www.zohaibrock.xyz/2023/12/Fortnite-Chapter-5-Season-1-FPS-Boost-Pack.html
130 kB URL www.zohaibrock.xyz/2023/12/Fortnite-Chapter-5-Season-1-FPS-Boost-Pack.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (61558)
Size 130 kB (130178 bytes)
Hash 0c479856fe3579204f9d1a7fd05475c6
08621ad896501620d95229e8b809d055e6e92dc2
8ea160611ed21dd993aa289aac4f61dcf46ae0422293dff3221dc6935861c59d
GET /2023/12/Fortnite-Chapter-5-Season-1-FPS-Boost-Pack.html HTTP/1.1
Host: www.zohaibrock.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Sun, 03 Dec 2023 20:15:29 GMT
date: Sun, 03 Dec 2023 20:15:29 GMT
cache-control: private, max-age=0
last-modified: Sun, 03 Dec 2023 19:59:59 GMT
etag: W/"ffd74398db52d70e183dfef37552b570bbfdb42a505a92a42ea6eb414d645aa6"
x-robots-tag: all,noodp
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 130178
server: GSE
X-Firefox-Spdy: h2
www.zohaibrock.xyz/js/cookienotice.js
2.0 kB URL www.zohaibrock.xyz/js/cookienotice.js
IP
Hash a705132a2174f88e196ec3610d68faa8
3bad57a48d973a678fec600d45933010f6edc659
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
GET /js/cookienotice.js HTTP/1.1
Host: www.zohaibrock.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/2023/12/Fortnite-Chapter-5-Season-1-FPS-Boost-Pack.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2026
date: Sun, 03 Dec 2023 20:15:29 GMT
expires: Sun, 10 Dec 2023 20:15:29 GMT
cache-control: public, max-age=604800
last-modified: Sun, 03 Dec 2023 19:54:19 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
X-Firefox-Spdy: h2
1.bp.blogspot.com/-ws4gyLpXM-w/X0y7QAUHTcI/AAAAAAAAAIk/Cyki215CabEQdYgjZBYn2BdHQmXTAadYACLcBGAsYHQ/w374-h94/Free-Red-Subscribe-Button-By-AlfredoCreates.png
6.6 kB URL 1.bp.blogspot.com/-ws4gyLpXM-w/X0y7QAUHTcI/AAAAAAAAAIk/Cyki215CabEQdYgjZBYn2BdHQmXTAadYACLcBGAsYHQ/w374-h94/Free-Red-Subscribe-Button-By-AlfredoCreates.png
IP
File type PNG image data, 256 x 69, 8-bit/color RGBA, non-interlaced\012- data
Hash 9dc4ec357816561504c743bd69694f0b
a8cf3576c944fdeaa47a09061be69160b6e3d426
6f17e8d9da7d9c379fde16cb5a2586212df9a042005fc19afcd52a3b6404173f
GET /-ws4gyLpXM-w/X0y7QAUHTcI/AAAAAAAAAIk/Cyki215CabEQdYgjZBYn2BdHQmXTAadYACLcBGAsYHQ/w374-h94/Free-Red-Subscribe-Button-By-AlfredoCreates.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Free-Red-Subscribe-Button-By-AlfredoCreates.png"
x-content-type-options: nosniff
server: fife
content-length: 6603
x-xss-protection: 0
date: Sun, 03 Dec 2023 19:55:09 GMT
expires: Mon, 04 Dec 2023 19:55:09 GMT
cache-control: public, max-age=86400, no-transform
age: 1220
etag: "v8a"
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-3GHVHYR6VY
86 kB URL www.googletagmanager.com/gtag/js?id=G-3GHVHYR6VY
IP
File type ASCII text, with very long lines (3034)
Hash e3af3b32486f3e9b296a57f9ac2ffb68
17b4ad182467d15428db12977582c4dcb8e29890
3d55993389963b97e083d484da5b695fbce649d0c5c0319d4f3e608858feafe3
GET /gtag/js?id=G-3GHVHYR6VY HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 03 Dec 2023 20:15:29 GMT
expires: Sun, 03 Dec 2023 20:15:29 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 85527
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-Zk7YUJuCG8Q/Xw3SwgoIQ_I/AAAAAAAAAA8/s0-Hfqx7zPA-IwYuaAW-DdriexmpeYyIACLcBGAsYHQ/w375-h94/down.png
18 kB URL 1.bp.blogspot.com/-Zk7YUJuCG8Q/Xw3SwgoIQ_I/AAAAAAAAAA8/s0-Hfqx7zPA-IwYuaAW-DdriexmpeYyIACLcBGAsYHQ/w375-h94/down.png
IP
File type PNG image data, 300 x 77, 8-bit/color RGBA, non-interlaced\012- data
Hash 164f5ca53cc47e84639652feefa5c6d6
2b2f4b343cec890156894d6e71b8269f52e4e4b5
04884e8e7b46eee88b68785445a2e93b828678daf8060dabc045ba75baf37b1c
GET /-Zk7YUJuCG8Q/Xw3SwgoIQ_I/AAAAAAAAAA8/s0-Hfqx7zPA-IwYuaAW-DdriexmpeYyIACLcBGAsYHQ/w375-h94/down.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="down.png"
x-content-type-options: nosniff
server: fife
content-length: 17769
x-xss-protection: 0
date: Sun, 03 Dec 2023 19:55:09 GMT
expires: Mon, 04 Dec 2023 19:55:09 GMT
cache-control: public, max-age=86400, no-transform
age: 1220
etag: "v10"
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-gbAZYb0kE5U/Xw3q0XeWCWI/AAAAAAAAAB0/T1vXi1_UhsMeDMUjOHugAocQqw150z6JgCLcBGAsYHQ/w256-h79/instagram-follow-button-png-1.webp
19 kB URL 1.bp.blogspot.com/-gbAZYb0kE5U/Xw3q0XeWCWI/AAAAAAAAAB0/T1vXi1_UhsMeDMUjOHugAocQqw150z6JgCLcBGAsYHQ/w256-h79/instagram-follow-button-png-1.webp
IP
File type PNG image data, 254 x 79, 8-bit/color RGBA, non-interlaced\012- data
Hash aa995d3ba1c9a40a8320dcd26c8b9be5
b67bc92f0c4e054bd2822a1b9c71bf80ed1b1dac
ba7dc82126f5bbe7612c613695006bc3147e9a572f24842fe7855fa62e315dac
GET /-gbAZYb0kE5U/Xw3q0XeWCWI/AAAAAAAAAB0/T1vXi1_UhsMeDMUjOHugAocQqw150z6JgCLcBGAsYHQ/w256-h79/instagram-follow-button-png-1.webp HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="instagram-follow-button-png-1.png"
x-content-type-options: nosniff
server: fife
content-length: 19188
x-xss-protection: 0
date: Sun, 03 Dec 2023 18:51:10 GMT
expires: Mon, 04 Dec 2023 18:51:10 GMT
cache-control: public, max-age=86400, no-transform
age: 5059
etag: "v1f"
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1.bp.blogspot.com/-BNv0onQY0TY/Xw3qkQBh8TI/AAAAAAAAABw/g2D9cEckO7w1uUw04a2Qa0VKmEMMgkPgQCLcBGAsYHQ/w256-h69/Free-Red-Subscribe-Button-By-AlfredoCreates.png
6.6 kB URL 1.bp.blogspot.com/-BNv0onQY0TY/Xw3qkQBh8TI/AAAAAAAAABw/g2D9cEckO7w1uUw04a2Qa0VKmEMMgkPgQCLcBGAsYHQ/w256-h69/Free-Red-Subscribe-Button-By-AlfredoCreates.png
IP
File type PNG image data, 256 x 69, 8-bit/color RGBA, non-interlaced\012- data
Hash 766b063c9bcb7517eba966573dad6731
92ba25ea2f4a0fc5ab45759a92d221dd581f5d78
5ded9705c51fe1227affca2763b2f0828f5e2949a55880afabef195d09cb8f53
GET /-BNv0onQY0TY/Xw3qkQBh8TI/AAAAAAAAABw/g2D9cEckO7w1uUw04a2Qa0VKmEMMgkPgQCLcBGAsYHQ/w256-h69/Free-Red-Subscribe-Button-By-AlfredoCreates.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Free-Red-Subscribe-Button-By-AlfredoCreates.png"
x-content-type-options: nosniff
server: fife
content-length: 6551
x-xss-protection: 0
date: Sun, 03 Dec 2023 18:44:50 GMT
expires: Mon, 04 Dec 2023 18:44:50 GMT
cache-control: public, max-age=86400, no-transform
age: 5439
etag: "v1e"
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-3GHVHYR6VY
86 kB URL www.googletagmanager.com/gtag/js?id=G-3GHVHYR6VY
IP
File type ASCII text, with very long lines (3034)
Hash e3af3b32486f3e9b296a57f9ac2ffb68
17b4ad182467d15428db12977582c4dcb8e29890
3d55993389963b97e083d484da5b695fbce649d0c5c0319d4f3e608858feafe3
GET /gtag/js?id=G-3GHVHYR6VY HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 03 Dec 2023 20:15:29 GMT
expires: Sun, 03 Dec 2023 20:15:29 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 85527
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.zohaibrock.xyz/feeds/posts/default/-/Fortnite?alt=json-in-script&callback=related_results_labels&max-results=6
15 kB URL www.zohaibrock.xyz/feeds/posts/default/-/Fortnite?alt=json-in-script&callback=related_results_labels&max-results=6
IP
File type Unicode text, UTF-8 text, with very long lines (65149)
Hash 0e003b31e66e42a373b38b0ec3df055a
37f5db841b30299f966d45c91e05465500ef74c9
1ae564c6bbcfd973d973ba97307aea3ac4b634f6efdd01fb0a9701957613b896
GET /feeds/posts/default/-/Fortnite?alt=json-in-script&callback=related_results_labels&max-results=6 HTTP/1.1
Host: www.zohaibrock.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/2023/12/Fortnite-Chapter-5-Season-1-FPS-Boost-Pack.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
etag: W/"409f8b71be7a806e284ae1b78663cadc078cb7ec4fc9db268814874e53ec0315"
date: Sun, 03 Dec 2023 20:15:29 GMT
content-type: text/javascript; charset=UTF-8
server: blogger-renderd
expires: Sun, 03 Dec 2023 20:15:30 GMT
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Sun, 03 Dec 2023 19:59:59 GMT
content-encoding: gzip
content-length: 14681
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
1.bp.blogspot.com/-JsSJTF8yyIo/Xw3px4PiloI/AAAAAAAAABg/LOvb3MxpDqg5fZ-tzCPLWNIcJkjGsiy4QCLcBGAsYHQ/w256-h82/unnamed%2B%25281%2529.png
7.9 kB URL 1.bp.blogspot.com/-JsSJTF8yyIo/Xw3px4PiloI/AAAAAAAAABg/LOvb3MxpDqg5fZ-tzCPLWNIcJkjGsiy4QCLcBGAsYHQ/w256-h82/unnamed%2B%25281%2529.png
IP
File type PNG image data, 256 x 82, 8-bit/color RGBA, non-interlaced\012- data
Hash 0d2bef2400c525b2f5af570434e17de0
6624f02e2b812e27ed5724ae7657013f03865cee
34c36d6633500e271fc839139230d9b39b9966d989eb055267bd2da82e57fdb8
GET /-JsSJTF8yyIo/Xw3px4PiloI/AAAAAAAAABg/LOvb3MxpDqg5fZ-tzCPLWNIcJkjGsiy4QCLcBGAsYHQ/w256-h82/unnamed%2B%25281%2529.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed (1).png"
x-content-type-options: nosniff
server: fife
content-length: 7942
x-xss-protection: 0
date: Sun, 03 Dec 2023 18:51:10 GMT
expires: Mon, 04 Dec 2023 18:51:10 GMT
cache-control: public, max-age=86400, no-transform
age: 5059
etag: "v1a"
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.blogger.com/static/v1/jsbin/4235886812-comment_from_post_iframe.js
6.8 kB URL www.blogger.com/static/v1/jsbin/4235886812-comment_from_post_iframe.js
IP
File type ASCII text, with very long lines (2165)
Hash 49aad9405434d8887646881ecda8cf64
59bfe11a22024072043b6fc2562ce01b3d4b7344
d86e5bbbff2909f2cefcd5edbbb5b224660e76913e3872dc029758206955a8c6
GET /static/v1/jsbin/4235886812-comment_from_post_iframe.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6760
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:37:44 GMT
expires: Thu, 28 Nov 2024 21:37:44 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 29 Nov 2023 17:00:16 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 340665
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
apis.google.com/js/platform.js
22 kB URL apis.google.com/js/platform.js
IP
File type ASCII text, with very long lines (2664)
Hash fd67324a3d81895bdf76b073089663b1
5abb1b0a36c645085e31830e6647faa790ad4e91
8eaa06f95fa0ac44c2c186f200874f2f3ebc3aaa92412f0d0c096f517d3581d1
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-length: 21930
date: Sun, 03 Dec 2023 20:15:30 GMT
expires: Sun, 03 Dec 2023 20:15:30 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "bccfddc1dce4fb76"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
set-cookie: NID=511=oUQnySMg34wV20R-qFbp8HDOl__rbNUrcnwP-N-tanmGcYkgh0c5OTbSXk0CuRgQj5MI4QbKy6YjxLWSG-ENaTMK7EpP9qo86Wz3xrsCe9jr1OO3eDM3jc9hy5LBvKcSRg-FOfOFauozBOuwnq_4eJ1WRymkTA44FVdArmd47jI; expires=Mon, 03-Jun-2024 20:15:30 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/325989852-widgets.js
59 kB URL www.blogger.com/static/v1/widgets/325989852-widgets.js
IP
File type ASCII text, with very long lines (2258)
Hash 2aaaea7286ee481cbc12cfd76e10c0cf
6e8576cb84ac125faa0bc0a5fe5508166cc4eed8
4bfa00cdbc7a40f5dad3dfc3a21dada224e61e358e78d7b262bab098bccbc580
GET /static/v1/widgets/325989852-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 59316
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 14:08:07 GMT
expires: Fri, 29 Nov 2024 14:08:07 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 29 Nov 2023 05:57:17 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 281243
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.zohaibrock.xyz/feeds/posts/default/-/Fortnite%20Chapter%205%20Season%201?alt=json-in-script&callback=related_results_labels&max-results=6
13 kB URL www.zohaibrock.xyz/feeds/posts/default/-/Fortnite%20Chapter%205%20Season%201?alt=json-in-script&callback=related_results_labels&max-results=6
IP
File type Unicode text, UTF-8 text, with very long lines (65149)
Hash 3fe9c134d516b8b5c445febadb115b48
35cb702513e02bff45e99d11624af142d5bb31f6
fa53d9f9298477be123a790843da634475ff3772da0ad0487988a599e80e69a7
GET /feeds/posts/default/-/Fortnite%20Chapter%205%20Season%201?alt=json-in-script&callback=related_results_labels&max-results=6 HTTP/1.1
Host: www.zohaibrock.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/2023/12/Fortnite-Chapter-5-Season-1-FPS-Boost-Pack.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
etag: W/"6feb011b6cd119d7ab83896f1e2c702beee93952f5374170ad0e083687e9a7e0"
date: Sun, 03 Dec 2023 20:15:30 GMT
content-type: text/javascript; charset=UTF-8
server: blogger-renderd
expires: Sun, 03 Dec 2023 20:15:31 GMT
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Sun, 03 Dec 2023 19:59:59 GMT
content-encoding: gzip
content-length: 13040
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
www.zohaibrock.xyz/feeds/posts/default/-/FPS%20Boost?alt=json-in-script&callback=related_results_labels&max-results=6
15 kB URL www.zohaibrock.xyz/feeds/posts/default/-/FPS%20Boost?alt=json-in-script&callback=related_results_labels&max-results=6
IP
File type Unicode text, UTF-8 text, with very long lines (65133)
Hash 040a38607da70a9cb06dd531f10a3aa1
2dc845445d58dc2a9002354109cc218ac462bdd8
27bde357713fea7496bb31dc4b25ea1e52be3fd80c603674977ddbcdf027be82
GET /feeds/posts/default/-/FPS%20Boost?alt=json-in-script&callback=related_results_labels&max-results=6 HTTP/1.1
Host: www.zohaibrock.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/2023/12/Fortnite-Chapter-5-Season-1-FPS-Boost-Pack.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
etag: W/"2e05549d3012ae4d0a7dee5026879f9dbcecbd4af7697e5c0dc0839528d574fa"
date: Sun, 03 Dec 2023 20:15:30 GMT
content-type: text/javascript; charset=UTF-8
server: blogger-renderd
expires: Sun, 03 Dec 2023 20:15:31 GMT
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Sun, 03 Dec 2023 19:59:59 GMT
content-encoding: gzip
content-length: 14833
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
www.zohaibrock.xyz/feeds/posts/default/-/Fortnite%20Chapter%205?alt=json-in-script&callback=related_results_labels&max-results=6
13 kB URL www.zohaibrock.xyz/feeds/posts/default/-/Fortnite%20Chapter%205?alt=json-in-script&callback=related_results_labels&max-results=6
IP
File type Unicode text, UTF-8 text, with very long lines (65149)
Hash 5fe136158cab0804e25f51084208cd2d
ee1a5c94ca742c9f122fa681d2f3b52b0ffd5850
f6f3fc58f96856ced57e4dcb1861f5bd8f9fea0ccc1a49a9a376487c7a8cda79
GET /feeds/posts/default/-/Fortnite%20Chapter%205?alt=json-in-script&callback=related_results_labels&max-results=6 HTTP/1.1
Host: www.zohaibrock.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/2023/12/Fortnite-Chapter-5-Season-1-FPS-Boost-Pack.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
etag: W/"0a199c33fbe8ac460ddea28c2a8b3df1c1c0b2baeb193fb2a619ad6f99b4c3b0"
date: Sun, 03 Dec 2023 20:15:30 GMT
content-type: text/javascript; charset=UTF-8
server: blogger-renderd
expires: Sun, 03 Dec 2023 20:15:31 GMT
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Sun, 03 Dec 2023 19:59:59 GMT
content-encoding: gzip
content-length: 13027
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
citizenhid.com/9c4b33f8748b968ccd3bf6fef41e5bfc/invoke.js
9.3 kB URL citizenhid.com/9c4b33f8748b968ccd3bf6fef41e5bfc/invoke.js
IP
ASN #39572 DataWeb Global Group B.V.
