWwFBk5DKURMk8PAK4ko3eWXGA%2FvLeOa1zxDoXdHDdTDYkIjB0N30hYCHpLwYOWB8drbEmIkYwKo7TFeGPWOHPIUBXDdM9Kap9abH4X588wmA%2BlXKB5ju1rbqkQLna"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 778464f3be2bb505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 464 x 114\012- data
Size:   8944
Md5:    8a0080ca4126ce4658e9e817dfde3613
Sha1:   839227ccb5252d46c9e50a99194633966b67b407
Sha256: bb28a678e90b9d97bba59a3c3028c2b3a5bd1c61c8e8fbb32edc0d25d5102685
                                        
                                            GET /wp-content/uploads/2022/11/wait4-1.png HTTP/1.1 
Host: technicalatg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/?go=869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSbVdkYkFkTTRqcVMybWc2WnhXRVBDaz0=
Cookie: _lscache_vary=ea31f36e8ff3d0f771e819272d135d37
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        
                                             188.114.96.1
HTTP/2 200 OK
content-type: image/png
                                            
date: Mon, 12 Dec 2022 06:27:27 GMT
content-length: 2178
cache-control: public, max-age=16070400
expires: Sat, 17 Dec 2022 06:47:16 GMT
last-modified: Thu, 24 Nov 2022 21:48:46 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 35928
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B0R0KRYdpFXjhRplLkuEWUJGVqQ4a0fd4JP06r6vEGFQ7dGCwdUwv6MsiUMzYHUYUymyPxTY6lpTp1%2BT0pN1gjNcQiS0d%2FLkEmBnHsFCNcVWR7gMfLQGhYytvFDw9yFeTZI%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 778464f3ce2fb505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 220 x 30, 8-bit/color RGB, non-interlaced\012- data
Size:   2178
Md5:    cd04415ff2c2107d4a85dca7642ab4a4
Sha1:   e25af02258da821d7a01b97764e85642ccf97a51
Sha256: 806452f1b480eeeadffcc371cb695fc34d6accba5ebaab95fe8c7b50d8d6061b
                                        
                                            GET /wp-content/uploads/2022/12/atglinks-download-button.png HTTP/1.1 
Host: technicalatg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/?go=869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSbVdkYkFkTTRqcVMybWc2WnhXRVBDaz0=
Cookie: _lscache_vary=ea31f36e8ff3d0f771e819272d135d37
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        
                                             188.114.96.1
HTTP/2 200 OK
content-type: image/png
                                            
date: Mon, 12 Dec 2022 06:27:27 GMT
content-length: 3179
cache-control: public, max-age=16070400
expires: Tue, 13 Dec 2022 16:42:45 GMT
last-modified: Tue, 06 Dec 2022 16:42:41 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 479546
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vc9Z5HpM1TiDlh8VxuIS7iPCu4pub5GNOarSx5dQs7GakJoPU9SwEAXYWEUTbJT3ejbBhGwiGpgSHG9GJATjCbHS5RkJhpKGRwOtNiqJFahRUCFK0SbphTnA8%2BXckQ%2BUePiC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 778464f3ce30b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 226 x 53, 8-bit/color RGBA, non-interlaced\012- data
Size:   3179
Md5:    ae0697d989301d99252c32e3409e4760
Sha1:   1f1aa140835b00e2a523d662fd7e07d96fdddea6
Sha256: f501f238cee78fda630a38d2b54b4c921bae91adca9139f0f5229898bc898429
                                        
                                            GET /jquery-1.11.2.min.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             69.16.175.42
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                            
date: Mon, 12 Dec 2022 06:27:27 GMT
content-encoding: gzip
content-length: 33262
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-176bb"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1670826447.dop214.sk1.t,1670826447.cds263.sk1.hc,1670826447.cds264.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32047)
Size:   33262
Md5:    b63c8cb1c4a495ed04e735d25beabd78
Sha1:   0ae68f1c55c227331286ad94403122a5ab4526e1
Sha256: 26ea04aa9c41767051276b819a4aa8c6aa337df4da89872d021862312d478d39
                                        
                                            GET /e-202250.js HTTP/1.1 
Host: stats.wp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             192.0.76.3
HTTP/2 200 OK
content-type: application/javascript
                                            
server: nginx
date: Mon, 12 Dec 2022 06:27:28 GMT
vary: Accept-Encoding
etag: W/"62f6b688-3508"
content-encoding: br
expires: Sun, 03 Dec 2023 23:16:56 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2690)
Size:   80656
Md5:    98d6b4dfd418746c9e89799d15458460
Sha1:   91248a6293a0a7194c804efeb935353ccb10f59e
Sha256: 8f6b50b4e4eb22a8357ab2420dc1d1c74f601cd74cb2be533428e48df0dd5e57
                                        
                                            GET /a/display.php?r=5070395 HTTP/1.1 
Host: onclickperformance.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             35.190.55.95
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                            
server: openresty
date: Mon, 12 Dec 2022 06:27:28 GMT
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   117306
Md5:    519ee79d13dbc15e0370408afbe6fe2d
Sha1:   96b677c282120f0b605c35c1920eb60b409713c5
Sha256: 00fc0c3d594ca1ab4059f12b36104567d0e8db3163f71f6b6f1bcdfb527752ec
                                        
