thechoicelive.com/nlu/qakbot.zip
194.163.180.153301 Moved Permanently 248 B URL HTTP/1.1 thechoicelive.com/nlu/qakbot.zip
IP 194.163.180.153:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash da9044782830f2160fad7a7ab214837b
4f3c8f10d0f29480e5de0b4729b2a5fd31470cc4
c6b6844ce22fca320b3ffbc38d7cc3369270fe48c23d0f0f6748da305796c4ed
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /nlu/qakbot.zip HTTP/1.1
Host: thechoicelive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 08 Nov 2022 20:01:47 GMT
Server: Apache
Location: https://thechoicelive.com/nlu/qakbot.zip
Content-Length: 248
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c7a8ba48383a0e56baca8c8c41b81a04
b04c1f1e730a71f17ff639c9db697c532d4e5421
7860552382285e6eddddc5226c6f6400caa3f6fc3cb4b8a2d550c6fc653f78bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7860552382285E6EDDDDC5226C6F6400CAA3F6FC3CB4B8A2D550C6FC653F78BB"
Last-Modified: Sun, 06 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10719
Expires: Tue, 08 Nov 2022 23:00:26 GMT
Date: Tue, 08 Nov 2022 20:01:47 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7908acd0c083145e2b454aaeb063c236
0696647bb0a4118327f637a50ebcc21bac39d592
ffc30b68df0b33d67f31e37bbf5ae5cf4c23e1c8b8197bf76a95ee06bec4cd36
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3902
Cache-Control: max-age=142466
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 20:01:47 GMT
Etag: "636a2fef-1d7"
Expires: Thu, 10 Nov 2022 11:36:13 GMT
Last-Modified: Tue, 08 Nov 2022 10:31:11 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9a21dcd6794c5ba4178522096f695511
d731cf49db5e048d0d820d5cee03417cdd8c1c7b
c4981ce849fcfce045d1c9eeb2978767d87fcbf6087626f3d6541ec8b1938a37
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C4981CE849FCFCE045D1C9EEB2978767D87FCBF6087626F3D6541EC8B1938A37"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20430
Expires: Wed, 09 Nov 2022 01:42:17 GMT
Date: Tue, 08 Nov 2022 20:01:47 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7908acd0c083145e2b454aaeb063c236
0696647bb0a4118327f637a50ebcc21bac39d592
ffc30b68df0b33d67f31e37bbf5ae5cf4c23e1c8b8197bf76a95ee06bec4cd36
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3902
Cache-Control: max-age=142466
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 20:01:47 GMT
Etag: "636a2fef-1d7"
Expires: Thu, 10 Nov 2022 11:36:13 GMT
Last-Modified: Tue, 08 Nov 2022 10:31:11 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: +SQG46EwMWgPFaBUSzkwGDttTUExjEaRedFeBKUtr6tjvI2O1oUHtVuoTkT2snDSnZx6GINPzww=
x-amz-request-id: AYMCPWDE5PKCZNX5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 08 Nov 2022 19:11:25 GMT
age: 3022
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 08 Nov 2022 20:01:47 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
thechoicelive.com/nlu/qakbot.zip
194.163.180.153307 Temporary Redirect 20 B URL HTTP/1.1 thechoicelive.com/nlu/qakbot.zip
IP 194.163.180.153:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /nlu/qakbot.zip HTTP/1.1
Host: thechoicelive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 307 Temporary Redirect
Date: Tue, 08 Nov 2022 20:01:47 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Set-Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; expires=Tue, 08-Nov-2022 22:01:47 GMT; Max-Age=7200; path=/
6077f80d69618_ci_session=72175a59f68f8d4dce264ae868aa5202847bf339; expires=Thu, 10-Nov-2022 20:01:47 GMT; Max-Age=172800; path=/; HttpOnly
Location: https://thechoicelive.com/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
thechoicelive.com/
194.163.180.153200 OK 40 kB IP 194.163.180.153:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3531), with CRLF, LF line terminators
Hash 664b56022080564b505d6db3c33d17c6
bc208d3a70e970d40902faaafe09d7fb5205c6cc
19d2b726c826416594f5aac8f0d7bdfca604de2e6f9f8e99e21cfe1ad9b7f55b
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: thechoicelive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; 6077f80d69618_ci_session=72175a59f68f8d4dce264ae868aa5202847bf339
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 20:01:47 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Set-Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; expires=Tue, 08-Nov-2022 22:01:47 GMT; Max-Age=7200; path=/
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
thechoicelive.com/assets/vendor/font-icons/css/font-icon.min.css
194.163.180.153200 OK 980 B URL HTTP/1.1 thechoicelive.com/assets/vendor/font-icons/css/font-icon.min.css
IP 194.163.180.153:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (3928), with no line terminators
Hash 2800c11b8871534d565fe75e13fd6a5e
1000397d56fe91e9bac164145a0a077e507eca57
189d647efaa9704b7e1880f331f0786125b727637745da13257c0fffcb5a6c97
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/vendor/font-icons/css/font-icon.min.css HTTP/1.1
Host: thechoicelive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; 6077f80d69618_ci_session=72175a59f68f8d4dce264ae868aa5202847bf339
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 20:01:48 GMT
Server: Apache
Last-Modified: Sat, 03 Jul 2021 05:47:20 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 980
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
thechoicelive.com/assets/css/plugins-1.9.css
194.163.180.153200 OK 2.4 kB URL HTTP/1.1 thechoicelive.com/assets/css/plugins-1.9.css
IP 194.163.180.153:0
File type ASCII text, with very long lines (5257)
Hash bfc44c3f3b7d4c2f8d018afbfa66ef64
6a50e9a333363961eafb88d1dabd27d973556637
eb804cd450b5c7bb1db2982853d26a28910720b02000f6c3248e6d88c6c78c0e
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/css/plugins-1.9.css HTTP/1.1
Host: thechoicelive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; 6077f80d69618_ci_session=72175a59f68f8d4dce264ae868aa5202847bf339
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 20:01:48 GMT
Server: Apache
Last-Modified: Sat, 03 Jul 2021 05:47:20 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2391
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 9f410ccb5c0cad5afa19393e7a27abd5
d8623f131eecfe7a60777817101b0709c975e518
2fe87c8a9b914a3472e8d6f68f289550d370950987a0fdfeb0f6bf18a77c1caa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6349
Cache-Control: max-age=132323
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 20:01:48 GMT
Etag: "6369fec2-118"
Expires: Thu, 10 Nov 2022 08:47:11 GMT
Last-Modified: Tue, 08 Nov 2022 07:01:22 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 280
cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js
104.17.24.14200 OK 27 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (32058)
Hash b51f9d778be466703e73aceee13d836d
cc5cd9dd2b48712dcf90f14a1ff19d729c43e378
f1e36d8f99614eef048fe3cb4275f3234536bff3e3b1b8f763f14a8a0cadab45
GET /ajax/libs/jquery/3.2.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 08 Nov 2022 20:01:48 GMT
content-type: application/javascript; charset=utf-8
content-length: 27277
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-15283"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3606338
expires: Sun, 29 Oct 2023 20:01:48 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zm%2FqNn0DODEU%2BoccrowxssQd7byoCEP5PAgKhd8ko8dzdC8aUOEzSrFEPytEptFr794dLdDISaLWohlj8n2q1AwNsE5i20UEJn%2BrV2Perf3wTcdbEaaTjI6Q2R6pzyEZtdBivuZh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7670e7137a4dfac8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
thechoicelive.com/assets/font-awesome/css/font-awesome.min.css
194.163.180.153200 OK 6.7 kB URL HTTP/1.1 thechoicelive.com/assets/font-awesome/css/font-awesome.min.css
IP 194.163.180.153:0
File type ASCII text, with very long lines (28900)
Hash 44199db135a3cf78e3cf4bf6e3170033
96a27c54fd2723ff930c3faa8cf6c600a90ff78a
80e21be34b782b126cd2908f142df631e4396099a1e62255253b6299b3e9a0aa
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/font-awesome/css/font-awesome.min.css HTTP/1.1
Host: thechoicelive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; 6077f80d69618_ci_session=72175a59f68f8d4dce264ae868aa5202847bf339
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 20:01:48 GMT
Server: Apache
Last-Modified: Tue, 31 Oct 2017 07:23:44 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 6666
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
thechoicelive.com/assets/css/style.css
194.163.180.153200 OK 2.3 kB URL HTTP/1.1 thechoicelive.com/assets/css/style.css
IP 194.163.180.153:0
Hash 6f28e01a93ee10dc40946d461a04a9e2
ba75989cd7b00e6072f7b7876d108085cb4e9b9a
cce8d32b86b657544e47e3519c04a9a57cd8f3087e1c8d83966e37439edca45d
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/css/style.css HTTP/1.1
Host: thechoicelive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; 6077f80d69618_ci_session=72175a59f68f8d4dce264ae868aa5202847bf339
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 20:01:48 GMT
Server: Apache
Last-Modified: Sun, 14 Aug 2022 17:43:40 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2251
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
thechoicelive.com/assets/js/jquery-1.12.4.min.js
194.163.180.153200 OK 34 kB URL HTTP/1.1 thechoicelive.com/assets/js/jquery-1.12.4.min.js
IP 194.163.180.153:0
File type ASCII text, with very long lines (32077)
Hash 90af67e8fd4d5ab0d104b28b82a5f9e3
0172e38010ebd25ebcb3f0a4094be0e20f72ac48
971b268c15450ab1dded5c1e8e7875660b086b2ca6c45a31ddfa82486b1d06d3
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/js/jquery-1.12.4.min.js HTTP/1.1
Host: thechoicelive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; 6077f80d69618_ci_session=72175a59f68f8d4dce264ae868aa5202847bf339
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 20:01:48 GMT
Server: Apache
Last-Modified: Sat, 03 Jul 2021 05:47:20 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 33760
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
thechoicelive.com/assets/radioupdate2/style.css
194.163.180.153404 Not Found 11 kB URL HTTP/1.1 thechoicelive.com/assets/radioupdate2/style.css
IP 194.163.180.153:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3531), with CRLF, LF line terminators
Hash cac4f712e4438ba9acb684d81c7d50df
6a5d3c9164c2c4808a1bfe2669abd5f19511d4e4
f828c2b22a6a3b6fad7d9b34ab00388be65c165575cf4b4abbcb6a87de44d1bd
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/radioupdate2/style.css HTTP/1.1
Host: thechoicelive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; 6077f80d69618_ci_session=72175a59f68f8d4dce264ae868aa5202847bf339
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Tue, 08 Nov 2022 20:01:48 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Set-Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; expires=Tue, 08-Nov-2022 22:01:48 GMT; Max-Age=7200; path=/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
thechoicelive.com/assets/vendor/bootstrap/css/bootstrap.min.css
194.163.180.153200 OK 20 kB URL HTTP/1.1 thechoicelive.com/assets/vendor/bootstrap/css/bootstrap.min.css
IP 194.163.180.153:0
File type ASCII text, with very long lines (17582)
Hash c22c714090caa8c90cc5b3c91793c5cb
f2a0a9eb4867ede73d76e21daf69a6877e5ae5e1
a63e1ae2ab2cb111669f6facd138320ae192b41aeb1a7f715d12ed7118b7ba55
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/vendor/bootstrap/css/bootstrap.min.css HTTP/1.1
Host: thechoicelive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; 6077f80d69618_ci_session=72175a59f68f8d4dce264ae868aa5202847bf339
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 20:01:48 GMT
Server: Apache
Last-Modified: Mon, 05 Sep 2022 14:07:14 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 19937
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
thechoicelive.com/assets/css/style-1.9.min.css
194.163.180.153200 OK 60 kB URL HTTP/1.1 thechoicelive.com/assets/css/style-1.9.min.css
IP 194.163.180.153:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (55287), with CRLF line terminators
Hash 8a5bf7aa688cb2f8fe7a75ddbd38d1c0
54f640662076922621de8f1ecd5bbcc8cc9da0bd
c563f60e70a1b0a5855de8acccbe1f336d4a3f177f1e4bca90228eaeb6ab2325
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/css/style-1.9.min.css HTTP/1.1
Host: thechoicelive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; 6077f80d69618_ci_session=72175a59f68f8d4dce264ae868aa5202847bf339
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 20:01:48 GMT
Server: Apache
Last-Modified: Tue, 06 Sep 2022 18:29:42 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
thechoicelive.com/assets/css/award.css
194.163.180.153200 OK 682 B URL HTTP/1.1 thechoicelive.com/assets/css/award.css
IP 194.163.180.153:0
File type ASCII text, with CRLF line terminators
Hash 350cf8ffb4c41f828dfaaf1919c8a4f0
d6c28345711ba8b1f5297f1fde56632443c7f693
850f2429e05146339f5b165d1e4db47331726e30ac836ffbb793d6b4f7efd094
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/css/award.css HTTP/1.1
Host: thechoicelive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; 6077f80d69618_ci_session=72175a59f68f8d4dce264ae868aa5202847bf339
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 20:01:48 GMT
Server: Apache
Last-Modified: Sat, 18 Jun 2022 05:44:02 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 682
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d6dbaa7f1a697305cfaabdc859cdb9d3
680fa363852fb33b9b76b83d3ba5c0a4c51499cb
2ccc20d4d484d91da7e9fb07056d62a620af07b21f495be49f54e7e83c988dda
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 20:01:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b10986024b7c43560e2e76cb10764ec4
dcb10e65ceffd902d240df3c5682be4388119a96
6b9d5fdaeaf7b5c35fa5db97477ec3cde32b64b54b44c0d48b41fef1857630e9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 20:01:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2a47d129a3af5f02c654faf925c60273
9ad27ed9f4500c939260a677c12e702599b00fa9
0e031af077bf7009ffefada782407a247bbd31bddc96994c68de7bfe902bf992
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4110
Cache-Control: max-age=137608
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 20:01:48 GMT
Etag: "636a1c26-1d7"
Expires: Thu, 10 Nov 2022 10:15:16 GMT
Last-Modified: Tue, 08 Nov 2022 09:06:46 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
thechoicelive.com/assets/js/script-1.9.min.js
194.163.180.153200 OK 3.6 kB URL HTTP/1.1 thechoicelive.com/assets/js/script-1.9.min.js
IP 194.163.180.153:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (15327), with no line terminators
Hash 1021bdf748e7020d618f3bc0d1a5b140
7d9946f359a49a951c1fcf609d3ff01c34b51385
ff48201cfb9f961ebb0e51a1c1b076698686d4bfbf67ff4aad8fba5b0379bebd
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/js/script-1.9.min.js HTTP/1.1
Host: thechoicelive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; 6077f80d69618_ci_session=72175a59f68f8d4dce264ae868aa5202847bf339
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 20:01:48 GMT
Server: Apache
Last-Modified: Sat, 03 Jul 2021 05:47:20 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3578
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
thechoicelive.com/assets/js/plugins-1.8.js
194.163.180.153200 OK 62 kB URL HTTP/1.1 thechoicelive.com/assets/js/plugins-1.8.js
IP 194.163.180.153:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (32033)
Hash 4f8e85b1e6fb8f1edf31d7b0b4448591
67edecf34b29c6be59521fb7ad522c20ab1371f3
6daa5c12f8c5546082c59d342d0e857a8f3badbbc834bcd876bfc5eb64536288
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/js/plugins-1.8.js HTTP/1.1
Host: thechoicelive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; 6077f80d69618_ci_session=72175a59f68f8d4dce264ae868aa5202847bf339
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 20:01:48 GMT
Server: Apache
Last-Modified: Sat, 03 Jul 2021 05:47:20 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 9f410ccb5c0cad5afa19393e7a27abd5
d8623f131eecfe7a60777817101b0709c975e518
2fe87c8a9b914a3472e8d6f68f289550d370950987a0fdfeb0f6bf18a77c1caa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6349
Cache-Control: max-age=132323
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 20:01:48 GMT
Etag: "6369fec2-118"
Expires: Thu, 10 Nov 2022 08:47:11 GMT
Last-Modified: Tue, 08 Nov 2022 07:01:22 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 280
www.googletagmanager.com/gtag/js?id=G-ZPDXJH8V7Q
142.250.74.168200 OK 76 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-ZPDXJH8V7Q
IP 142.250.74.168:0
File type ASCII text, with very long lines (21373)
Hash da58e6f431ca4f7640106c2414734c24
70e2f94f6de25f03f2f2dcb7c968d9451c07b2b4
55b79738c0c3f365202aaa927ec595ed4554d1e40379d314b875aa535b9a6da7
GET /gtag/js?id=G-ZPDXJH8V7Q HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 08 Nov 2022 20:01:48 GMT
expires: Tue, 08 Nov 2022 20:01:48 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76516
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
thechoicelive.com/assets/img/img_bg_md.png
194.163.180.153200 OK 117 B URL HTTP/1.1 thechoicelive.com/assets/img/img_bg_md.png
IP 194.163.180.153:0
File type PNG image data, 380 x 226, 1-bit colormap, non-interlaced\012- data
Hash 7779fbf937d0b377e4c60002ef38ea1d
d8357be7df11e76fcb4e17c9d90d7a4c0fd86fa2
084a25db597d80cd0ed1fed725a7c5b1c61453158155699fada8f454f6dab1b9
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/img/img_bg_md.png HTTP/1.1
Host: thechoicelive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; 6077f80d69618_ci_session=72175a59f68f8d4dce264ae868aa5202847bf339
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 20:01:48 GMT
Server: Apache
Last-Modified: Sat, 03 Jul 2021 05:47:20 GMT
Accept-Ranges: bytes
Content-Length: 117
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
thechoicelive.com/assets/img/img_bg_lg.png
194.163.180.153200 OK 153 B URL HTTP/1.1 thechoicelive.com/assets/img/img_bg_lg.png
IP 194.163.180.153:0
File type PNG image data, 750 x 500, 1-bit colormap, non-interlaced\012- data
Hash b7f3849da720c2d73c5fa77a74ce462e
3cc601b13c8159421990de8fab5837eba0866a05
9120234735ce930777b184fd667789c22efe2e0e926e5ce455b52c2af0d19324
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/img/img_bg_lg.png HTTP/1.1
Host: thechoicelive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; 6077f80d69618_ci_session=72175a59f68f8d4dce264ae868aa5202847bf339
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 20:01:48 GMT
Server: Apache
Last-Modified: Sat, 03 Jul 2021 05:47:20 GMT
Accept-Ranges: bytes
Content-Length: 153
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
thechoicelive.com/uploads/logo/logo_62f7ef389404e.png
194.163.180.153200 OK 16 kB URL HTTP/1.1 thechoicelive.com/uploads/logo/logo_62f7ef389404e.png
IP 194.163.180.153:0
File type PNG image data, 201 x 63, 8-bit/color RGBA, non-interlaced\012- data
Hash f4861fac22ee5843e072f2e786b63df0
bde199ef7810d7a315c4bc58e2c2940943a0c37c
0076ba9c102a3d2f3f0472c2026129f991e7a34da6a142d136e71de2ea9ad6f8
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/logo/logo_62f7ef389404e.png HTTP/1.1
Host: thechoicelive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; 6077f80d69618_ci_session=72175a59f68f8d4dce264ae868aa5202847bf339
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 20:01:48 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 18:36:40 GMT
