1.bp.blogspot.com/-gbAZYb0kE5U/Xw3q0XeWCWI/AAAAAAAAAB0/T1vXi1_UhsMeDMUjOHugAocQqw150z6JgCLcBGAsYHQ/w256-h79/instagram-follow-button-png-1.webp
19 kB URL 1.bp.blogspot.com/-gbAZYb0kE5U/Xw3q0XeWCWI/AAAAAAAAAB0/T1vXi1_UhsMeDMUjOHugAocQqw150z6JgCLcBGAsYHQ/w256-h79/instagram-follow-button-png-1.webp
IP
File type PNG image data, 254 x 79, 8-bit/color RGBA, non-interlaced
- data
Hash aa995d3ba1c9a40a8320dcd26c8b9be5
b67bc92f0c4e054bd2822a1b9c71bf80ed1b1dac
ba7dc82126f5bbe7612c613695006bc3147e9a572f24842fe7855fa62e315dac
GET /-gbAZYb0kE5U/Xw3q0XeWCWI/AAAAAAAAAB0/T1vXi1_UhsMeDMUjOHugAocQqw150z6JgCLcBGAsYHQ/w256-h79/instagram-follow-button-png-1.webp HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="instagram-follow-button-png-1.png"
x-content-type-options: nosniff
server: fife
content-length: 19188
x-xss-protection: 0
date: Mon, 11 Dec 2023 18:01:26 GMT
expires: Tue, 12 Dec 2023 18:01:26 GMT
cache-control: public, max-age=86400, no-transform
age: 2765
etag: "v1f"
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-3GHVHYR6VY
86 kB URL www.googletagmanager.com/gtag/js?id=G-3GHVHYR6VY
IP
File type ASCII text, with very long lines (3034)
Hash 07db8186241db749f031c206520e2a71
52986ac9ee48a0c3cc03be7890a287fcd87efc12
3740ba66aa1259d3abf0483e2d5c4cc88164b4254467f7236df6bf33ab089f0b
GET /gtag/js?id=G-3GHVHYR6VY HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 11 Dec 2023 18:47:30 GMT
expires: Mon, 11 Dec 2023 18:47:30 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 85485
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-3GHVHYR6VY
86 kB URL www.googletagmanager.com/gtag/js?id=G-3GHVHYR6VY
IP
File type ASCII text, with very long lines (3034)
Hash 07b7a0e0032a7f80be63a01ee6d3d289
4f4c4ab39d5f11badddfe359614bfc5de3a3adbc
0fe937a079c0bd429638c970e830ab3019e9b712a205bdb24580c50854540da8
GET /gtag/js?id=G-3GHVHYR6VY HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 11 Dec 2023 18:47:31 GMT
expires: Mon, 11 Dec 2023 18:47:31 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 85485
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-BNv0onQY0TY/Xw3qkQBh8TI/AAAAAAAAABw/g2D9cEckO7w1uUw04a2Qa0VKmEMMgkPgQCLcBGAsYHQ/w256-h69/Free-Red-Subscribe-Button-By-AlfredoCreates.png
6.6 kB URL 1.bp.blogspot.com/-BNv0onQY0TY/Xw3qkQBh8TI/AAAAAAAAABw/g2D9cEckO7w1uUw04a2Qa0VKmEMMgkPgQCLcBGAsYHQ/w256-h69/Free-Red-Subscribe-Button-By-AlfredoCreates.png
IP
File type PNG image data, 256 x 69, 8-bit/color RGBA, non-interlaced
- data
Hash 766b063c9bcb7517eba966573dad6731
92ba25ea2f4a0fc5ab45759a92d221dd581f5d78
5ded9705c51fe1227affca2763b2f0828f5e2949a55880afabef195d09cb8f53
GET /-BNv0onQY0TY/Xw3qkQBh8TI/AAAAAAAAABw/g2D9cEckO7w1uUw04a2Qa0VKmEMMgkPgQCLcBGAsYHQ/w256-h69/Free-Red-Subscribe-Button-By-AlfredoCreates.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Free-Red-Subscribe-Button-By-AlfredoCreates.png"
x-content-type-options: nosniff
server: fife
content-length: 6551
x-xss-protection: 0
date: Mon, 11 Dec 2023 18:01:26 GMT
expires: Tue, 12 Dec 2023 18:01:26 GMT
cache-control: public, max-age=86400, no-transform
age: 2765
etag: "v1e"
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-ws4gyLpXM-w/X0y7QAUHTcI/AAAAAAAAAIk/Cyki215CabEQdYgjZBYn2BdHQmXTAadYACLcBGAsYHQ/w374-h94/Free-Red-Subscribe-Button-By-AlfredoCreates.png
6.6 kB URL 1.bp.blogspot.com/-ws4gyLpXM-w/X0y7QAUHTcI/AAAAAAAAAIk/Cyki215CabEQdYgjZBYn2BdHQmXTAadYACLcBGAsYHQ/w374-h94/Free-Red-Subscribe-Button-By-AlfredoCreates.png
IP
File type PNG image data, 256 x 69, 8-bit/color RGBA, non-interlaced
- data
Hash 9dc4ec357816561504c743bd69694f0b
a8cf3576c944fdeaa47a09061be69160b6e3d426
6f17e8d9da7d9c379fde16cb5a2586212df9a042005fc19afcd52a3b6404173f
GET /-ws4gyLpXM-w/X0y7QAUHTcI/AAAAAAAAAIk/Cyki215CabEQdYgjZBYn2BdHQmXTAadYACLcBGAsYHQ/w374-h94/Free-Red-Subscribe-Button-By-AlfredoCreates.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Free-Red-Subscribe-Button-By-AlfredoCreates.png"
x-content-type-options: nosniff
server: fife
content-length: 6603
x-xss-protection: 0
date: Mon, 11 Dec 2023 15:28:11 GMT
expires: Tue, 12 Dec 2023 15:28:11 GMT
cache-control: public, max-age=86400, no-transform
age: 11960
etag: "v8a"
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-Zk7YUJuCG8Q/Xw3SwgoIQ_I/AAAAAAAAAA8/s0-Hfqx7zPA-IwYuaAW-DdriexmpeYyIACLcBGAsYHQ/w375-h94/down.png
18 kB URL 1.bp.blogspot.com/-Zk7YUJuCG8Q/Xw3SwgoIQ_I/AAAAAAAAAA8/s0-Hfqx7zPA-IwYuaAW-DdriexmpeYyIACLcBGAsYHQ/w375-h94/down.png
IP
File type PNG image data, 300 x 77, 8-bit/color RGBA, non-interlaced
- data
Hash 164f5ca53cc47e84639652feefa5c6d6
2b2f4b343cec890156894d6e71b8269f52e4e4b5
04884e8e7b46eee88b68785445a2e93b828678daf8060dabc045ba75baf37b1c
GET /-Zk7YUJuCG8Q/Xw3SwgoIQ_I/AAAAAAAAAA8/s0-Hfqx7zPA-IwYuaAW-DdriexmpeYyIACLcBGAsYHQ/w375-h94/down.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="down.png"
x-content-type-options: nosniff
server: fife
content-length: 17769
x-xss-protection: 0
date: Mon, 11 Dec 2023 15:28:11 GMT
expires: Tue, 12 Dec 2023 15:28:11 GMT
cache-control: public, max-age=86400, no-transform
age: 11960
etag: "v10"
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.blogger.com/static/v1/jsbin/4235886812-comment_from_post_iframe.js
6.8 kB URL www.blogger.com/static/v1/jsbin/4235886812-comment_from_post_iframe.js
IP
File type ASCII text, with very long lines (2165)
Hash 49aad9405434d8887646881ecda8cf64
59bfe11a22024072043b6fc2562ce01b3d4b7344
d86e5bbbff2909f2cefcd5edbbb5b224660e76913e3872dc029758206955a8c6
GET /static/v1/jsbin/4235886812-comment_from_post_iframe.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6760
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 16:21:14 GMT
expires: Fri, 06 Dec 2024 16:21:14 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 07 Dec 2023 08:22:17 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 354377
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-JsSJTF8yyIo/Xw3px4PiloI/AAAAAAAAABg/LOvb3MxpDqg5fZ-tzCPLWNIcJkjGsiy4QCLcBGAsYHQ/w256-h82/unnamed%2B%25281%2529.png
7.9 kB URL 1.bp.blogspot.com/-JsSJTF8yyIo/Xw3px4PiloI/AAAAAAAAABg/LOvb3MxpDqg5fZ-tzCPLWNIcJkjGsiy4QCLcBGAsYHQ/w256-h82/unnamed%2B%25281%2529.png
IP
File type PNG image data, 256 x 82, 8-bit/color RGBA, non-interlaced
- data
Hash 0d2bef2400c525b2f5af570434e17de0
6624f02e2b812e27ed5724ae7657013f03865cee
34c36d6633500e271fc839139230d9b39b9966d989eb055267bd2da82e57fdb8
GET /-JsSJTF8yyIo/Xw3px4PiloI/AAAAAAAAABg/LOvb3MxpDqg5fZ-tzCPLWNIcJkjGsiy4QCLcBGAsYHQ/w256-h82/unnamed%2B%25281%2529.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed (1).png"
x-content-type-options: nosniff
server: fife
content-length: 7942
x-xss-protection: 0
date: Mon, 11 Dec 2023 18:47:31 GMT
expires: Tue, 12 Dec 2023 18:47:31 GMT
cache-control: public, max-age=86400, no-transform
etag: "v1a"
content-type: image/png
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
apis.google.com/js/platform.js
22 kB URL apis.google.com/js/platform.js
IP
File type ASCII text, with very long lines (2664)
Hash fd67324a3d81895bdf76b073089663b1
5abb1b0a36c645085e31830e6647faa790ad4e91
8eaa06f95fa0ac44c2c186f200874f2f3ebc3aaa92412f0d0c096f517d3581d1
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-length: 21930
date: Mon, 11 Dec 2023 18:47:31 GMT
expires: Mon, 11 Dec 2023 18:47:31 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "bccfddc1dce4fb76"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
set-cookie: NID=511=WdAKpF2z6ljEzo8hS30pZg-dLeKsSBU7mOkVymJzVWRaH_Cd2fuTV9d5QjI2OQysa_08pucuef_WcC5vcWmXeU3A2NdWWb6Oah-qf71W5YfVHcuvOiME2PMMy3uGiYikbpyZFCs_ma933fAhUuZ-qdMPeHkYVwG-Qx9qiTWqLZ4; expires=Tue, 11-Jun-2024 18:47:31 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.zohaibrock.xyz/2023/12/How-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html
130 kB URL www.zohaibrock.xyz/2023/12/How-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html
IP
File type HTML document text
- HTML document text
- HTML document text
- HTML document text
- HTML document text
- HTML document text
- HTML document text
- exported SGML document text
- exported SGML document, ASCII text, with very long lines (61415)
Size 130 kB (130341 bytes)
Hash 84a3ea3f178bf1d5394daa9badab33d5
4e2ba705bcb5d93ccba8e971f64ac4364243288d
7499b6e2e1ddc821d37a79ff9a3410791cc2a6f5c09df178f0ef3f963209a584
GET /2023/12/How-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html HTTP/1.1
Host: www.zohaibrock.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Mon, 11 Dec 2023 18:47:30 GMT
date: Mon, 11 Dec 2023 18:47:30 GMT
cache-control: private, max-age=0
last-modified: Mon, 11 Dec 2023 18:18:43 GMT
etag: W/"ae5850d1b1d5e5cbcc067a7cb691141b7af8d41ab2df8f2bc2c689ef3a27a7ad"
x-robots-tag: all,noodp
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 130341
server: GSE
X-Firefox-Spdy: h2
www.zohaibrock.xyz/feeds/posts/default/-/Fix%20High%20CPU%20Usage%20While%20Game%20On%20Pc?alt=json-in-script&callback=related_results_labels&max-results=6
12 kB URL www.zohaibrock.xyz/feeds/posts/default/-/Fix%20High%20CPU%20Usage%20While%20Game%20On%20Pc?alt=json-in-script&callback=related_results_labels&max-results=6
IP
File type Unicode text, UTF-8 text, with very long lines (65149)
Hash 7d898f8c86658c788540d219118755ae
176707fcedafc2465361143d41365cb49835b308
b8538f9bd96ebf5f3815bcd78057b294c375b522d0aa1278de8e67e823e93f0a
GET /feeds/posts/default/-/Fix%20High%20CPU%20Usage%20While%20Game%20On%20Pc?alt=json-in-script&callback=related_results_labels&max-results=6 HTTP/1.1
Host: www.zohaibrock.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/2023/12/How-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
etag: W/"6b034ee4e9bcc0de3aa8f7bd49eb65e1a2540fe6ca3d8a78bb9ae20ab0fa0f28"
date: Mon, 11 Dec 2023 18:47:31 GMT
content-type: text/javascript; charset=UTF-8
server: blogger-renderd
expires: Mon, 11 Dec 2023 18:47:32 GMT
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 18:18:43 GMT
content-encoding: gzip
content-length: 11810
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/3257101978-widgets.js
59 kB URL www.blogger.com/static/v1/widgets/3257101978-widgets.js
IP
File type ASCII text, with very long lines (2258)
Hash 9cc8dc0e6d0f57f11091cd51a13d42b1
d308834c5985e4914ebea6cba0e87454b44317d6
4d1b90c8b8826df2fa0d5cd23a4b1fba3fd769b7748e3905e7fa9e119d8525fa
GET /static/v1/widgets/3257101978-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 59300
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:54:58 GMT
expires: Fri, 06 Dec 2024 15:54:58 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 07 Dec 2023 02:07:04 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 355953
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.zohaibrock.xyz/js/cookienotice.js
2.0 kB URL www.zohaibrock.xyz/js/cookienotice.js
IP
Hash a705132a2174f88e196ec3610d68faa8
3bad57a48d973a678fec600d45933010f6edc659
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
GET /js/cookienotice.js HTTP/1.1
Host: www.zohaibrock.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/2023/12/How-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html
Cookie: _ga_3GHVHYR6VY=GS1.1.1702320451.1.0.1702320451.0.0.0; _ga=GA1.1.2146003360.1702320451
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2026
date: Mon, 11 Dec 2023 18:47:31 GMT
expires: Mon, 18 Dec 2023 18:47:31 GMT
cache-control: public, max-age=604800
last-modified: Mon, 11 Dec 2023 15:00:48 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
X-Firefox-Spdy: h2
citizenhid.com/67fabe4394723042780ecd8e7e085505/invoke.js
11 kB URL citizenhid.com/67fabe4394723042780ecd8e7e085505/invoke.js
IP
File type exported SGML document, ASCII text, with very long lines (29635), with no line terminators
Hash b639f4c3c83ddb2219220ddaae1f7d32
c324788b07f649a7b5a8085e091372a09e8ff648
dbe86931ae7ef00ff7436d8eb6e4ac65c9f5ed713d479f45e8d5252845996e30
GET /67fabe4394723042780ecd8e7e085505/invoke.js HTTP/1.1
Host: citizenhid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 11 Dec 2023 18:47:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a73cc2c04bd1e39de45d94002333c30b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.zohaibrock.xyz/feeds/posts/default/-/Fortnite%20Chapter%205?alt=json-in-script&callback=related_results_labels&max-results=6
15 kB URL www.zohaibrock.xyz/feeds/posts/default/-/Fortnite%20Chapter%205?alt=json-in-script&callback=related_results_labels&max-results=6
IP
File type Unicode text, UTF-8 text, with very long lines (65129)
Hash 33a9edbb553d27f107647cfdc1eede5a
a5ed056137c20779af307daa4771c0d04693f97e
773bfc739d42772f26925c4bba8d83a54ce1b24a238314e3b33d100df52d6c03
GET /feeds/posts/default/-/Fortnite%20Chapter%205?alt=json-in-script&callback=related_results_labels&max-results=6 HTTP/1.1
Host: www.zohaibrock.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/2023/12/How-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
etag: W/"0a71283aa578919ea5e400a3f46523479b78c923bc815e4ba4fcba9ee2ad5914"
date: Mon, 11 Dec 2023 18:47:31 GMT
content-type: text/javascript; charset=UTF-8
server: blogger-renderd
expires: Mon, 11 Dec 2023 18:47:32 GMT
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 18:18:43 GMT
content-encoding: gzip
content-length: 15068
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
www.zohaibrock.xyz/feeds/posts/default/-/Fortnite?alt=json-in-script&callback=related_results_labels&max-results=6
15 kB URL www.zohaibrock.xyz/feeds/posts/default/-/Fortnite?alt=json-in-script&callback=related_results_labels&max-results=6
IP
File type Unicode text, UTF-8 text, with very long lines (65129)
Hash f624fb6b44dc762aa5268414e85134ef
1d3174903cb8ead5fcdacd91f74547f50c90fa27
19d11140c34e4b843a57c7690c60486db29430fb8475d7ea1a5af72903157dd5
GET /feeds/posts/default/-/Fortnite?alt=json-in-script&callback=related_results_labels&max-results=6 HTTP/1.1
Host: www.zohaibrock.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/2023/12/How-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
etag: W/"24fa822bc2440d0c5ccbfcd794d64c77ddbd8e44ee8e6b2bd204f84021b5288f"
date: Mon, 11 Dec 2023 18:47:31 GMT
content-type: text/javascript; charset=UTF-8
server: blogger-renderd
expires: Mon, 11 Dec 2023 18:47:32 GMT
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 18:18:43 GMT
content-encoding: gzip
content-length: 15054
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
www.zohaibrock.xyz/feeds/posts/default/-/Fortnite%20Chapter%205%20Season%201?alt=json-in-script&callback=related_results_labels&max-results=6
15 kB URL www.zohaibrock.xyz/feeds/posts/default/-/Fortnite%20Chapter%205%20Season%201?alt=json-in-script&callback=related_results_labels&max-results=6
IP
File type Unicode text, UTF-8 text, with very long lines (65129)
Hash 93d7c4ee58e2e48424dfdf0ce17f3d38
f145787b0d1130e869abae802eb83ac839897e17
293c0d96d4623524d826ed79bb1b9c40bc63398e07b64b79e16ef9668fac74c9
GET /feeds/posts/default/-/Fortnite%20Chapter%205%20Season%201?alt=json-in-script&callback=related_results_labels&max-results=6 HTTP/1.1
Host: www.zohaibrock.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/2023/12/How-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
etag: W/"8ed1a1bceacbfe4ba5cdf0175ae94fb15893f115dc09e4ea0f930cdf669ba5e8"
date: Mon, 11 Dec 2023 18:47:31 GMT
content-type: text/javascript; charset=UTF-8
server: blogger-renderd
expires: Mon, 11 Dec 2023 18:47:32 GMT
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 18:18:43 GMT
content-encoding: gzip
content-length: 15080
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
www.zohaibrock.xyz/feeds/posts/default/-/Fix%20Low%20GPU%20Usage%20While%20Gaming%20on%20Pc?alt=json-in-script&callback=related_results_labels&max-results=6
15 kB URL www.zohaibrock.xyz/feeds/posts/default/-/Fix%20Low%20GPU%20Usage%20While%20Gaming%20on%20Pc?alt=json-in-script&callback=related_results_labels&max-results=6
IP
File type Unicode text, UTF-8 text, with very long lines (65149)
Hash e17141545a42c2c786a3c07337053630
d43591fdb118cd43de92bb797459328cea2325d8
347facb649d167e60c88050930fd14c1b774b8917f55959d7420117be7e7af24
GET /feeds/posts/default/-/Fix%20Low%20GPU%20Usage%20While%20Gaming%20on%20Pc?alt=json-in-script&callback=related_results_labels&max-results=6 HTTP/1.1
Host: www.zohaibrock.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/2023/12/How-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
etag: W/"77a7788f8b7580d10f1fd4125f0dfd78b581f475296bb089d34dccf8a6d16f58"
date: Mon, 11 Dec 2023 18:47:31 GMT
content-type: text/javascript; charset=UTF-8
server: blogger-renderd
expires: Mon, 11 Dec 2023 18:47:32 GMT
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 18:18:43 GMT
content-encoding: gzip
content-length: 15202
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
citizenhid.com/61380c1b9b6e770bd53bda0f357b2043/invoke.js
11 kB URL citizenhid.com/61380c1b9b6e770bd53bda0f357b2043/invoke.js
IP
File type exported SGML document, ASCII text, with very long lines (29644), with no line terminators
Hash 45e2fc9ff84ef6ba6fad8d0ec16dd7ce
e1e1383731a4d7b8a7a8cb9c5dcc55e15ad57e05
6ca4d5efbf89f3ae69442139dc06e92fd93682ebf7106ec3ee1310fc275308a3
GET /61380c1b9b6e770bd53bda0f357b2043/invoke.js HTTP/1.1
Host: citizenhid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 11 Dec 2023 18:47:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 64a373461539b1b24bf232fbb1f49648
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
proftrafficcounter.com/stats
40 B URL proftrafficcounter.com/stats
IP
File type ASCII text, with no line terminators
Hash 651cc5d32536905efe742435d243ee5b
aebf1bc83f27b08b11eff9fe15c5311e522d3724
5be97f8e210244d5587700aead79a7e838a2528eda936282bcd86d5d68d9ca8f
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.zohaibrock.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 11 Dec 2023 18:47:31 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.zohaibrock.xyz
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=31d4a924-e16f-469f-ba58-4fee764d29a2:2:1; expires=Thu, 08 Dec 2033 18:47:31 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
proftrafficcounter.com/stats
40 B URL proftrafficcounter.com/stats
IP
File type ASCII text, with no line terminators
Hash 960873be70ef2623a290dbd86fcdf497
e66581a53b7d5b08f5205a3c769075686a99708c
4b5434d9d1f81d932e7b288e8b1794d66039f2ac7bf9a7668208194dbc5ece82
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.zohaibrock.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 11 Dec 2023 18:47:31 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.zohaibrock.xyz
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=b5349094-cb07-4702-a86a-9cbe1f115c93:3:1; expires=Thu, 08 Dec 2033 18:47:31 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
4.bp.blogspot.com/-zxnrT9a3Ofw/XmRFpRDiP0I/AAAAAAAAG3M/tXY-lGS4Z1ktmizov2u8wR2hGrKRAgPpwCLcBGAsYHQ/s1600/loader_light.gif
5.3 kB URL 4.bp.blogspot.com/-zxnrT9a3Ofw/XmRFpRDiP0I/AAAAAAAAG3M/tXY-lGS4Z1ktmizov2u8wR2hGrKRAgPpwCLcBGAsYHQ/s1600/loader_light.gif
IP
File type GIF image data, version 89a, 40 x 40
- data
Hash 8fe366451f18a417d083ddfd9f5f7e2c
041c1e16013a5d8bcba78f059a358e99a8eb8b54
206c3d36392ab3f56b238f9cd3f0dd19f2b63e6f5d78255a7a82f13714b58994
GET /-zxnrT9a3Ofw/XmRFpRDiP0I/AAAAAAAAG3M/tXY-lGS4Z1ktmizov2u8wR2hGrKRAgPpwCLcBGAsYHQ/s1600/loader_light.gif HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="loader_light.gif"
x-content-type-options: nosniff
server: fife
content-length: 5316
x-xss-protection: 0
date: Mon, 11 Dec 2023 15:08:56 GMT
expires: Tue, 12 Dec 2023 15:08:56 GMT
cache-control: public, max-age=86400, no-transform
age: 13116
etag: "v1b75"
content-type: image/gif
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
citizenhid.com/4e73aa94115fd83602d8c483acd0b269/invoke.js
11 kB URL citizenhid.com/4e73aa94115fd83602d8c483acd0b269/invoke.js
IP
File type exported SGML document, ASCII text, with very long lines (29659), with no line terminators
Hash e56ce01d625fdbd6569f1a811432884e
9451924881de1f0a8de0f86bdcdf31f5a5b3cc27
ea08ce4ee6da60160eb32a7f3aabafe5d592ab2507ad3c3ac470c8655f6ea5d6
GET /4e73aa94115fd83602d8c483acd0b269/invoke.js HTTP/1.1
Host: citizenhid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 11 Dec 2023 18:47:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7b04c8818233a995ed89255125c1c450
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.youtube.com/s/player/dee96cfa/player_ias.vflset/en_US/embed.js
17 kB URL www.youtube.com/s/player/dee96cfa/player_ias.vflset/en_US/embed.js
IP
File type ASCII text, with very long lines (3391)
Hash df85dab4bd2c9e763cb34bac44efd4fb
86f3f89a1257552c84d57e443f48a86e5f2659e2
611d7644cd2a2c305f04d2cd594aeb6e4ae81d2776ef4955f923e913f99bc615
GET /s/player/dee96cfa/player_ias.vflset/en_US/embed.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/9WyMFNzTsYQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 16903
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 16:07:14 GMT
expires: Fri, 06 Dec 2024 16:07:14 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 06 Dec 2023 02:46:57 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 355218
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.youtube.com/s/player/dee96cfa/www-player.css
48 kB URL www.youtube.com/s/player/dee96cfa/www-player.css
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 845ee0ded13b742ad523443fddc5545f
577a5583a2cc9f7fbf229dbfffbecbe5439245f3
c8cf595211c3780ca984d79461caff6908401386ebb9894598ecadc396e22e1f
GET /s/player/dee96cfa/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/9WyMFNzTsYQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 48216
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 08 Dec 2023 11:47:54 GMT
expires: Sat, 07 Dec 2024 11:47:54 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 06 Dec 2023 02:46:57 GMT
content-type: text/css
vary: Accept-Encoding, Origin
age: 284378
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.youtube.com/s/player/dee96cfa/www-embed-player.vflset/www-embed-player.js
99 kB URL www.youtube.com/s/player/dee96cfa/www-embed-player.vflset/www-embed-player.js
IP
File type ASCII text, with very long lines (682)
Hash 1ec56351518b48128e4142b179f11741
3825a262c5751358078c8150ad125abed66a6d10
749b479a8548e5751006d04e185368e48db0d7ceac3ba359d25db43fd6c24089
GET /s/player/dee96cfa/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/9WyMFNzTsYQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 98658
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:56:02 GMT
expires: Fri, 06 Dec 2024 15:56:02 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 06 Dec 2023 02:46:57 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 355890
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
citizenhid.com/4e73aa94115fd83602d8c483acd0b269/invoke.js
11 kB URL citizenhid.com/4e73aa94115fd83602d8c483acd0b269/invoke.js
IP
File type exported SGML document, ASCII text, with very long lines (29656), with no line terminators
Hash d26d430f8527b50ac03a862e4a8d87ba
cc94bd629826e7830e235e7e6053e549dc659043
4f279b277e74d7ca52bf638a77af3190d248cc86a8e3504db977e8884a68f6d6
GET /4e73aa94115fd83602d8c483acd0b269/invoke.js HTTP/1.1
Host: citizenhid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 11 Dec 2023 18:47:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5ad928e63e4fabd083efd1e2b8850975
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.uyg6a5my6is.es5.O/am=AAZSAw/d=1/excm=_b,_tp,commentformiframeview/ed=1/dg=0/wt=2/ujg=1/rs=AEy-KP2lVzfHvXFMOUwukVGNDr97Qu2LtA/m=_b,_tp
64 kB URL www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.uyg6a5my6is.es5.O/am=AAZSAw/d=1/excm=_b,_tp,commentformiframeview/ed=1/dg=0/wt=2/ujg=1/rs=AEy-KP2lVzfHvXFMOUwukVGNDr97Qu2LtA/m=_b,_tp
IP
File type ASCII text, with very long lines (2652)
Hash 51b7606bc106dcce8d353c830bf5b64f
ea4dc193ef5485a0dfcde66fd45bb33a0356bde1
ae18a03d6d1a9a12eb1f9c63473f965f0c1f40867eeab9e1428d9730abb85ab7
GET /_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.uyg6a5my6is.es5.O/am=AAZSAw/d=1/excm=_b,_tp,commentformiframeview/ed=1/dg=0/wt=2/ujg=1/rs=AEy-KP2lVzfHvXFMOUwukVGNDr97Qu2LtA/m=_b,_tp HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-length: 64341
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 11 Dec 2023 03:35:30 GMT
expires: Tue, 10 Dec 2024 03:35:30 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Sat, 09 Dec 2023 05:11:48 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 54722
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.youtube.com/s/player/dee96cfa/player_ias.vflset/en_US/base.js
785 kB URL www.youtube.com/s/player/dee96cfa/player_ias.vflset/en_US/base.js
IP
File type ASCII text, with very long lines (555)
Size 785 kB (785445 bytes)
Hash 9459127d7e5023c6be7247a7ad4c0dfa
a1dff52b1aaaf8e7796b9d656a3cb6547ab0d3c0
3ff5693fee0b60651698141bd74761199a493fb834c1ceba6ceeb21d510de528
GET /s/player/dee96cfa/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/9WyMFNzTsYQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-encoding: gzip
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 785445
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 16:04:15 GMT
expires: Fri, 06 Dec 2024 16:04:15 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 06 Dec 2023 02:46:57 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 355397
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
crossroadoutlaw.com/c2/1b/6f/c21b6fd0ed1f791e7d6457ae875a9947.js
15 kB URL crossroadoutlaw.com/c2/1b/6f/c21b6fd0ed1f791e7d6457ae875a9947.js
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (42232), with no line terminators
Hash 2a7cafaef142dc08c3dd6dac32436bd7
20236c12317c9cf68442338b8c59ca147399fba7
63c883a1d3874dffa1840ba186ad97aa398ac79728088d08f1dd21c1e1076d80
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /c2/1b/6f/c21b6fd0ed1f791e7d6457ae875a9947.js HTTP/1.1
Host: crossroadoutlaw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 11 Dec 2023 18:47:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e6bc59874ba02cd6902bcd8968fd6674
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
15 kB URL fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0
- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:54:46 GMT
expires: Fri, 06 Dec 2024 15:54:46 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 355966
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
16 kB URL fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0
- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:43:10 GMT
expires: Fri, 06 Dec 2024 15:43:10 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 356662
