files.technicalatg.com/cu1xLl1
188.114.96.1301 Moved Permanently 0 B URL HTTP/1.1 files.technicalatg.com/cu1xLl1
IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cu1xLl1 HTTP/1.1
Host: files.technicalatg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 12 Dec 2022 06:27:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 12 Dec 2022 07:27:23 GMT
Location: https://files.technicalatg.com/cu1xLl1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VcPbaYJxz9BQK4NYselnm1gp6Ydddpp07h5y%2FyOj1Sx6NVapKIsIF7QOW9ppoCMmxenQjZQRDXYnRWJrM7fVETtCzamQ43ERysCWB6oIfTb7z4%2FutXp7XHrBq46Kl4p7Ry8aE%2F1FmRIX"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 778464d75a43b50b-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 430f1651125c14bfa4924aa1f1a392e9
304141c5fe7ac8b370a67912b2592f9622de9600
315d77a9956f34b1615e38f5f1971dd05146980f8a36b35a8108d47ebba7e8e5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "315D77A9956F34B1615E38F5F1971DD05146980F8A36B35A8108D47EBBA7E8E5"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9665
Expires: Mon, 12 Dec 2022 09:08:28 GMT
Date: Mon, 12 Dec 2022 06:27:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 43ad67f241ee3692a9c9c1da080dae58
6a024f7d71eeee257edc91ba9273416f634aaae5
636635b57f9e6d2ad9b1b949298ee7d3b5b7e251a63516ff68bfb1eceded5688
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "636635B57F9E6D2AD9B1B949298EE7D3B5B7E251A63516FF68BFB1ECEDED5688"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13926
Expires: Mon, 12 Dec 2022 10:19:29 GMT
Date: Mon, 12 Dec 2022 06:27:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dbd022fec0a71226daaf29b7563a8896
c37d14dc7b3849a4bb815fa325fb5e70fae54039
22da5e6e3f9507688fc8cb02183d52cf38f4adf8b2c6c52eaf5f88182471efeb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22DA5E6E3F9507688FC8CB02183D52CF38F4ADF8B2C6C52EAF5F88182471EFEB"
Last-Modified: Sun, 11 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15852
Expires: Mon, 12 Dec 2022 10:51:35 GMT
Date: Mon, 12 Dec 2022 06:27:23 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 12 Dec 2022 06:08:34 GMT
content-type: application/json
age: 1129
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: /tUTnFL2Pq3D/Ysx2v8b+9xxK+TMR0CB/utdmQgCdNlHPF9MuaiD37aMEYuFx2o5bonrmP0zsdo=
x-amz-request-id: H9C3ENG4AK57Z1J8
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 12 Dec 2022 05:49:29 GMT
age: 2274
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 12 Dec 2022 06:27:23 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7df8da2cf15897dd6c8dd3d0fc1e00d9
1032a2420e9f2aaf44533e8e14661a9d1505e3a0
98d30463d41500bfbbdb72fadd9cdcd840cfda509d2cfbf57a2a51d27ed05ec6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "98D30463D41500BFBBDB72FADD9CDCD840CFDA509D2CFBF57A2A51D27ED05EC6"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21586
Expires: Mon, 12 Dec 2022 12:27:09 GMT
Date: Mon, 12 Dec 2022 06:27:23 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 12 Dec 2022 05:33:17 GMT
age: 3247
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7df8da2cf15897dd6c8dd3d0fc1e00d9
1032a2420e9f2aaf44533e8e14661a9d1505e3a0
98d30463d41500bfbbdb72fadd9cdcd840cfda509d2cfbf57a2a51d27ed05ec6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "98D30463D41500BFBBDB72FADD9CDCD840CFDA509D2CFBF57A2A51D27ED05EC6"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21585
Expires: Mon, 12 Dec 2022 12:27:09 GMT
Date: Mon, 12 Dec 2022 06:27:24 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e12bb655426d080117693ba116f398cf
8fe1f7f8d0b191baed2decba3523656da97077f5
2c25ba0d1c806de98d5489934acd8e2f17487e4f7e40c7f0d39094ce49f91b8d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1492
Cache-Control: max-age=97464
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 06:27:24 GMT
Etag: "63959db0-1d7"
Expires: Tue, 13 Dec 2022 09:31:48 GMT
Last-Modified: Sun, 11 Dec 2022 09:06:56 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.163.49.154101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.163.49.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: O7zn/d+8NH0uRCOHDsldsg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: IjKX2P3AsyakSoIZe6snxkW845U=
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 5ac75b013dbd4fd4ff452625fea3d28f
8027b9617a77c573cafbbf5ac901e61e188d0e84
c4c39d5539ed0ec82c0690ce6b6fadaef3a63cd00b049ce508515d93d697cc19
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 06:27:25 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 10 Dec 2022 02:57:56 GMT
Expires: Sat, 17 Dec 2022 02:57:55 GMT
Etag: "8027b9617a77c573cafbbf5ac901e61e188d0e84"
Cache-Control: max-age=418829,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 778464e3599a0afe-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 5ac75b013dbd4fd4ff452625fea3d28f
8027b9617a77c573cafbbf5ac901e61e188d0e84
c4c39d5539ed0ec82c0690ce6b6fadaef3a63cd00b049ce508515d93d697cc19
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 06:27:25 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 10 Dec 2022 02:57:56 GMT
Expires: Sat, 17 Dec 2022 02:57:55 GMT
Etag: "8027b9617a77c573cafbbf5ac901e61e188d0e84"
Cache-Control: max-age=418829,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 778464e5aaca0afe-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7307
Expires: Mon, 12 Dec 2022 08:29:12 GMT
Date: Mon, 12 Dec 2022 06:27:25 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7307
Expires: Mon, 12 Dec 2022 08:29:12 GMT
Date: Mon, 12 Dec 2022 06:27:25 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d35fcd5d7e74c530535b18d57ed5f587
3b9bf9e02593b63108515f4df7cae57ce62145e7
4bdb744a2d9ac6d051f5192dbf3e00ba1b18208930655e6752fd6ccd118faff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BDB744A2D9AC6D051F5192DBF3E00BA1B18208930655E6752FD6CCD118FAFF0"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7307
Expires: Mon, 12 Dec 2022 08:29:12 GMT
Date: Mon, 12 Dec 2022 06:27:25 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5d9c5ff-aaa2-4c2a-ab2b-661f84126bf7.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5d9c5ff-aaa2-4c2a-ab2b-661f84126bf7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 86bce3d677c0dd541440ebf38920020d
f11e21b6ad97e07b1d7103ad40a2e158e06fda73
9e23bc16cd1402d9124ebb9e625a5580f677ca9e008d3e04dc95080072fd1df4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5d9c5ff-aaa2-4c2a-ab2b-661f84126bf7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7104
x-amzn-requestid: b1117224-be51-4e21-8b3b-01e5485f0af0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAD2yH4loAMFuWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964cf8-1382e1a6710239ec629eedb8;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:34:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: A--8wjYJWCj_JD6eaj3FoD0dLarj6gvH2uQrmsEDLgPwZdQgtUmaoA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 21:34:48 GMT
age: 31957
etag: "f11e21b6ad97e07b1d7103ad40a2e158e06fda73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
onclickperformance.com/a/display.php?r=5070395
35.190.55.95200 OK 14 kB URL HTTP/2 onclickperformance.com/a/display.php?r=5070395
IP 35.190.55.95:0
Hash 00b686c006226b9aa44f914acdcffe5a
82137a4e89ba564a7abb8ad4cc8d957d71e29bec
15c7ddacb86d4cbe1ac22177be854a9508c6945704e82141550fd8c1c103e426
GET /a/display.php?r=5070395 HTTP/1.1
Host: onclickperformance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Mon, 12 Dec 2022 06:27:25 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99b29987-02fd-4d31-922b-982bc01fc707.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99b29987-02fd-4d31-922b-982bc01fc707.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3c6b849c6f129763fdb8cb8e204c4061
85c2634af4069eed597ee1c3d469234f948ffe30
e3199deebec60704cfcc2ade400cf7a676cc29571604904decf72fdae77218af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99b29987-02fd-4d31-922b-982bc01fc707.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11031
x-amzn-requestid: 69574045-a0a8-43d6-9d8d-55882e45da77