Accept-Ranges: bytes
Content-Length: 16289
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png
thechoicelive.com/uploads/logo/logo_63190850f3289.png
194.163.180.153200 OK 16 kB URL HTTP/1.1 thechoicelive.com/uploads/logo/logo_63190850f3289.png
IP 194.163.180.153:0
File type PNG image data, 201 x 63, 8-bit/color RGBA, non-interlaced\012- data
Hash f4861fac22ee5843e072f2e786b63df0
bde199ef7810d7a315c4bc58e2c2940943a0c37c
0076ba9c102a3d2f3f0472c2026129f991e7a34da6a142d136e71de2ea9ad6f8
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/logo/logo_63190850f3289.png HTTP/1.1
Host: thechoicelive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; 6077f80d69618_ci_session=72175a59f68f8d4dce264ae868aa5202847bf339
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 20:01:48 GMT
Server: Apache
Last-Modified: Wed, 07 Sep 2022 21:08:32 GMT
Accept-Ranges: bytes
Content-Length: 16289
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 3b26e900b9be930a07101e0d5f5de579
fc84082e3eef2e000f255f1cbd4cf45b694a2118
1dff9aae4984871070d193b60d41548a8a816f0ba20839d41d6e73a08e548afe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 20:01:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b10986024b7c43560e2e76cb10764ec4
dcb10e65ceffd902d240df3c5682be4388119a96
6b9d5fdaeaf7b5c35fa5db97477ec3cde32b64b54b44c0d48b41fef1857630e9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 20:01:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.thechoicelive.com/uploads/blocks/block_631906f153232.png
194.163.180.153200 OK 68 kB URL HTTP/1.1 www.thechoicelive.com/uploads/blocks/block_631906f153232.png
IP 194.163.180.153:0
File type PNG image data, 751 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash 608798928ade8004732b6bddaa1a91b8
7115e424f9eebefd65d794b174265d3a7452ba09
42a4aa006834a207ab3a0f08732f399a767f5ee24aabac50bf9f0abb71eece8a
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/blocks/block_631906f153232.png HTTP/1.1
Host: www.thechoicelive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 20:01:48 GMT
Server: Apache
Last-Modified: Wed, 07 Sep 2022 21:02:41 GMT
Accept-Ranges: bytes
Content-Length: 68457
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
www.thechoicelive.com/uploads/blocks/block_6319073e68685.jpg
194.163.180.153200 OK 9.3 kB URL HTTP/1.1 www.thechoicelive.com/uploads/blocks/block_6319073e68685.jpg
IP 194.163.180.153:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 305x165, components 3\012- data
Hash 7b7b904a22138e1d4181d0d02f91cd8f
59078cade72cde5c874212f7230600c409991860
ac52852bf4f64266f34dc7ce7583114f6fec8a16d253e1feedf7d4a62c3b724c
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/blocks/block_6319073e68685.jpg HTTP/1.1
Host: www.thechoicelive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 20:01:48 GMT
Server: Apache
Last-Modified: Wed, 07 Sep 2022 21:03:58 GMT
Accept-Ranges: bytes
Content-Length: 9342
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
thechoicelive.com/assets/radioupdate2/style.css
194.163.180.153404 Not Found 11 kB URL HTTP/1.1 thechoicelive.com/assets/radioupdate2/style.css
IP 194.163.180.153:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3531), with CRLF, LF line terminators
Hash 4f50a192e0dfcc5a187fad63b712d460
bf243f26576f83578ddfd7763c9afe7b067f2165
c40e03a9daaf11de462b7424fafdee1cfaf1161eb79d1d81976cf59af51162e1
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/radioupdate2/style.css HTTP/1.1
Host: thechoicelive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; 6077f80d69618_ci_session=72175a59f68f8d4dce264ae868aa5202847bf339
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Tue, 08 Nov 2022 20:01:48 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Set-Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; expires=Tue, 08-Nov-2022 22:01:48 GMT; Max-Age=7200; path=/
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
www.thechoicelive.com/uploads/blocks/block_63190725ab3e7.gif
194.163.180.153200 OK 27 kB URL HTTP/1.1 www.thechoicelive.com/uploads/blocks/block_63190725ab3e7.gif
IP 194.163.180.153:0
File type GIF image data, version 89a, 728 x 90\012- data
Hash bc6db2a90a324bd6d7feade6595950b1
8d5074557397004f86691bfc469826aac2c58e2d
96d59f92ef3b15101dc814bf5355138ca7df5992be01c9b3339970c1c58b2290
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/blocks/block_63190725ab3e7.gif HTTP/1.1
Host: www.thechoicelive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 20:01:48 GMT
Server: Apache
Last-Modified: Wed, 07 Sep 2022 21:03:33 GMT
Accept-Ranges: bytes
Content-Length: 26939
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/gif
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 69293b8c8a45196bb68c2fb4a573ee67
fbd418617bfbf280af580abf1d2698db8228d84b
bda77decf1a738ce7c86b23325d36faeff1878c643547c54dd62f182fc7ad5ed
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6217
Cache-Control: max-age=156613
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 20:01:48 GMT
Etag: "636a5e28-1d7"
Expires: Thu, 10 Nov 2022 15:32:01 GMT
Last-Modified: Tue, 08 Nov 2022 13:48:24 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.38.146.2101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.38.146.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: eCQ9SnTnO/DAFb98dSf12g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: nabSg2Xmn6IJKtIJJUGMcSKrx5w=
thechoicelive.com/assets/vendor/font-icons/font/font-icon.woff2?65810011
194.163.180.153200 OK 15 kB URL HTTP/1.1 thechoicelive.com/assets/vendor/font-icons/font/font-icon.woff2?65810011
IP 194.163.180.153:0
File type Web Open Font Format (Version 2), TrueType, length 15140, version 1.0\012- data
Hash 86dd66565e25ff179054dcd97a11e17a
5ccb315692fa585b86da7888a5bb07dce7c14b5f
040e0418a602fe2613bf97a01a403f4d46a8e859bd6258b8bfdbf8813a6621ca
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/vendor/font-icons/font/font-icon.woff2?65810011 HTTP/1.1
Host: thechoicelive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://thechoicelive.com/assets/vendor/font-icons/css/font-icon.min.css
Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; 6077f80d69618_ci_session=72175a59f68f8d4dce264ae868aa5202847bf339
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 20:01:48 GMT
Server: Apache
Last-Modified: Sat, 03 Jul 2021 05:47:20 GMT
Accept-Ranges: bytes
Content-Length: 15140
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: font/woff2
cdn.webpushr.com/app.min.js
178.62.48.34200 OK 84 kB URL HTTP/2 cdn.webpushr.com/app.min.js
IP 178.62.48.34:0
ASN #14061 DIGITALOCEAN-ASN
Hash 9c2e961e17706c582189cf00bece92c1
0ac7d93428417f2a676bf9d01d8ec04020b82493
2418606e2998e784e23a986faa8522f84207b287ada20509f4cc72e58e20fbc7
GET /app.min.js HTTP/1.1
Host: cdn.webpushr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.16.1
date: Tue, 08 Nov 2022 20:01:48 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding
last-modified: Wed, 26 Oct 2022 21:41:55 GMT
etag: W/"6359a9a3-a92e"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cache-control: max-age=86400
expires: Wed, 09 Nov 2022 20:01:48 GMT
x-gg-cache-status: HIT, HIT
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 69293b8c8a45196bb68c2fb4a573ee67
fbd418617bfbf280af580abf1d2698db8228d84b
bda77decf1a738ce7c86b23325d36faeff1878c643547c54dd62f182fc7ad5ed
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6217
Cache-Control: max-age=156613
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 20:01:48 GMT
Etag: "636a5e28-1d7"
Expires: Thu, 10 Nov 2022 15:32:01 GMT
Last-Modified: Tue, 08 Nov 2022 13:48:24 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
platform.twitter.com/widgets.js
93.184.220.66200 OK 29 kB URL HTTP/1.1 platform.twitter.com/widgets.js
IP 93.184.220.66:0
File type Unicode text, UTF-8 text, with very long lines (33915)
Hash 7899fffaf0046efb7f9be2495d9dc928
d4c60d88e8deea577a50f9d20e1b6b3a20cba2cf
07d50450f22df0588cc1b67f5a124cb91d99a032a229586eb7dc490cce9f7f30
GET /widgets.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Age: 619
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Date: Tue, 08 Nov 2022 20:01:48 GMT
Etag: "6633f9603c759c40d9b200995454f17c+gzip"
Last-Modified: Wed, 02 Nov 2022 19:43:37 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71A)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
x-amzn-internal-status: 304
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 29221
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash a9374206851834987bb6f42fdbde6965
1e7632ba7b83a2258cb88662d2fb2783d400dec3
854af7f8daaf516b72c709bf1c9e6ba2637431efac48d977c520440cb3b99dca
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 20:01:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2549062725428932
142.250.74.34200 OK 55 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2549062725428932
IP 142.250.74.34:0
File type ASCII text, with very long lines (2776)
Hash b447063bb513777b4b5eeb044fd85fca
cee54eb982bc59a44f76d08f653cbb1ee9e7e7c3
0bf4cdcafc5920c5eda42115d58d4e54512551ee2eb0c6568602fe74e30625ac
GET /pagead/js/adsbygoogle.js?client=ca-pub-2549062725428932 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://thechoicelive.com
Connection: keep-alive
Referer: https://thechoicelive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 08 Nov 2022 20:01:48 GMT
expires: Tue, 08 Nov 2022 20:01:48 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 3268146646243513510
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 55198
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
thechoicelive.com/webpushr-sw.js
194.163.180.153404 Not Found 11 kB URL HTTP/1.1 thechoicelive.com/webpushr-sw.js
IP 194.163.180.153:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3531), with CRLF, LF line terminators
Hash fabe65845928928f36dfc65db82c5e89
44eeed63d274d964674abb03dc521612199f8e06
bee70f4ffdeaaf53be9c6d8bc1c5558658addbf4f5ec5f897c497e59d0338ce0
Analyzer Verdict Alert quad9 Sinkholed
GET /webpushr-sw.js HTTP/1.1
Host: thechoicelive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; 6077f80d69618_ci_session=72175a59f68f8d4dce264ae868aa5202847bf339
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Tue, 08 Nov 2022 20:01:48 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Set-Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; expires=Tue, 08-Nov-2022 22:01:48 GMT; Max-Age=7200; path=/
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
platform-api.sharethis.com/js/sharethis.js
143.204.55.106200 OK 87 kB URL HTTP/2 platform-api.sharethis.com/js/sharethis.js
IP 143.204.55.106:0
Hash 9e21c54259e9ce16f74aa2ef4c860ad5
ce577537e57938f47338f9f5b7f4cba7bc9fc539
b286005805f9c59c72fd57dcf9cebf02db9990a5e31b60c436a7e8f9f43ea2c6
GET /js/sharethis.js HTTP/1.1
Host: platform-api.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-encoding: gzip
edge-control: cache-maxage=60m,downstream-ttl=60m
x-frame-options: SAMEORIGIN
cache-control: max-age=600, public
date: Tue, 08 Nov 2022 19:58:55 GMT
etag: W/"302c5-xv+434/YRClN3FoC1ia4zCamsAQ"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: CyB4EZwfQBbjmPDKIvS5RSEbsx0epF8pCSAIs7uhct9om55zhRll0Q==
age: 173
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
thechoicelive.com/assets/img/pwa/144x144.png
194.163.180.153404 Not Found 11 kB URL HTTP/1.1 thechoicelive.com/assets/img/pwa/144x144.png
IP 194.163.180.153:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3531), with CRLF, LF line terminators
Hash a7eb5417bfcdf6b8b13dd82f6528bca1
0a9aad4b5757ae4b6f637d069773e65776d719a2
4644614892db7c37b2bd9c5483072ddf01328c59e05c051ba589b58d2c804fdc
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/img/pwa/144x144.png HTTP/1.1
Host: thechoicelive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; 6077f80d69618_ci_session=72175a59f68f8d4dce264ae868aa5202847bf339
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Tue, 08 Nov 2022 20:01:48 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Set-Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; expires=Tue, 08-Nov-2022 22:01:48 GMT; Max-Age=7200; path=/
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash d044f3e2fc14a96cc5752446b440b143
d0d278c9eee46eb43a3f91e8fa55db206a78c93a
a0aa7ecc56cdd27079c14e17f3f790b3c01584379a519e8f7760eb81a781a02a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 20:01:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
thechoicelive.com/uploads/logo/logo_63190850f3289.PNG
194.163.180.153200 OK 677 kB URL HTTP/1.1 thechoicelive.com/uploads/logo/logo_63190850f3289.PNG
IP 194.163.180.153:0
File type PNG image data, 610 x 571, 8-bit/color RGBA, non-interlaced\012- data
Size 677 kB (676956 bytes)
Hash 469f524e21e16b496f1086dd198ae4ec
d72b17503e744fd7763c23a19bb0ad436f9cc44c
91d5d76de617ecaf45c414e2a3bc109de13db1ee6ceaac4ebbc68968a3883af4
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/logo/logo_63190850f3289.PNG HTTP/1.1
Host: thechoicelive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; 6077f80d69618_ci_session=72175a59f68f8d4dce264ae868aa5202847bf339
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 20:01:48 GMT
Server: Apache
Last-Modified: Wed, 07 Sep 2022 21:08:33 GMT
Accept-Ranges: bytes
Content-Length: 676956
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
thechoicelive.com/uploads/images/2022/11/image_600x460_636aa4f6e0bd7.jpg
194.163.180.153200 OK 34 kB URL HTTP/1.1 thechoicelive.com/uploads/images/2022/11/image_600x460_636aa4f6e0bd7.jpg
IP 194.163.180.153:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 600x460, components 3\012- data
Hash 9ddf64503e59a14dd60a7db4347a67d0
e587a5bc111176e4526e5cc1baf2e81181bac33f
847720f52cacaddee9b08f31286da2d72540019ef52ed2040beb1ae48151ebd0
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/images/2022/11/image_600x460_636aa4f6e0bd7.jpg HTTP/1.1
Host: thechoicelive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; 6077f80d69618_ci_session=72175a59f68f8d4dce264ae868aa5202847bf339
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 20:01:49 GMT
Server: Apache
Last-Modified: Tue, 08 Nov 2022 18:50:30 GMT
Accept-Ranges: bytes
Content-Length: 34439
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
thechoicelive.com/webpushr-sw.js
194.163.180.153404 Not Found 11 kB URL HTTP/1.1 thechoicelive.com/webpushr-sw.js
IP 194.163.180.153:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3531), with CRLF, LF line terminators
Hash 3c731cccd027bb0ca0052fb1b70279f0
d9a791610302c01bfb4de05c98655c80089d502a
fed1ff0b64016bda44b14ae1dffdf1b85452ea393eeacc89576cd32830af25e7
Analyzer Verdict Alert quad9 Sinkholed
GET /webpushr-sw.js HTTP/1.1
Host: thechoicelive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; 6077f80d69618_ci_session=72175a59f68f8d4dce264ae868aa5202847bf339
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Tue, 08 Nov 2022 20:01:49 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Set-Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; expires=Tue, 08-Nov-2022 22:01:49 GMT; Max-Age=7200; path=/
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fthechoicelive.com
93.184.220.66200 OK 105 kB URL HTTP/1.1 platform.twitter.com/widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fthechoicelive.com
IP 93.184.220.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (56168)
Size 105 kB (105445 bytes)
Hash 2b4968b185495eddda0d85b2351ebb71
c665785ca0f4039f8c71d94631cd50a879d866b5
eb8af089d8082a58a6e90fedc23007f17a9e89ddbc6a29b6e535e4847ba94160
GET /widgets/widget_iframe.644279d1635fd969e87af94a98bd232b.html?origin=https%3A%2F%2Fthechoicelive.com HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 510056
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 08 Nov 2022 20:01:49 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:59 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105445
static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/ScKYGqqHLxM.css?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 5.0 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/ScKYGqqHLxM.css?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (4431)
Hash 68b687b4bd9b8bc82a675dcc86c76b59
4e9194a9831c6c1b400ebe65e6be09661f0997cd
f7acf02cb9f1350a252391e55a8e577ea291aa212f3577aa15c8f0d963a12e5f
GET /rsrc.php/v3/yF/l/0,cross/ScKYGqqHLxM.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 08 Nov 2023 18:03:24 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: aLaHtL2bi8gqZ13MhsdrWQ==
x-fb-debug: U2NYlGCDC8vM6+H94gXuaKpd2vCIvO+cBEZrmO/ZCY/220x4aySHC0Vjdw8uuAPICOmRg5+Qwt5jx++CX+JF9Q==
priority: u=2
content-length: 5031
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 20:01:49 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y7/r/_jixirLUzY9.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 4.5 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y7/r/_jixirLUzY9.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (2186)
Hash 33ae46fb5ca5586b8eb684c440bdfde3
cc75ec00d4e015261cbc526606a7478ad72a9e43
c475fadc8a824492c8eeba78780349b668c4111794dcbe1a18fcd19bbee38de4
GET /rsrc.php/v3/y7/r/_jixirLUzY9.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 03 Nov 2023 06:15:25 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: M65G+1ylWGuOtoTEQL394w==
x-fb-debug: VQd+jiE/YM9O7IEUhklCp4iUczum/ERYFsBbEam6pexOxiTBzn2vBUxMsU53Ri0PbzNXpdK+OVkgLH6mDgWdqw==
content-length: 4455
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 20:01:49 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 338 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (327)
Hash 76f593e842677f73cd0a06232874b2c3
25a13f79478d5a0e286a2299dca2f3b296463079
74dcbe026002f10b703960a500b50dabe518862e568a9e689dec7afa243fa44d
GET /rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 04 Nov 2023 01:07:24 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: dvWT6EJnf3PNCgYjKHSyww==
x-fb-debug: TIWXEFhH8MaVRKrB0HRPuV7j/n7NcYR0oDHUiYbR8N6/j4TWO44YlUaI3DrtVTOHLXWbhU3d0A605GHcCDuB1w==
priority: u=3,i
content-length: 338
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 20:01:49 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yW/r/SigIl-WfFaj.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 4.6 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yW/r/SigIl-WfFaj.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type C source, ASCII text, with very long lines (10494)
Hash 2eb625206434356a5678c51841c11964
4ecd1c720cc21d03d6c5d68a3cfbe7636cccf23d
feab180e6aa77381b51329ed9391e05765ab1a7831691215010cce091f635781
GET /rsrc.php/v3/yW/r/SigIl-WfFaj.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 04 Nov 2023 06:52:20 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: LrYlIGQ0NWpWeMUYQcEZZA==
x-fb-debug: 7iGu7w468misanBoQha65sd9JUn7Fdp1ArgzwyEA/WmqsxntGFQ0+OsG24rQ7mU8zZ6R4kxfDbeNvU3kL2Ov+w==
priority: u=3,i
content-length: 4647
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 20:01:49 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yl/r/SuHirPIqipH.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 8.2 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yl/r/SuHirPIqipH.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (9885)
Hash 0eaa197a5c011011e1489f411b042249
9ba134dd641bbbc6ce70619ccd94f5d5ef47a899
145cfec975ec864e6589409173f8f9fee2a59faf0ce28c42889897e812ab9ac4