                                            POST / HTTP/1.1 
Host: ocsp.comodoca.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Date: Mon, 12 Dec 2022 06:27:28 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 11 Dec 2022 14:13:36 GMT
Expires: Sun, 18 Dec 2022 14:13:35 GMT
Etag: "48abcf27489d5c3c3090f8b4843373bbffbbf4ae"
Cache-Control: max-age=546636,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 778464f88d20b503-OSL

                                        
                                            GET /be6c213e1e6a6a782e4f480f94d27a70/invoke.js HTTP/1.1 
Host: knewwholesomecharming.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             192.243.59.13
HTTP/1.1 200 OK
Content-Type: application/javascript
                                            
Server: nginx/1.17.6
Date: Mon, 12 Dec 2022 06:27:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 53cbfe64cc48d7cf99c57c7324076253
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  exported SGML document, ASCII text, with very long lines (26951), with no line terminators
Size:   9785
Md5:    b1d9491a6d4d9c8709803e2c36af5f04
Sha1:   9f32b45fd21dddd40d45dd2be6b90c48ecdde6f7
Sha256: ead81000beaad01331c5e555c7d0311ae34c96f7273dc711d8745fc1c7e72e25
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             54.230.245.100
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 12 Dec 2022 06:27:29 GMT
Last-Modified: Mon, 12 Dec 2022 04:39:11 GMT
Server: ECS (nyb/1D10)
X-Cache: Miss from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: dpeWgoGr2MOfKL6-JOOQKXYZMW3WB1Q51m-ycUnK26BAHL0S-OFrCQ==
Age: 6498

                                        
                                            GET /stats HTTP/1.1 
Host: simplewebanalysis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://technicalatg.com
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             18.195.193.92
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                            
date: Mon, 12 Dec 2022 06:27:29 GMT
content-length: 40
server: fasthttp
access-control-allow-origin: https://technicalatg.com
access-control-allow-credentials: true
set-cookie: uid_id2=b78c9097-f4ee-4a14-8059-b6028dcfbacf:3:1; expires=Thu, 09 Dec 2032 06:27:29 GMT; secure; SameSite=None
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  gzip compressed data, max speed\012- data
Size:   17997
Md5:    fc41fb6a5a179a4574b63327e3993a9f
Sha1:   ed8cd4e7466ca8d38c6329bae5ed9ce504fe4966
Sha256: 73dadbab519dcd421d8eee2dd569a8fc4c87804f9498341bfb7197d1152c5331

Blocklists:
  - fortinet: Malware
                                        
                                            GET /be6c213e1e6a6a782e4f480f94d27a70/invoke.js HTTP/1.1 
Host: knewwholesomecharming.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             192.243.59.13
HTTP/1.1 200 OK
Content-Type: application/javascript
                                            
Server: nginx/1.17.6
Date: Mon, 12 Dec 2022 06:27:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0ad3f4d2b8893c231a97247b7f30d9ce
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  exported SGML document, ASCII text, with very long lines (26941), with no line terminators
Size:   9778
Md5:    0a0829535489a9530419d95fec4b9548
Sha1:   8619b0110aa8d5b574f7cc8722f7462edb9a1d36
Sha256: 0cdce8a0dfc9b71dd06c24752ac659678745d52c5c3db8ad504bf4a49e297719
                                        
                                            GET /stats HTTP/1.1 
Host: simplewebanalysis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://technicalatg.com
Connection: keep-alive
Referer: https://technicalatg.com/
Cookie: uid_id2=b78c9097-f4ee-4a14-8059-b6028dcfbacf:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        
                                             18.195.193.92
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                            
date: Mon, 12 Dec 2022 06:27:29 GMT
content-length: 40
server: fasthttp
access-control-allow-origin: https://technicalatg.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   40
Md5:    d35b23c456e94a6cdab424b6cd96fdcf
Sha1:   ef1f412a8ed1f2172969115297893910acf97638
Sha256: 7a6a4a2f74524bff93dfdfca6caa28533d8cd9f5da3566281721497afe3059f9

Blocklists:
  - fortinet: Malware
                                        
                                            GET /g.gif?v=ext&blog=197785918&post=0&tz=5.5&srv=technicalatg.com&j=1%3A11.6&host=technicalatg.com&ref=&fcp=1213&rand=0.9051500720476298 HTTP/1.1 
Host: pixel.wp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        
                                             192.0.76.3
HTTP/2 200 OK
content-type: image/gif
                                            