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAEM0HIWIAMFaJA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964d85-6815de4f3eec22984800e99b;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:37:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: L8bSONyZ4Sppy_T6TZjFUz19FsRQRqRGALg4Ttr1cuHPYJxdZwk9VA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 22:13:54 GMT
age: 29611
etag: "85c2634af4069eed597ee1c3d469234f948ffe30"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df4e4c1-6b35-42cb-934f-923298f77ec2.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df4e4c1-6b35-42cb-934f-923298f77ec2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7b226bd8dfeafe00183109d4f824e2be
3c2b64c94cc098a416b1d4865e31298fcd5d05c1
ccce0f89771d141076cbf3a1830eaa5d81b9c0376c3637e100bdb21b98ecd3b2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df4e4c1-6b35-42cb-934f-923298f77ec2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9265
x-amzn-requestid: f9aa1f6f-91dc-48c1-819b-c7ac8fba37e6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAD4BFPMIAMFacw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964cff-6530a07c79f68a2a51e56a57;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:34:55 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: HMJiGsGsLtxdi-wVK-0Rl_YcYkb4T5kX8aOCFkxVIc0Xu8NhG8XLUg==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 21:34:56 GMT
age: 31949
etag: "3c2b64c94cc098a416b1d4865e31298fcd5d05c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F665ae3f9-217a-4a26-a3ba-2af041aeaf35.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F665ae3f9-217a-4a26-a3ba-2af041aeaf35.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8a37f35b8baf163928afa96129d83305
23ec6d9f18c44680415659b987399014c20b6954
13eb6db6765e1a69ba386cdb12d1451596ddebfcef20f1dbdf34f132c7f6c8f6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F665ae3f9-217a-4a26-a3ba-2af041aeaf35.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7408
x-amzn-requestid: 97306647-44c0-4d73-9625-f0af54acb577
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dAD4MFTkoAMFX_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63964d01-46d74b3f283ba5895aef6d3e;Sampled=0
x-amzn-remapped-date: Sun, 11 Dec 2022 21:34:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XIdLQlkXcJ5PdAXw1Fb7i6CAaKnLuagCbzkMPBmcYeuSQJh_AwoMVw==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Dec 2022 21:34:57 GMT
age: 31948
etag: "23ec6d9f18c44680415659b987399014c20b6954"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc582b370-f952-4f63-9937-1de61f295c46.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc582b370-f952-4f63-9937-1de61f295c46.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24d5e5918cf53c569d6674e598228246
241a28d882355e06b0a2428c931f9d72dd5c6c53
2ebf30d1844d23a2b7516b900b1aa4473e5c042b0e0ecb2c39675d4b4bc7910e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc582b370-f952-4f63-9937-1de61f295c46.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5452
x-amzn-requestid: eb6aca44-e834-4123-b191-eb3f007bf7b8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c6OCrGM-IAMFnxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6393f6dd-71fee2de2dd69c7d1d4d32fe;Sampled=0
x-amzn-remapped-date: Sat, 10 Dec 2022 03:02:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: SQJoOlmklC9KQSsedNiaNHyhmvIUvHCg0IU1PfXcZba1LXU-7VmMjw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Dec 2022 02:35:07 GMT
age: 13938
etag: "241a28d882355e06b0a2428c931f9d72dd5c6c53"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
code.jquery.com/jquery-1.11.2.min.js
69.16.175.42200 OK 33 kB URL HTTP/2 code.jquery.com/jquery-1.11.2.min.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (32047)
Hash b63c8cb1c4a495ed04e735d25beabd78
0ae68f1c55c227331286ad94403122a5ab4526e1
26ea04aa9c41767051276b819a4aa8c6aa337df4da89872d021862312d478d39
GET /jquery-1.11.2.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Dec 2022 06:27:26 GMT
content-encoding: gzip
content-length: 33262
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-176bb"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1670826446.dop226.sk1.t,1670826446.cds071.sk1.hn,1670826446.cds264.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6c797045ce2453615ff57e1749364ccd
30192a4c14e94cdb789832ead604861432296e2e
96867aa0b5bea168df793e580b71dcf005c1afb5786780230b8aadfc4bf6648c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 06:27:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
securepubads.g.doubleclick.net/tag/js/gpt.js
142.250.74.34200 OK 28 kB URL HTTP/2 securepubads.g.doubleclick.net/tag/js/gpt.js
IP 142.250.74.34:0
File type ASCII text, with very long lines (39504)
Hash 6e6a655c88ab947ddbbb8b38d167fbba
dfa4655064d9cc96138e05c3603e3c177d38a895
fa31f9e17efaa6e5c7f26995cf21c4a23c7688fcbef4f2a4f827d1a090d3a59e
GET /tag/js/gpt.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27666
date: Mon, 12 Dec 2022 06:27:27 GMT
expires: Mon, 12 Dec 2022 06:27:27 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1419 / 626 of 1000 / last-modified: 1670587582"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6c797045ce2453615ff57e1749364ccd
30192a4c14e94cdb789832ead604861432296e2e
96867aa0b5bea168df793e580b71dcf005c1afb5786780230b8aadfc4bf6648c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 06:27:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3b8f24550123569b6789b1a1b12ffcf5
fce80e47a7fd1ef8171544e1df5838d190bd0519
a4fcd6865511935ec8a24e9b836f82ed1202f2bbdbd9e0362bea31632bd5a930
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "A4FCD6865511935EC8A24E9B836F82ED1202F2BBDBD9E0362BEA31632BD5A930"
Last-Modified: Sun, 11 Dec 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 12 Dec 2022 12:27:27 GMT
Date: Mon, 12 Dec 2022 06:27:27 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3b8f24550123569b6789b1a1b12ffcf5
fce80e47a7fd1ef8171544e1df5838d190bd0519
a4fcd6865511935ec8a24e9b836f82ed1202f2bbdbd9e0362bea31632bd5a930
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "A4FCD6865511935EC8A24E9B836F82ED1202F2BBDBD9E0362BEA31632BD5A930"
Last-Modified: Sun, 11 Dec 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 12 Dec 2022 12:27:27 GMT
Date: Mon, 12 Dec 2022 06:27:27 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash be36fdcbab5a82c4711b6eb21d16120b
4589a6e36d78df3d385043a6041da679f0b366e4
423e6b90363e7b036ae2270c3dbc280d6a3621c721b1b92aefb377fed560d227
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 06:27:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a41c1c2a6aad29835a33369555bbe359
4e104748d3d8c3237d58e03b6f7493fcc9182142
a0495e2ab6ed55134a4bf56eb85252977c6978eb965b14724d47e3c979f25ab4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 06:27:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.pubxmedia.com/scripts/technicalatg.com/banner/display.js
172.67.142.130200 OK 7.1 kB URL HTTP/2 cdn.pubxmedia.com/scripts/technicalatg.com/banner/display.js
IP 172.67.142.130:0
Hash 79efc7e17e56f38705f57d2486f83d4a
8798228e233158a0ee7fef963c857d103e200719
5847a14499e9220952983a25af1db4b31be5a6336c9bca5137a61ca41ea231b7
GET /scripts/technicalatg.com/banner/display.js HTTP/1.1
Host: cdn.pubxmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 12 Dec 2022 06:27:27 GMT
content-type: application/javascript
cf-bgj: minify
cache-control: public, max-age=604800
expires: Sun, 18 Dec 2022 20:28:39 GMT
last-modified: Sun, 27 Nov 2022 20:07:54 GMT
vary: Accept-Encoding,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 35928
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XqC%2FQxi%2FscHXY16fWLZM5KzUv1seg7SBznTWV4en5Go9w7HUjXTqE%2FU8CnwF77w25GSTwIy%2BXrx15xbecOdB%2F7dCDif5ojzAR6L41M1ld1WtsICpFvqa8U9kW8Lq5yo3KCxr3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 778464f02b0cb4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=technicalatg.com
216.58.211.2200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=technicalatg.com