GET /rsrc.php/v3/yl/r/SuHirPIqipH.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 04 Nov 2023 00:43:56 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: DqoZelwBEBHhSJ9BGwQiSQ==
x-fb-debug: i/kh4DlS9YhDEUyhtWbLfK2XnwFes34bVOz+8UTb+5otFPaZo2JX59vpUqkf0CU3bsO6p9Gm9vc0Qfh0anG4mw==
content-length: 8222
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 20:01:49 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3iLl54/yH/l/en_US/9ceEMw7kTfT.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 7.1 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iLl54/yH/l/en_US/9ceEMw7kTfT.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (2905)
Hash 950c261533c6a05f36c3ec2562963ecb
65cbaffa72eb8dafe5b43aec833435170c02b15d
4c9b051d6cba504010fc8ebdba2ca7da807224e44ad7e9798bb25b90069a3e11
GET /rsrc.php/v3iLl54/yH/l/en_US/9ceEMw7kTfT.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 03 Nov 2023 20:30:36 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: lQwmFTPGoF82w+wlYpY+yw==
x-fb-debug: P3JsMJ/9sMIFIo2VQUKoMne1CwmEilUE+Zfo5097yjTjyJTLSoOUizTarRB96PEFk+mUfaDACax69E6NVl0l6w==
priority: u=3,i
content-length: 7089
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 20:01:49 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yC/l/en_US/I52F_owkvX4.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 23 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iEpO4/yC/l/en_US/I52F_owkvX4.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (41977)
Hash e5ac274375457b828912871811b4be94
3bbd528facf279eab4dc093a7fad9dbc837689eb
602f6ee48130b3bcb4e21f4307bd1c83d110182e1fb4cb8f118171d10c6f5ae4
GET /rsrc.php/v3iEpO4/yC/l/en_US/I52F_owkvX4.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 04 Nov 2023 01:07:25 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 5awnQ3VFe4KJEocYEbS+lA==
x-fb-debug: 6L/x9Tj+F6DosGlmJdaQscrlSxmAAvu/DiyiNUQy4+Ikze+cetyFc+52Cj9lLf+CCTHcpmB9c81dh1xp3ClJxg==
priority: u=2
content-length: 23273
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 20:01:49 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yV/r/oDVETVg4GJv.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 7.2 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yV/r/oDVETVg4GJv.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (4061)
Hash d1ba68f146b01f4aef60d79aadb926ea
c6b4703c25d07fd2363e5d67d11e4846d9979b26
abbff04acf96f39a3121ed97505b5a23cbeee9057dd7040c58c4e423c899805d
GET /rsrc.php/v3/yV/r/oDVETVg4GJv.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 03 Nov 2023 19:15:55 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 0bpo8UawH0rvYNearbkm6g==
x-fb-debug: 3JdQxyKLncFe1MouguIcs/yRhoAHmODDSMKAf7+37YE39XQlZOEzkpfV72QBviKdm8jhmFayla948PrKMqJNHQ==
content-length: 7236
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 20:01:49 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/4_8X-2u0CDc.css?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 827 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/4_8X-2u0CDc.css?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (724)
Hash 29973cf3b0ef9f16fe31ed981b2f6573
f22eb80b89b5e0ae9ace854aab6676d56eaef6a1
476822c80e0a0ee078edb7a74db59378f8b1d43d2de844e28a9e9c2f68a4c8d8
GET /rsrc.php/v3/ys/l/0,cross/4_8X-2u0CDc.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 03 Nov 2023 20:06:17 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: KZc887Dvnxb+Me2YGy9lcw==
x-fb-debug: U8RJgKUtHGLUiQk9HHpA+IRcULT5qX+DuwPkFrA1TVl4/mz6+76fzZ9YDejeZlR7UxuiL1amRZ0p3hU19KekzQ==
priority: u=3,i
content-length: 827
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 20:01:49 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/ys/r/ojzICpVg5Kb.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 16 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/ys/r/ojzICpVg5Kb.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type C source, ASCII text, with very long lines (8749)
Hash c2b0fc32b893b1c243b3a27bcc5799cd
a9a85686e79bf7bba56cf1a7883b89447096eb54
f84f8dc2511cfbed3abe4ae7dd9c8e02c02260e0824eddaf69f2d54f3994a726
GET /rsrc.php/v3/ys/r/ojzICpVg5Kb.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 05 Nov 2023 03:23:46 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: wrD8MriTscJDs6J7zFeZzQ==
x-fb-debug: ZeaG4nczRFV9qJrZM59ZmYklxtldDRvk75b6fH34gkz1gMCEFsaTtetQwAT3aF82JRPYbxFDD5vVyCK2+3MHGg==
priority: u=3,i
content-length: 16259
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 20:01:49 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
stream.zeno.fm/5xnhz4kd468uv
67.23.116.179302 0 B URL HTTP/1.1 stream.zeno.fm/5xnhz4kd468uv
IP 67.23.116.179:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /5xnhz4kd468uv HTTP/1.1
Host: stream.zeno.fm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
HTTP/1.1 302
location: http://stream-41.zeno.fm/5xnhz4kd468uv?zs=uK3uNhECSEO4Y7Vke3YYCg
access-control-allow-origin: *
cache-control: no-cache
content-length: 0
date: Tue, 08 Nov 2022 20:01:48 GMT
googleads.g.doubleclick.net/pagead/html/r20221101/r20190131/zrt_lookup.html
142.250.74.130200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20221101/r20190131/zrt_lookup.html
IP 142.250.74.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 8c05c6bb1f4ff9495a769b3fe6b30e69
b6a42681e93ca0e24b67613de3a84e90a840b4d5
dc30ec15d443d8a4d2999daf5632a81da250387edb355e82a53e2166d90d984c
GET /pagead/html/r20221101/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Tue, 08 Nov 2022 18:00:32 GMT
expires: Tue, 22 Nov 2022 18:00:32 GMT
cache-control: public, max-age=1209600
age: 7277
etag: 2424782735605397694
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 1.7 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (1984)
Hash 16f083b23b565db9d2f20d1ad75933c1
6d74ad139c96b1e3fc9d541419788b5b4893ec9a
36b909cd9132a8996a1bbb221d05217c31506a6951bb408deeea6aa612dc4200
GET /rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 03 Nov 2023 05:04:25 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: FvCDsjtWXbnS8g0a11kzwQ==
x-fb-debug: 00IrCbBbnm9vzmEGDumL0sh3nuf2iWdTpefIOOCSnTUUmtz+z/FyUfmUD4SQEeD9WcEh83B1Vahq8P4hknaGTg==
content-length: 1657
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 20:01:49 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 12 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (5542)
Hash 0765d76d746716156d53d36ee6f80836
17e1546f87cc6417615caa10dcbbcb699c59471a
f1e6af63ae9ff0385126b72a492b0d34709514dd4c00074a1be28272c253d4f8
GET /rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 08 Nov 2023 14:58:40 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: B2XXbXRnFhVtU9Nu5vgINg==
x-fb-debug: D5GS3x6wx04rycniYZY/0Xz+ksXYSSm92jqaYBfwJdNE2gVWZsHNSKS1Na1e4Jf9SQ8Wn6qjKZVunFivJgncuw==
priority: u=3,i
content-length: 12369
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 20:01:49 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
thechoicelive.com/uploads/images/2022/11/image_600x460_636a64a55bd39.jpg
194.163.180.153200 OK 58 kB URL HTTP/1.1 thechoicelive.com/uploads/images/2022/11/image_600x460_636a64a55bd39.jpg
IP 194.163.180.153:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 600x460, components 3\012- data
Hash 4e1c1d5d1dc3e6f47a73f8471f50d132
9bc2aa8cb3538aff3a68aba071a0d6f1af421f2e
61a7bbac6b792a7a484a35406fe8be8011b8c83d682dafedda791d7793963b12
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/images/2022/11/image_600x460_636a64a55bd39.jpg HTTP/1.1
Host: thechoicelive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; 6077f80d69618_ci_session=72175a59f68f8d4dce264ae868aa5202847bf339
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 20:01:49 GMT
Server: Apache
Last-Modified: Tue, 08 Nov 2022 14:16:05 GMT
Accept-Ranges: bytes
Content-Length: 58454
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 59fc340dc1023185c1ae811b3e13aa26
28ecef7c063215654ed2da6d3b4bb4a6e8691729
485dd4eeda3a757fdb8de26b509eeabf8cd27fb69aa6bfb266ea3b6d106cf5c6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=137448
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 20:01:49 GMT
Etag: "636a2b95-2d7"
Expires: Thu, 10 Nov 2022 10:12:37 GMT
Last-Modified: Tue, 08 Nov 2022 10:12:37 GMT
Server: nginx
Content-Length: 727
thechoicelive.com/uploads/images/2022/11/image_140x98_6364f1650c7bd.jpg
194.163.180.153200 OK 6.3 kB URL HTTP/1.1 thechoicelive.com/uploads/images/2022/11/image_140x98_6364f1650c7bd.jpg
IP 194.163.180.153:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 140x98, components 3\012- data
Hash 602a0bff33f2d841a9c6187d59d85dd3
76530b22bac030b37c8d0ce564ff20c21afb7308
60af4c30f6f11a80da129f167f804c7158553ade74d725715c8282f134ad8184
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/images/2022/11/image_140x98_6364f1650c7bd.jpg HTTP/1.1
Host: thechoicelive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; 6077f80d69618_ci_session=72175a59f68f8d4dce264ae868aa5202847bf339; _ga_ZPDXJH8V7Q=GS1.1.1667937706.1.0.1667937706.0.0.0; _ga=GA1.1.254237680.1667937706
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 20:01:49 GMT
Server: Apache
Last-Modified: Fri, 04 Nov 2022 11:03:01 GMT
Accept-Ranges: bytes
Content-Length: 6271
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
thechoicelive.com/uploads/images/2022/11/image_140x98_6363db2937e31.jpg
194.163.180.153200 OK 4.0 kB URL HTTP/1.1 thechoicelive.com/uploads/images/2022/11/image_140x98_6363db2937e31.jpg
IP 194.163.180.153:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 140x98, components 3\012- data
Hash 35d318cb18489799aaf7f92c4ade755a
1aa6a4f8e706c89073b0d7071bf0f8ff739ee0fe
ec7bb5186c7c8a32923ac40440f12beaa4787a01f378aefe06529d40f03c8ad6
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/images/2022/11/image_140x98_6363db2937e31.jpg HTTP/1.1
Host: thechoicelive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; 6077f80d69618_ci_session=72175a59f68f8d4dce264ae868aa5202847bf339; _ga_ZPDXJH8V7Q=GS1.1.1667937706.1.0.1667937706.0.0.0; _ga=GA1.1.254237680.1667937706
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 20:01:49 GMT
Server: Apache
Last-Modified: Thu, 03 Nov 2022 15:15:53 GMT
Accept-Ranges: bytes
Content-Length: 4045
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
thechoicelive.com/uploads/images/2022/03/image_140x98_62347173f03e6.jpg
194.163.180.153200 OK 5.3 kB URL HTTP/1.1 thechoicelive.com/uploads/images/2022/03/image_140x98_62347173f03e6.jpg
IP 194.163.180.153:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 140x98, components 3\012- data
Hash 2c6a982881a2c2b7327eb31cc28ee884
d6b8e1c3183d68f27446bad609a31ca169677235
10aee5b5d48b8b7d01fc604a4aefff41e92ccfb1ada83c7042415fd8ddd56c08
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/images/2022/03/image_140x98_62347173f03e6.jpg HTTP/1.1
Host: thechoicelive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; 6077f80d69618_ci_session=72175a59f68f8d4dce264ae868aa5202847bf339; _ga_ZPDXJH8V7Q=GS1.1.1667937706.1.0.1667937706.0.0.0; _ga=GA1.1.254237680.1667937706
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 20:01:49 GMT
Server: Apache
Last-Modified: Fri, 18 Mar 2022 11:48:04 GMT
Accept-Ranges: bytes
Content-Length: 5265
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/jpeg
thechoicelive.com/uploads/images/2022/11/image_140x98_636135164327f.jpg
194.163.180.153200 OK 5.2 kB URL HTTP/1.1 thechoicelive.com/uploads/images/2022/11/image_140x98_636135164327f.jpg
IP 194.163.180.153:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 140x98, components 3\012- data
Hash 4d8c7de188612951f9e1f1fb8d6902f6
78eee1f72813843e28fe2d4f9ee9dcbf3d78627d
cbeae3c7977fe956b2b749d9cdcc2bf7e15684f8bb159795559964e804c6a7e6
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/images/2022/11/image_140x98_636135164327f.jpg HTTP/1.1
Host: thechoicelive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; 6077f80d69618_ci_session=72175a59f68f8d4dce264ae868aa5202847bf339; _ga_ZPDXJH8V7Q=GS1.1.1667937706.1.0.1667937706.0.0.0; _ga=GA1.1.254237680.1667937706
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 20:01:49 GMT
Server: Apache
Last-Modified: Tue, 01 Nov 2022 15:02:46 GMT
Accept-Ranges: bytes
Content-Length: 5178
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
thechoicelive.com/uploads/images/2022/11/image_600x460_636a50a030a1f.jpg
194.163.180.153200 OK 51 kB URL HTTP/1.1 thechoicelive.com/uploads/images/2022/11/image_600x460_636a50a030a1f.jpg
IP 194.163.180.153:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 600x460, components 3\012- data
Hash 56c313c807c49379d0d8eed73db13011
c362e0583e0c95c5b2d4b78ab19b859d37fcfd7a
7531b0aeedb79ff6485a8d3c8960155b0db0196a8b2c4ac937ebcced0c1e6876
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/images/2022/11/image_600x460_636a50a030a1f.jpg HTTP/1.1
Host: thechoicelive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; 6077f80d69618_ci_session=72175a59f68f8d4dce264ae868aa5202847bf339; _ga_ZPDXJH8V7Q=GS1.1.1667937706.1.0.1667937706.0.0.0; _ga=GA1.1.254237680.1667937706
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 20:01:49 GMT
Server: Apache
Last-Modified: Tue, 08 Nov 2022 12:50:40 GMT
Accept-Ranges: bytes
Content-Length: 51180
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash ec8b93692d2bc1822021c436019d515d
aa4b30802f6167f004bcae84b5ab86a2f92c5e40
21a41caa4636c24c1048a93cc0ea80a8ad41f9686f6a08f9a6e41e797e3e3b8c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3995
Cache-Control: max-age=123072
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 20:01:49 GMT
Etag: "6369e3d2-139"
Expires: Thu, 10 Nov 2022 06:13:01 GMT
Last-Modified: Tue, 08 Nov 2022 05:06:26 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 313
thechoicelive.com/uploads/images/2022/11/image_600x460_636a30985068b.jpg
194.163.180.153200 OK 61 kB URL HTTP/1.1 thechoicelive.com/uploads/images/2022/11/image_600x460_636a30985068b.jpg
IP 194.163.180.153:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 600x460, components 3\012- data
Hash 8301f857fd94d2e7f0b2fc27d67ad85e
92b0c01787bd73ae1615fbaef2d6cee850ccff80
d5e428d86f69bb389405d67b53f2938cfb5984a51368d1d965f3610208414d9a
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/images/2022/11/image_600x460_636a30985068b.jpg HTTP/1.1
Host: thechoicelive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; 6077f80d69618_ci_session=72175a59f68f8d4dce264ae868aa5202847bf339; _ga_ZPDXJH8V7Q=GS1.1.1667937706.1.0.1667937706.0.0.0; _ga=GA1.1.254237680.1667937706
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 20:01:49 GMT
Server: Apache
Last-Modified: Tue, 08 Nov 2022 10:34:00 GMT
Accept-Ranges: bytes
Content-Length: 61183
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17714
Expires: Wed, 09 Nov 2022 00:57:03 GMT
Date: Tue, 08 Nov 2022 20:01:49 GMT
Connection: keep-alive
thechoicelive.com/uploads/images/2022/11/image_600x460_636a7ee35c8d6.jpg
194.163.180.153200 OK 33 kB URL HTTP/1.1 thechoicelive.com/uploads/images/2022/11/image_600x460_636a7ee35c8d6.jpg
IP 194.163.180.153:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 600x460, components 3\012- data
Hash 7ae061ff425458de250fa2b10b97cb7a
c1abbfc4fe732285d515e52e04d48097345118f5
3d74081e3a9cdeee6378e3a5fd1bdf8b60791cb389f0dc1c24c8ab175070bf83
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/images/2022/11/image_600x460_636a7ee35c8d6.jpg HTTP/1.1
Host: thechoicelive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; 6077f80d69618_ci_session=72175a59f68f8d4dce264ae868aa5202847bf339; _ga_ZPDXJH8V7Q=GS1.1.1667937706.1.0.1667937706.0.0.0; _ga=GA1.1.254237680.1667937706
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 20:01:49 GMT
Server: Apache
Last-Modified: Tue, 08 Nov 2022 16:08:03 GMT
Accept-Ranges: bytes
Content-Length: 32987
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg
thechoicelive.com/uploads/images/2022/10/image_380x226_634a92e3d5b6f.jpg
194.163.180.153200 OK 13 kB URL HTTP/1.1 thechoicelive.com/uploads/images/2022/10/image_380x226_634a92e3d5b6f.jpg
IP 194.163.180.153:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 380x226, components 3\012- data
Hash d13018f22244613887e68c2ed7c15cf1
f2e36807196e387c0d37470ef0ddbe495a8125ca
58b3abaca2a8f9c7b036da96562016576ed557bff27690a0cc17dfec84502753
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/images/2022/10/image_380x226_634a92e3d5b6f.jpg HTTP/1.1
Host: thechoicelive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; 6077f80d69618_ci_session=72175a59f68f8d4dce264ae868aa5202847bf339; _ga_ZPDXJH8V7Q=GS1.1.1667937706.1.0.1667937706.0.0.0; _ga=GA1.1.254237680.1667937706
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 20:01:49 GMT
Server: Apache
Last-Modified: Sat, 15 Oct 2022 11:00:51 GMT
Accept-Ranges: bytes
Content-Length: 13276
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
syndication.twitter.com/settings?session_id=144480b491952f7d1dec9a3cdb1b5c7aa71bdb0f
104.244.42.200200 OK 375 B URL HTTP/2 syndication.twitter.com/settings?session_id=144480b491952f7d1dec9a3cdb1b5c7aa71bdb0f
IP 104.244.42.200:0
File type JSON data\012- , ASCII text, with very long lines (914), with no line terminators
Hash 22ba4030aabb3e3f64bbbcb1148617f0
2fc6418de8aeb4439351672d396dc8823b3e9357
db89caae1654117a1d9191db8633b6da5cde5deebf238bbd1800616cfc8f4254
GET /settings?session_id=144480b491952f7d1dec9a3cdb1b5c7aa71bdb0f HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://platform.twitter.com/
Origin: https://platform.twitter.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 08 Nov 2022 20:01:49 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: application/json; charset=utf-8
cache-control: must-revalidate, max-age=600
last-modified: Tue, 08 Nov 2022 20:01:49 GMT
content-length: 375
content-encoding: gzip
x-transaction-id: 62672ef2197b5983
strict-transport-security: max-age=631138519
access-control-allow-origin: https://platform.twitter.com
access-control-allow-credentials: true
x-response-time: 109
x-connection-hash: ff85a3d689787fd26a72c730c2cbf9f0d0647b1d79753f7ff1f92c6e4d813d97
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17714
Expires: Wed, 09 Nov 2022 00:57:03 GMT
Date: Tue, 08 Nov 2022 20:01:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17714
Expires: Wed, 09 Nov 2022 00:57:03 GMT
Date: Tue, 08 Nov 2022 20:01:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17714
Expires: Wed, 09 Nov 2022 00:57:03 GMT
Date: Tue, 08 Nov 2022 20:01:49 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3564993-11e9-4914-840f-9a1b924c950a.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3564993-11e9-4914-840f-9a1b924c950a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7884b85a4b30e918a0b44f73a301a78b
f7ae1b83a0199b76dd0d31a21db4072b867e4f37
9576f9ad95c958887de953dee72b267cd0ed7293ed62fb540df76a2d49fac035
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb3564993-11e9-4914-840f-9a1b924c950a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4527
x-amzn-requestid: c3be9447-c43a-48d6-9aef-c0999742886c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQA1GFN5IAMFaRw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697b53-3bb315de52dcf6114da9ad05;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:40:35 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: _nFA59k8ERwiA6Ct_pZJs0WkFuagosyyiOkeQc1PuWMcno-Lpz4UfA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 22:01:04 GMT