File type Unicode text, UTF-8 text, with very long lines (25119), with no line terminators
Hash 1647cdb25f292c217d4de96801364680
ba20e32c9521bcbc0b9cddda0fd55403ea5db002
2252c008cd3676df1decf156faa80d3de98704adadd6b09b76623cfa603d56fb
GET /9c4b33f8748b968ccd3bf6fef41e5bfc/invoke.js HTTP/1.1
Host: citizenhid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 03 Dec 2023 20:15:30 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fce387ac24db486b6149b667e2ac317c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
citizenhid.com/61380c1b9b6e770bd53bda0f357b2043/invoke.js
11 kB URL citizenhid.com/61380c1b9b6e770bd53bda0f357b2043/invoke.js
IP
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (29662), with no line terminators
Hash 2f4948a50e2f139858fcd6df5d56948a
df44d1471420d045cb400c21cf09ea988044be87
77d040207e66422f7f331f838864f7e6fa8fb842e9e588c76dd7197aebf2082c
GET /61380c1b9b6e770bd53bda0f357b2043/invoke.js HTTP/1.1
Host: citizenhid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 03 Dec 2023 20:15:30 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 35b8c6eff52c7093998a307da204b449
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.r2m03.amazontrust.com/
471 B URL ocsp.r2m03.amazontrust.com/
IP
Hash ebc0f19a7067085e95ff0e35ee441f4d
23c3d68afd4c1c6cdecce9007aa3bddc793bc52d
6a07099ef655ed036e4a865236f8a6e5549e9a468e207691923634fc51c3186d
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sun, 03 Dec 2023 20:15:30 GMT
Last-Modified: Sun, 03 Dec 2023 18:29:48 GMT
Server: ECAcc (ska/F6BD)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 6N2HG1YjfF8GVIqlIj2SAAa8BzjB1U4WOX6AU9z7Z_cmk1PjdMXz2w==
Age: 6342
proftrafficcounter.com/stats
40 B URL proftrafficcounter.com/stats
IP
File type ASCII text, with no line terminators
Hash 1326c07a7d385e93965f1a61a40af2af
2bffe3b84073b02f6ae6d39138aef24d6f9995de
e0476b6aec19770d9171432bc970dbbab0373930233592045cb08d734d01c814
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.zohaibrock.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 03 Dec 2023 20:15:30 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.zohaibrock.xyz
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=fd2eb995-dadb-4256-b070-032f5a63141f:1:1; expires=Wed, 30 Nov 2033 20:15:30 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
4.bp.blogspot.com/-zxnrT9a3Ofw/XmRFpRDiP0I/AAAAAAAAG3M/tXY-lGS4Z1ktmizov2u8wR2hGrKRAgPpwCLcBGAsYHQ/s1600/loader_light.gif
5.3 kB URL 4.bp.blogspot.com/-zxnrT9a3Ofw/XmRFpRDiP0I/AAAAAAAAG3M/tXY-lGS4Z1ktmizov2u8wR2hGrKRAgPpwCLcBGAsYHQ/s1600/loader_light.gif
IP
File type GIF image data, version 89a, 40 x 40\012- data
Hash 8fe366451f18a417d083ddfd9f5f7e2c
041c1e16013a5d8bcba78f059a358e99a8eb8b54
206c3d36392ab3f56b238f9cd3f0dd19f2b63e6f5d78255a7a82f13714b58994
GET /-zxnrT9a3Ofw/XmRFpRDiP0I/AAAAAAAAG3M/tXY-lGS4Z1ktmizov2u8wR2hGrKRAgPpwCLcBGAsYHQ/s1600/loader_light.gif HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="loader_light.gif"
x-content-type-options: nosniff
server: fife
content-length: 5316
x-xss-protection: 0
date: Sun, 03 Dec 2023 20:14:41 GMT
expires: Mon, 04 Dec 2023 20:14:41 GMT
cache-control: public, max-age=86400, no-transform
age: 49
etag: "v1b75"
content-type: image/gif
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.youtube.com/s/player/31e0b6d9/www-player.css
49 kB URL www.youtube.com/s/player/31e0b6d9/www-player.css
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 18f844aa571ef66c0f165fe56a2f0821
849c61720b741db03f689c461e8e4eedd3c4ce21
436743ad0889ad9399a1f33edb65d8bf1c71cfbce1b0fce549769e7705c9ceec
GET /s/player/31e0b6d9/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/3KP87pdG7t0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 48920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 12:53:39 GMT
expires: Fri, 29 Nov 2024 12:53:39 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 30 Nov 2023 03:10:29 GMT
content-type: text/css
vary: Accept-Encoding, Origin
age: 285711
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.youtube.com/s/player/31e0b6d9/player_ias.vflset/en_US/embed.js
16 kB URL www.youtube.com/s/player/31e0b6d9/player_ias.vflset/en_US/embed.js
IP
File type ASCII text, with very long lines (3391)
Hash 4b993df6aaec92ba17cc4d526ad2e4bd
a0b696788d5d621280e4f642b4c66875d40870cb
f21a803f0b7f63109cd608bfbe9769a3dc2e2a17c8e885826529d3981d15d313
GET /s/player/31e0b6d9/player_ias.vflset/en_US/embed.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/3KP87pdG7t0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 16506
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:32:15 GMT
expires: Fri, 29 Nov 2024 04:32:15 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 30 Nov 2023 03:10:29 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 315796
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.youtube.com/s/player/31e0b6d9/www-embed-player.vflset/www-embed-player.js
98 kB URL www.youtube.com/s/player/31e0b6d9/www-embed-player.vflset/www-embed-player.js
IP
File type ASCII text, with very long lines (682)
Hash 24cd2bdc1dd00086a1efbc664060bb49
064027f89f2e8f22be774e7468f7ae4ab79efcbc
4d453a47ad0d1b30a7292b6f712d8645db141ed6adea69b8e7d802f8022365fd
GET /s/player/31e0b6d9/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/3KP87pdG7t0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 98499
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:32:12 GMT
expires: Fri, 29 Nov 2024 04:32:12 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 30 Nov 2023 03:10:29 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 315799
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
citizenhid.com/67fabe4394723042780ecd8e7e085505/invoke.js
11 kB URL citizenhid.com/67fabe4394723042780ecd8e7e085505/invoke.js
IP
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (29668), with no line terminators
Hash 7709f13c013aa640e2c2ff90ba78b38a
18131b9a0d6b788020fd133f84a15114e7914cdf
2c61fb9fb9bf36ea75f22568f953c7a381d0cf56e6ab31a6a85cf95c2d603db1
GET /67fabe4394723042780ecd8e7e085505/invoke.js HTTP/1.1
Host: citizenhid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 03 Dec 2023 20:15:30 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 118e01385ade72c4631ac1c07db182c2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
15 kB URL fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 10:04:07 GMT
expires: Fri, 29 Nov 2024 10:04:07 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 295884
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/s/player/31e0b6d9/player_ias.vflset/en_US/base.js
784 kB URL www.youtube.com/s/player/31e0b6d9/player_ias.vflset/en_US/base.js
IP
File type ASCII text, with very long lines (555)
Size 784 kB (784263 bytes)
Hash 101fe6d09a2a65ba52bbafa55f73d316
46b1b5f64db74e841d0f606543980dea804707d8
ddc70bebc8a0e4ae5b13a5f8409693a3e88aa4b4415a75f632f11d0f0c423457
GET /s/player/31e0b6d9/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/3KP87pdG7t0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-encoding: gzip
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 784263
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:32:15 GMT
expires: Fri, 29 Nov 2024 04:32:15 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 30 Nov 2023 03:10:29 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 315796
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
16 kB URL fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 11:28:20 GMT
expires: Fri, 29 Nov 2024 11:28:20 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 290831
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
citizenhid.com/4e73aa94115fd83602d8c483acd0b269/invoke.js
11 kB URL citizenhid.com/4e73aa94115fd83602d8c483acd0b269/invoke.js
IP
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (29668), with no line terminators
Hash 83e57958f5a61188d07f37295148c9c2
e9bd6c9b93e755b94467824e9500afa76252e0b7
53b059dbbc1bb55ef8373e54c974ec0ac58a18983bcb73743a9a5fa9dd95df52
GET /4e73aa94115fd83602d8c483acd0b269/invoke.js HTTP/1.1
Host: citizenhid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 03 Dec 2023 20:15:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ae52e22a85e27618a22caf487ac9c142
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.blogger.com/comment/frame/7241427367126224252?po=8104253571656377018&hl=en&skin=contempo&blogspotRpcToken=8521118
84 kB URL www.blogger.com/comment/frame/7241427367126224252?po=8104253571656377018&hl=en&skin=contempo&blogspotRpcToken=8521118
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (33857)
Hash 1718d194915a50e49b270d29e6873153
e1620af35069348b035cb4642bb6c5ecca3ed643
33d63c7384cc98fd64d82f12e10c6df3cc3569057d22ea301e67cd41bba6442d
GET /comment/frame/7241427367126224252?po=8104253571656377018&hl=en&skin=contempo&blogspotRpcToken=8521118 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 03 Dec 2023 20:15:30 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: same-site
content-security-policy: script-src 'nonce-lK7O0-elSBFaFkugzip8vg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/BloggerCommentUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=jVvlk0dCOB1kY4rahfTxUQzbFNeW71drNWrsDUqtbzwyYYx5C0hKK7QDCHpe7WA0lhloshwNIlQuY1Uvla7mjOJBeb4tt9BHV9_8HQYJthVkRR7OjtmhxLe7k1Z9bhwB_eketDiVB4vilQmHFi-6YUS6x09tN89Bt_0W8ctgYt0; expires=Mon, 03-Jun-2024 20:15:30 GMT; path=/; domain=.blogger.com; Secure; HttpOnly
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.p3UiCj65kJc.es5.O/ck=boq-blogger.BloggerCommentUi.D4K7pZnhZrg.L.F4.O/am=QBikBg/d=1/exm=_b,_tp/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP3X42i0kXRgVKl3800X8GWZ-Korng/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:duFQFc/m=ws9Tlc,n73qwf,UUJqVe,IZT63,e5qFLc,vfuNJf,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,WO9ee,eD1YLc,gZjhIf,O6y8ed,MpJwZc,PrPYRd,LEikZe,NwH0H,OmgaI,lazG7b,XVMNvd,L1AAkb,KUM7Z,Mlhmy,duFQFc,hc6Ubd,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,SpsfSb,EFQ78c,Ulmmrd,ZfAoz,mdR7q,wmnU7d,xQtZb,Z5uLle,JNoxi,kWgXee,MI6k7c,kjKdXe,BVgquf,ovKuLd,hKSk3e,MdUzUe,yDVVkb,zbML3c,KG2eXe,zr1jrb,VwDzFe,Uas9Hd,A7fCU,pjICDe
103 kB URL www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.p3UiCj65kJc.es5.O/ck=boq-blogger.BloggerCommentUi.D4K7pZnhZrg.L.F4.O/am=QBikBg/d=1/exm=_b,_tp/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP3X42i0kXRgVKl3800X8GWZ-Korng/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:duFQFc/m=ws9Tlc,n73qwf,UUJqVe,IZT63,e5qFLc,vfuNJf,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,WO9ee,eD1YLc,gZjhIf,O6y8ed,MpJwZc,PrPYRd,LEikZe,NwH0H,OmgaI,lazG7b,XVMNvd,L1AAkb,KUM7Z,Mlhmy,duFQFc,hc6Ubd,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,SpsfSb,EFQ78c,Ulmmrd,ZfAoz,mdR7q,wmnU7d,xQtZb,Z5uLle,JNoxi,kWgXee,MI6k7c,kjKdXe,BVgquf,ovKuLd,hKSk3e,MdUzUe,yDVVkb,zbML3c,KG2eXe,zr1jrb,VwDzFe,Uas9Hd,A7fCU,pjICDe
IP
File type ASCII text, with very long lines (9718)
Size 103 kB (103094 bytes)
Hash c1680c93b2eed3501a31b732f9735839
7f61c3d77cfcf65f34eda75288f840ed71e1130c
8d18d51a5b36314341ecb3723d3dc453504521f93c2a715409d4d67974c0731c
GET /_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.p3UiCj65kJc.es5.O/ck=boq-blogger.BloggerCommentUi.D4K7pZnhZrg.L.F4.O/am=QBikBg/d=1/exm=_b,_tp/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP3X42i0kXRgVKl3800X8GWZ-Korng/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:duFQFc/m=ws9Tlc,n73qwf,UUJqVe,IZT63,e5qFLc,vfuNJf,O1Gjze,byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,fKUV3e,aurFic,U0aPgd,ZwDk9d,V3dDOb,mI3LFb,WO9ee,eD1YLc,gZjhIf,O6y8ed,MpJwZc,PrPYRd,LEikZe,NwH0H,OmgaI,lazG7b,XVMNvd,L1AAkb,KUM7Z,Mlhmy,duFQFc,hc6Ubd,lwddkf,gychg,w9hDv,EEDORb,RMhBfe,SdcwHb,aW3pY,SpsfSb,EFQ78c,Ulmmrd,ZfAoz,mdR7q,wmnU7d,xQtZb,Z5uLle,JNoxi,kWgXee,MI6k7c,kjKdXe,BVgquf,ovKuLd,hKSk3e,MdUzUe,yDVVkb,zbML3c,KG2eXe,zr1jrb,VwDzFe,Uas9Hd,A7fCU,pjICDe HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-length: 103094
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 03:35:02 GMT
expires: Thu, 28 Nov 2024 03:35:02 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Mon, 27 Nov 2023 09:08:07 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 405629
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.p3UiCj65kJc.es5.O/ck=boq-blogger.BloggerCommentUi.D4K7pZnhZrg.L.F4.O/am=QBikBg/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,WO9ee,XVMNvd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,duFQFc,e5qFLc,eD1YLc,fKUV3e,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP3X42i0kXRgVKl3800X8GWZ-Korng/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:duFQFc/m=VXdfxd,fgib1c,YwHGTd,pxq3x
27 kB URL www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.p3UiCj65kJc.es5.O/ck=boq-blogger.BloggerCommentUi.D4K7pZnhZrg.L.F4.O/am=QBikBg/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,WO9ee,XVMNvd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,duFQFc,e5qFLc,eD1YLc,fKUV3e,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP3X42i0kXRgVKl3800X8GWZ-Korng/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:duFQFc/m=VXdfxd,fgib1c,YwHGTd,pxq3x
IP
File type ASCII text, with very long lines (1127)
Hash 50305d46303410231aa0f389b3a53bc7
eb6a191dd4797a6686b392b2c7291cfe1c52bdd7
65699f3a7fad0f15c5b2e39488bafe44bc30f4ce1ed2c420c48f66d3bfdb03e6
GET /_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.p3UiCj65kJc.es5.O/ck=boq-blogger.BloggerCommentUi.D4K7pZnhZrg.L.F4.O/am=QBikBg/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VwDzFe,WO9ee,XVMNvd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,duFQFc,e5qFLc,eD1YLc,fKUV3e,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP3X42i0kXRgVKl3800X8GWZ-Korng/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:duFQFc/m=VXdfxd,fgib1c,YwHGTd,pxq3x HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-length: 26872
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 13:47:11 GMT
expires: Thu, 28 Nov 2024 13:47:11 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Mon, 27 Nov 2023 09:08:07 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 368900
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
mondaydeliciousrevulsion.com/watch.1579854878662.js?key=61380c1b9b6e770bd53bda0f357b2043&kw=%5B%22best%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22settings%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22fps%22%2C%22boost%22%2C%22guide%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FFortnite-Chapter-5-Season-1-FPS-Boost-Pack.html&tz=0&dev=e&res=14.3095&uuid=fd2eb995-dadb-4256-b070-032f5a63141f%3A1%3A1
0 B URL mondaydeliciousrevulsion.com/watch.1579854878662.js?key=61380c1b9b6e770bd53bda0f357b2043&kw=%5B%22best%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22settings%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22fps%22%2C%22boost%22%2C%22guide%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FFortnite-Chapter-5-Season-1-FPS-Boost-Pack.html&tz=0&dev=e&res=14.3095&uuid=fd2eb995-dadb-4256-b070-032f5a63141f%3A1%3A1
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.1579854878662.js?key=61380c1b9b6e770bd53bda0f357b2043&kw=%5B%22best%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22settings%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22fps%22%2C%22boost%22%2C%22guide%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FFortnite-Chapter-5-Season-1-FPS-Boost-Pack.html&tz=0&dev=e&res=14.3095&uuid=fd2eb995-dadb-4256-b070-032f5a63141f%3A1%3A1 HTTP/1.1
Host: mondaydeliciousrevulsion.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.zohaibrock.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 20:15:31 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.zohaibrock.xyz
Access-Control-Allow-Origin: https://www.zohaibrock.xyz
Access-Control-Allow-Credentials: true
Location: https://mondaydeliciousrevulsion.com/watch.1579854878662.js?key=61380c1b9b6e770bd53bda0f357b2043&kw=%5B%22best%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22settings%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22fps%22%2C%22boost%22%2C%22guide%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FFortnite-Chapter-5-Season-1-FPS-Boost-Pack.html&tz=0&dev=e&res=14.3095&uuid=fd2eb995-dadb-4256-b070-032f5a63141f%3A1%3A1&shu=ab7198b850e72d605f2894aa9a59625c015e1844ff78d52c371c411fcfdf406840f3be22be1b9bcce55571941a1403afa3e4a13e22e0767066ddffc701ef8204e4eb3a1021903cba6b237870bee69c5a0b3cb8910371b080398d808e94823f&pst=1701634591&rmtc=t
Set-Cookie: u_pl=17433649; expires=Mon, 04 Dec 2023 20:15:31 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzQzMzY0OSwiayI6IjYxMzgwYzFiOWI2ZTc3MGJkNTNiZGEwZjM1N2IyMDQzIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTExMjY3LCJwaWQiOjQ5NzQ5NSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyMywicHQiOjQsInBrIjoidmVoZndlNXd4IiwiY3BrcyI6eyIyOCI6IjY3MjBiOGRlMTNkNjU3YzE1ODZkZDRhY2M0NDQyMTk4In0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy56b2hhaWJyb2NrLnh5ei8yMDIzLzEyL0ZvcnRuaXRlLUNoYXB0ZXItNS1TZWFzb24tMS1GUFMtQm9vc3QtUGFjay5odG1sIiwiYXIiOltdfX0.ktHp8fssa9_wJNRPFbUR099n_sxb0SiCF0nOAauPsrA; expires=Sun, 03 Dec 2023 20:16:31 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7787616cbe4f4aa56cfb6a49d14ccf2b
Strict-Transport-Security: max-age=0; includeSubdomains
citizenhid.com/26b16bcbe062b96020cea73b7d3a66c9/invoke.js
11 kB URL citizenhid.com/26b16bcbe062b96020cea73b7d3a66c9/invoke.js
IP
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (29622), with no line terminators
Hash 1bbbb1ff00929c13da3b2f7b15f24173
d35f5de71c24b462d0187bb0ad80b1c7525584fa
d768029bb71859be557f16beaceaaf85f5123793b0545e3c6b39d1fa2745e2e5
GET /26b16bcbe062b96020cea73b7d3a66c9/invoke.js HTTP/1.1
Host: citizenhid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 03 Dec 2023 20:15:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b1aeaed1ac639faa32056973ee2bc070
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.p3UiCj65kJc.es5.O/ck=boq-blogger.BloggerCommentUi.D4K7pZnhZrg.L.F4.O/am=QBikBg/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,duFQFc,e5qFLc,eD1YLc,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP3X42i0kXRgVKl3800X8GWZ-Korng/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:duFQFc/m=RqjULd
6.3 kB URL www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.p3UiCj65kJc.es5.O/ck=boq-blogger.BloggerCommentUi.D4K7pZnhZrg.L.F4.O/am=QBikBg/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,duFQFc,e5qFLc,eD1YLc,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP3X42i0kXRgVKl3800X8GWZ-Korng/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:duFQFc/m=RqjULd
IP
File type ASCII text, with very long lines (2956)
Hash d36550f52046f5f522d24bb62256a75a
324ce3cdb0f6376451143ca5367510bb23ac513f
9128e43bbac13b006c8afadeb5c96d1aa9c5b534e0eb196c1a65a8da28108e45
GET /_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.p3UiCj65kJc.es5.O/ck=boq-blogger.BloggerCommentUi.D4K7pZnhZrg.L.F4.O/am=QBikBg/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,duFQFc,e5qFLc,eD1YLc,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP3X42i0kXRgVKl3800X8GWZ-Korng/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:duFQFc/m=RqjULd HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-length: 6322