server: nginx
date: Mon, 12 Dec 2022 06:27:29 GMT
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 6 x 5\012- data
Size:   50
Md5:    e4d673a55c5656f19ef81563fb10884c
Sha1:   1f2d8ed221d39329251ad3a6ff1edb20b7219443
Sha256: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 503
ETag: "CDD68E773C460541E6965A8D91EEC6F6B0002C11D57E527B6E8B80AEF8C289F5"
Last-Modified: Sun, 11 Dec 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4147
Expires: Mon, 12 Dec 2022 07:36:36 GMT
Date: Mon, 12 Dec 2022 06:27:29 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 503
ETag: "12BC6F3FB7ECDFDBAC083D0DB58E19018F1AF9C5F971A5E88CDAB7F0D8FBD504"
Last-Modified: Sun, 11 Dec 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3105
Expires: Mon, 12 Dec 2022 07:19:14 GMT
Date: Mon, 12 Dec 2022 06:27:29 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Date: Mon, 12 Dec 2022 06:27:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /extban/316762620/creatives/23554626/708384a5184db12f1b4ce5b589b2ffe1_6778.gif HTTP/1.1 
Host: crrepo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onclickperformance.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        
                                             104.21.235.113
HTTP/2 200 OK
content-type: image/gif
                                            
date: Mon, 12 Dec 2022 06:27:29 GMT
last-modified: Sat, 10 Dec 2022 08:46:46 GMT
etag: W/"63944776-6758"
via: 1.1 google
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gHBg3WRVXPf3raEhBHo1bzPeWoqKX4%2Bh%2B3SMYbIUjNYnVTbvBygsGa4zzhv9xO3PvwT8oa9EpTWRaS8D4mHiJ3CEXYv3jwUa%2BgRS9yULYqP8jXMZBO3yinjBlQEN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 778464fc2f378873-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 300 x 250\012- data
Size:   146183
Md5:    e0e86969d5a4cd566e9a9df98f9653fc
Sha1:   b9f033c1e16a0df852685e22a926ba89740d7e12
Sha256: e8f0ec4731c5026d6d83fb1922ee9c74d7b0d2ec65908da1db3f4af3f90c4620
                                        
                                            GET /sodar/sodar2.js HTTP/1.1 
Host: tpc.googlesyndication.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             172.217.21.161
HTTP/2 200 OK
content-type: text/javascript
                                            
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Mon, 12 Dec 2022 06:27:29 GMT
expires: Mon, 12 Dec 2022 06:27:29 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1321)
Size:   6386
Md5:    ac906814ed812c4ecdbb624a3bd2f6c3
Sha1:   8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
Sha256: 8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
                                        
                                            GET /watch.1515540485385.js?key=be6c213e1e6a6a782e4f480f94d27a70&kw=%5B%222017%22%2C%22marketplace%22%2C%22health%22%2C%22insurance%22%2C%22tax%22%2C%22tips%22%5D&refer=https%3A%2F%2Ftechnicalatg.com%2F%3Fgo%3D869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSbVdkYkFkTTRqcVMybWc2WnhXRVBDaz0%3D&tz=0&dev=e&res=12.1055&uuid=b78c9097-f4ee-4a14-8059-b6028dcfbacf%3A3%3A1 HTTP/1.1 
Host: restorationpencil.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://technicalatg.com
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             173.233.137.60
HTTP/1.1 307 Temporary Redirect
Content-Type: text/html
                                            
Server: nginx/1.19.5
Date: Mon, 12 Dec 2022 06:27:29 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://technicalatg.com
Access-Control-Allow-Origin: https://technicalatg.com
Access-Control-Allow-Credentials: true
Location: https://restorationpencil.com/watch.1515540485385.js?key=be6c213e1e6a6a782e4f480f94d27a70&kw=%5B%222017%22%2C%22marketplace%22%2C%22health%22%2C%22insurance%22%2C%22tax%22%2C%22tips%22%5D&refer=https%3A%2F%2Ftechnicalatg.com%2F%3Fgo%3D869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSbVdkYkFkTTRqcVMybWc2WnhXRVBDaz0%3D&tz=0&dev=e&res=12.1055&uuid=b78c9097-f4ee-4a14-8059-b6028dcfbacf%3A3%3A1&shu=a8b1f78d96e8d4f20bd5957d9cd94987953eae98b060706c30bb60836eef4bd7a47e017a836d7afc75a9830809dbabad61620bb2c30db09eea26ad337d5ce6af565c1f44b0b67b3f1f73ac5d6688c293c6edd8d1907b185d9726a2239a59194263&pst=1670826509&rmtc=t
Set-Cookie: u_pl=17798884; expires=Tue, 13 Dec 2022 06:27:29 GMT; secure; SameSite=None ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzc5ODg4NCwiayI6ImJlNmMyMTNlMWU2YTZhNzgyZTRmNDgwZjk0ZDI3YTcwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjU4NjAyLCJwaWQiOjIxNTYzNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJoZG5tMnFnaWciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly90ZWNobmljYWxhdGcuY29tLz9nbz04Njk5OTdjMThiNWQxMzM4ZmQ3Y2E4MjgyZjQzN3dBcGJzQ2FkZkVlRmxnaUhuaWtPSFF5T0RBd1lpOXJPVUZQZVdGdWJ6Z3ZVMmxTYlZka1lrRmtUVFJxY1ZNeWJXYzJXbmhYUlZCRGF6MD0ifX0.q0xCEYQxrjvj_2lxxwjCeJIhRR2L8qGmmnyYbvbgos8; expires=Mon, 12 Dec 2022 06:28:29 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9b2090f55d7da5ab027224d301208020
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Blocklists:
  - quad9: Sinkholed
                                        