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
flakesaridphysical.com/67/20/b8/6720b8de13d657c1586dd4acc4442198.js
24 kB URL flakesaridphysical.com/67/20/b8/6720b8de13d657c1586dd4acc4442198.js
IP
File type ASCII text, with very long lines (59901)
Hash a210c94af9d4e9ad39f0c350211769f9
a3a7717f1c0187ad1ac37babd461617e2077917a
a493589fb4495e70c73f223316b536ad976cdd1174ef7d74fbc33ed98a49b01e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /67/20/b8/6720b8de13d657c1586dd4acc4442198.js HTTP/1.1
Host: flakesaridphysical.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 11 Dec 2023 18:47:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_cf-2870_0=1; expires=Wed, 13 Dec 2023 20:47:32 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2cc70c428b917e00b1dea0f704897a34
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
citizenhid.com/c23427b20a346ded2d6bc6fd35076f0d/invoke.js
11 kB URL citizenhid.com/c23427b20a346ded2d6bc6fd35076f0d/invoke.js
IP
File type exported SGML document, ASCII text, with very long lines (29619), with no line terminators
Hash a31625a3f394ae287e6ebda61e93eb69
334e12ccf3324e1f2fa23795e02440f06f7ed504
7c409857974485285847bf4befd6ec22d2cd5c2751c7fa9cb2bae02d053d948d
GET /c23427b20a346ded2d6bc6fd35076f0d/invoke.js HTTP/1.1
Host: citizenhid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 11 Dec 2023 18:47:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1c2e1e7e858cdb430d5abacd9060b730
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
flakesaridphysical.com/watch.99835098537.js?key=61380c1b9b6e770bd53bda0f357b2043&kw=%5B%22how%22%2C%22to%22%2C%22fix%22%2C%22low%22%2C%22gpu%22%2C%22usage%22%2C%22and%22%2C%22high%22%2C%22cpu%22%2C%22usage%22%2C%22in%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22more%22%2C%22fps%22%2C%22fix%22%2C%22freezing%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FHow-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html&tz=0&dev=e&res=14.3095&uuid=b5349094-cb07-4702-a86a-9cbe1f115c93%3A3%3A1
0 B URL flakesaridphysical.com/watch.99835098537.js?key=61380c1b9b6e770bd53bda0f357b2043&kw=%5B%22how%22%2C%22to%22%2C%22fix%22%2C%22low%22%2C%22gpu%22%2C%22usage%22%2C%22and%22%2C%22high%22%2C%22cpu%22%2C%22usage%22%2C%22in%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22more%22%2C%22fps%22%2C%22fix%22%2C%22freezing%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FHow-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html&tz=0&dev=e&res=14.3095&uuid=b5349094-cb07-4702-a86a-9cbe1f115c93%3A3%3A1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.99835098537.js?key=61380c1b9b6e770bd53bda0f357b2043&kw=%5B%22how%22%2C%22to%22%2C%22fix%22%2C%22low%22%2C%22gpu%22%2C%22usage%22%2C%22and%22%2C%22high%22%2C%22cpu%22%2C%22usage%22%2C%22in%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22more%22%2C%22fps%22%2C%22fix%22%2C%22freezing%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FHow-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html&tz=0&dev=e&res=14.3095&uuid=b5349094-cb07-4702-a86a-9cbe1f115c93%3A3%3A1 HTTP/1.1
Host: flakesaridphysical.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.zohaibrock.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Mon, 11 Dec 2023 18:47:32 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.zohaibrock.xyz
Access-Control-Allow-Origin: https://www.zohaibrock.xyz
Access-Control-Allow-Credentials: true
Location: https://flakesaridphysical.com/watch.99835098537.js?key=61380c1b9b6e770bd53bda0f357b2043&kw=%5B%22how%22%2C%22to%22%2C%22fix%22%2C%22low%22%2C%22gpu%22%2C%22usage%22%2C%22and%22%2C%22high%22%2C%22cpu%22%2C%22usage%22%2C%22in%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22more%22%2C%22fps%22%2C%22fix%22%2C%22freezing%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FHow-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html&tz=0&dev=e&res=14.3095&uuid=b5349094-cb07-4702-a86a-9cbe1f115c93%3A3%3A1&shu=05d8bb332c43e9223175fc3bec327bef9b54c5a601af89c2dd566f777e470325f57b1ac612c15c5b6e96af3c72b9e487618887ebafaa0f1cbb0b7d6edf6f87d96411274a44060036e52b3d2ab0c659dc04d1e7a8cc58564ffd5e6c8c3bc84a&pst=1702320512&rmtc=t
Set-Cookie: u_pl=17433649; expires=Tue, 12 Dec 2023 18:47:32 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzQzMzY0OSwiayI6IjYxMzgwYzFiOWI2ZTc3MGJkNTNiZGEwZjM1N2IyMDQzIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTExMjY3LCJwaWQiOjQ5NzQ5NSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyMywicHQiOjQsInBrIjoidmVoZndlNXd4IiwiY3BrcyI6eyIyOCI6IjY3MjBiOGRlMTNkNjU3YzE1ODZkZDRhY2M0NDQyMTk4In0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy56b2hhaWJyb2NrLnh5ei8yMDIzLzEyL0hvdy1Uby1GSVgtTG93LUdQVS1Vc2FnZS1hbmQtSGlnaC1DUFUtVXNhZ2UtaW4tRm9ydG5pdGUtQ2hhcHRlci01LVNlYXNvbi0xLmh0bWwiLCJhciI6W119fQ.U85Y8tjv-5ilmafSEH9AvLfMnedB_c3F8Kz9SF9NGMA; expires=Mon, 11 Dec 2023 18:48:32 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 101b8aff563dbacd215265b361d78e02
Strict-Transport-Security: max-age=0; includeSubdomains
crossroadoutlaw.com/watch.530270883568.js?key=67fabe4394723042780ecd8e7e085505&kw=%5B%22how%22%2C%22to%22%2C%22fix%22%2C%22low%22%2C%22gpu%22%2C%22usage%22%2C%22and%22%2C%22high%22%2C%22cpu%22%2C%22usage%22%2C%22in%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22more%22%2C%22fps%22%2C%22fix%22%2C%22freezing%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FHow-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html&tz=0&dev=e&res=14.3095&uuid=31d4a924-e16f-469f-ba58-4fee764d29a2%3A2%3A1
0 B URL crossroadoutlaw.com/watch.530270883568.js?key=67fabe4394723042780ecd8e7e085505&kw=%5B%22how%22%2C%22to%22%2C%22fix%22%2C%22low%22%2C%22gpu%22%2C%22usage%22%2C%22and%22%2C%22high%22%2C%22cpu%22%2C%22usage%22%2C%22in%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22more%22%2C%22fps%22%2C%22fix%22%2C%22freezing%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FHow-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html&tz=0&dev=e&res=14.3095&uuid=31d4a924-e16f-469f-ba58-4fee764d29a2%3A2%3A1
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.530270883568.js?key=67fabe4394723042780ecd8e7e085505&kw=%5B%22how%22%2C%22to%22%2C%22fix%22%2C%22low%22%2C%22gpu%22%2C%22usage%22%2C%22and%22%2C%22high%22%2C%22cpu%22%2C%22usage%22%2C%22in%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22more%22%2C%22fps%22%2C%22fix%22%2C%22freezing%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FHow-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html&tz=0&dev=e&res=14.3095&uuid=31d4a924-e16f-469f-ba58-4fee764d29a2%3A2%3A1 HTTP/1.1
Host: crossroadoutlaw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.zohaibrock.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Mon, 11 Dec 2023 18:47:32 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.zohaibrock.xyz
Access-Control-Allow-Origin: https://www.zohaibrock.xyz
Access-Control-Allow-Credentials: true
Location: https://crossroadoutlaw.com/watch.530270883568.js?key=67fabe4394723042780ecd8e7e085505&kw=%5B%22how%22%2C%22to%22%2C%22fix%22%2C%22low%22%2C%22gpu%22%2C%22usage%22%2C%22and%22%2C%22high%22%2C%22cpu%22%2C%22usage%22%2C%22in%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22more%22%2C%22fps%22%2C%22fix%22%2C%22freezing%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FHow-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html&tz=0&dev=e&res=14.3095&uuid=31d4a924-e16f-469f-ba58-4fee764d29a2%3A2%3A1&shu=43a7e3fb5a7bd830f47c8498357a68d4ed32d50cf38903d83894c901cd32c39ca72ac0a6e517011f3fd1a5e0923a5d3a7e3c0bfbc4fae93f5390fbfcfcf715dab7bbad672b50f06c9e0d79ec66a849a0c38222&pst=1702320512&rmtc=t
Set-Cookie: u_pl=17433673; expires=Tue, 12 Dec 2023 18:47:32 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzQzMzY3MywiayI6IjY3ZmFiZTQzOTQ3MjMwNDI3ODBlY2Q4ZTdlMDg1NTA1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTExMjY3LCJwaWQiOjQ5NzQ5NSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjozMiwicHQiOjQsInBrIjoiYnhuNXp0M3FzIiwiY3BrcyI6eyIyOSI6ImMyMWI2ZmQwZWQxZjc5MWU3ZDY0NTdhZTg3NWE5OTQ3In0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy56b2hhaWJyb2NrLnh5ei8yMDIzLzEyL0hvdy1Uby1GSVgtTG93LUdQVS1Vc2FnZS1hbmQtSGlnaC1DUFUtVXNhZ2UtaW4tRm9ydG5pdGUtQ2hhcHRlci01LVNlYXNvbi0xLmh0bWwiLCJhciI6W119fQ.8AzEuolXibibrfxPmdnCap8UI7EyjZfGsYQOotUgxGA; expires=Mon, 11 Dec 2023 18:48:32 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 722fc9516cfdde613c34aaf150f74320
Strict-Transport-Security: max-age=0; includeSubdomains
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.uyg6a5my6is.es5.O/ck=boq-blogger.BloggerCommentUi.QTL7-Q5DAm4.L.F4.O/am=AAZSAw/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,WO9ee,XVMNvd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,duFQFc,e5qFLc,eD1YLc,fKUV3e,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP3_vTUGLW3IEaIn6QeM3xMX51OcSA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:duFQFc/m=VXdfxd,fgib1c,YwHGTd,pxq3x
27 kB URL www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.uyg6a5my6is.es5.O/ck=boq-blogger.BloggerCommentUi.QTL7-Q5DAm4.L.F4.O/am=AAZSAw/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,WO9ee,XVMNvd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,duFQFc,e5qFLc,eD1YLc,fKUV3e,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP3_vTUGLW3IEaIn6QeM3xMX51OcSA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:duFQFc/m=VXdfxd,fgib1c,YwHGTd,pxq3x
IP
File type ASCII text, with very long lines (1127)
Hash 642d30513168c5cf93b2829a0ee3e442
f34700311b22d978b38774aea8cc9cac2bd42250
b1c368058ad2f3ec101571d87c39691f6875ad06641cf90f0544c91fe875aefc
GET /_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.uyg6a5my6is.es5.O/ck=boq-blogger.BloggerCommentUi.QTL7-Q5DAm4.L.F4.O/am=AAZSAw/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,WO9ee,XVMNvd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,duFQFc,e5qFLc,eD1YLc,fKUV3e,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP3_vTUGLW3IEaIn6QeM3xMX51OcSA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:duFQFc/m=VXdfxd,fgib1c,YwHGTd,pxq3x HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-length: 26802
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 11 Dec 2023 03:37:27 GMT
expires: Tue, 10 Dec 2024 03:37:27 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Sat, 09 Dec 2023 01:11:14 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 54605
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.uyg6a5my6is.es5.O/ck=boq-blogger.BloggerCommentUi.QTL7-Q5DAm4.L.F4.O/am=AAZSAw/d=1/exm=_b,_tp/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP3_vTUGLW3IEaIn6QeM3xMX51OcSA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:duFQFc/m=ws9Tlc,n73qwf,UUJqVe,IZT63,e5qFLc,vfuNJf,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,WO9ee,eD1YLc,gZjhIf,O6y8ed,MpJwZc,PrPYRd,LEikZe,NwH0H,OmgaI,lazG7b,XVMNvd,L1AAkb,KUM7Z,Mlhmy,duFQFc,hc6Ubd,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,SpsfSb,EFQ78c,Ulmmrd,ZfAoz,mdR7q,wmnU7d,xQtZb,Z5uLle,JNoxi,kWgXee,MI6k7c,kjKdXe,BVgquf,ovKuLd,hKSk3e,MdUzUe,yDVVkb,zbML3c,KG2eXe,zr1jrb,VwDzFe,Uas9Hd,A7fCU,pjICDe
103 kB URL www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.uyg6a5my6is.es5.O/ck=boq-blogger.BloggerCommentUi.QTL7-Q5DAm4.L.F4.O/am=AAZSAw/d=1/exm=_b,_tp/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP3_vTUGLW3IEaIn6QeM3xMX51OcSA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:duFQFc/m=ws9Tlc,n73qwf,UUJqVe,IZT63,e5qFLc,vfuNJf,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,WO9ee,eD1YLc,gZjhIf,O6y8ed,MpJwZc,PrPYRd,LEikZe,NwH0H,OmgaI,lazG7b,XVMNvd,L1AAkb,KUM7Z,Mlhmy,duFQFc,hc6Ubd,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,SpsfSb,EFQ78c,Ulmmrd,ZfAoz,mdR7q,wmnU7d,xQtZb,Z5uLle,JNoxi,kWgXee,MI6k7c,kjKdXe,BVgquf,ovKuLd,hKSk3e,MdUzUe,yDVVkb,zbML3c,KG2eXe,zr1jrb,VwDzFe,Uas9Hd,A7fCU,pjICDe
IP
File type ASCII text, with very long lines (9718)
Size 103 kB (103175 bytes)
Hash 0c96eccdda5e5603a1e523cfbe390c42
2c476e59c04494c80e0c08af08cb803118b69ade
541f727e8455f62066c89cde43eb1062d5247dc606b46571feaf5735bd623c0b
GET /_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.uyg6a5my6is.es5.O/ck=boq-blogger.BloggerCommentUi.QTL7-Q5DAm4.L.F4.O/am=AAZSAw/d=1/exm=_b,_tp/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP3_vTUGLW3IEaIn6QeM3xMX51OcSA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:duFQFc/m=ws9Tlc,n73qwf,UUJqVe,IZT63,e5qFLc,vfuNJf,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,WO9ee,eD1YLc,gZjhIf,O6y8ed,MpJwZc,PrPYRd,LEikZe,NwH0H,OmgaI,lazG7b,XVMNvd,L1AAkb,KUM7Z,Mlhmy,duFQFc,hc6Ubd,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,SpsfSb,EFQ78c,Ulmmrd,ZfAoz,mdR7q,wmnU7d,xQtZb,Z5uLle,JNoxi,kWgXee,MI6k7c,kjKdXe,BVgquf,ovKuLd,hKSk3e,MdUzUe,yDVVkb,zbML3c,KG2eXe,zr1jrb,VwDzFe,Uas9Hd,A7fCU,pjICDe HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-length: 103175
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 11 Dec 2023 03:37:27 GMT
expires: Tue, 10 Dec 2024 03:37:27 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Sat, 09 Dec 2023 01:11:14 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 54605
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.uyg6a5my6is.es5.O/ck=boq-blogger.BloggerCommentUi.QTL7-Q5DAm4.L.F4.O/am=AAZSAw/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,duFQFc,e5qFLc,eD1YLc,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP3_vTUGLW3IEaIn6QeM3xMX51OcSA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:duFQFc/m=RqjULd
6.4 kB URL www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.uyg6a5my6is.es5.O/ck=boq-blogger.BloggerCommentUi.QTL7-Q5DAm4.L.F4.O/am=AAZSAw/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,duFQFc,e5qFLc,eD1YLc,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP3_vTUGLW3IEaIn6QeM3xMX51OcSA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:duFQFc/m=RqjULd
IP
File type ASCII text, with very long lines (2956)
Hash 01ff8d56c833162404e7b931f192ed1b
0a1d46b7c8929f7b35686de0163bd52065daf654
5429904bf112bfccd27a9059188974d95aec1df1ecff9e44e8d454dd9bab14de
GET /_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.uyg6a5my6is.es5.O/ck=boq-blogger.BloggerCommentUi.QTL7-Q5DAm4.L.F4.O/am=AAZSAw/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,duFQFc,e5qFLc,eD1YLc,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP3_vTUGLW3IEaIn6QeM3xMX51OcSA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:duFQFc/m=RqjULd HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-length: 6381
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 11 Dec 2023 03:37:28 GMT
expires: Tue, 10 Dec 2024 03:37:28 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Sat, 09 Dec 2023 01:11:14 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 54604
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.uyg6a5my6is.es5.O/ck=boq-blogger.BloggerCommentUi.QTL7-Q5DAm4.L.F4.O/am=AAZSAw/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,RqjULd,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,duFQFc,e5qFLc,eD1YLc,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP3_vTUGLW3IEaIn6QeM3xMX51OcSA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:duFQFc/m=bm51tf
751 B URL www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.uyg6a5my6is.es5.O/ck=boq-blogger.BloggerCommentUi.QTL7-Q5DAm4.L.F4.O/am=AAZSAw/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,RqjULd,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,duFQFc,e5qFLc,eD1YLc,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP3_vTUGLW3IEaIn6QeM3xMX51OcSA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:duFQFc/m=bm51tf
IP
File type ASCII text, with very long lines (752)
Hash c280ea9f8d4db3fcf160b9dda3151b71
b0567f79f77bd518d13853ba9aab18586859962c
7d8c1b3fbefb1def71582684b1adc8d47cd78f8398e94a35a7594b30955aa089
GET /_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.uyg6a5my6is.es5.O/ck=boq-blogger.BloggerCommentUi.QTL7-Q5DAm4.L.F4.O/am=AAZSAw/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,RqjULd,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,duFQFc,e5qFLc,eD1YLc,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP3_vTUGLW3IEaIn6QeM3xMX51OcSA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:duFQFc/m=bm51tf HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-length: 751
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 11 Dec 2023 03:37:28 GMT
expires: Tue, 10 Dec 2024 03:37:28 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Sat, 09 Dec 2023 01:11:14 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 54604
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
citizenhid.com/26b16bcbe062b96020cea73b7d3a66c9/invoke.js
11 kB URL citizenhid.com/26b16bcbe062b96020cea73b7d3a66c9/invoke.js
IP
File type exported SGML document, ASCII text, with very long lines (29610), with no line terminators
Hash 268d6fa014028b1a7b71441a1debe2a9
a5f8248503289365b27896f8360b66f93de6e808
2493a02f7653aa166d1367b74608898954e9f2fa02d4d3c785f0de08a6749df3
GET /26b16bcbe062b96020cea73b7d3a66c9/invoke.js HTTP/1.1
Host: citizenhid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 11 Dec 2023 18:47:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: de9fc478f5ddd6c9e5f794b1dd86f046
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
regioninaudibleafforded.com/watch.693486854456.js?key=4e73aa94115fd83602d8c483acd0b269&kw=%5B%22how%22%2C%22to%22%2C%22fix%22%2C%22low%22%2C%22gpu%22%2C%22usage%22%2C%22and%22%2C%22high%22%2C%22cpu%22%2C%22usage%22%2C%22in%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22more%22%2C%22fps%22%2C%22fix%22%2C%22freezing%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FHow-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html&tz=0&dev=e&res=14.3095&uuid=b5349094-cb07-4702-a86a-9cbe1f115c93%3A3%3A1
0 B URL regioninaudibleafforded.com/watch.693486854456.js?key=4e73aa94115fd83602d8c483acd0b269&kw=%5B%22how%22%2C%22to%22%2C%22fix%22%2C%22low%22%2C%22gpu%22%2C%22usage%22%2C%22and%22%2C%22high%22%2C%22cpu%22%2C%22usage%22%2C%22in%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22more%22%2C%22fps%22%2C%22fix%22%2C%22freezing%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FHow-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html&tz=0&dev=e&res=14.3095&uuid=b5349094-cb07-4702-a86a-9cbe1f115c93%3A3%3A1
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch.693486854456.js?key=4e73aa94115fd83602d8c483acd0b269&kw=%5B%22how%22%2C%22to%22%2C%22fix%22%2C%22low%22%2C%22gpu%22%2C%22usage%22%2C%22and%22%2C%22high%22%2C%22cpu%22%2C%22usage%22%2C%22in%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22more%22%2C%22fps%22%2C%22fix%22%2C%22freezing%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FHow-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html&tz=0&dev=e&res=14.3095&uuid=b5349094-cb07-4702-a86a-9cbe1f115c93%3A3%3A1 HTTP/1.1
Host: regioninaudibleafforded.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.zohaibrock.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Mon, 11 Dec 2023 18:47:32 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.zohaibrock.xyz
Access-Control-Allow-Origin: https://www.zohaibrock.xyz
Access-Control-Allow-Credentials: true
Location: https://regioninaudibleafforded.com/watch.693486854456.js?key=4e73aa94115fd83602d8c483acd0b269&kw=%5B%22how%22%2C%22to%22%2C%22fix%22%2C%22low%22%2C%22gpu%22%2C%22usage%22%2C%22and%22%2C%22high%22%2C%22cpu%22%2C%22usage%22%2C%22in%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22more%22%2C%22fps%22%2C%22fix%22%2C%22freezing%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FHow-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html&tz=0&dev=e&res=14.3095&uuid=b5349094-cb07-4702-a86a-9cbe1f115c93%3A3%3A1&shu=18f8975ffa36de35cff059b8a43035aa6b12057203ba0a0adff90bb7eb41e597dadc2520dee1a2cc55dde64d010a06f3ccad2a879f8004de328e74435391f1f5ad0586d83d3c8ec5e9e7559e3b0f0a658369d9a3708b0f04d15040d9e7fa63&pst=1702320512&rmtc=t
Set-Cookie: u_pl=17433661; expires=Tue, 12 Dec 2023 18:47:32 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzQzMzY2MSwiayI6IjRlNzNhYTk0MTE1ZmQ4MzYwMmQ4YzQ4M2FjZDBiMjY5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTExMjY3LCJwaWQiOjQ5NzQ5NSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJhN2VnbnplYTYiLCJjcGtzIjp7IjI4IjoiZDdkYzQ3ZjIyOWY2YzUwYTc3YzNjMmE3YTM5YzQ5ODMifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LnpvaGFpYnJvY2sueHl6LzIwMjMvMTIvSG93LVRvLUZJWC1Mb3ctR1BVLVVzYWdlLWFuZC1IaWdoLUNQVS1Vc2FnZS1pbi1Gb3J0bml0ZS1DaGFwdGVyLTUtU2Vhc29uLTEuaHRtbCIsImFyIjpbXX19.HxaxHoMz_X8CGneEtjfUx3vE3iu1rDu88F06zlpu-zE; expires=Mon, 11 Dec 2023 18:48:32 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e8a852ec369d866fa4a157e5f65364be
Strict-Transport-Security: max-age=0; includeSubdomains
crossroadoutlaw.com/watch.530270883568.js?key=67fabe4394723042780ecd8e7e085505&kw=%5B%22how%22%2C%22to%22%2C%22fix%22%2C%22low%22%2C%22gpu%22%2C%22usage%22%2C%22and%22%2C%22high%22%2C%22cpu%22%2C%22usage%22%2C%22in%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22more%22%2C%22fps%22%2C%22fix%22%2C%22freezing%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FHow-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html&tz=0&dev=e&res=14.3095&uuid=31d4a924-e16f-469f-ba58-4fee764d29a2%3A2%3A1&shu=43a7e3fb5a7bd830f47c8498357a68d4ed32d50cf38903d83894c901cd32c39ca72ac0a6e517011f3fd1a5e0923a5d3a7e3c0bfbc4fae93f5390fbfcfcf715dab7bbad672b50f06c9e0d79ec66a849a0c38222&pst=1702320512&rmtc=t
2.1 kB URL crossroadoutlaw.com/watch.530270883568.js?key=67fabe4394723042780ecd8e7e085505&kw=%5B%22how%22%2C%22to%22%2C%22fix%22%2C%22low%22%2C%22gpu%22%2C%22usage%22%2C%22and%22%2C%22high%22%2C%22cpu%22%2C%22usage%22%2C%22in%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22more%22%2C%22fps%22%2C%22fix%22%2C%22freezing%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FHow-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html&tz=0&dev=e&res=14.3095&uuid=31d4a924-e16f-469f-ba58-4fee764d29a2%3A2%3A1&shu=43a7e3fb5a7bd830f47c8498357a68d4ed32d50cf38903d83894c901cd32c39ca72ac0a6e517011f3fd1a5e0923a5d3a7e3c0bfbc4fae93f5390fbfcfcf715dab7bbad672b50f06c9e0d79ec66a849a0c38222&pst=1702320512&rmtc=t
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (2549)
Hash 12f605c941a631fc5fe9afa8d289b1e2
f55fe83176817a0aa97b21f91e61bdf8bcf6f4c9
a3585c9d3d6b234f4dd1caaf1169c556f117eea193f0f854544feb4c148e8bea
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.530270883568.js?key=67fabe4394723042780ecd8e7e085505&kw=%5B%22how%22%2C%22to%22%2C%22fix%22%2C%22low%22%2C%22gpu%22%2C%22usage%22%2C%22and%22%2C%22high%22%2C%22cpu%22%2C%22usage%22%2C%22in%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22more%22%2C%22fps%22%2C%22fix%22%2C%22freezing%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FHow-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html&tz=0&dev=e&res=14.3095&uuid=31d4a924-e16f-469f-ba58-4fee764d29a2%3A2%3A1&shu=43a7e3fb5a7bd830f47c8498357a68d4ed32d50cf38903d83894c901cd32c39ca72ac0a6e517011f3fd1a5e0923a5d3a7e3c0bfbc4fae93f5390fbfcfcf715dab7bbad672b50f06c9e0d79ec66a849a0c38222&pst=1702320512&rmtc=t HTTP/1.1
Host: crossroadoutlaw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.zohaibrock.xyz
Referer: https://www.zohaibrock.xyz/
DNT: 1
Connection: keep-alive
Cookie: u_pl=17433673; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzQzMzY3MywiayI6IjY3ZmFiZTQzOTQ3MjMwNDI3ODBlY2Q4ZTdlMDg1NTA1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTExMjY3LCJwaWQiOjQ5NzQ5NSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjozMiwicHQiOjQsInBrIjoiYnhuNXp0M3FzIiwiY3BrcyI6eyIyOSI6ImMyMWI2ZmQwZWQxZjc5MWU3ZDY0NTdhZTg3NWE5OTQ3In0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy56b2hhaWJyb2NrLnh5ei8yMDIzLzEyL0hvdy1Uby1GSVgtTG93LUdQVS1Vc2FnZS1hbmQtSGlnaC1DUFUtVXNhZ2UtaW4tRm9ydG5pdGUtQ2hhcHRlci01LVNlYXNvbi0xLmh0bWwiLCJhciI6W119fQ.8AzEuolXibibrfxPmdnCap8UI7EyjZfGsYQOotUgxGA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 11 Dec 2023 18:47:32 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.zohaibrock.xyz
Access-Control-Allow-Origin: https://www.zohaibrock.xyz
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=31d4a924-e16f-469f-ba58-4fee764d29a2:2:1; expires=Mon, 18 Dec 2023 18:47:32 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 12 Dec 2023 18:47:32 GMT; secure; SameSite=None
uncs=1; expires=Tue, 12 Dec 2023 18:47:32 GMT; secure; SameSite=None
pdhtkv32=true; expires=Tue, 12 Dec 2023 18:47:32 GMT; secure; SameSite=None
uncs32=1; expires=Tue, 12 Dec 2023 18:47:32 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f36dd69b999a8bdd18fff013a0eeaf3a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
citizenhid.com/5aebc1653aeb74dd43913443e8975c6e/invoke.js
11 kB URL citizenhid.com/5aebc1653aeb74dd43913443e8975c6e/invoke.js
IP
File type exported SGML document, ASCII text, with very long lines (29631), with no line terminators
Hash 050a04377bb918a58639a0da43e26516
4c1b71aa36c9beabde2c929c41e3e042ca1cd139
02c18b8d6da6c08f771ea03bf7c3fe6bac61201c78ade3cd1e5f166f4f4e3a1b
GET /5aebc1653aeb74dd43913443e8975c6e/invoke.js HTTP/1.1
Host: citizenhid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 11 Dec 2023 18:47:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 08dbdf54817de2f434efaf2f1c7406f6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
penitentpeepinsulation.com/watch.561531739214.js?key=4e73aa94115fd83602d8c483acd0b269&kw=%5B%22how%22%2C%22to%22%2C%22fix%22%2C%22low%22%2C%22gpu%22%2C%22usage%22%2C%22and%22%2C%22high%22%2C%22cpu%22%2C%22usage%22%2C%22in%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22more%22%2C%22fps%22%2C%22fix%22%2C%22freezing%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FHow-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html&tz=0&dev=e&res=14.3095&uuid=b5349094-cb07-4702-a86a-9cbe1f115c93%3A3%3A1
0 B URL penitentpeepinsulation.com/watch.561531739214.js?key=4e73aa94115fd83602d8c483acd0b269&kw=%5B%22how%22%2C%22to%22%2C%22fix%22%2C%22low%22%2C%22gpu%22%2C%22usage%22%2C%22and%22%2C%22high%22%2C%22cpu%22%2C%22usage%22%2C%22in%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22more%22%2C%22fps%22%2C%22fix%22%2C%22freezing%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FHow-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html&tz=0&dev=e&res=14.3095&uuid=b5349094-cb07-4702-a86a-9cbe1f115c93%3A3%3A1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.561531739214.js?key=4e73aa94115fd83602d8c483acd0b269&kw=%5B%22how%22%2C%22to%22%2C%22fix%22%2C%22low%22%2C%22gpu%22%2C%22usage%22%2C%22and%22%2C%22high%22%2C%22cpu%22%2C%22usage%22%2C%22in%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22more%22%2C%22fps%22%2C%22fix%22%2C%22freezing%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FHow-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html&tz=0&dev=e&res=14.3095&uuid=b5349094-cb07-4702-a86a-9cbe1f115c93%3A3%3A1 HTTP/1.1