age: 79245
etag: "f7ae1b83a0199b76dd0d31a21db4072b867e4f37"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04c2a414-09eb-4daf-8bae-fe6a84f6406e.png
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04c2a414-09eb-4daf-8bae-fe6a84f6406e.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b64fcd58491917edfc8ffb57c1382cd0
edf97aab58dacd11fa52924b1382c2bf1ede5e55
a2c60a2f7780085b4643ab7f521fb6c858ca72c3170e6f3acd2250b9c3b14cc5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04c2a414-09eb-4daf-8bae-fe6a84f6406e.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12662
x-amzn-requestid: edaa58fb-c3eb-4af0-ad32-be8c7cf14421
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQAKLHSBoAMFsxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697a40-4c35cd455ff7a829756eeb56;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0hHTn8clg8Vivq9EZIW00ggF69akYfyHcnAgqGkdvydUzPYnQl0jeA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 21:40:30 GMT
age: 80479
etag: "edf97aab58dacd11fa52924b1382c2bf1ede5e55"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92bcf73f-5c71-47c9-824d-b8fa1f9af018.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92bcf73f-5c71-47c9-824d-b8fa1f9af018.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4ff4c1be0934222258267f7595f2ecde
5d51855ed7cc6f8cac53eef1730212eb70b28036
49ce70117f2b108ebcff7f8e0ac14b2583eaf6b36a10baff097b35b728ba44d9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92bcf73f-5c71-47c9-824d-b8fa1f9af018.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10781
x-amzn-requestid: c5063271-8b84-41d7-899c-958c135541c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQAwTF2cIAMF0DQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697b34-6b6018d826efae3e3738a7d9;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:40:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: tL667rmWZPwJrD76JI5jBbUa3oEwaLZc-A5omJ8WyQMzsxDgIXsQhg==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 22:11:08 GMT
etag: "5d51855ed7cc6f8cac53eef1730212eb70b28036"
content-type: image/jpeg
age: 78641
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8786d2a2-d21a-4bb6-916d-7fce27ea08f2.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8786d2a2-d21a-4bb6-916d-7fce27ea08f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 39446652ee66d20bd73df20f1a29589c
349ea78f3ad0f2f7376ba22e417226b2e06806d7
655a00944a319ba167e99b43055044cb18bc48d53605ff0d1b6c8b1ba8ee8237
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8786d2a2-d21a-4bb6-916d-7fce27ea08f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4737
x-amzn-requestid: ad230e08-9f4e-46cf-9a86-f8e013a1c498
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQBFkEhLIAMFq_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697bbd-7e8b686a23a84c5d473c9ef5;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:42:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FoOPmZEjC6nhw801dgqENVL-9-aC0pyFAF-fMS57XzQyfxck2GGUvA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 21:55:45 GMT
age: 79564
etag: "349ea78f3ad0f2f7376ba22e417226b2e06806d7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc57b3745-ae4a-4265-b3dd-286aed8be329.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc57b3745-ae4a-4265-b3dd-286aed8be329.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d22d633d497f2e25eab580a648c05434
8e549621e4182a257895a03db93e786bd86072a5
2263e6c2417c5a40885359d93939febbb9e94cef1c598b7ef95069d50275bf28
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc57b3745-ae4a-4265-b3dd-286aed8be329.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5978
x-amzn-requestid: e4cff3d7-86a7-44a8-8858-7c893c19e76c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQAVFHdWIAMFQZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697a86-60d1a8250e0017a3574a6642;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:37:10 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qSguV2gfEtxsoWSMifxQEbIAAqhUDgVom0IWauJEIrFoMA5f17J-GA==
via: 1.1 599f04a365a179d553682d476509c388.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 21:56:55 GMT
age: 79494
etag: "8e549621e4182a257895a03db93e786bd86072a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 6dc7dc5c-88e9-4550-abf0-f16965ab7cd3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bF_38GKXoAMFwSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636579cc-28ea4125437c31cc34683fb7;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 20:45:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Q0yZmbExDP4tH0n1n2qj_NR2Mv_y_dsO0LJ1RKZoS6Me-NLbhpUWqw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 09:08:56 GMT
age: 39173
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
thechoicelive.com/uploads/images/2022/11/image_600x460_636a2cb027194.jpg
194.163.180.153200 OK 54 kB URL HTTP/1.1 thechoicelive.com/uploads/images/2022/11/image_600x460_636a2cb027194.jpg
IP 194.163.180.153:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 600x460, components 3\012- data
Hash 264b66e8bad1f8891e29e7e43a97aef5
24433885b8f160812bdcd32f0781c7ffc8be21d9
0b9180a5ff25c3dcc60a5cf30883c565e4b82e1868c821d7e8b27a49e13f3061
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/images/2022/11/image_600x460_636a2cb027194.jpg HTTP/1.1
Host: thechoicelive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; 6077f80d69618_ci_session=72175a59f68f8d4dce264ae868aa5202847bf339; _ga_ZPDXJH8V7Q=GS1.1.1667937706.1.0.1667937706.0.0.0; _ga=GA1.1.254237680.1667937706
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 20:01:49 GMT
Server: Apache
Last-Modified: Tue, 08 Nov 2022 10:17:20 GMT
Accept-Ranges: bytes
Content-Length: 54003
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/jpeg
thechoicelive.com/uploads/images/2022/11/image_600x460_636a31d713344.jpg
194.163.180.153200 OK 82 kB URL HTTP/1.1 thechoicelive.com/uploads/images/2022/11/image_600x460_636a31d713344.jpg
IP 194.163.180.153:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 600x460, components 3\012- data
Hash ebc929de0cc2ab23167e030d8c88c5bc
07302de1334a972659ded7cd8c4b0b8ce2db742d
a1a51846f08f2c4394aef83e803b2a517c35c56431802f52ec53c5258bd82f25
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/images/2022/11/image_600x460_636a31d713344.jpg HTTP/1.1
Host: thechoicelive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; 6077f80d69618_ci_session=72175a59f68f8d4dce264ae868aa5202847bf339; _ga_ZPDXJH8V7Q=GS1.1.1667937706.1.0.1667937706.0.0.0; _ga=GA1.1.254237680.1667937706
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 20:01:49 GMT
Server: Apache
Last-Modified: Tue, 08 Nov 2022 10:39:19 GMT
Accept-Ranges: bytes
Content-Length: 82273
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/jpeg
thechoicelive.com/uploads/images/2022/11/image_600x460_636a26a7df794.jpg
194.163.180.153200 OK 60 kB URL HTTP/1.1 thechoicelive.com/uploads/images/2022/11/image_600x460_636a26a7df794.jpg
IP 194.163.180.153:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 600x460, components 3\012- data
Hash 95f44ebf467abf726544354459a3e0d9
2f9de8231232a4e574dc3e3212e9040bde951cbb
0a05009cb9aef63ac785476e37a4b69f96e4f44df0003f38528c7ab214e5b4b6
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/images/2022/11/image_600x460_636a26a7df794.jpg HTTP/1.1
Host: thechoicelive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; 6077f80d69618_ci_session=72175a59f68f8d4dce264ae868aa5202847bf339; _ga_ZPDXJH8V7Q=GS1.1.1667937706.1.0.1667937706.0.0.0; _ga=GA1.1.254237680.1667937706
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 20:01:49 GMT
Server: Apache
Last-Modified: Tue, 08 Nov 2022 09:51:36 GMT
Accept-Ranges: bytes
Content-Length: 59801
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/jpeg
thechoicelive.com/uploads/images/2022/11/image_600x460_636a11ab48350.jpg
194.163.180.153200 OK 115 kB URL HTTP/1.1 thechoicelive.com/uploads/images/2022/11/image_600x460_636a11ab48350.jpg
IP 194.163.180.153:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 600x460, components 3\012- data
Size 115 kB (115128 bytes)
Hash d2ee8162cb3f5c221d7b257075ae7419
97ebdd7e870ea28a48e0fafc65d3980376cad410
26855a1f732c46b3d59275d1d44a097a8b0cbeec24d588ba37e16928ea8f467e
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/images/2022/11/image_600x460_636a11ab48350.jpg HTTP/1.1
Host: thechoicelive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; 6077f80d69618_ci_session=72175a59f68f8d4dce264ae868aa5202847bf339; _ga_ZPDXJH8V7Q=GS1.1.1667937706.1.0.1667937706.0.0.0; _ga=GA1.1.254237680.1667937706
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 20:01:49 GMT
Server: Apache
Last-Modified: Tue, 08 Nov 2022 08:22:03 GMT
Accept-Ranges: bytes
Content-Length: 115128
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: image/jpeg
thechoicelive.com/uploads/images/2022/11/image_600x460_63690f274764d.jpg
194.163.180.153200 OK 70 kB URL HTTP/1.1 thechoicelive.com/uploads/images/2022/11/image_600x460_63690f274764d.jpg
IP 194.163.180.153:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 600x460, components 3\012- data
Hash c47f1ce395a2fe703dfe622ea8440647
80df8bec3c18141adaca1318ef6c9c7d90ea342b
0ff80db44c6bb502357b946d202b8f07443b3eebc1db0f619fabbb0553c8d871
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/images/2022/11/image_600x460_63690f274764d.jpg HTTP/1.1
Host: thechoicelive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; 6077f80d69618_ci_session=72175a59f68f8d4dce264ae868aa5202847bf339; _ga_ZPDXJH8V7Q=GS1.1.1667937706.1.0.1667937706.0.0.0; _ga=GA1.1.254237680.1667937706
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 20:01:49 GMT
Server: Apache
Last-Modified: Mon, 07 Nov 2022 13:59:03 GMT
Accept-Ranges: bytes
Content-Length: 69686
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: image/jpeg
thechoicelive.com/uploads/images/2022/11/image_600x460_6369022b36b32.jpg
194.163.180.153200 OK 50 kB URL HTTP/1.1 thechoicelive.com/uploads/images/2022/11/image_600x460_6369022b36b32.jpg
IP 194.163.180.153:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 600x460, components 3\012- data
Hash bf04ee7327277196c58796b16a5503d2
1a57d2f47bc1a12085e720c43dc6822987005709
056608b331aa885f23473f729b224bdd6d4d0b980cca098327a61600e804a562
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/images/2022/11/image_600x460_6369022b36b32.jpg HTTP/1.1
Host: thechoicelive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; 6077f80d69618_ci_session=72175a59f68f8d4dce264ae868aa5202847bf339; _ga_ZPDXJH8V7Q=GS1.1.1667937706.1.0.1667937706.0.0.0; _ga=GA1.1.254237680.1667937706
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 20:01:49 GMT
Server: Apache
Last-Modified: Mon, 07 Nov 2022 13:03:39 GMT
Accept-Ranges: bytes
Content-Length: 49805
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: image/jpeg
thechoicelive.com/uploads/images/2022/11/image_600x460_6368fb00e79dd.jpg
194.163.180.153200 OK 29 kB URL HTTP/1.1 thechoicelive.com/uploads/images/2022/11/image_600x460_6368fb00e79dd.jpg
IP 194.163.180.153:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 600x460, components 3\012- data
Hash 03781601dae54edd68ade1c02ef1dcba
634384de8d4cce1142e302cc50f36e001063ce1f
a5ea532a5317dd87209e4febe48998b0d77ace16a1db1b2772a7f9e3ad452c58
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/images/2022/11/image_600x460_6368fb00e79dd.jpg HTTP/1.1
Host: thechoicelive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; 6077f80d69618_ci_session=72175a59f68f8d4dce264ae868aa5202847bf339; _ga_ZPDXJH8V7Q=GS1.1.1667937706.1.0.1667937706.0.0.0; _ga=GA1.1.254237680.1667937706
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 20:01:49 GMT
Server: Apache
Last-Modified: Mon, 07 Nov 2022 12:33:04 GMT
Accept-Ranges: bytes
Content-Length: 29238
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: image/jpeg
thechoicelive.com/uploads/images/2022/11/image_600x460_6368f0ed9dee4.jpg
194.163.180.153200 OK 51 kB URL HTTP/1.1 thechoicelive.com/uploads/images/2022/11/image_600x460_6368f0ed9dee4.jpg
IP 194.163.180.153:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 600x460, components 3\012- data
Hash 7dd4d7c916e5cf0751efed0c7350ce07
76ce148466d6ebc903175ce5cccbfd2f086de44b
c127a019412431438aa086100e601225bea952ed774f0c9af2f896f007dd499a
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/images/2022/11/image_600x460_6368f0ed9dee4.jpg HTTP/1.1
Host: thechoicelive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; 6077f80d69618_ci_session=72175a59f68f8d4dce264ae868aa5202847bf339; _ga_ZPDXJH8V7Q=GS1.1.1667937706.1.0.1667937706.0.0.0; _ga=GA1.1.254237680.1667937706
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 20:01:50 GMT
Server: Apache
Last-Modified: Mon, 07 Nov 2022 11:50:05 GMT
Accept-Ranges: bytes
Content-Length: 50595
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: image/jpeg
thechoicelive.com/uploads/images/2022/11/image_600x460_6368b6179b721.jpg
194.163.180.153200 OK 45 kB URL HTTP/1.1 thechoicelive.com/uploads/images/2022/11/image_600x460_6368b6179b721.jpg
IP 194.163.180.153:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 600x460, components 3\012- data
Hash aa01d2897e21fead7510b1427b19ace1
5eef257fc252fc31cfe789d692fd741233418225
4eddbb96ed8c781b094dd1ab36542f04ff9d8ed3e4ed107c7813c78caa2941d0
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/images/2022/11/image_600x460_6368b6179b721.jpg HTTP/1.1
Host: thechoicelive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; 6077f80d69618_ci_session=72175a59f68f8d4dce264ae868aa5202847bf339; _ga_ZPDXJH8V7Q=GS1.1.1667937706.1.0.1667937706.0.0.0; _ga=GA1.1.254237680.1667937706
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 20:01:50 GMT
Server: Apache
Last-Modified: Mon, 07 Nov 2022 07:39:03 GMT
Accept-Ranges: bytes
Content-Length: 44556
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive
Content-Type: image/jpeg
region1.google-analytics.com/g/collect?v=2&tid=G-ZPDXJH8V7Q>m=2oeb20&_p=253065151&cid=254237680.1667937706&ul=en-us&sr=1280x1024&_s=1&sid=1667937706&sct=1&seg=0&dl=https%3A%2F%2Fthechoicelive.com%2F&dt=the%20choice%20live%20-%20Thechoicelive%20Entertainment%20Daily%20news%20Updates&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-ZPDXJH8V7Q>m=2oeb20&_p=253065151&cid=254237680.1667937706&ul=en-us&sr=1280x1024&_s=1&sid=1667937706&sct=1&seg=0&dl=https%3A%2F%2Fthechoicelive.com%2F&dt=the%20choice%20live%20-%20Thechoicelive%20Entertainment%20Daily%20news%20Updates&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-ZPDXJH8V7Q>m=2oeb20&_p=253065151&cid=254237680.1667937706&ul=en-us&sr=1280x1024&_s=1&sid=1667937706&sct=1&seg=0&dl=https%3A%2F%2Fthechoicelive.com%2F&dt=the%20choice%20live%20-%20Thechoicelive%20Entertainment%20Daily%20news%20Updates&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://thechoicelive.com
Connection: keep-alive
Referer: https://thechoicelive.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://thechoicelive.com
date: Tue, 08 Nov 2022 20:01:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
thechoicelive.com/uploads/images/2022/11/image_600x460_63680085dab68.jpg
194.163.180.153200 OK 34 kB URL HTTP/1.1 thechoicelive.com/uploads/images/2022/11/image_600x460_63680085dab68.jpg
IP 194.163.180.153:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 600x460, components 3\012- data
Hash 30e2851a878ab103e185449335044c1a
3b990037ab470d95965d7a5be40305ebe0a4e805
11d168ba829381f72e5c368f7f809976e3b5c3cf3e6eca7c9ecd5774d93f7fba
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/images/2022/11/image_600x460_63680085dab68.jpg HTTP/1.1
Host: thechoicelive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; 6077f80d69618_ci_session=72175a59f68f8d4dce264ae868aa5202847bf339; _ga_ZPDXJH8V7Q=GS1.1.1667937706.1.0.1667937706.0.0.0; _ga=GA1.1.254237680.1667937706
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 20:01:50 GMT
Server: Apache
Last-Modified: Sun, 06 Nov 2022 18:44:21 GMT
Accept-Ranges: bytes
Content-Length: 33959
Keep-Alive: timeout=5, max=82
Connection: Keep-Alive
Content-Type: image/jpeg
thechoicelive.com/uploads/images/2022/11/image_600x460_6367dc81b85c8.jpg
194.163.180.153200 OK 65 kB URL HTTP/1.1 thechoicelive.com/uploads/images/2022/11/image_600x460_6367dc81b85c8.jpg
IP 194.163.180.153:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 600x460, components 3\012- data
Hash 17ef55a3c2176d0861af1162c6d37063
f1f9e2654a66e29a977bf5dc9dc996b5ac026ba6
87b98193b16969efef631ed09d12c49f0d691bd4415a2e4703d8cede66031a1e
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/images/2022/11/image_600x460_6367dc81b85c8.jpg HTTP/1.1
Host: thechoicelive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; 6077f80d69618_ci_session=72175a59f68f8d4dce264ae868aa5202847bf339; _ga_ZPDXJH8V7Q=GS1.1.1667937706.1.0.1667937706.0.0.0; _ga=GA1.1.254237680.1667937706
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 20:01:50 GMT
Server: Apache
Last-Modified: Sun, 06 Nov 2022 16:10:41 GMT
Accept-Ranges: bytes
Content-Length: 65109
Keep-Alive: timeout=5, max=81
Connection: Keep-Alive
Content-Type: image/jpeg
thechoicelive.com/uploads/images/2022/11/image_600x460_636a443e73d2d.jpg
194.163.180.153200 OK 84 kB URL HTTP/1.1 thechoicelive.com/uploads/images/2022/11/image_600x460_636a443e73d2d.jpg
IP 194.163.180.153:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 600x460, components 3\012- data
Hash d97182fc6ad814785ea1339e75884c3f
08fc63837cc6c697a3b8a12bf02989437b6daaad
19db16a987637d0f7ed5a7dab2f8f48eeb06d71caa5c312ec7e247eb7fe6e0c7
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/images/2022/11/image_600x460_636a443e73d2d.jpg HTTP/1.1
Host: thechoicelive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; 6077f80d69618_ci_session=72175a59f68f8d4dce264ae868aa5202847bf339; _ga_ZPDXJH8V7Q=GS1.1.1667937706.1.0.1667937706.0.0.0; _ga=GA1.1.254237680.1667937706
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 20:01:50 GMT
Server: Apache
Last-Modified: Tue, 08 Nov 2022 11:57:50 GMT
Accept-Ranges: bytes
Content-Length: 84483
Keep-Alive: timeout=5, max=80
Connection: Keep-Alive
Content-Type: image/jpeg
thechoicelive.com/uploads/images/2022/11/image_600x460_63676b8d963db.jpg
194.163.180.153200 OK 41 kB URL HTTP/1.1 thechoicelive.com/uploads/images/2022/11/image_600x460_63676b8d963db.jpg
IP 194.163.180.153:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 600x460, components 3\012- data
Hash c4bc6682568115cd302a58296ace3a59
baf14f2027760c46335d749c4d7e1a1ef2a75793
e131d05d2553d9b46062871ab49d24432f5c41455a425aaa9bd336bbe3b7a66d
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/images/2022/11/image_600x460_63676b8d963db.jpg HTTP/1.1
Host: thechoicelive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; 6077f80d69618_ci_session=72175a59f68f8d4dce264ae868aa5202847bf339; _ga_ZPDXJH8V7Q=GS1.1.1667937706.1.0.1667937706.0.0.0; _ga=GA1.1.254237680.1667937706
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 20:01:50 GMT
Server: Apache
Last-Modified: Sun, 06 Nov 2022 08:08:45 GMT
Accept-Ranges: bytes
Content-Length: 41008
Keep-Alive: timeout=5, max=79
Connection: Keep-Alive
Content-Type: image/jpeg
valwallet.com/home/ctrlUp
197.243.22.80200 OK 4.7 kB URL HTTP/1.1 valwallet.com/home/ctrlUp
IP 197.243.22.80:0