                                            GET /t/e/technicalatg.com.1391478.js HTTP/1.1 
Host: jsc.adskeeper.co.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             104.18.34.236
HTTP/2 200 OK
content-type: text/javascript
                                            
date: Mon, 12 Dec 2022 06:27:29 GMT
content-length: 923
x-amz-id-2: vnzUO+AWEXthjHdBwOFSbVKkCSSR/Opsa7C/w6sVJlXStqFzLVwqBkLKyxNcDAVwbzPJQb6l5ZOC8vUnTsUPvQ==
x-amz-request-id: 4C6PHX8K8BV0P5ZC
last-modified: Mon, 28 Nov 2022 20:30:11 GMT
etag: "013e90f98a402d6d79daf8df1b3778cb"
content-encoding: gzip
x-amz-version-id: 1pQcn0fSROYOnZPektdD_VvV3GBk_6nf
cf-cache-status: HIT
expires: Mon, 12 Dec 2022 10:27:29 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 778464feee6ab4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2370)
Size:   923
Md5:    013e90f98a402d6d79daf8df1b3778cb
Sha1:   804b0cf36316cc7ef26bc6fa6225e65e1d72c7bb
Sha256: 9f9ba3d442ffce3cc539fd88faa03d3d15deb9818dbf0ed99105d1988c6e2c11
                                        
                                            GET /watch.1515540485385.js?key=be6c213e1e6a6a782e4f480f94d27a70&kw=%5B%222017%22%2C%22marketplace%22%2C%22health%22%2C%22insurance%22%2C%22tax%22%2C%22tips%22%5D&refer=https%3A%2F%2Ftechnicalatg.com%2F%3Fgo%3D869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSbVdkYkFkTTRqcVMybWc2WnhXRVBDaz0%3D&tz=0&dev=e&res=12.1055&uuid=b78c9097-f4ee-4a14-8059-b6028dcfbacf%3A3%3A1&shu=a8b1f78d96e8d4f20bd5957d9cd94987953eae98b060706c30bb60836eef4bd7a47e017a836d7afc75a9830809dbabad61620bb2c30db09eea26ad337d5ce6af565c1f44b0b67b3f1f73ac5d6688c293c6edd8d1907b185d9726a2239a59194263&pst=1670826509&rmtc=t HTTP/1.1 
Host: restorationpencil.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://technicalatg.com
Referer: https://technicalatg.com/
Connection: keep-alive
Cookie: u_pl=17798884; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzc5ODg4NCwiayI6ImJlNmMyMTNlMWU2YTZhNzgyZTRmNDgwZjk0ZDI3YTcwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjU4NjAyLCJwaWQiOjIxNTYzNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJoZG5tMnFnaWciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly90ZWNobmljYWxhdGcuY29tLz9nbz04Njk5OTdjMThiNWQxMzM4ZmQ3Y2E4MjgyZjQzN3dBcGJzQ2FkZkVlRmxnaUhuaWtPSFF5T0RBd1lpOXJPVUZQZVdGdWJ6Z3ZVMmxTYlZka1lrRmtUVFJxY1ZNeWJXYzJXbmhYUlZCRGF6MD0ifX0.q0xCEYQxrjvj_2lxxwjCeJIhRR2L8qGmmnyYbvbgos8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             173.233.137.60
HTTP/1.1 200 OK
Content-Type: text/html
                                            
Server: nginx/1.19.5
Date: Mon, 12 Dec 2022 06:27:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://technicalatg.com
Access-Control-Allow-Origin: https://technicalatg.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=b78c9097-f4ee-4a14-8059-b6028dcfbacf:3:1; expires=Mon, 19 Dec 2022 06:27:29 GMT; secure; SameSite=None iprc0edf4b57f82d7911f6b872e5963a3184=2717340; expires=Tue, 13 Dec 2022 08:27:29 GMT; secure; SameSite=None pdhtkv=true; expires=Tue, 13 Dec 2022 06:27:29 GMT; secure; SameSite=None uncs=1; expires=Tue, 13 Dec 2022 06:27:29 GMT; secure; SameSite=None pdhtkv5=true; expires=Tue, 13 Dec 2022 06:27:29 GMT; secure; SameSite=None uncs5=1; expires=Tue, 13 Dec 2022 06:27:29 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8e9c1c26b0f05eadc52cfb909d3d0a83
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document, ASCII text, with very long lines (602)
Size:   643
Md5:    9bc1f09db826b98fdde89b30d1442dfc
Sha1:   1b91902b8481aa2f4f5f692ec286a7b6616c02d9
Sha256: 344f3caf8ae7c809f0e25bd1e44839973a2e5f23b344b9ab6138726bd0855811

Blocklists:
  - quad9: Sinkholed
                                        
                                            GET /a/display.php?r=5070395 HTTP/1.1 
Host: onclickperformance.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        
                                             35.190.55.95
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                            
server: openresty
date: Mon, 12 Dec 2022 06:27:29 GMT
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (764)
Size:   4522
Md5:    2eca26108b91bb857de937ce009d1829
Sha1:   240deb6b5435ba2a62f605b6889338e5fa5bb218
Sha256: 97212437a662b93d42cc87a6f9bd0f0a5e040274783ef61ee75138647ae8aed2
                                        