IP 216.58.211.2:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=technicalatg.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 12 Dec 2022 06:27:27 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash be36fdcbab5a82c4711b6eb21d16120b
4589a6e36d78df3d385043a6041da679f0b366e4
423e6b90363e7b036ae2270c3dbc280d6a3621c721b1b92aefb377fed560d227
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 06:27:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a41c1c2a6aad29835a33369555bbe359
4e104748d3d8c3237d58e03b6f7493fcc9182142
a0495e2ab6ed55134a4bf56eb85252977c6978eb965b14724d47e3c979f25ab4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 06:27:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
6a246040fffc465aa5f1a606729b6316.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
142.250.74.97200 OK 2.7 kB URL HTTP/2 6a246040fffc465aa5f1a606729b6316.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
IP 142.250.74.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (5657)
Hash e8ee9c011ff8e1f464e74c37113119ee
64ad72134ea05877de0f2b6503f5c0d8c3f78197
09e42988871806c7f0a897bda7bc4247f47f4d8590749eaa245b8ff1fa907303
GET /safeframe/1-0-40/html/container.html HTTP/1.1
Host: 6a246040fffc465aa5f1a606729b6316.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 2653
date: Mon, 12 Dec 2022 06:27:27 GMT
expires: Tue, 12 Dec 2023 06:27:27 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4594086434938959
216.58.211.2200 OK 50 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4594086434938959
IP 216.58.211.2:0
File type ASCII text, with very long lines (4885)
Hash 944f9febc3f1df125b2dc38e83a05e86
98e8a8643beab6f5c58fcb58f3314ec6c3d22b1d
85873de2243dda9470f8fd5bd9f15cf0d02a89bbfb5760565d6ec14a3c62ccc8
GET /pagead/js/adsbygoogle.js?client=ca-pub-4594086434938959 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://technicalatg.com
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 12 Dec 2022 06:27:27 GMT
expires: Mon, 12 Dec 2022 06:27:27 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 1160028405088854012
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49967
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120601&st=env
216.58.211.2200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120601&st=env
IP 216.58.211.2:0
File type JSON data\012- , ASCII text, with very long lines (14870), with no line terminators
Hash 91b273954529f97049e37edae9e11d3c
e2eb9efac398a2852ec362df4a94c1cad17ff7dd
2c5e5ab1fe54d6411aae68dd6183480739f765ab7895563544d7c305e83c4e1d
GET /getconfig/sodar?sv=200&tid=gpt&tv=2022120601&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://technicalatg.com
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Mon, 12 Dec 2022 06:27:27 GMT
server: cafe
content-length: 11223
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
technicalatg.com/wp-content/uploads/2022/08/c2b0165c490aa7aff8b35843961d9ab5.gif
188.114.96.1200 OK 8.9 kB URL HTTP/2 technicalatg.com/wp-content/uploads/2022/08/c2b0165c490aa7aff8b35843961d9ab5.gif
IP 188.114.96.1:0
File type GIF image data, version 89a, 464 x 114\012- data
Hash 8a0080ca4126ce4658e9e817dfde3613
839227ccb5252d46c9e50a99194633966b67b407
bb28a678e90b9d97bba59a3c3028c2b3a5bd1c61c8e8fbb32edc0d25d5102685
GET /wp-content/uploads/2022/08/c2b0165c490aa7aff8b35843961d9ab5.gif HTTP/1.1
Host: technicalatg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/?go=869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSbVdkYkFkTTRqcVMybWc2WnhXRVBDaz0=
Cookie: _lscache_vary=ea31f36e8ff3d0f771e819272d135d37
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Dec 2022 06:27:27 GMT
content-type: image/gif
content-length: 8944
cache-control: public, max-age=16070400
expires: Sat, 17 Dec 2022 06:47:05 GMT
last-modified: Wed, 14 Sep 2022 14:22:04 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 164140
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JqbMCfqWwFBk5DKURMk8PAK4ko3eWXGA%2FvLeOa1zxDoXdHDdTDYkIjB0N30hYCHpLwYOWB8drbEmIkYwKo7TFeGPWOHPIUBXDdM9Kap9abH4X588wmA%2BlXKB5ju1rbqkQLna"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 778464f3be2bb505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
technicalatg.com/wp-content/uploads/2022/11/wait4-1.png
188.114.96.1200 OK 2.2 kB URL HTTP/2 technicalatg.com/wp-content/uploads/2022/11/wait4-1.png
IP 188.114.96.1:0
File type PNG image data, 220 x 30, 8-bit/color RGB, non-interlaced\012- data
Hash cd04415ff2c2107d4a85dca7642ab4a4
e25af02258da821d7a01b97764e85642ccf97a51
806452f1b480eeeadffcc371cb695fc34d6accba5ebaab95fe8c7b50d8d6061b
GET /wp-content/uploads/2022/11/wait4-1.png HTTP/1.1
Host: technicalatg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/?go=869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSbVdkYkFkTTRqcVMybWc2WnhXRVBDaz0=
Cookie: _lscache_vary=ea31f36e8ff3d0f771e819272d135d37
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Dec 2022 06:27:27 GMT
content-type: image/png
content-length: 2178
cache-control: public, max-age=16070400
expires: Sat, 17 Dec 2022 06:47:16 GMT
last-modified: Thu, 24 Nov 2022 21:48:46 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 35928
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B0R0KRYdpFXjhRplLkuEWUJGVqQ4a0fd4JP06r6vEGFQ7dGCwdUwv6MsiUMzYHUYUymyPxTY6lpTp1%2BT0pN1gjNcQiS0d%2FLkEmBnHsFCNcVWR7gMfLQGhYytvFDw9yFeTZI%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 778464f3ce2fb505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
technicalatg.com/wp-content/uploads/2022/12/atglinks-download-button.png
188.114.96.1200 OK 3.2 kB URL HTTP/2 technicalatg.com/wp-content/uploads/2022/12/atglinks-download-button.png
IP 188.114.96.1:0
File type PNG image data, 226 x 53, 8-bit/color RGBA, non-interlaced\012- data
Hash ae0697d989301d99252c32e3409e4760
1f1aa140835b00e2a523d662fd7e07d96fdddea6
f501f238cee78fda630a38d2b54b4c921bae91adca9139f0f5229898bc898429
GET /wp-content/uploads/2022/12/atglinks-download-button.png HTTP/1.1
Host: technicalatg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/?go=869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSbVdkYkFkTTRqcVMybWc2WnhXRVBDaz0=
Cookie: _lscache_vary=ea31f36e8ff3d0f771e819272d135d37
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Dec 2022 06:27:27 GMT
content-type: image/png
content-length: 3179
cache-control: public, max-age=16070400
expires: Tue, 13 Dec 2022 16:42:45 GMT
last-modified: Tue, 06 Dec 2022 16:42:41 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 479546
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vc9Z5HpM1TiDlh8VxuIS7iPCu4pub5GNOarSx5dQs7GakJoPU9SwEAXYWEUTbJT3ejbBhGwiGpgSHG9GJATjCbHS5RkJhpKGRwOtNiqJFahRUCFK0SbphTnA8%2BXckQ%2BUePiC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 778464f3ce30b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
code.jquery.com/jquery-1.11.2.min.js
69.16.175.42200 OK 33 kB URL HTTP/2 code.jquery.com/jquery-1.11.2.min.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (32047)
Hash b63c8cb1c4a495ed04e735d25beabd78
0ae68f1c55c227331286ad94403122a5ab4526e1
26ea04aa9c41767051276b819a4aa8c6aa337df4da89872d021862312d478d39
GET /jquery-1.11.2.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 12 Dec 2022 06:27:27 GMT
content-encoding: gzip
content-length: 33262
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-176bb"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1670826447.dop214.sk1.t,1670826447.cds263.sk1.hc,1670826447.cds264.sk1.c
X-Firefox-Spdy: h2
stats.wp.com/e-202250.js
192.0.76.3200 OK 81 kB IP 192.0.76.3:0
File type ASCII text, with very long lines (2690)
Hash 98d6b4dfd418746c9e89799d15458460
91248a6293a0a7194c804efeb935353ccb10f59e
8f6b50b4e4eb22a8357ab2420dc1d1c74f601cd74cb2be533428e48df0dd5e57
GET /e-202250.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 12 Dec 2022 06:27:28 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"62f6b688-3508"
content-encoding: br
expires: Sun, 03 Dec 2023 23:16:56 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
onclickperformance.com/a/display.php?r=5070395
35.190.55.95200 OK 117 kB URL HTTP/2 onclickperformance.com/a/display.php?r=5070395