Host: penitentpeepinsulation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.zohaibrock.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Mon, 11 Dec 2023 18:47:32 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.zohaibrock.xyz
Access-Control-Allow-Origin: https://www.zohaibrock.xyz
Access-Control-Allow-Credentials: true
Location: https://penitentpeepinsulation.com/watch.561531739214.js?key=4e73aa94115fd83602d8c483acd0b269&kw=%5B%22how%22%2C%22to%22%2C%22fix%22%2C%22low%22%2C%22gpu%22%2C%22usage%22%2C%22and%22%2C%22high%22%2C%22cpu%22%2C%22usage%22%2C%22in%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22more%22%2C%22fps%22%2C%22fix%22%2C%22freezing%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FHow-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html&tz=0&dev=e&res=14.3095&uuid=b5349094-cb07-4702-a86a-9cbe1f115c93%3A3%3A1&shu=f4eb1039cae5ae0244c84675199b9b76ff3c99b8c402c3e9e3065acc57f54abae510e069e2bf9c66630b096f2a52d104d2c209b01f77a1fac1d6bdcbf1be4d49bb98b8a960607532c7d02817312f1f8b899d8e097ea846c782048d367c1a2b6a&pst=1702320512&rmtc=t
Set-Cookie: u_pl=17433661; expires=Tue, 12 Dec 2023 18:47:32 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzQzMzY2MSwiayI6IjRlNzNhYTk0MTE1ZmQ4MzYwMmQ4YzQ4M2FjZDBiMjY5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTExMjY3LCJwaWQiOjQ5NzQ5NSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJhN2VnbnplYTYiLCJjcGtzIjp7IjI4IjoiZDdkYzQ3ZjIyOWY2YzUwYTc3YzNjMmE3YTM5YzQ5ODMifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LnpvaGFpYnJvY2sueHl6LzIwMjMvMTIvSG93LVRvLUZJWC1Mb3ctR1BVLVVzYWdlLWFuZC1IaWdoLUNQVS1Vc2FnZS1pbi1Gb3J0bml0ZS1DaGFwdGVyLTUtU2Vhc29uLTEuaHRtbCIsImFyIjpbXX19.HxaxHoMz_X8CGneEtjfUx3vE3iu1rDu88F06zlpu-zE; expires=Mon, 11 Dec 2023 18:48:32 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: dde73bb5564b72044972c1d618263b81
Strict-Transport-Security: max-age=0; includeSubdomains
regioninaudibleafforded.com/d7/dc/47/d7dc47f229f6c50a77c3c2a7a39c4983.js
25 kB URL regioninaudibleafforded.com/d7/dc/47/d7dc47f229f6c50a77c3c2a7a39c4983.js
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (61991)
Hash 7657a49d90c7ed539ff3988b421ba7e1
8de8fb2c3e4f30d37157d599107031b74a265480
e21610a8828db6097444d53b1b6d5646baa517cd6f5fc8991b61451afe126f44
GET /d7/dc/47/d7dc47f229f6c50a77c3c2a7a39c4983.js HTTP/1.1
Host: regioninaudibleafforded.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 11 Dec 2023 18:47:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_cf-2870_0=0; expires=Wed, 13 Dec 2023 20:47:32 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 677cbe3fc3e663b229a355dfd599444e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
regioninaudibleafforded.com/watch.693486854456.js?key=4e73aa94115fd83602d8c483acd0b269&kw=%5B%22how%22%2C%22to%22%2C%22fix%22%2C%22low%22%2C%22gpu%22%2C%22usage%22%2C%22and%22%2C%22high%22%2C%22cpu%22%2C%22usage%22%2C%22in%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22more%22%2C%22fps%22%2C%22fix%22%2C%22freezing%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FHow-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html&tz=0&dev=e&res=14.3095&uuid=b5349094-cb07-4702-a86a-9cbe1f115c93%3A3%3A1&shu=18f8975ffa36de35cff059b8a43035aa6b12057203ba0a0adff90bb7eb41e597dadc2520dee1a2cc55dde64d010a06f3ccad2a879f8004de328e74435391f1f5ad0586d83d3c8ec5e9e7559e3b0f0a658369d9a3708b0f04d15040d9e7fa63&pst=1702320512&rmtc=t
644 B URL regioninaudibleafforded.com/watch.693486854456.js?key=4e73aa94115fd83602d8c483acd0b269&kw=%5B%22how%22%2C%22to%22%2C%22fix%22%2C%22low%22%2C%22gpu%22%2C%22usage%22%2C%22and%22%2C%22high%22%2C%22cpu%22%2C%22usage%22%2C%22in%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22more%22%2C%22fps%22%2C%22fix%22%2C%22freezing%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FHow-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html&tz=0&dev=e&res=14.3095&uuid=b5349094-cb07-4702-a86a-9cbe1f115c93%3A3%3A1&shu=18f8975ffa36de35cff059b8a43035aa6b12057203ba0a0adff90bb7eb41e597dadc2520dee1a2cc55dde64d010a06f3ccad2a879f8004de328e74435391f1f5ad0586d83d3c8ec5e9e7559e3b0f0a658369d9a3708b0f04d15040d9e7fa63&pst=1702320512&rmtc=t
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document text
- HTML document, ASCII text, with very long lines (604)
Hash f8aa33e222e9d8169740702725cbb029
007937fcb3e92a7c8742c91465142eb23ec68ad0
69a5d53fa9874ca0b6620d56e829c43e70636bc4db38275730036739dd122923
GET /watch.693486854456.js?key=4e73aa94115fd83602d8c483acd0b269&kw=%5B%22how%22%2C%22to%22%2C%22fix%22%2C%22low%22%2C%22gpu%22%2C%22usage%22%2C%22and%22%2C%22high%22%2C%22cpu%22%2C%22usage%22%2C%22in%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22more%22%2C%22fps%22%2C%22fix%22%2C%22freezing%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FHow-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html&tz=0&dev=e&res=14.3095&uuid=b5349094-cb07-4702-a86a-9cbe1f115c93%3A3%3A1&shu=18f8975ffa36de35cff059b8a43035aa6b12057203ba0a0adff90bb7eb41e597dadc2520dee1a2cc55dde64d010a06f3ccad2a879f8004de328e74435391f1f5ad0586d83d3c8ec5e9e7559e3b0f0a658369d9a3708b0f04d15040d9e7fa63&pst=1702320512&rmtc=t HTTP/1.1
Host: regioninaudibleafforded.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.zohaibrock.xyz
Referer: https://www.zohaibrock.xyz/
DNT: 1
Connection: keep-alive
Cookie: u_pl=17433661; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzQzMzY2MSwiayI6IjRlNzNhYTk0MTE1ZmQ4MzYwMmQ4YzQ4M2FjZDBiMjY5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTExMjY3LCJwaWQiOjQ5NzQ5NSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJhN2VnbnplYTYiLCJjcGtzIjp7IjI4IjoiZDdkYzQ3ZjIyOWY2YzUwYTc3YzNjMmE3YTM5YzQ5ODMifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LnpvaGFpYnJvY2sueHl6LzIwMjMvMTIvSG93LVRvLUZJWC1Mb3ctR1BVLVVzYWdlLWFuZC1IaWdoLUNQVS1Vc2FnZS1pbi1Gb3J0bml0ZS1DaGFwdGVyLTUtU2Vhc29uLTEuaHRtbCIsImFyIjpbXX19.HxaxHoMz_X8CGneEtjfUx3vE3iu1rDu88F06zlpu-zE
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 11 Dec 2023 18:47:32 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.zohaibrock.xyz
Access-Control-Allow-Origin: https://www.zohaibrock.xyz
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=b5349094-cb07-4702-a86a-9cbe1f115c93:3:1; expires=Mon, 18 Dec 2023 18:47:32 GMT; secure; SameSite=None
iprcd9688a6a482d01384b606dff5bb923c4=2717340; expires=Tue, 12 Dec 2023 20:47:32 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 12 Dec 2023 18:47:32 GMT; secure; SameSite=None
uncs=1; expires=Tue, 12 Dec 2023 18:47:32 GMT; secure; SameSite=None
pdhtkv5=true; expires=Tue, 12 Dec 2023 18:47:32 GMT; secure; SameSite=None
uncs5=1; expires=Tue, 12 Dec 2023 18:47:32 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c2565de39dcf5e0b5b6061444baeb30d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__en.js
205 kB URL www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__en.js
IP
File type ASCII text, with very long lines (568)
Size 205 kB (204921 bytes)
Hash af51eb6ced1afe3f0f11ee679198808c
02b9d6a7a54f930807a01ae3cdcf462862925b40
6788908efcff931e3c0c4fb54a255932414a22e81971dcc1427c8a4f459a1fbf
GET /recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 204921
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 09 Dec 2023 21:16:49 GMT
expires: Sun, 08 Dec 2024 21:16:49 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 04 Dec 2023 17:08:31 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 163843
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
penitentpeepinsulation.com/d7/dc/47/d7dc47f229f6c50a77c3c2a7a39c4983.js
24 kB URL penitentpeepinsulation.com/d7/dc/47/d7dc47f229f6c50a77c3c2a7a39c4983.js
IP
File type ASCII text, with very long lines (59866)
Hash 84bf36a409492293a05cb3906618456c
5132cb1e669dcc95d18af49ee0617a669c1319a3
2516c3efca9f0c882af77d68e6b1910adbfcf04e4dde68ad3f03994d95b7f2b6
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /d7/dc/47/d7dc47f229f6c50a77c3c2a7a39c4983.js HTTP/1.1
Host: penitentpeepinsulation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 11 Dec 2023 18:47:32 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_cf-2870_0=1; expires=Wed, 13 Dec 2023 20:47:32 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c35334cdc6005f25e7b9d584616631b2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
36 kB URL www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
IP
File type gzip compressed data
- data
Hash b8505143f7d7dc25b5ad1ed125b54352
5a6ffdc3e5662a1c984f043d6e73b7a6791e3dbc
47ce4401c3a8b13a88215395d0f30f3d16487029d5161ceb9d6d8e55c6cbefda
GET /recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Mon, 11 Dec 2023 18:47:32 GMT
date: Mon, 11 Dec 2023 18:47:32 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
0 B URL jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Mon, 11 Dec 2023 18:47:32 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
regioninaudibleafforded.com/pixel/purst?dl=0&th=0&sc=0&rs=2275&rd=2275&fd=599&bv=23.12.v.5&tmpl=70
0 B URL regioninaudibleafforded.com/pixel/purst?dl=0&th=0&sc=0&rs=2275&rd=2275&fd=599&bv=23.12.v.5&tmpl=70
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/purst?dl=0&th=0&sc=0&rs=2275&rd=2275&fd=599&bv=23.12.v.5&tmpl=70 HTTP/1.1
Host: regioninaudibleafforded.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 11 Dec 2023 18:47:32 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
politicallyautograph.com/watch.866714508190.js?key=c23427b20a346ded2d6bc6fd35076f0d&kw=%5B%22how%22%2C%22to%22%2C%22fix%22%2C%22low%22%2C%22gpu%22%2C%22usage%22%2C%22and%22%2C%22high%22%2C%22cpu%22%2C%22usage%22%2C%22in%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22more%22%2C%22fps%22%2C%22fix%22%2C%22freezing%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FHow-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html&tz=0&dev=e&res=14.3095&uuid=b5349094-cb07-4702-a86a-9cbe1f115c93%3A3%3A1
0 B URL politicallyautograph.com/watch.866714508190.js?key=c23427b20a346ded2d6bc6fd35076f0d&kw=%5B%22how%22%2C%22to%22%2C%22fix%22%2C%22low%22%2C%22gpu%22%2C%22usage%22%2C%22and%22%2C%22high%22%2C%22cpu%22%2C%22usage%22%2C%22in%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22more%22%2C%22fps%22%2C%22fix%22%2C%22freezing%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FHow-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html&tz=0&dev=e&res=14.3095&uuid=b5349094-cb07-4702-a86a-9cbe1f115c93%3A3%3A1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.866714508190.js?key=c23427b20a346ded2d6bc6fd35076f0d&kw=%5B%22how%22%2C%22to%22%2C%22fix%22%2C%22low%22%2C%22gpu%22%2C%22usage%22%2C%22and%22%2C%22high%22%2C%22cpu%22%2C%22usage%22%2C%22in%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22more%22%2C%22fps%22%2C%22fix%22%2C%22freezing%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FHow-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html&tz=0&dev=e&res=14.3095&uuid=b5349094-cb07-4702-a86a-9cbe1f115c93%3A3%3A1 HTTP/1.1
Host: politicallyautograph.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.zohaibrock.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Mon, 11 Dec 2023 18:47:32 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.zohaibrock.xyz
Access-Control-Allow-Origin: https://www.zohaibrock.xyz
Access-Control-Allow-Credentials: true
Location: https://politicallyautograph.com/watch.866714508190.js?key=c23427b20a346ded2d6bc6fd35076f0d&kw=%5B%22how%22%2C%22to%22%2C%22fix%22%2C%22low%22%2C%22gpu%22%2C%22usage%22%2C%22and%22%2C%22high%22%2C%22cpu%22%2C%22usage%22%2C%22in%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22more%22%2C%22fps%22%2C%22fix%22%2C%22freezing%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FHow-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html&tz=0&dev=e&res=14.3095&uuid=b5349094-cb07-4702-a86a-9cbe1f115c93%3A3%3A1&shu=265bee760e86255ef237cf4e337a5d3684943ec6b2a659b618bd9d34c9f4baf20c892bdc89e609b9f22a5db0d2d1b92f4b545a91060061a8dd4b0febb449ac053a5babc75e93650b78a963546988b2af3b7b0c0bb7b0f6cfb75ef2c65474cf77&pst=1702320512&rmtc=t
Set-Cookie: u_pl=17433669; expires=Tue, 12 Dec 2023 18:47:32 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzQzMzY2OSwiayI6ImMyMzQyN2IyMGEzNDZkZWQyZDZiYzZmZDM1MDc2ZjBkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTExMjY3LCJwaWQiOjQ5NzQ5NSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyNywicHQiOjQsInBrIjoibnBqZjIyamtwcSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy56b2hhaWJyb2NrLnh5ei8yMDIzLzEyL0hvdy1Uby1GSVgtTG93LUdQVS1Vc2FnZS1hbmQtSGlnaC1DUFUtVXNhZ2UtaW4tRm9ydG5pdGUtQ2hhcHRlci01LVNlYXNvbi0xLmh0bWwiLCJhciI6W119fQ.jqabwc7AighMbH3MMUaWxsKuJWz_dQ6SoDsyaSF4Vq0; expires=Mon, 11 Dec 2023 18:48:32 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3c4579e3b47e60f8430d871f78fcf99b
Strict-Transport-Security: max-age=0; includeSubdomains
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
40 kB URL jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
File type JSON data
- , ASCII text, with very long lines (65536), with no line terminators
Hash 9058cb5e38158042eb0bd8f5c0727d39
6324d49e617de8851afa3bb392ec8921ae41121f
adddf24fdb2fd520bd61804411850eb01474d6defb2cd8e2c13cc8471bd5c32c
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 11 Dec 2023 18:47:33 GMT
server: ESF
cache-control: private
content-length: 40495
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
flakesaridphysical.com/watch.99835098537.js?key=61380c1b9b6e770bd53bda0f357b2043&kw=%5B%22how%22%2C%22to%22%2C%22fix%22%2C%22low%22%2C%22gpu%22%2C%22usage%22%2C%22and%22%2C%22high%22%2C%22cpu%22%2C%22usage%22%2C%22in%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22more%22%2C%22fps%22%2C%22fix%22%2C%22freezing%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FHow-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html&tz=0&dev=e&res=14.3095&uuid=b5349094-cb07-4702-a86a-9cbe1f115c93%3A3%3A1&shu=05d8bb332c43e9223175fc3bec327bef9b54c5a601af89c2dd566f777e470325f57b1ac612c15c5b6e96af3c72b9e487618887ebafaa0f1cbb0b7d6edf6f87d96411274a44060036e52b3d2ab0c659dc04d1e7a8cc58564ffd5e6c8c3bc84a&pst=1702320512&rmtc=t
2.1 kB URL flakesaridphysical.com/watch.99835098537.js?key=61380c1b9b6e770bd53bda0f357b2043&kw=%5B%22how%22%2C%22to%22%2C%22fix%22%2C%22low%22%2C%22gpu%22%2C%22usage%22%2C%22and%22%2C%22high%22%2C%22cpu%22%2C%22usage%22%2C%22in%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22more%22%2C%22fps%22%2C%22fix%22%2C%22freezing%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FHow-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html&tz=0&dev=e&res=14.3095&uuid=b5349094-cb07-4702-a86a-9cbe1f115c93%3A3%3A1&shu=05d8bb332c43e9223175fc3bec327bef9b54c5a601af89c2dd566f777e470325f57b1ac612c15c5b6e96af3c72b9e487618887ebafaa0f1cbb0b7d6edf6f87d96411274a44060036e52b3d2ab0c659dc04d1e7a8cc58564ffd5e6c8c3bc84a&pst=1702320512&rmtc=t
IP
File type HTML document, ASCII text, with very long lines (2598)
Hash d42d7e1d00f8a455d67403dcca9a9447
ef5ae7911b39891df16fb621665c5fc51f1c6258
5bb8ccb5526e7acadd0876339145ed51e421314004300a3ba2815dd530742f8a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.99835098537.js?key=61380c1b9b6e770bd53bda0f357b2043&kw=%5B%22how%22%2C%22to%22%2C%22fix%22%2C%22low%22%2C%22gpu%22%2C%22usage%22%2C%22and%22%2C%22high%22%2C%22cpu%22%2C%22usage%22%2C%22in%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22more%22%2C%22fps%22%2C%22fix%22%2C%22freezing%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FHow-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html&tz=0&dev=e&res=14.3095&uuid=b5349094-cb07-4702-a86a-9cbe1f115c93%3A3%3A1&shu=05d8bb332c43e9223175fc3bec327bef9b54c5a601af89c2dd566f777e470325f57b1ac612c15c5b6e96af3c72b9e487618887ebafaa0f1cbb0b7d6edf6f87d96411274a44060036e52b3d2ab0c659dc04d1e7a8cc58564ffd5e6c8c3bc84a&pst=1702320512&rmtc=t HTTP/1.1
Host: flakesaridphysical.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.zohaibrock.xyz
Referer: https://www.zohaibrock.xyz/
DNT: 1
Connection: keep-alive
Cookie: u_pl=17433649; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzQzMzY0OSwiayI6IjYxMzgwYzFiOWI2ZTc3MGJkNTNiZGEwZjM1N2IyMDQzIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTExMjY3LCJwaWQiOjQ5NzQ5NSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyMywicHQiOjQsInBrIjoidmVoZndlNXd4IiwiY3BrcyI6eyIyOCI6IjY3MjBiOGRlMTNkNjU3YzE1ODZkZDRhY2M0NDQyMTk4In0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy56b2hhaWJyb2NrLnh5ei8yMDIzLzEyL0hvdy1Uby1GSVgtTG93LUdQVS1Vc2FnZS1hbmQtSGlnaC1DUFUtVXNhZ2UtaW4tRm9ydG5pdGUtQ2hhcHRlci01LVNlYXNvbi0xLmh0bWwiLCJhciI6W119fQ.U85Y8tjv-5ilmafSEH9AvLfMnedB_c3F8Kz9SF9NGMA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 11 Dec 2023 18:47:33 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.zohaibrock.xyz
Access-Control-Allow-Origin: https://www.zohaibrock.xyz
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=b5349094-cb07-4702-a86a-9cbe1f115c93:3:1; expires=Mon, 18 Dec 2023 18:47:32 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 12 Dec 2023 18:47:33 GMT; secure; SameSite=None
uncs=1; expires=Tue, 12 Dec 2023 18:47:33 GMT; secure; SameSite=None
pdhtkv23=true; expires=Tue, 12 Dec 2023 18:47:33 GMT; secure; SameSite=None
uncs23=1; expires=Tue, 12 Dec 2023 18:47:33 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f6f1bfb836ad161ac3142e4b7bea1d50
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.zohaibrock.xyz/feeds/posts/default/-/Fix%20High%20CPU%20Usage%20While%20Game%20On%20Pc?alt=json-in-script&max-results=5&callback=jQuery112404732631039618771_1702320453042&_=1702320453043
12 kB URL www.zohaibrock.xyz/feeds/posts/default/-/Fix%20High%20CPU%20Usage%20While%20Game%20On%20Pc?alt=json-in-script&max-results=5&callback=jQuery112404732631039618771_1702320453042&_=1702320453043
IP
File type Unicode text, UTF-8 text, with very long lines (65149)
Hash df157830e9f2b5f89ae85f31618cc671
351aad8af3f32b4272c34380d969b668a7c27cd3
676624a2e1931d5d20fcb11060e0ffcfb1ff2c28dd1ee05fccd3835f7c1e055b
GET /feeds/posts/default/-/Fix%20High%20CPU%20Usage%20While%20Game%20On%20Pc?alt=json-in-script&max-results=5&callback=jQuery112404732631039618771_1702320453042&_=1702320453043 HTTP/1.1
Host: www.zohaibrock.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/2023/12/How-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html
Cookie: _ga_3GHVHYR6VY=GS1.1.1702320451.1.0.1702320451.0.0.0; _ga=GA1.1.2146003360.1702320451; dom3ic8zudi28v8lr6fgphwffqoz0j6c=b5349094-cb07-4702-a86a-9cbe1f115c93%3A3%3A1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
etag: W/"bb8596b9d50ba07af34810ecbf38dd867bcffd10285cdb5e6098897ee5575dbf"
date: Mon, 11 Dec 2023 18:47:32 GMT
content-type: text/javascript; charset=UTF-8
server: blogger-renderd
expires: Mon, 11 Dec 2023 18:47:33 GMT
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Mon, 11 Dec 2023 18:18:43 GMT
content-encoding: gzip
content-length: 11830
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
unfinisheddolphin.com/watch.770836712438.js?key=26b16bcbe062b96020cea73b7d3a66c9&kw=%5B%22how%22%2C%22to%22%2C%22fix%22%2C%22low%22%2C%22gpu%22%2C%22usage%22%2C%22and%22%2C%22high%22%2C%22cpu%22%2C%22usage%22%2C%22in%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22more%22%2C%22fps%22%2C%22fix%22%2C%22freezing%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FHow-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html&tz=0&dev=e&res=14.3095&uuid=b5349094-cb07-4702-a86a-9cbe1f115c93%3A3%3A1
0 B URL unfinisheddolphin.com/watch.770836712438.js?key=26b16bcbe062b96020cea73b7d3a66c9&kw=%5B%22how%22%2C%22to%22%2C%22fix%22%2C%22low%22%2C%22gpu%22%2C%22usage%22%2C%22and%22%2C%22high%22%2C%22cpu%22%2C%22usage%22%2C%22in%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22more%22%2C%22fps%22%2C%22fix%22%2C%22freezing%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FHow-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html&tz=0&dev=e&res=14.3095&uuid=b5349094-cb07-4702-a86a-9cbe1f115c93%3A3%3A1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch.770836712438.js?key=26b16bcbe062b96020cea73b7d3a66c9&kw=%5B%22how%22%2C%22to%22%2C%22fix%22%2C%22low%22%2C%22gpu%22%2C%22usage%22%2C%22and%22%2C%22high%22%2C%22cpu%22%2C%22usage%22%2C%22in%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22more%22%2C%22fps%22%2C%22fix%22%2C%22freezing%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FHow-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html&tz=0&dev=e&res=14.3095&uuid=b5349094-cb07-4702-a86a-9cbe1f115c93%3A3%3A1 HTTP/1.1
Host: unfinisheddolphin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.zohaibrock.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Mon, 11 Dec 2023 18:47:33 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.zohaibrock.xyz
Access-Control-Allow-Origin: https://www.zohaibrock.xyz
Access-Control-Allow-Credentials: true
Location: https://unfinisheddolphin.com/watch.770836712438.js?key=26b16bcbe062b96020cea73b7d3a66c9&kw=%5B%22how%22%2C%22to%22%2C%22fix%22%2C%22low%22%2C%22gpu%22%2C%22usage%22%2C%22and%22%2C%22high%22%2C%22cpu%22%2C%22usage%22%2C%22in%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22more%22%2C%22fps%22%2C%22fix%22%2C%22freezing%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FHow-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html&tz=0&dev=e&res=14.3095&uuid=b5349094-cb07-4702-a86a-9cbe1f115c93%3A3%3A1&shu=cf55fec0d102e4a935b6928ffaa23673fc2a9a375d6abeb4e6566b83ac78feb42e74fbfce4aa0beacd4dfb1045a051592f6d46944ac4878ace770aaf6be539c2dc74249418dedcae0e8c43b5eaea9e1fe1d5ca8e2abb08da0f0b11559d01&pst=1702320513&rmtc=t
Set-Cookie: u_pl=17433668; expires=Tue, 12 Dec 2023 18:47:33 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzQzMzY2OCwiayI6IjI2YjE2YmNiZTA2MmI5NjAyMGNlYTczYjdkM2E2NmM5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTExMjY3LCJwaWQiOjQ5NzQ5NSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyNiwicHQiOjQsInBrIjoia242a3pmeW4iLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cuem9oYWlicm9jay54eXovMjAyMy8xMi9Ib3ctVG8tRklYLUxvdy1HUFUtVXNhZ2UtYW5kLUhpZ2gtQ1BVLVVzYWdlLWluLUZvcnRuaXRlLUNoYXB0ZXItNS1TZWFzb24tMS5odG1sIiwiYXIiOltdfX0.DdYGkHlnlYnv8QVTtNnWx_MbasNdGDgU_Dzh8zOr8BY; expires=Mon, 11 Dec 2023 18:48:33 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7a328a46fe816471e73a76bcdb6c53ec
Strict-Transport-Security: max-age=0; includeSubdomains
i.ytimg.com/vi/9WyMFNzTsYQ/sddefault.jpg
84 kB URL i.ytimg.com/vi/9WyMFNzTsYQ/sddefault.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x480, components 3
- data
Hash 19c0456accb626aa242ab925c5cb3e78
2c87a047152339d0a9367f5e4c991d20ac9b6093
220c043c63c0fb44ec99270500989fdc6366ff1061706d97ca79550566817931
GET /vi/9WyMFNzTsYQ/sddefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 84212
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 11 Dec 2023 18:47:33 GMT
expires: Mon, 11 Dec 2023 20:47:33 GMT
cache-control: public, max-age=7200
etag: "1701714708"
content-type: image/jpeg
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.blogger.com/_/BloggerCommentUi/jserror?script=https%3A%2F%2Fwww.blogger.com%2F_%2Fscs%2Fmss-static%2F_%2Fjs%2Fk%3Dboq-blogger.BloggerCommentUi.en.uyg6a5my6is.es5.O%2Fck%3Dboq-blogger.BloggerCommentUi.QTL7-Q5DAm4.L.F4.O%2Fam%3DAAZSAw%2Fd%3D1%2Fexm%3D_b%2C_tp%2Fexcm%3D_b%2C_tp%2Ccommentformiframeview%2Fed%3D1%2Fwt%3D2%2Fujg%3D1%2Frs%3DAEy-KP3_vTUGLW3IEaIn6QeM3xMX51OcSA%2Fee%3DEmZ2Bf%3Azr1jrb%3BErl4fe%3AFloWmf%3BJsbNhc%3AXd8iUd%3BLBgRLc%3ASdcwHb%3BMe32dd%3AMEeYgc%3BNPKaK%3ASdcwHb%3BNSEoX%3AlazG7b%3BOj465e%3AKG2eXe%3BPjplud%3AEEDORb%3BQGR0gd%3AMlhmy%3BSNUn3%3AZwDk9d%3Ba56pNe%3AJEfCwb%3BcEt90b%3Aws9Tlc%3BdIoSBb%3ASpsfSb%3BeBAeSb%3AzbML3c%3BiFQyKf%3AvfuNJf%3Bio8t5d%3AyDVVkb%3BkMFpHd%3AOTA3Ae%3BnAFL3%3ANTMZac%3BoGtAuc%3AsOXFj%3BpXdRYb%3AMdUzUe%3BqddgKe%3AxQtZb%3BsP4Vbe%3AVwDzFe%3BuY49fb%3ACOQbmf%3Bul9GGd%3AVDovNc%3BwR5FRb%3AO1Gjze%3BxqZiqf%3AwmnU7d%3ByxTchf%3AKUM7Z%3BzxnPse%3AduFQFc%2Fm%3Dws9Tlc%2Cn73qwf%2CUUJqVe%2CIZT63%2Ce5qFLc%2CvfuNJf%2CO1Gjze%2CbyfTOb%2ClsjVmc%2CxUdipf%2COTA3Ae%2CCOQbmf%2CfKUV3e%2CaurFic%2CU0aPgd%2CZwDk9d%2CV3dDOb%2CmI3LFb%2CWO9ee%2CeD1YLc%2CgZjhIf%2CO6y8ed%2CMpJwZc%2CPrPYRd%2CLEikZe%2CNwH0H%2COmgaI%2ClazG7b%2CXVMNvd%2CL1AAkb%2CKUM7Z%2CMlhmy%2CduFQFc%2Chc6Ubd%2Clwddkf%2Cgychg%2Cw9hDv%2CEEDORb%2CRMhBfe%2CSdcwHb%2CaW3pY%2CSpsfSb%2CEFQ78c%2CUlmmrd%2CZfAoz%2CmdR7q%2CwmnU7d%2CxQtZb%2CZ5uLle%2CJNoxi%2CkWgXee%2CMI6k7c%2CkjKdXe%2CBVgquf%2CovKuLd%2ChKSk3e%2CMdUzUe%2CyDVVkb%2CzbML3c%2CKG2eXe%2Czr1jrb%2CVwDzFe%2CUas9Hd%2CA7fCU%2CpjICDe&error=Failed%20to%20retrieve%20dependencies%20of%20service%20pjICDe%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20pjICDe%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20zr1jrb%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20zbML3c%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20MdUzUe%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20Z5uLle%3A%20gbar%20is%20not%20defined&line=296
0 B URL www.blogger.com/_/BloggerCommentUi/jserror?script=https%3A%2F%2Fwww.blogger.com%2F_%2Fscs%2Fmss-static%2F_%2Fjs%2Fk%3Dboq-blogger.BloggerCommentUi.en.uyg6a5my6is.es5.O%2Fck%3Dboq-blogger.BloggerCommentUi.QTL7-Q5DAm4.L.F4.O%2Fam%3DAAZSAw%2Fd%3D1%2Fexm%3D_b%2C_tp%2Fexcm%3D_b%2C_tp%2Ccommentformiframeview%2Fed%3D1%2Fwt%3D2%2Fujg%3D1%2Frs%3DAEy-KP3_vTUGLW3IEaIn6QeM3xMX51OcSA%2Fee%3DEmZ2Bf%3Azr1jrb%3BErl4fe%3AFloWmf%3BJsbNhc%3AXd8iUd%3BLBgRLc%3ASdcwHb%3BMe32dd%3AMEeYgc%3BNPKaK%3ASdcwHb%3BNSEoX%3AlazG7b%3BOj465e%3AKG2eXe%3BPjplud%3AEEDORb%3BQGR0gd%3AMlhmy%3BSNUn3%3AZwDk9d%3Ba56pNe%3AJEfCwb%3BcEt90b%3Aws9Tlc%3BdIoSBb%3ASpsfSb%3BeBAeSb%3AzbML3c%3BiFQyKf%3AvfuNJf%3Bio8t5d%3AyDVVkb%3BkMFpHd%3AOTA3Ae%3BnAFL3%3ANTMZac%3BoGtAuc%3AsOXFj%3BpXdRYb%3AMdUzUe%3BqddgKe%3AxQtZb%3BsP4Vbe%3AVwDzFe%3BuY49fb%3ACOQbmf%3Bul9GGd%3AVDovNc%3BwR5FRb%3AO1Gjze%3BxqZiqf%3AwmnU7d%3ByxTchf%3AKUM7Z%3BzxnPse%3AduFQFc%2Fm%3Dws9Tlc%2Cn73qwf%2CUUJqVe%2CIZT63%2Ce5qFLc%2CvfuNJf%2CO1Gjze%2CbyfTOb%2ClsjVmc%2CxUdipf%2COTA3Ae%2CCOQbmf%2CfKUV3e%2CaurFic%2CU0aPgd%2CZwDk9d%2CV3dDOb%2CmI3LFb%2CWO9ee%2CeD1YLc%2CgZjhIf%2CO6y8ed%2CMpJwZc%2CPrPYRd%2CLEikZe%2CNwH0H%2COmgaI%2ClazG7b%2CXVMNvd%2CL1AAkb%2CKUM7Z%2CMlhmy%2CduFQFc%2Chc6Ubd%2Clwddkf%2Cgychg%2Cw9hDv%2CEEDORb%2CRMhBfe%2CSdcwHb%2CaW3pY%2CSpsfSb%2CEFQ78c%2CUlmmrd%2CZfAoz%2CmdR7q%2CwmnU7d%2CxQtZb%2CZ5uLle%2CJNoxi%2CkWgXee%2CMI6k7c%2CkjKdXe%2CBVgquf%2CovKuLd%2ChKSk3e%2CMdUzUe%2CyDVVkb%2CzbML3c%2CKG2eXe%2Czr1jrb%2CVwDzFe%2CUas9Hd%2CA7fCU%2CpjICDe&error=Failed%20to%20retrieve%20dependencies%20of%20service%20pjICDe%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20pjICDe%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20zr1jrb%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20zbML3c%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20MdUzUe%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20Z5uLle%3A%20gbar%20is%20not%20defined&line=296