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 11:35:54 GMT
expires: Fri, 29 Nov 2024 11:35:54 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Mon, 27 Nov 2023 09:08:07 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 290377
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.p3UiCj65kJc.es5.O/ck=boq-blogger.BloggerCommentUi.D4K7pZnhZrg.L.F4.O/am=QBikBg/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,RqjULd,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,duFQFc,e5qFLc,eD1YLc,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP3X42i0kXRgVKl3800X8GWZ-Korng/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:duFQFc/m=bm51tf
673 B URL www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.p3UiCj65kJc.es5.O/ck=boq-blogger.BloggerCommentUi.D4K7pZnhZrg.L.F4.O/am=QBikBg/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,RqjULd,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,duFQFc,e5qFLc,eD1YLc,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP3X42i0kXRgVKl3800X8GWZ-Korng/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:duFQFc/m=bm51tf
IP
File type ASCII text, with very long lines (736)
Hash dc2e6550cf97daa047667c65d56ca775
44cbaa1c24b3d5f9fe4ddfd6813ed855c19909b0
c2f9f2a9107ab92a4c2086a62c831fecdb6934f456e608d81c4bfd5df8344168
GET /_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.p3UiCj65kJc.es5.O/ck=boq-blogger.BloggerCommentUi.D4K7pZnhZrg.L.F4.O/am=QBikBg/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,RqjULd,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,byfTOb,duFQFc,e5qFLc,eD1YLc,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP3X42i0kXRgVKl3800X8GWZ-Korng/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:duFQFc/m=bm51tf HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-length: 673
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 12:59:25 GMT
expires: Thu, 28 Nov 2024 12:59:25 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Mon, 27 Nov 2023 09:08:07 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 371766
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
mondaydeliciousrevulsion.com/67/20/b8/6720b8de13d657c1586dd4acc4442198.js
23 kB URL mondaydeliciousrevulsion.com/67/20/b8/6720b8de13d657c1586dd4acc4442198.js
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (59751), with no line terminators
Hash 371a0a408c9fb826b0f2adf8732a6567
46d0aa896c9884f872c5dc964f262abe5477a28c
9f9f6eb6eed4f49efa622907ab77e0a6401a734111e185ff3d84b0f4a5234129
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /67/20/b8/6720b8de13d657c1586dd4acc4442198.js HTTP/1.1
Host: mondaydeliciousrevulsion.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 20:15:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: eac3811f5a76c2dd0c89e9c17a513fda
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
mondaydeliciousrevulsion.com/watch.1579854878662.js?key=61380c1b9b6e770bd53bda0f357b2043&kw=%5B%22best%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22settings%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22fps%22%2C%22boost%22%2C%22guide%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FFortnite-Chapter-5-Season-1-FPS-Boost-Pack.html&tz=0&dev=e&res=14.3095&uuid=fd2eb995-dadb-4256-b070-032f5a63141f%3A1%3A1&shu=ab7198b850e72d605f2894aa9a59625c015e1844ff78d52c371c411fcfdf406840f3be22be1b9bcce55571941a1403afa3e4a13e22e0767066ddffc701ef8204e4eb3a1021903cba6b237870bee69c5a0b3cb8910371b080398d808e94823f&pst=1701634591&rmtc=t
2.1 kB URL mondaydeliciousrevulsion.com/watch.1579854878662.js?key=61380c1b9b6e770bd53bda0f357b2043&kw=%5B%22best%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22settings%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22fps%22%2C%22boost%22%2C%22guide%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FFortnite-Chapter-5-Season-1-FPS-Boost-Pack.html&tz=0&dev=e&res=14.3095&uuid=fd2eb995-dadb-4256-b070-032f5a63141f%3A1%3A1&shu=ab7198b850e72d605f2894aa9a59625c015e1844ff78d52c371c411fcfdf406840f3be22be1b9bcce55571941a1403afa3e4a13e22e0767066ddffc701ef8204e4eb3a1021903cba6b237870bee69c5a0b3cb8910371b080398d808e94823f&pst=1701634591&rmtc=t
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (2583)
Hash f71023b93c7374e5ff93380ff470d9f9
3e1e05bf2443060ea213fa1f554f685a0ea99912
d3d96cdac25dee37714fa6fb423167b0b16a6a4aae8a289b14d9ddfaa86c4a22
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.1579854878662.js?key=61380c1b9b6e770bd53bda0f357b2043&kw=%5B%22best%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22settings%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22fps%22%2C%22boost%22%2C%22guide%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FFortnite-Chapter-5-Season-1-FPS-Boost-Pack.html&tz=0&dev=e&res=14.3095&uuid=fd2eb995-dadb-4256-b070-032f5a63141f%3A1%3A1&shu=ab7198b850e72d605f2894aa9a59625c015e1844ff78d52c371c411fcfdf406840f3be22be1b9bcce55571941a1403afa3e4a13e22e0767066ddffc701ef8204e4eb3a1021903cba6b237870bee69c5a0b3cb8910371b080398d808e94823f&pst=1701634591&rmtc=t HTTP/1.1
Host: mondaydeliciousrevulsion.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.zohaibrock.xyz
Referer: https://www.zohaibrock.xyz/
DNT: 1
Connection: keep-alive
Cookie: u_pl=17433649; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzQzMzY0OSwiayI6IjYxMzgwYzFiOWI2ZTc3MGJkNTNiZGEwZjM1N2IyMDQzIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTExMjY3LCJwaWQiOjQ5NzQ5NSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyMywicHQiOjQsInBrIjoidmVoZndlNXd4IiwiY3BrcyI6eyIyOCI6IjY3MjBiOGRlMTNkNjU3YzE1ODZkZDRhY2M0NDQyMTk4In0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy56b2hhaWJyb2NrLnh5ei8yMDIzLzEyL0ZvcnRuaXRlLUNoYXB0ZXItNS1TZWFzb24tMS1GUFMtQm9vc3QtUGFjay5odG1sIiwiYXIiOltdfX0.ktHp8fssa9_wJNRPFbUR099n_sxb0SiCF0nOAauPsrA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 20:15:31 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.zohaibrock.xyz
Access-Control-Allow-Origin: https://www.zohaibrock.xyz
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=fd2eb995-dadb-4256-b070-032f5a63141f:1:1; expires=Sun, 10 Dec 2023 20:15:31 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 04 Dec 2023 20:15:31 GMT; secure; SameSite=None
uncs=1; expires=Mon, 04 Dec 2023 20:15:31 GMT; secure; SameSite=None
pdhtkv23=true; expires=Mon, 04 Dec 2023 20:15:31 GMT; secure; SameSite=None
uncs23=1; expires=Mon, 04 Dec 2023 20:15:31 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7b23c63f749c39a2f626d6e5d07484f5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
citizenhid.com/c23427b20a346ded2d6bc6fd35076f0d/invoke.js
11 kB URL citizenhid.com/c23427b20a346ded2d6bc6fd35076f0d/invoke.js
IP
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (29631), with no line terminators
Hash ecc1ea4c226b0ee4ef62b1dd1bce24a8
4cd0d7749a5e231996a5937f3d9676c4f5e1e884
9fca7482e4f2587f944e87b2406446ecb5b433af62c8ed7164e770b1e7c3dce0
GET /c23427b20a346ded2d6bc6fd35076f0d/invoke.js HTTP/1.1
Host: citizenhid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 03 Dec 2023 20:15:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1180d3ab5db50670e1056378171ee359
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
wrappeddimensionimpression.com/watch.636456647471.js?key=67fabe4394723042780ecd8e7e085505&kw=%5B%22best%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22settings%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22fps%22%2C%22boost%22%2C%22guide%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FFortnite-Chapter-5-Season-1-FPS-Boost-Pack.html&tz=0&dev=e&res=14.3095&uuid=fd2eb995-dadb-4256-b070-032f5a63141f%3A1%3A1
0 B URL wrappeddimensionimpression.com/watch.636456647471.js?key=67fabe4394723042780ecd8e7e085505&kw=%5B%22best%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22settings%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22fps%22%2C%22boost%22%2C%22guide%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FFortnite-Chapter-5-Season-1-FPS-Boost-Pack.html&tz=0&dev=e&res=14.3095&uuid=fd2eb995-dadb-4256-b070-032f5a63141f%3A1%3A1
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.636456647471.js?key=67fabe4394723042780ecd8e7e085505&kw=%5B%22best%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22settings%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22fps%22%2C%22boost%22%2C%22guide%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FFortnite-Chapter-5-Season-1-FPS-Boost-Pack.html&tz=0&dev=e&res=14.3095&uuid=fd2eb995-dadb-4256-b070-032f5a63141f%3A1%3A1 HTTP/1.1
Host: wrappeddimensionimpression.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.zohaibrock.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sun, 03 Dec 2023 20:15:31 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.zohaibrock.xyz
Access-Control-Allow-Origin: https://www.zohaibrock.xyz
Access-Control-Allow-Credentials: true
Location: https://wrappeddimensionimpression.com/watch.636456647471.js?key=67fabe4394723042780ecd8e7e085505&kw=%5B%22best%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22settings%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22fps%22%2C%22boost%22%2C%22guide%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FFortnite-Chapter-5-Season-1-FPS-Boost-Pack.html&tz=0&dev=e&res=14.3095&uuid=fd2eb995-dadb-4256-b070-032f5a63141f%3A1%3A1&shu=7c8371fff87c2285b439c2096dca96751ddfa41be8e94a9ff433f55c3643a86f156b1694a229219203822a30071d15e614ff7620516e92751b5142c1b4ea837d83b923bd1fab895d1df53ed4956c4395fdd17176a59b2db41a86b44f4031fa&pst=1701634591&rmtc=t
Set-Cookie: u_pl=17433673; expires=Mon, 04 Dec 2023 20:15:31 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzQzMzY3MywiayI6IjY3ZmFiZTQzOTQ3MjMwNDI3ODBlY2Q4ZTdlMDg1NTA1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTExMjY3LCJwaWQiOjQ5NzQ5NSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjozMiwicHQiOjQsInBrIjoiYnhuNXp0M3FzIiwiY3BrcyI6eyIyOSI6ImMyMWI2ZmQwZWQxZjc5MWU3ZDY0NTdhZTg3NWE5OTQ3In0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy56b2hhaWJyb2NrLnh5ei8yMDIzLzEyL0ZvcnRuaXRlLUNoYXB0ZXItNS1TZWFzb24tMS1GUFMtQm9vc3QtUGFjay5odG1sIiwiYXIiOltdfX0.UCEdPIrleiuUAm-Vccvc1CU8Pv-gZX-mtwFrNQiUF0s; expires=Sun, 03 Dec 2023 20:16:31 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5f723f8636840c5726bb59e36d4589e8
Strict-Transport-Security: max-age=0; includeSubdomains
zodiacranbehalf.com/88/fa/44/88fa44dc38fe3eca81e1a2297cea9fd8.js
23 kB URL zodiacranbehalf.com/88/fa/44/88fa44dc38fe3eca81e1a2297cea9fd8.js
IP
File type ASCII text, with very long lines (59712), with no line terminators
Hash ee6aadcbf13967d79cfed24015859ba4
baa823989771f6aa8e544152dedaec52bf0f59eb
03ec711a8fa32c8fdd7a845d90cd22c9db92e6cf1b042f4ccbce62c0af07df4e
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /88/fa/44/88fa44dc38fe3eca81e1a2297cea9fd8.js HTTP/1.1
Host: zodiacranbehalf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 20:15:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a1b405d21d78f8a25285182164dee788
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
zodiacranbehalf.com/ntv.json?key=9c4b33f8748b968ccd3bf6fef41e5bfc&vstc=2&uuid=fd2eb995-dadb-4256-b070-032f5a63141f%3A1%3A1&custom=%7B%22d37e3bc4%22%3A%22b%22%7D
8.7 kB URL zodiacranbehalf.com/ntv.json?key=9c4b33f8748b968ccd3bf6fef41e5bfc&vstc=2&uuid=fd2eb995-dadb-4256-b070-032f5a63141f%3A1%3A1&custom=%7B%22d37e3bc4%22%3A%22b%22%7D
IP
File type JSON data\012- , ASCII text, with very long lines (8716), with no line terminators
Hash 80399c6b2c6e7aca933f1fd5ddb8e627
007dfffdcfcb89d809518b948cc120cabe57d003
7133ce37debc86083d2eed5737a5a943241f9fc7b6fe236b985c274bfce71da3
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /ntv.json?key=9c4b33f8748b968ccd3bf6fef41e5bfc&vstc=2&uuid=fd2eb995-dadb-4256-b070-032f5a63141f%3A1%3A1&custom=%7B%22d37e3bc4%22%3A%22b%22%7D HTTP/1.1
Host: zodiacranbehalf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.zohaibrock.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 20:15:31 GMT
Content-Type: application/json
Content-Length: 8716
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.zohaibrock.xyz
Access-Control-Allow-Origin: https://www.zohaibrock.xyz
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=18243162; expires=Mon, 04 Dec 2023 20:15:31 GMT; secure; SameSite=None
uid_id2=fd2eb995-dadb-4256-b070-032f5a63141f:1:1; expires=Sun, 10 Dec 2023 20:15:31 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 04 Dec 2023 20:15:31 GMT; secure; SameSite=None
uncs=1; expires=Mon, 04 Dec 2023 20:15:31 GMT; secure; SameSite=None
pdhtkv49=true; expires=Mon, 04 Dec 2023 20:15:31 GMT; secure; SameSite=None
uncs49=1; expires=Mon, 04 Dec 2023 20:15:31 GMT; secure; SameSite=None
nlec9c4b33f8748b968ccd3bf6fef41e5bfc=[2106764,2229215]; expires=Sun, 03 Dec 2023 20:15:36 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3f113b371250e241695ea3b228990e79
Strict-Transport-Security: max-age=0; includeSubdomains
wrappeddimensionimpression.com/c2/1b/6f/c21b6fd0ed1f791e7d6457ae875a9947.js
16 kB URL wrappeddimensionimpression.com/c2/1b/6f/c21b6fd0ed1f791e7d6457ae875a9947.js
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (42837), with no line terminators
Hash 174f051371921d1f1a93b0c45f7ff9d9
3a6c30d035a46cbabef4d2d747e82eef7d321790
9d5fb356704fe9be4d6ebda888c6206cae8f31881c18cf48089989b88a8cab14
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /c2/1b/6f/c21b6fd0ed1f791e7d6457ae875a9947.js HTTP/1.1
Host: wrappeddimensionimpression.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 03 Dec 2023 20:15:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bbdf0c3b37211d952c4fb5ff90919836
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
191 kB URL www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
IP
File type ASCII text, with very long lines (1048)
Size 191 kB (191350 bytes)
Hash d0046e366f5035c05cb2308d4fa3cdda
129ccdfa95d37e0574d73fc2fc6376175e77a97a
f7714b47fc5968c3a048ff9151fd14ca354baefbfbad3c181a551bd95b44faab
GET /recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Sun, 03 Dec 2023 20:15:31 GMT
date: Sun, 03 Dec 2023 20:15:31 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
wrappeddimensionimpression.com/watch.1025235326008.js?key=4e73aa94115fd83602d8c483acd0b269&kw=%5B%22best%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22settings%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22fps%22%2C%22boost%22%2C%22guide%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FFortnite-Chapter-5-Season-1-FPS-Boost-Pack.html&tz=0&dev=e&res=14.3095&uuid=fd2eb995-dadb-4256-b070-032f5a63141f%3A1%3A1
0 B URL wrappeddimensionimpression.com/watch.1025235326008.js?key=4e73aa94115fd83602d8c483acd0b269&kw=%5B%22best%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22settings%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22fps%22%2C%22boost%22%2C%22guide%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FFortnite-Chapter-5-Season-1-FPS-Boost-Pack.html&tz=0&dev=e&res=14.3095&uuid=fd2eb995-dadb-4256-b070-032f5a63141f%3A1%3A1
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.1025235326008.js?key=4e73aa94115fd83602d8c483acd0b269&kw=%5B%22best%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22settings%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22fps%22%2C%22boost%22%2C%22guide%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FFortnite-Chapter-5-Season-1-FPS-Boost-Pack.html&tz=0&dev=e&res=14.3095&uuid=fd2eb995-dadb-4256-b070-032f5a63141f%3A1%3A1 HTTP/1.1
Host: wrappeddimensionimpression.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.zohaibrock.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sun, 03 Dec 2023 20:15:31 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.zohaibrock.xyz
Access-Control-Allow-Origin: https://www.zohaibrock.xyz
Access-Control-Allow-Credentials: true
Location: https://wrappeddimensionimpression.com/watch.1025235326008.js?key=4e73aa94115fd83602d8c483acd0b269&kw=%5B%22best%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22settings%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22fps%22%2C%22boost%22%2C%22guide%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FFortnite-Chapter-5-Season-1-FPS-Boost-Pack.html&tz=0&dev=e&res=14.3095&uuid=fd2eb995-dadb-4256-b070-032f5a63141f%3A1%3A1&shu=5d19721565f9def7a2ea8955e0328e8af057d2d31375868733bd277181d17bfbc7a633b763a5e3ebc86c3d5a9a6fb0d1f03cb094bf4518d97d90736a4544ec84b38435a7b4415ff9055b18e92d9c92e461b223cf2d2a69bc7ebb020739d58d&pst=1701634591&rmtc=t
Set-Cookie: u_pl=17433661; expires=Mon, 04 Dec 2023 20:15:31 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzQzMzY2MSwiayI6IjRlNzNhYTk0MTE1ZmQ4MzYwMmQ4YzQ4M2FjZDBiMjY5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTExMjY3LCJwaWQiOjQ5NzQ5NSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJhN2VnbnplYTYiLCJjcGtzIjp7IjI4IjoiZDdkYzQ3ZjIyOWY2YzUwYTc3YzNjMmE3YTM5YzQ5ODMifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LnpvaGFpYnJvY2sueHl6LzIwMjMvMTIvRm9ydG5pdGUtQ2hhcHRlci01LVNlYXNvbi0xLUZQUy1Cb29zdC1QYWNrLmh0bWwiLCJhciI6W119fQ.HrPYmuzTyGJ7hq4xpWYTodr8isCYr6izjRQoOKOjDPA; expires=Sun, 03 Dec 2023 20:16:31 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 835fdd7077df051900874559b9de98ed
Strict-Transport-Security: max-age=0; includeSubdomains
www.blogger.com/_/BloggerCommentUi/jserror?script=https%3A%2F%2Fwww.blogger.com%2F_%2Fscs%2Fmss-static%2F_%2Fjs%2Fk%3Dboq-blogger.BloggerCommentUi.en.p3UiCj65kJc.es5.O%2Fck%3Dboq-blogger.BloggerCommentUi.D4K7pZnhZrg.L.F4.O%2Fam%3DQBikBg%2Fd%3D1%2Fexm%3D_b%2C_tp%2Fexcm%3D_b%2C_tp%2Ccommentformiframeview%2Fed%3D1%2Fwt%3D2%2Fujg%3D1%2Frs%3DAEy-KP3X42i0kXRgVKl3800X8GWZ-Korng%2Fee%3DEmZ2Bf%3Azr1jrb%3BErl4fe%3AFloWmf%3BJsbNhc%3AXd8iUd%3BLBgRLc%3ASdcwHb%3BMe32dd%3AMEeYgc%3BNPKaK%3ASdcwHb%3BNSEoX%3AlazG7b%3BOj465e%3AKG2eXe%3BPjplud%3AEEDORb%3BQGR0gd%3AMlhmy%3BSNUn3%3AZwDk9d%3Ba56pNe%3AJEfCwb%3BcEt90b%3Aws9Tlc%3BdIoSBb%3ASpsfSb%3BeBAeSb%3AzbML3c%3BiFQyKf%3AvfuNJf%3Bio8t5d%3AyDVVkb%3BkMFpHd%3AOTA3Ae%3BnAFL3%3ANTMZac%3BoGtAuc%3AsOXFj%3BpXdRYb%3AMdUzUe%3BqddgKe%3AxQtZb%3BsP4Vbe%3AVwDzFe%3BuY49fb%3ACOQbmf%3Bul9GGd%3AVDovNc%3BwR5FRb%3AO1Gjze%3BxqZiqf%3AwmnU7d%3ByxTchf%3AKUM7Z%3BzxnPse%3AduFQFc%2Fm%3Dws9Tlc%2Cn73qwf%2CUUJqVe%2CIZT63%2Ce5qFLc%2CvfuNJf%2CO1Gjze%2CbyfTOb%2ClsjVmc%2CxUdipf%2COTA3Ae%2CCOQbmf%2CfKUV3e%2CaurFic%2CU0aPgd%2CZwDk9d%2CV3dDOb%2CmI3LFb%2CWO9ee%2CeD1YLc%2CgZjhIf%2CO6y8ed%2CMpJwZc%2CPrPYRd%2CLEikZe%2CNwH0H%2COmgaI%2ClazG7b%2CXVMNvd%2CL1AAkb%2CKUM7Z%2CMlhmy%2CduFQFc%2Chc6Ubd%2Clwddkf%2Cgychg%2Cw9hDv%2CEEDORb%2CRMhBfe%2CSdcwHb%2CaW3pY%2CSpsfSb%2CEFQ78c%2CUlmmrd%2CZfAoz%2CmdR7q%2CwmnU7d%2CxQtZb%2CZ5uLle%2CJNoxi%2CkWgXee%2CMI6k7c%2CkjKdXe%2CBVgquf%2CovKuLd%2ChKSk3e%2CMdUzUe%2CyDVVkb%2CzbML3c%2CKG2eXe%2Czr1jrb%2CVwDzFe%2CUas9Hd%2CA7fCU%2CpjICDe&error=Failed%20to%20retrieve%20dependencies%20of%20service%20pjICDe%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20pjICDe%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20zr1jrb%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20zbML3c%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20MdUzUe%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20Z5uLle%3A%20gbar%20is%20not%20defined&line=297