ASN #37228 Olleh-Rwanda-Networks
File type JSON data\012- , ASCII text, with very long lines (4690), with no line terminators
Hash 2193b7b2ca94035358a75aedc7681ccd
778626de26ef0f91fa367a9eb265e1629d2457ab
23ab6eb4c4def02eadb463bc42adae4cf4325dd9eb4f86e962b742ed34b2d77c
POST /home/ctrlUp HTTP/1.1
Host: valwallet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 73
Origin: https://thechoicelive.com
Connection: keep-alive
Referer: https://thechoicelive.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 20:01:49 GMT
Server: Apache/2.4.53 (Unix) OpenSSL/1.1.1o PHP/7.4.29 mod_perl/2.0.12 Perl/v5.34.1
X-Powered-By: PHP/7.4.29
Access-Control-Allow-Origin: *
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Connection: keep-alive, Keep-Alive
P3P: policyref="/w3c/p3p.xml", CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: PHPSESSID=a120220d5ece4fe015c6aabbfe8b731a; path=/;Secure;SameSite=None
Content-Length: 4690
Keep-Alive: timeout=5, max=100
Content-Type: text/html; charset=UTF-8
thechoicelive.com/uploads/images/2022/11/image_600x460_6365e9100a451.jpg
194.163.180.153200 OK 45 kB URL HTTP/1.1 thechoicelive.com/uploads/images/2022/11/image_600x460_6365e9100a451.jpg
IP 194.163.180.153:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 600x460, components 3\012- data
Hash a19e1c3f6054db04eace73fac4c730fc
8623a3c49740ee0e9ec2140b41ca40cc47717af2
c7d0796ffa4442ba3edf5c25b4cbc6df0d0f9262dc8215c54fac461244f17f7c
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/images/2022/11/image_600x460_6365e9100a451.jpg HTTP/1.1
Host: thechoicelive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; 6077f80d69618_ci_session=72175a59f68f8d4dce264ae868aa5202847bf339; _ga_ZPDXJH8V7Q=GS1.1.1667937706.1.0.1667937706.0.0.0; _ga=GA1.1.254237680.1667937706
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 20:01:50 GMT
Server: Apache
Last-Modified: Sat, 05 Nov 2022 04:39:44 GMT
Accept-Ranges: bytes
Content-Length: 45364
Keep-Alive: timeout=5, max=78
Connection: Keep-Alive
Content-Type: image/jpeg
platform.twitter.com/js/horizon_timeline.5b32f06df3f1186af2ebf11024b09726.js
93.184.220.66200 OK 3.0 kB URL HTTP/1.1 platform.twitter.com/js/horizon_timeline.5b32f06df3f1186af2ebf11024b09726.js
IP 93.184.220.66:0
File type Unicode text, UTF-8 text, with very long lines (8274), with no line terminators
Hash 9dcf6c8cba8fe3e8cb99b94ee63af2d5
ec132eb470954fdf2ff629d8344942b47ce4a5d1
2783e866faf68e4f6bc1775136ac1fa7b05d4adc7522f350763eb09a0e91b80d
GET /js/horizon_timeline.5b32f06df3f1186af2ebf11024b09726.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 510057
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 08 Nov 2022 20:01:50 GMT
Etag: "be517337a860b30e72096680d8dde0eb+gzip"
Last-Modified: Wed, 02 Nov 2022 19:36:52 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71C)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 2977
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 5c4c9c21e826ed9dd1520ac96dea393c
106bc7d84ae02a77a4006f2cae1cf7b5093d36c0
1201a34924da1af919077623ac06926d89f890b33b843d30e1e129fee007783f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 20:01:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 6e8ee97ec58f7d2991905f88bd3a463f
b87a69e7b938d01a4ac7d74ec69bffb4051695f0
1fe031e258c6a541e040de89c4ebcdfd9ddf78d391f77e858b44aef18469373d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 20:01:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.facebook.com/plugins/page.php?href=https%3A%2F%2Fweb.facebook.com%2FDeChoiceLive&tabs=timeline&width=500&height=832px&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=true&appId=3483550675017816
31.13.72.36200 OK 15 kB URL HTTP/2 www.facebook.com/plugins/page.php?href=https%3A%2F%2Fweb.facebook.com%2FDeChoiceLive&tabs=timeline&width=500&height=832px&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=true&appId=3483550675017816
IP 31.13.72.36:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (18761)
Hash e7ab07677c3d080dc907e0dada3bcba4
8af4dc60b8c60da115a07c1366627da5d6e338b9
7b43282423ea411ef923c0481ce27e358741b273bbc42447ae9471c8be433333
GET /plugins/page.php?href=https%3A%2F%2Fweb.facebook.com%2FDeChoiceLive&tabs=timeline&width=500&height=832px&small_header=false&adapt_container_width=false&hide_cover=false&show_facepile=true&appId=3483550675017816 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: jYdEs4K7JsskCQEQiINcvX9q8kZU7rdiFCKZ6rLWqRc7qTGy6d1lSoojINsH5QZO4AvFpiv196yBM+VpXdz62g==
date: Tue, 08 Nov 2022 20:01:48 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
img.youtube.com/vi/BgumAcdxXN4/maxresdefault.jpg
216.58.207.238200 OK 79 kB URL HTTP/2 img.youtube.com/vi/BgumAcdxXN4/maxresdefault.jpg
IP 216.58.207.238:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Hash b5e3780ad7f55da97fd7ec1773c55bd8
38848ef01773d66bd608abc7ad9f81e5592ad165
3b6709eea1d1ceb5a4ea98a9da5b55c8ff2a61d105fcddbf6676f64a7006dd51
GET /vi/BgumAcdxXN4/maxresdefault.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 79276
date: Tue, 08 Nov 2022 20:01:50 GMT
expires: Tue, 08 Nov 2022 22:01:50 GMT
cache-control: public, max-age=7200
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img.youtube.com/vi/JTCBNeWMFJE/maxresdefault.jpg
216.58.207.238200 OK 149 kB URL HTTP/2 img.youtube.com/vi/JTCBNeWMFJE/maxresdefault.jpg
IP 216.58.207.238:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x720, components 3\012- data
Size 149 kB (149128 bytes)
Hash eae9fa3d5737f7174725e4e93bcf6ac5
0e958f844fd43dd7bb7278d0f5660f28eac42781
a6f68233548bfc05d321d7243a9fed31664cb850b52a47d7c5245b4271789af2
GET /vi/JTCBNeWMFJE/maxresdefault.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 149128
date: Tue, 08 Nov 2022 20:01:50 GMT
expires: Tue, 08 Nov 2022 22:01:50 GMT
cache-control: public, max-age=7200
etag: "1665738537"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 6e8ee97ec58f7d2991905f88bd3a463f
b87a69e7b938d01a4ac7d74ec69bffb4051695f0
1fe031e258c6a541e040de89c4ebcdfd9ddf78d391f77e858b44aef18469373d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 20:01:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 1c975506424285364325f5eb663d128a
6ecbd857efebab27ac72eabf343cd63a2ca9ff1a
49eb802740dd43777f877dced58c6e299fdf14fd0df4ab4bd0bd61be647fbcd5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=171453
Date: Tue, 08 Nov 2022 20:01:50 GMT
Etag: "636a9c2e-1d7"
Expires: Thu, 10 Nov 2022 19:39:23 GMT
Last-Modified: Tue, 08 Nov 2022 18:13:02 GMT
Server: ECS (dcb/7EA5)
X-Cache: Miss from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: nuwDaqw6NnkEDpafqnA8Qz1TcMEMX7FYbw0K5o41_WysjwO98FN_wQ==
Age: 5181
l.sharethis.com/pview?event=pview&hostname=thechoicelive.com&location=%2F&product=inline-share-buttons&url=https%3A%2F%2Fthechoicelive.com%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=the%20choice%20live%20-%20Thechoicelive%20Entertainment%20Daily%20news%20Updates&cms=unknown&publisher=631a21be0b5e930012a9c53e&sop=true&version=st_sop.js&lang=en&description=the%20choice%20live
18.159.181.215204 No Content 0 B URL HTTP/1.1 l.sharethis.com/pview?event=pview&hostname=thechoicelive.com&location=%2F&product=inline-share-buttons&url=https%3A%2F%2Fthechoicelive.com%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=the%20choice%20live%20-%20Thechoicelive%20Entertainment%20Daily%20news%20Updates&cms=unknown&publisher=631a21be0b5e930012a9c53e&sop=true&version=st_sop.js&lang=en&description=the%20choice%20live
IP 18.159.181.215:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pview?event=pview&hostname=thechoicelive.com&location=%2F&product=inline-share-buttons&url=https%3A%2F%2Fthechoicelive.com%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=the%20choice%20live%20-%20Thechoicelive%20Entertainment%20Daily%20news%20Updates&cms=unknown&publisher=631a21be0b5e930012a9c53e&sop=true&version=st_sop.js&lang=en&description=the%20choice%20live HTTP/1.1
Host: l.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://thechoicelive.com
Connection: keep-alive
Referer: https://thechoicelive.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: *
Access-Control-Allow-Origin: https://thechoicelive.com
Access-Control-Expose-Headers: stid
Access-Control-Max-Age: 1728000
Cache-Control: no-cache, no-store, must-revalidate
Date: Tue, 08 Nov 2022 20:01:50 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
adservice.google.com/adsid/integrator.js?domain=thechoicelive.com
216.58.207.226200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=thechoicelive.com
IP 216.58.207.226:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=thechoicelive.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 08 Nov 2022 20:01:50 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 01c1a1367e530a799bcaee7de89eefee
19d2450df87f1f3bb1c94e6e0bafbd60c7aead00
79cce6506b30bd3c699a700851db3254c2b909e559c54408b7d254b8e50003e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 20:01:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=thechoicelive.com
142.250.74.130200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=thechoicelive.com
IP 142.250.74.130:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=thechoicelive.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 08 Nov 2022 20:01:50 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 01c1a1367e530a799bcaee7de89eefee
19d2450df87f1f3bb1c94e6e0bafbd60c7aead00
79cce6506b30bd3c699a700851db3254c2b909e559c54408b7d254b8e50003e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 20:01:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash ff9250ea20a11144fc64ba1aef0d6038
1c8cd930f69bbbbfd41df5b4e233ab68c21c515a
9932df914824074b793c7c42ba250eddcbb47ab3bbdd5d997a49b71df5a82c25
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 20:01:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.xx.fbcdn.net/rsrc.php/v3/yM/r/WNuD0ewp6xQ.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 517 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yM/r/WNuD0ewp6xQ.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
Hash ccb0b92bf015fb765537c83a882b90ab
26bcdcb4b77612fad9cb0cb3f00a717fb151995d
eeb700bdf88f0ec10404abe03fc2d15af6a15c66088453251b06126ec1311481
GET /rsrc.php/v3/yM/r/WNuD0ewp6xQ.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 08 Nov 2023 01:32:04 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: JzX28Tqw5o1dIWUOjXbZDQ==
x-fb-debug: bC5+aa5Je0InC3pf1rVrCdTR4TP6lFHLdvrsN0ce1Cc3jv3cHGvzYTQToVx8+qOeVfHGmJ0JfNlleTuHo1Q+uQ==
content-length: 91137
x-fb-trip-id: 1904183273
date: Tue, 08 Nov 2022 20:01:49 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
partner.googleadservices.com/gampad/cookie.js?domain=thechoicelive.com&callback=_gfp_s_&client=ca-pub-2549062725428932&gpid_exp=1
172.217.21.162200 OK 252 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=thechoicelive.com&callback=_gfp_s_&client=ca-pub-2549062725428932&gpid_exp=1
IP 172.217.21.162:0
File type ASCII text, with very long lines (401), with no line terminators
Hash 7a68be6493e577b645391c996155b7ff
0a574099b068812d63943eb3064fb1b6978f5335
02e8e8418e4353ba7b9bbcc0a061290dc33872e23ef3fd5fdfd90b85feef0130
GET /gampad/cookie.js?domain=thechoicelive.com&callback=_gfp_s_&client=ca-pub-2549062725428932&gpid_exp=1 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Tue, 08 Nov 2022 20:01:50 GMT
server: cafe
cache-control: private
content-length: 252
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash ff9250ea20a11144fc64ba1aef0d6038
1c8cd930f69bbbbfd41df5b4e233ab68c21c515a
9932df914824074b793c7c42ba250eddcbb47ab3bbdd5d997a49b71df5a82c25
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 20:01:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
syndication.twitter.com/srv/timeline-profile/screen-name/thechoice_live?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=850px&origin=https%3A%2F%2Fthechoicelive.com%2F&sessionId=144480b491952f7d1dec9a3cdb1b5c7aa71bdb0f&showHeader=true&showReplies=false&siteScreenName=The%20choice%20live&transparent=false&widgetsVersion=a3525f077c700%3A1667415560940
104.244.42.200200 OK 12 kB URL HTTP/2 syndication.twitter.com/srv/timeline-profile/screen-name/thechoice_live?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=850px&origin=https%3A%2F%2Fthechoicelive.com%2F&sessionId=144480b491952f7d1dec9a3cdb1b5c7aa71bdb0f&showHeader=true&showReplies=false&siteScreenName=The%20choice%20live&transparent=false&widgetsVersion=a3525f077c700%3A1667415560940
IP 104.244.42.200:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (65370), with no line terminators
Hash d8f8e2181c9ce4f2a87d833b446ac8e2
59dd842b345123b2ba9e1ac45cab5314105ebc3e
f57498718dbec90fce67a867991e1915ae125729e38ed0d7471df1a796880242
GET /srv/timeline-profile/screen-name/thechoice_live?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=850px&origin=https%3A%2F%2Fthechoicelive.com%2F&sessionId=144480b491952f7d1dec9a3cdb1b5c7aa71bdb0f&showHeader=true&showReplies=false&siteScreenName=The%20choice%20live&transparent=false&widgetsVersion=a3525f077c700%3A1667415560940 HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 08 Nov 2022 20:01:50 GMT
etag: "19e28-psTPtz1IRIpMQctYJ3KdFODK+kA"
perf: 7626143928
server: tsa_o
content-type: text/html; charset=utf-8
cache-control: must-revalidate, max-age=60
x-transaction-id: cf2d5fa52e9ee339
x-xss-protection: 0
strict-transport-security: max-age=631138519
content-encoding: gzip
content-length: 11932
x-response-time: 652
x-connection-hash: ff85a3d689787fd26a72c730c2cbf9f0d0647b1d79753f7ff1f92c6e4d813d97
X-Firefox-Spdy: h2
platform.twitter.com/_next/static/chunks/runtime-a148fbcbc5efcd91d3a7.js
93.184.220.66200 OK 2.1 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/runtime-a148fbcbc5efcd91d3a7.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (3835), with no line terminators
Hash a7a94df486e306b619ab921142d234e2
1386bcf32860c146b6b7d912b92a540662cc7361
f4de548de8d166e7872adeefa8e8345f952b9001b40ca56622cd40033a34bf22
GET /_next/static/chunks/runtime-a148fbcbc5efcd91d3a7.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 432784
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 08 Nov 2022 20:01:51 GMT
Etag: "581beb14123ea389fe5c0fe24167fe0a+gzip"
Last-Modified: Thu, 03 Nov 2022 19:46:26 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71B)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 2097
platform.twitter.com/_next/static/chunks/modules.c7def0268c66f6a548ed.js
93.184.220.66200 OK 96 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/modules.c7def0268c66f6a548ed.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 12bea7ea22b3c50f7f37f5e605e78430
5e7542f91bcaab2eb202fc8b19f53f1d009bc199
67cf3d50c902dfdf90bcf12de4d3f32d23d2547e9e90566a9a41f95db671fad9
GET /_next/static/chunks/modules.c7def0268c66f6a548ed.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 510057
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 08 Nov 2022 20:01:51 GMT
Etag: "51acddf0dbfab928b183f36c1ee67619+gzip"
Last-Modified: Wed, 28 Sep 2022 17:24:15 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F70E)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 95749
platform.twitter.com/_next/static/chunks/main-e9db78f5e7b3d83edd5e.js
93.184.220.66200 OK 90 B URL HTTP/1.1 platform.twitter.com/_next/static/chunks/main-e9db78f5e7b3d83edd5e.js
IP 93.184.220.66:0
File type ASCII text, with no line terminators
Hash 8e33207e7b788da9abde5b6d33da0b00
23e48f1b412b3a0a406639f297fb6f4c4740efe8
80534a6e1ec41d37acec8be383f8d1112dbbeea31dd51ead47463095c13bff3a
GET /_next/static/chunks/main-e9db78f5e7b3d83edd5e.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 510058
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 08 Nov 2022 20:01:51 GMT
Etag: "8e33207e7b788da9abde5b6d33da0b00"
Last-Modified: Wed, 28 Sep 2022 17:24:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71A)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 90
platform.twitter.com/_next/static/chunks/pages/_app-446fb4a338b215deec8c.js
93.184.220.66200 OK 668 B URL HTTP/1.1 platform.twitter.com/_next/static/chunks/pages/_app-446fb4a338b215deec8c.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (1338), with no line terminators
Hash 79fd032d8d5d9fa6b966e0a2b0e5a3e1
092828885b8721858c80381d92622760aa6b2188
d08463c097b4b77e9db4acb6fdf01a44f3b80db66cd368c76185a363c9bf0863
GET /_next/static/chunks/pages/_app-446fb4a338b215deec8c.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 510058
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 08 Nov 2022 20:01:51 GMT
Etag: "be3e428d416daa9027cecf70b5f26bf9+gzip"
Last-Modified: Wed, 28 Sep 2022 17:24:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 668
platform.twitter.com/_next/static/chunks/pages/timeline-profile/screen-name/%5BscreenName%5D-c8b4c96951cf24f547b4.js
93.184.220.66200 OK 1.3 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/pages/timeline-profile/screen-name/%5BscreenName%5D-c8b4c96951cf24f547b4.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (13043), with no line terminators
Hash 9a40466b77e5f5f4a525cf508afee546
410eb7a6ee4ee31950b33844fd21efcc8850e3e0
aae2810ee062cd3d5a1d770d2f1b287c84d5ae6276c90914ab21c9cce6686538
GET /_next/static/chunks/pages/timeline-profile/screen-name/%5BscreenName%5D-c8b4c96951cf24f547b4.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 510057
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 08 Nov 2022 20:01:51 GMT
Etag: "1efc61e416c7f4f293501e877fbec836+gzip"
Last-Modified: Wed, 28 Sep 2022 17:24:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F714)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 1285
platform.twitter.com/_next/static/octaUlqc-A_Am4qAPnvU1/_buildManifest.js
93.184.220.66200 OK 414 B URL HTTP/1.1 platform.twitter.com/_next/static/octaUlqc-A_Am4qAPnvU1/_buildManifest.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (1208), with no line terminators
Hash 19e50b016c2418a8b7178a219a9fe03d
68c691a19558f28e9111b35f0c0f182addd31e3f
ff39afa732cf28797d8c7d8170b9e4dcc5ab8bcbd688b44be3dc0d82a5b3bbe4
GET /_next/static/octaUlqc-A_Am4qAPnvU1/_buildManifest.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 432784
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 08 Nov 2022 20:01:51 GMT
Etag: "12a5a08767706f15b6b316996cd057c1+gzip"
Last-Modified: Thu, 03 Nov 2022 19:46:26 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F70D)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 414
platform.twitter.com/_next/static/octaUlqc-A_Am4qAPnvU1/_ssgManifest.js
93.184.220.66200 OK 76 B URL HTTP/1.1 platform.twitter.com/_next/static/octaUlqc-A_Am4qAPnvU1/_ssgManifest.js
IP 93.184.220.66:0
File type ASCII text, with no line terminators
Hash abee47769bf307639ace4945f9cfd4ff
c0a0dc51ee8a2852baf5ff30c33b1478ff302585
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479
GET /_next/static/octaUlqc-A_Am4qAPnvU1/_ssgManifest.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 432783
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 08 Nov 2022 20:01:51 GMT
Etag: "abee47769bf307639ace4945f9cfd4ff"
Last-Modified: Thu, 03 Nov 2022 19:46:26 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F716)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 76
platform.twitter.com/_next/static/chunks/13.65c62863b5d1aec3d279.js