IP 35.190.55.95:0
Size 117 kB (117306 bytes)
Hash 519ee79d13dbc15e0370408afbe6fe2d
96b677c282120f0b605c35c1920eb60b409713c5
00fc0c3d594ca1ab4059f12b36104567d0e8db3163f71f6b6f1bcdfb527752ec
GET /a/display.php?r=5070395 HTTP/1.1
Host: onclickperformance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: openresty
date: Mon, 12 Dec 2022 06:27:28 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.comodoca.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 2379c6e7d50b5ee7cda8146865706705
48abcf27489d5c3c3090f8b4843373bbffbbf4ae
1e58c4defdbbee87d543a23442d2a1755b5e25526f906d36059a9ce9a3bb5291
POST / HTTP/1.1
Host: ocsp.comodoca.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 06:27:28 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 11 Dec 2022 14:13:36 GMT
Expires: Sun, 18 Dec 2022 14:13:35 GMT
Etag: "48abcf27489d5c3c3090f8b4843373bbffbbf4ae"
Cache-Control: max-age=546636,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 778464f88d20b503-OSL
knewwholesomecharming.com/be6c213e1e6a6a782e4f480f94d27a70/invoke.js
192.243.59.13200 OK 9.8 kB URL HTTP/1.1 knewwholesomecharming.com/be6c213e1e6a6a782e4f480f94d27a70/invoke.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26951), with no line terminators
Hash b1d9491a6d4d9c8709803e2c36af5f04
9f32b45fd21dddd40d45dd2be6b90c48ecdde6f7
ead81000beaad01331c5e555c7d0311ae34c96f7273dc711d8745fc1c7e72e25
GET /be6c213e1e6a6a782e4f480f94d27a70/invoke.js HTTP/1.1
Host: knewwholesomecharming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 12 Dec 2022 06:27:28 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 53cbfe64cc48d7cf99c57c7324076253
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash f0b47065b11cbea51cb76d12a9bfa1fb
e4297c96b6395dd7d35cac31717d3153fb3d95a4
7e851c843752269d2e3efd2908be5074cdd273eb839bf91bb7fbf57dacba5855
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 12 Dec 2022 06:27:29 GMT
Last-Modified: Mon, 12 Dec 2022 04:39:11 GMT
Server: ECS (nyb/1D10)
X-Cache: Miss from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: dpeWgoGr2MOfKL6-JOOQKXYZMW3WB1Q51m-ycUnK26BAHL0S-OFrCQ==
Age: 6498
simplewebanalysis.com/stats
18.195.193.92200 OK 18 kB URL HTTP/2 simplewebanalysis.com/stats
IP 18.195.193.92:0
File type gzip compressed data, max speed\012- data
Hash fc41fb6a5a179a4574b63327e3993a9f
ed8cd4e7466ca8d38c6329bae5ed9ce504fe4966
73dadbab519dcd421d8eee2dd569a8fc4c87804f9498341bfb7197d1152c5331
Analyzer Verdict Alert fortinet Malware
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://technicalatg.com
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 12 Dec 2022 06:27:29 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://technicalatg.com
access-control-allow-credentials: true
set-cookie: uid_id2=b78c9097-f4ee-4a14-8059-b6028dcfbacf:3:1; expires=Thu, 09 Dec 2032 06:27:29 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
knewwholesomecharming.com/be6c213e1e6a6a782e4f480f94d27a70/invoke.js
192.243.59.13200 OK 9.8 kB URL HTTP/1.1 knewwholesomecharming.com/be6c213e1e6a6a782e4f480f94d27a70/invoke.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26941), with no line terminators
Hash 0a0829535489a9530419d95fec4b9548
8619b0110aa8d5b574f7cc8722f7462edb9a1d36
0cdce8a0dfc9b71dd06c24752ac659678745d52c5c3db8ad504bf4a49e297719
GET /be6c213e1e6a6a782e4f480f94d27a70/invoke.js HTTP/1.1
Host: knewwholesomecharming.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 12 Dec 2022 06:27:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0ad3f4d2b8893c231a97247b7f30d9ce
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
simplewebanalysis.com/stats
18.195.193.92200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.195.193.92:0
File type ASCII text, with no line terminators
Hash d35b23c456e94a6cdab424b6cd96fdcf
ef1f412a8ed1f2172969115297893910acf97638
7a6a4a2f74524bff93dfdfca6caa28533d8cd9f5da3566281721497afe3059f9
Analyzer Verdict Alert fortinet Malware
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://technicalatg.com
Connection: keep-alive
Referer: https://technicalatg.com/
Cookie: uid_id2=b78c9097-f4ee-4a14-8059-b6028dcfbacf:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Dec 2022 06:27:29 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://technicalatg.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
pixel.wp.com/g.gif?v=ext&blog=197785918&post=0&tz=5.5&srv=technicalatg.com&j=1%3A11.6&host=technicalatg.com&ref=&fcp=1213&rand=0.9051500720476298
192.0.76.3200 OK 50 B URL HTTP/2 pixel.wp.com/g.gif?v=ext&blog=197785918&post=0&tz=5.5&srv=technicalatg.com&j=1%3A11.6&host=technicalatg.com&ref=&fcp=1213&rand=0.9051500720476298
IP 192.0.76.3:0
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&blog=197785918&post=0&tz=5.5&srv=technicalatg.com&j=1%3A11.6&host=technicalatg.com&ref=&fcp=1213&rand=0.9051500720476298 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Dec 2022 06:27:29 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 57b4abb263deb5dc6e64351e939a0059
6815c0a3bbed95244b8192adf087f65950133d1a
cdd68e773c460541e6965a8d91eec6f6b0002c11d57e527b6e8b80aef8c289f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CDD68E773C460541E6965A8D91EEC6F6B0002C11D57E527B6E8B80AEF8C289F5"
Last-Modified: Sun, 11 Dec 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4147
Expires: Mon, 12 Dec 2022 07:36:36 GMT
Date: Mon, 12 Dec 2022 06:27:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ee56bc94d7af48851c96b72fd81471cc
172f310bc18c6c0b178ed9430404365f78220abd
12bc6f3fb7ecdfdbac083d0db58e19018f1af9c5f971a5e88cdab7f0d8fbd504
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12BC6F3FB7ECDFDBAC083D0DB58E19018F1AF9C5F971A5E88CDAB7F0D8FBD504"
Last-Modified: Sun, 11 Dec 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3105
Expires: Mon, 12 Dec 2022 07:19:14 GMT
Date: Mon, 12 Dec 2022 06:27:29 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash fbfffb5fcbad3e6bde4b6213a2eacf5c
99eeb782b4fe7f7b7a28f2f73b32181641a0c83f
b9337d74bf95ad077f59921f673eb4a9023d1413630f367f8b8636a9e61b7959
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Dec 2022 06:27:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
crrepo.com/extban/316762620/creatives/23554626/708384a5184db12f1b4ce5b589b2ffe1_6778.gif
104.21.235.113200 OK 146 kB URL HTTP/2 crrepo.com/extban/316762620/creatives/23554626/708384a5184db12f1b4ce5b589b2ffe1_6778.gif
IP 104.21.235.113:0
File type GIF image data, version 89a, 300 x 250\012- data
Size 146 kB (146183 bytes)
Hash e0e86969d5a4cd566e9a9df98f9653fc
b9f033c1e16a0df852685e22a926ba89740d7e12
e8f0ec4731c5026d6d83fb1922ee9c74d7b0d2ec65908da1db3f4af3f90c4620
GET /extban/316762620/creatives/23554626/708384a5184db12f1b4ce5b589b2ffe1_6778.gif HTTP/1.1
Host: crrepo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onclickperformance.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Dec 2022 06:27:29 GMT
content-type: image/gif
last-modified: Sat, 10 Dec 2022 08:46:46 GMT
etag: W/"63944776-6758"
via: 1.1 google
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gHBg3WRVXPf3raEhBHo1bzPeWoqKX4%2Bh%2B3SMYbIUjNYnVTbvBygsGa4zzhv9xO3PvwT8oa9EpTWRaS8D4mHiJ3CEXYv3jwUa%2BgRS9yULYqP8jXMZBO3yinjBlQEN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 778464fc2f378873-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2.js
172.217.21.161200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 172.217.21.161:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Mon, 12 Dec 2022 06:27:29 GMT
expires: Mon, 12 Dec 2022 06:27:29 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
restorationpencil.com/watch.1515540485385.js?key=be6c213e1e6a6a782e4f480f94d27a70&kw=%5B%222017%22%2C%22marketplace%22%2C%22health%22%2C%22insurance%22%2C%22tax%22%2C%22tips%22%5D&refer=https%3A%2F%2Ftechnicalatg.com%2F%3Fgo%3D869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSbVdkYkFkTTRqcVMybWc2WnhXRVBDaz0%3D&tz=0&dev=e&res=12.1055&uuid=b78c9097-f4ee-4a14-8059-b6028dcfbacf%3A3%3A1