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /_/BloggerCommentUi/jserror?script=https%3A%2F%2Fwww.blogger.com%2F_%2Fscs%2Fmss-static%2F_%2Fjs%2Fk%3Dboq-blogger.BloggerCommentUi.en.uyg6a5my6is.es5.O%2Fck%3Dboq-blogger.BloggerCommentUi.QTL7-Q5DAm4.L.F4.O%2Fam%3DAAZSAw%2Fd%3D1%2Fexm%3D_b%2C_tp%2Fexcm%3D_b%2C_tp%2Ccommentformiframeview%2Fed%3D1%2Fwt%3D2%2Fujg%3D1%2Frs%3DAEy-KP3_vTUGLW3IEaIn6QeM3xMX51OcSA%2Fee%3DEmZ2Bf%3Azr1jrb%3BErl4fe%3AFloWmf%3BJsbNhc%3AXd8iUd%3BLBgRLc%3ASdcwHb%3BMe32dd%3AMEeYgc%3BNPKaK%3ASdcwHb%3BNSEoX%3AlazG7b%3BOj465e%3AKG2eXe%3BPjplud%3AEEDORb%3BQGR0gd%3AMlhmy%3BSNUn3%3AZwDk9d%3Ba56pNe%3AJEfCwb%3BcEt90b%3Aws9Tlc%3BdIoSBb%3ASpsfSb%3BeBAeSb%3AzbML3c%3BiFQyKf%3AvfuNJf%3Bio8t5d%3AyDVVkb%3BkMFpHd%3AOTA3Ae%3BnAFL3%3ANTMZac%3BoGtAuc%3AsOXFj%3BpXdRYb%3AMdUzUe%3BqddgKe%3AxQtZb%3BsP4Vbe%3AVwDzFe%3BuY49fb%3ACOQbmf%3Bul9GGd%3AVDovNc%3BwR5FRb%3AO1Gjze%3BxqZiqf%3AwmnU7d%3ByxTchf%3AKUM7Z%3BzxnPse%3AduFQFc%2Fm%3Dws9Tlc%2Cn73qwf%2CUUJqVe%2CIZT63%2Ce5qFLc%2CvfuNJf%2CO1Gjze%2CbyfTOb%2ClsjVmc%2CxUdipf%2COTA3Ae%2CCOQbmf%2CfKUV3e%2CaurFic%2CU0aPgd%2CZwDk9d%2CV3dDOb%2CmI3LFb%2CWO9ee%2CeD1YLc%2CgZjhIf%2CO6y8ed%2CMpJwZc%2CPrPYRd%2CLEikZe%2CNwH0H%2COmgaI%2ClazG7b%2CXVMNvd%2CL1AAkb%2CKUM7Z%2CMlhmy%2CduFQFc%2Chc6Ubd%2Clwddkf%2Cgychg%2Cw9hDv%2CEEDORb%2CRMhBfe%2CSdcwHb%2CaW3pY%2CSpsfSb%2CEFQ78c%2CUlmmrd%2CZfAoz%2CmdR7q%2CwmnU7d%2CxQtZb%2CZ5uLle%2CJNoxi%2CkWgXee%2CMI6k7c%2CkjKdXe%2CBVgquf%2CovKuLd%2ChKSk3e%2CMdUzUe%2CyDVVkb%2CzbML3c%2CKG2eXe%2Czr1jrb%2CVwDzFe%2CUas9Hd%2CA7fCU%2CpjICDe&error=Failed%20to%20retrieve%20dependencies%20of%20service%20pjICDe%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20pjICDe%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20zr1jrb%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20zbML3c%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20MdUzUe%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20Z5uLle%3A%20gbar%20is%20not%20defined&line=296 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 106250
Origin: https://www.blogger.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 11 Dec 2023 18:47:33 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'nonce-tqSzyJotBul6IP9O1jqrDg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/BloggerCommentUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=511=aivoaY1pP7jitxaagYrhpWXou5tokWlyHHehdX4L9WaULyUxtlEb5D86nFLSGfwyOR2MQvT6_4n-LSh5dBSuaeGXBvVPGxoLpoBn2GrLwj83orXdkLwi8kdR52J4k08T6RJMWFjKeSJfUAztmwUXVNyF-LDVnNXQapbmF-LUXxk; expires=Tue, 11-Jun-2024 18:47:32 GMT; path=/; domain=.blogger.com; Secure; HttpOnly
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.youtube.com/s/player/dee96cfa/player_ias.vflset/en_US/remote.js
34 kB URL www.youtube.com/s/player/dee96cfa/player_ias.vflset/en_US/remote.js
IP
File type ASCII text, with very long lines (537)
Hash caf14ed40a162ce34e960f1349f2e0b0
8fdd2f3793b1cb775bc1d61c3b1689dc0a92a294
24fa2128f8460380865cf76881c0f6569aa2d9af6eea4aff5f6f01ad37702d34
GET /s/player/dee96cfa/player_ias.vflset/en_US/remote.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/9WyMFNzTsYQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 33462
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:40:27 GMT
expires: Fri, 06 Dec 2024 15:40:27 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 06 Dec 2023 02:46:57 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 356826
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/js/th/Tsw0Yn1BA_u41wm3FNlInuFvbxWhU_qzb8oN8tyvKnc.js
20 kB URL www.google.com/js/th/Tsw0Yn1BA_u41wm3FNlInuFvbxWhU_qzb8oN8tyvKnc.js
IP
File type ASCII text, with very long lines (50589)
Hash 345691c6b34cfae68ba9b09c7f323061
92e9ebd134a2f5d25ef8b7c22623b766a95d06be
4ecc34627d4103fbb8d709b714d9489ee16f6f15a153fab36fca0df2dcaf2a77
GET /js/th/Tsw0Yn1BA_u41wm3FNlInuFvbxWhU_qzb8oN8tyvKnc.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 19777
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 09 Dec 2023 14:05:10 GMT
expires: Sun, 08 Dec 2024 14:05:10 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 189743
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1.bp.blogspot.com/-_zcoRnZ1ZvE/YCGpCEfQTMI/AAAAAAAAAJ0/D0YGtISzX58OsRRmk0kQXMEwAROd4IJAACLcBGAsYHQ/w349-h149-p-k-no-nu/2.jpg
32 kB URL 1.bp.blogspot.com/-_zcoRnZ1ZvE/YCGpCEfQTMI/AAAAAAAAAJ0/D0YGtISzX58OsRRmk0kQXMEwAROd4IJAACLcBGAsYHQ/w349-h149-p-k-no-nu/2.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 349x149, components 3
- data
Hash a9bb55159b6794e07460f1ed4bf847cc
f49a080afff6cf48a1b3f619f569914385354a78
2429062f7c37339047259be8f31d68dd433f0ef2006f1a86226b449331365514
GET /-_zcoRnZ1ZvE/YCGpCEfQTMI/AAAAAAAAAJ0/D0YGtISzX58OsRRmk0kQXMEwAROd4IJAACLcBGAsYHQ/w349-h149-p-k-no-nu/2.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v9e"
expires: Tue, 12 Dec 2023 18:47:33 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="2.jpg"
x-content-type-options: nosniff
date: Mon, 11 Dec 2023 18:47:33 GMT
server: fife
content-length: 31494
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
kit-pro.fontawesome.com/releases/v5.15.2/webfonts/pro-fa-brands-400-5.8.1.woff2
928 B URL kit-pro.fontawesome.com/releases/v5.15.2/webfonts/pro-fa-brands-400-5.8.1.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 928, version 331.-31327
- data
Hash 2e503ea589b954bc9999bd43384c8120
732b264b9f5fdc7481eeed7142e5cae2c69f755f
a1bc56576314a269ec7c49627ac6978c9535d9be29d2e5ba369456c6004b3583
GET /releases/v5.15.2/webfonts/pro-fa-brands-400-5.8.1.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.zohaibrock.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 11 Dec 2023 18:47:33 GMT
content-type: font/woff2
content-length: 928
x-amz-id-2: /kt4JhJ/GEarGSvfj5bmU4lQAIfk4QAFhnk408KfqgGFqT/1EkdulOa6zQrcs/1PjH9LN7h+0Do=
x-amz-request-id: P7K7J4W85ETG2K05
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Thu, 01 Jul 2021 20:08:00 GMT
etag: "2e503ea589b954bc9999bd43384c8120"
cache-control: public, max-age=31556926
cf-cache-status: HIT
age: 1596457
expires: Wed, 11 Dec 2024 00:36:19 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 833fe5910fa5b4fd-OSL
X-Firefox-Spdy: h2
distancemedicalchristian.com/watch.1401167741968.js?key=5aebc1653aeb74dd43913443e8975c6e&kw=%5B%22how%22%2C%22to%22%2C%22fix%22%2C%22low%22%2C%22gpu%22%2C%22usage%22%2C%22and%22%2C%22high%22%2C%22cpu%22%2C%22usage%22%2C%22in%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22more%22%2C%22fps%22%2C%22fix%22%2C%22freezing%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FHow-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html&tz=0&dev=e&res=14.3095&uuid=b5349094-cb07-4702-a86a-9cbe1f115c93%3A3%3A1
0 B URL distancemedicalchristian.com/watch.1401167741968.js?key=5aebc1653aeb74dd43913443e8975c6e&kw=%5B%22how%22%2C%22to%22%2C%22fix%22%2C%22low%22%2C%22gpu%22%2C%22usage%22%2C%22and%22%2C%22high%22%2C%22cpu%22%2C%22usage%22%2C%22in%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22more%22%2C%22fps%22%2C%22fix%22%2C%22freezing%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FHow-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html&tz=0&dev=e&res=14.3095&uuid=b5349094-cb07-4702-a86a-9cbe1f115c93%3A3%3A1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.1401167741968.js?key=5aebc1653aeb74dd43913443e8975c6e&kw=%5B%22how%22%2C%22to%22%2C%22fix%22%2C%22low%22%2C%22gpu%22%2C%22usage%22%2C%22and%22%2C%22high%22%2C%22cpu%22%2C%22usage%22%2C%22in%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22more%22%2C%22fps%22%2C%22fix%22%2C%22freezing%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FHow-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html&tz=0&dev=e&res=14.3095&uuid=b5349094-cb07-4702-a86a-9cbe1f115c93%3A3%3A1 HTTP/1.1
Host: distancemedicalchristian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.zohaibrock.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Mon, 11 Dec 2023 18:47:33 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.zohaibrock.xyz
Access-Control-Allow-Origin: https://www.zohaibrock.xyz
Access-Control-Allow-Credentials: true
Location: https://distancemedicalchristian.com/watch.1401167741968.js?key=5aebc1653aeb74dd43913443e8975c6e&kw=%5B%22how%22%2C%22to%22%2C%22fix%22%2C%22low%22%2C%22gpu%22%2C%22usage%22%2C%22and%22%2C%22high%22%2C%22cpu%22%2C%22usage%22%2C%22in%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22more%22%2C%22fps%22%2C%22fix%22%2C%22freezing%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FHow-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html&tz=0&dev=e&res=14.3095&uuid=b5349094-cb07-4702-a86a-9cbe1f115c93%3A3%3A1&shu=a124014a0b424d4b4b333d72f8e4bfefbdf11fb6d083285bd13a03006c34c58952dabaa5ec859d46a57b5703774184a4fd12bf3453419bd25f2de43ce5d57ee14663f478eec299b4c347dbc99ebdf8fe7bc0fe2e4f1103b6807863f4ffdfbc14&pst=1702320513&rmtc=t
Set-Cookie: u_pl=17433663; expires=Tue, 12 Dec 2023 18:47:33 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzQzMzY2MywiayI6IjVhZWJjMTY1M2FlYjc0ZGQ0MzkxMzQ0M2U4OTc1YzZlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTExMjY3LCJwaWQiOjQ5NzQ5NSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyNSwicHQiOjQsInBrIjoiZHdqNGk2MDgiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cuem9oYWlicm9jay54eXovMjAyMy8xMi9Ib3ctVG8tRklYLUxvdy1HUFUtVXNhZ2UtYW5kLUhpZ2gtQ1BVLVVzYWdlLWluLUZvcnRuaXRlLUNoYXB0ZXItNS1TZWFzb24tMS5odG1sIiwiYXIiOltdfX0.lmOklKj-BCRJOy9Rp18e1TCjNmFUibdZitd-3U6Pq4w; expires=Mon, 11 Dec 2023 18:48:33 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1c63b72ad672dbf4e0323eb1b79e082b
Strict-Transport-Security: max-age=0; includeSubdomains
kit-pro.fontawesome.com/releases/v5.15.2/webfonts/pro-fa-regular-400-5.0.0.woff2
24 kB URL kit-pro.fontawesome.com/releases/v5.15.2/webfonts/pro-fa-regular-400-5.0.0.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 23928, version 331.-31327
- data
Hash ae96a42d81d91aa192faffa096d3e1df
0a4e545864df8d9e1844959b6a90f9c91922fa41
2936529445c10de2d3438e9c3947b35963e183245c1e8486c7dd513763cdc5db
GET /releases/v5.15.2/webfonts/pro-fa-regular-400-5.0.0.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.zohaibrock.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 11 Dec 2023 18:47:33 GMT
content-type: font/woff2
content-length: 23928
x-amz-id-2: 17o3iJQ7m3Z54ecgC3GYFOO125ARP3f0LEDE1rCe0WTSqgpURxwr49MevT8eXqcL7vohiRKNrnw=
x-amz-request-id: 8JS3R6HDMXVFZT0B
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Thu, 01 Jul 2021 20:08:05 GMT
etag: "ae96a42d81d91aa192faffa096d3e1df"
cache-control: public, max-age=31556926
cf-cache-status: HIT
age: 685922
expires: Wed, 11 Dec 2024 00:36:19 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 833fe5910fa8b4fd-OSL
X-Firefox-Spdy: h2
kit-pro.fontawesome.com/releases/v5.15.2/webfonts/pro-fa-regular-400-5.0.0.woff2
24 kB URL kit-pro.fontawesome.com/releases/v5.15.2/webfonts/pro-fa-regular-400-5.0.0.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 23928, version 331.-31327
- data
Hash ae96a42d81d91aa192faffa096d3e1df
0a4e545864df8d9e1844959b6a90f9c91922fa41
2936529445c10de2d3438e9c3947b35963e183245c1e8486c7dd513763cdc5db
GET /releases/v5.15.2/webfonts/pro-fa-regular-400-5.0.0.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.zohaibrock.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 11 Dec 2023 18:47:33 GMT
content-type: font/woff2
content-length: 23928
x-amz-id-2: 17o3iJQ7m3Z54ecgC3GYFOO125ARP3f0LEDE1rCe0WTSqgpURxwr49MevT8eXqcL7vohiRKNrnw=
x-amz-request-id: 8JS3R6HDMXVFZT0B
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Thu, 01 Jul 2021 20:08:05 GMT
etag: "ae96a42d81d91aa192faffa096d3e1df"
cache-control: public, max-age=31556926
cf-cache-status: HIT
age: 685922
expires: Wed, 11 Dec 2024 00:36:19 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 833fe5910fa7b4fd-OSL
X-Firefox-Spdy: h2
kit-pro.fontawesome.com/releases/v5.15.2/webfonts/pro-fa-solid-900-5.7.0.woff2
9.1 kB URL kit-pro.fontawesome.com/releases/v5.15.2/webfonts/pro-fa-solid-900-5.7.0.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 9072, version 331.-31327
- data
Hash cd8172f57c5fd94b2f1de480aca2c0b7
997c16a3031afb447b4a619fb216dd16005eb5cc
abebb4bcb4da82c56fe018a0337c26cf27018079b66cff65358b1940ee1ad6b3
GET /releases/v5.15.2/webfonts/pro-fa-solid-900-5.7.0.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.zohaibrock.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 11 Dec 2023 18:47:33 GMT
content-type: font/woff2
content-length: 9072
x-amz-id-2: H+/kgXHGu/lJJ39VnoRNt4UKMvEtypNGJ8dLOBG/mtMat/wYZB0J/l0MJ/bd12Pa0kXOReJrZG0=
x-amz-request-id: 0AF5EMANC0WXT5E4
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Thu, 01 Jul 2021 20:08:10 GMT
etag: "cd8172f57c5fd94b2f1de480aca2c0b7"
cache-control: public, max-age=31556926
cf-cache-status: HIT
age: 685922
expires: Wed, 11 Dec 2024 00:36:19 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 833fe5911facb4fd-OSL
X-Firefox-Spdy: h2
kit-pro.fontawesome.com/releases/v5.15.2/webfonts/pro-fa-brands-400-5.0.0.woff2
39 kB URL kit-pro.fontawesome.com/releases/v5.15.2/webfonts/pro-fa-brands-400-5.0.0.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 39176, version 331.-31327
- data
Hash 7c82fbc0862faa615c4ad28f8e7bcf02
18cd5e664c156be3a194e8bb6500724497ff54b1
5f031f5beda509b8c7f74966b00340c15321b31b43ada420ef85ff7c5e5e7578
GET /releases/v5.15.2/webfonts/pro-fa-brands-400-5.0.0.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.zohaibrock.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 11 Dec 2023 18:47:33 GMT
content-type: font/woff2
content-length: 39176
x-amz-id-2: HJGejIk6XDHKOLl5PBD+wzzSgzhFUooJXSCZi+9pQtCSU6le3jzl/uTx7rMFldSQzw8YkDH5SgI=
x-amz-request-id: X83JMJ3JH92MCM1R
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Thu, 01 Jul 2021 20:07:58 GMT
etag: "7c82fbc0862faa615c4ad28f8e7bcf02"
cache-control: public, max-age=31556926
cf-cache-status: HIT
age: 685922
expires: Wed, 11 Dec 2024 00:36:19 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 833fe5910fa3b4fd-OSL
X-Firefox-Spdy: h2
kit-pro.fontawesome.com/releases/v5.15.2/webfonts/pro-fa-brands-400-5.8.2.woff2
2.5 kB URL kit-pro.fontawesome.com/releases/v5.15.2/webfonts/pro-fa-brands-400-5.8.2.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 2472, version 331.-31327
- data
Hash 3aa36704dfa9434e1d02fd7a76b4705f
95a15bd834df2991b652c2a82f378776a1bc905a
88994b8503760a004c40a2db177a7a610c1fee9710639a506971afb8c8d02b07
GET /releases/v5.15.2/webfonts/pro-fa-brands-400-5.8.2.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.zohaibrock.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 11 Dec 2023 18:47:33 GMT
content-type: font/woff2
content-length: 2472
x-amz-id-2: 7uhHEgUEMQi3/ELJuSXyIIlxh5sEP/4fHgWj7s5VXEt6zk0q4viNtmnd5MTkLoiYUrhpCKjdvqE=
x-amz-request-id: 0AFEJFRJZE5QKGGA
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Thu, 01 Jul 2021 20:08:00 GMT
etag: "3aa36704dfa9434e1d02fd7a76b4705f"
cache-control: public, max-age=31556926
cf-cache-status: HIT
age: 685922
expires: Wed, 11 Dec 2024 00:36:19 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 833fe5911fb9b4fd-OSL
X-Firefox-Spdy: h2
kit-pro.fontawesome.com/releases/v5.15.2/webfonts/pro-fa-solid-900-5.0.0.woff2
20 kB URL kit-pro.fontawesome.com/releases/v5.15.2/webfonts/pro-fa-solid-900-5.0.0.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 20232, version 331.-31327
- data
Hash 03f4b434ddbcb9152d8690bb90fd2c00
5ede730feae9ab37c48233e5c83a25f079ecbbca
8eb67a3d1088e367e9b1429105c2df2ce1f042dbb819351e998dbb76717d0936
GET /releases/v5.15.2/webfonts/pro-fa-solid-900-5.0.0.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.zohaibrock.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 11 Dec 2023 18:47:33 GMT
content-type: font/woff2
content-length: 20232
x-amz-id-2: 4WYJFIBHcZB2GpIVkc6U6hz+qtrJozcIm7oR/gz7+Dz6WWpeDtp+FnihjMxZdNK9XBMeMp3Y1BKIySvkwsYq9w==
x-amz-request-id: 7CJN4A5TM3DJ6M9N
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Thu, 01 Jul 2021 20:08:08 GMT
etag: "03f4b434ddbcb9152d8690bb90fd2c00"
cache-control: public, max-age=31556926
cf-cache-status: HIT
age: 1596457
expires: Wed, 11 Dec 2024 00:36:19 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 833fe5912fc4b4fd-OSL
X-Firefox-Spdy: h2
kit-pro.fontawesome.com/releases/v5.15.2/webfonts/pro-fa-regular-400-5.0.11.woff2
4.0 kB URL kit-pro.fontawesome.com/releases/v5.15.2/webfonts/pro-fa-regular-400-5.0.11.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 3992, version 331.-31327
- data
Hash 9333c4284a3e0be6f4984ae03c154d94
8cb97dbe7034a69d7c91181eb261cccdbbcdb015
e9500b97f5e5e123d71fd14cdc9fa873cf4728371c8c248c981bedd6a8c25d19
GET /releases/v5.15.2/webfonts/pro-fa-regular-400-5.0.11.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.zohaibrock.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 11 Dec 2023 18:47:33 GMT
content-type: font/woff2
content-length: 3992
x-amz-id-2: /VjBa4NDeFq5KAqIXqeDbGd7BtKR1zQsFuPddEA4DAbfndNo63yakNZJQHfC0kFcLm0iqc954G4=
x-amz-request-id: C6ENHATA6ZAATME8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Thu, 01 Jul 2021 20:08:06 GMT
etag: "9333c4284a3e0be6f4984ae03c154d94"
cache-control: public, max-age=31556926
cf-cache-status: HIT
age: 685922
expires: Wed, 11 Dec 2024 00:36:19 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 833fe5912fcdb4fd-OSL
X-Firefox-Spdy: h2
kit-pro.fontawesome.com/releases/v5.15.2/webfonts/pro-fa-regular-400-5.12.1.woff2
1.3 kB URL kit-pro.fontawesome.com/releases/v5.15.2/webfonts/pro-fa-regular-400-5.12.1.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 1272, version 331.-31327
- data
Hash a8206670ecc1b0a53f746bd51d49d613
8fa606f8e3ccf94703138a8154a73e54ae714b97
9b56c5486fe8e76ed0c9546d6608ad2157a907aa50a6be45361b9ad6318f353f
GET /releases/v5.15.2/webfonts/pro-fa-regular-400-5.12.1.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.zohaibrock.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 11 Dec 2023 18:47:33 GMT
content-type: font/woff2
content-length: 1272
x-amz-id-2: c3/TDpV8IbyWEDXsuezLxKhSYkXQGrbg8yMWxTDrLibyDpQPiiTcS4SXkHxsMwM1CqMpSLQc9a4=
x-amz-request-id: KE7MYT043B8W9QN9
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Thu, 01 Jul 2021 20:08:07 GMT
etag: "a8206670ecc1b0a53f746bd51d49d613"
cache-control: public, max-age=31556926
cf-cache-status: HIT
age: 541106
expires: Wed, 11 Dec 2024 00:36:19 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 833fe5912fceb4fd-OSL
X-Firefox-Spdy: h2
penitentpeepinsulation.com/watch.561531739214.js?key=4e73aa94115fd83602d8c483acd0b269&kw=%5B%22how%22%2C%22to%22%2C%22fix%22%2C%22low%22%2C%22gpu%22%2C%22usage%22%2C%22and%22%2C%22high%22%2C%22cpu%22%2C%22usage%22%2C%22in%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22more%22%2C%22fps%22%2C%22fix%22%2C%22freezing%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FHow-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html&tz=0&dev=e&res=14.3095&uuid=b5349094-cb07-4702-a86a-9cbe1f115c93%3A3%3A1&shu=f4eb1039cae5ae0244c84675199b9b76ff3c99b8c402c3e9e3065acc57f54abae510e069e2bf9c66630b096f2a52d104d2c209b01f77a1fac1d6bdcbf1be4d49bb98b8a960607532c7d02817312f1f8b899d8e097ea846c782048d367c1a2b6a&pst=1702320512&rmtc=t
2.1 kB URL penitentpeepinsulation.com/watch.561531739214.js?key=4e73aa94115fd83602d8c483acd0b269&kw=%5B%22how%22%2C%22to%22%2C%22fix%22%2C%22low%22%2C%22gpu%22%2C%22usage%22%2C%22and%22%2C%22high%22%2C%22cpu%22%2C%22usage%22%2C%22in%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22more%22%2C%22fps%22%2C%22fix%22%2C%22freezing%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FHow-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html&tz=0&dev=e&res=14.3095&uuid=b5349094-cb07-4702-a86a-9cbe1f115c93%3A3%3A1&shu=f4eb1039cae5ae0244c84675199b9b76ff3c99b8c402c3e9e3065acc57f54abae510e069e2bf9c66630b096f2a52d104d2c209b01f77a1fac1d6bdcbf1be4d49bb98b8a960607532c7d02817312f1f8b899d8e097ea846c782048d367c1a2b6a&pst=1702320512&rmtc=t
IP
File type HTML document, ASCII text, with very long lines (2575)
Hash f63ea51c2e4645bccde46d30691b4340
0645456f78f32eb32d88aa2296415abfad04e6cc
b9ba62cd2972c6f2fb837a47be7b6db9f06bf1eb8bd250ebbe06231f602b4994
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.561531739214.js?key=4e73aa94115fd83602d8c483acd0b269&kw=%5B%22how%22%2C%22to%22%2C%22fix%22%2C%22low%22%2C%22gpu%22%2C%22usage%22%2C%22and%22%2C%22high%22%2C%22cpu%22%2C%22usage%22%2C%22in%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22more%22%2C%22fps%22%2C%22fix%22%2C%22freezing%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FHow-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html&tz=0&dev=e&res=14.3095&uuid=b5349094-cb07-4702-a86a-9cbe1f115c93%3A3%3A1&shu=f4eb1039cae5ae0244c84675199b9b76ff3c99b8c402c3e9e3065acc57f54abae510e069e2bf9c66630b096f2a52d104d2c209b01f77a1fac1d6bdcbf1be4d49bb98b8a960607532c7d02817312f1f8b899d8e097ea846c782048d367c1a2b6a&pst=1702320512&rmtc=t HTTP/1.1
Host: penitentpeepinsulation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.zohaibrock.xyz
Referer: https://www.zohaibrock.xyz/
DNT: 1
Connection: keep-alive
Cookie: u_pl=17433661; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzQzMzY2MSwiayI6IjRlNzNhYTk0MTE1ZmQ4MzYwMmQ4YzQ4M2FjZDBiMjY5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTExMjY3LCJwaWQiOjQ5NzQ5NSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJhN2VnbnplYTYiLCJjcGtzIjp7IjI4IjoiZDdkYzQ3ZjIyOWY2YzUwYTc3YzNjMmE3YTM5YzQ5ODMifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LnpvaGFpYnJvY2sueHl6LzIwMjMvMTIvSG93LVRvLUZJWC1Mb3ctR1BVLVVzYWdlLWFuZC1IaWdoLUNQVS1Vc2FnZS1pbi1Gb3J0bml0ZS1DaGFwdGVyLTUtU2Vhc29uLTEuaHRtbCIsImFyIjpbXX19.HxaxHoMz_X8CGneEtjfUx3vE3iu1rDu88F06zlpu-zE
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 11 Dec 2023 18:47:33 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.zohaibrock.xyz
Access-Control-Allow-Origin: https://www.zohaibrock.xyz
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=b5349094-cb07-4702-a86a-9cbe1f115c93:3:1; expires=Mon, 18 Dec 2023 18:47:33 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 12 Dec 2023 18:47:33 GMT; secure; SameSite=None
uncs=1; expires=Tue, 12 Dec 2023 18:47:33 GMT; secure; SameSite=None
pdhtkv5=true; expires=Tue, 12 Dec 2023 18:47:33 GMT; secure; SameSite=None
uncs5=1; expires=Tue, 12 Dec 2023 18:47:33 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e5eb4cb27e787d905236014ae2439ca6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
yt3.ggpht.com/I3LjtqiaUcIQG10qbKF41ijJw_LMXColJtE85tifHEAeQRs_QUjirG5PEL6ZlgpflTYfXIpQtw=s68-c-k-c0x00ffffff-no-rj
3.5 kB URL yt3.ggpht.com/I3LjtqiaUcIQG10qbKF41ijJw_LMXColJtE85tifHEAeQRs_QUjirG5PEL6ZlgpflTYfXIpQtw=s68-c-k-c0x00ffffff-no-rj
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3
- data
Hash 9f7107f9193ea2b7c42011cebabcf7a5
5096ccf3544ef742d99624f9703af31d2aaff49d
b77a538f29668efcb8ae3d004dd5e61c7f2a7f57d4b218c312e3ffb82d085800
GET /I3LjtqiaUcIQG10qbKF41ijJw_LMXColJtE85tifHEAeQRs_QUjirG5PEL6ZlgpflTYfXIpQtw=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
x-content-type-options: nosniff
server: fife
content-length: 3529
x-xss-protection: 0
date: Mon, 11 Dec 2023 18:27:47 GMT
expires: Tue, 12 Dec 2023 18:27:47 GMT
cache-control: public, max-age=86400, no-transform
age: 1186
etag: "v1"
content-type: image/jpeg
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
kit-pro.fontawesome.com/releases/v5.15.2/webfonts/pro-fa-light-300-5.10.1.woff2
11 kB URL kit-pro.fontawesome.com/releases/v5.15.2/webfonts/pro-fa-light-300-5.10.1.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 10932, version 331.-31327
- data
Hash 0e792ebd4aea73257b0c350b6fabaf72
c8550f3afbde0e725b4a8e9b09a0eaf8071df197
7e92a3a60aa10f3a82cdde710eba330f0932d1f40a3092a844f0f6d3e49c9d68
GET /releases/v5.15.2/webfonts/pro-fa-light-300-5.10.1.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.zohaibrock.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 11 Dec 2023 18:47:33 GMT
content-type: font/woff2
content-length: 10932
x-amz-id-2: XyfS6KEk6LBZzdV7PVO+lqsFYvphFW/WcaWH4ymsJumdKj4+xz0UmJ2dK3yOx5CAHJtRIpHX6b4=
x-amz-request-id: XKDKAAV4XVNC47CW
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Thu, 01 Jul 2021 20:08:04 GMT
etag: "0e792ebd4aea73257b0c350b6fabaf72"
cache-control: public, max-age=31556926
cf-cache-status: HIT
age: 1047291
expires: Wed, 11 Dec 2024 00:36:19 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 833fe591680bb4fd-OSL
X-Firefox-Spdy: h2
politicallyautograph.com/watch.866714508190.js?key=c23427b20a346ded2d6bc6fd35076f0d&kw=%5B%22how%22%2C%22to%22%2C%22fix%22%2C%22low%22%2C%22gpu%22%2C%22usage%22%2C%22and%22%2C%22high%22%2C%22cpu%22%2C%22usage%22%2C%22in%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22more%22%2C%22fps%22%2C%22fix%22%2C%22freezing%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FHow-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html&tz=0&dev=e&res=14.3095&uuid=b5349094-cb07-4702-a86a-9cbe1f115c93%3A3%3A1&shu=265bee760e86255ef237cf4e337a5d3684943ec6b2a659b618bd9d34c9f4baf20c892bdc89e609b9f22a5db0d2d1b92f4b545a91060061a8dd4b0febb449ac053a5babc75e93650b78a963546988b2af3b7b0c0bb7b0f6cfb75ef2c65474cf77&pst=1702320512&rmtc=t
2.0 kB URL politicallyautograph.com/watch.866714508190.js?key=c23427b20a346ded2d6bc6fd35076f0d&kw=%5B%22how%22%2C%22to%22%2C%22fix%22%2C%22low%22%2C%22gpu%22%2C%22usage%22%2C%22and%22%2C%22high%22%2C%22cpu%22%2C%22usage%22%2C%22in%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22more%22%2C%22fps%22%2C%22fix%22%2C%22freezing%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FHow-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html&tz=0&dev=e&res=14.3095&uuid=b5349094-cb07-4702-a86a-9cbe1f115c93%3A3%3A1&shu=265bee760e86255ef237cf4e337a5d3684943ec6b2a659b618bd9d34c9f4baf20c892bdc89e609b9f22a5db0d2d1b92f4b545a91060061a8dd4b0febb449ac053a5babc75e93650b78a963546988b2af3b7b0c0bb7b0f6cfb75ef2c65474cf77&pst=1702320512&rmtc=t
IP
File type HTML document, ASCII text, with very long lines (2456)
Hash 42c600d5257215382ea33c7fbabe5ae4
dca4282626be694841988159d1532e98be1cf714
11c8250a80fc8b7619d4a38e00d01990958ebad4ae3a62c7c30f569c0a4d2383