                                            GET /scripts/technicalatg.com//display.js HTTP/1.1 
Host: cdn.adxfire.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             23.111.12.177
HTTP/2 200 OK
content-type: application/javascript
                                            
date: Mon, 12 Dec 2022 06:27:28 GMT
set-cookie: cl-bypass-cache=yes; Expires=Mon, 12-Dec-22 07:27:28 GMT; Domain=cdn.adxfire.com; Path=/; HttpOnly; SameSite=Lax
server: imunify360-webshield/1.18
last-modified: Monday, 12-Dec-2022 06:27:28 GMT
cache-control: private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
cf-edge-cache: no-cache
expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   40925
Md5:    b6c9016eb3b9edc2ce2d9855e50cd4c6
Sha1:   f9644d107252d2ce39411a51ca04c192a8b4ade2
Sha256: 974aed886ac3552fa81cc76bfa34d79d6a1a8492dff47b6be2fba7c07f3cae21
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 503
ETag: "3B7816F584D961C857587AB947738468DE6CF2F826A11C2DA2FB5C4E79293DF9"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17448
Expires: Mon, 12 Dec 2022 11:18:18 GMT
Date: Mon, 12 Dec 2022 06:27:30 GMT
Connection: keep-alive

                                        
                                            GET /script/i.php?stamat=m%257C%252C%252CgiYvIjF-oGU3Bk-GH0dEdHP3xP.044%252C8nTFtjcaLqz49QoCZupmdGJFeaAemmrPQgPxBT07gSjs0Zz2u-VcccjEgf8iXuePmL7pRicXi0yXlpluCvtRDBDRMNT_1bNDBXGyMpBgZ7knhsdzsW60QFoRgEEkgVKbdMGCBNwMD4zmGLrp0XqeGyxctxWaHGQrABxmV895jOPt3Y4iBW58RwAug6woLMQegj8OJXBQaqzz7bAk2siAypUO-hyYT-CuTht5ufdVF-mEXtXgPnDH7hYZVbRUdtOO0rARoyCEk3gma9qviiDpgYtT5BBDF7Z-HgHR6J7Zc4zMvUma8YzU9a-bHGbpzrO_AmQwRGrNTDHAVCNCDp5lITZdmic00BBLJcxfXYjlSkfBs3BjUsPq-Kvz6-VQCbFvcJy25c2wSOQcnqoZnGONUqZ3-ZNtDwSkfSb34FK-xxU_zq1hqhj6i3NjrLnhv9xzTUTh6d3hiRa5--UGRUd1JnfUgE34xVlS4NbJS9dy9krNfrhr7bHRVHHxgeG-_s_hY9Xytnfk5FoLBeeSSF4t2n1dJKn0082t0Fiks4t2clE%252C HTTP/1.1 
Host: onclickperformance.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onclickperformance.com/ad/display.php?stamat=m%257C%252C8NjZ793OqB1dAN0dEdHP3xP.248%252CZMkKdRAQlkuDbgTABrav5PzkPQ5_heC032WtGHCgC4b9awuZEr_u0LUi_2kBMcEADAEPG5wvq70Qrq2Sslfxk0ehdy7MzSMJUqKohDOYjew%252C&cbpage=https://technicalatg.com/?go=869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSbVdkYkFkTTRqcVMybWc2WnhXRVBDaz0=&cbur=0.5358227788406204&cbtitle=2017%20Marketplace%20health%20insurance%20%26%20tax%20tips&cbiframe=0&cbWidth=1280&cbHeight=939&cbdescription=&cbkeywords=&cbref=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        
                                             35.190.55.95
HTTP/2 204 No Content
                                            
server: openresty
date: Mon, 12 Dec 2022 06:27:30 GMT
access-control-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