173.233.137.60307 Temporary Redirect 0 B URL HTTP/1.1 restorationpencil.com/watch.1515540485385.js?key=be6c213e1e6a6a782e4f480f94d27a70&kw=%5B%222017%22%2C%22marketplace%22%2C%22health%22%2C%22insurance%22%2C%22tax%22%2C%22tips%22%5D&refer=https%3A%2F%2Ftechnicalatg.com%2F%3Fgo%3D869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSbVdkYkFkTTRqcVMybWc2WnhXRVBDaz0%3D&tz=0&dev=e&res=12.1055&uuid=b78c9097-f4ee-4a14-8059-b6028dcfbacf%3A3%3A1
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1515540485385.js?key=be6c213e1e6a6a782e4f480f94d27a70&kw=%5B%222017%22%2C%22marketplace%22%2C%22health%22%2C%22insurance%22%2C%22tax%22%2C%22tips%22%5D&refer=https%3A%2F%2Ftechnicalatg.com%2F%3Fgo%3D869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSbVdkYkFkTTRqcVMybWc2WnhXRVBDaz0%3D&tz=0&dev=e&res=12.1055&uuid=b78c9097-f4ee-4a14-8059-b6028dcfbacf%3A3%3A1 HTTP/1.1
Host: restorationpencil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://technicalatg.com
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Mon, 12 Dec 2022 06:27:29 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://technicalatg.com
Access-Control-Allow-Origin: https://technicalatg.com
Access-Control-Allow-Credentials: true
Location: https://restorationpencil.com/watch.1515540485385.js?key=be6c213e1e6a6a782e4f480f94d27a70&kw=%5B%222017%22%2C%22marketplace%22%2C%22health%22%2C%22insurance%22%2C%22tax%22%2C%22tips%22%5D&refer=https%3A%2F%2Ftechnicalatg.com%2F%3Fgo%3D869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSbVdkYkFkTTRqcVMybWc2WnhXRVBDaz0%3D&tz=0&dev=e&res=12.1055&uuid=b78c9097-f4ee-4a14-8059-b6028dcfbacf%3A3%3A1&shu=a8b1f78d96e8d4f20bd5957d9cd94987953eae98b060706c30bb60836eef4bd7a47e017a836d7afc75a9830809dbabad61620bb2c30db09eea26ad337d5ce6af565c1f44b0b67b3f1f73ac5d6688c293c6edd8d1907b185d9726a2239a59194263&pst=1670826509&rmtc=t
Set-Cookie: u_pl=17798884; expires=Tue, 13 Dec 2022 06:27:29 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzc5ODg4NCwiayI6ImJlNmMyMTNlMWU2YTZhNzgyZTRmNDgwZjk0ZDI3YTcwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjU4NjAyLCJwaWQiOjIxNTYzNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJoZG5tMnFnaWciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly90ZWNobmljYWxhdGcuY29tLz9nbz04Njk5OTdjMThiNWQxMzM4ZmQ3Y2E4MjgyZjQzN3dBcGJzQ2FkZkVlRmxnaUhuaWtPSFF5T0RBd1lpOXJPVUZQZVdGdWJ6Z3ZVMmxTYlZka1lrRmtUVFJxY1ZNeWJXYzJXbmhYUlZCRGF6MD0ifX0.q0xCEYQxrjvj_2lxxwjCeJIhRR2L8qGmmnyYbvbgos8; expires=Mon, 12 Dec 2022 06:28:29 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9b2090f55d7da5ab027224d301208020
Strict-Transport-Security: max-age=0; includeSubdomains
jsc.adskeeper.co.uk/t/e/technicalatg.com.1391478.js
104.18.34.236200 OK 923 B URL HTTP/2 jsc.adskeeper.co.uk/t/e/technicalatg.com.1391478.js
IP 104.18.34.236:0
File type ASCII text, with very long lines (2370)
Hash 013e90f98a402d6d79daf8df1b3778cb
804b0cf36316cc7ef26bc6fa6225e65e1d72c7bb
9f9ba3d442ffce3cc539fd88faa03d3d15deb9818dbf0ed99105d1988c6e2c11
GET /t/e/technicalatg.com.1391478.js HTTP/1.1
Host: jsc.adskeeper.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 12 Dec 2022 06:27:29 GMT
content-type: text/javascript
content-length: 923
x-amz-id-2: vnzUO+AWEXthjHdBwOFSbVKkCSSR/Opsa7C/w6sVJlXStqFzLVwqBkLKyxNcDAVwbzPJQb6l5ZOC8vUnTsUPvQ==
x-amz-request-id: 4C6PHX8K8BV0P5ZC
last-modified: Mon, 28 Nov 2022 20:30:11 GMT
etag: "013e90f98a402d6d79daf8df1b3778cb"
content-encoding: gzip
x-amz-version-id: 1pQcn0fSROYOnZPektdD_VvV3GBk_6nf
cf-cache-status: HIT
expires: Mon, 12 Dec 2022 10:27:29 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 778464feee6ab4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
restorationpencil.com/watch.1515540485385.js?key=be6c213e1e6a6a782e4f480f94d27a70&kw=%5B%222017%22%2C%22marketplace%22%2C%22health%22%2C%22insurance%22%2C%22tax%22%2C%22tips%22%5D&refer=https%3A%2F%2Ftechnicalatg.com%2F%3Fgo%3D869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSbVdkYkFkTTRqcVMybWc2WnhXRVBDaz0%3D&tz=0&dev=e&res=12.1055&uuid=b78c9097-f4ee-4a14-8059-b6028dcfbacf%3A3%3A1&shu=a8b1f78d96e8d4f20bd5957d9cd94987953eae98b060706c30bb60836eef4bd7a47e017a836d7afc75a9830809dbabad61620bb2c30db09eea26ad337d5ce6af565c1f44b0b67b3f1f73ac5d6688c293c6edd8d1907b185d9726a2239a59194263&pst=1670826509&rmtc=t
173.233.137.60200 OK 643 B URL HTTP/1.1 restorationpencil.com/watch.1515540485385.js?key=be6c213e1e6a6a782e4f480f94d27a70&kw=%5B%222017%22%2C%22marketplace%22%2C%22health%22%2C%22insurance%22%2C%22tax%22%2C%22tips%22%5D&refer=https%3A%2F%2Ftechnicalatg.com%2F%3Fgo%3D869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSbVdkYkFkTTRqcVMybWc2WnhXRVBDaz0%3D&tz=0&dev=e&res=12.1055&uuid=b78c9097-f4ee-4a14-8059-b6028dcfbacf%3A3%3A1&shu=a8b1f78d96e8d4f20bd5957d9cd94987953eae98b060706c30bb60836eef4bd7a47e017a836d7afc75a9830809dbabad61620bb2c30db09eea26ad337d5ce6af565c1f44b0b67b3f1f73ac5d6688c293c6edd8d1907b185d9726a2239a59194263&pst=1670826509&rmtc=t
IP 173.233.137.60:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (602)
Hash 9bc1f09db826b98fdde89b30d1442dfc
1b91902b8481aa2f4f5f692ec286a7b6616c02d9
344f3caf8ae7c809f0e25bd1e44839973a2e5f23b344b9ab6138726bd0855811
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1515540485385.js?key=be6c213e1e6a6a782e4f480f94d27a70&kw=%5B%222017%22%2C%22marketplace%22%2C%22health%22%2C%22insurance%22%2C%22tax%22%2C%22tips%22%5D&refer=https%3A%2F%2Ftechnicalatg.com%2F%3Fgo%3D869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSbVdkYkFkTTRqcVMybWc2WnhXRVBDaz0%3D&tz=0&dev=e&res=12.1055&uuid=b78c9097-f4ee-4a14-8059-b6028dcfbacf%3A3%3A1&shu=a8b1f78d96e8d4f20bd5957d9cd94987953eae98b060706c30bb60836eef4bd7a47e017a836d7afc75a9830809dbabad61620bb2c30db09eea26ad337d5ce6af565c1f44b0b67b3f1f73ac5d6688c293c6edd8d1907b185d9726a2239a59194263&pst=1670826509&rmtc=t HTTP/1.1
Host: restorationpencil.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://technicalatg.com
Referer: https://technicalatg.com/
Connection: keep-alive
Cookie: u_pl=17798884; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzc5ODg4NCwiayI6ImJlNmMyMTNlMWU2YTZhNzgyZTRmNDgwZjk0ZDI3YTcwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjU4NjAyLCJwaWQiOjIxNTYzNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJoZG5tMnFnaWciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly90ZWNobmljYWxhdGcuY29tLz9nbz04Njk5OTdjMThiNWQxMzM4ZmQ3Y2E4MjgyZjQzN3dBcGJzQ2FkZkVlRmxnaUhuaWtPSFF5T0RBd1lpOXJPVUZQZVdGdWJ6Z3ZVMmxTYlZka1lrRmtUVFJxY1ZNeWJXYzJXbmhYUlZCRGF6MD0ifX0.q0xCEYQxrjvj_2lxxwjCeJIhRR2L8qGmmnyYbvbgos8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 12 Dec 2022 06:27:29 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://technicalatg.com
Access-Control-Allow-Origin: https://technicalatg.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=b78c9097-f4ee-4a14-8059-b6028dcfbacf:3:1; expires=Mon, 19 Dec 2022 06:27:29 GMT; secure; SameSite=None
iprc0edf4b57f82d7911f6b872e5963a3184=2717340; expires=Tue, 13 Dec 2022 08:27:29 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 13 Dec 2022 06:27:29 GMT; secure; SameSite=None
uncs=1; expires=Tue, 13 Dec 2022 06:27:29 GMT; secure; SameSite=None
pdhtkv5=true; expires=Tue, 13 Dec 2022 06:27:29 GMT; secure; SameSite=None
uncs5=1; expires=Tue, 13 Dec 2022 06:27:29 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8e9c1c26b0f05eadc52cfb909d3d0a83
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
onclickperformance.com/a/display.php?r=5070395
35.190.55.95200 OK 4.5 kB URL HTTP/2 onclickperformance.com/a/display.php?r=5070395
IP 35.190.55.95:0
File type ASCII text, with very long lines (764)
Hash 2eca26108b91bb857de937ce009d1829
240deb6b5435ba2a62f605b6889338e5fa5bb218
97212437a662b93d42cc87a6f9bd0f0a5e040274783ef61ee75138647ae8aed2
GET /a/display.php?r=5070395 HTTP/1.1
Host: onclickperformance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 12 Dec 2022 06:27:29 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.adxfire.com/scripts/technicalatg.com//display.js
23.111.12.177200 OK 41 kB URL HTTP/2 cdn.adxfire.com/scripts/technicalatg.com//display.js
IP 23.111.12.177:0
ASN #59253 Leaseweb Asia Pacific pte. ltd.