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.866714508190.js?key=c23427b20a346ded2d6bc6fd35076f0d&kw=%5B%22how%22%2C%22to%22%2C%22fix%22%2C%22low%22%2C%22gpu%22%2C%22usage%22%2C%22and%22%2C%22high%22%2C%22cpu%22%2C%22usage%22%2C%22in%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22more%22%2C%22fps%22%2C%22fix%22%2C%22freezing%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FHow-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html&tz=0&dev=e&res=14.3095&uuid=b5349094-cb07-4702-a86a-9cbe1f115c93%3A3%3A1&shu=265bee760e86255ef237cf4e337a5d3684943ec6b2a659b618bd9d34c9f4baf20c892bdc89e609b9f22a5db0d2d1b92f4b545a91060061a8dd4b0febb449ac053a5babc75e93650b78a963546988b2af3b7b0c0bb7b0f6cfb75ef2c65474cf77&pst=1702320512&rmtc=t HTTP/1.1
Host: politicallyautograph.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.zohaibrock.xyz
Referer: https://www.zohaibrock.xyz/
DNT: 1
Connection: keep-alive
Cookie: u_pl=17433669; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzQzMzY2OSwiayI6ImMyMzQyN2IyMGEzNDZkZWQyZDZiYzZmZDM1MDc2ZjBkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTExMjY3LCJwaWQiOjQ5NzQ5NSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyNywicHQiOjQsInBrIjoibnBqZjIyamtwcSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy56b2hhaWJyb2NrLnh5ei8yMDIzLzEyL0hvdy1Uby1GSVgtTG93LUdQVS1Vc2FnZS1hbmQtSGlnaC1DUFUtVXNhZ2UtaW4tRm9ydG5pdGUtQ2hhcHRlci01LVNlYXNvbi0xLmh0bWwiLCJhciI6W119fQ.jqabwc7AighMbH3MMUaWxsKuJWz_dQ6SoDsyaSF4Vq0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 11 Dec 2023 18:47:33 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.zohaibrock.xyz
Access-Control-Allow-Origin: https://www.zohaibrock.xyz
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=b5349094-cb07-4702-a86a-9cbe1f115c93:3:1; expires=Mon, 18 Dec 2023 18:47:33 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 12 Dec 2023 18:47:33 GMT; secure; SameSite=None
uncs=1; expires=Tue, 12 Dec 2023 18:47:33 GMT; secure; SameSite=None
pdhtkv27=true; expires=Tue, 12 Dec 2023 18:47:33 GMT; secure; SameSite=None
uncs27=1; expires=Tue, 12 Dec 2023 18:47:33 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ca8c1379825efe7ab9492319060985ad
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
unfinisheddolphin.com/watch.770836712438.js?key=26b16bcbe062b96020cea73b7d3a66c9&kw=%5B%22how%22%2C%22to%22%2C%22fix%22%2C%22low%22%2C%22gpu%22%2C%22usage%22%2C%22and%22%2C%22high%22%2C%22cpu%22%2C%22usage%22%2C%22in%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22more%22%2C%22fps%22%2C%22fix%22%2C%22freezing%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FHow-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html&tz=0&dev=e&res=14.3095&uuid=b5349094-cb07-4702-a86a-9cbe1f115c93%3A3%3A1&shu=cf55fec0d102e4a935b6928ffaa23673fc2a9a375d6abeb4e6566b83ac78feb42e74fbfce4aa0beacd4dfb1045a051592f6d46944ac4878ace770aaf6be539c2dc74249418dedcae0e8c43b5eaea9e1fe1d5ca8e2abb08da0f0b11559d01&pst=1702320513&rmtc=t
2.1 kB URL unfinisheddolphin.com/watch.770836712438.js?key=26b16bcbe062b96020cea73b7d3a66c9&kw=%5B%22how%22%2C%22to%22%2C%22fix%22%2C%22low%22%2C%22gpu%22%2C%22usage%22%2C%22and%22%2C%22high%22%2C%22cpu%22%2C%22usage%22%2C%22in%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22more%22%2C%22fps%22%2C%22fix%22%2C%22freezing%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FHow-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html&tz=0&dev=e&res=14.3095&uuid=b5349094-cb07-4702-a86a-9cbe1f115c93%3A3%3A1&shu=cf55fec0d102e4a935b6928ffaa23673fc2a9a375d6abeb4e6566b83ac78feb42e74fbfce4aa0beacd4dfb1045a051592f6d46944ac4878ace770aaf6be539c2dc74249418dedcae0e8c43b5eaea9e1fe1d5ca8e2abb08da0f0b11559d01&pst=1702320513&rmtc=t
IP
File type HTML document, ASCII text, with very long lines (2563)
Hash 349d57cb052d970a2bc8d354b03bb0ca
d43ace6443dec987203dc8b4576cdf35d855bba0
572b9e5b1bb6df4898950fede286afa4fb5a6240ed5633e78042bea67a93df9e
GET /watch.770836712438.js?key=26b16bcbe062b96020cea73b7d3a66c9&kw=%5B%22how%22%2C%22to%22%2C%22fix%22%2C%22low%22%2C%22gpu%22%2C%22usage%22%2C%22and%22%2C%22high%22%2C%22cpu%22%2C%22usage%22%2C%22in%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22more%22%2C%22fps%22%2C%22fix%22%2C%22freezing%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FHow-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html&tz=0&dev=e&res=14.3095&uuid=b5349094-cb07-4702-a86a-9cbe1f115c93%3A3%3A1&shu=cf55fec0d102e4a935b6928ffaa23673fc2a9a375d6abeb4e6566b83ac78feb42e74fbfce4aa0beacd4dfb1045a051592f6d46944ac4878ace770aaf6be539c2dc74249418dedcae0e8c43b5eaea9e1fe1d5ca8e2abb08da0f0b11559d01&pst=1702320513&rmtc=t HTTP/1.1
Host: unfinisheddolphin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.zohaibrock.xyz
Referer: https://www.zohaibrock.xyz/
DNT: 1
Connection: keep-alive
Cookie: u_pl=17433668; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzQzMzY2OCwiayI6IjI2YjE2YmNiZTA2MmI5NjAyMGNlYTczYjdkM2E2NmM5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTExMjY3LCJwaWQiOjQ5NzQ5NSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyNiwicHQiOjQsInBrIjoia242a3pmeW4iLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cuem9oYWlicm9jay54eXovMjAyMy8xMi9Ib3ctVG8tRklYLUxvdy1HUFUtVXNhZ2UtYW5kLUhpZ2gtQ1BVLVVzYWdlLWluLUZvcnRuaXRlLUNoYXB0ZXItNS1TZWFzb24tMS5odG1sIiwiYXIiOltdfX0.DdYGkHlnlYnv8QVTtNnWx_MbasNdGDgU_Dzh8zOr8BY
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 11 Dec 2023 18:47:33 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.zohaibrock.xyz
Access-Control-Allow-Origin: https://www.zohaibrock.xyz
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=b5349094-cb07-4702-a86a-9cbe1f115c93:3:1; expires=Mon, 18 Dec 2023 18:47:33 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 12 Dec 2023 18:47:33 GMT; secure; SameSite=None
uncs=1; expires=Tue, 12 Dec 2023 18:47:33 GMT; secure; SameSite=None
pdhtkv26=true; expires=Tue, 12 Dec 2023 18:47:33 GMT; secure; SameSite=None
uncs26=1; expires=Tue, 12 Dec 2023 18:47:33 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 23152a0644af7a99632d04be286765ee
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
midwiferider.com/pixel/purst?dl=0&th=0&sc=0&rs=2645&rd=2645&fd=705&bv=23.12.v.1&tmpl=70
0 B URL midwiferider.com/pixel/purst?dl=0&th=0&sc=0&rs=2645&rd=2645&fd=705&bv=23.12.v.1&tmpl=70
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=2645&rd=2645&fd=705&bv=23.12.v.1&tmpl=70 HTTP/1.1
Host: midwiferider.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 11 Dec 2023 18:47:33 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
0 B URL jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Mon, 11 Dec 2023 18:47:33 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sketchystairwell.com/pixel/purst?dl=0&th=0&sc=0&rs=2645&rd=2645&fd=705&bv=23.12.v.5&tmpl=70
0 B URL sketchystairwell.com/pixel/purst?dl=0&th=0&sc=0&rs=2645&rd=2645&fd=705&bv=23.12.v.5&tmpl=70
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=2645&rd=2645&fd=705&bv=23.12.v.5&tmpl=70 HTTP/1.1
Host: sketchystairwell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 11 Dec 2023 18:47:33 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
110 B URL jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
File type JSON data
- , ASCII text, with no line terminators
Hash 3fcb0cf2fb574e76d45dfb992120d98b
56455017e9dd9bff3a83bcb374810c4339c86e8a
39514b5af6734b5e028aa7941c27f7f7cf32da1c4ca0427a2425ea03900381a0
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 890
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 11 Dec 2023 18:47:33 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/styles__ltr.css
25 kB URL www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/styles__ltr.css
IP
File type ASCII text, with very long lines (56398), with no line terminators
Hash eb4bc511f79f7a1573b45f5775b3a99b
d910fb51ad7316aa54f055079374574698e74b35
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
GET /recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24606
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 09 Dec 2023 15:46:53 GMT
expires: Sun, 08 Dec 2024 15:46:53 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 04 Dec 2023 17:08:31 GMT
content-type: text/css
vary: Accept-Encoding
age: 183640
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__en.js
205 kB URL www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__en.js
IP
File type ASCII text, with very long lines (568)
Size 205 kB (204921 bytes)
Hash af51eb6ced1afe3f0f11ee679198808c
02b9d6a7a54f930807a01ae3cdcf462862925b40
6788908efcff931e3c0c4fb54a255932414a22e81971dcc1427c8a4f459a1fbf
GET /recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 204921
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 09 Dec 2023 21:16:49 GMT
expires: Sun, 08 Dec 2024 21:16:49 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 04 Dec 2023 17:08:31 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 163844
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.youtube.com/generate_204?4n31SQ
0 B URL www.youtube.com/generate_204?4n31SQ
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /generate_204?4n31SQ HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/9WyMFNzTsYQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-length: 0
cross-origin-resource-policy: cross-origin
date: Mon, 11 Dec 2023 18:47:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
5.2 kB URL www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
IP
File type ASCII text, with very long lines (39210), with no line terminators
Hash 27710ebd53987083f2fd2f37a5590440
616b3862fab2ad15ddb2ec56255d8810a879b21a
9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438
GET /s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UC-TNYzu6zPdBf7jHe4sElNQ&layout=full&count=default&origin=https%3A%2F%2Fwww.zohaibrock.xyz&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.coKrc9A11Ng.O%2Fd%3D1%2Frs%3DAHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw%2Fm%3D__features__
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 5155
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:40:34 GMT
expires: Fri, 06 Dec 2024 15:40:34 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
content-type: text/css
vary: Accept-Encoding
age: 356819
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js
74 kB URL www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js
IP
Hash 327ffcc050307627c7de1c5573e54913
961deba0aa58564d08c2457438d9375770fe61de
35196923692f06f97491caf22422cce4b612d5ef07c51842ca94a088b15456e2
GET /s/subscriptions/subscribe_embed/js/www-subscribe-embed_v0.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UC-TNYzu6zPdBf7jHe4sElNQ&layout=full&count=default&origin=https%3A%2F%2Fwww.zohaibrock.xyz&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.coKrc9A11Ng.O%2Fd%3D1%2Frs%3DAHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw%2Fm%3D__features__
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 73785
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:48:20 GMT
expires: Fri, 06 Dec 2024 15:48:20 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 15 Sep 2020 21:45:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 356353
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_0?le=scs
48 kB URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_0?le=scs
IP
File type ASCII text, with very long lines (1505)
Hash 34d9c907cdcf8bda80669f9eccf5b78a
9ecf99f6bd8ce453f4b9443f263336ea817ac50f
3ab90cdb50289ed7c932b7c6e152b7ec42d89f9a2aab58fdba9de21058bb24a7
GET /_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 48113
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:42:31 GMT
expires: Fri, 06 Dec 2024 15:42:31 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 08 Nov 2023 22:37:21 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 356702
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_1?le=scs
42 kB URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_1?le=scs
IP
File type ASCII text, with very long lines (1586)
Hash b05462fd96ea3e34c1ba661f03392bdf
b54f8ddefbf85ac52a6c61605c8f3a83263f2605
69ff5c5523e0e7b85c272be54742b2144234c0c8f35bb2da41d762729299916e
GET /_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=auth/exm=ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_1?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 41559
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:44:32 GMT
expires: Fri, 06 Dec 2024 15:44:32 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 08 Nov 2023 22:37:21 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 356581
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
distancemedicalchristian.com/watch.1401167741968.js?key=5aebc1653aeb74dd43913443e8975c6e&kw=%5B%22how%22%2C%22to%22%2C%22fix%22%2C%22low%22%2C%22gpu%22%2C%22usage%22%2C%22and%22%2C%22high%22%2C%22cpu%22%2C%22usage%22%2C%22in%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22more%22%2C%22fps%22%2C%22fix%22%2C%22freezing%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FHow-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html&tz=0&dev=e&res=14.3095&uuid=b5349094-cb07-4702-a86a-9cbe1f115c93%3A3%3A1&shu=a124014a0b424d4b4b333d72f8e4bfefbdf11fb6d083285bd13a03006c34c58952dabaa5ec859d46a57b5703774184a4fd12bf3453419bd25f2de43ce5d57ee14663f478eec299b4c347dbc99ebdf8fe7bc0fe2e4f1103b6807863f4ffdfbc14&pst=1702320513&rmtc=t
2.1 kB URL distancemedicalchristian.com/watch.1401167741968.js?key=5aebc1653aeb74dd43913443e8975c6e&kw=%5B%22how%22%2C%22to%22%2C%22fix%22%2C%22low%22%2C%22gpu%22%2C%22usage%22%2C%22and%22%2C%22high%22%2C%22cpu%22%2C%22usage%22%2C%22in%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22more%22%2C%22fps%22%2C%22fix%22%2C%22freezing%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FHow-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html&tz=0&dev=e&res=14.3095&uuid=b5349094-cb07-4702-a86a-9cbe1f115c93%3A3%3A1&shu=a124014a0b424d4b4b333d72f8e4bfefbdf11fb6d083285bd13a03006c34c58952dabaa5ec859d46a57b5703774184a4fd12bf3453419bd25f2de43ce5d57ee14663f478eec299b4c347dbc99ebdf8fe7bc0fe2e4f1103b6807863f4ffdfbc14&pst=1702320513&rmtc=t
IP
File type HTML document, ASCII text, with very long lines (2593)
Hash 97105dc7aff7cb998b4c93a6b63757d0
476ae163ea53195a19c2baaca1fafc8cf5ee19bd
6c919e3351fce51b07b0ae66097c048cb89a9f3a02985a508d90894a707ef629
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.1401167741968.js?key=5aebc1653aeb74dd43913443e8975c6e&kw=%5B%22how%22%2C%22to%22%2C%22fix%22%2C%22low%22%2C%22gpu%22%2C%22usage%22%2C%22and%22%2C%22high%22%2C%22cpu%22%2C%22usage%22%2C%22in%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22more%22%2C%22fps%22%2C%22fix%22%2C%22freezing%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FHow-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html&tz=0&dev=e&res=14.3095&uuid=b5349094-cb07-4702-a86a-9cbe1f115c93%3A3%3A1&shu=a124014a0b424d4b4b333d72f8e4bfefbdf11fb6d083285bd13a03006c34c58952dabaa5ec859d46a57b5703774184a4fd12bf3453419bd25f2de43ce5d57ee14663f478eec299b4c347dbc99ebdf8fe7bc0fe2e4f1103b6807863f4ffdfbc14&pst=1702320513&rmtc=t HTTP/1.1
Host: distancemedicalchristian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.zohaibrock.xyz
Referer: https://www.zohaibrock.xyz/
DNT: 1
Connection: keep-alive
Cookie: u_pl=17433663; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzQzMzY2MywiayI6IjVhZWJjMTY1M2FlYjc0ZGQ0MzkxMzQ0M2U4OTc1YzZlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTExMjY3LCJwaWQiOjQ5NzQ5NSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyNSwicHQiOjQsInBrIjoiZHdqNGk2MDgiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cuem9oYWlicm9jay54eXovMjAyMy8xMi9Ib3ctVG8tRklYLUxvdy1HUFUtVXNhZ2UtYW5kLUhpZ2gtQ1BVLVVzYWdlLWluLUZvcnRuaXRlLUNoYXB0ZXItNS1TZWFzb24tMS5odG1sIiwiYXIiOltdfX0.lmOklKj-BCRJOy9Rp18e1TCjNmFUibdZitd-3U6Pq4w
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 11 Dec 2023 18:47:33 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.zohaibrock.xyz
Access-Control-Allow-Origin: https://www.zohaibrock.xyz
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=b5349094-cb07-4702-a86a-9cbe1f115c93:3:1; expires=Mon, 18 Dec 2023 18:47:33 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 12 Dec 2023 18:47:33 GMT; secure; SameSite=None
uncs=1; expires=Tue, 12 Dec 2023 18:47:33 GMT; secure; SameSite=None
pdhtkv25=true; expires=Tue, 12 Dec 2023 18:47:33 GMT; secure; SameSite=None
uncs25=1; expires=Tue, 12 Dec 2023 18:47:33 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b6261725507dbb310a23c55d1833e464
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.blogger.com/dyn-css/authorization.css?targetBlogID=7241427367126224252&zx=ba0df8b3-82dd-4318-8200-88b0765f4715
21 B URL www.blogger.com/dyn-css/authorization.css?targetBlogID=7241427367126224252&zx=ba0df8b3-82dd-4318-8200-88b0765f4715
IP
File type very short file (no magic)
Hash 68b329da9893e34099c7d8ad5cb9c940
adc83b19e793491b1c6ea0fd8b46cd9f32e592fc
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
GET /dyn-css/authorization.css?targetBlogID=7241427367126224252&zx=ba0df8b3-82dd-4318-8200-88b0765f4715 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 11 Dec 2023 18:47:33 GMT
last-modified: Mon, 11 Dec 2023 18:47:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_0
46 kB URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_0
IP
File type ASCII text, with very long lines (1505)
Hash a5139ae5276fac825f580dd8b48d0f72
2820e165c330673129cebdc8e7cf806e1620c0a0
2170ad362c9ba9f7ff9b642d2a9d72a263fff1cd47de3664c55d6a7462c4cbc3
GET /_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_0 HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 45499
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 16:17:30 GMT
expires: Fri, 06 Dec 2024 16:17:30 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 08 Nov 2023 22:37:21 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 354604
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.youtube.com/s/subscriptions/subscribe_embed/img/subscribe_button_branded_lozenge.png
156 B URL www.youtube.com/s/subscriptions/subscribe_embed/img/subscribe_button_branded_lozenge.png
IP
File type PNG image data, 16 x 12, 8-bit/color RGBA, non-interlaced
- data
Hash 3a8e642ad57b76e2890447ad02feea76
e8b7156d51855db513ecf3ccceff4955acb4b3af
cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712
GET /s/subscriptions/subscribe_embed/img/subscribe_button_branded_lozenge.png HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 156
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:50:35 GMT
expires: Fri, 06 Dec 2024 15:50:35 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 18 Sep 2020 20:15:00 GMT
content-type: image/png
age: 356219
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
yt3.ggpht.com/I3LjtqiaUcIQG10qbKF41ijJw_LMXColJtE85tifHEAeQRs_QUjirG5PEL6ZlgpflTYfXIpQtw=s48-c-k-c0x00ffffff-no-rj
2.1 kB URL yt3.ggpht.com/I3LjtqiaUcIQG10qbKF41ijJw_LMXColJtE85tifHEAeQRs_QUjirG5PEL6ZlgpflTYfXIpQtw=s48-c-k-c0x00ffffff-no-rj
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3
- data
Hash 32317056249ad00f668929829d5f386a
4714c7e229dbac27a7becda55be54556df457054
bfab5b8362ef0a8f406065cc0f0ea4338156f32583e5f7a9fb8cfbceccccfc13
GET /I3LjtqiaUcIQG10qbKF41ijJw_LMXColJtE85tifHEAeQRs_QUjirG5PEL6ZlgpflTYfXIpQtw=s48-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
x-content-type-options: nosniff
server: fife
content-length: 2096
x-xss-protection: 0
date: Mon, 11 Dec 2023 16:29:11 GMT
expires: Tue, 12 Dec 2023 16:29:11 GMT
cache-control: public, max-age=86400, no-transform
age: 8303
etag: "v1"
content-type: image/jpeg
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.zohaibrock.xyz/favicon.ico
733 B URL www.zohaibrock.xyz/favicon.ico
IP
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
- data
Hash 45ac8c7fffabb1a1b5df581eefe36096
f2921056c085c76646917a2320986344a1007a59
f0fd37cf031a49d2aba451ebe9220864c62e00ec520819bc17e3c86514a6e69f
GET /favicon.ico HTTP/1.1
Host: www.zohaibrock.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/2023/12/How-To-FIX-Low-GPU-Usage-and-High-CPU-Usage-in-Fortnite-Chapter-5-Season-1.html
Cookie: _ga_3GHVHYR6VY=GS1.1.1702320451.1.0.1702320451.0.0.0; _ga=GA1.1.2146003360.1702320451; dom3ic8zudi28v8lr6fgphwffqoz0j6c=b5349094-cb07-4702-a86a-9cbe1f115c93%3A3%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/x-icon; charset=UTF-8
expires: Mon, 11 Dec 2023 18:47:34 GMT
date: Mon, 11 Dec 2023 18:47:34 GMT
cache-control: private, max-age=86400
last-modified: Mon, 11 Dec 2023 18:18:43 GMT
etag: W/"ae5850d1b1d5e5cbcc067a7cb691141b7af8d41ab2df8f2bc2c689ef3a27a7ad"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 733
server: GSE
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
42 kB URL friendshipmale.com/sfp.js
IP
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 924e967bca1d599992556a8d139b1c5a
222b09dbf164ddc03d39100fd0524a22018d28b2
ac84c2f8288b59f8e04ba77287ce696052bfeee0d462a566d94dc305df646c95
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 11 Dec 2023 18:47:33 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 0ffb073154652c6d34511bfe9c9f5563
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Mon, 11 Dec 2023 18:47:33 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M0Kjjnxi7PJtJ9RANF6ZXNu1MBx87k1O%2BlLnT5EmBhakuq2qM2i%2BLzh9LOgGjazQ2eRPVGv4hwpjUPrihufd%2Fyf5DZyV9221WD3H0OL6fehLxjq77x40wqxotOGo2n%2FZrSaY9tI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 833fe590c9772502-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
16 kB URL fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0
- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:43:10 GMT
expires: Fri, 06 Dec 2024 15:43:10 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 356664
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
31 B URL www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
IP
Hash 5e1fa6fd9abd549a576f3f24b1d3c8d4
d5335d7f7d33be6a0b663f03b2df4df2521c4a87
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Request-Time: 1702320454265
Content-Type: application/json
X-Goog-Visitor-Id: CgtkMkQ1a1pCMmwycyjDst2rBjIICgJOTxICEgA%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20231205.01.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1702320452536&flash=0&frm=2&u_tz&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C480%2C368&vis=1&wgl=true&ca_type=image
Content-Length: 16352
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/9WyMFNzTsYQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Mon, 11 Dec 2023 18:47:34 GMT
server: scaffolding on HTTPServer2
content-length: 31
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+233; expires=Wed, 10-Dec-2025 18:47:34 GMT; path=/; domain=.youtube.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 11 Dec 2023 18:47:34 GMT
cache-control: private
www.google.com/js/bg/lEEM4ZLDLFuvATVvcnxglI8CLvLrSc6BLt7Ue_ua1SM.js
6.8 kB URL www.google.com/js/bg/lEEM4ZLDLFuvATVvcnxglI8CLvLrSc6BLt7Ue_ua1SM.js
IP
File type ASCII text, with very long lines (17029), with no line terminators
Hash e2dcaf4318d1ca9ee630eb93804fa2a2
beaa685908e1b17cac2f3268025a349e64dbc44a
94410ce192c32c5baf01356f727c60948f022ef2eb49ce812eded47bfb9ad523
GET /js/bg/lEEM4ZLDLFuvATVvcnxglI8CLvLrSc6BLt7Ue_ua1SM.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=cwQvQhsy4_nYdnSDY4u7O5_B&size=invisible&cb=2qov465m2ewo
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 6830
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 08 Dec 2023 04:44:25 GMT
expires: Sat, 07 Dec 2024 04:44:25 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 309789
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/api2/logo_48.png
2.2 kB URL www.gstatic.com/recaptcha/api2/logo_48.png
IP
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced
- data
Hash ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 16:21:15 GMT
expires: Thu, 14 Dec 2023 16:21:15 GMT
cache-control: public, max-age=604800
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
age: 354379
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.cloudimagesb.com/bi/3f/d6/7a/3fd67ae520408b8d830d4fc3b8ed46dd/1671448189.jpg
67 kB URL cdn.cloudimagesb.com/bi/3f/d6/7a/3fd67ae520408b8d830d4fc3b8ed46dd/1671448189.jpg
IP
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2022:12:01 19:49:23], baseline, precision 8, 728x90, components 3
- data
Hash 05cb99eacfc7fa64c68b4f62f69463c2
5d889059d4f45b846194b42cf7455db60ec00af4
7e4a6719686575bb674070f3c66f87e090667117869723d5bc1624c725e07581
GET /bi/3f/d6/7a/3fd67ae520408b8d830d4fc3b8ed46dd/1671448189.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 11 Dec 2023 18:47:34 GMT
content-type: image/jpeg
content-length: 67302
server: nginx/1.21.6
last-modified: Mon, 19 Dec 2022 11:09:57 GMT
etag: "63a04685-106e6"
expires: Wed, 13 Dec 2023 18:47:34 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/bi/da/d7/17/dad7170d600a14e0aabe62cc658cc047/1670587910.jpg
17 kB URL cdn.cloudimagesb.com/bi/da/d7/17/dad7170d600a14e0aabe62cc658cc047/1670587910.jpg
IP
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 300x250, components 3
- data
Hash 91476b186d300056b6dacd5bdd435216
b28827b6818107f2c9f43207966cbec5e97fc151
85fae3180e8533782ea66d9f623b0ba62423201eb2ffb0167d1dfa545edef747
GET /bi/da/d7/17/dad7170d600a14e0aabe62cc658cc047/1670587910.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 11 Dec 2023 18:47:34 GMT
content-type: image/jpeg
content-length: 16917
server: nginx/1.21.6
last-modified: Fri, 09 Dec 2022 12:11:58 GMT
etag: "6393260e-4215"
expires: Wed, 13 Dec 2023 18:47:34 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__en.js
205 kB URL www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__en.js
IP
File type ASCII text, with very long lines (568)
Size 205 kB (204921 bytes)
Hash af51eb6ced1afe3f0f11ee679198808c
02b9d6a7a54f930807a01ae3cdcf462862925b40
6788908efcff931e3c0c4fb54a255932414a22e81971dcc1427c8a4f459a1fbf
GET /recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 204921
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 09 Dec 2023 21:16:49 GMT
expires: Sun, 08 Dec 2024 21:16:49 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 04 Dec 2023 17:08:31 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 163845
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.cloudimagesb.com/cti/f5/51/11/f55111e6670fcf4ab6741d5148b8f46e/1627917035.png
30 kB URL cdn.cloudimagesb.com/cti/f5/51/11/f55111e6670fcf4ab6741d5148b8f46e/1627917035.png
IP
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 468 x 60, 8-bit/color RGB, non-interlaced
- data
Hash 2f616bbffea93fdb5908173cc0df570d