0 B URL www.blogger.com/_/BloggerCommentUi/jserror?script=https%3A%2F%2Fwww.blogger.com%2F_%2Fscs%2Fmss-static%2F_%2Fjs%2Fk%3Dboq-blogger.BloggerCommentUi.en.p3UiCj65kJc.es5.O%2Fck%3Dboq-blogger.BloggerCommentUi.D4K7pZnhZrg.L.F4.O%2Fam%3DQBikBg%2Fd%3D1%2Fexm%3D_b%2C_tp%2Fexcm%3D_b%2C_tp%2Ccommentformiframeview%2Fed%3D1%2Fwt%3D2%2Fujg%3D1%2Frs%3DAEy-KP3X42i0kXRgVKl3800X8GWZ-Korng%2Fee%3DEmZ2Bf%3Azr1jrb%3BErl4fe%3AFloWmf%3BJsbNhc%3AXd8iUd%3BLBgRLc%3ASdcwHb%3BMe32dd%3AMEeYgc%3BNPKaK%3ASdcwHb%3BNSEoX%3AlazG7b%3BOj465e%3AKG2eXe%3BPjplud%3AEEDORb%3BQGR0gd%3AMlhmy%3BSNUn3%3AZwDk9d%3Ba56pNe%3AJEfCwb%3BcEt90b%3Aws9Tlc%3BdIoSBb%3ASpsfSb%3BeBAeSb%3AzbML3c%3BiFQyKf%3AvfuNJf%3Bio8t5d%3AyDVVkb%3BkMFpHd%3AOTA3Ae%3BnAFL3%3ANTMZac%3BoGtAuc%3AsOXFj%3BpXdRYb%3AMdUzUe%3BqddgKe%3AxQtZb%3BsP4Vbe%3AVwDzFe%3BuY49fb%3ACOQbmf%3Bul9GGd%3AVDovNc%3BwR5FRb%3AO1Gjze%3BxqZiqf%3AwmnU7d%3ByxTchf%3AKUM7Z%3BzxnPse%3AduFQFc%2Fm%3Dws9Tlc%2Cn73qwf%2CUUJqVe%2CIZT63%2Ce5qFLc%2CvfuNJf%2CO1Gjze%2CbyfTOb%2ClsjVmc%2CxUdipf%2COTA3Ae%2CCOQbmf%2CfKUV3e%2CaurFic%2CU0aPgd%2CZwDk9d%2CV3dDOb%2CmI3LFb%2CWO9ee%2CeD1YLc%2CgZjhIf%2CO6y8ed%2CMpJwZc%2CPrPYRd%2CLEikZe%2CNwH0H%2COmgaI%2ClazG7b%2CXVMNvd%2CL1AAkb%2CKUM7Z%2CMlhmy%2CduFQFc%2Chc6Ubd%2Clwddkf%2Cgychg%2Cw9hDv%2CEEDORb%2CRMhBfe%2CSdcwHb%2CaW3pY%2CSpsfSb%2CEFQ78c%2CUlmmrd%2CZfAoz%2CmdR7q%2CwmnU7d%2CxQtZb%2CZ5uLle%2CJNoxi%2CkWgXee%2CMI6k7c%2CkjKdXe%2CBVgquf%2CovKuLd%2ChKSk3e%2CMdUzUe%2CyDVVkb%2CzbML3c%2CKG2eXe%2Czr1jrb%2CVwDzFe%2CUas9Hd%2CA7fCU%2CpjICDe&error=Failed%20to%20retrieve%20dependencies%20of%20service%20pjICDe%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20pjICDe%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20zr1jrb%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20zbML3c%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20MdUzUe%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20Z5uLle%3A%20gbar%20is%20not%20defined&line=297
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /_/BloggerCommentUi/jserror?script=https%3A%2F%2Fwww.blogger.com%2F_%2Fscs%2Fmss-static%2F_%2Fjs%2Fk%3Dboq-blogger.BloggerCommentUi.en.p3UiCj65kJc.es5.O%2Fck%3Dboq-blogger.BloggerCommentUi.D4K7pZnhZrg.L.F4.O%2Fam%3DQBikBg%2Fd%3D1%2Fexm%3D_b%2C_tp%2Fexcm%3D_b%2C_tp%2Ccommentformiframeview%2Fed%3D1%2Fwt%3D2%2Fujg%3D1%2Frs%3DAEy-KP3X42i0kXRgVKl3800X8GWZ-Korng%2Fee%3DEmZ2Bf%3Azr1jrb%3BErl4fe%3AFloWmf%3BJsbNhc%3AXd8iUd%3BLBgRLc%3ASdcwHb%3BMe32dd%3AMEeYgc%3BNPKaK%3ASdcwHb%3BNSEoX%3AlazG7b%3BOj465e%3AKG2eXe%3BPjplud%3AEEDORb%3BQGR0gd%3AMlhmy%3BSNUn3%3AZwDk9d%3Ba56pNe%3AJEfCwb%3BcEt90b%3Aws9Tlc%3BdIoSBb%3ASpsfSb%3BeBAeSb%3AzbML3c%3BiFQyKf%3AvfuNJf%3Bio8t5d%3AyDVVkb%3BkMFpHd%3AOTA3Ae%3BnAFL3%3ANTMZac%3BoGtAuc%3AsOXFj%3BpXdRYb%3AMdUzUe%3BqddgKe%3AxQtZb%3BsP4Vbe%3AVwDzFe%3BuY49fb%3ACOQbmf%3Bul9GGd%3AVDovNc%3BwR5FRb%3AO1Gjze%3BxqZiqf%3AwmnU7d%3ByxTchf%3AKUM7Z%3BzxnPse%3AduFQFc%2Fm%3Dws9Tlc%2Cn73qwf%2CUUJqVe%2CIZT63%2Ce5qFLc%2CvfuNJf%2CO1Gjze%2CbyfTOb%2ClsjVmc%2CxUdipf%2COTA3Ae%2CCOQbmf%2CfKUV3e%2CaurFic%2CU0aPgd%2CZwDk9d%2CV3dDOb%2CmI3LFb%2CWO9ee%2CeD1YLc%2CgZjhIf%2CO6y8ed%2CMpJwZc%2CPrPYRd%2CLEikZe%2CNwH0H%2COmgaI%2ClazG7b%2CXVMNvd%2CL1AAkb%2CKUM7Z%2CMlhmy%2CduFQFc%2Chc6Ubd%2Clwddkf%2Cgychg%2Cw9hDv%2CEEDORb%2CRMhBfe%2CSdcwHb%2CaW3pY%2CSpsfSb%2CEFQ78c%2CUlmmrd%2CZfAoz%2CmdR7q%2CwmnU7d%2CxQtZb%2CZ5uLle%2CJNoxi%2CkWgXee%2CMI6k7c%2CkjKdXe%2CBVgquf%2CovKuLd%2ChKSk3e%2CMdUzUe%2CyDVVkb%2CzbML3c%2CKG2eXe%2Czr1jrb%2CVwDzFe%2CUas9Hd%2CA7fCU%2CpjICDe&error=Failed%20to%20retrieve%20dependencies%20of%20service%20pjICDe%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20pjICDe%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20zr1jrb%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20zbML3c%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20MdUzUe%3A%20Failed%20to%20retrieve%20dependencies%20of%20service%20Z5uLle%3A%20gbar%20is%20not%20defined&line=297 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 106248
Origin: https://www.blogger.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 03 Dec 2023 20:15:31 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'nonce-EBz-ILHfRShVk4hx7duTzw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/BloggerCommentUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=511=nmwXYzCO8NcjYsH7C1apUZukE6y3WxjZ3i1MQLyd3BepOSBmNZmcCoITm7CU6PfPTdbXtI2M3aM3AvvdFr1Bl8GCdttwh4GWmK0lXYW5KGIfpfKl4JRADd8ijAJDRZq_Rv8SZvIkt3PAmYhOKJnqvjWEtHF9ASfBVPFuE1m8P3g; expires=Mon, 03-Jun-2024 20:15:31 GMT; path=/; domain=.blogger.com; Secure; HttpOnly
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
wrappeddimensionimpression.com/d7/dc/47/d7dc47f229f6c50a77c3c2a7a39c4983.js
23 kB URL wrappeddimensionimpression.com/d7/dc/47/d7dc47f229f6c50a77c3c2a7a39c4983.js
IP
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (59727), with no line terminators
Hash 280830b1f8b9a73f90e6c7e1832dbd98
1c5561805f0c12cc94e4623edc94b0074ad86d70
1ca39925edcf416d82759c124b529f077d808250fbc590bf4ab8971cc6ab425c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /d7/dc/47/d7dc47f229f6c50a77c3c2a7a39c4983.js HTTP/1.1
Host: wrappeddimensionimpression.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 03 Dec 2023 20:15:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 37b856dd45b3a4d53174996b80c1c847
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
kit-pro.fontawesome.com/releases/v5.15.2/webfonts/pro-fa-brands-400-5.8.1.woff2
928 B URL kit-pro.fontawesome.com/releases/v5.15.2/webfonts/pro-fa-brands-400-5.8.1.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 928, version 331.-31327\012- data
Hash 2e503ea589b954bc9999bd43384c8120
732b264b9f5fdc7481eeed7142e5cae2c69f755f
a1bc56576314a269ec7c49627ac6978c9535d9be29d2e5ba369456c6004b3583
GET /releases/v5.15.2/webfonts/pro-fa-brands-400-5.8.1.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.zohaibrock.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 03 Dec 2023 20:15:31 GMT
content-type: font/woff2
content-length: 928
x-amz-id-2: /kt4JhJ/GEarGSvfj5bmU4lQAIfk4QAFhnk408KfqgGFqT/1EkdulOa6zQrcs/1PjH9LN7h+0Do=
x-amz-request-id: P7K7J4W85ETG2K05
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Thu, 01 Jul 2021 20:08:00 GMT
etag: "2e503ea589b954bc9999bd43384c8120"
cache-control: public, max-age=31556926
cf-cache-status: HIT
age: 910535
expires: Tue, 03 Dec 2024 02:04:17 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 82fe7b708c04b4ee-OSL
X-Firefox-Spdy: h2
kit-pro.fontawesome.com/releases/v5.15.2/webfonts/pro-fa-brands-400-5.0.0.woff2
39 kB URL kit-pro.fontawesome.com/releases/v5.15.2/webfonts/pro-fa-brands-400-5.0.0.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 39176, version 331.-31327\012- data
Hash 7c82fbc0862faa615c4ad28f8e7bcf02
18cd5e664c156be3a194e8bb6500724497ff54b1
5f031f5beda509b8c7f74966b00340c15321b31b43ada420ef85ff7c5e5e7578
GET /releases/v5.15.2/webfonts/pro-fa-brands-400-5.0.0.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.zohaibrock.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 03 Dec 2023 20:15:31 GMT
content-type: font/woff2
content-length: 39176
x-amz-id-2: HJGejIk6XDHKOLl5PBD+wzzSgzhFUooJXSCZi+9pQtCSU6le3jzl/uTx7rMFldSQzw8YkDH5SgI=
x-amz-request-id: X83JMJ3JH92MCM1R
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Thu, 01 Jul 2021 20:07:58 GMT
etag: "7c82fbc0862faa615c4ad28f8e7bcf02"
cache-control: public, max-age=31556926
cf-cache-status: HIT
expires: Tue, 03 Dec 2024 02:04:17 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 82fe7b707c01b4ee-OSL
X-Firefox-Spdy: h2
evaporatehorizontally.com/watch.1093971104370.js?key=26b16bcbe062b96020cea73b7d3a66c9&kw=%5B%22best%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22settings%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22fps%22%2C%22boost%22%2C%22guide%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FFortnite-Chapter-5-Season-1-FPS-Boost-Pack.html&tz=0&dev=e&res=14.3095&uuid=fd2eb995-dadb-4256-b070-032f5a63141f%3A1%3A1
0 B URL evaporatehorizontally.com/watch.1093971104370.js?key=26b16bcbe062b96020cea73b7d3a66c9&kw=%5B%22best%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22settings%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22fps%22%2C%22boost%22%2C%22guide%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FFortnite-Chapter-5-Season-1-FPS-Boost-Pack.html&tz=0&dev=e&res=14.3095&uuid=fd2eb995-dadb-4256-b070-032f5a63141f%3A1%3A1
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.1093971104370.js?key=26b16bcbe062b96020cea73b7d3a66c9&kw=%5B%22best%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22settings%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22fps%22%2C%22boost%22%2C%22guide%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FFortnite-Chapter-5-Season-1-FPS-Boost-Pack.html&tz=0&dev=e&res=14.3095&uuid=fd2eb995-dadb-4256-b070-032f5a63141f%3A1%3A1 HTTP/1.1
Host: evaporatehorizontally.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.zohaibrock.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 20:15:31 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.zohaibrock.xyz
Access-Control-Allow-Origin: https://www.zohaibrock.xyz
Access-Control-Allow-Credentials: true
Location: https://evaporatehorizontally.com/watch.1093971104370.js?key=26b16bcbe062b96020cea73b7d3a66c9&kw=%5B%22best%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22settings%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22fps%22%2C%22boost%22%2C%22guide%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FFortnite-Chapter-5-Season-1-FPS-Boost-Pack.html&tz=0&dev=e&res=14.3095&uuid=fd2eb995-dadb-4256-b070-032f5a63141f%3A1%3A1&shu=251acc86ff96ca32843b5b3b9e7c57f9d861d2ba263e32597698f8b8a3658c80f6dde81662691d988de154cebd706b8cc6f1dfeae49ef582b5e3db082a46c15f87903278e6efe6890821307c89423a976d047a25228b306663fe5cedd62842f2b1233d&pst=1701634591&rmtc=t
Set-Cookie: u_pl=17433668; expires=Mon, 04 Dec 2023 20:15:31 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzQzMzY2OCwiayI6IjI2YjE2YmNiZTA2MmI5NjAyMGNlYTczYjdkM2E2NmM5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTExMjY3LCJwaWQiOjQ5NzQ5NSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyNiwicHQiOjQsInBrIjoia242a3pmeW4iLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cuem9oYWlicm9jay54eXovMjAyMy8xMi9Gb3J0bml0ZS1DaGFwdGVyLTUtU2Vhc29uLTEtRlBTLUJvb3N0LVBhY2suaHRtbCIsImFyIjpbXX19.isY9Qv-xDqYpvw_b6BddG4kcVRJWXntcx3zb70AN9PY; expires=Sun, 03 Dec 2023 20:16:31 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6b051013dff9651a56edd1a7acde3bc2
Strict-Transport-Security: max-age=0; includeSubdomains
kit-pro.fontawesome.com/releases/v5.15.2/webfonts/pro-fa-regular-400-5.12.1.woff2
1.3 kB URL kit-pro.fontawesome.com/releases/v5.15.2/webfonts/pro-fa-regular-400-5.12.1.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 1272, version 331.-31327\012- data
Hash a8206670ecc1b0a53f746bd51d49d613
8fa606f8e3ccf94703138a8154a73e54ae714b97
9b56c5486fe8e76ed0c9546d6608ad2157a907aa50a6be45361b9ad6318f353f
GET /releases/v5.15.2/webfonts/pro-fa-regular-400-5.12.1.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.zohaibrock.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 03 Dec 2023 20:15:31 GMT
content-type: font/woff2
content-length: 1272
x-amz-id-2: c3/TDpV8IbyWEDXsuezLxKhSYkXQGrbg8yMWxTDrLibyDpQPiiTcS4SXkHxsMwM1CqMpSLQc9a4=
x-amz-request-id: KE7MYT043B8W9QN9
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Thu, 01 Jul 2021 20:08:07 GMT
etag: "a8206670ecc1b0a53f746bd51d49d613"
cache-control: public, max-age=31556926
cf-cache-status: HIT
expires: Tue, 03 Dec 2024 02:04:17 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 82fe7b709c39b4ee-OSL
X-Firefox-Spdy: h2
kit-pro.fontawesome.com/releases/v5.15.2/webfonts/pro-fa-solid-900-5.0.0.woff2
20 kB URL kit-pro.fontawesome.com/releases/v5.15.2/webfonts/pro-fa-solid-900-5.0.0.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 20232, version 331.-31327\012- data
Hash 03f4b434ddbcb9152d8690bb90fd2c00
5ede730feae9ab37c48233e5c83a25f079ecbbca
8eb67a3d1088e367e9b1429105c2df2ce1f042dbb819351e998dbb76717d0936
GET /releases/v5.15.2/webfonts/pro-fa-solid-900-5.0.0.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.zohaibrock.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 03 Dec 2023 20:15:31 GMT
content-type: font/woff2
content-length: 20232
x-amz-id-2: 4WYJFIBHcZB2GpIVkc6U6hz+qtrJozcIm7oR/gz7+Dz6WWpeDtp+FnihjMxZdNK9XBMeMp3Y1BKIySvkwsYq9w==
x-amz-request-id: 7CJN4A5TM3DJ6M9N
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Thu, 01 Jul 2021 20:08:08 GMT
etag: "03f4b434ddbcb9152d8690bb90fd2c00"
cache-control: public, max-age=31556926
cf-cache-status: HIT
age: 910535
expires: Tue, 03 Dec 2024 02:04:17 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 82fe7b70bc68b4ee-OSL
X-Firefox-Spdy: h2
kit-pro.fontawesome.com/releases/v5.15.2/webfonts/pro-fa-light-300-5.10.1.woff2
11 kB URL kit-pro.fontawesome.com/releases/v5.15.2/webfonts/pro-fa-light-300-5.10.1.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 10932, version 331.-31327\012- data
Hash 0e792ebd4aea73257b0c350b6fabaf72
c8550f3afbde0e725b4a8e9b09a0eaf8071df197
7e92a3a60aa10f3a82cdde710eba330f0932d1f40a3092a844f0f6d3e49c9d68
GET /releases/v5.15.2/webfonts/pro-fa-light-300-5.10.1.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.zohaibrock.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 03 Dec 2023 20:15:31 GMT
content-type: font/woff2
content-length: 10932
x-amz-id-2: XyfS6KEk6LBZzdV7PVO+lqsFYvphFW/WcaWH4ymsJumdKj4+xz0UmJ2dK3yOx5CAHJtRIpHX6b4=
x-amz-request-id: XKDKAAV4XVNC47CW
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Thu, 01 Jul 2021 20:08:04 GMT
etag: "0e792ebd4aea73257b0c350b6fabaf72"
cache-control: public, max-age=31556926
cf-cache-status: HIT
age: 361369
expires: Tue, 03 Dec 2024 02:04:17 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 82fe7b70cc7bb4ee-OSL
X-Firefox-Spdy: h2
kit-pro.fontawesome.com/releases/v5.15.2/webfonts/pro-fa-regular-400-5.0.0.woff2
24 kB URL kit-pro.fontawesome.com/releases/v5.15.2/webfonts/pro-fa-regular-400-5.0.0.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 23928, version 331.-31327\012- data
Hash ae96a42d81d91aa192faffa096d3e1df
0a4e545864df8d9e1844959b6a90f9c91922fa41
2936529445c10de2d3438e9c3947b35963e183245c1e8486c7dd513763cdc5db
GET /releases/v5.15.2/webfonts/pro-fa-regular-400-5.0.0.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.zohaibrock.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 03 Dec 2023 20:15:31 GMT
content-type: font/woff2
content-length: 23928
x-amz-id-2: 17o3iJQ7m3Z54ecgC3GYFOO125ARP3f0LEDE1rCe0WTSqgpURxwr49MevT8eXqcL7vohiRKNrnw=
x-amz-request-id: 8JS3R6HDMXVFZT0B
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Thu, 01 Jul 2021 20:08:05 GMT
etag: "ae96a42d81d91aa192faffa096d3e1df"
cache-control: public, max-age=31556926
cf-cache-status: HIT
expires: Tue, 03 Dec 2024 02:04:17 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 82fe7b708c07b4ee-OSL
X-Firefox-Spdy: h2
kit-pro.fontawesome.com/releases/v5.15.2/webfonts/pro-fa-solid-900-5.7.0.woff2
9.1 kB URL kit-pro.fontawesome.com/releases/v5.15.2/webfonts/pro-fa-solid-900-5.7.0.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 9072, version 331.-31327\012- data
Hash cd8172f57c5fd94b2f1de480aca2c0b7
997c16a3031afb447b4a619fb216dd16005eb5cc
abebb4bcb4da82c56fe018a0337c26cf27018079b66cff65358b1940ee1ad6b3
GET /releases/v5.15.2/webfonts/pro-fa-solid-900-5.7.0.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.zohaibrock.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 03 Dec 2023 20:15:31 GMT
content-type: font/woff2
content-length: 9072
x-amz-id-2: H+/kgXHGu/lJJ39VnoRNt4UKMvEtypNGJ8dLOBG/mtMat/wYZB0J/l0MJ/bd12Pa0kXOReJrZG0=
x-amz-request-id: 0AF5EMANC0WXT5E4
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Thu, 01 Jul 2021 20:08:10 GMT
etag: "cd8172f57c5fd94b2f1de480aca2c0b7"
cache-control: public, max-age=31556926
cf-cache-status: HIT
expires: Tue, 03 Dec 2024 02:04:17 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 82fe7b708c08b4ee-OSL
X-Firefox-Spdy: h2
kit-pro.fontawesome.com/releases/v5.15.2/webfonts/pro-fa-brands-400-5.8.2.woff2
2.5 kB URL kit-pro.fontawesome.com/releases/v5.15.2/webfonts/pro-fa-brands-400-5.8.2.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 2472, version 331.-31327\012- data
Hash 3aa36704dfa9434e1d02fd7a76b4705f
95a15bd834df2991b652c2a82f378776a1bc905a
88994b8503760a004c40a2db177a7a610c1fee9710639a506971afb8c8d02b07
GET /releases/v5.15.2/webfonts/pro-fa-brands-400-5.8.2.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.zohaibrock.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 03 Dec 2023 20:15:31 GMT
content-type: font/woff2
content-length: 2472
x-amz-id-2: 7uhHEgUEMQi3/ELJuSXyIIlxh5sEP/4fHgWj7s5VXEt6zk0q4viNtmnd5MTkLoiYUrhpCKjdvqE=
x-amz-request-id: 0AFEJFRJZE5QKGGA
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Thu, 01 Jul 2021 20:08:00 GMT
etag: "3aa36704dfa9434e1d02fd7a76b4705f"
cache-control: public, max-age=31556926
cf-cache-status: HIT
expires: Tue, 03 Dec 2024 02:04:17 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 82fe7b70bc74b4ee-OSL
X-Firefox-Spdy: h2
kit-pro.fontawesome.com/releases/v5.15.2/webfonts/pro-fa-regular-400-5.0.11.woff2
4.0 kB URL kit-pro.fontawesome.com/releases/v5.15.2/webfonts/pro-fa-regular-400-5.0.11.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 3992, version 331.-31327\012- data
Hash 9333c4284a3e0be6f4984ae03c154d94
8cb97dbe7034a69d7c91181eb261cccdbbcdb015
e9500b97f5e5e123d71fd14cdc9fa873cf4728371c8c248c981bedd6a8c25d19
GET /releases/v5.15.2/webfonts/pro-fa-regular-400-5.0.11.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.zohaibrock.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 03 Dec 2023 20:15:31 GMT
content-type: font/woff2
content-length: 3992
x-amz-id-2: /VjBa4NDeFq5KAqIXqeDbGd7BtKR1zQsFuPddEA4DAbfndNo63yakNZJQHfC0kFcLm0iqc954G4=
x-amz-request-id: C6ENHATA6ZAATME8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Thu, 01 Jul 2021 20:08:06 GMT
etag: "9333c4284a3e0be6f4984ae03c154d94"
cache-control: public, max-age=31556926
cf-cache-status: HIT
expires: Tue, 03 Dec 2024 02:04:17 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 82fe7b70cc79b4ee-OSL
X-Firefox-Spdy: h2
www.zohaibrock.xyz/feeds/posts/default/-/Fortnite?alt=json-in-script&max-results=5&callback=jQuery1124041211306175327533_1701634537058&_=1701634537059
14 kB URL www.zohaibrock.xyz/feeds/posts/default/-/Fortnite?alt=json-in-script&max-results=5&callback=jQuery1124041211306175327533_1701634537058&_=1701634537059
IP
File type Unicode text, UTF-8 text, with very long lines (65149)
Hash 7740c2d94658dd92cd70bc89980beb38
6815e350d8872cb8c243f795286cc65f64661f5b
fe3ffc891df7ed297d3c56dd5aa79997881903abf902ba9c3bde7b56749d7bb9
GET /feeds/posts/default/-/Fortnite?alt=json-in-script&max-results=5&callback=jQuery1124041211306175327533_1701634537058&_=1701634537059 HTTP/1.1
Host: www.zohaibrock.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/2023/12/Fortnite-Chapter-5-Season-1-FPS-Boost-Pack.html
Cookie: _ga_3GHVHYR6VY=GS1.1.1701634535.1.0.1701634535.0.0.0; _ga=GA1.1.275187823.1701634535; dom3ic8zudi28v8lr6fgphwffqoz0j6c=fd2eb995-dadb-4256-b070-032f5a63141f%3A1%3A1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