Hash b6c9016eb3b9edc2ce2d9855e50cd4c6
f9644d107252d2ce39411a51ca04c192a8b4ade2
974aed886ac3552fa81cc76bfa34d79d6a1a8492dff47b6be2fba7c07f3cae21
GET /scripts/technicalatg.com//display.js HTTP/1.1
Host: cdn.adxfire.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 12 Dec 2022 06:27:28 GMT
content-type: application/javascript
set-cookie: cl-bypass-cache=yes; Expires=Mon, 12-Dec-22 07:27:28 GMT; Domain=cdn.adxfire.com; Path=/; HttpOnly; SameSite=Lax
server: imunify360-webshield/1.18
last-modified: Monday, 12-Dec-2022 06:27:28 GMT
cache-control: private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
cf-edge-cache: no-cache
expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 48f3087bed7a0ee5c4f8e26721390430
25b36ac79a6c695cc4759ad6a7d44e04a54b41e2
3b7816f584d961c857587ab947738468de6cf2f826a11c2da2fb5c4e79293df9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3B7816F584D961C857587AB947738468DE6CF2F826A11C2DA2FB5C4E79293DF9"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17448
Expires: Mon, 12 Dec 2022 11:18:18 GMT
Date: Mon, 12 Dec 2022 06:27:30 GMT
Connection: keep-alive
onclickperformance.com/script/i.php?stamat=m%257C%252C%252CgiYvIjF-oGU3Bk-GH0dEdHP3xP.044%252C8nTFtjcaLqz49QoCZupmdGJFeaAemmrPQgPxBT07gSjs0Zz2u-VcccjEgf8iXuePmL7pRicXi0yXlpluCvtRDBDRMNT_1bNDBXGyMpBgZ7knhsdzsW60QFoRgEEkgVKbdMGCBNwMD4zmGLrp0XqeGyxctxWaHGQrABxmV895jOPt3Y4iBW58RwAug6woLMQegj8OJXBQaqzz7bAk2siAypUO-hyYT-CuTht5ufdVF-mEXtXgPnDH7hYZVbRUdtOO0rARoyCEk3gma9qviiDpgYtT5BBDF7Z-HgHR6J7Zc4zMvUma8YzU9a-bHGbpzrO_AmQwRGrNTDHAVCNCDp5lITZdmic00BBLJcxfXYjlSkfBs3BjUsPq-Kvz6-VQCbFvcJy25c2wSOQcnqoZnGONUqZ3-ZNtDwSkfSb34FK-xxU_zq1hqhj6i3NjrLnhv9xzTUTh6d3hiRa5--UGRUd1JnfUgE34xVlS4NbJS9dy9krNfrhr7bHRVHHxgeG-_s_hY9Xytnfk5FoLBeeSSF4t2n1dJKn0082t0Fiks4t2clE%252C
35.190.55.95204 No Content 0 B URL HTTP/2 onclickperformance.com/script/i.php?stamat=m%257C%252C%252CgiYvIjF-oGU3Bk-GH0dEdHP3xP.044%252C8nTFtjcaLqz49QoCZupmdGJFeaAemmrPQgPxBT07gSjs0Zz2u-VcccjEgf8iXuePmL7pRicXi0yXlpluCvtRDBDRMNT_1bNDBXGyMpBgZ7knhsdzsW60QFoRgEEkgVKbdMGCBNwMD4zmGLrp0XqeGyxctxWaHGQrABxmV895jOPt3Y4iBW58RwAug6woLMQegj8OJXBQaqzz7bAk2siAypUO-hyYT-CuTht5ufdVF-mEXtXgPnDH7hYZVbRUdtOO0rARoyCEk3gma9qviiDpgYtT5BBDF7Z-HgHR6J7Zc4zMvUma8YzU9a-bHGbpzrO_AmQwRGrNTDHAVCNCDp5lITZdmic00BBLJcxfXYjlSkfBs3BjUsPq-Kvz6-VQCbFvcJy25c2wSOQcnqoZnGONUqZ3-ZNtDwSkfSb34FK-xxU_zq1hqhj6i3NjrLnhv9xzTUTh6d3hiRa5--UGRUd1JnfUgE34xVlS4NbJS9dy9krNfrhr7bHRVHHxgeG-_s_hY9Xytnfk5FoLBeeSSF4t2n1dJKn0082t0Fiks4t2clE%252C
IP 35.190.55.95:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /script/i.php?stamat=m%257C%252C%252CgiYvIjF-oGU3Bk-GH0dEdHP3xP.044%252C8nTFtjcaLqz49QoCZupmdGJFeaAemmrPQgPxBT07gSjs0Zz2u-VcccjEgf8iXuePmL7pRicXi0yXlpluCvtRDBDRMNT_1bNDBXGyMpBgZ7knhsdzsW60QFoRgEEkgVKbdMGCBNwMD4zmGLrp0XqeGyxctxWaHGQrABxmV895jOPt3Y4iBW58RwAug6woLMQegj8OJXBQaqzz7bAk2siAypUO-hyYT-CuTht5ufdVF-mEXtXgPnDH7hYZVbRUdtOO0rARoyCEk3gma9qviiDpgYtT5BBDF7Z-HgHR6J7Zc4zMvUma8YzU9a-bHGbpzrO_AmQwRGrNTDHAVCNCDp5lITZdmic00BBLJcxfXYjlSkfBs3BjUsPq-Kvz6-VQCbFvcJy25c2wSOQcnqoZnGONUqZ3-ZNtDwSkfSb34FK-xxU_zq1hqhj6i3NjrLnhv9xzTUTh6d3hiRa5--UGRUd1JnfUgE34xVlS4NbJS9dy9krNfrhr7bHRVHHxgeG-_s_hY9Xytnfk5FoLBeeSSF4t2n1dJKn0082t0Fiks4t2clE%252C HTTP/1.1
Host: onclickperformance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onclickperformance.com/ad/display.php?stamat=m%257C%252C8NjZ793OqB1dAN0dEdHP3xP.248%252CZMkKdRAQlkuDbgTABrav5PzkPQ5_heC032WtGHCgC4b9awuZEr_u0LUi_2kBMcEADAEPG5wvq70Qrq2Sslfxk0ehdy7MzSMJUqKohDOYjew%252C&cbpage=https://technicalatg.com/?go=869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSbVdkYkFkTTRqcVMybWc2WnhXRVBDaz0=&cbur=0.5358227788406204&cbtitle=2017%20Marketplace%20health%20insurance%20%26%20tax%20tips&cbiframe=0&cbWidth=1280&cbHeight=939&cbdescription=&cbkeywords=&cbref=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
server: openresty
date: Mon, 12 Dec 2022 06:27:30 GMT
access-control-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
slobcarpstun.com/watch.1143353617646?shu=ed59741b51b6e02fa5e108d58614672d41f93baba4f09047c5e2fa07252a1e6105b4dd3642f1c8212252bc7adc948ed411090c48e84d6b1231cb61c8c6edde72ec675705764ef50039ae4e59d042491fd169df53d118772b09e45429caf0d3&pst=1670826510&rmtc=t&uuid=b78c9097-f4ee-4a14-8059-b6028dcfbacf%3A3%3A1&pii=&in=false&key=be6c213e1e6a6a782e4f480f94d27a70&refer=https%3A%2F%2Ftechnicalatg.com%2F%3Fgo%3D869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSbVdkYkFkTTRqcVMybWc2WnhXRVBDaz0%3D&res=12.1055&kw=%5B%222017%22%2C%22marketplace%22%2C%22health%22%2C%22insurance%22%2C%22tax%22%2C%22tips%22%5D&tz=0&dev=e
192.243.59.13200 OK 1.8 kB URL HTTP/1.1 slobcarpstun.com/watch.1143353617646?shu=ed59741b51b6e02fa5e108d58614672d41f93baba4f09047c5e2fa07252a1e6105b4dd3642f1c8212252bc7adc948ed411090c48e84d6b1231cb61c8c6edde72ec675705764ef50039ae4e59d042491fd169df53d118772b09e45429caf0d3&pst=1670826510&rmtc=t&uuid=b78c9097-f4ee-4a14-8059-b6028dcfbacf%3A3%3A1&pii=&in=false&key=be6c213e1e6a6a782e4f480f94d27a70&refer=https%3A%2F%2Ftechnicalatg.com%2F%3Fgo%3D869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSbVdkYkFkTTRqcVMybWc2WnhXRVBDaz0%3D&res=12.1055&kw=%5B%222017%22%2C%22marketplace%22%2C%22health%22%2C%22insurance%22%2C%22tax%22%2C%22tips%22%5D&tz=0&dev=e
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2517)
Hash faf91aca36c0ec2d043baad86cb13df2
8dcbaaa2f47806db7928260131ef2d38b02792a7
a330a7b7f482a209bc0e4b50d12fb00f376d0b298f5fb5fa09217260ad4917ec
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1143353617646?shu=ed59741b51b6e02fa5e108d58614672d41f93baba4f09047c5e2fa07252a1e6105b4dd3642f1c8212252bc7adc948ed411090c48e84d6b1231cb61c8c6edde72ec675705764ef50039ae4e59d042491fd169df53d118772b09e45429caf0d3&pst=1670826510&rmtc=t&uuid=b78c9097-f4ee-4a14-8059-b6028dcfbacf%3A3%3A1&pii=&in=false&key=be6c213e1e6a6a782e4f480f94d27a70&refer=https%3A%2F%2Ftechnicalatg.com%2F%3Fgo%3D869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSbVdkYkFkTTRqcVMybWc2WnhXRVBDaz0%3D&res=12.1055&kw=%5B%222017%22%2C%22marketplace%22%2C%22health%22%2C%22insurance%22%2C%22tax%22%2C%22tips%22%5D&tz=0&dev=e HTTP/1.1
Host: slobcarpstun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slobcarpstun.com/watch.1143353617646?key=be6c213e1e6a6a782e4f480f94d27a70&kw=%5B%222017%22%2C%22marketplace%22%2C%22health%22%2C%22insurance%22%2C%22tax%22%2C%22tips%22%5D&refer=https%3A%2F%2Ftechnicalatg.com%2F%3Fgo%3D869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSbVdkYkFkTTRqcVMybWc2WnhXRVBDaz0%3D&tz=0&dev=e&res=12.1055&uuid=b78c9097-f4ee-4a14-8059-b6028dcfbacf%3A3%3A1
Cookie: u_pl=17798884; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzc5ODg4NCwiayI6ImJlNmMyMTNlMWU2YTZhNzgyZTRmNDgwZjk0ZDI3YTcwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNjU4NjAyLCJwaWQiOjIxNTYzNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyMSwiYWlkIjo1LCJwdCI6NCwicGsiOiJoZG5tMnFnaWciLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHBzOi8vdGVjaG5pY2FsYXRnLmNvbS8_Z289ODY5OTk3YzE4YjVkMTMzOGZkN2NhODI4MmY0Mzd3QXBic0NhZGZFZUZsZ2lIbmlrT0hReU9EQXdZaTlyT1VGUGVXRnViemd2VTJsU2JWZGtZa0ZrVFRScWNWTXliV2MyV25oWFJWQkRhejA9In19.MFHI7KC_58CEjHedh1Gu8xEhAA6cZ6DM9T2LmB9bclc; uid_id2=b78c9097-f4ee-4a14-8059-b6028dcfbacf:3:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 12 Dec 2022 06:27:30 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://technicalatg.com/?go=869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSbVdkYkFkTTRqcVMybWc2WnhXRVBDaz0=