c62417c0dc7503f1ca8852ceac347d0a074e5ff1
0aa6af37608faee30dfafd1221c7f96e2952cebb8dd52bd5401f79a5cf6b744f
GET /cti/f5/51/11/f55111e6670fcf4ab6741d5148b8f46e/1627917035.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 11 Dec 2023 18:47:34 GMT
content-type: image/png
content-length: 30301
server: nginx/1.21.6
last-modified: Mon, 02 Aug 2021 15:10:47 GMT
etag: "61080af7-765d"
expires: Wed, 13 Dec 2023 18:47:34 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/bi/62/9d/0b/629d0ba89919a644cecb76544853af93/1676970172.jpg
56 kB URL cdn.cloudimagesb.com/bi/62/9d/0b/629d0ba89919a644cecb76544853af93/1676970172.jpg
IP
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2023:02:16 18:11:39], baseline, precision 8, 160x300, components 3
- data
Hash c48334cab107970aac489c87bde2c26f
8f75e527fa208d607f81a6069619e977c0193728
76ddca27983ef1c1b1811edae16819ffb759d1fe95d4714c99433f3c23757ef4
GET /bi/62/9d/0b/629d0ba89919a644cecb76544853af93/1676970172.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 11 Dec 2023 18:47:34 GMT
content-type: image/jpeg
content-length: 55891
server: nginx/1.21.6
last-modified: Tue, 21 Feb 2023 09:03:00 GMT
etag: "63f488c4-da53"
expires: Wed, 13 Dec 2023 18:47:34 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/webworker.js?hl=en&v=cwQvQhsy4_nYdnSDY4u7O5_B
71 kB URL www.google.com/recaptcha/api2/webworker.js?hl=en&v=cwQvQhsy4_nYdnSDY4u7O5_B
IP
File type gzip compressed data
- data
Hash 70c277fa7e0a365a97b9cdbdac386e4e
0d1c3af77ef4ab8c12ed0e014fea8e03dfff1177
f3ff069003e8d220c6bbffc0f212bdbb6404b6a768aa1d52d83c2ab3dd9c9cf4
GET /recaptcha/api2/webworker.js?hl=en&v=cwQvQhsy4_nYdnSDY4u7O5_B HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=cwQvQhsy4_nYdnSDY4u7O5_B&size=invisible&cb=2qov465m2ewo
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 11 Dec 2023 18:47:34 GMT
date: Mon, 11 Dec 2023 18:47:34 GMT
cache-control: private, max-age=300
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_2?le=scs
9.3 kB URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_2?le=scs
IP
File type ASCII text, with very long lines (3295)
Hash 8461a85d0a185c32d8ed7d6a8954b20b
5282c6fba8a0f32edae32176f13b3652ca5c4181
ed376fed10d0ebe17935a8c5fc7364528fb95ef4e0e3cd8ad5d100b61e5916c6
GET /_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=gapi_iframes_style_bubble/exm=auth,ytsubscribe/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_2?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 9286
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 16:17:31 GMT
expires: Fri, 06 Dec 2024 16:17:31 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 08 Nov 2023 22:37:21 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 354603
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.uyg6a5my6is.es5.O/ck=boq-blogger.BloggerCommentUi.QTL7-Q5DAm4.L.F4.O/am=AAZSAw/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,RqjULd,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,bm51tf,byfTOb,duFQFc,e5qFLc,eD1YLc,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP3_vTUGLW3IEaIn6QeM3xMX51OcSA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:duFQFc/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
1.7 kB URL www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.uyg6a5my6is.es5.O/ck=boq-blogger.BloggerCommentUi.QTL7-Q5DAm4.L.F4.O/am=AAZSAw/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,RqjULd,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,bm51tf,byfTOb,duFQFc,e5qFLc,eD1YLc,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP3_vTUGLW3IEaIn6QeM3xMX51OcSA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:duFQFc/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
IP
File type ASCII text, with very long lines (732)
Hash 5abc61a898e278f22054ea72e9fc6993
afd4f767572b6d59b8bb1f4023f6ceaf9b8f3adf
90c8877b2deed535321181862f62793a2490b4bcfbdc6c2397f1e9d1d499f933
GET /_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.uyg6a5my6is.es5.O/ck=boq-blogger.BloggerCommentUi.QTL7-Q5DAm4.L.F4.O/am=AAZSAw/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,RqjULd,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,bm51tf,byfTOb,duFQFc,e5qFLc,eD1YLc,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP3_vTUGLW3IEaIn6QeM3xMX51OcSA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:duFQFc/m=Wt6vjf,hhhU8,FCpbqb,WhJNk HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-length: 1654
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 11 Dec 2023 03:37:34 GMT
expires: Tue, 10 Dec 2024 03:37:34 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Sat, 09 Dec 2023 01:11:14 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 54600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
apis.google.com/js/rpc:shindig_random.js?onload=init
7.1 kB URL apis.google.com/js/rpc:shindig_random.js?onload=init
IP
File type ASCII text, with very long lines (2056)
Hash 84a5ff7df274c2aa0f5db3d0db8deb60
fe9d4e60961ea15195134fa043256585a3956984
0d3c50c1af81534edee9a430edb5d09c6068348173496657982a4546ff2ee231
GET /js/rpc:shindig_random.js?onload=init HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://accounts.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-length: 7121
date: Mon, 11 Dec 2023 18:47:34 GMT
expires: Mon, 11 Dec 2023 18:47:34 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "14543ead6f363f55"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
set-cookie: NID=511=Iks_C1e0yk7YictguYNh_KNToZNG3--_lWN6M0wkZAfyXEc1vSplbDkW-aaba-wANTEhuPcGqT9sGGJuQ3PUDEPYF6bkxFipVDEYgmKfQCgJTVdFRwROoO8EV3vm-Sg8XdSyiUN8xqS29lTVw1RmczwnTQNbB5RYOxFFVVM3rgk; expires=Tue, 11-Jun-2024 18:47:34 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.youtube.com/subscribe_embed?usegapi=1&channelid=UC-TNYzu6zPdBf7jHe4sElNQ&layout=full&count=default&origin=https%3A%2F%2Fwww.zohaibrock.xyz&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.coKrc9A11Ng.O%2Fd%3D1%2Frs%3DAHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw%2Fm%3D__features__
6.3 kB URL www.youtube.com/subscribe_embed?usegapi=1&channelid=UC-TNYzu6zPdBf7jHe4sElNQ&layout=full&count=default&origin=https%3A%2F%2Fwww.zohaibrock.xyz&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.coKrc9A11Ng.O%2Fd%3D1%2Frs%3DAHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw%2Fm%3D__features__
IP
File type HTML document text
- HTML document text
- HTML document text
- HTML document text
- HTML document, ASCII text, with very long lines (2797), with no line terminators
Hash c9887e4dbddf04c69d5c5b5535b6cd2c
546c87cce8c470aade2e5afb1ae75a1852ffab69
5c54c8e98cc44f3aba10938bac0edd7abb5cf281332f680b733f2cc6b1e90d9f
GET /subscribe_embed?usegapi=1&channelid=UC-TNYzu6zPdBf7jHe4sElNQ&layout=full&count=default&origin=https%3A%2F%2Fwww.zohaibrock.xyz&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.coKrc9A11Ng.O%2Fd%3D1%2Frs%3DAHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw%2Fm%3D__features__ HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 11 Dec 2023 18:47:33 GMT
strict-transport-security: max-age=31536000
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=Ekvox9we8LA; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=; Domain=.youtube.com; Expires=Tue, 16-Mar-2021 18:47:33 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+914; expires=Wed, 10-Dec-2025 18:47:33 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed-card_v0.css
2.4 kB URL www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed-card_v0.css
IP
File type ASCII text, with very long lines (9040)
Hash f7e862cac384bd7627c63818f65dd298
aa494f36d6230cf418ba10649675a8b55d23fc27
fff7b5b76321e4080e4cf8a5b312d74a943b7ebc2aec9081ac7e17458123fcb2
GET /s/subscriptions/subscribe_embed/css/www-subscribe-embed-card_v0.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UC-TNYzu6zPdBf7jHe4sElNQ&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.coKrc9A11Ng.O%2Fd%3D1%2Frs%3DAHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw%2Fm%3D__features__
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 2447
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:40:34 GMT
expires: Fri, 06 Dec 2024 15:40:34 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 25 Nov 2020 01:15:00 GMT
content-type: text/css
vary: Accept-Encoding
age: 356820
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js
45 kB URL www.youtube.com/s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js
IP
Hash f9ba6497187042f135ea78004e9bef97
94d17b10ace330e3dab9c3ae9e8728865499aeed
1485460341dd7acce60bbff4b235101869025328e39f205fea7c0ea0f4b23ac6
GET /s/subscriptions/subscribe_embed/js/www-subscribe-embed-card_v0.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/subscribe_embed?action_card=1&channelid=UC-TNYzu6zPdBf7jHe4sElNQ&usegapi=1&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.coKrc9A11Ng.O%2Fd%3D1%2Frs%3DAHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw%2Fm%3D__features__
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 44975
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:59:31 GMT
expires: Fri, 06 Dec 2024 15:59:31 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 15 Sep 2020 21:45:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 355683
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/border_3.gif
43 B URL ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/border_3.gif
IP
File type GIF image data, version 89a, 1 x 1
- data
Hash f6815f3311f2ad7bacb9c9156b5151bb
4042dfd5b2a00af6857acf15e63dc0672592e7d6
c8de81a1acb5f3788959ecc04eaa6526d5bdb29991157cecbef71042268c0374
GET /s2/oz/images/stars/po/bubblev1/border_3.gif HTTP/1.1
Host: ssl.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 43
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:46:03 GMT
expires: Fri, 06 Dec 2024 15:46:03 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
content-type: image/gif
age: 356491
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleSprite_3.png
318 B URL ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleSprite_3.png
IP
File type PNG image data, 39 x 33, 8-bit colormap, non-interlaced
- data
Hash 117295a03bf8194590ad92d6f044b4a6
6f6ef687b76a7579d8fb17f1e9a39005f76a753b
232334d177f358c07f8271994e6fc0c018abfce7c8910deb604de1440d741c45
GET /s2/oz/images/stars/po/bubblev1/bubbleSprite_3.png HTTP/1.1
Host: ssl.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 318
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:41:32 GMT
expires: Fri, 06 Dec 2024 15:41:32 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 03 Oct 2019 10:15:00 GMT
content-type: image/png
age: 356762
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/spacer.gif
43 B URL ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/spacer.gif
IP
File type GIF image data, version 89a, 1 x 1
- data
Hash d44ebb7184c776b663f036174faa361a
53a278eedce146c3a979d190af4affaec3d7cfeb
ed1b73c6b4690cde9b521865b58e031293209bc0b2ba2b5716ecf4bf9885ee4b
GET /s2/oz/images/stars/po/bubblev1/spacer.gif HTTP/1.1
Host: ssl.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 43
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 16:01:45 GMT
expires: Fri, 06 Dec 2024 16:01:45 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
content-type: image/gif
age: 355549
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropB_3.png
117 B URL ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropB_3.png
IP
File type PNG image data, 1 x 5, 4-bit colormap, non-interlaced
- data
Hash 91f7f433b47f76d152ac4dc8cbb8324e
ffce61c56ddbfaf6c2d02d3bb2dcda9b49bee460
984601230d8cbfe18370425e8e897037cc1a7adf831a691a9ede573cf44479d4
GET /s2/oz/images/stars/po/bubblev1/bubbleDropB_3.png HTTP/1.1
Host: ssl.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 117
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:47:56 GMT
expires: Fri, 06 Dec 2024 15:47:56 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
content-type: image/png
age: 356378
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropR_3.png
116 B URL ssl.gstatic.com/s2/oz/images/stars/po/bubblev1/bubbleDropR_3.png
IP
File type PNG image data, 5 x 1, 4-bit colormap, non-interlaced
- data
Hash ab32284ad12b62cfe18e6fc3004dbd91
95c739ea1fff8024b0728b882698f83289c9a429
6c7884164b248cb8d87de9edf64dc810e5753bb8ec0cd015800d7f39e08371c1
GET /s2/oz/images/stars/po/bubblev1/bubbleDropR_3.png HTTP/1.1
Host: ssl.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 116
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:45:04 GMT
expires: Fri, 06 Dec 2024 15:45:04 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
content-type: image/png
age: 356550
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_0
46 kB URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_0
IP
File type ASCII text, with very long lines (1505)
Hash a5139ae5276fac825f580dd8b48d0f72
2820e165c330673129cebdc8e7cf806e1620c0a0
2170ad362c9ba9f7ff9b642d2a9d72a263fff1cd47de3664c55d6a7462c4cbc3
GET /_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_0 HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 45499
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 16:17:30 GMT
expires: Fri, 06 Dec 2024 16:17:30 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 08 Nov 2023 22:37:21 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 354604
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_0?le=scs
23 kB URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_0?le=scs
IP
File type ASCII text, with very long lines (1505)
Hash 009832d077d8fc42d725066c2b774fd6
0994f8575917c4eeb66f6bdb0a65609aa8902cac
b1e012aaab4e65462b456ff6a07a6512c7b11d1682d228531d66b132dcf3d364
GET /_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_0?le=scs HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://accounts.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 23431
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 08 Dec 2023 21:18:35 GMT
expires: Sat, 07 Dec 2024 21:18:35 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 08 Nov 2023 22:37:21 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 250139
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
conqueredallrightswell.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17433661
1.4 kB URL conqueredallrightswell.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17433661
IP
File type HTML document text
- HTML document text
- HTML document, ASCII text, with very long lines (484)
Hash b4df654c333d0fb201578b48a86cc3e1
85dc655f3cb007c05ee7224d3bbf04598cfd2a87
eb77dbf8c88d68b327aa265999166804a18cd64b1fcf29505d2833aad431e849
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17433661 HTTP/1.1
Host: conqueredallrightswell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 11 Dec 2023 18:47:34 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16122660; expires=Tue, 12 Dec 2023 18:47:34 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTc0MzM2NjEiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cuem9oYWlicm9jay54eXovIiwiYXIiOltdfX0.Z0CJZdtpegwtWeujUW_z8cAUp6k0mRlQpOA32EHuGlo; expires=Mon, 11 Dec 2023 18:48:34 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 85d11d42b5959122525039522c281cf9
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
conqueredallrightswell.com/api/users?token=L2R5ZmMxazA5P2tleT04NjM3MDViY2JiNGI2YTU1NGRkYjM1OTY2NTM5NWE2ZiZwc2lkPTE3NDMzNjYxJnBzdD0xNzAyMzIwNTE0JnJlZmVyPWh0dHBzJTNBJTJGJTJGd3d3LnpvaGFpYnJvY2sueHl6JTJGJnJtdGM9dCZzaHU9OThlZTJlNzcyYmEzZWI2Yzg2NzhiOWE3YThmZjQ0YzJmZDRhOTk2NmMwMTY0NjA4N2NhYWMwMTk0OWNmMDJmYzcxOTE1MDYwZWZlYjk1MmU0MDkxZGU5NjgyOTFkZjVhZGJjOWYwYjc2MzcyNTk0YTdmZjY3YWIwYmY0MzBjOTdkZTYyNTI5NDgwYzVkNzA4YzNhMWNmZTRjYWZmZWVlYjE5YjVlYmMzNGNlNDFkZDgyMGIxYzcwNjU5MWY3Yg%3D%3D&uuid=&pii=&in=false
0 B URL conqueredallrightswell.com/api/users?token=L2R5ZmMxazA5P2tleT04NjM3MDViY2JiNGI2YTU1NGRkYjM1OTY2NTM5NWE2ZiZwc2lkPTE3NDMzNjYxJnBzdD0xNzAyMzIwNTE0JnJlZmVyPWh0dHBzJTNBJTJGJTJGd3d3LnpvaGFpYnJvY2sueHl6JTJGJnJtdGM9dCZzaHU9OThlZTJlNzcyYmEzZWI2Yzg2NzhiOWE3YThmZjQ0YzJmZDRhOTk2NmMwMTY0NjA4N2NhYWMwMTk0OWNmMDJmYzcxOTE1MDYwZWZlYjk1MmU0MDkxZGU5NjgyOTFkZjVhZGJjOWYwYjc2MzcyNTk0YTdmZjY3YWIwYmY0MzBjOTdkZTYyNTI5NDgwYzVkNzA4YzNhMWNmZTRjYWZmZWVlYjE5YjVlYmMzNGNlNDFkZDgyMGIxYzcwNjU5MWY3Yg%3D%3D&uuid=&pii=&in=false
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /api/users?token=L2R5ZmMxazA5P2tleT04NjM3MDViY2JiNGI2YTU1NGRkYjM1OTY2NTM5NWE2ZiZwc2lkPTE3NDMzNjYxJnBzdD0xNzAyMzIwNTE0JnJlZmVyPWh0dHBzJTNBJTJGJTJGd3d3LnpvaGFpYnJvY2sueHl6JTJGJnJtdGM9dCZzaHU9OThlZTJlNzcyYmEzZWI2Yzg2NzhiOWE3YThmZjQ0YzJmZDRhOTk2NmMwMTY0NjA4N2NhYWMwMTk0OWNmMDJmYzcxOTE1MDYwZWZlYjk1MmU0MDkxZGU5NjgyOTFkZjVhZGJjOWYwYjc2MzcyNTk0YTdmZjY3YWIwYmY0MzBjOTdkZTYyNTI5NDgwYzVkNzA4YzNhMWNmZTRjYWZmZWVlYjE5YjVlYmMzNGNlNDFkZDgyMGIxYzcwNjU5MWY3Yg%3D%3D&uuid=&pii=&in=false HTTP/1.1
Host: conqueredallrightswell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://conqueredallrightswell.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
Cookie: u_pl=16122660; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTc0MzM2NjEiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cuem9oYWlicm9jay54eXovIiwiYXIiOltdfX0.Z0CJZdtpegwtWeujUW_z8cAUp6k0mRlQpOA32EHuGlo; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.21.6
Date: Mon, 11 Dec 2023 18:47:35 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://violationphysics.click/c9b2l0k.php?key=wkroiqew1c9guvr0kbe2&SUB_ID_SHORT=308293d2cd3ac79b195f937e99f064a0&COST_CPA=0.100000&PLACEMENT_ID=16122660&CAMPAIGN_ID=882703&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2569625
Set-Cookie: iprcd6465516e103cafc65442291a6092759=4641329; expires=Tue, 12 Dec 2023 18:47:35 GMT
pdhtkv=true; expires=Tue, 12 Dec 2023 18:47:35 GMT
uncs=1; expires=Tue, 12 Dec 2023 18:47:35 GMT
pdhtkv28=true; expires=Tue, 12 Dec 2023 18:47:35 GMT
uncs28=1; expires=Tue, 12 Dec 2023 18:47:35 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 38b973bb28cca358c67cc32ff2cb3bca
Strict-Transport-Security: max-age=0; includeSubdomains
violationphysics.click/c9b2l0k.php?key=wkroiqew1c9guvr0kbe2&SUB_ID_SHORT=308293d2cd3ac79b195f937e99f064a0&COST_CPA=0.100000&PLACEMENT_ID=16122660&CAMPAIGN_ID=882703&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2569625
0 B URL violationphysics.click/c9b2l0k.php?key=wkroiqew1c9guvr0kbe2&SUB_ID_SHORT=308293d2cd3ac79b195f937e99f064a0&COST_CPA=0.100000&PLACEMENT_ID=16122660&CAMPAIGN_ID=882703&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2569625
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c9b2l0k.php?key=wkroiqew1c9guvr0kbe2&SUB_ID_SHORT=308293d2cd3ac79b195f937e99f064a0&COST_CPA=0.100000&PLACEMENT_ID=16122660&CAMPAIGN_ID=882703&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2569625 HTTP/1.1
Host: violationphysics.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://conqueredallrightswell.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Mon, 11 Dec 2023 18:47:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uclick=h94p8p17c8; expires=Tue, 12-Dec-2023 18:47:36 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=h94p8p17c8-h94p8p17c8-hq1m-0-q5a4bl-ftxofe-ft8pdz-21a5ac; expires=Tue, 12-Dec-2023 18:47:36 GMT; Max-Age=86400; path=/; secure; SameSite=none
Location: https://vvfal.rigelbetelgeuse.top/?pl=zKByXHsQK0ydGD7DogbGyA&click_id=e1bf2h94p8p17c881d&sub_id=16122660
Strict-Transport-Security: max-age=31536000
vvfal.rigelbetelgeuse.top/?pl=zKByXHsQK0ydGD7DogbGyA&click_id=e1bf2h94p8p17c881d&sub_id=16122660
0 B URL vvfal.rigelbetelgeuse.top/?pl=zKByXHsQK0ydGD7DogbGyA&click_id=e1bf2h94p8p17c881d&sub_id=16122660
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?pl=zKByXHsQK0ydGD7DogbGyA&click_id=e1bf2h94p8p17c881d&sub_id=16122660 HTTP/1.1
Host: vvfal.rigelbetelgeuse.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://conqueredallrightswell.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Mon, 11 Dec 2023 18:47:36 GMT
content-length: 0
location: https://vvfal.coreforger.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=e1bf2h94p8p17c881d&sub_id=16122660&nrid=822529349e764b9e85603d790e020adf&hash=W6jKOl3S7QbqBxmdEdEfKQ&exp=1702320756
set-cookie: zKByXHsQK0ydGD7DogbGyA=5; max-age=345600; path=/; samesite=lax
__pl=ee47cb7c-cf53-4f5f-a714-721c0dc835d0; expires=Thu, 11 Dec 2025 18:47:36 GMT; path=/; samesite=lax
__cap=1; max-age=3600; path=/; samesite=lax
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y4Q5tAAJWDTwRRLyizFTAVNjUZJdBI%2BCXLgUqZioAsiVC7Bh7bHseF15k3G1v5NgbX860700d5WTphZWRL3JjDsz0Hsxg98n%2BtM58SGlbfY1Q8xsMBm%2F4NQTEBTZm2ZNaFohrZ6jPjMevI7Y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 833fe5a4ac72b4fa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
vvfal.coreforger.top/eyes-robot/assets/2.png
1.1 kB URL vvfal.coreforger.top/eyes-robot/assets/2.png
IP
File type PNG image data, 94 x 19, 8-bit colormap, non-interlaced
- data
Hash d708fbf0358752a082f5a394b74adda8
231c1527b4b039eb3af7d7e9eb5587ed87f6ea81
09d12e3c0e65fda26b9073e70e02fb24fa6941a4a3b1b81211b6470f00769ea5
GET /eyes-robot/assets/2.png HTTP/1.1
Host: vvfal.coreforger.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.coreforger.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=e1bf2h94p8p17c881d&sub_id=16122660&nrid=822529349e764b9e85603d790e020adf&hash=W6jKOl3S7QbqBxmdEdEfKQ&exp=1702320756
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 11 Dec 2023 18:47:36 GMT
content-type: image/png
content-length: 1061
last-modified: Tue, 05 Dec 2023 10:04:49 GMT
etag: "656ef5c1-425"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2FXP%2F28TAxmgteTYYSV9ZgPGwo5QbJ9bj1JxptO60vlZoI%2FAq%2FMWEVkiD4T%2BWNJOqqFj06Y2cZQ5c8rUPOcAigMatz%2F2adLJm9dDDatUXPb4%2FZLL1irAB1rOvl86dyisK7GGHyHqMg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 833fe5a70c8906b2-LHR
alt-svc: h3=":443"; ma=86400
vvfal.coreforger.top/eyes-robot/assets/1.png
11 kB URL vvfal.coreforger.top/eyes-robot/assets/1.png
IP
File type PNG image data, 179 x 278, 8-bit colormap, non-interlaced
- data
Hash a6fa8154cc36da494df7b5103329c15a
3a2310088bcec14f7c0187f8409a5af5395665e8
967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837
GET /eyes-robot/assets/1.png HTTP/1.1
Host: vvfal.coreforger.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.coreforger.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=e1bf2h94p8p17c881d&sub_id=16122660&nrid=822529349e764b9e85603d790e020adf&hash=W6jKOl3S7QbqBxmdEdEfKQ&exp=1702320756
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 11 Dec 2023 18:47:36 GMT
content-type: image/png
content-length: 10591
last-modified: Tue, 05 Dec 2023 10:04:49 GMT
etag: "656ef5c1-295f"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nhrrsPm%2BWYNptQ2M%2BtoyMo%2FjcUCrG8oRJBSCwh%2BlRsc5gSuI%2B%2FRp3z9c5qxr0a2xphpW2LQBLU63MHiIqpstPk1y5MQUrosypUtlQwexsPWm822%2FMeVyaNkj6ll08fhFW9kr%2BSsETw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 833fe5a70c8806b2-LHR
alt-svc: h3=":443"; ma=86400
vvfal.coreforger.top/eyes-robot/assets/image.png
11 kB URL vvfal.coreforger.top/eyes-robot/assets/image.png
IP
File type PNG image data, 260 x 260, 8-bit colormap, non-interlaced
- data
Hash ca1f4de0ad1d4fad72d299a6411e6959
c9f6d409f09264a34ee8bac4265233c56c280d1a
f0434a1fc8ffba3a47bbb9f1fa5a2f789651a020e7b86e507ff300b7c367057f
GET /eyes-robot/assets/image.png HTTP/1.1
Host: vvfal.coreforger.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.coreforger.top/eyes-robot/assets/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 11 Dec 2023 18:47:36 GMT
content-type: image/png
content-length: 11043
last-modified: Tue, 05 Dec 2023 10:04:49 GMT
etag: "656ef5c1-2b23"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5501
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BvonD7%2BUO8ioRieaovlRbJhHmJfv%2FQ0%2BhJOlHs7bvl5qWo8GQlp2DJw6AAX9GakVh6oA%2BVnUi9WdWlL94fvovkDh1VrPJ4HMVyuhyZTq1WK6l2QtIWbzps0QKgedFaNiIbD7g6MnwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 833fe5a7ad2c06b2-LHR
alt-svc: h3=":443"; ma=86400
cdnstatic.coreforger.top/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=e1bf2h94p8p17c881d&sub_id=16122660&appspot=&d=https%3A%2F%2Fcdnstatic.coreforger.top&timeout=30&tb=true&nrid=822529349e764b9e85603d790e020adf
13 kB URL cdnstatic.coreforger.top/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=e1bf2h94p8p17c881d&sub_id=16122660&appspot=&d=https%3A%2F%2Fcdnstatic.coreforger.top&timeout=30&tb=true&nrid=822529349e764b9e85603d790e020adf
IP
File type Unicode text, UTF-8 text, with very long lines (31295), with no line terminators
Hash 1e7d3077e30f52a4a5601befa4b13048
63f7dd338e99199040ea1cbb245aef18a7059808
3f1cbb1b2cfc538fad139e83218f29d84be9899f7b94cc92f46e3a73fb02fbaf
GET /ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=e1bf2h94p8p17c881d&sub_id=16122660&appspot=&d=https%3A%2F%2Fcdnstatic.coreforger.top&timeout=30&tb=true&nrid=822529349e764b9e85603d790e020adf HTTP/1.1
Host: cdnstatic.coreforger.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.coreforger.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 11 Dec 2023 18:47:36 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: BYPASS
set-cookie: __psu=0d89b29d-d208-44b8-b3a5-424cdc811322; expires=Thu, 11 Dec 2025 18:47:36 GMT; path=/; secure; samesite=none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ArSXm0xz55DOxrSoTfpH0McuBykjHzXoRZkCxLo54BDFxgs4g%2BrilnbpdlXghquAcsnx33aH%2Bnbe5z8Qoo0HVXEJraC2fY5R3We95fyfloKo%2Fpp9eVqI1XnI%2FuvjdAdpsJk%2FRIMOConDHIg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 833fe5a7cd5106b2-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js
9.3 kB URL www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js
IP
File type ASCII text, with very long lines (28368)
Hash 9900403b65514fad7df39a4e788a6e45
75f9ba061ef4e72bb23528c700f2a11c56d637e9
a202b2051ea9810cd9ba592b3f9418a89e2062f5c185e29e288080b28eb64fe5
GET /firebasejs/10.3.1/firebase-app-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.coreforger.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9308
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:56:06 GMT
expires: Fri, 06 Dec 2024 15:56:06 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 31 Aug 2023 15:20:38 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 355891
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
9.9 kB URL www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
IP
File type ASCII text, with very long lines (38231)
Hash 0541b823dfaf39162ef84cf075c9951b
e0934726455558cc1a59823efada9651e33aafaa
21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522
GET /firebasejs/10.3.1/firebase-messaging-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.coreforger.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 05:05:35 GMT