etag: W/"bd4e78f14195541231a1cc2490f440f33f1882ff0799667d2ccec6d9c3699710"
date: Sun, 03 Dec 2023 20:15:31 GMT
content-type: text/javascript; charset=UTF-8
server: blogger-renderd
expires: Sun, 03 Dec 2023 20:15:32 GMT
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Sun, 03 Dec 2023 19:59:59 GMT
content-encoding: gzip
content-length: 13877
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
kit-pro.fontawesome.com/releases/v5.15.2/webfonts/pro-fa-regular-400-5.0.0.woff2
24 kB URL kit-pro.fontawesome.com/releases/v5.15.2/webfonts/pro-fa-regular-400-5.0.0.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 23928, version 331.-31327\012- data
Hash ae96a42d81d91aa192faffa096d3e1df
0a4e545864df8d9e1844959b6a90f9c91922fa41
2936529445c10de2d3438e9c3947b35963e183245c1e8486c7dd513763cdc5db
GET /releases/v5.15.2/webfonts/pro-fa-regular-400-5.0.0.woff2 HTTP/1.1
Host: kit-pro.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.zohaibrock.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 03 Dec 2023 20:15:31 GMT
content-type: font/woff2
content-length: 23928
x-amz-id-2: 17o3iJQ7m3Z54ecgC3GYFOO125ARP3f0LEDE1rCe0WTSqgpURxwr49MevT8eXqcL7vohiRKNrnw=
x-amz-request-id: 8JS3R6HDMXVFZT0B
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Thu, 01 Jul 2021 20:08:05 GMT
etag: "ae96a42d81d91aa192faffa096d3e1df"
cache-control: public, max-age=31556926
cf-cache-status: HIT
age: 0
expires: Tue, 03 Dec 2024 02:04:17 GMT
accept-ranges: bytes
server: cloudflare
cf-ray: 82fe7b708c05b4ee-OSL
X-Firefox-Spdy: h2
enormouslysubsequentlypolitics.com/pixel/purst?dl=0&th=0&sc=0&rs=3118&rd=3118&fd=898&bv=23.11.v.9&tmpl=70
0 B URL enormouslysubsequentlypolitics.com/pixel/purst?dl=0&th=0&sc=0&rs=3118&rd=3118&fd=898&bv=23.11.v.9&tmpl=70
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=3118&rd=3118&fd=898&bv=23.11.v.9&tmpl=70 HTTP/1.1
Host: enormouslysubsequentlypolitics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 03 Dec 2023 20:15:32 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
0 B URL jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 03 Dec 2023 20:15:32 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
turnminimizeinterference.com/watch.1052480254923.js?key=c23427b20a346ded2d6bc6fd35076f0d&kw=%5B%22best%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22settings%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22fps%22%2C%22boost%22%2C%22guide%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FFortnite-Chapter-5-Season-1-FPS-Boost-Pack.html&tz=0&dev=e&res=14.3095&uuid=fd2eb995-dadb-4256-b070-032f5a63141f%3A1%3A1
0 B URL turnminimizeinterference.com/watch.1052480254923.js?key=c23427b20a346ded2d6bc6fd35076f0d&kw=%5B%22best%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22settings%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22fps%22%2C%22boost%22%2C%22guide%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FFortnite-Chapter-5-Season-1-FPS-Boost-Pack.html&tz=0&dev=e&res=14.3095&uuid=fd2eb995-dadb-4256-b070-032f5a63141f%3A1%3A1
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.1052480254923.js?key=c23427b20a346ded2d6bc6fd35076f0d&kw=%5B%22best%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22settings%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22fps%22%2C%22boost%22%2C%22guide%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FFortnite-Chapter-5-Season-1-FPS-Boost-Pack.html&tz=0&dev=e&res=14.3095&uuid=fd2eb995-dadb-4256-b070-032f5a63141f%3A1%3A1 HTTP/1.1
Host: turnminimizeinterference.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.zohaibrock.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sun, 03 Dec 2023 20:15:32 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.zohaibrock.xyz
Access-Control-Allow-Origin: https://www.zohaibrock.xyz
Access-Control-Allow-Credentials: true
Location: https://turnminimizeinterference.com/watch.1052480254923.js?key=c23427b20a346ded2d6bc6fd35076f0d&kw=%5B%22best%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22settings%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22fps%22%2C%22boost%22%2C%22guide%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FFortnite-Chapter-5-Season-1-FPS-Boost-Pack.html&tz=0&dev=e&res=14.3095&uuid=fd2eb995-dadb-4256-b070-032f5a63141f%3A1%3A1&shu=cedbc3ed1ae42d7c4b26964320b8301bb7ab91839a13ef114ca0ea70cde777f32f6340385927518490db30fdd84ce3c7e773e89b2b07bfeba8efc01c8cd2764be6c9e3a60b64db3d7470c31e550b1b5d4c42c5ded119fd39a5c664adfbc54b9822f92b&pst=1701634592&rmtc=t
Set-Cookie: u_pl=17433669; expires=Mon, 04 Dec 2023 20:15:32 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzQzMzY2OSwiayI6ImMyMzQyN2IyMGEzNDZkZWQyZDZiYzZmZDM1MDc2ZjBkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTExMjY3LCJwaWQiOjQ5NzQ5NSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyNywicHQiOjQsInBrIjoibnBqZjIyamtwcSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy56b2hhaWJyb2NrLnh5ei8yMDIzLzEyL0ZvcnRuaXRlLUNoYXB0ZXItNS1TZWFzb24tMS1GUFMtQm9vc3QtUGFjay5odG1sIiwiYXIiOltdfX0.tXC9aADyb3rmEM68YlBFLyPBi_1NdWhax9iPeMPtZtw; expires=Sun, 03 Dec 2023 20:16:32 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 591d5beab38f30c1b02e7dfe4baa1c04
Strict-Transport-Security: max-age=0; includeSubdomains
wrappeddimensionimpression.com/watch.636456647471.js?key=67fabe4394723042780ecd8e7e085505&kw=%5B%22best%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22settings%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22fps%22%2C%22boost%22%2C%22guide%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FFortnite-Chapter-5-Season-1-FPS-Boost-Pack.html&tz=0&dev=e&res=14.3095&uuid=fd2eb995-dadb-4256-b070-032f5a63141f%3A1%3A1&shu=7c8371fff87c2285b439c2096dca96751ddfa41be8e94a9ff433f55c3643a86f156b1694a229219203822a30071d15e614ff7620516e92751b5142c1b4ea837d83b923bd1fab895d1df53ed4956c4395fdd17176a59b2db41a86b44f4031fa&pst=1701634591&rmtc=t
2.1 kB URL wrappeddimensionimpression.com/watch.636456647471.js?key=67fabe4394723042780ecd8e7e085505&kw=%5B%22best%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22settings%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22fps%22%2C%22boost%22%2C%22guide%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FFortnite-Chapter-5-Season-1-FPS-Boost-Pack.html&tz=0&dev=e&res=14.3095&uuid=fd2eb995-dadb-4256-b070-032f5a63141f%3A1%3A1&shu=7c8371fff87c2285b439c2096dca96751ddfa41be8e94a9ff433f55c3643a86f156b1694a229219203822a30071d15e614ff7620516e92751b5142c1b4ea837d83b923bd1fab895d1df53ed4956c4395fdd17176a59b2db41a86b44f4031fa&pst=1701634591&rmtc=t
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (2580)
Hash a0b844ba1d449bfd810f049ed4ff621d
199d315c243e85c8747a9e45291680925ad12fc6
a6847c1345e01cd33dcd95708b7d8b5ded6280a5e2ab55fcc375207c259770c1
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.636456647471.js?key=67fabe4394723042780ecd8e7e085505&kw=%5B%22best%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22settings%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22fps%22%2C%22boost%22%2C%22guide%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FFortnite-Chapter-5-Season-1-FPS-Boost-Pack.html&tz=0&dev=e&res=14.3095&uuid=fd2eb995-dadb-4256-b070-032f5a63141f%3A1%3A1&shu=7c8371fff87c2285b439c2096dca96751ddfa41be8e94a9ff433f55c3643a86f156b1694a229219203822a30071d15e614ff7620516e92751b5142c1b4ea837d83b923bd1fab895d1df53ed4956c4395fdd17176a59b2db41a86b44f4031fa&pst=1701634591&rmtc=t HTTP/1.1
Host: wrappeddimensionimpression.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.zohaibrock.xyz
Referer: https://www.zohaibrock.xyz/
DNT: 1
Connection: keep-alive
Cookie: u_pl=17433661; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzQzMzY2MSwiayI6IjRlNzNhYTk0MTE1ZmQ4MzYwMmQ4YzQ4M2FjZDBiMjY5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTExMjY3LCJwaWQiOjQ5NzQ5NSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJhN2VnbnplYTYiLCJjcGtzIjp7IjI4IjoiZDdkYzQ3ZjIyOWY2YzUwYTc3YzNjMmE3YTM5YzQ5ODMifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LnpvaGFpYnJvY2sueHl6LzIwMjMvMTIvRm9ydG5pdGUtQ2hhcHRlci01LVNlYXNvbi0xLUZQUy1Cb29zdC1QYWNrLmh0bWwiLCJhciI6W119fQ.HrPYmuzTyGJ7hq4xpWYTodr8isCYr6izjRQoOKOjDPA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 03 Dec 2023 20:15:32 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.zohaibrock.xyz
Access-Control-Allow-Origin: https://www.zohaibrock.xyz
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17433661,17433673; expires=Mon, 04 Dec 2023 20:15:32 GMT; secure; SameSite=None
uid_id2=fd2eb995-dadb-4256-b070-032f5a63141f:1:1; expires=Sun, 10 Dec 2023 20:15:32 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 04 Dec 2023 20:15:32 GMT; secure; SameSite=None
uncs=1; expires=Mon, 04 Dec 2023 20:15:32 GMT; secure; SameSite=None
pdhtkv32=true; expires=Mon, 04 Dec 2023 20:15:32 GMT; secure; SameSite=None
uncs32=1; expires=Mon, 04 Dec 2023 20:15:32 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a411d3e2970bfd5da8e23ad901e64c5e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
wrappeddimensionimpression.com/watch.1025235326008.js?key=4e73aa94115fd83602d8c483acd0b269&kw=%5B%22best%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22settings%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22fps%22%2C%22boost%22%2C%22guide%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FFortnite-Chapter-5-Season-1-FPS-Boost-Pack.html&tz=0&dev=e&res=14.3095&uuid=fd2eb995-dadb-4256-b070-032f5a63141f%3A1%3A1&shu=5d19721565f9def7a2ea8955e0328e8af057d2d31375868733bd277181d17bfbc7a633b763a5e3ebc86c3d5a9a6fb0d1f03cb094bf4518d97d90736a4544ec84b38435a7b4415ff9055b18e92d9c92e461b223cf2d2a69bc7ebb020739d58d&pst=1701634591&rmtc=t
644 B URL wrappeddimensionimpression.com/watch.1025235326008.js?key=4e73aa94115fd83602d8c483acd0b269&kw=%5B%22best%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22settings%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22fps%22%2C%22boost%22%2C%22guide%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FFortnite-Chapter-5-Season-1-FPS-Boost-Pack.html&tz=0&dev=e&res=14.3095&uuid=fd2eb995-dadb-4256-b070-032f5a63141f%3A1%3A1&shu=5d19721565f9def7a2ea8955e0328e8af057d2d31375868733bd277181d17bfbc7a633b763a5e3ebc86c3d5a9a6fb0d1f03cb094bf4518d97d90736a4544ec84b38435a7b4415ff9055b18e92d9c92e461b223cf2d2a69bc7ebb020739d58d&pst=1701634591&rmtc=t
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (604)
Hash f8aa33e222e9d8169740702725cbb029
007937fcb3e92a7c8742c91465142eb23ec68ad0
69a5d53fa9874ca0b6620d56e829c43e70636bc4db38275730036739dd122923
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.1025235326008.js?key=4e73aa94115fd83602d8c483acd0b269&kw=%5B%22best%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22settings%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22fps%22%2C%22boost%22%2C%22guide%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FFortnite-Chapter-5-Season-1-FPS-Boost-Pack.html&tz=0&dev=e&res=14.3095&uuid=fd2eb995-dadb-4256-b070-032f5a63141f%3A1%3A1&shu=5d19721565f9def7a2ea8955e0328e8af057d2d31375868733bd277181d17bfbc7a633b763a5e3ebc86c3d5a9a6fb0d1f03cb094bf4518d97d90736a4544ec84b38435a7b4415ff9055b18e92d9c92e461b223cf2d2a69bc7ebb020739d58d&pst=1701634591&rmtc=t HTTP/1.1
Host: wrappeddimensionimpression.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.zohaibrock.xyz
Referer: https://www.zohaibrock.xyz/
DNT: 1
Connection: keep-alive
Cookie: u_pl=17433661; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzQzMzY2MSwiayI6IjRlNzNhYTk0MTE1ZmQ4MzYwMmQ4YzQ4M2FjZDBiMjY5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTExMjY3LCJwaWQiOjQ5NzQ5NSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJhN2VnbnplYTYiLCJjcGtzIjp7IjI4IjoiZDdkYzQ3ZjIyOWY2YzUwYTc3YzNjMmE3YTM5YzQ5ODMifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3LnpvaGFpYnJvY2sueHl6LzIwMjMvMTIvRm9ydG5pdGUtQ2hhcHRlci01LVNlYXNvbi0xLUZQUy1Cb29zdC1QYWNrLmh0bWwiLCJhciI6W119fQ.HrPYmuzTyGJ7hq4xpWYTodr8isCYr6izjRQoOKOjDPA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 03 Dec 2023 20:15:32 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.zohaibrock.xyz
Access-Control-Allow-Origin: https://www.zohaibrock.xyz
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=fd2eb995-dadb-4256-b070-032f5a63141f:1:1; expires=Sun, 10 Dec 2023 20:15:32 GMT; secure; SameSite=None
iprc372f842214c8cd334b69cbb8f1164ef6=2717340; expires=Mon, 04 Dec 2023 22:15:32 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 04 Dec 2023 20:15:32 GMT; secure; SameSite=None
uncs=1; expires=Mon, 04 Dec 2023 20:15:32 GMT; secure; SameSite=None
pdhtkv5=true; expires=Mon, 04 Dec 2023 20:15:32 GMT; secure; SameSite=None
uncs5=1; expires=Mon, 04 Dec 2023 20:15:32 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0426ebecfc01909c33c769a5d3ea660c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.youtube.com/s/player/31e0b6d9/player_ias.vflset/en_US/remote.js
34 kB URL www.youtube.com/s/player/31e0b6d9/player_ias.vflset/en_US/remote.js
IP
File type ASCII text, with very long lines (537)
Hash 63aa8296f70f3dcbf8b5df6faf8d46c3
2494976b44b1d3ec3b5825297e243679e7cca1dd
869da04350e0925de923dd2c39c41d18ba0625e3541bd5059ed5a611550552b6
GET /s/player/31e0b6d9/player_ias.vflset/en_US/remote.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/3KP87pdG7t0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 33484
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:32:40 GMT
expires: Fri, 29 Nov 2024 04:32:40 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 30 Nov 2023 03:10:29 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 315772
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.youtube.com/subscribe_embed?usegapi=1&channelid=UC-TNYzu6zPdBf7jHe4sElNQ&layout=full&count=default&origin=https%3A%2F%2Fwww.zohaibrock.xyz&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.coKrc9A11Ng.O%2Fd%3D1%2Frs%3DAHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw%2Fm%3D__features__
16 kB URL www.youtube.com/subscribe_embed?usegapi=1&channelid=UC-TNYzu6zPdBf7jHe4sElNQ&layout=full&count=default&origin=https%3A%2F%2Fwww.zohaibrock.xyz&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.coKrc9A11Ng.O%2Fd%3D1%2Frs%3DAHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw%2Fm%3D__features__
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (2797), with no line terminators
Hash 061b7feae45ab6ec37cdd0ee455e5dde
e10b9f82bbac28a29d7e64914ff60989cff751bf
777c8555abd8580398a582f0e8db1bfd9792576b373da19cf04e5ff23053d508
GET /subscribe_embed?usegapi=1&channelid=UC-TNYzu6zPdBf7jHe4sElNQ&layout=full&count=default&origin=https%3A%2F%2Fwww.zohaibrock.xyz&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.coKrc9A11Ng.O%2Fd%3D1%2Frs%3DAHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw%2Fm%3D__features__ HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 03 Dec 2023 20:15:31 GMT
strict-transport-security: max-age=31536000
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=ZxvpThpVJZ8; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=; Domain=.youtube.com; Expires=Mon, 08-Mar-2021 20:15:31 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+572; expires=Tue, 02-Dec-2025 20:15:31 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
banquetunarmedgrater.com/advertisers.js
0 B URL banquetunarmedgrater.com/advertisers.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 03 Dec 2023 20:15:32 GMT
content-type: application/javascript
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=172800
x-request-id: 490e2cbe9b7b479df71c0502200f219e
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 03 Dec 2023 20:15:32 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=28GL%2BwrdW0eDoAEDy%2FOaDI2aQV%2BQJijsd7jIxZuPWH312s2BOt2ZjwMvwDgBY%2FCb%2BUniZ%2BhbCUzpvTcTZzrPvchM%2Fze4pGLypFCFcEdo7RKUiITzV0QEjFLs8Druo7B8IV7vYzuZe%2BITjIw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fe7b74f85456b1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
1.bp.blogspot.com/-_zcoRnZ1ZvE/YCGpCEfQTMI/AAAAAAAAAJ0/D0YGtISzX58OsRRmk0kQXMEwAROd4IJAACLcBGAsYHQ/w349-h149-p-k-no-nu/2.jpg
32 kB URL 1.bp.blogspot.com/-_zcoRnZ1ZvE/YCGpCEfQTMI/AAAAAAAAAJ0/D0YGtISzX58OsRRmk0kQXMEwAROd4IJAACLcBGAsYHQ/w349-h149-p-k-no-nu/2.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 349x149, components 3\012- data
Hash a9bb55159b6794e07460f1ed4bf847cc
f49a080afff6cf48a1b3f619f569914385354a78
2429062f7c37339047259be8f31d68dd433f0ef2006f1a86226b449331365514
GET /-_zcoRnZ1ZvE/YCGpCEfQTMI/AAAAAAAAAJ0/D0YGtISzX58OsRRmk0kQXMEwAROd4IJAACLcBGAsYHQ/w349-h149-p-k-no-nu/2.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v9e"
expires: Mon, 04 Dec 2023 20:15:32 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="2.jpg"
x-content-type-options: nosniff
date: Sun, 03 Dec 2023 20:15:32 GMT
server: fife
content-length: 31494
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
zodiacranbehalf.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSu3qwoetEgghChERUD7mz3dPfOjDkEY4wEYzYkkQUPQv3q3XJrupqq7unZOSUGNAcPoxd%2FnHq%2F2WQ1hmD%2BAEVmvYSgkLnIHlyRnDwLwaPM7sLog6r3Xn3v8H3fq483yz0SoqS7F941A6U1XUwagf%2FqisqEqZx%2F%2FrIfBo3ghL%2BisqX4hN%2BfXrb3ehgkjeC4%2F7bk62axGYRBEAahf0ZZmZr%2B4j4Kld%2FuhI1O0IibjTCJ0bf%2F713pwVEPordHjkKJyWNr9%2B5C8TGy7venpVsvTP7aW91S08JY9MT2e9l6ZqoM3VmZWg9ptn04DeMmhHw5B5NtHyqA6W1NFYCpCfF%2BC8Gy7UOaYL0bB0yZhszAxFOoemNIPYaiY3BzDUo8IAAXOL%2BMrHvzvLEV3ThA6RSdkPlHf0NVEzL%2F%2B7PIundOadX3LxldFspkDv20huqPoVbHyMsdFAMPqtoBLz6CEr%2BSxUfnkHW3lp02UGL3pVQ0Jet0kgVBBVuIm8nSAgtawUIQNdOELkVhHKb7Fik1hkrH0HII6jyU06M8lKmHMvfQFbs%2BTTppELRSlkZRO%2BacRxHnSXtJJCKK22mAkk81DFHkQ3A9BLdXkNur34ioJSPG402GdfXZg%2BQobPkT3FoNJzy4gqAnalSSoHIEFSWoFEFVEFS9%2BobQrunqm0K7koWHuXmYo3pkitVNesMUqzIjoHa4me%2BRZ6ZWes998D7W5a7f4TGLorTdituss9TmXEQsXUplGocyYSmHUzWUm9sXPlAT8sLxh8jVhDz%2BxQoY3YHTO%2BDqGGgZglajVjMAXRvF7QCD7M7ArFHFrOHrjf7GAMLUyIt5FBvept4jz%2B8v9cUjf0Dy%2BydvHbv9RPjKX%2BC2Rm5rfKh%2BJljV10cXTUW2LprKkbvLeaG6akCnC79U0EIeufWO3KiMFWdPu%2BG3b%2FApMC1vX5auOEczobJVR747pYSQ9oyxXJIfzroVyS6Ubu1UabMyP3fhzTNnu7mVzimTjUHVg%2BV%2FwNWEzF%2F9cf8rP%2F3LJ1B2DFvW6Jb3yWFAmR3w%2FApcPmPvDIHVsxmWz6Eq65FtstmjVgRaznrKarj%2F9GxWb7rrWLVzoMU1ZN0aPVujp2tQPYQrnxwVub1%2F8t5X0%2FgaTM%2BNmLZzW0xb%2FfmE%2BC9%2FeuCvU7u%2BTNIglUFTsrTD0hYNRCeNO4x2QtliCQ1RuInUfz78FwAA%2F%2F8BAAD%2F%2F7LMpjWnBAAA
7 B URL zodiacranbehalf.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSu3qwoetEgghChERUD7mz3dPfOjDkEY4wEYzYkkQUPQv3q3XJrupqq7unZOSUGNAcPoxd%2FnHq%2F2WQ1hmD%2BAEVmvYSgkLnIHlyRnDwLwaPM7sLog6r3Xn3v8H3fq483yz0SoqS7F941A6U1XUwagf%2FqisqEqZx%2F%2FrIfBo3ghL%2BisqX4hN%2BfXrb3ehgkjeC4%2F7bk62axGYRBEAahf0ZZmZr%2B4j4Kld%2FuhI1O0IibjTCJ0bf%2F713pwVEPordHjkKJyWNr9%2B5C8TGy7venpVsvTP7aW91S08JY9MT2e9l6ZqoM3VmZWg9ptn04DeMmhHw5B5NtHyqA6W1NFYCpCfF%2BC8Gy7UOaYL0bB0yZhszAxFOoemNIPYaiY3BzDUo8IAAXOL%2BMrHvzvLEV3ThA6RSdkPlHf0NVEzL%2F%2B7PIundOadX3LxldFspkDv20huqPoVbHyMsdFAMPqtoBLz6CEr%2BSxUfnkHW3lp02UGL3pVQ0Jet0kgVBBVuIm8nSAgtawUIQNdOELkVhHKb7Fik1hkrH0HII6jyU06M8lKmHMvfQFbs%2BTTppELRSlkZRO%2BacRxHnSXtJJCKK22mAkk81DFHkQ3A9BLdXkNur34ioJSPG402GdfXZg%2BQobPkT3FoNJzy4gqAnalSSoHIEFSWoFEFVEFS9%2BobQrunqm0K7koWHuXmYo3pkitVNesMUqzIjoHa4me%2BRZ6ZWes998D7W5a7f4TGLorTdituss9TmXEQsXUplGocyYSmHUzWUm9sXPlAT8sLxh8jVhDz%2BxQoY3YHTO%2BDqGGgZglajVjMAXRvF7QCD7M7ArFHFrOHrjf7GAMLUyIt5FBvept4jz%2B8v9cUjf0Dy%2BydvHbv9RPjKX%2BC2Rm5rfKh%2BJljV10cXTUW2LprKkbvLeaG6akCnC79U0EIeufWO3KiMFWdPu%2BG3b%2FApMC1vX5auOEczobJVR747pYSQ9oyxXJIfzroVyS6Ubu1UabMyP3fhzTNnu7mVzimTjUHVg%2BV%2FwNWEzF%2F9cf8rP%2F3LJ1B2DFvW6Jb3yWFAmR3w%2FApcPmPvDIHVsxmWz6Eq65FtstmjVgRaznrKarj%2F9GxWb7rrWLVzoMU1ZN0aPVujp2tQPYQrnxwVub1%2F8t5X0%2FgaTM%2BNmLZzW0xb%2FfmE%2BC9%2FeuCvU7u%2BTNIglUFTsrTD0hYNRCeNO4x2QtliCQ1RuInUfz78FwAA%2F%2F8BAAD%2F%2F7LMpjWnBAAA