Access-Control-Allow-Origin: https://technicalatg.com/?go=869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSbVdkYkFkTTRqcVMybWc2WnhXRVBDaz0=
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=b78c9097-f4ee-4a14-8059-b6028dcfbacf:3:1; expires=Mon, 19 Dec 2022 06:27:30 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 13 Dec 2022 06:27:30 GMT; secure; SameSite=None
uncs=1; expires=Tue, 13 Dec 2022 06:27:30 GMT; secure; SameSite=None
pdhtkv5=true; expires=Tue, 13 Dec 2022 06:27:30 GMT; secure; SameSite=None
uncs5=1; expires=Tue, 13 Dec 2022 06:27:30 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7096d07cf6aa7dbdbfe8bf7b83fcad9a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17798884
173.233.137.52200 OK 1.3 kB URL HTTP/1.1 www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17798884
IP 173.233.137.52:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 729a362f50b5037b471bb3eb8acf4837
dbfdd39b6e5ce7b81661bc394a4c08aca1550a3d
80452e14d0bec29043ed27feedd3447a8c1e620883402755d794e46a7e28a1f0
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17798884 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 12 Dec 2022 06:27:30 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16122660; expires=Tue, 13 Dec 2022 06:27:30 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTc3OTg4ODQiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly90ZWNobmljYWxhdGcuY29tLyJ9fQ.wTMFCftIcc5S5xog5fccm5pqFQYA2D5RQtVb4HytoQc; expires=Mon, 12 Dec 2022 06:28:30 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d5bf35496c057d4220d8da8b9b94fc5e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.spikereekvelocity.com/dyfc1k09?shu=da06e320c27a2c8e054faaae109e5b293567cc7314805d269c412db9e3fc98dfc31d8a837185c8076430e561b4cb3dd12d1014ca22eeb18c698b1b7f8bf35b6b41e6606574dcdc915954225d06bca4edd9805ad28c7d799c95df809f65eb076c032f01&pst=1670826510&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Ftechnicalatg.com%2F&psid=17798884
173.233.137.52302 Found 0 B URL HTTP/1.1 www.spikereekvelocity.com/dyfc1k09?shu=da06e320c27a2c8e054faaae109e5b293567cc7314805d269c412db9e3fc98dfc31d8a837185c8076430e561b4cb3dd12d1014ca22eeb18c698b1b7f8bf35b6b41e6606574dcdc915954225d06bca4edd9805ad28c7d799c95df809f65eb076c032f01&pst=1670826510&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Ftechnicalatg.com%2F&psid=17798884
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?shu=da06e320c27a2c8e054faaae109e5b293567cc7314805d269c412db9e3fc98dfc31d8a837185c8076430e561b4cb3dd12d1014ca22eeb18c698b1b7f8bf35b6b41e6606574dcdc915954225d06bca4edd9805ad28c7d799c95df809f65eb076c032f01&pst=1670826510&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Ftechnicalatg.com%2F&psid=17798884 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.spikereekvelocity.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
Cookie: u_pl=16122660; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTc3OTg4ODQiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly90ZWNobmljYWxhdGcuY29tLyJ9fQ.wTMFCftIcc5S5xog5fccm5pqFQYA2D5RQtVb4HytoQc; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx/1.19.5
Date: Mon, 12 Dec 2022 06:27:30 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: http://ciar-kep.com/zcvisitor/0e4c3df2-79e6-11ed-996e-0a1b3cd554bb/014d4f70-c126-11e5-9ddc-0afe289da1cd?campaignid=b9792a50-4807-11ed-8e2b-128084d1ce51
Set-Cookie: pdhtkv=true; expires=Tue, 13 Dec 2022 06:27:30 GMT
uncs=1; expires=Tue, 13 Dec 2022 06:27:30 GMT
pdhtkv28=true; expires=Tue, 13 Dec 2022 06:27:30 GMT
uncs28=1; expires=Tue, 13 Dec 2022 06:27:30 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 09f0a24c9ccb685d0ce18fd0021df388
Strict-Transport-Security: max-age=0; includeSubdomains
ciar-kep.com/zcvisitor/0e4c3df2-79e6-11ed-996e-0a1b3cd554bb/014d4f70-c126-11e5-9ddc-0afe289da1cd?campaignid=b9792a50-4807-11ed-8e2b-128084d1ce51
3.212.50.125302 0 B URL HTTP/1.1 ciar-kep.com/zcvisitor/0e4c3df2-79e6-11ed-996e-0a1b3cd554bb/014d4f70-c126-11e5-9ddc-0afe289da1cd?campaignid=b9792a50-4807-11ed-8e2b-128084d1ce51
IP 3.212.50.125:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /zcvisitor/0e4c3df2-79e6-11ed-996e-0a1b3cd554bb/014d4f70-c126-11e5-9ddc-0afe289da1cd?campaignid=b9792a50-4807-11ed-8e2b-128084d1ce51 HTTP/1.1
Host: ciar-kep.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302
Date: Mon, 12 Dec 2022 06:27:31 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Location: https://shopde.pricedeals.shop/go.php?market=no&zr0e4c3df279e611ed996e0a1b3cd554bb3e4aa259b13b49ca9f6bc8b22e75ab5e069654269ec14bda57
Server: hvetTLka
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cfbea2a08682da43b95d1a81aa990f81
e1bf8cbda95b1bfbc6e35affce5a0d4afe7629c4
d01ab7f0ea4161c6e81f69518a0419d65c7cd0f09b803f07a91291833f911328
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D01AB7F0EA4161C6E81F69518A0419D65C7CD0F09B803F07A91291833F911328"
Last-Modified: Sat, 10 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7465
Expires: Mon, 12 Dec 2022 08:31:56 GMT
Date: Mon, 12 Dec 2022 06:27:31 GMT
Connection: keep-alive
shopde.pricedeals.shop/go.php?market=no&zr0e4c3df279e611ed996e0a1b3cd554bb3e4aa259b13b49ca9f6bc8b22e75ab5e069654269ec14bda57
135.181.6.240200 OK 571 B URL HTTP/1.1 shopde.pricedeals.shop/go.php?market=no&zr0e4c3df279e611ed996e0a1b3cd554bb3e4aa259b13b49ca9f6bc8b22e75ab5e069654269ec14bda57
IP 135.181.6.240:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (450)
Hash bcccf12aadeaa48cb9ed8eb353e31728
19b23456c6474bc147afaee8bee404f09960d682
45ed05f3315047390c7a819fc204e6826c5ba009e33370d32b7d433af016e2de
GET /go.php?market=no&zr0e4c3df279e611ed996e0a1b3cd554bb3e4aa259b13b49ca9f6bc8b22e75ab5e069654269ec14bda57 HTTP/1.1
Host: shopde.pricedeals.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 06:27:31 GMT
Server: Apache/2.4.54 (Debian)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 571
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
shopde.pricedeals.shop/favicon.ico
135.181.6.240404 Not Found 285 B URL HTTP/1.1 shopde.pricedeals.shop/favicon.ico
IP 135.181.6.240:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7cd85cf7b8f9a014ae145681b1f5e73d
a574403ec64b443a802d0980e3bd368bafebe2d9
cb5d0086c43932c164cc6892b9f762fb4128c182d3dbdbf476036a2783f0023b
GET /favicon.ico HTTP/1.1
Host: shopde.pricedeals.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopde.pricedeals.shop/go.php?market=no&zr0e4c3df279e611ed996e0a1b3cd554bb3e4aa259b13b49ca9f6bc8b22e75ab5e069654269ec14bda57
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Mon, 12 Dec 2022 06:27:31 GMT
Server: Apache/2.4.54 (Debian)
Content-Length: 285
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
shopde.pricedeals.shop/redirect.php?u=aHR0cHM6Ly9uby1nby5rZWxrb29ncm91cC5uZXQvY3RsL2dvL29mZmVyc2VhcmNoR28_LnRzPTE2NzA4MjIwMTM5MDkmLnNpZz1DZHpQS0cwT21qSFZlQnc5eHlLVl9LNVpvQUEtJmFmZmlsaWF0aW9uSWQ9OTY5Nzk3MTQmY29tSWQ9MTAwNDk1NTM3JmNvdW50cnk9bm8mb2ZmZXJJZD04ODExMDIzNmViMDY0YjFmYWViMThlNWUzYjlmMWVlOSZzZXJ2aWNlPTM3JnRva2VuSWQ9MzJmMzQzMTItZjIwMy00MDcwLTg2ODUtNTQyZmIxMjdiMTEwJndhaXQ9dHJ1ZSZhZGRlZFBhcmFtcz10cnVlJmN1c3RvbTE9NTEm
135.181.6.240200 OK 468 B URL HTTP/1.1 shopde.pricedeals.shop/redirect.php?u=aHR0cHM6Ly9uby1nby5rZWxrb29ncm91cC5uZXQvY3RsL2dvL29mZmVyc2VhcmNoR28_LnRzPTE2NzA4MjIwMTM5MDkmLnNpZz1DZHpQS0cwT21qSFZlQnc5eHlLVl9LNVpvQUEtJmFmZmlsaWF0aW9uSWQ9OTY5Nzk3MTQmY29tSWQ9MTAwNDk1NTM3JmNvdW50cnk9bm8mb2ZmZXJJZD04ODExMDIzNmViMDY0YjFmYWViMThlNWUzYjlmMWVlOSZzZXJ2aWNlPTM3JnRva2VuSWQ9MzJmMzQzMTItZjIwMy00MDcwLTg2ODUtNTQyZmIxMjdiMTEwJndhaXQ9dHJ1ZSZhZGRlZFBhcmFtcz10cnVlJmN1c3RvbTE9NTEm