93.184.220.66200 OK 12 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/13.65c62863b5d1aec3d279.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (38097), with no line terminators
Hash 6f1f49e728d9b878cfa056a239c32cb1
43e501c9bcafe56b859f414521ae48e8d81ce658
39392ba895d16fed8dda86e09ab0ae9f443895fda3036f50384308e59b5e98bc
GET /_next/static/chunks/13.65c62863b5d1aec3d279.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 432783
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 08 Nov 2022 20:01:51 GMT
Etag: "03a11df781dcaecf36e41e0b44708344+gzip"
Last-Modified: Thu, 03 Nov 2022 19:46:26 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71C)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 12015
platform.twitter.com/_next/static/chunks/2.691622e4391d1973cb65.js
93.184.220.66200 OK 7.7 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/2.691622e4391d1973cb65.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (23122), with no line terminators
Hash 47db702890e40ec11a744a885b6724b9
8ad88841d05dc05ce69ee8d430728214dd82e981
c8f11861cf29a4bc87a1f04f8add61885cc2627e6fd35a0ad12c48acddbaecb6
GET /_next/static/chunks/2.691622e4391d1973cb65.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 510058
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 08 Nov 2022 20:01:51 GMT
Etag: "942b5b928a24465d1906b4716131d896+gzip"
Last-Modified: Wed, 28 Sep 2022 17:24:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F712)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 7674
platform.twitter.com/_next/static/chunks/4.87a72bcd1cc186518122.js
93.184.220.66200 OK 1.3 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/4.87a72bcd1cc186518122.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (2558), with no line terminators
Hash 385597e7610afe03d76680534f29c35d
12280b5eef389f1e5a45b2b6ff7b21d1ca0b2f8f
ba66755ab4b673c2c028ddc2540308742f6287ae47243b6424df833c4ccd1be3
GET /_next/static/chunks/4.87a72bcd1cc186518122.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 432782
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 08 Nov 2022 20:01:51 GMT
Etag: "ff2a4a029f711ed6f7dcb3f1f834609a+gzip"
Last-Modified: Thu, 03 Nov 2022 19:46:26 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F717)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 1276
platform.twitter.com/_next/static/chunks/0.ad6e60829dfc07776f5e.js
93.184.220.66200 OK 187 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/0.ad6e60829dfc07776f5e.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 187 kB (187307 bytes)
Hash 0c9586da0105e26c179e1576b6ee4d4f
a6d8cd227714e168c5bde33c28114aa2a08bdd8c
03ece567f7bdc643d0f3cd1d64b35a2e09bf711667df1439b3a2a8a8cff308db
GET /_next/static/chunks/0.ad6e60829dfc07776f5e.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 432783
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 08 Nov 2022 20:01:51 GMT
Etag: "f8a649284ac45133fc2c0b92defbd7b3+gzip"
Last-Modified: Thu, 03 Nov 2022 19:46:28 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F711)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 187307
platform.twitter.com/_next/static/chunks/ondemand.Dropdown.8bc7f6ae41bfb038b2b2.js
93.184.220.66200 OK 2.6 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/ondemand.Dropdown.8bc7f6ae41bfb038b2b2.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (6721), with no line terminators
Hash 49f5b55936cdab12275a31750ba532c6
e7319555785aae707edd8fe90066a8c047cf0e8d
e1e93c439ee51eb31aa6adcc7cc267331b66b6d5d16c3ce0463b167e947edbcd
GET /_next/static/chunks/ondemand.Dropdown.8bc7f6ae41bfb038b2b2.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 432782
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 08 Nov 2022 20:01:51 GMT
Etag: "24b6ad17fef6a1d54596d62f11e5a2c6+gzip"
Last-Modified: Thu, 03 Nov 2022 19:46:26 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F705)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 2624
platform.twitter.com/_next/static/chunks/vendors~ondemand.LottieWeb.84a69543ec64b75cae2a.js
93.184.220.66200 OK 42 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/vendors~ondemand.LottieWeb.84a69543ec64b75cae2a.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7d62fb224e618094ce4d3e0e5052d16e
867b72ca2f006158db3c520eb3a2532d63746b92
f5d821fa38dc57edfe84c505b14245d8d03a8553c55383ea3aabb688c1a1d21a
GET /_next/static/chunks/vendors~ondemand.LottieWeb.84a69543ec64b75cae2a.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 510059
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 08 Nov 2022 20:01:52 GMT
Etag: "72929dff5e574c1b877555fd36c7683a+gzip"
Last-Modified: Wed, 28 Sep 2022 17:24:15 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F711)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 41941
platform.twitter.com/_next/static/chunks/1.f4b5d6e5e8dcb4c6aa7f.js
93.184.220.66200 OK 1.9 kB URL HTTP/1.1 platform.twitter.com/_next/static/chunks/1.f4b5d6e5e8dcb4c6aa7f.js
IP 93.184.220.66:0
File type ASCII text, with very long lines (24291)
Hash c5203df5bd1440c2fdf4b44f0eb3116a
6b928e79e59b281eb5b9f5c2ad608f81078b5869
0b638ce107a37db0734fcd82af97d1dd575c246d737949c5414aa1dc549540e3
GET /_next/static/chunks/1.f4b5d6e5e8dcb4c6aa7f.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 432783
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Date: Tue, 08 Nov 2022 20:01:51 GMT
Etag: "5a0c374fae04eeb3b101385087754b18+gzip"
Last-Modified: Thu, 03 Nov 2022 19:46:26 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F708)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 299281
syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1667937709460%2C%22event_namespace%22%3A%7B%22action%22%3A%22results%22%2C%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline-profile%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fthechoicelive.com%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22Thechoicelive%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%223a64761%3A1667500028145%22%2C%22widget_data_source%22%3A%22screen-name%3Athechoice_live%22%7D&session_id=144480b491952f7d1dec9a3cdb1b5c7aa71bdb0f
104.244.42.200200 OK 43 B URL HTTP/2 syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1667937709460%2C%22event_namespace%22%3A%7B%22action%22%3A%22results%22%2C%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline-profile%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fthechoicelive.com%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22Thechoicelive%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%223a64761%3A1667500028145%22%2C%22widget_data_source%22%3A%22screen-name%3Athechoice_live%22%7D&session_id=144480b491952f7d1dec9a3cdb1b5c7aa71bdb0f
IP 104.244.42.200:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1667937709460%2C%22event_namespace%22%3A%7B%22action%22%3A%22results%22%2C%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline-profile%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22a3525f077c700%3A1667415560940%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fthechoicelive.com%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22Thechoicelive%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%223a64761%3A1667500028145%22%2C%22widget_data_source%22%3A%22screen-name%3Athechoice_live%22%7D&session_id=144480b491952f7d1dec9a3cdb1b5c7aa71bdb0f HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/srv/timeline-profile/screen-name/thechoice_live?dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOlsibGlua3RyLmVlIiwidHIuZWUiLCJ0ZXJyYS5jb20uYnIiLCJ3d3cubGlua3RyLmVlIiwid3d3LnRyLmVlIiwid3d3LnRlcnJhLmNvbS5iciJdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdGltZWxpbmVfMTIwMzQiOnsiYnVja2V0IjoidHJlYXRtZW50IiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9lZGl0X2JhY2tlbmQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3JlZnNyY19zZXNzaW9uIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19jaGluX3BpbGxzXzE0NzQxIjp7ImJ1Y2tldCI6ImNvbG9yX2ljb25zIiwidmVyc2lvbiI6bnVsbH0sInRmd190d2VldF9yZXN1bHRfbWlncmF0aW9uXzEzOTc5Ijp7ImJ1Y2tldCI6InR3ZWV0X3Jlc3VsdCIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2Vuc2l0aXZlX21lZGlhX2ludGVyc3RpdGlhbF8xMzk2MyI6eyJidWNrZXQiOiJpbnRlcnN0aXRpYWwiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2V4cGVyaW1lbnRzX2Nvb2tpZV9leHBpcmF0aW9uIjp7ImJ1Y2tldCI6MTIwOTYwMCwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0Zndfc2hvd19ibHVlX3ZlcmlmaWVkX2JhZGdlIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideBorder=false&hideFooter=false&hideHeader=false&hideScrollBar=false&lang=en&maxHeight=850px&origin=https%3A%2F%2Fthechoicelive.com%2F&sessionId=144480b491952f7d1dec9a3cdb1b5c7aa71bdb0f&showHeader=true&showReplies=false&siteScreenName=The%20choice%20live&transparent=false&widgetsVersion=a3525f077c700%3A1667415560940
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 08 Nov 2022 20:01:52 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: image/gif
cache-control: must-revalidate, max-age=600
last-modified: Tue, 08 Nov 2022 20:01:52 GMT
content-length: 43
x-transaction-id: f99b4d0ca6ea46f3
strict-transport-security: max-age=631138519
x-response-time: 112
x-connection-hash: ff85a3d689787fd26a72c730c2cbf9f0d0647b1d79753f7ff1f92c6e4d813d97
X-Firefox-Spdy: h2
pbs.twimg.com/ext_tw_video_thumb/1589634930853777408/pu/img/SfJFM6pGRQVWB93q.jpg
151.101.84.159200 OK 37 kB URL HTTP/2 pbs.twimg.com/ext_tw_video_thumb/1589634930853777408/pu/img/SfJFM6pGRQVWB93q.jpg
IP 151.101.84.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x360, components 3\012- data
Hash e3a795d0230e67bf0fe4b9e3d0dd1751
1a60e5a5865acf27db49693a5b61cb767c6e9f43
f87dfad3a61af5d96665b2962684f747235e0747fbe91c4d4a41f275c7511099
GET /ext_tw_video_thumb/1589634930853777408/pu/img/SfJFM6pGRQVWB93q.jpg HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
perf: 7626143928
cache-control: max-age=604800, must-revalidate
last-modified: Mon, 07 Nov 2022 15:02:36 GMT
x-transaction-id: 3365050fbbc5ba1c
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
content-type: image/jpeg
accept-ranges: bytes
date: Tue, 08 Nov 2022 20:01:52 GMT
x-cache: HIT, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7329-LHR, cache-bma1670-BMA, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 37436
X-Firefox-Spdy: h2
pbs.twimg.com/profile_images/1359401006526828545/1hj2mNkU_normal.jpg
151.101.84.159200 OK 2.1 kB URL HTTP/2 pbs.twimg.com/profile_images/1359401006526828545/1hj2mNkU_normal.jpg
IP 151.101.84.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 48x48, components 3\012- data
Hash 09f9ee486a7f90a8c128574654b57143
71489af5348258e79822606fb65a29044d16784f
4e28a21813fc2734e8f3124041bfe6e2644c549570499a602ada4a0717f2ea71
GET /profile_images/1359401006526828545/1hj2mNkU_normal.jpg HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
cache-control: max-age=604800, must-revalidate
last-modified: Wed, 10 Feb 2021 07:15:11 GMT
x-transaction-id: d67336d0a11d500f
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
content-type: image/jpeg
accept-ranges: bytes
date: Tue, 08 Nov 2022 20:01:52 GMT
x-cache: HIT, HIT
x-tw-cdn: FT
x-served-by: cache-lhr7361-LHR, cache-bma1670-BMA, cache-tw-ZZZ1
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 2111
X-Firefox-Spdy: h2
pbs.twimg.com/media/FhCj8m_WYAMZYXR?format=jpg&name=120x120
151.101.84.159200 OK 5.8 kB URL HTTP/2 pbs.twimg.com/media/FhCj8m_WYAMZYXR?format=jpg&name=120x120
IP 151.101.84.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 120x120, components 3\012- data
Hash b3a532a9bc46cd6f9001ea39de4e54cb
3d4d2a61a0ab2b7f3aca25d4980c63df9a77d6ff
62081cf7e0e7434258705fc50b042b4a1a27372042ce98645e0d6b7bf6e54748
GET /media/FhCj8m_WYAMZYXR?format=jpg&name=120x120 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Tue, 08 Nov 2022 11:58:16 GMT
x-transaction-id: 8395c0cbfc9da5d1
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
accept-ranges: bytes
date: Tue, 08 Nov 2022 20:01:52 GMT
x-cache: HIT, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7380-LHR, cache-bma1670-BMA, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 5834
X-Firefox-Spdy: h2
pbs.twimg.com/media/FhB8H2zWIAAnbRL?format=jpg&name=120x120
151.101.84.159200 OK 3.2 kB URL HTTP/2 pbs.twimg.com/media/FhB8H2zWIAAnbRL?format=jpg&name=120x120
IP 151.101.84.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 120x68, components 3\012- data
Hash 7ed9f6e040e9f0f21837b6b14ec65ed7
fae08071c8c68fe6cb49abaa35a457326850a966
08a0b220c06e6097352f07aeeef5f7cd1c7467db149c1a5049df1d1930fc4f26
GET /media/FhB8H2zWIAAnbRL?format=jpg&name=120x120 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Tue, 08 Nov 2022 09:04:16 GMT
x-transaction-id: 8f6253b33c9bda1f
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
accept-ranges: bytes
date: Tue, 08 Nov 2022 20:01:52 GMT
x-cache: HIT, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7373-LHR, cache-bma1670-BMA, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 3180
X-Firefox-Spdy: h2
pbs.twimg.com/media/FhB4UMeXEAI4I63?format=jpg&name=120x120
151.101.84.159200 OK 3.5 kB URL HTTP/2 pbs.twimg.com/media/FhB4UMeXEAI4I63?format=jpg&name=120x120
IP 151.101.84.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 120x68, components 3\012- data
Hash 63f854c26f4a418a77ff42e8f2f3d52a
5ee198057f34497f5e44bb3b507966a01b5a8c50
371ef404c6c9fd3e120e59ae1d5c05a4300d2faafe5fddfac030c6a09a87d8b5
GET /media/FhB4UMeXEAI4I63?format=jpg&name=120x120 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Tue, 08 Nov 2022 08:47:38 GMT
x-transaction-id: 13fc0a282f41cb4e
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
accept-ranges: bytes
date: Tue, 08 Nov 2022 20:01:52 GMT
x-cache: HIT, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7373-LHR, cache-bma1670-BMA, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 3472
X-Firefox-Spdy: h2
pbs.twimg.com/media/FhBu4IgWYAEP5Vf?format=jpg&name=120x120
151.101.84.159200 OK 3.7 kB URL HTTP/2 pbs.twimg.com/media/FhBu4IgWYAEP5Vf?format=jpg&name=120x120
IP 151.101.84.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 120x68, components 3\012- data
Hash 1daa76a59b82b7a14cfe00a95dcdcc65
727aa6db5bfb7202dff9ed23dbe9db0b28bbeedd
92df509f79aadd8a03b9797b66d207541fcea33fd77b7cd95f352cc56bc3b688
GET /media/FhBu4IgWYAEP5Vf?format=jpg&name=120x120 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Tue, 08 Nov 2022 08:06:24 GMT
x-transaction-id: 996583565201077d
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
accept-ranges: bytes
date: Tue, 08 Nov 2022 20:01:52 GMT
x-cache: HIT, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7350-LHR, cache-bma1670-BMA, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 3685
X-Firefox-Spdy: h2
pbs.twimg.com/media/Fg3X94CXgAAYflA?format=jpg&name=120x120
151.101.84.159200 OK 4.5 kB URL HTTP/2 pbs.twimg.com/media/Fg3X94CXgAAYflA?format=jpg&name=120x120
IP 151.101.84.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 120x110, components 3\012- data
Hash 89a03df3418a6df73e14402dab3e4478
1c1b52e596780f61cdf2359726b2d27b0b439fed
7538162b1bc9378da1e2fef78e789c379ebec3134a2362e4fceda01aae11aa4c
GET /media/Fg3X94CXgAAYflA?format=jpg&name=120x120 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Sun, 06 Nov 2022 07:50:06 GMT
x-transaction-id: 93282e92d58eb4c6
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
accept-ranges: bytes
date: Tue, 08 Nov 2022 20:01:52 GMT
x-cache: HIT, HIT
x-tw-cdn: FT
x-served-by: cache-lhr7320-LHR, cache-bma1670-BMA, cache-tw-ZZZ1
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 4513
X-Firefox-Spdy: h2
pbs.twimg.com/ext_tw_video_thumb/1589556079930839040/pu/img/6l7SxrmRctTvhxcP.jpg
151.101.84.159200 OK 39 kB URL HTTP/2 pbs.twimg.com/ext_tw_video_thumb/1589556079930839040/pu/img/6l7SxrmRctTvhxcP.jpg
IP 151.101.84.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x360, components 3\012- data
Hash 69a0b131ec4e7f55f7ba3ed8f4e25e0c
40c255ee77a7d0c29c9f730f573c768d7a36d722
f9275682d77818bc193f650532cbae9624ad9040d35f01b343ef10805549736e
GET /ext_tw_video_thumb/1589556079930839040/pu/img/6l7SxrmRctTvhxcP.jpg HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
perf: 7626143928
cache-control: max-age=604800, must-revalidate
last-modified: Mon, 07 Nov 2022 09:49:16 GMT
x-transaction-id: dadef3c70162fe03
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
content-type: image/jpeg
accept-ranges: bytes
date: Tue, 08 Nov 2022 20:01:52 GMT
x-cache: HIT, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7327-LHR, cache-bma1670-BMA, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 38853
X-Firefox-Spdy: h2
pbs.twimg.com/media/Fg3X-zsXoAIoieT?format=jpg&name=120x120
151.101.84.159200 OK 2.3 kB URL HTTP/2 pbs.twimg.com/media/Fg3X-zsXoAIoieT?format=jpg&name=120x120
IP 151.101.84.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 95x120, components 3\012- data
Hash 5347be32f1818fe0836aa0bc3c840daf
4677494e77d33d90e0eda2b46e7a073621668145
55a0d9e84df1e13c96700e1501208c42e7eae808af3be3a15cb7af5dc28cba0c
GET /media/Fg3X-zsXoAIoieT?format=jpg&name=120x120 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Sun, 06 Nov 2022 07:50:10 GMT
x-transaction-id: 1fd6122692df6a2a
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
accept-ranges: bytes
date: Tue, 08 Nov 2022 20:01:52 GMT
x-cache: HIT, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7336-LHR, cache-bma1670-BMA, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 2278
X-Firefox-Spdy: h2
pbs.twimg.com/media/Fg3X_F0XwAA5vfD?format=jpg&name=120x120
151.101.84.159200 OK 5.1 kB URL HTTP/2 pbs.twimg.com/media/Fg3X_F0XwAA5vfD?format=jpg&name=120x120
IP 151.101.84.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 120x120, components 3\012- data
Hash 1bebf80290044cfda38c6cd2ffb52519
d59af8c9f0a74e87a7adb6dbdaa1d1d5bcc3a480
8dbe1a7f9545133078b98477053ebf29899fd5129916fab03a360d99eeb01f33
GET /media/Fg3X_F0XwAA5vfD?format=jpg&name=120x120 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Sun, 06 Nov 2022 07:50:11 GMT
x-transaction-id: f3cc8ef497484dc7
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
accept-ranges: bytes
date: Tue, 08 Nov 2022 20:01:52 GMT
x-cache: HIT, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7335-LHR, cache-bma1670-BMA, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 5126
X-Firefox-Spdy: h2
pbs.twimg.com/media/Fg3H7aBXkAAFk0I?format=jpg&name=120x120
151.101.84.159200 OK 3.6 kB URL HTTP/2 pbs.twimg.com/media/Fg3H7aBXkAAFk0I?format=jpg&name=120x120
IP 151.101.84.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 120x60, components 3\012- data
Hash 2aa097f8c5b85bf5ce8dfc1612428164
4376542903cbf5e1b09cbe6c75c885b6409abd90
7827d3e3acd5c96c3d403217adf56b7b2d25468f088ee09957adc44e27af8ea2
GET /media/Fg3H7aBXkAAFk0I?format=jpg&name=120x120 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Sun, 06 Nov 2022 06:40:01 GMT
x-transaction-id: 3d185d6844c74866
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
accept-ranges: bytes
date: Tue, 08 Nov 2022 20:01:52 GMT
x-cache: HIT, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7325-LHR, cache-bma1670-BMA, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 3591
X-Firefox-Spdy: h2
pbs.twimg.com/media/Fgtq9QuXoAEFDga?format=jpg&name=120x120
151.101.84.159200 OK 6.1 kB URL HTTP/2 pbs.twimg.com/media/Fgtq9QuXoAEFDga?format=jpg&name=120x120