IP
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSu3qwoetEgghChERUD7mz3dPfOjDkEY4wEYzYkkQUPQv3q3XJrupqq7unZOSUGNAcPoxd%2FnHq%2F2WQ1hmD%2BAEVmvYSgkLnIHlyRnDwLwaPM7sLog6r3Xn3v8H3fq483yz0SoqS7F941A6U1XUwagf%2FqisqEqZx%2F%2FrIfBo3ghL%2BisqX4hN%2BfXrb3ehgkjeC4%2F7bk62axGYRBEAahf0ZZmZr%2B4j4Kld%2FuhI1O0IibjTCJ0bf%2F713pwVEPordHjkKJyWNr9%2B5C8TGy7venpVsvTP7aW91S08JY9MT2e9l6ZqoM3VmZWg9ptn04DeMmhHw5B5NtHyqA6W1NFYCpCfF%2BC8Gy7UOaYL0bB0yZhszAxFOoemNIPYaiY3BzDUo8IAAXOL%2BMrHvzvLEV3ThA6RSdkPlHf0NVEzL%2F%2B7PIundOadX3LxldFspkDv20huqPoVbHyMsdFAMPqtoBLz6CEr%2BSxUfnkHW3lp02UGL3pVQ0Jet0kgVBBVuIm8nSAgtawUIQNdOELkVhHKb7Fik1hkrH0HII6jyU06M8lKmHMvfQFbs%2BTTppELRSlkZRO%2BacRxHnSXtJJCKK22mAkk81DFHkQ3A9BLdXkNur34ioJSPG402GdfXZg%2BQobPkT3FoNJzy4gqAnalSSoHIEFSWoFEFVEFS9%2BobQrunqm0K7koWHuXmYo3pkitVNesMUqzIjoHa4me%2BRZ6ZWes998D7W5a7f4TGLorTdituss9TmXEQsXUplGocyYSmHUzWUm9sXPlAT8sLxh8jVhDz%2BxQoY3YHTO%2BDqGGgZglajVjMAXRvF7QCD7M7ArFHFrOHrjf7GAMLUyIt5FBvept4jz%2B8v9cUjf0Dy%2BydvHbv9RPjKX%2BC2Rm5rfKh%2BJljV10cXTUW2LprKkbvLeaG6akCnC79U0EIeufWO3KiMFWdPu%2BG3b%2FApMC1vX5auOEczobJVR747pYSQ9oyxXJIfzroVyS6Ubu1UabMyP3fhzTNnu7mVzimTjUHVg%2BV%2FwNWEzF%2F9cf8rP%2F3LJ1B2DFvW6Jb3yWFAmR3w%2FApcPmPvDIHVsxmWz6Eq65FtstmjVgRaznrKarj%2F9GxWb7rrWLVzoMU1ZN0aPVujp2tQPYQrnxwVub1%2F8t5X0%2FgaTM%2BNmLZzW0xb%2FfmE%2BC9%2FeuCvU7u%2BTNIglUFTsrTD0hYNRCeNO4x2QtliCQ1RuInUfz78FwAA%2F%2F8BAAD%2F%2F7LMpjWnBAAA HTTP/1.1
Host: zodiacranbehalf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Cookie: u_pl=18243162; uid_id2=fd2eb995-dadb-4256-b070-032f5a63141f:1:1; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 20:15:32 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 831ad057cb2fb19d327dc329aa0dc726
Strict-Transport-Security: max-age=0; includeSubdomains
1.bp.blogspot.com/-3oPpCrOujDA/YD4FHWShTpI/AAAAAAAAANc/3rrTHr6s6Pw4Q5OuPko8ctLIE4hrJlA4ACLcBGAsYHQ/w349-h149-p-k-no-nu/maxresdefault.jpg
29 kB URL 1.bp.blogspot.com/-3oPpCrOujDA/YD4FHWShTpI/AAAAAAAAANc/3rrTHr6s6Pw4Q5OuPko8ctLIE4hrJlA4ACLcBGAsYHQ/w349-h149-p-k-no-nu/maxresdefault.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 349x149, components 3\012- data
Hash 650874155393ee8d8d67fa117f47d5c2
373998dd99d2bcdf11489ec64f2f22715ca30ae7
d916d39f986db6b1f30a6c1f96781073ed3fb0f5b3c73cadec77d9f570c6db19
GET /-3oPpCrOujDA/YD4FHWShTpI/AAAAAAAAANc/3rrTHr6s6Pw4Q5OuPko8ctLIE4hrJlA4ACLcBGAsYHQ/w349-h149-p-k-no-nu/maxresdefault.jpg HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "vd8"
expires: Mon, 04 Dec 2023 20:15:32 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="maxresdefault.jpg"
x-content-type-options: nosniff
date: Sun, 03 Dec 2023 20:15:32 GMT
server: fife
content-length: 28652
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
5.2 kB URL www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
IP
File type ASCII text, with very long lines (39210), with no line terminators
Hash 27710ebd53987083f2fd2f37a5590440
616b3862fab2ad15ddb2ec56255d8810a879b21a
9325cb86c14e757a3266ab710efa8294b3cd00403310dfe09e6f561f7c94b438
GET /s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/subscribe_embed?usegapi=1&channelid=UC-TNYzu6zPdBf7jHe4sElNQ&layout=full&count=default&origin=https%3A%2F%2Fwww.zohaibrock.xyz&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.coKrc9A11Ng.O%2Fd%3D1%2Frs%3DAHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw%2Fm%3D__features__
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 5155
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 18:39:43 GMT
expires: Thu, 28 Nov 2024 18:39:43 GMT
cache-control: public, max-age=31536000
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
content-type: text/css
vary: Accept-Encoding
age: 351349
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
zodiacranbehalf.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSu3qwoehCDCEKERlQMuLPd0907M%2BYQjDESjNmQRBY8CPWrd8ut6Wqquqdn55QYkBw8jF78cer9ZpPVGIL5AxSZ9RICQuYie3BFcvIsBI8ym4HRB1Xvvfre4fu%2BV59ulwckREn3L7xvBkprupw0Av%2F1NZUJUzn%2F%2FGU%2FDBrBCX9NZSvxCb8%2FvWzvzTBIGsFx%2F13JN81yMwiDIAxC%2F4yyMjX95UMUKr%2FdCRudoBE3G2ESo2%2F%2F37vSg6MeRO%2BAHIUSkyc27t2F4mNk3R9OS7dZmPyNd7qlpoWx6IndD7LNzFQZuvMytR7SbHc2DeMmhHy1AJPtzhTA9HamCsDUhHi%2FhWDZ7owmWO%2FGY6ZMQ2Zg4hlUvTGkHkPRMbi5BiUeEIALnF9F1r153tiKbj1G6RSdkMVHf0NVE7L4%2B%2FPIundOadX3LxldFspkDv20huqPodbHyMs9FAMPqtoDLz6BEr%2BS5UfnkHV3Vp02UGL%2FlVQ0Jet0kiVBBVuKm8nKEgtawVIQNdOErkRhHKaHFik1hkrH0HII6jyU06M8lKmHMvfQFfs%2BTTppELRSlkZRO%2BacRxHnSXtFJCKK22mAkk81DFHkQ3A9BLdXkNur34qoJSPG422GTfX5g%2BQobPkz3EYNJzy4gqAnalSSoHIEFSWoFEFVEFS9%2BobQrunqm0K7koWz3JzlqB6ZYn2b3jDFuswIqB1u5wfkuamV3gsffYhNue93eMyiKG234jbrrLQ5FxFLV1KZxqFMWMrhVA3lFg6FD9SEvHT8IXI1IU9%2BuQZG9%2BD0Hrg6BlqGoNWo1QxAN0ZxO8AguzMwG1Qxa%2Fhmo781gDA18mIRxZa3rQ%2FIi4dL9V%2F9DJLfP3nr2O2nwtf%2BArc1clvjY%2FULwbq%2BPrpoKrJz0VSO3F3NC9VVAzpd%2BKWCFvLIrffkVmWsOHvaDb97i0%2BBaXn7snTFOZoJla078v0pJYS0Z4zlkvx41q1JdqF0G6dKm5X5uQtvnznbza10TplsDKoerP4DriZk8epPh1%2F52ckdKDuGLWt0y%2FtkFlBmDzy%2FApfP2TtDYPV8huUeqrIe2SabP2pFoOW8p6yG%2B0%2FP5vW2u451uwBaXEPWrdGzNXq6BtVDuPLpUZHb%2ByfvfT2Nb8D0wohpu7DDtNVfHFo7IS8f%2BQNO7fsySYNUBk3J0g5LWzQQnTTuMNoJZYslNEThJlL%2F%2BfBfAAAA%2F%2F8BAAD%2F%2FzD3mXanBAAA
7 B URL zodiacranbehalf.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSu3qwoehCDCEKERlQMuLPd0907M%2BYQjDESjNmQRBY8CPWrd8ut6Wqquqdn55QYkBw8jF78cer9ZpPVGIL5AxSZ9RICQuYie3BFcvIsBI8ym4HRB1Xvvfre4fu%2BV59ulwckREn3L7xvBkprupw0Av%2F1NZUJUzn%2F%2FGU%2FDBrBCX9NZSvxCb8%2FvWzvzTBIGsFx%2F13JN81yMwiDIAxC%2F4yyMjX95UMUKr%2FdCRudoBE3G2ESo2%2F%2F37vSg6MeRO%2BAHIUSkyc27t2F4mNk3R9OS7dZmPyNd7qlpoWx6IndD7LNzFQZuvMytR7SbHc2DeMmhHy1AJPtzhTA9HamCsDUhHi%2FhWDZ7owmWO%2FGY6ZMQ2Zg4hlUvTGkHkPRMbi5BiUeEIALnF9F1r153tiKbj1G6RSdkMVHf0NVE7L4%2B%2FPIundOadX3LxldFspkDv20huqPodbHyMs9FAMPqtoDLz6BEr%2BS5UfnkHV3Vp02UGL%2FlVQ0Jet0kiVBBVuKm8nKEgtawVIQNdOErkRhHKaHFik1hkrH0HII6jyU06M8lKmHMvfQFfs%2BTTppELRSlkZRO%2BacRxHnSXtFJCKK22mAkk81DFHkQ3A9BLdXkNur34qoJSPG422GTfX5g%2BQobPkz3EYNJzy4gqAnalSSoHIEFSWoFEFVEFS9%2BobQrunqm0K7koWz3JzlqB6ZYn2b3jDFuswIqB1u5wfkuamV3gsffYhNue93eMyiKG234jbrrLQ5FxFLV1KZxqFMWMrhVA3lFg6FD9SEvHT8IXI1IU9%2BuQZG9%2BD0Hrg6BlqGoNWo1QxAN0ZxO8AguzMwG1Qxa%2Fhmo781gDA18mIRxZa3rQ%2FIi4dL9V%2F9DJLfP3nr2O2nwtf%2BArc1clvjY%2FULwbq%2BPrpoKrJz0VSO3F3NC9VVAzpd%2BKWCFvLIrffkVmWsOHvaDb97i0%2BBaXn7snTFOZoJla078v0pJYS0Z4zlkvx41q1JdqF0G6dKm5X5uQtvnznbza10TplsDKoerP4DriZk8epPh1%2F52ckdKDuGLWt0y%2FtkFlBmDzy%2FApfP2TtDYPV8huUeqrIe2SabP2pFoOW8p6yG%2B0%2FP5vW2u451uwBaXEPWrdGzNXq6BtVDuPLpUZHb%2ByfvfT2Nb8D0wohpu7DDtNVfHFo7IS8f%2BQNO7fsySYNUBk3J0g5LWzQQnTTuMNoJZYslNEThJlL%2F%2BfBfAAAA%2F%2F8BAAD%2F%2FzD3mXanBAAA
IP
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSu3qwoehCDCEKERlQMuLPd0907M%2BYQjDESjNmQRBY8CPWrd8ut6Wqquqdn55QYkBw8jF78cer9ZpPVGIL5AxSZ9RICQuYie3BFcvIsBI8ym4HRB1Xvvfre4fu%2BV59ulwckREn3L7xvBkprupw0Av%2F1NZUJUzn%2F%2FGU%2FDBrBCX9NZSvxCb8%2FvWzvzTBIGsFx%2F13JN81yMwiDIAxC%2F4yyMjX95UMUKr%2FdCRudoBE3G2ESo2%2F%2F37vSg6MeRO%2BAHIUSkyc27t2F4mNk3R9OS7dZmPyNd7qlpoWx6IndD7LNzFQZuvMytR7SbHc2DeMmhHy1AJPtzhTA9HamCsDUhHi%2FhWDZ7owmWO%2FGY6ZMQ2Zg4hlUvTGkHkPRMbi5BiUeEIALnF9F1r153tiKbj1G6RSdkMVHf0NVE7L4%2B%2FPIundOadX3LxldFspkDv20huqPodbHyMs9FAMPqtoDLz6BEr%2BS5UfnkHV3Vp02UGL%2FlVQ0Jet0kiVBBVuKm8nKEgtawVIQNdOErkRhHKaHFik1hkrH0HII6jyU06M8lKmHMvfQFfs%2BTTppELRSlkZRO%2BacRxHnSXtFJCKK22mAkk81DFHkQ3A9BLdXkNur34qoJSPG422GTfX5g%2BQobPkz3EYNJzy4gqAnalSSoHIEFSWoFEFVEFS9%2BobQrunqm0K7koWz3JzlqB6ZYn2b3jDFuswIqB1u5wfkuamV3gsffYhNue93eMyiKG234jbrrLQ5FxFLV1KZxqFMWMrhVA3lFg6FD9SEvHT8IXI1IU9%2BuQZG9%2BD0Hrg6BlqGoNWo1QxAN0ZxO8AguzMwG1Qxa%2Fhmo781gDA18mIRxZa3rQ%2FIi4dL9V%2F9DJLfP3nr2O2nwtf%2BArc1clvjY%2FULwbq%2BPrpoKrJz0VSO3F3NC9VVAzpd%2BKWCFvLIrffkVmWsOHvaDb97i0%2BBaXn7snTFOZoJla078v0pJYS0Z4zlkvx41q1JdqF0G6dKm5X5uQtvnznbza10TplsDKoerP4DriZk8epPh1%2F52ckdKDuGLWt0y%2FtkFlBmDzy%2FApfP2TtDYPV8huUeqrIe2SabP2pFoOW8p6yG%2B0%2FP5vW2u451uwBaXEPWrdGzNXq6BtVDuPLpUZHb%2ByfvfT2Nb8D0wohpu7DDtNVfHFo7IS8f%2BQNO7fsySYNUBk3J0g5LWzQQnTTuMNoJZYslNEThJlL%2F%2BfBfAAAA%2F%2F8BAAD%2F%2FzD3mXanBAAA HTTP/1.1
Host: zodiacranbehalf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Cookie: u_pl=18243162; uid_id2=fd2eb995-dadb-4256-b070-032f5a63141f:1:1; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 20:15:32 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fda2a5d4f7eed2e04b15b763d6243467
Strict-Transport-Security: max-age=0; includeSubdomains
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
33 kB URL jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 2aef7d7b6748f2c5bbee8947ab8d8fed
14c0471e25f4ba433b9309e651e74d4734a4dd6a
1bd272c2ff5bd08629b3d837e50692f958cf1af5990058f9a8af5971b727d1f8
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 03 Dec 2023 20:15:32 GMT
server: ESF
cache-control: private
content-length: 32844
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
25 kB URL www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
IP
File type ASCII text, with very long lines (56398), with no line terminators
Hash eb4bc511f79f7a1573b45f5775b3a99b
d910fb51ad7316aa54f055079374574698e74b35
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24606
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 03 Dec 2023 19:06:15 GMT
expires: Mon, 02 Dec 2024 19:06:15 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/css
vary: Accept-Encoding
age: 4157
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
yt3.ggpht.com/I3LjtqiaUcIQG10qbKF41ijJw_LMXColJtE85tifHEAeQRs_QUjirG5PEL6ZlgpflTYfXIpQtw=s68-c-k-c0x00ffffff-no-rj
3.5 kB URL yt3.ggpht.com/I3LjtqiaUcIQG10qbKF41ijJw_LMXColJtE85tifHEAeQRs_QUjirG5PEL6ZlgpflTYfXIpQtw=s68-c-k-c0x00ffffff-no-rj
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash 9f7107f9193ea2b7c42011cebabcf7a5
5096ccf3544ef742d99624f9703af31d2aaff49d
b77a538f29668efcb8ae3d004dd5e61c7f2a7f57d4b218c312e3ffb82d085800
GET /I3LjtqiaUcIQG10qbKF41ijJw_LMXColJtE85tifHEAeQRs_QUjirG5PEL6ZlgpflTYfXIpQtw=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
x-content-type-options: nosniff
server: fife
content-length: 3529
x-xss-protection: 0
date: Sun, 03 Dec 2023 17:22:26 GMT
expires: Mon, 04 Dec 2023 17:22:26 GMT
cache-control: public, max-age=86400, no-transform
age: 10386
etag: "v1"
content-type: image/jpeg
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/bi/3d/db/79/3ddb7981a890b9004c379789bfd08b3c/1678713731.jpg
17 kB URL cdn.cloudimagesb.com/bi/3d/db/79/3ddb7981a890b9004c379789bfd08b3c/1678713731.jpg
IP
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 728x90, components 3\012- data
Hash bcadf77ad6e48eabbf83cb4db14318d2
1bf9c0965132620dd4a7a6d879b0db71149d4385
307344cfdc62cf37b94cb1ff048eeb3c5a8e38c695bb20a8e51ff1e80014deba
GET /bi/3d/db/79/3ddb7981a890b9004c379789bfd08b3c/1678713731.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 03 Dec 2023 20:15:32 GMT
content-type: image/jpeg
content-length: 16838
server: nginx/1.21.6
last-modified: Mon, 13 Mar 2023 13:22:19 GMT
etag: "640f238b-41c6"
expires: Tue, 05 Dec 2023 20:15:32 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/28/5d/66/285d66474f8eb1391e6c869128c7a3ea/1628587131.jpg
29 kB URL cdn.cloudimagesb.com/cti/28/5d/66/285d66474f8eb1391e6c869128c7a3ea/1628587131.jpg
IP
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash 76f54f42b70d14a6d6bfe2f8b1945265
197daa3737be8968bf39ff28000663c1c17deeb2
c864fde3026e05a2cc34b4348fa4888d3ae44202179277877d082cadd9971abc
GET /cti/28/5d/66/285d66474f8eb1391e6c869128c7a3ea/1628587131.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 03 Dec 2023 20:15:32 GMT
content-type: image/jpeg
content-length: 28852
server: nginx/1.21.6
last-modified: Tue, 10 Aug 2021 09:18:59 GMT
etag: "61124483-70b4"
expires: Tue, 05 Dec 2023 20:15:32 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/4e/61/98/4e619871efbab123abb0e0121e08e11d/1628586907.jpg
23 kB URL cdn.cloudimagesb.com/cti/4e/61/98/4e619871efbab123abb0e0121e08e11d/1628586907.jpg
IP
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash c6f19781c79ff746b99178f813cfbff2
5c307e43c63001535aa3a3683777dbb1a7f0775b
816b5a5d078f27271fa2d7c210d708f386a6f9fbd9242531b07f0b051382870d
GET /cti/4e/61/98/4e619871efbab123abb0e0121e08e11d/1628586907.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 03 Dec 2023 20:15:32 GMT
content-type: image/jpeg
content-length: 22883
server: nginx/1.21.6
last-modified: Tue, 10 Aug 2021 09:15:16 GMT
etag: "611243a4-5963"
expires: Tue, 05 Dec 2023 20:15:32 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ytimg.com/vi/3KP87pdG7t0/sddefault.jpg
68 kB URL i.ytimg.com/vi/3KP87pdG7t0/sddefault.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x480, components 3\012- data
Hash 205dfc432d95db1749780ecf24256e12
49ced1bd997aed68c32b071f6212ed7170c10f1a
7fb9c91a73e40f266a4dd2351b8a8412b3a19a8b27233b440e7f1a0cdd21dcd9
GET /vi/3KP87pdG7t0/sddefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 68276
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 03 Dec 2023 20:15:32 GMT
expires: Sun, 03 Dec 2023 20:20:32 GMT
cache-control: public, max-age=300
etag: "1701632036"
content-type: image/jpeg
vary: Origin
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=rw4o81gav5n3
36 kB URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=rw4o81gav5n3
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52308)
Hash 71b1a183a85038a44b7b27c514fb3dca
275c6820143d9a79d25c66f2c5751208f38be377
c26a1e5d13015291d543c450e4328e8301a96bfd82f8b9e1649da9796e1de856
GET /recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=rw4o81gav5n3 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 03 Dec 2023 20:15:32 GMT
content-security-policy: script-src 'nonce-RwabyDxpocQgmM60zI67Yg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
evaporatehorizontally.com/watch.1093971104370.js?key=26b16bcbe062b96020cea73b7d3a66c9&kw=%5B%22best%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22settings%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22fps%22%2C%22boost%22%2C%22guide%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FFortnite-Chapter-5-Season-1-FPS-Boost-Pack.html&tz=0&dev=e&res=14.3095&uuid=fd2eb995-dadb-4256-b070-032f5a63141f%3A1%3A1&shu=251acc86ff96ca32843b5b3b9e7c57f9d861d2ba263e32597698f8b8a3658c80f6dde81662691d988de154cebd706b8cc6f1dfeae49ef582b5e3db082a46c15f87903278e6efe6890821307c89423a976d047a25228b306663fe5cedd62842f2b1233d&pst=1701634591&rmtc=t
2.1 kB URL evaporatehorizontally.com/watch.1093971104370.js?key=26b16bcbe062b96020cea73b7d3a66c9&kw=%5B%22best%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22settings%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22fps%22%2C%22boost%22%2C%22guide%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FFortnite-Chapter-5-Season-1-FPS-Boost-Pack.html&tz=0&dev=e&res=14.3095&uuid=fd2eb995-dadb-4256-b070-032f5a63141f%3A1%3A1&shu=251acc86ff96ca32843b5b3b9e7c57f9d861d2ba263e32597698f8b8a3658c80f6dde81662691d988de154cebd706b8cc6f1dfeae49ef582b5e3db082a46c15f87903278e6efe6890821307c89423a976d047a25228b306663fe5cedd62842f2b1233d&pst=1701634591&rmtc=t
IP
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (2600)
Hash 778c61e4a37312af2797ee1e10e8455d
0919e392d3df06379a376ed2a733637897643ca5
4c84178028876432bb50cee51f919c55471dfd83cf51a4e1fd1b241c982a773d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /watch.1093971104370.js?key=26b16bcbe062b96020cea73b7d3a66c9&kw=%5B%22best%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22settings%22%2C%22fortnite%22%2C%22chapter%22%2C%225%22%2C%22season%22%2C%221%22%2C%22fps%22%2C%22boost%22%2C%22guide%22%2C%22-%22%2C%22zohaib%22%2C%22rock%22%5D&refer=https%3A%2F%2Fwww.zohaibrock.xyz%2F2023%2F12%2FFortnite-Chapter-5-Season-1-FPS-Boost-Pack.html&tz=0&dev=e&res=14.3095&uuid=fd2eb995-dadb-4256-b070-032f5a63141f%3A1%3A1&shu=251acc86ff96ca32843b5b3b9e7c57f9d861d2ba263e32597698f8b8a3658c80f6dde81662691d988de154cebd706b8cc6f1dfeae49ef582b5e3db082a46c15f87903278e6efe6890821307c89423a976d047a25228b306663fe5cedd62842f2b1233d&pst=1701634591&rmtc=t HTTP/1.1
Host: evaporatehorizontally.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.zohaibrock.xyz
Referer: https://www.zohaibrock.xyz/
DNT: 1
Connection: keep-alive
Cookie: u_pl=17433668; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzQzMzY2OCwiayI6IjI2YjE2YmNiZTA2MmI5NjAyMGNlYTczYjdkM2E2NmM5Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTExMjY3LCJwaWQiOjQ5NzQ5NSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyNiwicHQiOjQsInBrIjoia242a3pmeW4iLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cuem9oYWlicm9jay54eXovMjAyMy8xMi9Gb3J0bml0ZS1DaGFwdGVyLTUtU2Vhc29uLTEtRlBTLUJvb3N0LVBhY2suaHRtbCIsImFyIjpbXX19.isY9Qv-xDqYpvw_b6BddG4kcVRJWXntcx3zb70AN9PY
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 20:15:33 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.zohaibrock.xyz
Access-Control-Allow-Origin: https://www.zohaibrock.xyz
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=fd2eb995-dadb-4256-b070-032f5a63141f:1:1; expires=Sun, 10 Dec 2023 20:15:32 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 04 Dec 2023 20:15:33 GMT; secure; SameSite=None
uncs=1; expires=Mon, 04 Dec 2023 20:15:33 GMT; secure; SameSite=None
pdhtkv26=true; expires=Mon, 04 Dec 2023 20:15:33 GMT; secure; SameSite=None
uncs26=1; expires=Mon, 04 Dec 2023 20:15:33 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5a00d2945cd84424a0cbe7c71bf49740
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
15 kB URL fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 10:04:07 GMT
expires: Fri, 29 Nov 2024 10:04:07 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 295886
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/bi/d4/dd/04/d4dd04b60d127cc9a09cb258e5a5af82/1676971046.jpg
44 kB URL cdn.cloudimagesb.com/bi/d4/dd/04/d4dd04b60d127cc9a09cb258e5a5af82/1676971046.jpg
IP
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2023:02:16 19:28:52], baseline, precision 8, 320x50, components 3\012- data
Hash 0eb8b7fc1e3e5d1cacd335678cb62902
cc29c5be1c0ac149af756c8a5116d22dde243baf
8ddf9415c9a7120406ae7096defd31e0c0b0c0104dd11aa8ffdb849db627b8c5
GET /bi/d4/dd/04/d4dd04b60d127cc9a09cb258e5a5af82/1676971046.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 03 Dec 2023 20:15:33 GMT
content-type: image/jpeg
content-length: 44165
server: nginx/1.21.6
last-modified: Tue, 21 Feb 2023 09:17:34 GMT
etag: "63f48c2e-ac85"
expires: Tue, 05 Dec 2023 20:15:33 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
16 kB URL fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 11:28:20 GMT
expires: Fri, 29 Nov 2024 11:28:20 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 290833
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.youtube.com/generate_204?KsjE6w