expires: Fri, 06 Dec 2024 05:05:35 GMT
cache-control: public, max-age=31536000
age: 394922
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Early-Data: accepted
vvfal.coreforger.top/shared-js/assets/static-pl.js?v=2
2.3 kB URL vvfal.coreforger.top/shared-js/assets/static-pl.js?v=2
IP
File type ASCII text, with CRLF line terminators
Hash 7224243dd0b18bb2508a1d77d4b2a0b2
bd833c24aa241861316053fd8bd46a1bef3d343f
920aa94a10634fc23234b5e4f55c428f6311fc7811d3591792381678cb492659
GET /shared-js/assets/static-pl.js?v=2 HTTP/1.1
Host: vvfal.coreforger.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.coreforger.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=e1bf2h94p8p17c881d&sub_id=16122660&nrid=822529349e764b9e85603d790e020adf&hash=W6jKOl3S7QbqBxmdEdEfKQ&exp=1702320756
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 11 Dec 2023 18:47:36 GMT
content-type: application/javascript
last-modified: Tue, 05 Dec 2023 10:04:49 GMT
etag: W/"656ef5c1-dee"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1572
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tWhuU6XIATwqlsiADHxzOOkphmQdpnz9KwfzhUYHF2OFcgc4rfCWMP6WFlfkKP1pc8gfSrRedwU2GTQvlkRLQLf8xD612QntafDsFJASV%2FNATH6%2BSQhogy9OZ1Fo6iqZJM1IrDdY%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 833fe5a70c8b06b2-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
a.coreforger.top/eyes-robot/assets/1.png
11 kB URL a.coreforger.top/eyes-robot/assets/1.png
IP
File type PNG image data, 179 x 278, 8-bit colormap, non-interlaced
- data
Hash a6fa8154cc36da494df7b5103329c15a
3a2310088bcec14f7c0187f8409a5af5395665e8
967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837
GET /eyes-robot/assets/1.png HTTP/1.1
Host: a.coreforger.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.coreforger.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=e1bf2h94p8p17c881d&sub_id=16122660&nrid=822529349e764b9e85603d790e020adf&hash=W6jKOl3S7QbqBxmdEdEfKQ&exp=1702320756
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 11 Dec 2023 18:47:37 GMT
content-type: image/png
content-length: 10591
last-modified: Tue, 05 Dec 2023 10:04:49 GMT
etag: "656ef5c1-295f"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3699
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4HLGgRnmszxAI5eikfJF%2B3Cl48G6AxADIXcI%2Fa%2BzgtnOJmux00WvYuQWQQ5ob2Oq4iqKRNZlmqGoY9ongnjRYRsD6setc%2BFR8PAgC%2FXtd2BZgEbRIQB3LAIRJjMoUCQvSs2j"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 833fe5aaa80206b2-LHR
alt-svc: h3=":443"; ma=86400
a.coreforger.top/shared-js/assets/static-pl.js?v=2
10 kB URL a.coreforger.top/shared-js/assets/static-pl.js?v=2
IP
File type ASCII text, with CRLF line terminators
Hash 7224243dd0b18bb2508a1d77d4b2a0b2
bd833c24aa241861316053fd8bd46a1bef3d343f
920aa94a10634fc23234b5e4f55c428f6311fc7811d3591792381678cb492659
GET /shared-js/assets/static-pl.js?v=2 HTTP/1.1
Host: a.coreforger.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.coreforger.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=e1bf2h94p8p17c881d&sub_id=16122660&nrid=822529349e764b9e85603d790e020adf&hash=W6jKOl3S7QbqBxmdEdEfKQ&exp=1702320756
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 11 Dec 2023 18:47:37 GMT
content-type: application/javascript
last-modified: Tue, 05 Dec 2023 10:04:49 GMT
etag: W/"656ef5c1-dee"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4475
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rE8MJL5vbapxejTtlkpCZcpGBqP%2BQrhvwb1OkUBf%2FBeXZTabFaTn1kj%2BEgwd%2F2sVy16CXnN1Vw%2Bqv691LLOX9ZtAxYj%2FuOV%2FI%2BK8tf1psfJkQ62YuPV9oqVYZtwOVIUXJlXx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 833fe5aaa80506b2-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
friendshipmale.com/sfp.js
27 kB URL friendshipmale.com/sfp.js
IP
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 924e967bca1d599992556a8d139b1c5a
222b09dbf164ddc03d39100fd0524a22018d28b2
ac84c2f8288b59f8e04ba77287ce696052bfeee0d462a566d94dc305df646c95
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 11 Dec 2023 18:47:32 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 7daf7d59d36255d96f08a7fdf73b3f13
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Mon, 11 Dec 2023 18:47:32 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5IFhH6icRRnWYFF%2BvMHuWdTvt7vR9ybRwrGezco1OKLgvr5hzdF3sswDpFZY%2F5MbdZGYY6JHTJtOphr9Oltbd3GnPAqJvGzNlATelbKfd7pJSAxxqn8siorpPa%2B7hjxNekRD3Gs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 833fe58d4d9963f7-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
9.9 kB URL www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
IP
File type ASCII text, with very long lines (38231)
Hash 0541b823dfaf39162ef84cf075c9951b
e0934726455558cc1a59823efada9651e33aafaa
21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522
GET /firebasejs/10.3.1/firebase-messaging-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.coreforger.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 05:05:35 GMT
expires: Fri, 06 Dec 2024 05:05:35 GMT
cache-control: public, max-age=31536000
age: 394922
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
a.coreforger.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=e1bf2h94p8p17c881d&sub_id=16122660&nrid=822529349e764b9e85603d790e020adf&hash=W6jKOl3S7QbqBxmdEdEfKQ&exp=1702320756
12 kB URL a.coreforger.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=e1bf2h94p8p17c881d&sub_id=16122660&nrid=822529349e764b9e85603d790e020adf&hash=W6jKOl3S7QbqBxmdEdEfKQ&exp=1702320756
IP
File type HTML document text
- HTML document text
- HTML document text
- HTML document text
- HTML document text
- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash d091598187b0c2607db0dc04029e3457
0594d408ea97d509719300d8e4c19ce49078f55b
9f40361e807d9f0d4bbb68b5e68f9626231ae6b04fb26262190529eff247ddf8
GET /eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=e1bf2h94p8p17c881d&sub_id=16122660&nrid=822529349e764b9e85603d790e020adf&hash=W6jKOl3S7QbqBxmdEdEfKQ&exp=1702320756 HTTP/1.1
Host: a.coreforger.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.coreforger.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 11 Dec 2023 18:47:37 GMT
content-type: text/html
last-modified: Tue, 05 Dec 2023 10:04:49 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mwhr7pZ9NiUU9S98pfMXspToNrygv6CFK2yZhMcyJxbHF009CDKNf86U162vLRTcQ1Xn%2BREdqX2fFBUJ6dcJlqsYKO2k5bY2zjNVG5ePh0IW6WqRcEwfDEioXN0IxQNRHCD8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 833fe5a9cf2a06b2-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
vvfal.coreforger.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=e1bf2h94p8p17c881d&sub_id=16122660&nrid=822529349e764b9e85603d790e020adf&hash=W6jKOl3S7QbqBxmdEdEfKQ&exp=1702320756
1.8 kB URL vvfal.coreforger.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=e1bf2h94p8p17c881d&sub_id=16122660&nrid=822529349e764b9e85603d790e020adf&hash=W6jKOl3S7QbqBxmdEdEfKQ&exp=1702320756
IP
File type HTML document text
- HTML document text
- HTML document text
- HTML document text
- HTML document text
- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash d091598187b0c2607db0dc04029e3457
0594d408ea97d509719300d8e4c19ce49078f55b
9f40361e807d9f0d4bbb68b5e68f9626231ae6b04fb26262190529eff247ddf8
GET /eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=e1bf2h94p8p17c881d&sub_id=16122660&nrid=822529349e764b9e85603d790e020adf&hash=W6jKOl3S7QbqBxmdEdEfKQ&exp=1702320756 HTTP/1.1
Host: vvfal.coreforger.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://conqueredallrightswell.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 11 Dec 2023 18:47:36 GMT
content-type: text/html
last-modified: Tue, 05 Dec 2023 10:04:49 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UoF1Os6StHv1SbOzyoKJ5d8X%2B5zsAoE64pZNsYFBoDmou%2Bu6hs%2ByzDXKpJak1lMdFCoMYz5v3EhIT2GLmM915XRGJVlvtZ7aA5bRHuhXaEg2mIQKMwUvQzswUCXqyMtiGudiegEPFg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 833fe5a58b3e76ff-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.toprevenuegate.com/api/users?token=L3pqNzduY2NuYnM_a2V5PTdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkJnBzdD0xNzAyMzIwNTE4JnJtdGM9dCZzaHU9NDMyYzZmNzVkZjY1ZDNmMzhkMTE1NThlOGM0MDE2ZTliMGJiYWM0YTFlMWNlNWM4NWYyMjcyZmM3YzlhYWI2N2MwZTdjZDc2ZDE5MGI1Y2VlYjQ5MGE1NWMwOWE2YmFiYzhiYzVkNzg5OTM4MjA1MjI3YTRkMmJiNjViYzYxMjEyYWJjM2U0YzJkYzViNTE1ZTkwNWNjM2NhODMxMGIyN2E3NmQ5MmJhZjJkOWVmMzFkYzMwY2ZiODZiZTQ1OGY0OTRhYjYx&uuid=&pii=&in=false
302 Found 0 B URL User Request GET HTTP/1.1 www.toprevenuegate.com/api/users?token=L3pqNzduY2NuYnM_a2V5PTdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkJnBzdD0xNzAyMzIwNTE4JnJtdGM9dCZzaHU9NDMyYzZmNzVkZjY1ZDNmMzhkMTE1NThlOGM0MDE2ZTliMGJiYWM0YTFlMWNlNWM4NWYyMjcyZmM3YzlhYWI2N2MwZTdjZDc2ZDE5MGI1Y2VlYjQ5MGE1NWMwOWE2YmFiYzhiYzVkNzg5OTM4MjA1MjI3YTRkMmJiNjViYzYxMjEyYWJjM2U0YzJkYzViNTE1ZTkwNWNjM2NhODMxMGIyN2E3NmQ5MmJhZjJkOWVmMzFkYzMwY2ZiODZiZTQ1OGY0OTRhYjYx&uuid=&pii=&in=false
IP
Certificate IssuerLet's Encrypt
Subjecttoprevenuegate.com
Fingerprint7D:44:5C:97:A8:B4:D2:87:5C:7C:4E:B7:DA:3A:38:99:85:00:67:40
ValidityFri, 20 Oct 2023 09:02:00 GMT - Thu, 18 Jan 2024 09:01:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/users?token=L3pqNzduY2NuYnM_a2V5PTdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkJnBzdD0xNzAyMzIwNTE4JnJtdGM9dCZzaHU9NDMyYzZmNzVkZjY1ZDNmMzhkMTE1NThlOGM0MDE2ZTliMGJiYWM0YTFlMWNlNWM4NWYyMjcyZmM3YzlhYWI2N2MwZTdjZDc2ZDE5MGI1Y2VlYjQ5MGE1NWMwOWE2YmFiYzhiYzVkNzg5OTM4MjA1MjI3YTRkMmJiNjViYzYxMjEyYWJjM2U0YzJkYzViNTE1ZTkwNWNjM2NhODMxMGIyN2E3NmQ5MmJhZjJkOWVmMzFkYzMwY2ZiODZiZTQ1OGY0OTRhYjYx&uuid=&pii=&in=false HTTP/1.1
Host: www.toprevenuegate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.toprevenuegate.com/zj77nccnbs?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=19854905
Cookie: u_pl=19854905; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTg1NDkwNSwiayI6IjdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNzIyNjE4LCJwaWQiOjI0MDE2MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjoyOCwicHQiOjQsInBrIjoiemo3N25jY25icyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiIiwiYXIiOltdfX0.2FQGO2YhCNPTmdlXXLBtr2hi4zXbhcFHRg0XwRi4mrk; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.21.6
Date: Mon, 11 Dec 2023 18:47:39 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://adserving.unibet.com/redirect.aspx?bid=37953&pid=15135578&sref=ADST&ADST=19854905
Set-Cookie: iprc79359b7dc3bfe044838f9db7a88f414a=4798635; expires=Tue, 12 Dec 2023 18:47:39 GMT
pdhtkv=true; expires=Tue, 12 Dec 2023 18:47:39 GMT
uncs=1; expires=Tue, 12 Dec 2023 18:47:39 GMT
pdhtkv28=true; expires=Tue, 12 Dec 2023 18:47:39 GMT
uncs28=1; expires=Tue, 12 Dec 2023 18:47:39 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a3e0833b8f08e23422799a3dff8527c5
Strict-Transport-Security: max-age=0; includeSubdomains
adserving.unibet.com/redirect.aspx?bid=37953&pid=15135578&sref=ADST&ADST=19854905
307 Temporary Redirect 0 B URL User Request GET HTTP/2 adserving.unibet.com/redirect.aspx?bid=37953&pid=15135578&sref=ADST&ADST=19854905
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Certificate IssuerTrustwave Holdings, Inc.
Subjectaffiliates.kindredplc.com
Fingerprint9C:1F:91:86:77:41:76:62:71:CD:11:FD:80:70:B7:83:58:47:BF:4F
ValidityThu, 17 Aug 2023 06:39:43 GMT - Fri, 16 Aug 2024 06:38:43 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect.aspx?bid=37953&pid=15135578&sref=ADST&ADST=19854905 HTTP/1.1
Host: adserving.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.toprevenuegate.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 307 Temporary Redirect
cache-control: private,no-cache, no-store
pragma: no-cache
content-type: text/html
location: https://welcome.mariacasino.com/no/pop/casino/2022/index.html?ch=affiliate&sub_ch=affiliate&campaignId=2856772&btag=127656177_80E70E0B72F444B084B275A6E960B302&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37953
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
set-cookie: NetRefer_CookieUniTrack_C=%5b%7b%22PID%22%3a94151521%2c%22BID%22%3a37953%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1702320459879)%5c%2f%22%2c%22CookieTag%22%3a%223795394151521451240919C202312111847%22%7d%5d; SameSite=None;; domain=.unibet.com; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/; secure
NetReferSPS=%5b%7b%22StoreName%22%3a%22CurrentReferenceID%22%2c%22StoreValue%22%3a%2210708221253%7c1%22%7d%5d; domain=.unibet.com; expires=Wed, 11-Dec-3022 18:47:39 GMT; path=/; secure; SameSite=Strict
x-aspnet-version: 4.0.30319
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
access-control-expose-headers: Request-Context
x-azure-ref: 0S1l3ZQAAAAD2k9u8LJXyR5yf4Yima086U1ZHMjBFREdFMDYwNwAyZDk5MzlkMy05NTUxLTQ2ZmYtOGEyNi01ZWZmY2FhMWQ5OGM=
x-cache: CONFIG_NOCACHE
date: Mon, 11 Dec 2023 18:47:39 GMT
content-length: 0
X-Firefox-Spdy: h2
welcome.mariacasino.com/no/pop/casino/2022/slots.png
200 OK 6.3 kB URL GET HTTP/2 welcome.mariacasino.com/no/pop/casino/2022/slots.png
IP
Requested by https://welcome.mariacasino.com/no/pop/casino/2022/index.html?ch=affiliate&sub_ch=affiliate&campaignId=2856772&btag=127656177_80E70E0B72F444B084B275A6E960B302&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37953
Certificate IssuerLet's Encrypt
Subjectwelcome.mariacasino.com
Fingerprint40:A0:00:26:41:7A:12:6B:FE:71:F7:E2:B2:55:EC:BB:B2:54:58:93
ValidityMon, 30 Oct 2023 18:15:52 GMT - Sun, 28 Jan 2024 18:15:51 GMT
File type PNG image data, 151 x 200, 8-bit/color RGBA, non-interlaced
- data
Hash 6be047bdf3d103b2414f7f6ab64d96b8
57818bdfe16383abe584b5c30de5f35eb55ebf20
38e2d3e7f261032cf0c558e28555c6425c30aa14014f31bbaad7d5176b7d4449
GET /no/pop/casino/2022/slots.png HTTP/1.1
Host: welcome.mariacasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.mariacasino.com/no/pop/casino/2022/index.html?ch=affiliate&sub_ch=affiliate&campaignId=2856772&btag=127656177_80E70E0B72F444B084B275A6E960B302&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37953
Cookie: btag=127656177_80E70E0B72F444B084B275A6E960B302
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 11 Dec 2023 18:47:40 GMT
content-type: image/png
content-length: 6303
cf-ray: 833fe5bcae2c56c6-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 395369
cache-control: public, max-age=900, immutable
etag: "0x8DBB47DF214D12C"
last-modified: Wed, 13 Sep 2023 17:22:02 GMT
vary: Accept-Encoding
content-md5: a+BHvfPRA7JBT39qtk2WuA==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: a53159bf-701e-0056-7ba2-1de3ed000000
x-ms-version: 2014-02-14
server: cloudflare
X-Firefox-Spdy: h2
welcome.mariacasino.com/no/pop/casino/2022/livecasino.png
200 OK 21 kB URL GET HTTP/2 welcome.mariacasino.com/no/pop/casino/2022/livecasino.png
IP
Requested by https://welcome.mariacasino.com/no/pop/casino/2022/index.html?ch=affiliate&sub_ch=affiliate&campaignId=2856772&btag=127656177_80E70E0B72F444B084B275A6E960B302&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37953
Certificate IssuerLet's Encrypt
Subjectwelcome.mariacasino.com
Fingerprint40:A0:00:26:41:7A:12:6B:FE:71:F7:E2:B2:55:EC:BB:B2:54:58:93
ValidityMon, 30 Oct 2023 18:15:52 GMT - Sun, 28 Jan 2024 18:15:51 GMT
File type PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced
- data
Hash 87dc3fc9a40a9b0e8fd7c0519ac24f54
908b0ca475f8da1d0380a6cb5caabafce2466aec
a0fd031aa160b2679253c5952576a692e002c6be963c5935af3692ff50206eb4
GET /no/pop/casino/2022/livecasino.png HTTP/1.1
Host: welcome.mariacasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.mariacasino.com/no/pop/casino/2022/index.html?ch=affiliate&sub_ch=affiliate&campaignId=2856772&btag=127656177_80E70E0B72F444B084B275A6E960B302&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37953
Cookie: btag=127656177_80E70E0B72F444B084B275A6E960B302
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 11 Dec 2023 18:47:40 GMT
content-type: image/png
content-length: 20783
cf-ray: 833fe5bcae2d56c6-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 310506
cache-control: public, max-age=900, immutable
etag: "0x8DBB47DF2032091"
last-modified: Wed, 13 Sep 2023 17:22:02 GMT
vary: Accept-Encoding
content-md5: h9w/yaQKmw6P18BRmsJPVA==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: e590e529-401e-004d-2d8c-1eddee000000
x-ms-version: 2014-02-14
server: cloudflare
X-Firefox-Spdy: h2
welcome.mariacasino.com/no/pop/casino/2022/games.png
200 OK 8.8 kB URL GET HTTP/2 welcome.mariacasino.com/no/pop/casino/2022/games.png
IP
Requested by https://welcome.mariacasino.com/no/pop/casino/2022/index.html?ch=affiliate&sub_ch=affiliate&campaignId=2856772&btag=127656177_80E70E0B72F444B084B275A6E960B302&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37953
Certificate IssuerLet's Encrypt
Subjectwelcome.mariacasino.com
Fingerprint40:A0:00:26:41:7A:12:6B:FE:71:F7:E2:B2:55:EC:BB:B2:54:58:93
ValidityMon, 30 Oct 2023 18:15:52 GMT - Sun, 28 Jan 2024 18:15:51 GMT
File type PNG image data, 234 x 200, 8-bit/color RGBA, non-interlaced
- data
Hash fbd364c184d1c2af246dd5a3079ce9ed
5c572431ced831a518e0c4adfed4372254f1eac1
2a09f891fb138e893fbc2fe522761e47307376143582e41016bf8aa54c4fdb77
GET /no/pop/casino/2022/games.png HTTP/1.1
Host: welcome.mariacasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.mariacasino.com/no/pop/casino/2022/index.html?ch=affiliate&sub_ch=affiliate&campaignId=2856772&btag=127656177_80E70E0B72F444B084B275A6E960B302&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37953
Cookie: btag=127656177_80E70E0B72F444B084B275A6E960B302
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 11 Dec 2023 18:47:40 GMT
content-type: image/png
content-length: 8838
cf-ray: 833fe5bcae3256c6-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 463135
cache-control: public, max-age=900, immutable
etag: "0x8DBB47DF1FBCEB0"
last-modified: Wed, 13 Sep 2023 17:22:02 GMT
vary: Accept-Encoding
content-md5: +9NkwYTRwq8kbdWjB5zp7Q==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: ed2a491c-501e-006e-5f0a-1d472d000000
x-ms-version: 2014-02-14
server: cloudflare
X-Firefox-Spdy: h2
welcome.mariacasino.com/no/pop/casino/2022/mga.png
200 OK 1.5 kB URL GET HTTP/2 welcome.mariacasino.com/no/pop/casino/2022/mga.png
IP
Requested by https://welcome.mariacasino.com/no/pop/casino/2022/index.html?ch=affiliate&sub_ch=affiliate&campaignId=2856772&btag=127656177_80E70E0B72F444B084B275A6E960B302&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37953
Certificate IssuerLet's Encrypt
Subjectwelcome.mariacasino.com
Fingerprint40:A0:00:26:41:7A:12:6B:FE:71:F7:E2:B2:55:EC:BB:B2:54:58:93
ValidityMon, 30 Oct 2023 18:15:52 GMT - Sun, 28 Jan 2024 18:15:51 GMT
File type PNG image data, 152 x 60, 8-bit colormap, non-interlaced
- data
Hash f34e781d7ad22dc774b98ac82a2b46f6
b66cb9753b0f76a7590f62d3c6b8f645bdbae786
7898ba2cec328d50a75400c1e5a6f1f23974f4c0cc433472a24f28a82c7d01c7
GET /no/pop/casino/2022/mga.png HTTP/1.1
Host: welcome.mariacasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.mariacasino.com/no/pop/casino/2022/index.html?ch=affiliate&sub_ch=affiliate&campaignId=2856772&btag=127656177_80E70E0B72F444B084B275A6E960B302&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37953
Cookie: btag=127656177_80E70E0B72F444B084B275A6E960B302
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 11 Dec 2023 18:47:40 GMT
content-type: image/png
content-length: 1454
cf-ray: 833fe5bcae3356c6-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 50333
cache-control: public, max-age=900, immutable
etag: "0x8DBB47DF226A8C7"
last-modified: Wed, 13 Sep 2023 17:22:02 GMT
vary: Accept-Encoding
content-md5: 8054HXrSLcd0uYrIKitG9g==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: b9ce90da-f01e-0077-3edc-20c796000000
x-ms-version: 2014-02-14
server: cloudflare
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
200 OK 30 kB URL GET HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
IP
Requested by https://welcome.mariacasino.com/no/pop/casino/2022/index.html?ch=affiliate&sub_ch=affiliate&campaignId=2856772&btag=127656177_80E70E0B72F444B084B275A6E960B302&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37953
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint10:D0:ED:9A:F4:53:C8:99:DE:B6:5E:5C:04:E6:20:0B:68:7D:46:EC
ValidityMon, 20 Nov 2023 08:08:50 GMT - Mon, 12 Feb 2024 08:08:49 GMT
File type ASCII text, with very long lines (32030)
Hash e071abda8fe61194711cfc2ab99fe104
f647a6d37dc4ca055ced3cf64bbc1f490070acba
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
GET /ajax/libs/jquery/3.1.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.mariacasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30244
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:57:26 GMT
expires: Fri, 06 Dec 2024 15:57:26 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 355814
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
200 OK 957 B URL GET HTTP/2 a1s-cdn.unibet.com/unibet/bannerflow/scripts/master_tag.js
IP
ASN #47171 Unibet Services Limited
Requested by https://welcome.mariacasino.com/no/pop/casino/2022/index.html?ch=affiliate&sub_ch=affiliate&campaignId=2856772&btag=127656177_80E70E0B72F444B084B275A6E960B302&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37953
Certificate IssuerLet's Encrypt
Subjectunibet.com
Fingerprint1A:B0:7B:63:FE:17:68:E4:1E:85:13:D5:3D:2C:46:01:FC:B2:4C:84
ValidityMon, 06 Nov 2023 00:18:08 GMT - Sun, 04 Feb 2024 00:18:07 GMT
Hash e19225e3eb562a3b6a86f7b8b47c38fb
ce3eb55448afd8fc9dfa4ac82f8743a009d5e142
c152526a02cb050650847e999ae141eae985472fbf73c5a843160b3b6bb06f79
GET /unibet/bannerflow/scripts/master_tag.js HTTP/1.1
Host: a1s-cdn.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.mariacasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 11 Dec 2023 18:47:40 GMT
content-type: application/javascript
content-length: 957
last-modified: Mon, 25 Apr 2022 12:18:31 GMT
etag: "3bd-5dd799309c310"
cache-control: max-age=1800, public, must-revalidate
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s-cdn.unibet.com; Path=/; SameSite=None; Secure
accept-ranges: bytes
X-Firefox-Spdy: h2
cdnstatic.coreforger.top/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=e1bf2h94p8p17c881d&sub_id=16122660&appspot=&d=https%3A%2F%2Fcdnstatic.coreforger.top&timeout=30&tb=true&nrid=822529349e764b9e85603d790e020adf
13 kB URL cdnstatic.coreforger.top/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=e1bf2h94p8p17c881d&sub_id=16122660&appspot=&d=https%3A%2F%2Fcdnstatic.coreforger.top&timeout=30&tb=true&nrid=822529349e764b9e85603d790e020adf
IP
File type Unicode text, UTF-8 text, with very long lines (31295), with no line terminators
Hash 70c9a7d504ef3d7aa5ac1cc423cbc32d
b0c929c8de067915f610cad6f10540b050fba3f5
65f224a83947eb4f8a452ab9bea57692e303ec31dccfe6dad3a753fb75ba8439
GET /ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=e1bf2h94p8p17c881d&sub_id=16122660&appspot=&d=https%3A%2F%2Fcdnstatic.coreforger.top&timeout=30&tb=true&nrid=822529349e764b9e85603d790e020adf HTTP/1.1
Host: cdnstatic.coreforger.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.coreforger.top/
Cookie: __psu=0d89b29d-d208-44b8-b3a5-424cdc811322
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 11 Dec 2023 18:47:37 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GiURobnRCNofIvq5Csox8tNJrqrGBpwVUVCqBuOINCrFy37Jr5yvsLuS58HTGTtQ2mMngqOfBdYAmHSvgVE%2FiI4c7Dxuj8Drtkp9%2B%2BHDMHGNy18o2j8ftdKaqf%2Be3HtD4mVkpsvg9Ito0eQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 833fe5ab289306b2-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
assets.adobedtm.com/2ba9756ce24e85b6613a5e44df81f3a5de8f7320/scripts/satellite-5b0e7d5264746d144c000221.js
200 OK 228 B URL GET HTTP/2 assets.adobedtm.com/2ba9756ce24e85b6613a5e44df81f3a5de8f7320/scripts/satellite-5b0e7d5264746d144c000221.js
IP
Requested by https://welcome.mariacasino.com/no/pop/casino/2022/index.html?ch=affiliate&sub_ch=affiliate&campaignId=2856772&btag=127656177_80E70E0B72F444B084B275A6E960B302&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37953
Certificate IssuerDigiCert Inc
Subjectassets.adobedtm.com
Fingerprint8E:2F:9F:94:55:93:C2:B5:58:37:E8:D3:02:3C:23:AF:BA:E7:1D:EA
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sat, 10 Aug 2024 23:59:59 GMT
Hash accfdd9d5be1d7142fabad440365d15f
728b540ea47087d04d502079c76b3f3db8ea289a
32ebaaa3078816891a9efa129824d6ee11c4c8b0ef6e441b28781e7d82b95305
GET /2ba9756ce24e85b6613a5e44df81f3a5de8f7320/scripts/satellite-5b0e7d5264746d144c000221.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.mariacasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "accfdd9d5be1d7142fabad440365d15f:1554112916"
last-modified: Mon, 01 Apr 2019 10:01:56 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 228
cache-control: max-age=3600
expires: Mon, 11 Dec 2023 19:47:40 GMT
date: Mon, 11 Dec 2023 18:47:40 GMT
access-control-allow-origin: https://welcome.mariacasino.com
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/2ba9756ce24e85b6613a5e44df81f3a5de8f7320/dil-contents-4493d5fc39a384609f7eab6df1c4aef4ab6b834d.js
200 OK 13 kB URL GET HTTP/2 assets.adobedtm.com/2ba9756ce24e85b6613a5e44df81f3a5de8f7320/dil-contents-4493d5fc39a384609f7eab6df1c4aef4ab6b834d.js
IP
Requested by https://welcome.mariacasino.com/no/pop/casino/2022/index.html?ch=affiliate&sub_ch=affiliate&campaignId=2856772&btag=127656177_80E70E0B72F444B084B275A6E960B302&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37953
Certificate IssuerDigiCert Inc
Subjectassets.adobedtm.com
Fingerprint8E:2F:9F:94:55:93:C2:B5:58:37:E8:D3:02:3C:23:AF:BA:E7:1D:EA
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sat, 10 Aug 2024 23:59:59 GMT
File type ASCII text, with very long lines (558)
Hash 18eab16a639a4773572307713440a929
75bd72f7058b2d1d3ede541b2129267b438a73d4
358c5899627cc60f849ddc6860c01aa67b122f478e0d4ef42efd48a4b38c305b
GET /2ba9756ce24e85b6613a5e44df81f3a5de8f7320/dil-contents-4493d5fc39a384609f7eab6df1c4aef4ab6b834d.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.mariacasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "18eab16a639a4773572307713440a929:1554112912"
last-modified: Mon, 01 Apr 2019 10:01:52 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 12666
cache-control: max-age=3600
expires: Mon, 11 Dec 2023 19:47:40 GMT
date: Mon, 11 Dec 2023 18:47:40 GMT
access-control-allow-origin: https://welcome.mariacasino.com
timing-allow-origin: *
X-Firefox-Spdy: h2
service.maxymiser.net/cdn/unibet/js/mmcore.js
404 Not Found 10 B URL GET HTTP/2 service.maxymiser.net/cdn/unibet/js/mmcore.js
IP
ASN #20940 Akamai International B.V.