IP 151.101.84.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 120x120, components 3\012- data
Hash 7e7385566c5884d1cf0aeae0838ad419
82152f5a99d9e09dbb7da908ac7d86f09b023b8e
f6ff08fbb4abb58df9a4dc73612508ce353191dfcbee68c6daef418b37c9cbae
GET /media/Fgtq9QuXoAEFDga?format=jpg&name=120x120 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Fri, 04 Nov 2022 10:36:52 GMT
x-transaction-id: 9513d2fb3ea46807
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
accept-ranges: bytes
date: Tue, 08 Nov 2022 20:01:53 GMT
x-cache: HIT, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7374-LHR, cache-bma1670-BMA, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 6132
X-Firefox-Spdy: h2
pbs.twimg.com/media/Fgs1qinWQAEoJv_?format=jpg&name=120x120
151.101.84.159200 OK 3.7 kB URL HTTP/2 pbs.twimg.com/media/Fgs1qinWQAEoJv_?format=jpg&name=120x120
IP 151.101.84.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 120x80, components 3\012- data
Hash 0cf684e4387e1c206189e2e8471d9a82
616f509b3c5c85a3d7c7f453180c3d2f51414de6
21b4977f7a6fdf12f91c64e195ad13ba5201ff41df4ee72e6cfd5c0796c70955
GET /media/Fgs1qinWQAEoJv_?format=jpg&name=120x120 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Fri, 04 Nov 2022 06:44:02 GMT
x-transaction-id: 88112505260d8c81
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
accept-ranges: bytes
date: Tue, 08 Nov 2022 20:01:53 GMT
x-cache: HIT, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7360-LHR, cache-bma1670-BMA, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 3706
X-Firefox-Spdy: h2
pbs.twimg.com/media/FgfCp6NWIAADUpk?format=jpg&name=120x120
151.101.84.159200 OK 6.1 kB URL HTTP/2 pbs.twimg.com/media/FgfCp6NWIAADUpk?format=jpg&name=120x120
IP 151.101.84.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 120x120, components 3\012- data
Hash 16fcf79774bfcc094703e7d49eb41344
8961e4064091d8f4adceb09a6212f23d0d0b1ca1
064810d9e040188922e32368bdb608a9306cfb007ad816a4c150de42d1faff42
GET /media/FgfCp6NWIAADUpk?format=jpg&name=120x120 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Tue, 01 Nov 2022 14:26:06 GMT
x-transaction-id: 48b0defea89ada53
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
accept-ranges: bytes
date: Tue, 08 Nov 2022 20:01:53 GMT
x-cache: HIT, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7342-LHR, cache-bma1670-BMA, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 6132
X-Firefox-Spdy: h2
pbs.twimg.com/media/FgoUvIhXoAEG07V?format=jpg&name=120x120
151.101.84.159200 OK 3.5 kB URL HTTP/2 pbs.twimg.com/media/FgoUvIhXoAEG07V?format=jpg&name=120x120
IP 151.101.84.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 120x68, components 3\012- data
Hash c824ed667e37570e526a6b48b0aecbd1
c2c1ee5a9be9e3334d3b22ff2d3ad68b14ce8166
68be3b077cc4182cee0a2f6f986ef4640fcf4d579aff55d96dc83f7f4a6ea6e7
GET /media/FgoUvIhXoAEG07V?format=jpg&name=120x120 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Thu, 03 Nov 2022 09:41:41 GMT
x-transaction-id: fd2a8f9e12eea87d
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
accept-ranges: bytes
date: Tue, 08 Nov 2022 20:01:53 GMT
x-cache: HIT, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7339-LHR, cache-bma1670-BMA, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 3478
X-Firefox-Spdy: h2
pbs.twimg.com/media/Fg3QGbqWAAIJVj8?format=jpg&name=120x120
151.101.84.159200 OK 3.8 kB URL HTTP/2 pbs.twimg.com/media/Fg3QGbqWAAIJVj8?format=jpg&name=120x120
IP 151.101.84.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 120x68, components 3\012- data
Hash b99543d1fc502279fe83c06e5f68a7f3
c2930ae6c74d654b857ea765f3dbd3681ba474ed
d842c91509b2ce8fcb480b29e63f5b9024993015e984f7c96d42579cd6435155
GET /media/Fg3QGbqWAAIJVj8?format=jpg&name=120x120 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Sun, 06 Nov 2022 07:15:44 GMT
x-transaction-id: fd619ff6a66329ab
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
accept-ranges: bytes
date: Tue, 08 Nov 2022 20:01:53 GMT
x-cache: MISS, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7333-LHR, cache-bma1670-BMA, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 3834
X-Firefox-Spdy: h2
pbs.twimg.com/media/FgyRaSsWIAAVJqB?format=jpg&name=120x120
151.101.84.159200 OK 3.8 kB URL HTTP/2 pbs.twimg.com/media/FgyRaSsWIAAVJqB?format=jpg&name=120x120
IP 151.101.84.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 120x68, components 3\012- data
Hash 077917801d4988294c339004e32da766
2f2f9e230f000ee855c998b390ce31e754a2fd4e
54a1d79d1f7c2e73574d19d84c9e364b65d702fcd172550a33889bbca0aa7ce8
GET /media/FgyRaSsWIAAVJqB?format=jpg&name=120x120 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Sat, 05 Nov 2022 08:03:21 GMT
x-transaction-id: ed6a781981114e9d
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
accept-ranges: bytes
date: Tue, 08 Nov 2022 20:01:53 GMT
x-cache: MISS, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7383-LHR, cache-bma1670-BMA, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 3798
X-Firefox-Spdy: h2
pbs.twimg.com/media/FgdSoz0X0AIlKbQ?format=jpg&name=120x120
151.101.84.159200 OK 2.5 kB URL HTTP/2 pbs.twimg.com/media/FgdSoz0X0AIlKbQ?format=jpg&name=120x120
IP 151.101.84.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 120x80, components 3\012- data
Hash a23cda556edeeef12b1ebe7a7fdbc65a
845ac10a57bc484fc186fcbb2c37d44ff89edc2c
49453b645007ff7d331d24f725c2513c92c9f081c04788bcb52df47aceb2ff6e
GET /media/FgdSoz0X0AIlKbQ?format=jpg&name=120x120 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Tue, 01 Nov 2022 06:16:41 GMT
x-transaction-id: 4c1babed3bc00647
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
accept-ranges: bytes
date: Tue, 08 Nov 2022 20:01:53 GMT
x-cache: HIT, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7323-LHR, cache-bma1670-BMA, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 2534
X-Firefox-Spdy: h2
pbs.twimg.com/media/FgaC-llXoAgJgB9?format=jpg&name=120x120
151.101.84.159200 OK 3.1 kB URL HTTP/2 pbs.twimg.com/media/FgaC-llXoAgJgB9?format=jpg&name=120x120
IP 151.101.84.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 120x71, components 3\012- data
Hash 65f62d5f7b6e42c65f37cfb0fa7dd189
af6aaa393473704702722672a40b543bb293d0e5
d6aab23063778dd3f0820ca5bd0ff4e569bcdc29dd2490a63207f4a53ef06f38
GET /media/FgaC-llXoAgJgB9?format=jpg&name=120x120 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Mon, 31 Oct 2022 15:09:24 GMT
x-transaction-id: 7dbf82dc19cacdc7
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
accept-ranges: bytes
date: Tue, 08 Nov 2022 20:01:53 GMT
x-cache: HIT, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7362-LHR, cache-bma1670-BMA, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 3071
X-Firefox-Spdy: h2
pbs.twimg.com/media/FgaW0kLWQAEFl10?format=jpg&name=120x120
151.101.84.159200 OK 3.2 kB URL HTTP/2 pbs.twimg.com/media/FgaW0kLWQAEFl10?format=jpg&name=120x120
IP 151.101.84.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 120x66, components 3\012- data
Hash 1bb47f695b626f9da8a35ea16c1566c9
62bde689a38b3ffd0b14e20e63b637b8098ea055
bbd2027fb4d6434b45ccb4e9a011ef9aa77a67bafb97234157bdf8c196629f85
GET /media/FgaW0kLWQAEFl10?format=jpg&name=120x120 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Mon, 31 Oct 2022 16:36:06 GMT
x-transaction-id: 6bd58d84780ce640
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
accept-ranges: bytes
date: Tue, 08 Nov 2022 20:01:53 GMT
x-cache: HIT, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7367-LHR, cache-bma1670-BMA, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 3228
X-Firefox-Spdy: h2
pbs.twimg.com/media/FgZL5ZoWIAAcqK4?format=jpg&name=120x120
151.101.84.159200 OK 4.8 kB URL HTTP/2 pbs.twimg.com/media/FgZL5ZoWIAAcqK4?format=jpg&name=120x120
IP 151.101.84.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 120x81, components 3\012- data
Hash c6265c645c798d9903f646fe04b294ba
beb1235fbb9cf4a201f9194bbf41721ced2fd87a
a2eabde750d22411d5376cd7031ae2ce46a662e4cc0db3dbdbd1b8141e9c22d4
GET /media/FgZL5ZoWIAAcqK4?format=jpg&name=120x120 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Mon, 31 Oct 2022 11:08:45 GMT
x-transaction-id: 2af89a4cb3db977a
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
accept-ranges: bytes
date: Tue, 08 Nov 2022 20:01:53 GMT
x-cache: HIT, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7335-LHR, cache-bma1670-BMA, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 4758
X-Firefox-Spdy: h2
pbs.twimg.com/media/FgyRa9BXEAA0Wir?format=jpg&name=120x120
151.101.84.159200 OK 4.8 kB URL HTTP/2 pbs.twimg.com/media/FgyRa9BXEAA0Wir?format=jpg&name=120x120
IP 151.101.84.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 120x120, components 3\012- data
Hash 49898b8ba6f778206a553bd5de071dea
10f6a1f8bb9bb35cecf493d664814d7b85a5949e
34f7b8317b2d147e19766a1b6a4be45006c78e59c3ccb78ca8577b66780c77e4
GET /media/FgyRa9BXEAA0Wir?format=jpg&name=120x120 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Sat, 05 Nov 2022 08:03:24 GMT
x-transaction-id: 3d55bac4e8f223c0
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
accept-ranges: bytes
date: Tue, 08 Nov 2022 20:01:53 GMT
x-cache: MISS, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7338-LHR, cache-bma1670-BMA, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 4830
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221101&st=env
142.250.74.34200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221101&st=env
IP 142.250.74.34:0
File type JSON data\012- , ASCII text, with very long lines (14650), with no line terminators
Hash e02e6fe8976dc3d8c013316a52637e47
8ac57984655ca89b3ce23f1e39acb09c4322033a
0cac70b830cee68d6ce689fb17293365dd57821d0d94280bf9a4f19da3b1e38c
GET /getconfig/sodar?sv=200&tid=gda&tv=r20221101&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://thechoicelive.com
Connection: keep-alive
Referer: https://thechoicelive.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
date: Tue, 08 Nov 2022 20:01:53 GMT
server: cafe
content-length: 11061
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
thechoicelive.com/pwa-sw.js
194.163.180.153404 Not Found 11 kB URL HTTP/1.1 thechoicelive.com/pwa-sw.js
IP 194.163.180.153:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3531), with CRLF, LF line terminators
Hash 770c7c9701018ceaa90ca3e5cd9804c5
3f6b252476ca23e0d2fc1b3b9fde05d6d1a3a99b
88dcde47b7117275db00c282e0c98ed538d758cc5fab5287c63e64722f912997
Analyzer Verdict Alert quad9 Sinkholed
GET /pwa-sw.js HTTP/1.1
Host: thechoicelive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; 6077f80d69618_ci_session=72175a59f68f8d4dce264ae868aa5202847bf339; _ga_ZPDXJH8V7Q=GS1.1.1667937706.1.0.1667937706.0.0.0; _ga=GA1.1.254237680.1667937706; __gads=ID=6ba677171a1ef169-225fd28e6fce00ac:T=1667937710:RT=1667937710:S=ALNI_MbiQyvUfzUHAvh5x-VkR-B1X-Q5Sg; __gpi=UID=00000b7ea3af547a:T=1667937710:RT=1667937710:S=ALNI_MbXdmcoPges0cK0q0s_QaVEl6FhQg
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Tue, 08 Nov 2022 20:01:53 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Set-Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; expires=Tue, 08-Nov-2022 22:01:53 GMT; Max-Age=7200; path=/
Keep-Alive: timeout=5, max=77
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
pbs.twimg.com/media/FhCj8m_WYAMZYXR?format=jpg&name=360x360
151.101.84.159200 OK 37 kB URL HTTP/2 pbs.twimg.com/media/FhCj8m_WYAMZYXR?format=jpg&name=360x360
IP 151.101.84.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 360x360, components 3\012- data
Hash 34c75017f090aaa6342c601729cb1059
46adf856b3e893023e8dc3cc66fe7e82093d5d2b
0b578094bf411bab34a5d2a0af0cb0338abdb9e3aebec270883c9d17e9f04820
GET /media/FhCj8m_WYAMZYXR?format=jpg&name=360x360 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Tue, 08 Nov 2022 11:58:16 GMT
x-transaction-id: 3323030799db6ce2
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
accept-ranges: bytes
date: Tue, 08 Nov 2022 20:01:55 GMT
x-cache: HIT, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7321-LHR, cache-bma1670-BMA, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 36984
X-Firefox-Spdy: h2
pbs.twimg.com/media/FhB8H2zWIAAnbRL?format=jpg&name=360x360
151.101.84.159200 OK 15 kB URL HTTP/2 pbs.twimg.com/media/FhB8H2zWIAAnbRL?format=jpg&name=360x360
IP 151.101.84.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 360x203, components 3\012- data
Hash fdc1d8627dba69790ab162d921c3bb9f
b0bfc02293e391e26a78a906b813b6681e1e17a6
36e4b39d26cc29cc1283d247caa6f22d8bd11913962adec5de8e193fa8ede759
GET /media/FhB8H2zWIAAnbRL?format=jpg&name=360x360 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Tue, 08 Nov 2022 09:04:16 GMT
x-transaction-id: a9f258c4d76254c3
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
accept-ranges: bytes
date: Tue, 08 Nov 2022 20:01:55 GMT
x-cache: HIT, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7329-LHR, cache-bma1670-BMA, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 15188
X-Firefox-Spdy: h2
pbs.twimg.com/media/FhB4UMeXEAI4I63?format=jpg&name=360x360
151.101.84.159200 OK 17 kB URL HTTP/2 pbs.twimg.com/media/FhB4UMeXEAI4I63?format=jpg&name=360x360
IP 151.101.84.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 360x203, components 3\012- data
Hash c78e213a0073c656d806b309bf265a06
82f7085d80172bbae22659db707f8c739224b0db
c5b1688a2a345ff8b10d3ce08635f54fe4f2b4ec75f5bd0452d69e3ca0ef6b6e
GET /media/FhB4UMeXEAI4I63?format=jpg&name=360x360 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Tue, 08 Nov 2022 08:47:38 GMT
x-transaction-id: 1ccf1d8783acd8c2
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
accept-ranges: bytes
date: Tue, 08 Nov 2022 20:01:55 GMT
x-cache: HIT, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7325-LHR, cache-bma1670-BMA, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 17278
X-Firefox-Spdy: h2
pbs.twimg.com/media/FhBu4IgWYAEP5Vf?format=jpg&name=360x360
151.101.84.159200 OK 19 kB URL HTTP/2 pbs.twimg.com/media/FhBu4IgWYAEP5Vf?format=jpg&name=360x360
IP 151.101.84.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 360x203, components 3\012- data
Hash b50e5e64aab60e9f807ff385fdd04c99
b98687c25d466f7a439ae88a8688f4a8bbf7ce38
f6c5ad18a9fc24a4980a6a7ae1c0baa4bd984562a11f7ecce7bbb6a36831e171
GET /media/FhBu4IgWYAEP5Vf?format=jpg&name=360x360 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Tue, 08 Nov 2022 08:06:24 GMT
x-transaction-id: c02af059336dab59
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
accept-ranges: bytes
date: Tue, 08 Nov 2022 20:01:55 GMT
x-cache: HIT, MISS
x-tw-cdn: FT
x-served-by: cache-lhr6622-LHR, cache-bma1670-BMA, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 18966
X-Firefox-Spdy: h2
pbs.twimg.com/media/Fg3X94CXgAAYflA?format=jpg&name=240x240
151.101.84.159200 OK 13 kB URL HTTP/2 pbs.twimg.com/media/Fg3X94CXgAAYflA?format=jpg&name=240x240
IP 151.101.84.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x220, components 3\012- data
Hash dfc0a125a0ca38903428151b0c49149f
46493a1d583d8cfb67bab48f38cb42536c56eee8
1619d3f7e65188fe0fdf74626fa4770061fdffff86aba80f6b9de165a9e9abe7
GET /media/Fg3X94CXgAAYflA?format=jpg&name=240x240 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Sun, 06 Nov 2022 07:50:06 GMT
x-transaction-id: 4a1dac22a0ca02c0
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
accept-ranges: bytes
date: Tue, 08 Nov 2022 20:01:55 GMT
x-cache: HIT, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7352-LHR, cache-bma1670-BMA, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 12889
X-Firefox-Spdy: h2
pbs.twimg.com/media/Fg3QGbqWAAIJVj8?format=jpg&name=360x360
151.101.84.159200 OK 17 kB URL HTTP/2 pbs.twimg.com/media/Fg3QGbqWAAIJVj8?format=jpg&name=360x360
IP 151.101.84.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 360x203, components 3\012- data
Hash 2d952fce188aa4a4930938f36b29e21c
44d978804349b13ff3796d0ab92ae0a086d2e5cf
b2441ea5a2a41f2075983d63756b8e2773566b767488d48d87da234baa8ab3f4
GET /media/Fg3QGbqWAAIJVj8?format=jpg&name=360x360 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Sun, 06 Nov 2022 07:15:44 GMT
x-transaction-id: e4f8f51b88a96fe4
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
accept-ranges: bytes
date: Tue, 08 Nov 2022 20:01:55 GMT
x-cache: HIT, HIT
x-tw-cdn: FT
x-served-by: cache-lhr6629-LHR, cache-bma1670-BMA, cache-tw-ZZZ1
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 16934
X-Firefox-Spdy: h2
pbs.twimg.com/media/Fg3H7aBXkAAFk0I?format=jpg&name=360x360
151.101.84.159200 OK 20 kB URL HTTP/2 pbs.twimg.com/media/Fg3H7aBXkAAFk0I?format=jpg&name=360x360
IP 151.101.84.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 360x180, components 3\012- data
Hash f1aee66fcbcc9f98bd573c89e9b30dbd
bf66060a81edb82f5eba4c369a0ca8edcc16629b
57ae6d0baaaba828dd0e2e2ae79793a17a2b2cfcdb9b4362ac29f83ec52764c6
GET /media/Fg3H7aBXkAAFk0I?format=jpg&name=360x360 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Sun, 06 Nov 2022 06:40:01 GMT
x-transaction-id: 2d868a25ec96eee3
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
accept-ranges: bytes
date: Tue, 08 Nov 2022 20:01:55 GMT
x-cache: HIT, HIT
x-tw-cdn: FT
x-served-by: cache-lhr7358-LHR, cache-bma1670-BMA, cache-tw-ZZZ1
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 19719
X-Firefox-Spdy: h2
thechoicelive.com/://img.youtube.com/vi/8t3r61dFicU/maxresdefault.jpg
194.163.180.153404 Not Found 11 kB URL HTTP/1.1 thechoicelive.com/://img.youtube.com/vi/8t3r61dFicU/maxresdefault.jpg
IP 194.163.180.153:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3531), with CRLF, LF line terminators
Hash c1ecf287ca364cc20cf513343b84ee7e
2014d67551f14d9b0820a85d78ee6b48513aa3d5
72193cf8af3e3289a47a33317500a4add9b532918314ecbe5bf10bc48a7ffb0d
Analyzer Verdict Alert quad9 Sinkholed
GET /://img.youtube.com/vi/8t3r61dFicU/maxresdefault.jpg HTTP/1.1
Host: thechoicelive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; 6077f80d69618_ci_session=72175a59f68f8d4dce264ae868aa5202847bf339; _ga_ZPDXJH8V7Q=GS1.1.1667937706.1.0.1667937706.0.0.0; _ga=GA1.1.254237680.1667937706; __gads=ID=6ba677171a1ef169-225fd28e6fce00ac:T=1667937710:RT=1667937710:S=ALNI_MbiQyvUfzUHAvh5x-VkR-B1X-Q5Sg; __gpi=UID=00000b7ea3af547a:T=1667937710:RT=1667937710:S=ALNI_MbXdmcoPges0cK0q0s_QaVEl6FhQg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Tue, 08 Nov 2022 20:01:55 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Set-Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; expires=Tue, 08-Nov-2022 22:01:55 GMT; Max-Age=7200; path=/
Keep-Alive: timeout=5, max=76
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
pbs.twimg.com/media/FgyRaSsWIAAVJqB?format=jpg&name=360x360
151.101.84.159200 OK 19 kB URL HTTP/2 pbs.twimg.com/media/FgyRaSsWIAAVJqB?format=jpg&name=360x360
IP 151.101.84.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 360x203, components 3\012- data
Hash b288ba460bc5706b5652f6cbc0487d03
4e000664742dae783e9bbfe5a7956e5bb702280e
9daf6c5278040ea73bd3b81d550e68d6655d1ce6886682e30992f187124ed571
GET /media/FgyRaSsWIAAVJqB?format=jpg&name=360x360 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Sat, 05 Nov 2022 08:03:21 GMT
x-transaction-id: abfa26b4c8e00434
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
accept-ranges: bytes
date: Tue, 08 Nov 2022 20:01:55 GMT
x-cache: HIT, HIT