0 B URL www.youtube.com/generate_204?KsjE6w
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /generate_204?KsjE6w HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/3KP87pdG7t0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-length: 0
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 20:15:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
31 B URL www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
IP
File type JSON data\012- , ASCII text
Hash 5e1fa6fd9abd549a576f3f24b1d3c8d4
d5335d7f7d33be6a0b663f03b2df4df2521c4a87
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Request-Time: 1701634538753
Content-Type: application/json
X-Goog-Visitor-Id: CgtkS21fc0czOXp6Yyjiw7OrBjIICgJOTxICEgA%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20231128.01.01
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1701634536540&flash=0&frm=2&u_tz&u_his=3&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C479%2C356&vis=1&wgl=true&ca_type=image
Content-Length: 15318
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/3KP87pdG7t0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Sun, 03 Dec 2023 20:15:33 GMT
server: scaffolding on HTTPServer2
content-length: 31
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+026; expires=Tue, 02-Dec-2025 20:15:33 GMT; path=/; domain=.youtube.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 03 Dec 2023 20:15:33 GMT
cache-control: private
www.gstatic.com/recaptcha/api2/logo_48.png
2.2 kB URL www.gstatic.com/recaptcha/api2/logo_48.png
IP
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:37:43 GMT
expires: Wed, 06 Dec 2023 21:37:43 GMT
cache-control: public, max-age=604800
age: 340670
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cdn.cloudimagesb.com/bi/39/49/1b/39491b29d3a379ff93fe0eb35b8de717/1676972055.jpg
62 kB URL cdn.cloudimagesb.com/bi/39/49/1b/39491b29d3a379ff93fe0eb35b8de717/1676972055.jpg
IP
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2023:02:16 21:07:30], baseline, precision 8, 468x60, components 3\012- data
Hash 9a846be3e13ffe5621204d95d4488cd7
f5d771dbcb76a7e2cef1c3a5a77389eab5810a0c
11688538abbe144733b0acc7786b13564cdc9e18a610fc79dbcc3f91227fe717
GET /bi/39/49/1b/39491b29d3a379ff93fe0eb35b8de717/1676972055.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 03 Dec 2023 20:15:33 GMT
content-type: image/jpeg
content-length: 62469
server: nginx/1.21.6
last-modified: Tue, 21 Feb 2023 09:34:23 GMT
etag: "63f4901f-f405"
expires: Tue, 05 Dec 2023 20:15:33 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
191 kB URL www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
IP
File type ASCII text, with very long lines (563)
Size 191 kB (190682 bytes)
Hash 23b9dd721490a4062ba8d01454ef6ba9
efdbb7331585411f7d397dacbf51fd3e95f3031d
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7
GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 190682
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 03 Dec 2023 11:52:30 GMT
expires: Mon, 02 Dec 2024 11:52:30 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 30183
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed
75 kB URL www.google.com/recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed
IP
File type gzip compressed data\012- data
Hash 67a9560b196499a2cf9fb5b1584f7826
30a2338d55fabb227c69a0f38a89dff3f80dd074
40b08560082c5e75c68cda6706e8944c824aff8d682efd84ae8c32e1ac236937
GET /recaptcha/api2/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu&co=aHR0cHM6Ly93d3cuYmxvZ2dlci5jb206NDQz&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=rw4o81gav5n3
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 03 Dec 2023 20:15:33 GMT
date: Sun, 03 Dec 2023 20:15:33 GMT
cache-control: private, max-age=300
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_0
46 kB URL apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_0
IP
File type ASCII text, with very long lines (1505)
Hash a5139ae5276fac825f580dd8b48d0f72
2820e165c330673129cebdc8e7cf806e1620c0a0
2170ad362c9ba9f7ff9b642d2a9d72a263fff1cd47de3664c55d6a7462c4cbc3
GET /_/scs/abc-static/_/js/k=gapi.lb.en.coKrc9A11Ng.O/m=gapi_iframes,gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_J8xjByIzBlcB6zLaAkxsUwdPdIw/cb=gapi.loaded_0 HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-length: 45499
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 14:50:13 GMT
expires: Thu, 28 Nov 2024 14:50:13 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 08 Nov 2023 22:37:21 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 365120
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.youtube.com/s/subscriptions/subscribe_embed/img/subscribe_button_branded_lozenge.png
156 B URL www.youtube.com/s/subscriptions/subscribe_embed/img/subscribe_button_branded_lozenge.png
IP
File type PNG image data, 16 x 12, 8-bit/color RGBA, non-interlaced\012- data
Hash 3a8e642ad57b76e2890447ad02feea76
e8b7156d51855db513ecf3ccceff4955acb4b3af
cdb5ca36664e6906c51c4336873d7b45f29cb48c3b3188c853980813da650712
GET /s/subscriptions/subscribe_embed/img/subscribe_button_branded_lozenge.png HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/s/subscriptions/subscribe_embed/css/www-subscribe-embed_split_v0.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 156
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 12:15:57 GMT
expires: Thu, 28 Nov 2024 12:15:57 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 18 Sep 2020 20:15:00 GMT
content-type: image/png
age: 374376
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
0 B URL jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 03 Dec 2023 20:15:33 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
yt3.ggpht.com/I3LjtqiaUcIQG10qbKF41ijJw_LMXColJtE85tifHEAeQRs_QUjirG5PEL6ZlgpflTYfXIpQtw=s48-c-k-c0x00ffffff-no-rj
2.1 kB URL yt3.ggpht.com/I3LjtqiaUcIQG10qbKF41ijJw_LMXColJtE85tifHEAeQRs_QUjirG5PEL6ZlgpflTYfXIpQtw=s48-c-k-c0x00ffffff-no-rj
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Hash 32317056249ad00f668929829d5f386a
4714c7e229dbac27a7becda55be54556df457054
bfab5b8362ef0a8f406065cc0f0ea4338156f32583e5f7a9fb8cfbceccccfc13
GET /I3LjtqiaUcIQG10qbKF41ijJw_LMXColJtE85tifHEAeQRs_QUjirG5PEL6ZlgpflTYfXIpQtw=s48-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
x-content-type-options: nosniff
server: fife
content-length: 2096
x-xss-protection: 0
date: Sun, 03 Dec 2023 19:17:39 GMT
expires: Mon, 04 Dec 2023 19:17:39 GMT
cache-control: public, max-age=86400, no-transform
age: 3474
etag: "v1"
content-type: image/jpeg
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.p3UiCj65kJc.es5.O/ck=boq-blogger.BloggerCommentUi.D4K7pZnhZrg.L.F4.O/am=QBikBg/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,RqjULd,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,bm51tf,byfTOb,duFQFc,e5qFLc,eD1YLc,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP3X42i0kXRgVKl3800X8GWZ-Korng/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:duFQFc/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
1.7 kB URL www.blogger.com/_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.p3UiCj65kJc.es5.O/ck=boq-blogger.BloggerCommentUi.D4K7pZnhZrg.L.F4.O/am=QBikBg/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,RqjULd,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,bm51tf,byfTOb,duFQFc,e5qFLc,eD1YLc,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP3X42i0kXRgVKl3800X8GWZ-Korng/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:duFQFc/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
IP
File type ASCII text, with very long lines (732)
Hash 5301eb55c9b56fe63b5777c3b46408a9
c0acd0a65748169cfa558d59acdda2ea19e69c98
daae83fcb2b9eb4c3adf0b8a95f9054c2e7e55cf34cce7136308cb700e44b645
GET /_/scs/mss-static/_/js/k=boq-blogger.BloggerCommentUi.en.p3UiCj65kJc.es5.O/ck=boq-blogger.BloggerCommentUi.D4K7pZnhZrg.L.F4.O/am=QBikBg/d=1/exm=A7fCU,BVgquf,COQbmf,EEDORb,EFQ78c,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MI6k7c,MdUzUe,Mlhmy,MpJwZc,NwH0H,O1Gjze,O6y8ed,OTA3Ae,OmgaI,PrPYRd,RMhBfe,RqjULd,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VXdfxd,VwDzFe,WO9ee,XVMNvd,YwHGTd,Z5uLle,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,bm51tf,byfTOb,duFQFc,e5qFLc,eD1YLc,fKUV3e,fgib1c,gZjhIf,gychg,hKSk3e,hc6Ubd,kWgXee,kjKdXe,lazG7b,lsjVmc,lwddkf,mI3LFb,mdR7q,n73qwf,ovKuLd,pjICDe,pxq3x,vfuNJf,w9hDv,wmnU7d,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c,zr1jrb/excm=_b,_tp,commentformiframeview/ed=1/wt=2/ujg=1/rs=AEy-KP3X42i0kXRgVKl3800X8GWZ-Korng/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:duFQFc/m=Wt6vjf,hhhU8,FCpbqb,WhJNk HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/blogger-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/blogger-boq-js-css-signers"
report-to: {"group":"boq-infra/blogger-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/blogger-boq-js-css-signers"}]}
content-length: 1652
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 01:54:40 GMT
expires: Fri, 29 Nov 2024 01:54:40 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Mon, 27 Nov 2023 09:08:07 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 325253
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
114 B URL jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 6ae36543af303a26f63e0af5a9000086
4b5cf233896a34ec29d974a62b9aa58c63b1afe5
6bd2cfb46fbc4e57ed9c097a109152ce7e29abc81c4d666b11326d1fde6b3e7c
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1311
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 03 Dec 2023 20:15:33 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
conqueredallrightswell.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17433661
1.4 kB URL conqueredallrightswell.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17433661
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (480)
Hash b28481edb11a157618b78380cfff0b8f
3a1e91fae76e2710f5de71d45072024161f399a9
d2a506c990b76aa4c32ffce24864da298707d1b8b8d61549c7663cdf3cdf3970
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17433661 HTTP/1.1
Host: conqueredallrightswell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.zohaibrock.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 20:15:33 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16122660; expires=Mon, 04 Dec 2023 20:15:33 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTc0MzM2NjEiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cuem9oYWlicm9jay54eXovIiwiYXIiOltdfX0.Z0CJZdtpegwtWeujUW_z8cAUp6k0mRlQpOA32EHuGlo; expires=Sun, 03 Dec 2023 20:16:33 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bae16ef9e304ef939e3044fc5943e8e8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
conqueredallrightswell.com/api/users?token=L2R5ZmMxazA5P2tleT04NjM3MDViY2JiNGI2YTU1NGRkYjM1OTY2NTM5NWE2ZiZwc2lkPTE3NDMzNjYxJnBzdD0xNzAxNjM0NTkzJnJlZmVyPWh0dHBzJTNBJTJGJTJGd3d3LnpvaGFpYnJvY2sueHl6JTJGJnJtdGM9dCZzaHU9MGU4MWE4OWM5NmVkZGZiMjE3MGM1YzEzNmUwNmM2OTc4YjBlYmRhOWE2MjBmOWM1YmMxMWMzODg1MTNiY2E1ZTFkZWJhOGEzOTVkZGNiZGE2MWVmZTljNzc4MTI3ODZmZDM2ODMyN2M3OGMxZWM0YThjNTQ2OTMxNjZiYWE3NTAwYTBmYmI1YjgzNWI3MTk4YTM0YzA2MDQyODgyMTk1ZDYzYTNiZGU0YTk1YTMyNzMzYjA2NjhmN2M1ZjQ%3D&uuid=&pii=&in=false
0 B URL conqueredallrightswell.com/api/users?token=L2R5ZmMxazA5P2tleT04NjM3MDViY2JiNGI2YTU1NGRkYjM1OTY2NTM5NWE2ZiZwc2lkPTE3NDMzNjYxJnBzdD0xNzAxNjM0NTkzJnJlZmVyPWh0dHBzJTNBJTJGJTJGd3d3LnpvaGFpYnJvY2sueHl6JTJGJnJtdGM9dCZzaHU9MGU4MWE4OWM5NmVkZGZiMjE3MGM1YzEzNmUwNmM2OTc4YjBlYmRhOWE2MjBmOWM1YmMxMWMzODg1MTNiY2E1ZTFkZWJhOGEzOTVkZGNiZGE2MWVmZTljNzc4MTI3ODZmZDM2ODMyN2M3OGMxZWM0YThjNTQ2OTMxNjZiYWE3NTAwYTBmYmI1YjgzNWI3MTk4YTM0YzA2MDQyODgyMTk1ZDYzYTNiZGU0YTk1YTMyNzMzYjA2NjhmN2M1ZjQ%3D&uuid=&pii=&in=false
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /api/users?token=L2R5ZmMxazA5P2tleT04NjM3MDViY2JiNGI2YTU1NGRkYjM1OTY2NTM5NWE2ZiZwc2lkPTE3NDMzNjYxJnBzdD0xNzAxNjM0NTkzJnJlZmVyPWh0dHBzJTNBJTJGJTJGd3d3LnpvaGFpYnJvY2sueHl6JTJGJnJtdGM9dCZzaHU9MGU4MWE4OWM5NmVkZGZiMjE3MGM1YzEzNmUwNmM2OTc4YjBlYmRhOWE2MjBmOWM1YmMxMWMzODg1MTNiY2E1ZTFkZWJhOGEzOTVkZGNiZGE2MWVmZTljNzc4MTI3ODZmZDM2ODMyN2M3OGMxZWM0YThjNTQ2OTMxNjZiYWE3NTAwYTBmYmI1YjgzNWI3MTk4YTM0YzA2MDQyODgyMTk1ZDYzYTNiZGU0YTk1YTMyNzMzYjA2NjhmN2M1ZjQ%3D&uuid=&pii=&in=false HTTP/1.1
Host: conqueredallrightswell.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://conqueredallrightswell.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
Cookie: u_pl=16122660; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTc0MzM2NjEiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cuem9oYWlicm9jay54eXovIiwiYXIiOltdfX0.Z0CJZdtpegwtWeujUW_z8cAUp6k0mRlQpOA32EHuGlo; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.19.5
Date: Sun, 03 Dec 2023 20:15:34 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://violationphysics.click/c9b2l0k.php?key=wkroiqew1c9guvr0kbe2&SUB_ID_SHORT=300ad2fbcf7043ef8472edc39d1a048a&COST_CPA=0.100000&PLACEMENT_ID=16122660&CAMPAIGN_ID=882703&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2569625
Set-Cookie: iprcdadab8a550e4faabf9ef8be7712816b2=4641329; expires=Mon, 04 Dec 2023 20:15:34 GMT
pdhtkv=true; expires=Mon, 04 Dec 2023 20:15:34 GMT
uncs=1; expires=Mon, 04 Dec 2023 20:15:34 GMT
pdhtkv28=true; expires=Mon, 04 Dec 2023 20:15:34 GMT
uncs28=1; expires=Mon, 04 Dec 2023 20:15:34 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a59b7a3b10c0b7f5ac1f3642a89b1425
Strict-Transport-Security: max-age=0; includeSubdomains
violationphysics.click/c9b2l0k.php?key=wkroiqew1c9guvr0kbe2&SUB_ID_SHORT=300ad2fbcf7043ef8472edc39d1a048a&COST_CPA=0.100000&PLACEMENT_ID=16122660&CAMPAIGN_ID=882703&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2569625
0 B URL violationphysics.click/c9b2l0k.php?key=wkroiqew1c9guvr0kbe2&SUB_ID_SHORT=300ad2fbcf7043ef8472edc39d1a048a&COST_CPA=0.100000&PLACEMENT_ID=16122660&CAMPAIGN_ID=882703&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2569625
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c9b2l0k.php?key=wkroiqew1c9guvr0kbe2&SUB_ID_SHORT=300ad2fbcf7043ef8472edc39d1a048a&COST_CPA=0.100000&PLACEMENT_ID=16122660&CAMPAIGN_ID=882703&DEVICE_BRAND=Unknown&BROWSER_NAME=Firefox&USER_OS=Windows&USER_CARRIER=Blix%20Solutions&USERAGENT=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&REMOTE_LANGUAGE=11&BANNER_ID=2569625 HTTP/1.1
Host: violationphysics.click
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://conqueredallrightswell.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Sun, 03 Dec 2023 20:15:35 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uclick=h9ikh9xsnt; expires=Mon, 04-Dec-2023 20:15:35 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=h9ikh9xsnt-h9ikh9xsnt-hq1m-0-q5a4bl-ftxofe-ft8pdz-a5ffd1; expires=Mon, 04-Dec-2023 20:15:35 GMT; Max-Age=86400; path=/; secure; SameSite=none
Location: https://vvfal.rigelbetelgeuse.top/?pl=zKByXHsQK0ydGD7DogbGyA&click_id=7742bh9ikh9xsntdae&sub_id=16122660
Strict-Transport-Security: max-age=31536000
vvfal.rigelbetelgeuse.top/?pl=zKByXHsQK0ydGD7DogbGyA&click_id=7742bh9ikh9xsntdae&sub_id=16122660
0 B URL vvfal.rigelbetelgeuse.top/?pl=zKByXHsQK0ydGD7DogbGyA&click_id=7742bh9ikh9xsntdae&sub_id=16122660
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?pl=zKByXHsQK0ydGD7DogbGyA&click_id=7742bh9ikh9xsntdae&sub_id=16122660 HTTP/1.1
Host: vvfal.rigelbetelgeuse.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://conqueredallrightswell.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sun, 03 Dec 2023 20:15:35 GMT
content-length: 0
location: https://vvfal.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=7742bh9ikh9xsntdae&sub_id=16122660&nrid=2f96b1d0b5c7431b8b52c3bde939527f&hash=WuLXpmPvFwoxB96kpNwSSA&exp=1701634835
set-cookie: zKByXHsQK0ydGD7DogbGyA=5; max-age=345600; path=/; samesite=lax
__pl=d6548c18-07ae-4ffa-a94f-3706ceb4369c; expires=Wed, 03 Dec 2025 20:15:35 GMT; path=/; samesite=lax
__cap=1; max-age=3600; path=/; samesite=lax
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3CunEH3KoAKSlap9g%2ByueVzb92SLIUe%2F0zlXYyxIz98vHpcXtn2FFrFtGKGYBPs0rfsjSoEs%2F6Q6JCvzsQqy0I9M%2BJ4K3HDWRrJgE77Vm0NJyiPt%2FNa%2FmlUy7fQeHdQJleGCgCjZ4c9ZcCYP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fe7b85e840b51d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
vvfal.stonecarv.top/eyes-robot/assets/1.png
11 kB URL vvfal.stonecarv.top/eyes-robot/assets/1.png
IP
File type PNG image data, 179 x 278, 8-bit colormap, non-interlaced\012- data
Hash a6fa8154cc36da494df7b5103329c15a
3a2310088bcec14f7c0187f8409a5af5395665e8
967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837
GET /eyes-robot/assets/1.png HTTP/1.1
Host: vvfal.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=7742bh9ikh9xsntdae&sub_id=16122660&nrid=2f96b1d0b5c7431b8b52c3bde939527f&hash=WuLXpmPvFwoxB96kpNwSSA&exp=1701634835
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 20:15:35 GMT
content-type: image/png
content-length: 10591
last-modified: Fri, 01 Dec 2023 10:07:50 GMT
etag: "6569b076-295f"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5621
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6UUX8W%2FYdfz%2Fg66oHrQQ3ywaYi044K%2FS9E2dXnK3zuEx%2BeiBgLWzHeYo0DgP05VQFIUUuieS6JM20587v6vgBRehxFK%2FIV%2BqCN%2FOB%2BeSjAknp0uChtq7Wx%2BZQLy6tYrX1efn4MyD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fe7b87dc145690-OSL
alt-svc: h3=":443"; ma=86400
vvfal.stonecarv.top/eyes-robot/assets/2.png
1.1 kB URL vvfal.stonecarv.top/eyes-robot/assets/2.png
IP
File type PNG image data, 94 x 19, 8-bit colormap, non-interlaced\012- data
Hash d708fbf0358752a082f5a394b74adda8
231c1527b4b039eb3af7d7e9eb5587ed87f6ea81
09d12e3c0e65fda26b9073e70e02fb24fa6941a4a3b1b81211b6470f00769ea5
GET /eyes-robot/assets/2.png HTTP/1.1
Host: vvfal.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=7742bh9ikh9xsntdae&sub_id=16122660&nrid=2f96b1d0b5c7431b8b52c3bde939527f&hash=WuLXpmPvFwoxB96kpNwSSA&exp=1701634835
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 20:15:35 GMT
content-type: image/png
content-length: 1061
last-modified: Fri, 01 Dec 2023 10:07:50 GMT
etag: "6569b076-425"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5621
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FgXtj%2BoSSWMm1zFBvsTbmC7o0YswzqalwL2w4wtuayf21gHVQCvUy4LsVsBIlPA9RTl3F%2B5dr77xwMGfiVs7g58t5eL0DSMNxev2YnVFwbM5hIXRJFBQRL13%2BSk2gdjs1%2FbqiyjM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fe7b87dc1f5690-OSL
alt-svc: h3=":443"; ma=86400
vvfal.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=7742bh9ikh9xsntdae&sub_id=16122660&nrid=2f96b1d0b5c7431b8b52c3bde939527f&hash=WuLXpmPvFwoxB96kpNwSSA&exp=1701634835
13 kB URL vvfal.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=7742bh9ikh9xsntdae&sub_id=16122660&nrid=2f96b1d0b5c7431b8b52c3bde939527f&hash=WuLXpmPvFwoxB96kpNwSSA&exp=1701634835
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash d091598187b0c2607db0dc04029e3457
0594d408ea97d509719300d8e4c19ce49078f55b
9f40361e807d9f0d4bbb68b5e68f9626231ae6b04fb26262190529eff247ddf8
GET /eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=7742bh9ikh9xsntdae&sub_id=16122660&nrid=2f96b1d0b5c7431b8b52c3bde939527f&hash=WuLXpmPvFwoxB96kpNwSSA&exp=1701634835 HTTP/1.1