IP 135.181.6.240:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (363)
Hash 4789374e79767965fbd30918cd5c4553
cb8fe109d8d2640c6f25f71636d6c8bccba859b6
3da6d6cfd32a0f9006a6e59b8a2a8d9b8d2b2aa75fd7462185582905b212b367
GET /redirect.php?u=aHR0cHM6Ly9uby1nby5rZWxrb29ncm91cC5uZXQvY3RsL2dvL29mZmVyc2VhcmNoR28_LnRzPTE2NzA4MjIwMTM5MDkmLnNpZz1DZHpQS0cwT21qSFZlQnc5eHlLVl9LNVpvQUEtJmFmZmlsaWF0aW9uSWQ9OTY5Nzk3MTQmY29tSWQ9MTAwNDk1NTM3JmNvdW50cnk9bm8mb2ZmZXJJZD04ODExMDIzNmViMDY0YjFmYWViMThlNWUzYjlmMWVlOSZzZXJ2aWNlPTM3JnRva2VuSWQ9MzJmMzQzMTItZjIwMy00MDcwLTg2ODUtNTQyZmIxMjdiMTEwJndhaXQ9dHJ1ZSZhZGRlZFBhcmFtcz10cnVlJmN1c3RvbTE9NTEm HTTP/1.1
Host: shopde.pricedeals.shop
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shopde.pricedeals.shop/go.php?market=no&zr0e4c3df279e611ed996e0a1b3cd554bb3e4aa259b13b49ca9f6bc8b22e75ab5e069654269ec14bda57
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 12 Dec 2022 06:27:32 GMT
Server: Apache/2.4.54 (Debian)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 468
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
technicalatg.com/wp-content/litespeed/css/30007283006814aa733cf3dd395277d8.css?ver=06b3e
188.114.96.1200 OK 0 B URL HTTP/2 technicalatg.com/wp-content/litespeed/css/30007283006814aa733cf3dd395277d8.css?ver=06b3e
IP 188.114.96.1:0
GET /wp-content/litespeed/css/30007283006814aa733cf3dd395277d8.css?ver=06b3e HTTP/1.1
Host: technicalatg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/?go=869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSbVdkYkFkTTRqcVMybWc2WnhXRVBDaz0=
Cookie: _lscache_vary=ea31f36e8ff3d0f771e819272d135d37
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 12 Dec 2022 06:27:27 GMT
content-type: text/css
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=226970
expires: Tue, 12 Dec 2023 11:21:30 GMT
last-modified: Mon, 12 Dec 2022 05:21:29 GMT
vary: Accept-Encoding,User-Agent,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=92D590ev5wY6nLzUoetiZWEGqbgp4qcWJbUzOWJsAVcMfawq4oUgx7cJ4YYOQhfSTgDACLJuWli3kvYpRMG5cTIwHa46BsWCTPsulT2N24FmPscSMtbt%2BjB0PsVguRBNemhl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 778464f3be29b505-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
onclickperformance.com/ad/display.php?stamat=m%257C%252C8NjZ793OqB1dAN0dEdHP3xP.248%252CZMkKdRAQlkuDbgTABrav5PzkPQ5_heC032WtGHCgC4b9awuZEr_u0LUi_2kBMcEADAEPG5wvq70Qrq2Sslfxk0ehdy7MzSMJUqKohDOYjew%252C&cbpage=https://technicalatg.com/?go=869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSbVdkYkFkTTRqcVMybWc2WnhXRVBDaz0=&cbur=0.5358227788406204&cbtitle=2017%20Marketplace%20health%20insurance%20%26%20tax%20tips&cbiframe=0&cbWidth=1280&cbHeight=939&cbdescription=&cbkeywords=&cbref=
35.190.55.95200 OK 0 B URL HTTP/2 onclickperformance.com/ad/display.php?stamat=m%257C%252C8NjZ793OqB1dAN0dEdHP3xP.248%252CZMkKdRAQlkuDbgTABrav5PzkPQ5_heC032WtGHCgC4b9awuZEr_u0LUi_2kBMcEADAEPG5wvq70Qrq2Sslfxk0ehdy7MzSMJUqKohDOYjew%252C&cbpage=https://technicalatg.com/?go=869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSbVdkYkFkTTRqcVMybWc2WnhXRVBDaz0=&cbur=0.5358227788406204&cbtitle=2017%20Marketplace%20health%20insurance%20%26%20tax%20tips&cbiframe=0&cbWidth=1280&cbHeight=939&cbdescription=&cbkeywords=&cbref=
IP 35.190.55.95:0
GET /ad/display.php?stamat=m%257C%252C8NjZ793OqB1dAN0dEdHP3xP.248%252CZMkKdRAQlkuDbgTABrav5PzkPQ5_heC032WtGHCgC4b9awuZEr_u0LUi_2kBMcEADAEPG5wvq70Qrq2Sslfxk0ehdy7MzSMJUqKohDOYjew%252C&cbpage=https://technicalatg.com/?go=869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSbVdkYkFkTTRqcVMybWc2WnhXRVBDaz0=&cbur=0.5358227788406204&cbtitle=2017%20Marketplace%20health%20insurance%20%26%20tax%20tips&cbiframe=0&cbWidth=1280&cbHeight=939&cbdescription=&cbkeywords=&cbref= HTTP/1.1
Host: onclickperformance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 12 Dec 2022 06:27:28 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
link: <//onclickperformance.com>; rel=dns-prefetch,<//onclickperformance.com>; rel=preconnect,<//www.gaming-adult.com>; rel=dns-prefetch,<//www.gaming-adult.com>; rel=preconnect
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
files.technicalatg.com/cu1xLl1
188.114.97.1302 Found 0 B URL HTTP/2 files.technicalatg.com/cu1xLl1
IP 188.114.97.1:0
GET /cu1xLl1 HTTP/1.1
Host: files.technicalatg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Mon, 12 Dec 2022 06:27:24 GMT
content-type: text/html; charset=UTF-8
location: https://technicalatg.com/?go=869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSbVdkYkFkTTRqcVMybWc2WnhXRVBDaz0=
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
x-litespeed-cache: hit
vary: User-Agent,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i67I46TA0msMhQR7sleVErdirX71D51H4Wzp3HHEIV5Sw%2BOsEombGWWn74%2F2%2FL5e8wGX%2B7P8pEvLZHOdi%2B9rMLOsSfbgvvxEuwgqbeGtbieqEzc1UwttPUBbyCOF9geXY0NQTtX%2B4pqX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 778464daad88fac8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
stats.wp.com/e-202250.js
192.0.76.3200 OK 0 B IP 192.0.76.3:0
GET /e-202250.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://technicalatg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 12 Dec 2022 06:27:25 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"62f6b688-3508"
content-encoding: br
expires: Sun, 03 Dec 2023 23:16:56 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
crrepo.com/extban/316762620/creatives/23554622/63271d75be5297aca2c00d081a8429d7_7308.gif
104.21.235.113200 OK 0 B URL HTTP/2 crrepo.com/extban/316762620/creatives/23554622/63271d75be5297aca2c00d081a8429d7_7308.gif
IP 104.21.235.113:0
GET /extban/316762620/creatives/23554622/63271d75be5297aca2c00d081a8429d7_7308.gif HTTP/1.1
Host: crrepo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onclickperformance.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Dec 2022 06:27:26 GMT
content-type: image/gif
last-modified: Sat, 10 Dec 2022 08:46:46 GMT
etag: W/"63944776-a0ca"
via: 1.1 google
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ORqkV%2BZKQoHPJ5dSHdLlwg3V0ge%2F9YCGiAyTxmvn3Fs79wOq3BKKAkxOEQHKXkDM7ZVvp3wNSDYW9JiZWV%2FOsfZO1wY%2FPhjKf%2FXIepcWgA1KhK7DqCvHBG5d03B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 778464e8aa21dd43-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
technicalatg.com/?go=869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSbVdkYkFkTTRqcVMybWc2WnhXRVBDaz0=
188.114.96.1200 OK 0 B URL HTTP/2 technicalatg.com/?go=869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSbVdkYkFkTTRqcVMybWc2WnhXRVBDaz0=
IP 188.114.96.1:0
GET /?go=869997c18b5d1338fd7ca8282f437wApbsCadfEeFlgiHnikOHQyODAwYi9rOUFPeWFubzgvU2lSbVdkYkFkTTRqcVMybWc2WnhXRVBDaz0= HTTP/1.1
Host: technicalatg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _lscache_vary=ea31f36e8ff3d0f771e819272d135d37
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 12 Dec 2022 06:27:27 GMT
content-type: text/html; charset=UTF-8
x-dns-prefetch-control: on
link: <https://technicalatg.com/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: miss
vary: Accept-Encoding,User-Agent,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k3lwzzgyV%2BhUxOds4s0ww0sVK1MN12UlFhRDBnz0vfWBQ07j77Wr4Xtz6X5WeR0dRoqwcITxnbZ91Omy1VkVHO%2FaNsrZYhLVfgQRZJPeNFkOZ5l71moClEy9B3vh7tEo1fGG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 778464ed08c7b505-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2