x-tw-cdn: FT
x-served-by: cache-lhr7372-LHR, cache-bma1670-BMA, cache-tw-ZZZ1
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 19374
X-Firefox-Spdy: h2
thechoicelive.com/uploads/images/2022/09/image_380x226_6335a8ceafff0.jpg
194.163.180.153200 OK 15 kB URL HTTP/1.1 thechoicelive.com/uploads/images/2022/09/image_380x226_6335a8ceafff0.jpg
IP 194.163.180.153:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", baseline, precision 8, 380x226, components 3\012- data
Hash 593904fc949c7d3eac63657e3ad4deb7
434ee6ea2d8f3f88c56b33cb448df387986b28df
87ea9dfe4ae826949fcd9bfcf0114b6834dced0f3b7a77e4ebeaf0ea6087df0a
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/images/2022/09/image_380x226_6335a8ceafff0.jpg HTTP/1.1
Host: thechoicelive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; 6077f80d69618_ci_session=72175a59f68f8d4dce264ae868aa5202847bf339; _ga_ZPDXJH8V7Q=GS1.1.1667937706.1.0.1667937706.0.0.0; _ga=GA1.1.254237680.1667937706; __gads=ID=6ba677171a1ef169-225fd28e6fce00ac:T=1667937710:RT=1667937710:S=ALNI_MbiQyvUfzUHAvh5x-VkR-B1X-Q5Sg; __gpi=UID=00000b7ea3af547a:T=1667937710:RT=1667937710:S=ALNI_MbXdmcoPges0cK0q0s_QaVEl6FhQg
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 08 Nov 2022 20:01:55 GMT
Server: Apache
Last-Modified: Thu, 29 Sep 2022 14:16:46 GMT
Accept-Ranges: bytes
Content-Length: 14911
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
pbs.twimg.com/media/Fg3X-zsXoAIoieT?format=jpg&name=240x240
151.101.84.159200 OK 6.8 kB URL HTTP/2 pbs.twimg.com/media/Fg3X-zsXoAIoieT?format=jpg&name=240x240
IP 151.101.84.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 191x240, components 3\012- data
Hash c41082c9a8ab062233572f84200a90ce
813ccd3d0a58a3173b36536a0603856f7f3c8a9c
dd585aaefc6c279f2578cdd867fa82e7293c0ee940bf36ae4ceba30f6d36a93c
GET /media/Fg3X-zsXoAIoieT?format=jpg&name=240x240 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Sun, 06 Nov 2022 07:50:10 GMT
x-transaction-id: 9d65aacb6daecddb
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
accept-ranges: bytes
date: Tue, 08 Nov 2022 20:01:55 GMT
x-cache: MISS, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7338-LHR, cache-bma1670-BMA, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 6786
X-Firefox-Spdy: h2
pbs.twimg.com/media/FgyRa9BXEAA0Wir?format=jpg&name=240x240
151.101.84.159200 OK 16 kB URL HTTP/2 pbs.twimg.com/media/FgyRa9BXEAA0Wir?format=jpg&name=240x240
IP 151.101.84.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 240x240, components 3\012- data
Hash 78388a0e6bb0865f54374d6be40f6a0d
9f791e64ee0d60416995fe1a4374dc85b3e74c72
48f2e64a5865cc54f538f4bb41198572790e3bc0f5e086d86260ecc883127332
GET /media/FgyRa9BXEAA0Wir?format=jpg&name=240x240 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Sat, 05 Nov 2022 08:03:24 GMT
x-transaction-id: 670ee1c8ed00759a
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
accept-ranges: bytes
date: Tue, 08 Nov 2022 20:01:55 GMT
x-cache: HIT, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7378-LHR, cache-bma1670-BMA, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 15600
X-Firefox-Spdy: h2
pbs.twimg.com/media/Fgtq9QuXoAEFDga?format=jpg&name=360x360
151.101.84.159200 OK 30 kB URL HTTP/2 pbs.twimg.com/media/Fgtq9QuXoAEFDga?format=jpg&name=360x360
IP 151.101.84.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 360x360, components 3\012- data
Hash 265bf48cf40f57875139c734dacb28f8
409172043b996353001f54427d5c7026d30674e3
ffcd6eeec2f2af0d18e40583f16855a9303fb4be12f9ff7cef4bb4c3bcf382f8
GET /media/Fgtq9QuXoAEFDga?format=jpg&name=360x360 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Fri, 04 Nov 2022 10:36:52 GMT
x-transaction-id: 70f9d003f9f1d3c5
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
accept-ranges: bytes
date: Tue, 08 Nov 2022 20:01:55 GMT
x-cache: HIT, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7360-LHR, cache-bma1670-BMA, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 30169
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 18258ebcbe650b38f7a8680637ac1bb1
ecfac9a8082532a1980d7283e56e919f31f4ec35
4dc8f15fb4b1c91aa3fc1a8f3a9e9e3c6d3e9407da4fb2b69f7a9407f2fdd666
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 20:01:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pbs.twimg.com/media/Fgs1qinWQAEoJv_?format=jpg&name=360x360
151.101.84.159200 OK 18 kB URL HTTP/2 pbs.twimg.com/media/Fgs1qinWQAEoJv_?format=jpg&name=360x360
IP 151.101.84.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 360x240, components 3\012- data
Hash b1ac5627221fc94c0a9093fa2aa108a5
14ba1cb0221758d9ab05251ca4cb120c26000d10
365057ad46bd286d1882da3fea806fca87582dbe5a4b689ad69375f6cd005c90
GET /media/Fgs1qinWQAEoJv_?format=jpg&name=360x360 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Fri, 04 Nov 2022 06:44:02 GMT
x-transaction-id: 7bdaee79e552b82e
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
accept-ranges: bytes
date: Tue, 08 Nov 2022 20:01:55 GMT
x-cache: HIT, MISS
x-tw-cdn: FT
x-served-by: cache-lhr6622-LHR, cache-bma1670-BMA, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 18437
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.33200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Tue, 08 Nov 2022 20:01:55 GMT
expires: Tue, 08 Nov 2022 20:01:55 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pbs.twimg.com/media/FgfCp6NWIAADUpk?format=jpg&name=360x360
151.101.84.159200 OK 38 kB URL HTTP/2 pbs.twimg.com/media/FgfCp6NWIAADUpk?format=jpg&name=360x360
IP 151.101.84.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 360x360, components 3\012- data
Hash 73536aea17f00ddbf01e8355d681ff7a
0db04b6e7f939ab5ed6308be0201eb09e0e92823
87b438aaee259724c4edbaa1cffd0a851135153c8bc3d02e851408a03a5fb879
GET /media/FgfCp6NWIAADUpk?format=jpg&name=360x360 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Tue, 01 Nov 2022 14:26:06 GMT
x-transaction-id: fc0a72748559c667
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
accept-ranges: bytes
date: Tue, 08 Nov 2022 20:01:55 GMT
x-cache: HIT, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7333-LHR, cache-bma1670-BMA, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 38517
X-Firefox-Spdy: h2
pbs.twimg.com/media/FgoUvIhXoAEG07V?format=jpg&name=360x360
151.101.84.159200 OK 22 kB URL HTTP/2 pbs.twimg.com/media/FgoUvIhXoAEG07V?format=jpg&name=360x360
IP 151.101.84.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 360x203, components 3\012- data
Hash 6d2b1965109b8e2c1df618e75e9f460d
7c37e25691ebc118820b3cddd07757aea4a75b34
afba70075fa8df06f2fb439da39043511fc57073c8d5cc7ca37d9131d26a393e
GET /media/FgoUvIhXoAEG07V?format=jpg&name=360x360 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Thu, 03 Nov 2022 09:41:41 GMT
x-transaction-id: 14bdf099f66b1825
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
accept-ranges: bytes
date: Tue, 08 Nov 2022 20:01:55 GMT
x-cache: HIT, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7374-LHR, cache-bma1670-BMA, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 22291
X-Firefox-Spdy: h2
pbs.twimg.com/media/FgaW0kLWQAEFl10?format=jpg&name=360x360
151.101.84.159200 OK 12 kB URL HTTP/2 pbs.twimg.com/media/FgaW0kLWQAEFl10?format=jpg&name=360x360
IP 151.101.84.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 360x197, components 3\012- data
Hash 8e696cd7ad639aad0f38895bb1a94404
302dbaea5d0197a7b3135c6f35a8d04691156e87
3e9ed58563cd5fdf2c7a85b0a41a4eba36c1d5c35dd6c311e4ce2e0c67e3d353
GET /media/FgaW0kLWQAEFl10?format=jpg&name=360x360 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Mon, 31 Oct 2022 16:36:06 GMT
x-transaction-id: 9ea3b9cb3870adaf
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
accept-ranges: bytes
date: Tue, 08 Nov 2022 20:01:55 GMT
x-cache: HIT, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7328-LHR, cache-bma1670-BMA, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 12102
X-Firefox-Spdy: h2
pbs.twimg.com/media/FgaC-llXoAgJgB9?format=jpg&name=360x360
151.101.84.159200 OK 16 kB URL HTTP/2 pbs.twimg.com/media/FgaC-llXoAgJgB9?format=jpg&name=360x360
IP 151.101.84.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 360x214, components 3\012- data
Hash 2df402b3aae80390183ebb8e918c401c
6060a38c2970b1899a3e246191fa8a0131059281
7eae3d207f74203af865c59d25c1aef7ed1a8200737ee867f7531c946826e583
GET /media/FgaC-llXoAgJgB9?format=jpg&name=360x360 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Mon, 31 Oct 2022 15:09:24 GMT
x-transaction-id: bc0e6c751778feaf
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
accept-ranges: bytes
date: Tue, 08 Nov 2022 20:01:55 GMT
x-cache: HIT, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7377-LHR, cache-bma1670-BMA, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 15589
X-Firefox-Spdy: h2
pbs.twimg.com/media/FgZL5ZoWIAAcqK4?format=jpg&name=360x360
151.101.84.159200 OK 29 kB URL HTTP/2 pbs.twimg.com/media/FgZL5ZoWIAAcqK4?format=jpg&name=360x360
IP 151.101.84.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 360x242, components 3\012- data
Hash a54926fc480299eaf7b2d666dab591cb
2c9ba2abe4a79dcce8de72850dd3366afef260c0
a3a355022d5a334eaed7899e89813822ad687134a1c7c62036a7b64411a08fd7
GET /media/FgZL5ZoWIAAcqK4?format=jpg&name=360x360 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Mon, 31 Oct 2022 11:08:45 GMT
x-transaction-id: c3a871c492458dc5
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
accept-ranges: bytes
date: Tue, 08 Nov 2022 20:01:55 GMT
x-cache: HIT, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7339-LHR, cache-bma1670-BMA, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 28996
X-Firefox-Spdy: h2
pbs.twimg.com/media/FgdSoz0X0AIlKbQ?format=jpg&name=360x360
151.101.84.159200 OK 10 kB URL HTTP/2 pbs.twimg.com/media/FgdSoz0X0AIlKbQ?format=jpg&name=360x360
IP 151.101.84.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 360x240, components 3\012- data
Hash 8ac919572bc09e9d36254b785865b791
4d93a7ec7f8ae11762a800316ff3b4bf469d4b36
2bb9558013fe8e37319a6d41b634d13128e19b3dc66075d1431928f9c9536921
GET /media/FgdSoz0X0AIlKbQ?format=jpg&name=360x360 HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://syndication.twitter.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
perf: 7626143928
content-type: image/jpeg
cache-control: max-age=604800, must-revalidate
last-modified: Tue, 01 Nov 2022 06:16:41 GMT
x-transaction-id: 2dd4430dd8044974
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
accept-ranges: bytes
date: Tue, 08 Nov 2022 20:01:55 GMT
x-cache: HIT, MISS
x-tw-cdn: FT
x-served-by: cache-lhr7368-LHR, cache-bma1670-BMA, cache-tw-ZZZ1
server-timing: x-cache;desc=MISS, x-tw-cdn;desc=FT
content-length: 10365
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
142.250.74.33200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 142.250.74.33:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 08 Nov 2022 08:41:52 GMT
expires: Wed, 08 Nov 2023 08:41:52 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 40803
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 3549d49ec9ef3b66f2f3da1f6172ef93
54fa67ac88099ed2d4cdf7e24c8b301c7a098d0b
0af6a29f343dcbc612e18ab821ae8555975e27c363d72205366a3c5bb85b7211
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 08 Nov 2022 20:01:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js
142.250.74.34200 OK 16 kB URL HTTP/2 pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js
IP 142.250.74.34:0
File type ASCII text, with very long lines (36114)
Hash 65873f182846e8f0e6c7ee024b08e207
b953b2407169785a9ca3fcb102a6c9aae837788f
292c83d3f42c01a4c66b29ae492584a8cb98f427470e09474d40f012a4f8e492
GET /bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tpc.googlesyndication.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 16061
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 04 Nov 2022 01:30:49 GMT
expires: Sat, 04 Nov 2023 01:30:49 GMT
cache-control: public, max-age=31536000
age: 412266
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 510 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 309ac68ed3f54468d10eafc3380306e9
be21afcd2c8e83217d888c2a67ae44b426d61c98
7fbfedf2a337f6783037e4193bc5b1a0bb94f0e87f69674c255ea54066243c89
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 08 Nov 2022 20:01:55 GMT
date: Tue, 08 Nov 2022 20:01:55 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-ymuySaahSP_d9HvitS4Erw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 510
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221101&jk=623063048605400&rc=
142.250.74.34204 No Content 0 B URL HTTP/2 pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221101&jk=623063048605400&rc=
IP 142.250.74.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/sodar?id=sodar2&v=225&li=gda_r20221101&jk=623063048605400&rc= HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 08 Nov 2022 20:01:55 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd21b731d-5fcc-42b8-ba5c-4292558c1d65.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd21b731d-5fcc-42b8-ba5c-4292558c1d65.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 37802736d42529da1237e5d89e253928
6f246d25b36dc880489f3af2ae8767a0f5f2542b
b21622ee7e858a4508096480ec3ffba824e96d469b0fcfa0f6daaabad296fd40
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd21b731d-5fcc-42b8-ba5c-4292558c1d65.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 12165
x-amzn-requestid: 7baae03c-2e22-477c-9c14-d21a26469b47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bQAvEFHdIAMF_XQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63697b2d-2edb1d9722872b1166a5b085;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 21:39:57 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 1QlljbC_YBobvvYSxTH2jH4a4kZAK8Am-k6CNxJrLIm1TY1gbfP1gg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 07 Nov 2022 22:12:03 GMT
age: 78593
etag: "6f246d25b36dc880489f3af2ae8767a0f5f2542b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221101&jk=623063048605400&bg=!w8ClwITNAAZPh4lnb4c7ACkAdvg8WnBNEG_xlv4HocSf93NRO14kn2f9pItHR7nsbjL9qfQ4wEoIhAIAAACBUgAAAAhoAQeZAoh0yJ8qT0bzeZJBfIyCCIN8TTXYQcxjgpwgIfuYf49vA1W-XbnFyeRUWkY1aWKx6GPuLcotheaCWESdkzbx0N7ggpQVj23FZ2tkxfp0pKOlOU5lIfnmmWq0q-ixIQ8uoI_hHmB1QjQ9hPb5Eh72OQ9BD-xpcU869cxHFw1-Md2OQp3xqVqA6iqYRN4M848lsyXE9va9WU0oNzvRCgKPpTQdmpZJ45MMFbAjx23PR6RbNTPPA29CKQt1kPNh4yZnIUe9NJMaSZWy5aVg0KILkZq7cIKOiCHoXOmRh5RRTE6lUUvE-6Pgw9y5G2S4cUq_3fzvUwIau50c6vWIXlrEkOj13dvYINZdoabj43X9G7WjsUZYQDdgXmvi4Xu9MoMeUAL8AriUCZFg1DHSad1jEGhasEQxO9dgdJAc05OpcG25sgaBjlZlVlwqBPVLEMzvmOjGON15f17j4EPIaIx9x-XeFh1tJV1YygL1QozYjse_4UDtOjYDJIss4Ogoetlb8GYaeF1b7CQvsQ0vksXqUigK_HcQCT-NQnqjeHITvlenm-H0BIfcAkQSpLzDrjA--Pg2MwroV2WQtUXes-8ZvuwsT61QZx6o3eexgMIHNvhCTh6EBR1cAm5ZQds4-KkL6TrG2hnfQ61HIA_MBZ3wN8I1_HdHzcH8ZVX5qrkHzapdSGuTuo8hU5PLKkd3EWurQOKEdzPqcY_k0uLA_IUPYdwdkc2Lvi7ONI089J_I1fQjlOaktYDqgYoijz8q7vxHZmNVqfvM33GnjtUSwdDH0KrUYhGuZSKtXL5I59ICTmqSfWwOHUlhzPn20v22XTMftKr9zSa67QLnCe2NZ2stZqHIYd46p8nOK0o
142.250.74.34204 No Content 0 B URL HTTP/2 pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221101&jk=623063048605400&bg=!w8ClwITNAAZPh4lnb4c7ACkAdvg8WnBNEG_xlv4HocSf93NRO14kn2f9pItHR7nsbjL9qfQ4wEoIhAIAAACBUgAAAAhoAQeZAoh0yJ8qT0bzeZJBfIyCCIN8TTXYQcxjgpwgIfuYf49vA1W-XbnFyeRUWkY1aWKx6GPuLcotheaCWESdkzbx0N7ggpQVj23FZ2tkxfp0pKOlOU5lIfnmmWq0q-ixIQ8uoI_hHmB1QjQ9hPb5Eh72OQ9BD-xpcU869cxHFw1-Md2OQp3xqVqA6iqYRN4M848lsyXE9va9WU0oNzvRCgKPpTQdmpZJ45MMFbAjx23PR6RbNTPPA29CKQt1kPNh4yZnIUe9NJMaSZWy5aVg0KILkZq7cIKOiCHoXOmRh5RRTE6lUUvE-6Pgw9y5G2S4cUq_3fzvUwIau50c6vWIXlrEkOj13dvYINZdoabj43X9G7WjsUZYQDdgXmvi4Xu9MoMeUAL8AriUCZFg1DHSad1jEGhasEQxO9dgdJAc05OpcG25sgaBjlZlVlwqBPVLEMzvmOjGON15f17j4EPIaIx9x-XeFh1tJV1YygL1QozYjse_4UDtOjYDJIss4Ogoetlb8GYaeF1b7CQvsQ0vksXqUigK_HcQCT-NQnqjeHITvlenm-H0BIfcAkQSpLzDrjA--Pg2MwroV2WQtUXes-8ZvuwsT61QZx6o3eexgMIHNvhCTh6EBR1cAm5ZQds4-KkL6TrG2hnfQ61HIA_MBZ3wN8I1_HdHzcH8ZVX5qrkHzapdSGuTuo8hU5PLKkd3EWurQOKEdzPqcY_k0uLA_IUPYdwdkc2Lvi7ONI089J_I1fQjlOaktYDqgYoijz8q7vxHZmNVqfvM33GnjtUSwdDH0KrUYhGuZSKtXL5I59ICTmqSfWwOHUlhzPn20v22XTMftKr9zSa67QLnCe2NZ2stZqHIYd46p8nOK0o
IP 142.250.74.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221101&jk=623063048605400&bg=!w8ClwITNAAZPh4lnb4c7ACkAdvg8WnBNEG_xlv4HocSf93NRO14kn2f9pItHR7nsbjL9qfQ4wEoIhAIAAACBUgAAAAhoAQeZAoh0yJ8qT0bzeZJBfIyCCIN8TTXYQcxjgpwgIfuYf49vA1W-XbnFyeRUWkY1aWKx6GPuLcotheaCWESdkzbx0N7ggpQVj23FZ2tkxfp0pKOlOU5lIfnmmWq0q-ixIQ8uoI_hHmB1QjQ9hPb5Eh72OQ9BD-xpcU869cxHFw1-Md2OQp3xqVqA6iqYRN4M848lsyXE9va9WU0oNzvRCgKPpTQdmpZJ45MMFbAjx23PR6RbNTPPA29CKQt1kPNh4yZnIUe9NJMaSZWy5aVg0KILkZq7cIKOiCHoXOmRh5RRTE6lUUvE-6Pgw9y5G2S4cUq_3fzvUwIau50c6vWIXlrEkOj13dvYINZdoabj43X9G7WjsUZYQDdgXmvi4Xu9MoMeUAL8AriUCZFg1DHSad1jEGhasEQxO9dgdJAc05OpcG25sgaBjlZlVlwqBPVLEMzvmOjGON15f17j4EPIaIx9x-XeFh1tJV1YygL1QozYjse_4UDtOjYDJIss4Ogoetlb8GYaeF1b7CQvsQ0vksXqUigK_HcQCT-NQnqjeHITvlenm-H0BIfcAkQSpLzDrjA--Pg2MwroV2WQtUXes-8ZvuwsT61QZx6o3eexgMIHNvhCTh6EBR1cAm5ZQds4-KkL6TrG2hnfQ61HIA_MBZ3wN8I1_HdHzcH8ZVX5qrkHzapdSGuTuo8hU5PLKkd3EWurQOKEdzPqcY_k0uLA_IUPYdwdkc2Lvi7ONI089J_I1fQjlOaktYDqgYoijz8q7vxHZmNVqfvM33GnjtUSwdDH0KrUYhGuZSKtXL5I59ICTmqSfWwOHUlhzPn20v22XTMftKr9zSa67QLnCe2NZ2stZqHIYd46p8nOK0o HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 08 Nov 2022 20:01:56 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
104.18.11.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.18.11.207:0
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 08 Nov 2022 20:01:48 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 722, 617
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 2021-03-10 20:26:20
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 121d365db7a9aba3915641185d93b963
cdn-cache: HIT
cf-cache-status: HIT
age: 17248515
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7670e713acdb0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:400,700
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:400,700
IP 142.250.74.10:0
GET /css?family=Roboto:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 08 Nov 2022 20:01:48 GMT
date: Tue, 08 Nov 2022 20:01:48 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
thechoicelive.com/uploads/logo/thethanks.jpg
194.163.180.153404 Not Found 0 B URL HTTP/1.1 thechoicelive.com/uploads/logo/thethanks.jpg
IP 194.163.180.153:0
Analyzer Verdict Alert quad9 Sinkholed
GET /uploads/logo/thethanks.jpg HTTP/1.1
Host: thechoicelive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thechoicelive.com/
Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; 6077f80d69618_ci_session=72175a59f68f8d4dce264ae868aa5202847bf339
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Tue, 08 Nov 2022 20:01:48 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding,User-Agent
Set-Cookie: 6077f80d69618_csrf_cookie=b2828de5a213327246079e467a340d57; expires=Tue, 08-Nov-2022 22:01:48 GMT; Max-Age=7200; path=/
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
stream-41.zeno.fm/5xnhz4kd468uv?zs=uK3uNhECSEO4Y7Vke3YYCg
149.56.14.146200 OK 0 B URL HTTP/1.1 stream-41.zeno.fm/5xnhz4kd468uv?zs=uK3uNhECSEO4Y7Vke3YYCg
IP 149.56.14.146:0
GET /5xnhz4kd468uv?zs=uK3uNhECSEO4Y7Vke3YYCg HTTP/1.1
Host: stream-41.zeno.fm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Range: bytes=0-
Connection: keep-alive
HTTP/1.1 200 OK
transfer-encoding: chunked
content-type: audio/mpeg
icy-name: The Choice LIve