Host: vvfal.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://conqueredallrightswell.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 03 Dec 2023 20:15:35 GMT
content-type: text/html
last-modified: Fri, 01 Dec 2023 10:07:50 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KsLZyoqGshAENIQnWuz6%2FcB2E1Pf2j8iYxVpzk66gjhOtAPMFE%2FBusPgnuVAB7egfhmmbfFLRUj%2Fxu5krEIzCW34YQyGSTnbj3o6NXSifpmSzCYKOZ8H1ZVIUqPT%2F1nLHupV4d5v"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82fe7b868c2c712e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
vvfal.stonecarv.top/favicon.ico
0 B URL vvfal.stonecarv.top/favicon.ico
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: vvfal.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=7742bh9ikh9xsntdae&sub_id=16122660&nrid=2f96b1d0b5c7431b8b52c3bde939527f&hash=WuLXpmPvFwoxB96kpNwSSA&exp=1701634835
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Sun, 03 Dec 2023 20:15:35 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 5681
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B5HZ7e1wpW30iLUjMEbG0s3D%2BD%2FqOb7%2BGnbgaYLMwT0JsDi9FMFenkxAQ6qgVis7I73HiAOQM9hUdGDouYxbUxRc5RSCRqC6xMSW1B7qgylgkO3uzUjl5wpOdsB9R3zSqYX0aa9t"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fe7b88bd755690-OSL
alt-svc: h3=":443"; ma=86400
www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js
9.3 kB URL www.gstatic.com/firebasejs/10.3.1/firebase-app-compat.js
IP
File type ASCII text, with very long lines (28368)
Hash 9900403b65514fad7df39a4e788a6e45
75f9ba061ef4e72bb23528c700f2a11c56d637e9
a202b2051ea9810cd9ba592b3f9418a89e2062f5c185e29e288080b28eb64fe5
GET /firebasejs/10.3.1/firebase-app-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.stonecarv.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9308
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 06:08:34 GMT
expires: Fri, 29 Nov 2024 06:08:34 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 31 Aug 2023 15:20:38 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 310022
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdnstatic.stonecarv.top/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=7742bh9ikh9xsntdae&sub_id=16122660&appspot=&d=https%3A%2F%2Fcdnstatic.stonecarv.top&timeout=30&tb=true&nrid=2f96b1d0b5c7431b8b52c3bde939527f
23 kB URL cdnstatic.stonecarv.top/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=7742bh9ikh9xsntdae&sub_id=16122660&appspot=&d=https%3A%2F%2Fcdnstatic.stonecarv.top&timeout=30&tb=true&nrid=2f96b1d0b5c7431b8b52c3bde939527f
IP
File type Unicode text, UTF-8 text, with very long lines (31622), with no line terminators
Hash c704b6c037dea37b3aa5146ee1f610f0
907de37663bafe9d2ba8cb0efae35b1cc6119a0b
710d6d9ee3252d6e103857a99d94e40a0be8ea546ec1689046d6712a710b3f37
GET /ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=7742bh9ikh9xsntdae&sub_id=16122660&appspot=&d=https%3A%2F%2Fcdnstatic.stonecarv.top&timeout=30&tb=true&nrid=2f96b1d0b5c7431b8b52c3bde939527f HTTP/1.1
Host: cdnstatic.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://vvfal.stonecarv.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 20:15:35 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: BYPASS
set-cookie: __psu=46e26ca8-464d-4c7b-89fd-77e82a3fbd3f; expires=Wed, 03 Dec 2025 20:15:35 GMT; path=/; secure; samesite=none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JRFmWsoSiPsGiFs%2FCfLGTSAkBeGyaJH050jUmUhiOfozwDrntJUyw0rDsb%2FuUeKiAzi0p9248VnXFXkC56BfJnjrYodNGIbCfCPKNT%2F3BdIDisJ4lLK1gGboPDAILYacXTE9kMiC12KaiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fe7b883ca25690-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
a.stonecarv.top/eyes-robot/assets/2.png
1.1 kB URL a.stonecarv.top/eyes-robot/assets/2.png
IP
File type PNG image data, 94 x 19, 8-bit colormap, non-interlaced\012- data
Hash d708fbf0358752a082f5a394b74adda8
231c1527b4b039eb3af7d7e9eb5587ed87f6ea81
09d12e3c0e65fda26b9073e70e02fb24fa6941a4a3b1b81211b6470f00769ea5
GET /eyes-robot/assets/2.png HTTP/1.1
Host: a.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=7742bh9ikh9xsntdae&sub_id=16122660&nrid=2f96b1d0b5c7431b8b52c3bde939527f&hash=WuLXpmPvFwoxB96kpNwSSA&exp=1701634835
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 20:15:36 GMT
content-type: image/png
content-length: 1061
last-modified: Fri, 01 Dec 2023 10:07:50 GMT
etag: "6569b076-425"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5553
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iCBK4UIMbaxKlJcUQ2T69TVPlQo8sHTG6%2B3A%2F1LHJKmpvlNh05Rk%2Fn3Lxy6cn9CNosEZzV0SmUXTS%2BiOS10ey9QAJWhXBWMMtoI%2F9NdbeajcQX3eR3UaeSZaMFrlXP1upW8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fe7b8c0a445690-OSL
alt-svc: h3=":443"; ma=86400
a.stonecarv.top/eyes-robot/assets/1.png
11 kB URL a.stonecarv.top/eyes-robot/assets/1.png
IP
File type PNG image data, 179 x 278, 8-bit colormap, non-interlaced\012- data
Hash a6fa8154cc36da494df7b5103329c15a
3a2310088bcec14f7c0187f8409a5af5395665e8
967b8859fedb2c63afc8ae6ae2839fdd40f0e26af85adc6605a629f3c0ed0837
GET /eyes-robot/assets/1.png HTTP/1.1
Host: a.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=7742bh9ikh9xsntdae&sub_id=16122660&nrid=2f96b1d0b5c7431b8b52c3bde939527f&hash=WuLXpmPvFwoxB96kpNwSSA&exp=1701634835
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 20:15:36 GMT
content-type: image/png
content-length: 10591
last-modified: Fri, 01 Dec 2023 10:07:50 GMT
etag: "6569b076-295f"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5554
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9QDr5GID0ZxCzA3PTm2HoAcT6j6U4M1UQUiU2GRYjwxMjfxuy7FeR6SOzVj6J5HbMSwRwLzvNJoBoS0C36LHh6ySl4flhkxFeEDD57escHC7n6TRTe3oxvDOFQSamhjhg4k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fe7b8c0a435690-OSL
alt-svc: h3=":443"; ma=86400
a.stonecarv.top/eyes-robot/assets/style.css
12 kB URL a.stonecarv.top/eyes-robot/assets/style.css
IP
File type ASCII text, with CRLF line terminators
Hash a18afa3eac509b6062c9362a725ac421
5e06e9b3af42189e9456a7ea3bda665e10c86405
29ee31143c5bd03b7dcaf2e40476e50c4ed26d32a725525a4f3dced678c90896
GET /eyes-robot/assets/style.css HTTP/1.1
Host: a.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.stonecarv.top/eyes-robot/?pl=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=7742bh9ikh9xsntdae&sub_id=16122660&nrid=2f96b1d0b5c7431b8b52c3bde939527f&hash=WuLXpmPvFwoxB96kpNwSSA&exp=1701634835
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 20:15:36 GMT
content-type: text/css
last-modified: Fri, 01 Dec 2023 10:07:50 GMT
etag: W/"6569b076-cf6"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5556
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iDqhhdhoU1z1OYg4aeIzgyozf2tLsD9oDb4c69oiGlLwKP10SDUn9oQTFNR4t2qPYSJXZwn%2B6UD%2FdHEbJSrMfBDVHzqTx0rX895POTUYDk%2BQJJJ4dQrC4hc5hFp%2BP%2BX1njg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fe7b8c0a415690-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
cdnstatic.stonecarv.top/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=7742bh9ikh9xsntdae&sub_id=16122660&appspot=&d=https%3A%2F%2Fcdnstatic.stonecarv.top&timeout=30&tb=true&nrid=2f96b1d0b5c7431b8b52c3bde939527f
13 kB URL cdnstatic.stonecarv.top/ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=7742bh9ikh9xsntdae&sub_id=16122660&appspot=&d=https%3A%2F%2Fcdnstatic.stonecarv.top&timeout=30&tb=true&nrid=2f96b1d0b5c7431b8b52c3bde939527f
IP
File type Unicode text, UTF-8 text, with very long lines (31622), with no line terminators
Hash 1629b7c6025c098b076d438a5ca68857
cb2f9b460527bb86654c706364cca255a37509ad
f8f7c01505bf5f2e4f36e2a8d83eb607358dd1bfe97d1f8843da7338b2f3aefb
GET /ps/ps.js?&edg=true&sw=&fullscreen=true&pl=true&pp=false&id=zKByXHsQK0ydGD7DogbGyA&sm=eyes-robot&click_id=7742bh9ikh9xsntdae&sub_id=16122660&appspot=&d=https%3A%2F%2Fcdnstatic.stonecarv.top&timeout=30&tb=true&nrid=2f96b1d0b5c7431b8b52c3bde939527f HTTP/1.1
Host: cdnstatic.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.stonecarv.top/
Cookie: __psu=46e26ca8-464d-4c7b-89fd-77e82a3fbd3f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 20:15:36 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cKNkIHJVItn8a8N2%2B7sAALQjs1fCkUqdSSblPKqrqf7jnhfaxFdvgE5qfRei11wnsseJBCdglhzoCSPkWADx%2BOtnIwYvvS0xwk8Wu1dL7PqCR0IeMiWVb6qH8Mf6r4er6HWhNvF97%2Fa0tw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fe7b8c6add5690-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
cdnstatic.stonecarv.top/ps/config.js?id=zKByXHsQK0ydGD7DogbGyA
9.5 kB URL cdnstatic.stonecarv.top/ps/config.js?id=zKByXHsQK0ydGD7DogbGyA
IP
File type ASCII text, with CRLF line terminators
Hash 512755a6a34075b4a23c875b7ae24013
f8cecb3663d1d20fcf19a10af2a47d8238636ed3
d9cc92407823fafcd54c6e83fb6b9a51fbf3a4d9c73b2f4da64243d24ce2f81a
GET /ps/config.js?id=zKByXHsQK0ydGD7DogbGyA HTTP/1.1
Host: cdnstatic.stonecarv.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.stonecarv.top/
Cookie: __psu=46e26ca8-464d-4c7b-89fd-77e82a3fbd3f
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 03 Dec 2023 20:15:36 GMT
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store, must-revalidate
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gGYfgBVVSgq64XIPYPpMGf6vT%2FCG1xnAQ9tT08TzOVwC6jttoIgZeL88KtVfMoT7WaXd7KS5ir6oXuLNAr1b9Mft%2BpP8HZaEi8IajksEKCKjenZLg6DnlKtSFXhgIXrOmppo06vWxIZWYg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82fe7b8ccb7c5690-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
9.9 kB URL www.gstatic.com/firebasejs/10.3.1/firebase-messaging-compat.js
IP
File type ASCII text, with very long lines (38231)
Hash 0541b823dfaf39162ef84cf075c9951b
e0934726455558cc1a59823efada9651e33aafaa
21f1d62f222007068c793f0947d98f4ccb7c1595adb68efeb783390fdd8b5522
GET /firebasejs/10.3.1/firebase-messaging-compat.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.stonecarv.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 9934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 05:05:32 GMT
expires: Fri, 29 Nov 2024 05:05:32 GMT
cache-control: public, max-age=31536000
age: 313804
last-modified: Thu, 31 Aug 2023 15:20:50 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.toprevenuegate.com/zj77nccnbs?key=7c1ef88f2943ca666bff02795f23060d
1.3 kB URL www.toprevenuegate.com/zj77nccnbs?key=7c1ef88f2943ca666bff02795f23060d
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (408)
Hash 1c2162ab578c9d2b10b863cce18d04c7
2853c92e8b288b02f4b04e8e85c83eb78a5bf448
074cf11a3bd729827713a04098d8b30768d7dd6d0bf28b4e76910873ad1aa1eb
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /zj77nccnbs?key=7c1ef88f2943ca666bff02795f23060d HTTP/1.1
Host: www.toprevenuegate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 03 Dec 2023 20:15:37 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=19854905; expires=Mon, 04 Dec 2023 20:15:37 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTg1NDkwNSwiayI6IjdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNzIyNjE4LCJwaWQiOjI0MDE2MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjoyOCwicHQiOjQsInBrIjoiemo3N25jY25icyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiIiwiYXIiOltdfX0.2FQGO2YhCNPTmdlXXLBtr2hi4zXbhcFHRg0XwRi4mrk; expires=Sun, 03 Dec 2023 20:16:37 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7a6d22b0a9c53408fb4a38453f43cd23
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.toprevenuegate.com/api/users?token=L3pqNzduY2NuYnM_a2V5PTdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkJnBzdD0xNzAxNjM0NTk3JnJtdGM9dCZzaHU9ODQ1ZDU3N2E5NzgyMDgzYjVjNjI4OGU2N2U2NjgyZGY0ZGQwOWYzMDgyZWYxNjM1MjgwMjVkNjE4OTJmN2IwZjMxOGU2NDBkYjEyNzExMGVlNWJlZjk0MmFmMTU4NmZhZTNiOWI0NmNjNGFmYmZlNDEyYTBiODkyOTU4OTRmOWQ2NTg3ZDQxMWRhNjBjOGE0NGFmM2FkOWJhZjIyZGY4Y2Y1MDE1NDhlNmNkY2I2MGZkZDQxZWVmMmNkZDg%3D&uuid=&pii=&in=false
0 B URL www.toprevenuegate.com/api/users?token=L3pqNzduY2NuYnM_a2V5PTdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkJnBzdD0xNzAxNjM0NTk3JnJtdGM9dCZzaHU9ODQ1ZDU3N2E5NzgyMDgzYjVjNjI4OGU2N2U2NjgyZGY0ZGQwOWYzMDgyZWYxNjM1MjgwMjVkNjE4OTJmN2IwZjMxOGU2NDBkYjEyNzExMGVlNWJlZjk0MmFmMTU4NmZhZTNiOWI0NmNjNGFmYmZlNDEyYTBiODkyOTU4OTRmOWQ2NTg3ZDQxMWRhNjBjOGE0NGFmM2FkOWJhZjIyZGY4Y2Y1MDE1NDhlNmNkY2I2MGZkZDQxZWVmMmNkZDg%3D&uuid=&pii=&in=false
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /api/users?token=L3pqNzduY2NuYnM_a2V5PTdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkJnBzdD0xNzAxNjM0NTk3JnJtdGM9dCZzaHU9ODQ1ZDU3N2E5NzgyMDgzYjVjNjI4OGU2N2U2NjgyZGY0ZGQwOWYzMDgyZWYxNjM1MjgwMjVkNjE4OTJmN2IwZjMxOGU2NDBkYjEyNzExMGVlNWJlZjk0MmFmMTU4NmZhZTNiOWI0NmNjNGFmYmZlNDEyYTBiODkyOTU4OTRmOWQ2NTg3ZDQxMWRhNjBjOGE0NGFmM2FkOWJhZjIyZGY4Y2Y1MDE1NDhlNmNkY2I2MGZkZDQxZWVmMmNkZDg%3D&uuid=&pii=&in=false HTTP/1.1
Host: www.toprevenuegate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.toprevenuegate.com/zj77nccnbs?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=19854905
Cookie: u_pl=19854905; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTg1NDkwNSwiayI6IjdjMWVmODhmMjk0M2NhNjY2YmZmMDI3OTVmMjMwNjBkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNzIyNjE4LCJwaWQiOjI0MDE2MywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjoyOCwicHQiOjQsInBrIjoiemo3N25jY25icyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiIiwiYXIiOltdfX0.2FQGO2YhCNPTmdlXXLBtr2hi4zXbhcFHRg0XwRi4mrk; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx/1.19.5
Date: Sun, 03 Dec 2023 20:15:38 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://shop.bigbasketshop.com/track?q=kghXWdDErq
Set-Cookie: iprc77413e4282f71c25b80bde1d916d1600=4591122; expires=Mon, 04 Dec 2023 20:15:38 GMT
pdhtkv=true; expires=Mon, 04 Dec 2023 20:15:38 GMT
uncs=1; expires=Mon, 04 Dec 2023 20:15:38 GMT
pdhtkv28=true; expires=Mon, 04 Dec 2023 20:15:38 GMT
uncs28=1; expires=Mon, 04 Dec 2023 20:15:38 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2d80afc1c4ac402f6d29abc41eb10b6b
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.r2m03.amazontrust.com/
471 B URL ocsp.r2m03.amazontrust.com/
IP
Hash 635ff90833a493ed2c5f086f31d24851
e492aaea87cf64ee9e5f5b60f5641d34639eea77
0874c8b481431f13d009f27bd0092d14b1859dab41c56bd7998c29f5c9659b98
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sun, 03 Dec 2023 20:15:38 GMT
Last-Modified: Sun, 03 Dec 2023 19:37:59 GMT
Server: ECAcc (ska/F7A5)
X-Cache: Miss from cloudfront
Via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: AewFuf58Xt35Ve280YsK6khfxxBVSdro7DN6-AT4eZPAEkZZN0siEw==
Age: 2259
clk.tradedoubler.com/click?p=225780&a=3238748&epi=TerraD
200 OK 3.6 kB URL User Request POST HTTP/2 clk.tradedoubler.com/click?p=225780&a=3238748&epi=TerraD
IP
Certificate IssuerAmazon
Subject*.tradedoubler.com
FingerprintE6:E6:D1:02:6C:9A:BE:00:C1:0E:B5:BC:61:D1:C1:FD:74:73:C4:9E
ValidityWed, 06 Sep 2023 00:00:00 GMT - Sat, 05 Oct 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (314)
Hash dffa9bac5be3f386079d2028d8264f59
e264575195c6ca302170a308b3da31f924b6d60c
43ffd816104a86bae1d1e75330e61c304463fcf25e6bdb5086c34a944b1e4c68
GET /click?p=225780&a=3238748&epi=TerraD HTTP/1.1
Host: clk.tradedoubler.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://shop.bigbasketshop.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 03 Dec 2023 20:15:38 GMT
content-type: text/html; charset=ISO-8859-1
content-length: 3610
server: TXServerHttp
access-control-allow-origin: *
cache-control: private, max-age=0
pragma: no-cache
referrer-policy: origin
X-Firefox-Spdy: h2
vht.tradedoubler.com/fp/fpjs.js
7.7 kB URL vht.tradedoubler.com/fp/fpjs.js
IP
File type ASCII text, with very long lines (19960)
Hash e967d9e86ec8ff44db0e24766ced642f
bd488430b8b4283eb82afda802a075cf841c29d3
040dff2a9b3d08a4654dec367d93f2b994a8ea0e573950d5561c0022af4a3c3a
GET /fp/fpjs.js HTTP/1.1
Host: vht.tradedoubler.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://clk.tradedoubler.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 7718
Connection: keep-alive
Date: Sat, 02 Dec 2023 03:49:02 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 09 Oct 2023 08:54:59 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: bMfgBE6Lbd9lrr3LzjC5td8pdxJsYiQjtjnamhy9vhJSJKUP6amSAA==
Age: 145596
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
clk.tradedoubler.com/favicon.ico
404 Not Found 193 B URL GET HTTP/2 clk.tradedoubler.com/favicon.ico
IP
Requested by https://clk.tradedoubler.com/click?p=225780&a=3238748&epi=TerraD
Certificate IssuerAmazon
Subject*.tradedoubler.com
FingerprintE6:E6:D1:02:6C:9A:BE:00:C1:0E:B5:BC:61:D1:C1:FD:74:73:C4:9E
ValidityWed, 06 Sep 2023 00:00:00 GMT - Sat, 05 Oct 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 523cbcb278f348bbe64563fe4cc9f435
5a436481b66ccb6dff53c5e1a14c08ef0b4a8e4b
37b6ca25983f4126bd10c135684bc8f421c8b48a5bdb75b5ad69c849035a84f4
GET /favicon.ico HTTP/1.1
Host: clk.tradedoubler.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://clk.tradedoubler.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
date: Sun, 03 Dec 2023 20:15:38 GMT
content-type: text/html; charset=ISO-8859-1
content-length: 193
X-Firefox-Spdy: h2
clk.tradedoubler.com/click?p=225780&a=3238748&epi=TerraD
200 OK 150 B URL User Request POST HTTP/2 clk.tradedoubler.com/click?p=225780&a=3238748&epi=TerraD
IP
Certificate IssuerAmazon
Subject*.tradedoubler.com
FingerprintE6:E6:D1:02:6C:9A:BE:00:C1:0E:B5:BC:61:D1:C1:FD:74:73:C4:9E
ValidityWed, 06 Sep 2023 00:00:00 GMT - Sat, 05 Oct 2024 23:59:59 GMT
File type HTML document text\012- HTML document, ASCII text, with no line terminators
Hash dc03e2e45f5c0d5e02f319e7f1e957cf
47725bedccb4c387bfc904021658cc7b343927ab
f064d039c1745fafca89f95ad9748a95b6ed51a78270b7feee25e968faef36b7
POST /click?p=225780&a=3238748&epi=TerraD HTTP/1.1
Host: clk.tradedoubler.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://clk.tradedoubler.com/
Content-Type: application/x-www-form-urlencoded
Content-Length: 90
Origin: https://clk.tradedoubler.com
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 03 Dec 2023 20:15:39 GMT
content-type: text/html; charset=ISO-8859-1
content-length: 150
set-cookie: GUID=1z11zz14Nz2HYTCWz9ee9f16aae57dffddb4bd6fa7bd541ba;expires=Mon, 02-Dec-2024 20:15:39 GMT;path=/;domain=.tradedoubler.com
server: TXServerHttp
access-control-allow-origin: *
cache-control: private, max-age=0
pragma: no-cache
referrer-policy: origin
X-Firefox-Spdy: h2
clk.tradedoubler.com/favicon.ico
404 Not Found 193 B URL GET HTTP/2 clk.tradedoubler.com/favicon.ico
IP
Requested by https://clk.tradedoubler.com/click?p=225780&a=3238748&epi=TerraD
Certificate IssuerAmazon
Subject*.tradedoubler.com
FingerprintE6:E6:D1:02:6C:9A:BE:00:C1:0E:B5:BC:61:D1:C1:FD:74:73:C4:9E
ValidityWed, 06 Sep 2023 00:00:00 GMT - Sat, 05 Oct 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 523cbcb278f348bbe64563fe4cc9f435
5a436481b66ccb6dff53c5e1a14c08ef0b4a8e4b
37b6ca25983f4126bd10c135684bc8f421c8b48a5bdb75b5ad69c849035a84f4
GET /favicon.ico HTTP/1.1
Host: clk.tradedoubler.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://clk.tradedoubler.com/
DNT: 1
Connection: keep-alive
Cookie: GUID=1z11zz14Nz2HYTCWz9ee9f16aae57dffddb4bd6fa7bd541ba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
date: Sun, 03 Dec 2023 20:15:39 GMT
content-type: text/html; charset=ISO-8859-1
content-length: 193
X-Firefox-Spdy: h2
142.250.74.147
104.21.4.148
18.184.185.69