                                        
                                            GET /watch.1143353617646?shu=ed59741b51b6e02fa5e108d58614672d41f93baba4f09047c5e2fa07252a1e6105b4dd3642f1c8212252bc7adc948ed411090c48e84d6b1231cb61c8c6edde72ec675705764ef50039ae4e59d042491fd169df53d118772b09e45429caf0d3&pst=1670826510&rmtc=t&uuid=b78c9097-f4ee-4a14-8059-b6028dcfbacf%3A3%3A1&pii=&in=false&key=be6c213e1e6a6a782e4f480f94d27a70&refer=https%3A%2F%2Ftechnicalatg.com%2F%3Fgo%3D869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSbVdkYkFkTTRqcVMybWc2WnhXRVBDaz0%3D&res=12.1055&kw=%5B%222017%22%2C%22marketplace%22%2C%22health%22%2C%22insurance%22%2C%22tax%22%2C%22tips%22%5D&tz=0&dev=e HTTP/1.1 
Host: slobcarpstun.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slobcarpstun.com/watch.1143353617646?key=be6c213e1e6a6a782e4f480f94d27a70&kw=%5B%222017%22%2C%22marketplace%22%2C%22health%22%2C%22insurance%22%2C%22tax%22%2C%22tips%22%5D&refer=https%3A%2F%2Ftechnicalatg.com%2F%3Fgo%3D869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSbVdkYkFkTTRqcVMybWc2WnhXRVBDaz0%3D&tz=0&dev=e&res=12.1055&uuid=b78c9097-f4ee-4a14-8059-b6028dcfbacf%3A3%3A1
Cookie: u_pl=17798884; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzc5ODg4NCwiayI6ImJlNmMyMTNlMWU2YTZhNzgyZTRmNDgwZjk0ZDI3YTcwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjU4NjAyLCJwaWQiOjIxNTYzNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJoZG5tMnFnaWciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHBzOi8vdGVjaG5pY2FsYXRnLmNvbS8_Z289ODY5OTk3YzE4YjVkMTMzOGZkN2NhODI4MmY0Mzd3QXBic0NhZGZFZUZsZ2lIbmlrT0hReU9EQXdZaTlyT1VGUGVXRnViemd2VTJsU2JWZGtZa0ZrVFRScWNWTXliV2MyV25oWFJWQkRhejA9In19.MFHI7KC_58CEjHedh1Gu8xEhAA6cZ6DM9T2LmB9bclc; uid_id2=b78c9097-f4ee-4a14-8059-b6028dcfbacf:3:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

                                        
                                             192.243.59.13
HTTP/1.1 200 OK
Content-Type: text/html
                                            
Server: nginx/1.17.6
Date: Mon, 12 Dec 2022 06:27:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://technicalatg.com/?go=869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSbVdkYkFkTTRqcVMybWc2WnhXRVBDaz0=
Access-Control-Allow-Origin: https://technicalatg.com/?go=869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSbVdkYkFkTTRqcVMybWc2WnhXRVBDaz0=
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=b78c9097-f4ee-4a14-8059-b6028dcfbacf:3:1; expires=Mon, 19 Dec 2022 06:27:30 GMT; secure; SameSite=None pdhtkv=true; expires=Tue, 13 Dec 2022 06:27:30 GMT; secure; SameSite=None uncs=1; expires=Tue, 13 Dec 2022 06:27:30 GMT; secure; SameSite=None pdhtkv5=true; expires=Tue, 13 Dec 2022 06:27:30 GMT; secure; SameSite=None uncs5=1; expires=Tue, 13 Dec 2022 06:27:30 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7096d07cf6aa7dbdbfe8bf7b83fcad9a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2517)
Size:   1818
Md5:    faf91aca36c0ec2d043baad86cb13df2
Sha1:   8dcbaaa2f47806db7928260131ef2d38b02792a7
Sha256: a330a7b7f482a209bc0e4b50d12fb00f376d0b298f5fb5fa09217260ad4917ec

Blocklists:
  - quad9: Sinkholed
                                        
                                            GET /dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17798884 HTTP/1.1 
Host: www.spikereekvelocity.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                        
                                             173.233.137.52
HTTP/1.1 200 OK
Content-Type: text/html
                                            
Server: nginx/1.19.5
Date: Mon, 12 Dec 2022 06:27:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16122660; expires=Tue, 13 Dec 2022 06:27:30 GMT ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTc3OTg4ODQiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly90ZWNobmljYWxhdGcuY29tLyJ9fQ.wTMFCftIcc5S5xog5fccm5pqFQYA2D5RQtVb4HytoQc; expires=Mon, 12 Dec 2022 06:28:30 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d5bf35496c057d4220d8da8b9b94fc5e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   1264
Md5:    729a362f50b5037b471bb3eb8acf4837
Sha1:   dbfdd39b6e5ce7b81661bc394a4c08aca1550a3d
Sha256: 80452e14d0bec29043ed27feedd3447a8c1e620883402755d794e46a7e28a1f0

Blocklists:
  - quad9: Sinkholed
                                        
                                            GET /dyfc1k09?shu=da06e320c27a2c8e054faaae109e5b293567cc7314805d269c412db9e3fc98dfc31d8a837185c8076430e561b4cb3dd12d1014ca22eeb18c698b1b7f8bf35b6b41e6606574dcdc915954225d06bca4edd9805ad28c7d799c95df809f65eb076c032f01&pst=1670826510&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Ftechnicalatg.com%2F&psid=17798884 HTTP/1.1 
Host: www.spikereekvelocity.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.spikereekvelocity.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
Cookie: u_pl=16122660; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTc3OTg4ODQiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly90ZWNobmljYWxhdGcuY29tLyJ9fQ.wTMFCftIcc5S5xog5fccm5pqFQYA2D5RQtVb4HytoQc; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