Requested by https://welcome.mariacasino.com/no/pop/casino/2022/index.html?ch=affiliate&sub_ch=affiliate&campaignId=2856772&btag=127656177_80E70E0B72F444B084B275A6E960B302&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37953
Certificate IssuerDigiCert Inc
Subject*.maxymiser.net
Fingerprint64:BD:DC:A7:97:53:6E:10:E5:25:0D:F4:A1:AF:7E:26:8B:AC:DD:88
ValidityMon, 27 Nov 2023 00:00:00 GMT - Wed, 27 Nov 2024 23:59:59 GMT
Hash 7605968e79d0ca095ab1231486d2b814
a007b420d19ceefa840f0373e050e3b51a4ab480
493fda53120050f85836032324409be6c6484f90a0755ae0c6a673ba7626818b
GET /cdn/unibet/js/mmcore.js HTTP/1.1
Host: service.maxymiser.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.mariacasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
accept-ranges: bytes
content-length: 10
server: AkamaiNetStorage
cache-control: max-age=1800
date: Mon, 11 Dec 2023 18:47:40 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
welcome.mariacasino.com/no/pop/casino/2022/background.jpg
200 OK 162 kB URL GET HTTP/2 welcome.mariacasino.com/no/pop/casino/2022/background.jpg
IP
Requested by https://welcome.mariacasino.com/no/pop/casino/2022/index.html?ch=affiliate&sub_ch=affiliate&campaignId=2856772&btag=127656177_80E70E0B72F444B084B275A6E960B302&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37953
Certificate IssuerLet's Encrypt
Subjectwelcome.mariacasino.com
Fingerprint40:A0:00:26:41:7A:12:6B:FE:71:F7:E2:B2:55:EC:BB:B2:54:58:93
ValidityMon, 30 Oct 2023 18:15:52 GMT - Sun, 28 Jan 2024 18:15:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1800x800, components 3
- data
Size 162 kB (161606 bytes)
Hash aa279ee357b415f50a16127d5c1a7c4d
d1375a6cb87e60f31f609769044af9e6d47775cd
6aa6656d951b443674e2795a2174f6ba5fa711a0f2943830eab9f07cb1e1a809
GET /no/pop/casino/2022/background.jpg HTTP/1.1
Host: welcome.mariacasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.mariacasino.com/no/pop/casino/2022/styles.css
Cookie: btag=127656177_80E70E0B72F444B084B275A6E960B302; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=-306458230%7CMCIDTS%7C19703%7CMCMID%7C47458707625313056780741482770059111586%7CMCAID%7CNONE%7CMCOPTOUT-1702327660s%7CNONE%7CvVersion%7C3.2.0; sat_track=true; AMCVS_F431E3BC5593E3887F000101%40AdobeOrg=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 11 Dec 2023 18:47:40 GMT
content-type: image/jpeg
content-length: 161606
cf-ray: 833fe5bef98b56c6-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 351908
cache-control: public, max-age=900, immutable
etag: "0x8DBB47DF1D5AECE"
last-modified: Wed, 13 Sep 2023 17:22:02 GMT
vary: Accept-Encoding
content-md5: qiee41e0FfUKFhJ9XBp8TQ==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 944433a8-a01e-0018-43ae-23cd65000000
x-ms-version: 2014-02-14
server: cloudflare
X-Firefox-Spdy: h2
welcome.mariacasino.com/no/pop/casino/2022/BlenderPro-ThinWeb.woff
200 OK 50 kB URL GET HTTP/2 welcome.mariacasino.com/no/pop/casino/2022/BlenderPro-ThinWeb.woff
IP
Requested by https://welcome.mariacasino.com/no/pop/casino/2022/index.html?ch=affiliate&sub_ch=affiliate&campaignId=2856772&btag=127656177_80E70E0B72F444B084B275A6E960B302&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37953
Certificate IssuerLet's Encrypt
Subjectwelcome.mariacasino.com
Fingerprint40:A0:00:26:41:7A:12:6B:FE:71:F7:E2:B2:55:EC:BB:B2:54:58:93
ValidityMon, 30 Oct 2023 18:15:52 GMT - Sun, 28 Jan 2024 18:15:51 GMT
File type Web Open Font Format, TrueType, length 49636, version 3.6
- data
Hash 37ba84aebad11c2e0acd496eedb0bb76
42942446e1cfab8d0eaf7d23899203b2b2b64fe7
2d7cc2c9c9fef717010fcfa8fa6518079eaec1e63975a74b4fb78afb14d6ee5e
GET /no/pop/casino/2022/BlenderPro-ThinWeb.woff HTTP/1.1
Host: welcome.mariacasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://welcome.mariacasino.com/no/pop/casino/2022/styles.css
Cookie: btag=127656177_80E70E0B72F444B084B275A6E960B302; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=-306458230%7CMCIDTS%7C19703%7CMCMID%7C47458707625313056780741482770059111586%7CMCAID%7CNONE%7CMCOPTOUT-1702327660s%7CNONE%7CvVersion%7C3.2.0; sat_track=true; AMCVS_F431E3BC5593E3887F000101%40AdobeOrg=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 11 Dec 2023 18:47:40 GMT
content-type: application/font-woff
content-length: 49636
cf-ray: 833fe5bf09a056c6-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 22707
cache-control: public, max-age=900, immutable
etag: "0x8DBB47DF1CAB3F7"
last-modified: Wed, 13 Sep 2023 17:22:02 GMT
vary: Accept-Encoding
content-md5: N7qErrrRHC4KzUlu7bC7dg==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 822ab976-c01e-000e-6f2c-213bb2000000
x-ms-version: 2014-02-14
server: cloudflare
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,500,700,900
200 OK 50 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500,700,900
IP
Requested by https://welcome.mariacasino.com/no/pop/casino/2022/index.html?ch=affiliate&sub_ch=affiliate&campaignId=2856772&btag=127656177_80E70E0B72F444B084B275A6E960B302&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37953
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint10:D0:ED:9A:F4:53:C8:99:DE:B6:5E:5C:04:E6:20:0B:68:7D:46:EC
ValidityMon, 20 Nov 2023 08:08:50 GMT - Mon, 12 Feb 2024 08:08:49 GMT
File type gzip compressed data, max compression
- data
Hash 53359f3f8f6da2505068c952e95106a4
8a018750340bddfeb9fba6efb40e00a38157cf63
a6a2a22b88fc8f09969704993ff4d131b6d3a7c4ca874b84b48c29d955a3f12a
GET /css?family=Roboto:300,400,500,700,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.mariacasino.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 11 Dec 2023 18:47:40 GMT
date: Mon, 11 Dec 2023 18:47:40 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
assets.adobedtm.com/2ba9756ce24e85b6613a5e44df81f3a5de8f7320/s-code-contents-dcbd0d7722c067386a5d09d13c84aaf7196c1b0d.js
200 OK 30 kB URL GET HTTP/2 assets.adobedtm.com/2ba9756ce24e85b6613a5e44df81f3a5de8f7320/s-code-contents-dcbd0d7722c067386a5d09d13c84aaf7196c1b0d.js
IP
Requested by https://welcome.mariacasino.com/no/pop/casino/2022/index.html?ch=affiliate&sub_ch=affiliate&campaignId=2856772&btag=127656177_80E70E0B72F444B084B275A6E960B302&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37953
Certificate IssuerDigiCert Inc
Subjectassets.adobedtm.com
Fingerprint8E:2F:9F:94:55:93:C2:B5:58:37:E8:D3:02:3C:23:AF:BA:E7:1D:EA
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sat, 10 Aug 2024 23:59:59 GMT
File type ASCII text, with very long lines (543)
Hash 9c4992909a83d52617e9948d1d1c4141
587bbaea138857f086b03f43120795332fe28523
b53ed597b15301969858b376e9946d1664eff3a03549485ea678e9b8c6deaf63
GET /2ba9756ce24e85b6613a5e44df81f3a5de8f7320/s-code-contents-dcbd0d7722c067386a5d09d13c84aaf7196c1b0d.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.mariacasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "9c4992909a83d52617e9948d1d1c4141:1554112914"
last-modified: Mon, 01 Apr 2019 10:01:52 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 29629
cache-control: max-age=3600
expires: Mon, 11 Dec 2023 19:47:40 GMT
date: Mon, 11 Dec 2023 18:47:40 GMT
access-control-allow-origin: https://welcome.mariacasino.com
timing-allow-origin: *
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC
200 OK 67 kB URL GET HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PF2RVHC
IP
Requested by https://welcome.mariacasino.com/no/pop/casino/2022/index.html?ch=affiliate&sub_ch=affiliate&campaignId=2856772&btag=127656177_80E70E0B72F444B084B275A6E960B302&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37953
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
FingerprintC1:58:7C:BF:5A:61:79:08:CB:C2:00:63:60:07:86:BD:EA:0A:45:8A
ValidityMon, 20 Nov 2023 08:02:50 GMT - Mon, 12 Feb 2024 08:02:49 GMT
File type ASCII text, with very long lines (25136)
Hash c58e2c63c7843030d144f074d396e7e6
9474cc013374d5e1f8a8eef35bc4b1adbe17fc6a
d5227add56392c60a6d139bc042ff4eda4e650f5e078a07c020f800b3c22562b
GET /gtm.js?id=GTM-PF2RVHC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.mariacasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 11 Dec 2023 18:47:40 GMT
expires: Mon, 11 Dec 2023 18:47:40 GMT
cache-control: private, max-age=900
last-modified: Mon, 11 Dec 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 67322
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
assets.adobedtm.com/2ba9756ce24e85b6613a5e44df81f3a5de8f7320/scripts/satellite-580f0b8764746d390100a183.js
200 OK 1.2 kB URL GET HTTP/2 assets.adobedtm.com/2ba9756ce24e85b6613a5e44df81f3a5de8f7320/scripts/satellite-580f0b8764746d390100a183.js
IP
Requested by https://welcome.mariacasino.com/no/pop/casino/2022/index.html?ch=affiliate&sub_ch=affiliate&campaignId=2856772&btag=127656177_80E70E0B72F444B084B275A6E960B302&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37953
Certificate IssuerDigiCert Inc
Subjectassets.adobedtm.com
Fingerprint8E:2F:9F:94:55:93:C2:B5:58:37:E8:D3:02:3C:23:AF:BA:E7:1D:EA
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sat, 10 Aug 2024 23:59:59 GMT
File type ASCII text, with very long lines (502)
Hash 5e8dc588959123c3ee5de9ac168d5c74
a9aed3325d14a8af844706025abbf7076c2d6df8
8bc787ce4fbc3bec820a859ce9a02388d9b923d06227c5614ea771a62ad05dec
GET /2ba9756ce24e85b6613a5e44df81f3a5de8f7320/scripts/satellite-580f0b8764746d390100a183.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.mariacasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "5e8dc588959123c3ee5de9ac168d5c74:1554112912"
last-modified: Mon, 01 Apr 2019 10:01:52 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 1199
cache-control: max-age=3600
expires: Mon, 11 Dec 2023 19:47:40 GMT
date: Mon, 11 Dec 2023 18:47:40 GMT
access-control-allow-origin: https://welcome.mariacasino.com
timing-allow-origin: *
X-Firefox-Spdy: h2
welcome.mariacasino.com/custom.js
200 OK 17 kB URL GET HTTP/2 welcome.mariacasino.com/custom.js
IP
Requested by https://welcome.mariacasino.com/no/pop/casino/2022/index.html?ch=affiliate&sub_ch=affiliate&campaignId=2856772&btag=127656177_80E70E0B72F444B084B275A6E960B302&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37953
Certificate IssuerLet's Encrypt
Subjectwelcome.mariacasino.com
Fingerprint40:A0:00:26:41:7A:12:6B:FE:71:F7:E2:B2:55:EC:BB:B2:54:58:93
ValidityMon, 30 Oct 2023 18:15:52 GMT - Sun, 28 Jan 2024 18:15:51 GMT
Hash 01a38820bcebba15c5099a3f76c50033
0dc0dc1fe9789baadc34781115c3de455306a4a6
6d7d9f4e9a44937c4330f759caf658bd1608f1fdac0b3b5bfee3a72af799638b
GET /custom.js HTTP/1.1
Host: welcome.mariacasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.mariacasino.com/no/pop/casino/2022/index.html?ch=affiliate&sub_ch=affiliate&campaignId=2856772&btag=127656177_80E70E0B72F444B084B275A6E960B302&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37953
Cookie: btag=127656177_80E70E0B72F444B084B275A6E960B302
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 11 Dec 2023 18:47:40 GMT
content-type: application/javascript
cf-ray: 833fe5bc9e2056c6-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 308755
etag: W/"0x8DA42DC14A64A3D"
last-modified: Tue, 31 May 2022 08:03:43 GMT
vary: Accept-Encoding
content-md5: AaOIILzruhXFCZo/dsUAMw==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: b7a3ce13-c01e-0031-74b0-1cf311000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
a1s.unibet.com/orval/tracking/lastclick.min.js
200 OK 1.3 kB URL GET HTTP/2 a1s.unibet.com/orval/tracking/lastclick.min.js
IP
ASN #47171 Unibet Services Limited
Requested by https://welcome.mariacasino.com/no/pop/casino/2022/index.html?ch=affiliate&sub_ch=affiliate&campaignId=2856772&btag=127656177_80E70E0B72F444B084B275A6E960B302&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37953
Certificate IssuerLet's Encrypt
Subjectunibet.com
Fingerprint1A:B0:7B:63:FE:17:68:E4:1E:85:13:D5:3D:2C:46:01:FC:B2:4C:84
ValidityMon, 06 Nov 2023 00:18:08 GMT - Sun, 04 Feb 2024 00:18:07 GMT
File type gzip compressed data, max speed, from Unix
- data
Hash 699912593ed96b1cbabc9c52bd7c796a
61b393fe162f849465352eeb3761bfb9f39d0bfb
42797ffd0da63091a5f9b29dde1e7db8f61e0e61d51984a9151d45b3235b1640
GET /orval/tracking/lastclick.min.js HTTP/1.1
Host: a1s.unibet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.mariacasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 11 Dec 2023 18:47:40 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 05 Aug 2022 12:55:24 GMT
etag: W/"705-5e57dfac7ede0"
cache-control: max-age=1800, public, must-revalidate
content-encoding: gzip
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=polopoly_desktop; Domain=a1s.unibet.com; Path=/; SameSite=None; Secure
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
Requested by https://welcome.mariacasino.com/no/pop/casino/2022/index.html?ch=affiliate&sub_ch=affiliate&campaignId=2856772&btag=127656177_80E70E0B72F444B084B275A6E960B302&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37953
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1
ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0
- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.mariacasino.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 06 Dec 2023 21:36:53 GMT
expires: Thu, 05 Dec 2024 21:36:53 GMT
cache-control: public, max-age=31536000
age: 421847
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
Requested by https://welcome.mariacasino.com/no/pop/casino/2022/index.html?ch=affiliate&sub_ch=affiliate&campaignId=2856772&btag=127656177_80E70E0B72F444B084B275A6E960B302&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37953
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1
ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0
- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.mariacasino.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:57:09 GMT
expires: Fri, 06 Dec 2024 15:57:09 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 355831
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
assets.adobedtm.com/2ba9756ce24e85b6613a5e44df81f3a5de8f7320/scripts/satellite-5b20e4d164746d3e0d0043fb.js
200 OK 1.4 kB URL GET HTTP/2 assets.adobedtm.com/2ba9756ce24e85b6613a5e44df81f3a5de8f7320/scripts/satellite-5b20e4d164746d3e0d0043fb.js
IP
Requested by https://welcome.mariacasino.com/no/pop/casino/2022/index.html?ch=affiliate&sub_ch=affiliate&campaignId=2856772&btag=127656177_80E70E0B72F444B084B275A6E960B302&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37953
Certificate IssuerDigiCert Inc
Subjectassets.adobedtm.com
Fingerprint8E:2F:9F:94:55:93:C2:B5:58:37:E8:D3:02:3C:23:AF:BA:E7:1D:EA
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sat, 10 Aug 2024 23:59:59 GMT
Hash 6444bceb1b767bea75b4f47d793f7b05
173a21cbce9a9c8b73088df59efa6049690a9cbb
7386df477cd87905ec5e618f0d3df193963ec801ff64404cc5023529b16c4d6f
GET /2ba9756ce24e85b6613a5e44df81f3a5de8f7320/scripts/satellite-5b20e4d164746d3e0d0043fb.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.mariacasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "6444bceb1b767bea75b4f47d793f7b05:1554112917"
last-modified: Mon, 01 Apr 2019 10:01:57 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Mon, 11 Dec 2023 19:47:40 GMT
date: Mon, 11 Dec 2023 18:47:40 GMT
content-length: 1388
access-control-allow-origin: https://welcome.mariacasino.com
timing-allow-origin: *
X-Firefox-Spdy: h2
welcome.mariacasino.com/no/pop/casino/2022/maria-logo.svg
200 OK 3.5 kB URL GET HTTP/2 welcome.mariacasino.com/no/pop/casino/2022/maria-logo.svg
IP
Requested by https://welcome.mariacasino.com/no/pop/casino/2022/index.html?ch=affiliate&sub_ch=affiliate&campaignId=2856772&btag=127656177_80E70E0B72F444B084B275A6E960B302&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37953
Certificate IssuerLet's Encrypt
Subjectwelcome.mariacasino.com
Fingerprint40:A0:00:26:41:7A:12:6B:FE:71:F7:E2:B2:55:EC:BB:B2:54:58:93
ValidityMon, 30 Oct 2023 18:15:52 GMT - Sun, 28 Jan 2024 18:15:51 GMT
File type SVG Scalable Vector Graphics image
- XML document text
- HTML document text
- HTML document text
- exported SGML document, ASCII text, with very long lines (3630), with no line terminators
Hash c555f8d5d6661a5a58353a9cbfd5c558
452c5c7b45b1f8e7e420cdf99d00b517ba17bec8
0af04359175453424d6552e534a91df0099dd7852f2f37025ab96d4778bd16f6
GET /no/pop/casino/2022/maria-logo.svg HTTP/1.1
Host: welcome.mariacasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.mariacasino.com/no/pop/casino/2022/index.html?ch=affiliate&sub_ch=affiliate&campaignId=2856772&btag=127656177_80E70E0B72F444B084B275A6E960B302&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37953
Cookie: btag=127656177_80E70E0B72F444B084B275A6E960B302
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 11 Dec 2023 18:47:40 GMT
content-type: image/svg+xml
cf-ray: 833fe5bcae2456c6-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 575607
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB47DF193CDB8"
last-modified: Wed, 13 Sep 2023 17:22:01 GMT
vary: Accept-Encoding
content-md5: A/evXSZJMSEi63VEXU58wA==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 6ac808b1-901e-004e-74a6-213c8a000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
welcome.mariacasino.com/no/pop/casino/2022/favicon.ico
200 OK 4.3 kB URL GET HTTP/2 welcome.mariacasino.com/no/pop/casino/2022/favicon.ico
IP
Requested by https://welcome.mariacasino.com/no/pop/casino/2022/index.html?ch=affiliate&sub_ch=affiliate&campaignId=2856772&btag=127656177_80E70E0B72F444B084B275A6E960B302&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37953
Certificate IssuerLet's Encrypt
Subjectwelcome.mariacasino.com
Fingerprint40:A0:00:26:41:7A:12:6B:FE:71:F7:E2:B2:55:EC:BB:B2:54:58:93
ValidityMon, 30 Oct 2023 18:15:52 GMT - Sun, 28 Jan 2024 18:15:51 GMT
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel
- data
Hash 75467aea7c9ef09112d57da712792f1c
2fd85767a73ad15745af9ae26f51edae5cf431bf
b65996d71ae18fdc3744b16a5fc11a00e625af41b3506ec798a8e62c2d80dabb
GET /no/pop/casino/2022/favicon.ico HTTP/1.1
Host: welcome.mariacasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.mariacasino.com/no/pop/casino/2022/index.html?ch=affiliate&sub_ch=affiliate&campaignId=2856772&btag=127656177_80E70E0B72F444B084B275A6E960B302&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37953
Cookie: btag=127656177_80E70E0B72F444B084B275A6E960B302; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=-306458230%7CMCIDTS%7C19703%7CMCMID%7C47458707625313056780741482770059111586%7CMCAID%7CNONE%7CMCOPTOUT-1702327660s%7CNONE%7CvVersion%7C3.2.0; sat_track=true; AMCVS_F431E3BC5593E3887F000101%40AdobeOrg=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 11 Dec 2023 18:47:40 GMT
content-type: image/x-icon
cf-ray: 833fe5bffaee56c6-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 435689
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB47DF1F3E0A4"
last-modified: Wed, 13 Sep 2023 17:22:02 GMT
vary: Accept-Encoding
content-md5: dUZ66nye8JES1X2nEnkvHA==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: d68afac7-501e-0041-1361-1d4ae6000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
welcome.mariacasino.com/no/pop/casino/2022/main.js
200 OK 20 kB URL GET HTTP/2 welcome.mariacasino.com/no/pop/casino/2022/main.js
IP
Requested by https://welcome.mariacasino.com/no/pop/casino/2022/index.html?ch=affiliate&sub_ch=affiliate&campaignId=2856772&btag=127656177_80E70E0B72F444B084B275A6E960B302&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37953
Certificate IssuerLet's Encrypt
Subjectwelcome.mariacasino.com
Fingerprint40:A0:00:26:41:7A:12:6B:FE:71:F7:E2:B2:55:EC:BB:B2:54:58:93
ValidityMon, 30 Oct 2023 18:15:52 GMT - Sun, 28 Jan 2024 18:15:51 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /no/pop/casino/2022/main.js HTTP/1.1
Host: welcome.mariacasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.mariacasino.com/no/pop/casino/2022/index.html?ch=affiliate&sub_ch=affiliate&campaignId=2856772&btag=127656177_80E70E0B72F444B084B275A6E960B302&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37953
Cookie: btag=127656177_80E70E0B72F444B084B275A6E960B302
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 11 Dec 2023 18:47:40 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 833fe5bc9e1d56c6-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 52906
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB47DF21F2FDA"
last-modified: Wed, 13 Sep 2023 17:22:02 GMT
vary: Accept-Encoding
content-md5: HUKMSjGdEVR6I7ylcruk3g==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: f441e222-a01e-0018-38dc-20cd65000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
welcome.mariacasino.com/no/pop/casino/2022/BlenderPro-MediumWeb.woff
200 OK 49 kB URL GET HTTP/2 welcome.mariacasino.com/no/pop/casino/2022/BlenderPro-MediumWeb.woff
IP
Requested by https://welcome.mariacasino.com/no/pop/casino/2022/index.html?ch=affiliate&sub_ch=affiliate&campaignId=2856772&btag=127656177_80E70E0B72F444B084B275A6E960B302&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37953
Certificate IssuerLet's Encrypt
Subjectwelcome.mariacasino.com
Fingerprint40:A0:00:26:41:7A:12:6B:FE:71:F7:E2:B2:55:EC:BB:B2:54:58:93
ValidityMon, 30 Oct 2023 18:15:52 GMT - Sun, 28 Jan 2024 18:15:51 GMT
File type Web Open Font Format, TrueType, length 48766, version 3.6
- data
Hash f62793caeb7e5b111d7508b00c0826c2
d003c52a07685156de00186014c777b7dde81573
bac888a26184354a6038eb4ba3d87fdc3315c6e7fe0c19ec7cd1737f1720fc5a
GET /no/pop/casino/2022/BlenderPro-MediumWeb.woff HTTP/1.1
Host: welcome.mariacasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://welcome.mariacasino.com/no/pop/casino/2022/styles.css
Cookie: btag=127656177_80E70E0B72F444B084B275A6E960B302; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=-306458230%7CMCIDTS%7C19703%7CMCMID%7C47458707625313056780741482770059111586%7CMCAID%7CNONE%7CMCOPTOUT-1702327660s%7CNONE%7CvVersion%7C3.2.0; sat_track=true; AMCVS_F431E3BC5593E3887F000101%40AdobeOrg=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 11 Dec 2023 18:47:40 GMT
content-type: application/font-woff
content-length: 48766
cf-ray: 833fe5bf09a356c6-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: *
age: 510702
cache-control: public, max-age=900, immutable
etag: "0x8DBB47DF1B5CF8B"
last-modified: Wed, 13 Sep 2023 17:22:02 GMT
vary: Accept-Encoding
content-md5: 9ieTyut+WxEddQiwDAgmwg==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: f6f9f935-601e-0028-523d-2273aa000000
x-ms-version: 2014-02-14
server: cloudflare
X-Firefox-Spdy: h2
welcome.mariacasino.com/no/pop/casino/2022/no-payments.svg
200 OK 25 kB URL GET HTTP/2 welcome.mariacasino.com/no/pop/casino/2022/no-payments.svg
IP
Requested by https://welcome.mariacasino.com/no/pop/casino/2022/index.html?ch=affiliate&sub_ch=affiliate&campaignId=2856772&btag=127656177_80E70E0B72F444B084B275A6E960B302&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37953
Certificate IssuerLet's Encrypt
Subjectwelcome.mariacasino.com
Fingerprint40:A0:00:26:41:7A:12:6B:FE:71:F7:E2:B2:55:EC:BB:B2:54:58:93
ValidityMon, 30 Oct 2023 18:15:52 GMT - Sun, 28 Jan 2024 18:15:51 GMT
File type SVG Scalable Vector Graphics image
- XML 1.0 document text
- XML document text
- HTML document text
- exported SGML document, ASCII text
Hash 7857f5fa35651d9795bac512238caaf4
107c2b86078dd49ffd18c76724bd290018719037
bf1b321fe365e6fdb5429bcebb8a6b5b9ed554d84f4eced5e69cc31038455a81
GET /no/pop/casino/2022/no-payments.svg HTTP/1.1
Host: welcome.mariacasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.mariacasino.com/no/pop/casino/2022/index.html?ch=affiliate&sub_ch=affiliate&campaignId=2856772&btag=127656177_80E70E0B72F444B084B275A6E960B302&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37953
Cookie: btag=127656177_80E70E0B72F444B084B275A6E960B302; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=-306458230%7CMCIDTS%7C19703%7CMCMID%7C47458707625313056780741482770059111586%7CMCAID%7CNONE%7CMCOPTOUT-1702327660s%7CNONE%7CvVersion%7C3.2.0; sat_track=true; AMCVS_F431E3BC5593E3887F000101%40AdobeOrg=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 11 Dec 2023 18:47:40 GMT
content-type: image/svg+xml
cf-ray: 833fe5bf9a7056c6-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 141840
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB47DF243F062"
last-modified: Wed, 13 Sep 2023 17:22:03 GMT
vary: Accept-Encoding
content-md5: eFf1+jVlHZeVusUSI4yq9A==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 1cdcd5fb-701e-0024-5107-20e4a2000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
assets.adobedtm.com/2ba9756ce24e85b6613a5e44df81f3a5de8f7320/satelliteLib-81fa49b12f4903c5e2b79397db5965ace0d8bfac.js
200 OK 162 kB URL GET HTTP/2 assets.adobedtm.com/2ba9756ce24e85b6613a5e44df81f3a5de8f7320/satelliteLib-81fa49b12f4903c5e2b79397db5965ace0d8bfac.js
IP
Requested by https://welcome.mariacasino.com/no/pop/casino/2022/index.html?ch=affiliate&sub_ch=affiliate&campaignId=2856772&btag=127656177_80E70E0B72F444B084B275A6E960B302&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37953
Certificate IssuerDigiCert Inc
Subjectassets.adobedtm.com
Fingerprint8E:2F:9F:94:55:93:C2:B5:58:37:E8:D3:02:3C:23:AF:BA:E7:1D:EA
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sat, 10 Aug 2024 23:59:59 GMT
File type exported SGML document, ASCII text, with very long lines (32764)
Size 162 kB (162309 bytes)
Hash bf8d7656a2457e257e3cf75a01e6a4b7
7c7835b4632ac21ddea281bd2454e4faf08f0ff7
e2992637a3fd258ae2bd64fb199a77155aed36554a4bed9e34ce1bc2958ada1d
GET /2ba9756ce24e85b6613a5e44df81f3a5de8f7320/satelliteLib-81fa49b12f4903c5e2b79397db5965ace0d8bfac.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.mariacasino.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "bf8d7656a2457e257e3cf75a01e6a4b7:1554112914"
last-modified: Mon, 01 Apr 2019 10:01:54 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Mon, 11 Dec 2023 19:47:40 GMT
date: Mon, 11 Dec 2023 18:47:40 GMT
access-control-allow-origin: https://welcome.mariacasino.com
timing-allow-origin: *
X-Firefox-Spdy: h2
www.mariacasino.com/kindred_snow/s3.7.0/kindred_s.js
200 OK 74 kB URL GET HTTP/2 www.mariacasino.com/kindred_snow/s3.7.0/kindred_s.js
IP
ASN #47171 Unibet Services Limited
Requested by https://welcome.mariacasino.com/no/pop/casino/2022/index.html?ch=affiliate&sub_ch=affiliate&campaignId=2856772&btag=127656177_80E70E0B72F444B084B275A6E960B302&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37953
Certificate IssuerLet's Encrypt
Subjectmariacasino.com
FingerprintD0:21:61:EE:74:5D:D8:D6:F1:19:F9:4E:33:FA:54:88:64:BF:99:CB
ValidityMon, 06 Nov 2023 00:11:24 GMT - Sun, 04 Feb 2024 00:11:23 GMT
File type ASCII text, with very long lines (65378)
Hash 3fb00dbb8acb3c68fd5ddb674f22bb88
cf7bc4f71f0ff66037ac2e564963ff4c2737e766
7d3d84e73da67922341950d1542a5a5da2420ea18026e314a9aec22f631e4246
GET /kindred_snow/s3.7.0/kindred_s.js HTTP/1.1
Host: www.mariacasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.mariacasino.com/
Cookie: btag=127656177_80E70E0B72F444B084B275A6E960B302; AMCV_F431E3BC5593E3887F000101%40AdobeOrg=-306458230%7CMCIDTS%7C19703%7CMCMID%7C47458707625313056780741482770059111586%7CMCAID%7CNONE%7CMCOPTOUT-1702327660s%7CNONE%7CvVersion%7C3.2.0; AMCVS_F431E3BC5593E3887F000101%40AdobeOrg=1; uniattr=BLP.1.UT; uniattr_ref="https://www.toprevenuegate.com/"
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 11 Dec 2023 18:47:40 GMT
content-type: application/javascript
last-modified: Mon, 11 Dec 2023 16:08:44 GMT
vary: Accept-Encoding
etag: W/"6577340c-12240"
server: kindred-loadbalancer
strict-transport-security: max-age=63072000; preload
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src 'unsafe-inline' 'unsafe-eval' http: https: data: wss: blob: jockey: unibetpro: *;
x-browser-class: A
x-os-class: M
set-cookie: clientId=browser_desktop; Domain=www.mariacasino.com; Path=/; SameSite=None; Secure
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
Requested by https://welcome.mariacasino.com/no/pop/casino/2022/index.html?ch=affiliate&sub_ch=affiliate&campaignId=2856772&btag=127656177_80E70E0B72F444B084B275A6E960B302&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37953
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1
ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://welcome.mariacasino.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 04:57:34 GMT
expires: Fri, 06 Dec 2024 04:57:34 GMT
cache-control: public, max-age=31536000
age: 395406
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
welcome.mariacasino.com/no/pop/casino/2022/index.html?ch=affiliate&sub_ch=affiliate&campaignId=2856772&btag=127656177_80E70E0B72F444B084B275A6E960B302&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37953
200 OK 10 kB URL User Request GET HTTP/2 welcome.mariacasino.com/no/pop/casino/2022/index.html?ch=affiliate&sub_ch=affiliate&campaignId=2856772&btag=127656177_80E70E0B72F444B084B275A6E960B302&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37953
IP
Certificate IssuerLet's Encrypt
Subjectwelcome.mariacasino.com
Fingerprint40:A0:00:26:41:7A:12:6B:FE:71:F7:E2:B2:55:EC:BB:B2:54:58:93
ValidityMon, 30 Oct 2023 18:15:52 GMT - Sun, 28 Jan 2024 18:15:51 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /no/pop/casino/2022/index.html?ch=affiliate&sub_ch=affiliate&campaignId=2856772&btag=127656177_80E70E0B72F444B084B275A6E960B302&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37953 HTTP/1.1
Host: welcome.mariacasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.toprevenuegate.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 11 Dec 2023 18:47:40 GMT
content-type: text/html; charset=utf-8
cf-ray: 833fe5babc2356c6-OSL
cf-cache-status: MISS
access-control-allow-origin: *
cache-control: public, max-age=900, immutable
last-modified: Wed, 13 Sep 2023 17:22:01 GMT
vary: Accept-Encoding
content-md5: 195t/EFQHfrEDazau7jk+g==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 290b2c78-b01e-0066-3e62-2c5d22000000
x-ms-version: 2014-02-14
set-cookie: btag=127656177_80E70E0B72F444B084B275A6E960B302;max-age=2592000; domain=.mariacasino.com;path=/;secure;samesite=none;httponly
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
welcome.mariacasino.com/no/pop/casino/2022/styles.css
200 OK 13 kB URL GET HTTP/2 welcome.mariacasino.com/no/pop/casino/2022/styles.css
IP
Requested by https://welcome.mariacasino.com/no/pop/casino/2022/index.html?ch=affiliate&sub_ch=affiliate&campaignId=2856772&btag=127656177_80E70E0B72F444B084B275A6E960B302&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37953
Certificate IssuerLet's Encrypt
Subjectwelcome.mariacasino.com
Fingerprint40:A0:00:26:41:7A:12:6B:FE:71:F7:E2:B2:55:EC:BB:B2:54:58:93
ValidityMon, 30 Oct 2023 18:15:52 GMT - Sun, 28 Jan 2024 18:15:51 GMT
Hash 9c7198fae65fdd565a2016879123ca09
e8a4caac57eef46c656b9ce1aeb9067f470baa32
fc67c9b12d5fa444ce772f52e859f6b3388d20adaf2907762eaf5cff4575f918
GET /no/pop/casino/2022/styles.css HTTP/1.1
Host: welcome.mariacasino.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://welcome.mariacasino.com/no/pop/casino/2022/index.html?ch=affiliate&sub_ch=affiliate&campaignId=2856772&btag=127656177_80E70E0B72F444B084B275A6E960B302&sref=ADST&ADST=19854905&affiliateId=1&pid=94151521&bid=37953
Cookie: btag=127656177_80E70E0B72F444B084B275A6E960B302
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 11 Dec 2023 18:47:40 GMT
content-type: text/css; charset=utf-8
cf-ray: 833fe5bc9e0f56c6-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 203238
cache-control: public, max-age=900, immutable
etag: W/"0x8DBB47DF17A7D2B"
last-modified: Wed, 13 Sep 2023 17:22:01 GMT
vary: Accept-Encoding
content-md5: nHGY+uZf3VZaIBaHkSPKCQ==
x-ms-blob-type: BlockBlob
x-ms-lease-state: available
x-ms-lease-status: unlocked
x-ms-request-id: 17bf22a3-501e-006e-7067-1f472d000000
x-ms-version: 2014-02-14
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
142.250.74.83
23.36.79.34
85.184.96.5
104.18.40.68
52.58.59.63
0.0.0.0