                                        
                                             173.233.137.52
HTTP/1.1 302 Found
Content-Type: text/html
                                            
Server: nginx/1.19.5
Date: Mon, 12 Dec 2022 06:27:30 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: http://ciar-kep.com/zcvisitor/0e4c3df2-79e6-11ed-996e-0a1b3cd554bb/014d4f70-c126-11e5-9ddc-0afe289da1cd?campaignid=b9792a50-4807-11ed-8e2b-128084d1ce51
Set-Cookie: pdhtkv=true; expires=Tue, 13 Dec 2022 06:27:30 GMT uncs=1; expires=Tue, 13 Dec 2022 06:27:30 GMT pdhtkv28=true; expires=Tue, 13 Dec 2022 06:27:30 GMT uncs28=1; expires=Tue, 13 Dec 2022 06:27:30 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 09f0a24c9ccb685d0ce18fd0021df388
Strict-Transport-Security: max-age=0; includeSubdomains


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Blocklists:
  - quad9: Sinkholed
                                        
                                            GET /zcvisitor/0e4c3df2-79e6-11ed-996e-0a1b3cd554bb/014d4f70-c126-11e5-9ddc-0afe289da1cd?campaignid=b9792a50-4807-11ed-8e2b-128084d1ce51 HTTP/1.1 
Host: ciar-kep.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                        
                                             3.212.50.125
HTTP/1.1 302
                                            
Date: Mon, 12 Dec 2022 06:27:31 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Location: https://shopde.pricedeals.shop/go.php?market=no&zr0e4c3df279e611ed996e0a1b3cd554bb3e4aa259b13b49ca9f6bc8b22e75ab5e069654269ec14bda57
Server: hvetTLka


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Blocklists:
  - fortinet: Phishing
  - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                            
Server: nginx
Content-Length: 503
ETag: "D01AB7F0EA4161C6E81F69518A0419D65C7CD0F09B803F07A91291833F911328"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7465
Expires: Mon, 12 Dec 2022 08:31:56 GMT
Date: Mon, 12 Dec 2022 06:27:31 GMT
Connection: keep-alive

                                        
                                            GET /go.php?market=no&zr0e4c3df279e611ed996e0a1b3cd554bb3e4aa259b13b49ca9f6bc8b22e75ab5e069654269ec14bda57 HTTP/1.1 
Host: shopde.pricedeals.shop
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                        
                                             135.181.6.240
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                            
Date: Mon, 12 Dec 2022 06:27:31 GMT
Server: Apache/2.4.54 (Debian)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 571
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (450)
Size:   571
Md5:    bcccf12aadeaa48cb9ed8eb353e31728
Sha1:   19b23456c6474bc147afaee8bee404f09960d682
Sha256: 45ed05f3315047390c7a819fc204e6826c5ba009e33370d32b7d433af016e2de
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: shopde.pricedeals.shop
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopde.pricedeals.shop/go.php?market=no&zr0e4c3df279e611ed996e0a1b3cd554bb3e4aa259b13b49ca9f6bc8b22e75ab5e069654269ec14bda57
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

                                        
                                             135.181.6.240
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=iso-8859-1
                                            
Date: Mon, 12 Dec 2022 06:27:31 GMT
Server: Apache/2.4.54 (Debian)
Content-Length: 285
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   285
Md5:    7cd85cf7b8f9a014ae145681b1f5e73d
Sha1:   a574403ec64b443a802d0980e3bd368bafebe2d9
Sha256: cb5d0086c43932c164cc6892b9f762fb4128c182d3dbdbf476036a2783f0023b
                                        
                                            GET /redirect.php?u=aHR0cHM6Ly9uby1nby5rZWxrb29ncm91cC5uZXQvY3RsL2dvL29mZmVyc2VhcmNoR28_LnRzPTE2NzA4MjIwMTM5MDkmLnNpZz1DZHpQS0cwT21qSFZlQnc5eHlLVl9LNVpvQUEtJmFmZmlsaWF0aW9uSWQ9OTY5Nzk3MTQmY29tSWQ9MTAwNDk1NTM3JmNvdW50cnk9bm8mb2ZmZXJJZD04ODExMDIzNmViMDY0YjFmYWViMThlNWUzYjlmMWVlOSZzZXJ2aWNlPTM3JnRva2VuSWQ9MzJmMzQzMTItZjIwMy00MDcwLTg2ODUtNTQyZmIxMjdiMTEwJndhaXQ9dHJ1ZSZhZGRlZFBhcmFtcz10cnVlJmN1c3RvbTE9NTEm HTTP/1.1 
Host: shopde.pricedeals.shop
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopde.pricedeals.shop/go.php?market=no&zr0e4c3df279e611ed996e0a1b3cd554bb3e4aa259b13b49ca9f6bc8b22e75ab5e069654269ec14bda57
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin

                                        
                                             135.181.6.240
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                            
Date: Mon, 12 Dec 2022 06:27:32 GMT
Server: Apache/2.4.54 (Debian)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 468
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (363)
Size:   468
Md5:    4789374e79767965fbd30918cd5c4553
Sha1:   cb8fe109d8d2640c6f25f71636d6c8bccba859b6
Sha256: 3da6d6cfd32a0f9006a6e59b8a2a8d9b8d2b2aa75fd7462185582905b212b367
                                        
                                            GET /wp-content/litespeed/css/30007283006814aa733cf3dd395277d8.css?ver=06b3e HTTP/1.1 
Host: technicalatg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/?go=869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSbVdkYkFkTTRqcVMybWc2WnhXRVBDaz0=
Cookie: _lscache_vary=ea31f36e8ff3d0f771e819272d135d37
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        
                                             188.114.96.1
HTTP/2 200 OK
content-type: text/css
                                            
date: Mon, 12 Dec 2022 06:27:27 GMT
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=226970
expires: Tue, 12 Dec 2023 11:21:30 GMT
last-modified: Mon, 12 Dec 2022 05:21:29 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=92D590ev5wY6nLzUoetiZWEGqbgp4qcWJbUzOWJsAVcMfawq4oUgx7cJ4YYOQhfSTgDACLJuWli3kvYpRMG5cTIwHa46BsWCTPsulT2N24FmPscSMtbt%2BjB0PsVguRBNemhl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 778464f3be29b505-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    
Sha1:   
Sha256: 
                                        
                                            GET /ad/display.php?stamat=m%257C%252C8NjZ793OqB1dAN0dEdHP3xP.248%252CZMkKdRAQlkuDbgTABrav5PzkPQ5_heC032WtGHCgC4b9awuZEr_u0LUi_2kBMcEADAEPG5wvq70Qrq2Sslfxk0ehdy7MzSMJUqKohDOYjew%252C&cbpage=https://technicalatg.com/?go=869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSbVdkYkFkTTRqcVMybWc2WnhXRVBDaz0=&cbur=0.5358227788406204&cbtitle=2017%20Marketplace%20health%20insurance%20%26%20tax%20tips&cbiframe=0&cbWidth=1280&cbHeight=939&cbdescription=&cbkeywords=&cbref= HTTP/1.1 
Host: onclickperformance.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        
                                             35.190.55.95
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                            
server: openresty
date: Mon, 12 Dec 2022 06:27:28 GMT
access-control-allow-origin: *
link: <//onclickperformance.com>; rel=dns-prefetch,<//onclickperformance.com>; rel=preconnect,<//www.gaming-adult.com>; rel=dns-prefetch,<//www.gaming-adult.com>; rel=preconnect
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    
Sha1:   
Sha256: 
                                        
                                            GET /cu1xLl1 HTTP/1.1 
Host: files.technicalatg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                        
                                             188.114.97.1
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                            
date: Mon, 12 Dec 2022 06:27:24 GMT
location: https://technicalatg.com/?go=869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSbVdkYkFkTTRqcVMybWc2WnhXRVBDaz0=
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
x-litespeed-cache: hit
vary: User-Agent,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i67I46TA0msMhQR7sleVErdirX71D51H4Wzp3HHEIV5Sw%2BOsEombGWWn74%2F2%2FL5e8wGX%2B7P8pEvLZHOdi%2B9rMLOsSfbgvvxEuwgqbeGtbieqEzc1UwttPUBbyCOF9geXY0NQTtX%2B4pqX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 778464daad88fac8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    
Sha1:   
Sha256: 
                                        
                                            GET /e-202250.js HTTP/1.1 
Host: stats.wp.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             192.0.76.3
HTTP/2 200 OK
content-type: application/javascript
                                            
server: nginx
date: Mon, 12 Dec 2022 06:27:25 GMT
vary: Accept-Encoding
etag: W/"62f6b688-3508"
content-encoding: br
expires: Sun, 03 Dec 2023 23:16:56 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    
Sha1:   
Sha256: 
                                        
                                            GET /extban/316762620/creatives/23554622/63271d75be5297aca2c00d081a8429d7_7308.gif HTTP/1.1 
Host: crrepo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onclickperformance.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        
                                             104.21.235.113
HTTP/2 200 OK
content-type: image/gif
                                            
date: Mon, 12 Dec 2022 06:27:26 GMT
last-modified: Sat, 10 Dec 2022 08:46:46 GMT
etag: W/"63944776-a0ca"
via: 1.1 google
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ORqkV%2BZKQoHPJ5dSHdLlwg3V0ge%2F9YCGiAyTxmvn3Fs79wOq3BKKAkxOEQHKXkDM7ZVvp3wNSDYW9JiZWV%2FOsfZO1wY%2FPhjKf%2FXIepcWgA1KhK7DqCvHBG5d03B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 778464e8aa21dd43-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    
Sha1:   
Sha256: 
                                        
                                            GET /?go=869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSbVdkYkFkTTRqcVMybWc2WnhXRVBDaz0= HTTP/1.1 
Host: technicalatg.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _lscache_vary=ea31f36e8ff3d0f771e819272d135d37
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        
                                             188.114.96.1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                            
date: Mon, 12 Dec 2022 06:27:27 GMT
x-dns-prefetch-control: on
link: <https://technicalatg.com/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: miss
vary: Accept-Encoding,User-Agent,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k3lwzzgyV%2BhUxOds4s0ww0sVK1MN12UlFhRDBnz0vfWBQ07j77Wr4Xtz6X5WeR0dRoqwcITxnbZ91Omy1VkVHO%2FaNsrZYhLVfgQRZJPeNFkOZ5l71moClEy9B3vh7tEo1fGG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 778464ed08c7b505-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    
Sha1:   
Sha256: